Analysis function imparting device, analysis function imparting method, and recording medium
US-2021390183-A1 · Dec 16, 2021 · US
Runtime application monitoring without modifying application program code
US12475232B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12475232-B2 |
| Application number | US-202418680130-A |
| Country | US |
| Kind code | B2 |
| Filing date | May 31, 2024 |
| Priority date | Apr 24, 2020 |
| Publication date | Nov 18, 2025 |
| Grant date | Nov 18, 2025 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
To facilitate runtime monitoring and analysis of an application without modifying the actual application code, an agent monitors and analyzes an application through detection and evaluation of invocations of an API of a runtime engine provided for execution of the application. The agent registers to receive events which are generated upon invocation of target functions of the runtime engine API based on its load. Once loaded, the agent initially determines the language and language version number of the runtime engine. The agent determines associations of events for which to monitor and corresponding analysis code to execute upon detection of the invocations based on the language and version number information. When the agent detects an event during execution of the application based on invocations of the runtime engine API, the agent can monitor and analyze execution of the application based on execution of analysis code corresponding to the detected event.
First claim
Opening claim text (preview).
What is claimed is: 1 . A method comprising: based on loading of an application into a runtime engine for execution, creating a plurality of hooks for a corresponding plurality of target functions of an application programming interface (API) of the runtime engine based on maintained indications of target functions of the API of the runtime engine, wherein each of the plurality of hooks associates one of the plurality of target functions with a corresponding one of a plurality of analysis code units; detecting invocation of a first target function of the plurality of target functions of the API by the runtime engine during execution of the application in the runtime engine, wherein invocation of the first target function by the runtime engine triggers a corresponding one of the plurality of hooks; and performing an action for at least one of monitoring and analyzing the application executing in the runtime engine based on executing a first analysis code unit of the plurality of analysis code units that has been associated with the first target function via the corresponding one of the plurality of hooks. 2 . The method of claim 1 , wherein detecting invocation of the first target function comprises obtaining at least one of data and metadata associated with invocation of the first target function. 3 . The method of claim 2 , further comprising: evaluating the at least one of data and metadata based on executing the first analysis code unit; and detecting a vulnerability of the application based, at least in part, on evaluating the at least one of data and metadata. 4 . The method of claim 3 , wherein evaluating the at least one of data and metadata associated with invocation of the first target function comprises evaluating the at least one of data and metadata based on one or more rules for vulnerability detection, wherein detecting the vulnerability of the application comprises determining that the at least one of data and metadata satisfy a first of the one or more rules for vulnerability detection. 5 . The method of claim 1 , further comprising determining a version number of a language of the runtime engine, wherein creating the plurality of hooks is based on determining the version number of the language of the runtime engine. 6 . The method of claim 1 , wherein creating the plurality of hooks comprises registering a plurality of callback functions, wherein each of the plurality of callback functions comprises a corresponding one of the plurality of analysis code units, wherein invocation of the first target function triggers invocation of a corresponding one of the plurality of callback functions. 7 . The method of claim 1 , wherein the creating the plurality of hooks comprises associating the plurality of target functions with at least a first event listener, wherein the first event listener indicates a first event handler, and wherein the first event handler comprises the first analysis code unit. 8 . The method of claim 1 , further comprising loading an agent into the runtime engine based on loading of the application into the runtime engine, wherein the agent creates the plurality of hooks and detects invocation of the first target function. 9 . The method of claim 8 , wherein the agent and the application execute in parallel or concurrently. 10 . The method of claim 1 , wherein performing the action for at least one of monitoring and analyzing the application based on executing the first analysis code unit comprises at least one of generating an indicator of an event corresponding to the invocation of the first target function and logging the event. 11 . One or more non-transitory machine-readable media having program code stored thereon, the program code comprising instructions to: based on loading of an application into a runtime engine for execution, create a plurality of hooks for a corresponding plurality of target functions of an application programming interface (API) of the runtime engine based on maintained indications of target functions of the API of the runtime engine, wherein the plurality of hooks associates the plurality of target functions with corresponding ones of a plurality of analysis code units; detect invocation of a first target function of the plurality of target functions of the API by the runtime engine during execution of the application in the runtime engine, wherein invocation of the first target function by the runtime engine triggers a corresponding one of the plurality of hooks; and perform an action for at least one of monitoring and analyzing the application executing in the runtime engine based on execution of a first analysis code unit of the plurality of analysis code units that is associated with the first target function via a first hook of the plurality of hooks. 12 . The non-transitory machine-readable media of claim 11 , wherein the program code further comprises instructions to: evaluate at least one of data and metadata associated with invocation of the first target function based on execution of the first analysis code unit, wherein the instructions to detect invocation of the first target function comprise instructions to obtain the at least one of data and metadata associated with invocation of the first target function; and detect a vulnerability of the application based, at least in part, on evaluation of the at least one of data and metadata. 13 . The non-transitory machine-readable media of claim 11 , wherein the program code further comprises instructions to determine a version number of a language of the runtime engine, wherein the instructions to create the plurality of hooks comprise instructions to create the plurality of hooks based on the version number of the language of the runtime engine. 14 . The non-transitory machine-readable media of claim 11 , wherein the instructions to create the plurality of hooks comprise instructions to register a plurality of callback functions, wherein each of the plurality of callback functions comprises a corresponding one of the plurality of analysis code units, wherein invocation of the first target function triggers invocation of a corresponding one of the plurality of callback functions. 15 . The non-transitory machine-readable media of claim 11 , further comprising program code to load an agent into the runtime engine based on load of the application into the runtime engine, wherein creation of the plurality of hooks and detection of invocation of the first target function is by the agent. 16 . An apparatus comprising: a processor; and a machine-readable medium having instructions stored thereon, the instructions executable by the processor to cause the apparatus to, based on loading of an application into a runtime engine for execution, create a plurality of hooks for a corresponding plurality of target functions of an application programming interface (API) of the runtime engine, wherein each of the plurality of hooks associates one of the plurality of target functions with a corresponding one of a plurality of analysis code units; detect invocation of a first target function of the plurality of target functions of the API by the runtime engine during execution of the application in the runtime engine, wherein invocation of the first target function by the runtime engine triggers a corresponding one of the plurality of hooks; and perform an action for at least one of monitoring and analyzing the application executing in the runtime engine based on execution of a first analysis code unit of the plurality of analysis code units that is associated with th
Assignees
Inventors
Classifications
by runtime analysis (performance monitoring G06F11/3466) · CPC title
Configuration details thereof, e.g. installation, enabling, spatial arrangement of the probes · CPC title
where the computing system component is a software system · CPC title
Monitoring of software · CPC title
Performance evaluation by tracing or monitoring · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12475232B2 cover?
- To facilitate runtime monitoring and analysis of an application without modifying the actual application code, an agent monitors and analyzes an application through detection and evaluation of invocations of an API of a runtime engine provided for execution of the application. The agent registers to receive events which are generated upon invocation of target functions of the runtime engine API…
- Who is the assignee on this patent?
- Veracode Inc
- What technology area does this patent fall under?
- Primary CPC classification G06F9/4484. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Nov 18 2025 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).