| 发明名称 |
Security Testing Using Semantic Modeling |
| 摘要 |
Optimized testing of vulnerabilities in an application implemented by a method includes generating a first probe directed to determine whether an application is vulnerable to a first type of attack; analyzing one or more responses from the application based on the application responding to the first probe; in response to determining that the one or more responses from the application validate a first hypothesis about one or more vulnerabilities associated with the application, and generating at least a second probe to further verify the first hypothesis. The second probe focuses on discovering additional details about the application's vulnerabilities to the first type of attack or a second type of attack. |
| 申请公布号 |
US2015096036(A1) |
申请公布日期 |
2015.04.02 |
| 申请号 |
US201414294294 |
申请日期 |
2014.06.03 |
| 申请人 |
International Business Machines Corporation |
发明人 |
Beskrovny Evgeny;Landa Alexander;Tripp Omer |
| 分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method for optimized testing of vulnerabilities in an application, the method comprising:
generating a first probe directed to determine whether an application is vulnerable to a first type of attack; analyzing one or more responses from the application based on the application responding to the first probe; in response to determining that the one or more responses from the application validate a first hypothesis about one or more vulnerabilities associated with the application, generating at least a second probe to further verify the first hypothesis, wherein the second probe focuses on discovering additional details about the application's vulnerabilities to the first type of attack or a second type of attack. |
| 地址 |
Armonk NY US |
