What technology area does this patent fall under?

Primary CPC classification G06F21/54. Mapped technology areas include Physics.

When was this patent published?

Publication date Tue Dec 13 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Taint tracking via non-intrusive bytecode instrumentation

US11526600B2 · US · B2

Patent metadata
Field	Value
Publication number	US-11526600-B2
Application number	US-202017127772-A
Country	US
Kind code	B2
Filing date	Dec 18, 2020
Priority date	Dec 18, 2020
Publication date	Dec 13, 2022
Grant date	Dec 13, 2022

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

Various embodiments of systems and methods to track tainting information via non-intrusive bytecode instrumentation are described herein. The described techniques include, at one aspect, defining a taint-aware class to shadow an original data class. The taint-aware class includes a payload field to store objects of the original data class, a metadata field to store tainting information corresponding to the objects of the original data class, and a method proxying a corresponding method of the original data class. In another aspect, the instances of the original data class are replaced with corresponding instances of the taint-aware class in an application bytecode. Further, in a yet another aspect, when executing the application in a runtime environment, the method propagates the content of the metadata filed and calls the corresponding method of the original data class to manage the content of the payload field.

First claim

Opening claim text (preview).

What is claimed is: 1. A computer system to track tainted data flows comprising: at least one operative memory device to store instructions; and at least one processor coupled to the at least one operative memory device to execute the instructions to: generate a taint-aware class comprising: a payload field to store objects of an original data class; a metadata field to store tainting information correspondingly assigned to the objects of the original data class, wherein the metadata field comprises a binary string, each bit of the binary string comprising an indication of whether a corresponding character of at least one of the objects is potentially damaging; and perform a method to: access the metadata field, proxy a corresponding method of the original data class to access the payload field, and replace instances of the original data class of a bytecode of an application with corresponding instances of the taint aware class; and wherein in response to a call during an execution of the application in a runtime environment, the method of the taint aware class manages the content of the metadata field and calls the corresponding method of the original data class to manage the content of the payload field. 2. The system of claim 1 , wherein the at least one processor to execute the instructions further to: instrument one or more bytecode files to replace each reference to the original data class with a corresponding reference to the taint-aware class, wherein the one or more bytecode files store the bytecode of the application; and load the bytecode of the application to the runtime environment from the instrumented one or more bytecode files. 3. The system of claim 1 , wherein the at least one processor to execute the instructions further to: replace each reference to the original data class with a corresponding reference to the taint-aware class at loading the bytecode of the application to the runtime from one or more bytecode files. 4. The system of claim 3 , wherein the replacing is executed by a configurable agent of the runtime environment. 5. The system of claim 1 , wherein managing the content of the metadata field comprises one or more of: receiving the metadata from a source; sending the metadata to a sink; and propagating the metadata between instances of the taint-aware class. 6. A non-transitory machine-readable medium to store instructions, which when executed by a computer, cause the computer to perform operations comprising: replace instances of an original data class with instances of a taint aware class in a bytecode of an application, wherein the taint-aware class comprises: a payload field to store objects of the original data class; a metadata field to store tainting information correspondingly assigned to the objects of the original data class, wherein the metadata field comprises a binary string, each bit of the binary string comprising an indication of whether a corresponding character of at least one of the objects is potentially damaging; and perform a method to: access the metadata field and proxy a corresponding method of the original data class to access the payload field; and in response to a call during an execution of the application in a runtime environment, the method of the taint aware class is to: manage the content of the metadata field; and call the corresponding method of the original data class to manage the content of the payload field. 7. The machine-readable medium of claim 6 , wherein replacing the instances comprises: instrumenting one or more bytecode files to replace each reference to the original data class with a corresponding reference to the taint-aware class, wherein the one or more bytecode files store the bytecode of the application; and loading the bytecode of the application to the runtime environment from the instrumented one or more bytecode files. 8. The machine-readable medium of claim 6 , wherein replacing the instances comprises: replacing each reference to the original data class with a corresponding reference to the taint-aware class at loading the bytecode of the application to the runtime from one or more bytecode files. 9. The machine-readable medium of claim 8 , wherein the replacing is executed by a configurable agent of the runtime environment. 10. The machine-readable medium of claim 6 , wherein the metadata field is of a data type determined by a preconfigured tainting mode. 11. The machine-readable medium of claim 6 , wherein managing the content of the metadata field comprises one or more of: receiving the metadata from a source; sending the metadata to a sink; and propagating the metadata between instances of the taint-aware class. 12. A computerized method to track tainted data flows comprising: replacing instances of an original data class with instances of a taint aware class in a bytecode of an application, wherein the taint-aware class comprises: a payload field to store objects of the original data class; a metadata field to store tainting information correspondingly assigned to the objects of the original data class, wherein the metadata field comprises a binary string, each bit of the binary string comprising an indication of whether a corresponding character of at least one of the objects is potentially damaging; and performing a method to access the metadata field and proxy a corresponding method of the original data class to access the payload field; and in response to a call during an execution of the application in a runtime environment, the method of the taint aware class is to: manage the content of the metadata field; and call the corresponding method of the original data class to manage the content of the payload field. 13. The method of claim 12 , wherein replacing the instances comprises: instrumenting one or more bytecode files to replace each reference to the original data class with a corresponding reference to the taint-aware class, wherein the one or more bytecode files store the bytecode of the application; and loading the bytecode of the application to the runtime environment from the instrumented one or more bytecode files. 14. The method of claim 12 , wherein replacing the instances comprises: replacing each reference to the original data class with a corresponding reference to the taint-aware class at loading the bytecode of the application to the runtime from one or more bytecode files. 15. The method of claim 14 , wherein the replacing is executed by a configurable agent of the runtime environment. 16. The method of claim 12 , wherein the metadata field is of a data type determined by a tainting mode. 17. The method of claim 12 , wherein managing the content of the metadata field comprises one or more of: receiving the metadata from a source; sending the metadata to a sink; and propagating the metadata between instances of the taint-aware class.

Assignees

Sap Se

Inventors

Classifications

H04L63/1441
Countermeasures against malicious traffic (countermeasures against attacks on cryptographic mechanisms H04L9/002) · CPC title
G06F21/566
Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities · CPC title
G06F21/6227
where protection concerns the structure of data, e.g. records, types, queries · CPC title
G06F21/54Primary
by adding security routines or objects to programs · CPC title
G06F21/554
involving event detection and direct action · CPC title

Patent family

Related publications grouped by family.

View patent family 82023094

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US11526600B2 cover?: Various embodiments of systems and methods to track tainting information via non-intrusive bytecode instrumentation are described herein. The described techniques include, at one aspect, defining a taint-aware class to shadow an original data class. The taint-aware class includes a payload field to store objects of the original data class, a metadata field to store tainting information correspo…
Who is the assignee on this patent?: Sap Se
What technology area does this patent fall under?: Primary CPC classification G06F21/54. Mapped technology areas include Physics.
When was this patent published?: Publication date Tue Dec 13 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).