Autonomous reasoning system for vulnerability analysis
US9767290B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jul 9, 2015 |
| Grant date | Sep 19, 2017 |
| Priority date | — |
| Expiry date | Oct 26, 2035 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/033
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A method of vulnerability analysis of a deployed program (program) includes inputting a binary program under analysis (BPUA) derived from the program. The method includes analyzing input/output (I/O) behavior of the program. The method includes discovering inputs to the program based on application of exploration techniques to the BPUA and analysis of the I/O behavior. The method includes determining which of the inputs are negative inputs. The negative inputs are inputs that trigger a response that includes a vulnerability of the program. Based on the negative inputs and triggered responses, the method includes developing a patch for the program that modifies the program to process at least some of the negative inputs without triggering a response that includes the vulnerability. The method includes automatically dispatching the patch.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.