4. Information security
  5. Monitoring or scanning of software or data including attack...
  6. Vulnerability assessment

Systems and methods for detecting software buffer security...

Information security – Monitoring or scanning of software or data including attack... – Vulnerability assessment

Reexamination Certificate

Rate now
  [ 0.00 ] – not rated yet Voters 0   Comments 0

Details

C726S022000, C713S189000, C713S190000, C713S191000, C705S051000, C705S052000, C705S053000, C705S054000, C717S174000, C717S175000, C717S176000, C717S177000, C717S178000

Reexamination Certificate

active

10342247

ABSTRACT:
Embodiments of the present invention relate to systems and methods for detecting software buffer security vulnerabilities. According to an embodiment, a computer-readable medium stores a plurality of instructions to be executed by a processor for detecting software buffer security vulnerabilities. The plurality of instructions comprise instructions to receive software code associated with a potential buffer vulnerability, generate constraints related to the software code associated with the potential buffer vulnerability, partition the software code into one or more procedures, and generate for each procedure a set of constraints that summarizes the impact of a procedure on buffer variables. The computer-readable medium also stores instructions to receive a system dependence graph corresponding to the software code, traverse back along the system dependence graph to collect constraints related to the potential buffer vulnerability, and reduce the collected constraints to determine a maximum value length that has been assigned to a buffer corresponding to a potential buffer vulnerability. The plurality of instructions also include to compare the maximum value length that has been assigned to a buffer to an amount of memory that has been allocated to the buffer to determine whether there is a buffer vulnerability.

REFERENCES:
patent: 6301699 (2001-10-01), Hollander et al.
patent: 6721721 (2004-04-01), Bates et al.
patent: 6802012 (2004-10-01), Smithson et al.
M. Weber, V. Shah and C. Ren, “A Case Study in Detecting Software Security Vulnerabilities using Constraint Optimization,”IEEE Workshop on Source Code Analysis and Manipulation, Nov. 2001, Florence, Italy.

Ren Chuangang

Inventor

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Shah Viren R.

Inventor

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Weber Michael D.

Inventor

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Cigital, Inc.

Corporate Assignee

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Edell Shapiro & Finnan LLC

Law Firm

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Tolentino Roderick

Examiner

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Zand Kambiz

Examiner

  [ 0.00 ] – not rated yet Voters 0   Comments 0

LandOfFree

Say what you really think

Search LandOfFree.com for the USA inventors and patents. Rate them and share your experience with other people.

Rating

Systems and methods for detecting software buffer security... does not yet have a rating. At this time, there are no reviews or comments for this patent.

If you have personal experience with Systems and methods for detecting software buffer security..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Systems and methods for detecting software buffer security... will most certainly appreciate the feedback.

Rate now

     

Profile ID: LFUS-PAI-O-3876843

  Search
All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.

Canada

 Charities
 Companies
 MP Candidates
 Patents
 Employee Salary Disclosure

World

 Places of the World
 Scientific Papers

United States

 Banks
 Companies
 Counties
 Patents
 Employee Salary Disclosure