Patent · US Active

Detecting vulnerable applications

US10296745B2 · kind B2 · utility

0Cited by

0References

16Claims

0Family size

Assignee

International Business Machines Corporation · US

Inventors

Salman A. Baset · New York, US
Philippe Suter · New York, US
Omer Tripp · Herzliya, IL

Key dates

Filing date	Jun 23, 2016
Grant date	May 21, 2019
Priority date	—
Expiry date	Jan 1, 2037

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/033
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A method and system of determining a vulnerability of software. Libraries are downloaded and stored in a database. For each library, a set of features are extracted and stored in a library index table of the database. For each library, it is determined whether it poses a security concern and flagged accordingly in the library index table. Applications are downloaded and stored in the database. For each application a set of features are extracted and stored in an application index table of the database. For each application, the set of features of the application of the application are compared to the set of features of each of the libraries in the library index table to identify which libraries in the library index table are associated with the application. For each application, a name of the application and names of the associated libraries are stored in a vulnerability reference table in the database.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.