| 发明名称 | Static security analysis using a hybrid representation of string values | ||
| 摘要 | Systems for constructing hybrid string representations include a string parser configured to parse received string information to produce one or more string components, a database configured to store a set of known concretizations, and a processor configured to compare the one or more string components to the set of known concretizations to determine string components that may be represented concretely, to abstract all string components that could not be represented concretely, and to create a hybrid string representation that includes at least one concrete string component and at least one abstracted string component. | ||
| 申请公布号 | US9460282(B2) | 申请公布日期 | 2016.10.04 |
| 申请号 | US201213611792 | 申请日期 | 2012.09.12 |
| 申请人 | INTERNATIONAL BUSINESS MACHINES CORPORATION | 发明人 | Guarnieri Salvatore A.;Pistoia Marco;Tripp Omer |
| 分类号 | G06F17/27;G06F21/55;H04L29/06 | 主分类号 | G06F17/27 |
| 代理机构 | Tutunjian & Bitetto, P.C. | 代理人 | Tutunjian & Bitetto, P.C. ;Morris Daniel P. |
| 主权项 | 1. A hybrid string constructor, comprising: a string parser configured to parse received string information to produce one or more string components; a database configured to store a set of known concretizations; a processor configured to compare the one or more string components to the set of known concretizations to determine string components that may be represented concretely, to abstract all string components that could not be represented concretely, and to create a hybrid string representation that includes at least one concrete string component and at least one abstracted string component; and wherein the set of known concretizations includes string configurations that cannot be interfered with by an attacker. | ||
| 地址 | Armonk NY US | ||