Patent · US Active

Software vulnerability analysis method and device

US9946880B2 · kind B2 · utility

9Cited by

0References

10Claims

0Family size

Assignee

Korea University Research and Business Foundation · KR

Inventors

Heejo Lee · Seoul, KR
Hongzhe Li · Seoul, KR
Jonghoon Kwon · Seoul, KR
Hyuck M. Kwon · Wichita, US

Key dates

Filing date	Dec 22, 2015
Grant date	Apr 17, 2018
Priority date	—
Expiry date	Mar 26, 2036

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/033
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

The present disclosure includes: searching a code clone corresponding to a used source code from any analysis target source code; detecting a security sink and sensitive data of the security sink on the basis of patch information in the searched code clone; acquiring a source code which is from the user input point the a security sink by backwardly tracing the sensitive data detected in the analysis target source code; and verifying whether the searched code clone is a vulnerability in the analysis target source code by performing a concolic testing on the basis of a path from the input point to the security sink.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.