Malware detection using local computational models
US-10726128-B2 · Jul 28, 2020 · US
Detecting vulnerabilities to fault injection in computer code using machine learning
US12474905B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12474905-B2 |
| Application number | US-201816177311-A |
| Country | US |
| Kind code | B2 |
| Filing date | Oct 31, 2018 |
| Priority date | May 30, 2018 |
| Publication date | Nov 18, 2025 |
| Grant date | Nov 18, 2025 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A code analyzer implements machine learning to detect vulnerabilities in computer code. The code analyzer trains a machine learning model using training vectors that characterize vulnerable programming patterns. The code analyzer evaluates a topological representation of the computer code using the machine learning model to identify a potential vulnerability. The potential vulnerability corresponds to a portion of the computer code where an attack can be used to bypass a security procedure. The code analyzer tests the potential vulnerability by emulating a fault injection during execution of the portion of the computer code. Upon confirming that the potential vulnerability can be exploited via a fault injection, the code analyzer generates a training vector that characterizes a vulnerable programming pattern associated with the portion of the computer code. The training vector can be used to further train the machine learning model.
First claim
Opening claim text (preview).
What is claimed is: 1 . One or more processors comprising: circuitry to use one or more neural networks to identify, based, at least in part on a graph topology indicating one or more conditional branches that are dependent on one or more cryptologic primitives of a software program, one or more vulnerabilities to a fault injection attack at a physical layer of a computer system to perform the software program, wherein the fault injection attack is to cause the one or more cryptologic primitives to be corrupted or one or more security procedures to be bypassed. 2 . The one or more processors of claim 1 , wherein code of the software program is used to generate the graph topology, the graph topology comprising at least one of a control flow associated with the code or a data flow associated with the code. 3 . The one or more processors of claim 2 , wherein the graph topology is generated, at least in part, by performing a static analysis on the code to generate at least one of: a control flow graph, the control flow graph indicating at least one conditional branch that depends on a value of the one or more cryptologic primitives; a data flow graph, the data flow graph indicating a transformation associated with a value of the one or more cryptologic primitives; or an abstract syntax tree. 4 . The one or more processors of claim 2 , wherein: the one or more vulnerabilities is identified at least in part by applying the one or more neural networks to the graph topology; a set of training data is generated based, at least in part, on the graph topology; the one or more neural networks is updated based at least in part on the set of training data; and the circuitry is to further cause one or more remedial operations to be performed. 5 . The one or more processors of claim 4 , wherein the one or more remedial operations comprises generating a report indicating at least one of: a vulnerability mitigation that should be applied to a portion of code; or that a portion of the code includes the one or more vulnerabilities. 6 . The one or more processors of claim 2 , wherein the circuitry to use the one or more neural networks to identify the one or more vulnerabilities to the fault injection attack within the software program includes: further circuitry to, as a result of a fault injection being emulated during an execution of a portion of code of the software program, confirm the one or more vulnerabilities to the fault injection attack in the code; and determine a portion of the graph topology corresponding to the confirmed one or more vulnerabilities to the fault injection attack based on the execution of the portion of the code. 7 . The one or more processors of claim 6 , wherein the one or more neural networks are updated based at least in part on a training vector that includes the portion of the graph topology. 8 . The one or more processors of claim 6 , wherein: one or more programming patterns in the portion of the code are identified based at least in part on the confirmed one or more vulnerabilities to the fault injection attack; and the one or more neural networks are updated based on information indicating the one or more programming patterns that resulted in the one or more vulnerabilities to the fault injection attack. 9 . The one or more processors of claim 1 , wherein the graph topology corresponds to source code associated with a software application or source code associated with a firmware application. 10 . The one or more processors of claim 1 , wherein the fault injection attack is to cause the security procedure to be bypassed. 11 . The one or more processors of claim 10 , wherein the security procedure to be bypassed is an authentication routine where an identity of a user is established. 12 . The one or more processors of claim 1 , wherein the one or more vulnerabilities: correspond to a portion of code of the software program where the security procedure could be bypassed if the fault injection attack is implemented. 13 . The one or more processors of claim 1 , wherein the graph topology includes a control flow graph and a data flow graph that specify one or more dependencies within the software program. 14 . The one or more processors of claim 1 , wherein the fault injection attack includes modifying an operating voltage to a hardware component in the computer system to induce errors in the operation of the computer system. 15 . The one or more processors of claim 1 , wherein one or more feature vectors are generated from the graph topology subsequent to the one or more vulnerabilities to the fault injection attack being identified. 16 . A non-transitory computer-readable storage medium storing program instructions that, when executed by one or more processors, cause one or more processors to at least: use one or more neural networks to identify, based, at least in part on graph topology indicating one or more conditional branches that are dependent on one or more cryptologic primitives of a software program, one or more vulnerabilities to a fault injection attack at a physical layer of a computer system to perform the software program, wherein the fault injection attack is to cause the one or more cryptologic primitives to be corrupted or one or more security procedures to be bypassed. 17 . The non-transitory computer-readable storage medium of claim 16 , further comprising storing further program instructions to cause the one or more processors to at least: generate the graph topology based at least in part on a portion of code of the software program; as a result of the one or more vulnerabilities to the fault injection attack being identified with the software program, cause one or more remedial actions to be performed; and wherein: the graph topology comprises at least one of a control flow associated with the portion of code or a data flow associated with the portion of code; and the one or more vulnerabilities to the fault injection attack are identified by applying the one or more neural networks to the graph topology. 18 . The non-transitory computer-readable storage medium of claim 17 , wherein the one or more processors further execute the program instructions to at least generate the graph topology to perform a static analysis on the portion of code to generate at least one of: a control flow graph, wherein the control flow graph indicates at least one conditional branch that depends on a value of a cryptologic primitive; or a data flow graph, wherein the data flow graph indicates a transformation associated with a value of the one or more cryptologic primitives. 19 . The non-transitory computer-readable storage medium of claim 16 , further storing further program instructions to cause the one or more processors to at least: generate a set of training data based on the graph topology; and update the one or more neural networks based, at least in part, on the set of training data. 20 . The non-transitory computer-readable storage medium of claim 19 , wherein the one or more processors execute the program instructions when generating the set of training data to at least: execute a portion of code of the software program; during execution of the portion of code of the software program, emulate a fault injection; determine, based on the execution of the portion of code of the software program after the fault injection, that the portion of the code of the software program includes the one or more vulnerabilities
Assignees
Inventors
Classifications
Generating training patterns; Bootstrap methods, e.g. bagging or boosting · CPC title
Machine learning · CPC title
by adding security routines or objects to programs · CPC title
Structural analysis for program understanding · CPC title
Assessing vulnerabilities and evaluating computer system security · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12474905B2 cover?
- A code analyzer implements machine learning to detect vulnerabilities in computer code. The code analyzer trains a machine learning model using training vectors that characterize vulnerable programming patterns. The code analyzer evaluates a topological representation of the computer code using the machine learning model to identify a potential vulnerability. The potential vulnerability corresp…
- Who is the assignee on this patent?
- Nvidia Corp
- What technology area does this patent fall under?
- Primary CPC classification G06F8/433. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Nov 18 2025 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 4 related publications on this page (citations in our corpus or others sharing the same primary CPC).