Determining coverage of dynamic security scans using runtime and static code analyses

Determining coverage of dynamic security scans using runtime and static code analyses

Example embodiments relate to assessing dynamic security scans using runtime analysis and static code analysis. In example embodiments, a system performs static code analysis of a web application to identify reachable code and/or data entry points, where the data entry points are used to determine a...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Mendelev, Kirill, Babcock, David John, Zhao, Lu, Sechman, Ronald Joseph
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page
container_issue
container_start_page
container_title
container_volume
creator Mendelev, Kirill
Babcock, David John
Zhao, Lu
Sechman, Ronald Joseph
description Example embodiments relate to assessing dynamic security scans using runtime analysis and static code analysis. In example embodiments, a system performs static code analysis of a web application to identify reachable code and/or data entry points, where the data entry points are used to determine an attack surface size for the web application. At this stage, the system may initiate runtime monitoring for a dynamic security scan of the web application, where the runtime monitoring detects invocation of a statement at one of the data entry points. The invocation is logged as an invocation entry that comprises invocation parameters and/or code units that were executed in response to the invocation. The system may then determine an attack surface coverage of the dynamic security scan using the invocation entry and the attack surface size and/or a reachable code coverage using the invocation entry and the reachable code.
format Patent
fullrecord <record><control><sourceid>epo_EVB</sourceid><recordid>TN_cdi_epo_espacenet_US10699017B2</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>US10699017B2</sourcerecordid><originalsourceid>FETCH-epo_espacenet_US10699017B23</originalsourceid><addsrcrecordid>eNqNyk0KwjAQQOFsXIh6h_EAQqugdOsf7rXrMkymJdBMSiYRcnsteABXjwff0rRXThy9EycDUHhzxIEh9GCLoHcEypSjSwWUUBSyzjBmSc4zoFjQhOnrKNj5cSzKujaLHkflza8rs73fXpfHjqfQsU5ILJy69llXx6ap6tN5f_jHfAAUqjm-</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>patent</recordtype></control><display><type>patent</type><title>Determining coverage of dynamic security scans using runtime and static code analyses</title><source>esp@cenet</source><creator>Mendelev, Kirill ; Babcock, David John ; Zhao, Lu ; Sechman, Ronald Joseph</creator><creatorcontrib>Mendelev, Kirill ; Babcock, David John ; Zhao, Lu ; Sechman, Ronald Joseph</creatorcontrib><description>Example embodiments relate to assessing dynamic security scans using runtime analysis and static code analysis. In example embodiments, a system performs static code analysis of a web application to identify reachable code and/or data entry points, where the data entry points are used to determine an attack surface size for the web application. At this stage, the system may initiate runtime monitoring for a dynamic security scan of the web application, where the runtime monitoring detects invocation of a statement at one of the data entry points. The invocation is logged as an invocation entry that comprises invocation parameters and/or code units that were executed in response to the invocation. The system may then determine an attack surface coverage of the dynamic security scan using the invocation entry and the attack surface size and/or a reachable code coverage using the invocation entry and the reachable code.</description><language>eng</language><subject>CALCULATING ; COMPUTING ; COUNTING ; ELECTRIC COMMUNICATION TECHNIQUE ; ELECTRIC DIGITAL DATA PROCESSING ; ELECTRICITY ; PHYSICS ; TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><creationdate>2020</creationdate><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&amp;date=20200630&amp;DB=EPODOC&amp;CC=US&amp;NR=10699017B2$$EHTML$$P50$$Gepo$$Hfree_for_read</linktohtml><link.rule.ids>230,308,780,885,25563,76418</link.rule.ids><linktorsrc>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&amp;date=20200630&amp;DB=EPODOC&amp;CC=US&amp;NR=10699017B2$$EView_record_in_European_Patent_Office$$FView_record_in_$$GEuropean_Patent_Office$$Hfree_for_read</linktorsrc></links><search><creatorcontrib>Mendelev, Kirill</creatorcontrib><creatorcontrib>Babcock, David John</creatorcontrib><creatorcontrib>Zhao, Lu</creatorcontrib><creatorcontrib>Sechman, Ronald Joseph</creatorcontrib><title>Determining coverage of dynamic security scans using runtime and static code analyses</title><description>Example embodiments relate to assessing dynamic security scans using runtime analysis and static code analysis. In example embodiments, a system performs static code analysis of a web application to identify reachable code and/or data entry points, where the data entry points are used to determine an attack surface size for the web application. At this stage, the system may initiate runtime monitoring for a dynamic security scan of the web application, where the runtime monitoring detects invocation of a statement at one of the data entry points. The invocation is logged as an invocation entry that comprises invocation parameters and/or code units that were executed in response to the invocation. The system may then determine an attack surface coverage of the dynamic security scan using the invocation entry and the attack surface size and/or a reachable code coverage using the invocation entry and the reachable code.</description><subject>CALCULATING</subject><subject>COMPUTING</subject><subject>COUNTING</subject><subject>ELECTRIC COMMUNICATION TECHNIQUE</subject><subject>ELECTRIC DIGITAL DATA PROCESSING</subject><subject>ELECTRICITY</subject><subject>PHYSICS</subject><subject>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><fulltext>true</fulltext><rsrctype>patent</rsrctype><creationdate>2020</creationdate><recordtype>patent</recordtype><sourceid>EVB</sourceid><recordid>eNqNyk0KwjAQQOFsXIh6h_EAQqugdOsf7rXrMkymJdBMSiYRcnsteABXjwff0rRXThy9EycDUHhzxIEh9GCLoHcEypSjSwWUUBSyzjBmSc4zoFjQhOnrKNj5cSzKujaLHkflza8rs73fXpfHjqfQsU5ILJy69llXx6ap6tN5f_jHfAAUqjm-</recordid><startdate>20200630</startdate><enddate>20200630</enddate><creator>Mendelev, Kirill</creator><creator>Babcock, David John</creator><creator>Zhao, Lu</creator><creator>Sechman, Ronald Joseph</creator><scope>EVB</scope></search><sort><creationdate>20200630</creationdate><title>Determining coverage of dynamic security scans using runtime and static code analyses</title><author>Mendelev, Kirill ; Babcock, David John ; Zhao, Lu ; Sechman, Ronald Joseph</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-epo_espacenet_US10699017B23</frbrgroupid><rsrctype>patents</rsrctype><prefilter>patents</prefilter><language>eng</language><creationdate>2020</creationdate><topic>CALCULATING</topic><topic>COMPUTING</topic><topic>COUNTING</topic><topic>ELECTRIC COMMUNICATION TECHNIQUE</topic><topic>ELECTRIC DIGITAL DATA PROCESSING</topic><topic>ELECTRICITY</topic><topic>PHYSICS</topic><topic>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</topic><toplevel>online_resources</toplevel><creatorcontrib>Mendelev, Kirill</creatorcontrib><creatorcontrib>Babcock, David John</creatorcontrib><creatorcontrib>Zhao, Lu</creatorcontrib><creatorcontrib>Sechman, Ronald Joseph</creatorcontrib><collection>esp@cenet</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Mendelev, Kirill</au><au>Babcock, David John</au><au>Zhao, Lu</au><au>Sechman, Ronald Joseph</au><format>patent</format><genre>patent</genre><ristype>GEN</ristype><title>Determining coverage of dynamic security scans using runtime and static code analyses</title><date>2020-06-30</date><risdate>2020</risdate><abstract>Example embodiments relate to assessing dynamic security scans using runtime analysis and static code analysis. In example embodiments, a system performs static code analysis of a web application to identify reachable code and/or data entry points, where the data entry points are used to determine an attack surface size for the web application. At this stage, the system may initiate runtime monitoring for a dynamic security scan of the web application, where the runtime monitoring detects invocation of a statement at one of the data entry points. The invocation is logged as an invocation entry that comprises invocation parameters and/or code units that were executed in response to the invocation. The system may then determine an attack surface coverage of the dynamic security scan using the invocation entry and the attack surface size and/or a reachable code coverage using the invocation entry and the reachable code.</abstract><oa>free_for_read</oa></addata></record>
fulltext fulltext_linktorsrc
identifier
ispartof
issn
language eng
recordid cdi_epo_espacenet_US10699017B2
source esp@cenet
subjects CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
title Determining coverage of dynamic security scans using runtime and static code analyses
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-08T19%3A10%3A12IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-epo_EVB&rft_val_fmt=info:ofi/fmt:kev:mtx:patent&rft.genre=patent&rft.au=Mendelev,%20Kirill&rft.date=2020-06-30&rft_id=info:doi/&rft_dat=%3Cepo_EVB%3EUS10699017B2%3C/epo_EVB%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true