Machine learned model for generating opinionated threat assessments of security vulnerabilities
US-2024411898-A1 · Dec 12, 2024 · US
Targeted security testing
US9971897B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9971897-B2 |
| Application number | US-201213431808-A |
| Country | US |
| Kind code | B2 |
| Filing date | Mar 27, 2012 |
| Priority date | Dec 30, 2011 |
| Publication date | May 15, 2018 |
| Grant date | May 15, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Source code of a plurality of web pages including script code is statically analyzed. A page including a potential vulnerability is identified based on the static analysis. A page not including a potential vulnerability is identified based on the static analysis. The web page including the potential vulnerability is dynamically analyzed using a set of test payloads. The page not including the potential vulnerability is dynamically analyzed using a subset of the set of test payloads, the subset including fewer test payloads than the set of test payloads.
First claim
Opening claim text (preview).
What is claimed is: 1. A computer implemented method comprising: statically analyzing, on a computing device, source code of a plurality of web pages including script code; identifying, on the computing device, a first web page of the plurality of web pages as including a potential vulnerability based on the static analysis; identifying, on the computing device, a second web page of the plurality of web pages as not including a potential vulnerability based on the static analysis; flagging, based on the static analysis, the first web page of the plurality of web pages as including the potential vulnerability; flagging, based on the static analysis, the second web page of the plurality of web pages as not including the potential vulnerability; dynamically analyzing, on the computing device, the first web page of the plurality of web pages using a set of test payloads per parameter tested based upon flagging the first web page as including the potential vulnerability to verify whether the potential vulnerability is a false positive; and dynamically analyzing, on the computing device, the second web page of the plurality of web pages using a subset of the set of test payloads based upon flagging the second web page as not including the potential vulnerability, the subset including fewer test payloads per parameter tested than the set of test payloads per parameter tested used for the first web page of the plurality of web pages based upon flagging the first web page as including the potential vulnerability, and wherein the subset tests for one or more common sources of vulnerabilities; wherein a ratio of the test payloads per parameter in the subset of the set of test payloads to the test payloads per parameter in the set of test payloads is between 1:10 and 1:200. 2. The computer implemented method of claim 1 , further comprising receiving the plurality of web pages from a web server. 3. The computer implemented method of claim 1 , wherein the plurality of web pages are associated with a web application. 4. The computer implemented method of claim 1 , wherein statically analyzing the source code of the plurality of web pages, includes building a model representing a flow of data through the source code of the plurality of web pages. 5. The computer implemented method of claim 1 , wherein the potential vulnerability includes a data-flow violation based on a set of security rules. 6. The computer implemented method of claim 1 , wherein statically analyzing the source code of the plurality of web pages includes static taint analysis. 7. The computer implemented method of claim 1 , wherein dynamically analyzing includes executing the script code on a script engine. 8. The computer implemented method of claim 1 , wherein the subset of the set of test payloads includes between 1 to 10 test payloads per parameter and the set of test payloads includes between 100 to 200 test payloads per parameter.
Assignees
Inventors
Classifications
- G06F21/577Primary
Assessing vulnerabilities and evaluating computer system security · CPC title
Test or assess software · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9971897B2 cover?
- Source code of a plurality of web pages including script code is statically analyzed. A page including a potential vulnerability is identified based on the static analysis. A page not including a potential vulnerability is identified based on the static analysis. The web page including the potential vulnerability is dynamically analyzed using a set of test payloads. The page not including the p…
- Who is the assignee on this patent?
- Amit Yair, Guy Lotem, Kalman Daniel, and 3 more
- What technology area does this patent fall under?
- Primary CPC classification G06F21/577. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue May 15 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).