Expression analysis for preventing cyberattacks
US11750636B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Nov 9, 2020 |
| Grant date | Sep 5, 2023 |
| Priority date | — |
| Expiry date | Oct 8, 2041 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1458
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A method for assessing a regular expression for vulnerability to ReDoS attacks includes receiving a regular expression for evaluating a string defined by ordered set of characters from an alphanumeric input device, and evaluating the regular expression for determining if a parsing operation of the string according to the regular expression results in a disproportionate resource consumption. The evaluation determines if the resource consumption constitutes a Regular expression Denial of Service (ReDoS) attack by providing a vulnerability indication of a single valid attack string, rather than attempting to find all possible attack strings. The valid attack string is defined by an input string for which evaluation based on the regular expression would result in disproportionate resource consumption.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.