公开(公告)号：US20110087892A1

公开(公告)日：2011-04-14

申请号：US12578013

申请日：2009-10-13

申请人： Yinnon Avraham HAVIV ,  Roee HAY ,  Marco PISTOIA ,  Adi SHARABANI ,  Takaaki TATEISHI ,  Omer TRIPP ,  Omri WEISMAN

发明人： Yinnon Avraham HAVIV ,  Roee HAY ,  Marco PISTOIA ,  Adi SHARABANI ,  Takaaki TATEISHI ,  Omer TRIPP ,  Omri WEISMAN

IPC分类号： G06F21/00 ,  G06F12/14 ,  G06F9/44

CPC分类号： G06F21/57 ,  G06F11/3692

摘要： A system for eliminating false reports of security vulnerabilities when testing computer software, including a taint analysis engine configured to identify a tainted variable v in a computer application, a data mapping identification engine configured to identify a variable x within the application that holds data derived from v, where x is in a different format than v, an AddData identification engine configured to identify an AddData operation within the application that is performed on x, a signature identification engine configured to identify a Sign operation within the application that is performed on the results of the AddData operation on x, a signature comparison identification engine configured to identify an operation within the application that compares the results of the Sign operation with another value

摘要翻译： 一种用于在测试计算机软件时消除安全漏洞的虚假报告的系统，包括配置成识别计算机应用程序中的受污染变量v的污染分析引擎，配置为识别应用程序内的变量x，该变量x保存从 v，其中x与v不同的格式，被配置为识别在x上执行的应用程序内的AddData操作的AddData识别引擎，被配置为识别在结果上执行的应用程序内的签名操作的签名识别引擎 对于x上的AddData操作，签名比较识别引擎被配置为识别应用程序内的将Sign操作的结果与另一个值进行比较的操作

公开(公告)号：US20110131656A1

公开(公告)日：2011-06-02

申请号：US12627351

申请日：2009-11-30

申请人： Yinnon A. HAVIV ,  Roee HAY ,  Marco PISTOIA ,  Adi SHARABANI ,  Takaaki TATEISHI ,  Omer TRIPP ,  Omri WEISMAN

发明人： Yinnon A. HAVIV ,  Roee HAY ,  Marco PISTOIA ,  Adi SHARABANI ,  Takaaki TATEISHI ,  Omer TRIPP ,  Omri WEISMAN

IPC分类号： G06F21/00

CPC分类号： G06F21/566

摘要： Identifying a security vulnerability in a computer software application by identifying at least one source in a computer software application, identifying at least one sink in the computer software application, identifying at least one input to any of the sinks, determining whether the input derives its value directly or indirectly from any of the sources, determining a set of possible values for the input, and identifying a security vulnerability where the set of possible values for the input does not match a predefined specification of legal values associated with the sink input.

摘要翻译： 通过识别计算机软件应用中的至少一个源来识别计算机软件应用中的安全漏洞，识别计算机软件应用中的至少一个接收器，识别任何接收器的至少一个输入，确定输入是否导出其值 直接或间接地从任何来源确定输入的一组可能的值，以及识别安全漏洞，其中输入的可能值的集合不与预定义的与接收器输入相关联的合法值的规范相匹配。

公开(公告)号：US20120192161A1

公开(公告)日：2012-07-26

申请号：US13012804

申请日：2011-01-25

申请人： Marco PISTOIA ,  Omer Tripp ,  Omri Weisman

发明人： Marco PISTOIA ,  Omer Tripp ,  Omri Weisman

IPC分类号： G06F9/44

CPC分类号： G06F8/75 ,  G06F11/3604

摘要： A method for distributed static analysis of computer software applications, includes: statically analyzing instructions of a computer software application; identifying at least one entry point in the computer software application; assigning a primary agent to statically analyze the computer software application from the entry point; assigning a secondary agent to statically analyze a call site encountered by the primary agent and produce a static analysis summary of the call site; and presenting results of any of the static analyses via a computer-controlled output device.

摘要翻译： 一种计算机软件应用分布式静态分析方法，包括：静态分析计算机软件应用指令; 识别计算机软件应用程序中的至少一个入口点; 分配主代理从入口点静态分析计算机软件应用程序; 分配二级代理以静态分析主代理遇到的呼叫站点并产生呼叫站点的静态分析摘要; 并通过计算机控制的输出设备呈现任何静态分析的结果。

公开(公告)号：US20120198557A1

公开(公告)日：2012-08-02

申请号：US13018342

申请日：2011-01-31

申请人： Marco PISTOIA ,  Ori Segal ,  Omer Tripp

发明人： Marco PISTOIA ,  Ori Segal ,  Omer Tripp

IPC分类号： G06F11/00

CPC分类号： G06F21/563 ,  G06F21/577 ,  H04L63/1433

摘要： Determining the vulnerability of computer software applications to privilege-escalation attacks, such as where an instruction classifier is configured to be used for identifying a candidate access-restricted area of the instructions of a computer software application, and a static analyzer is configured to statically analyze the candidate access-restricted area to determine if there is a conditional instruction that controls execution flow into the candidate access-restricted area, perform static analysis to determine if the conditional instruction is dependent on a data source within the computer software application, and designate the candidate access-restricted area as vulnerable to privilege-escalation attacks absent either of the conditional instruction and the date source.

摘要翻译： 确定计算机软件应用程序对特权升级攻击的脆弱性，例如将指令分类器配置为用于识别计算机软件应用程序的指令的候选访问受限区域的位置以及静态分析器，以进行静态分析 候选访问限制区域，以确定是否存在控制进入候选访问受限区域的执行流程的条件指令，执行静态分析以确定条件指令是否依赖于计算机软件应用程序内的数据源，并指定 候选访问限制区域容易受到特权升级攻击的攻击，不存在条件指令和日期源。

公开(公告)号：US20130290786A1

公开(公告)日：2013-10-31

申请号：US13457083

申请日：2012-04-26

申请人： Shay ARTZI ,  Julian DOLBY ,  Salvatore A. GUARNIERI ,  Simon H. JENSEN ,  Marco PISTOIA ,  Manu SRIDHARAN ,  Frank TIP ,  Omer TRIPP

发明人： Shay ARTZI ,  Julian DOLBY ,  Salvatore A. GUARNIERI ,  Simon H. JENSEN ,  Marco PISTOIA ,  Manu SRIDHARAN ,  Frank TIP ,  Omer TRIPP

IPC分类号： G06F11/36

CPC分类号： G06F11/3676 ,  G06F11/3466 ,  G06F11/3684 ,  G06F11/3688

摘要： A novel system, computer program product, and method are disclosed for feedback-directed automated test generation for programs, such as JavaScript, in which execution is monitored to collect information that directs the test generator towards inputs that yield increased coverage. Several instantiations of the framework are implemented, corresponding to variations on feedback-directed random testing, in a tool called Artemis.

摘要翻译： 公开了一种新颖的系统，计算机程序产品和方法用于诸如JavaScript的程序的反馈定向的自动测试生成，其中执行被监视以收集将测试发生器引导到产生增加的覆盖的输入的信息。 在一个名为Artemis的工具中，实现了框架的几个实例，对应于反馈导向随机测试的变化。

公开(公告)号：US20120272322A1

公开(公告)日：2012-10-25

申请号：US13542214

申请日：2012-07-05

申请人： Marco PISTOIA ,  Ori SEGAL ,  Omer TRIPP

发明人： Marco PISTOIA ,  Ori SEGAL ,  Omer TRIPP

IPC分类号： G06F11/30 ,  G06F21/00

CPC分类号： G06F21/563 ,  G06F21/577 ,  H04L63/1433

摘要： Determining the vulnerability of computer software applications to privilege-escalation attacks, such as where an instruction classifier is configured to be used for identifying a candidate access-restricted area of the instructions of a computer software application, and a static analyzer is configured to statically analyze the candidate access-restricted area to determine if there is a conditional instruction that controls execution flow into the candidate access-restricted area, perform static analysis to determine if the conditional instruction is dependent on a data source within the computer software application, and designate the candidate access-restricted area as vulnerable to privilege-escalation attacks absent either of the conditional instruction and the date source.

公开(公告)号：US20120102471A1

公开(公告)日：2012-04-26

申请号：US12912345

申请日：2010-10-26

申请人： Shay ARTZI ,  Ryan BERG ,  John T. PEYTON, JR. ,  Marco PISTOIA ,  Manu SRIDHARAN ,  Robert WIENER

发明人： Shay ARTZI ,  Ryan BERG ,  John T. PEYTON, JR. ,  Marco PISTOIA ,  Manu SRIDHARAN ,  Robert WIENER

IPC分类号： G06F9/44 ,  G06F17/30

CPC分类号： G06F8/30

摘要： Systems and methods are provided for creating a data structure associated with a software application that is based on at least one framework. According to the method, source code and at least one configuration file of the software application is analyzed by at least one framework-specific processor so as to determine entry point information indicating entry points in the source code, request attribute access information indicating where attributes attached to a request data structure are read and written, and forward information indicating forwards performed by the software application. A data structure for a static analysis engine is created based on this information. The data structure includes a list of synthetic methods that model framework-related behavior of the software application, and a list of entry points indicating the synthetic methods and/or application methods of the software application that can be invoked by the framework.

摘要翻译： 系统和方法被提供用于创建与基于至少一个框架的软件应用相关联的数据结构。 根据该方法，由至少一个特定于框架的处理器分析软件应用的源代码和至少一个配置文件，以便确定指示源代码中的入口点的入口点信息，指示所附属性的属性访问信息 读取和写入请求数据结构，以及指示由软件应用执行的转发的转发信息。 基于此信息创建静态分析引擎的数据结构。 数据结构包括对软件应用程序的框架相关行为进行建模的综合方法列表，以及指示框架可以调用的软件应用程序的合成方法和/或应用方法的入口点列表。