发明名称 |
Discovery of application vulnerabilities involving multiple execution flows |
摘要 |
Methods and systems for security analysis of an application are disclosed. One system includes a flow-insensitive analyzer, a control flow assessment module and a flow-sensitive analyzer. The flow-insensitive analyzer is configured to conduct a flow-insensitive analysis on the application to obtain a set of potential vulnerabilities in the application. In addition, the control flow assessment module is configured to determine, for each of the potential vulnerabilities, a relevant set of control flows that include the respective vulnerability. Further, the flow-sensitive analyzer is configured to perform, by a hardware processor, for each relevant set of control flows, a flow-sensitive analysis of at least one of the control flows in the corresponding relevant set to assess the validity of the respective vulnerability. |
申请公布号 |
US8904543(B2) |
申请公布日期 |
2014.12.02 |
申请号 |
US201313755151 |
申请日期 |
2013.01.31 |
申请人 |
International Business Machines Corporation |
发明人 |
Guarnieri Salvatore A.;Pistoia Marco;Tripp Omer |
分类号 |
H04L29/06;G06F21/55;G06F21/56;G06F21/57 |
主分类号 |
H04L29/06 |
代理机构 |
Tutunjian & Bitetto, P.C. |
代理人 |
Tutunjian & Bitetto, P.C. ;Dougherty Anne V. |
主权项 |
1. A system for security analysis of an application comprising:
a flow-insensitive analyzer configured to conduct, by a hardware processor, a flow-insensitive analysis on the application to obtain a set of potential vulnerabilities in the application without being sensitive to control restrictions on ordering between a serve call and sink call; a control flow assessment module configured to determine, by a hardware processor, for each of the potential vulnerabilities, a relevant set of control flows that include the respective vulnerability; and a flow-sensitive analyzer configured to perform, by a hardware processor, for each relevant set of control flows, a flow-sensitive analysis of at least one of the control flows in the corresponding relevant set to assess a validity of the respective vulnerability, wherein the flow sensitive analysis is analyzing instructional order and structure of a series of data in the control flows from the serve call to the sink call between at least two servlets in assessing the validity of the respective vulnerability. |
地址 |
Armonk NY US |