发明名称 |
STATIC SECURITY ANALYSIS USING A HYBRID REPRESENTATION OF STRING VALUES |
摘要 |
Methods for creating a hybrid string representation include determining string components from input string information that may be represented concretely by comparing the one or more components to a set of known concretizations using a processor. The set of known concretizations includes string configurations that cannot be interfered with by an attacker. All string components that could not be represented concretely are abstracted. A hybrid string representation is created that includes at least one concrete string component and at least one abstracted string component. |
申请公布号 |
US2016335434(A1) |
申请公布日期 |
2016.11.17 |
申请号 |
US201615219908 |
申请日期 |
2016.07.26 |
申请人 |
INTERNATIONAL BUSINESS MACHINES CORPORATION |
发明人 |
Guarnieri Salvatore A.;Pistoia Marco;Tripp Omer |
分类号 |
G06F21/55;G06F17/22;G06F17/21 |
主分类号 |
G06F21/55 |
代理机构 |
|
代理人 |
|
主权项 |
1. A method for creating a hybrid string representation, comprising:
determining string components from input string information that may be represented concretely by comparing the one or more components to a set of known concretizations using a processor, wherein the set of known concretizations includes string configurations that cannot be interfered with by an attacker; abstracting all string components that could not be represented concretely; and creating a hybrid string representation that includes at least one concrete string component and at least one abstracted string component. |
地址 |
ARMONK NY US |