Patent · US Active

Automatic classification of security vulnerabilities in computer software applications

US8806648B2 · kind B2 · utility

6Cited by

1References

13Claims

0Family size

Assignee

International Business Machines Corporation · US

Inventors

Lotem Guy · Hod HaSharon, IL
Daniel Kalman · Nes Ziona, IL
Omer Tripp · Herzliya, IL
Omri Weisman · Nes Ziona, IL

Key dates

Filing date	Sep 11, 2012
Grant date	Aug 12, 2014
Priority date	—
Expiry date	Oct 9, 2032

Classification

Technology area (CPC G)Physics
CPC primaryG06F21/577
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

Automatically classifying security vulnerabilities in computer software applications by identifying candidate security vulnerabilities in a learning set including at least a first computer software application, classifying each of the candidate security vulnerabilities using predefined classifications, determining, for each of the candidate security vulnerabilities, values for predefined properties, creating a set of correlations between the property values and the classifications of the candidate security vulnerabilities, identifying a candidate security vulnerability in a second computer software application, determining, for the candidate security vulnerability in the second computer software application, values for the predefined properties, and using the set of correlations to classify the candidate security vulnerability in the second computer software application with a classification from the predefined classifications that best correlates with the property values of the candidate security vulnerability in the second computer software application.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.