WO2004053647A3 - Software analysis framework - Google Patents

Software analysis framework Download PDF

Info

Publication number
WO2004053647A3
WO2004053647A3 PCT/US2003/039047 US0339047W WO2004053647A3 WO 2004053647 A3 WO2004053647 A3 WO 2004053647A3 US 0339047 W US0339047 W US 0339047W WO 2004053647 A3 WO2004053647 A3 WO 2004053647A3
Authority
WO
WIPO (PCT)
Prior art keywords
nanocode
code
annotations
identifying
annotated
Prior art date
Application number
PCT/US2003/039047
Other languages
French (fr)
Other versions
WO2004053647A2 (en
Inventor
Christian R Rioux
Original Assignee
Symantec Corp
Christian R Rioux
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Family has litigation
First worldwide family litigation filed litigation Critical https://patents.darts-ip.com/?family=32468390&utm_source=google_patent&utm_medium=platform_link&utm_campaign=public_patent_search&patent=WO2004053647(A3) "Global patent litigation dataset” by Darts-ip is licensed under a Creative Commons Attribution 4.0 International License.
Application filed by Symantec Corp, Christian R Rioux filed Critical Symantec Corp
Priority to AU2003296374A priority Critical patent/AU2003296374A1/en
Publication of WO2004053647A2 publication Critical patent/WO2004053647A2/en
Publication of WO2004053647A3 publication Critical patent/WO2004053647A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/40Transformation of program code
    • G06F8/53Decompilation; Disassembly
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/40Transformation of program code
    • G06F8/41Compilation
    • G06F8/42Syntactic analysis
    • G06F8/427Parsing

Abstract

A decompilation method of operation and system for parsing executable code, identifying and recursively modeling data flows, identifying and recursively modeling control flow, and iteratively refining these models to provide a complete model at the nanocode level. The nanocode decompiler may be used to determine if flaws, security vulnerabilities, or general quality issues exist in the code. The nanocode decompiler outputs in a standardized, human-readable intermediate representation (IR) designed for automated or scripted analysis and reporting. Reports may take the form of a computer annotated and/or partially human annotated nanocode listing in the above-described IR. Annotations may include plain English statements regarding flaws and pointers to badly constructed data structures, unchecked buffers, malicious embedded code or 'trap doors,' and the like. Annotations may be generated through a scripted analysis process or by means of an expert-enhanced, quasi-autonomous system.
PCT/US2003/039047 2002-12-06 2003-12-08 Software analysis framework WO2004053647A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2003296374A AU2003296374A1 (en) 2002-12-06 2003-12-08 Software analysis framework

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US10/314,005 2002-12-06
US10/314,005 US7051322B2 (en) 2002-12-06 2002-12-06 Software analysis framework

Publications (2)

Publication Number Publication Date
WO2004053647A2 WO2004053647A2 (en) 2004-06-24
WO2004053647A3 true WO2004053647A3 (en) 2005-03-31

Family

ID=32468390

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2003/039047 WO2004053647A2 (en) 2002-12-06 2003-12-08 Software analysis framework

Country Status (3)

Country Link
US (6) US7051322B2 (en)
AU (1) AU2003296374A1 (en)
WO (1) WO2004053647A2 (en)

Families Citing this family (123)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AU2001245754A1 (en) 2000-03-17 2001-10-03 Ebay, Inc. Method and apparatus for facilitating online payment transactions in a network-based transaction facility using multiple payment instruments
US7499875B1 (en) 2000-03-17 2009-03-03 Ebay Inc. Method and apparatus for facilitating online payment transactions in a network-based transaction facility using multiple payment instruments
US8706618B2 (en) 2005-09-29 2014-04-22 Ebay Inc. Release of funds based on criteria
US7299225B2 (en) * 2002-11-26 2007-11-20 International Business Machines Corporation High performance predicate push-down for non-matching predicate operands
US7707544B2 (en) * 2002-12-05 2010-04-27 Bea Systems, Inc. System and method for generating and reusing software application code with source definition files
US7877681B2 (en) * 2002-12-05 2011-01-25 Borland Software Corporation Automatic context management for web applications with client side code execution
US7051322B2 (en) * 2002-12-06 2006-05-23 @Stake, Inc. Software analysis framework
US7353503B2 (en) * 2002-12-27 2008-04-01 Sun Microsystems, Inc. Efficient dead code elimination
EP1627303A4 (en) * 2003-04-18 2009-01-14 Ounce Labs Inc Method ans system for detecting vulnerabilities in source code
CN1809812A (en) * 2003-04-18 2006-07-26 盎司实验室股份有限公司 Method ans system for detecting vulnerabilities in source code
US7216341B2 (en) * 2003-05-09 2007-05-08 Microsoft Corporation Instrumenting software for enhanced diagnosability
US8141052B2 (en) * 2003-05-09 2012-03-20 Microsoft Corporation Instrumenting software for enhanced diagnosability
US7437718B2 (en) * 2003-09-05 2008-10-14 Microsoft Corporation Reviewing the security of trusted software components
US7530054B2 (en) * 2003-09-30 2009-05-05 International Business Machines Corporation Program analysis tool presenting object containment and temporal flow information
US7765539B1 (en) * 2004-05-19 2010-07-27 Nintendo Co., Ltd. System and method for trans-compiling video games
WO2005121953A1 (en) * 2004-06-04 2005-12-22 Fortify Software, Inc. Apparatus and method for developing, testing and monitoring secure software
US7975306B2 (en) * 2004-06-04 2011-07-05 Hewlett-Packard Development Company, L.P. Apparatus and method for monitoring secure software
US20060070043A1 (en) * 2004-07-27 2006-03-30 Viega John T System and method for analyzing computer code
US20060064681A1 (en) * 2004-09-23 2006-03-23 Robinson Douglas B Method and system for verifying makefile accuracy
US8812269B1 (en) 2004-12-13 2014-08-19 The Mathworks, Inc. Dynamic range assessment in block diagram systems
US8855981B2 (en) * 2004-12-13 2014-10-07 The Mathworks, Inc. Tools for system-level design environments
US7730448B2 (en) * 2005-08-11 2010-06-01 Microsoft Corporation Layered type systems
US20070050755A1 (en) * 2005-08-24 2007-03-01 International Business Machines Corporation Identification of input sequences
US8347392B2 (en) * 2005-08-25 2013-01-01 Hewlett-Packard Development Company, L.P. Apparatus and method for analyzing and supplementing a program to provide security
US8473971B2 (en) 2005-09-06 2013-06-25 Microsoft Corporation Type inference and type-directed late binding
US7849509B2 (en) * 2005-10-07 2010-12-07 Microsoft Corporation Detection of security vulnerabilities in computer programs
US8171462B2 (en) * 2006-04-21 2012-05-01 Microsoft Corporation User declarative language for formatted data processing
US8549492B2 (en) * 2006-04-21 2013-10-01 Microsoft Corporation Machine declarative language for formatted data processing
EP1870829B1 (en) * 2006-06-23 2014-12-03 Microsoft Corporation Securing software by enforcing data flow integrity
US7617489B2 (en) * 2006-09-15 2009-11-10 Ounce Labs, Inc. Method and system for detecting interprocedural vulnerability by analysis of source code
JP5042315B2 (en) * 2006-10-19 2012-10-03 チェックマークス リミテッド Detect security vulnerabilities in source code
FR2911971B1 (en) * 2007-01-26 2009-04-24 Commissariat Energie Atomique METHOD AND SYSTEM FOR VERIFYING PROPERTIES OF A COMPUTER PROGRAM
US8407675B1 (en) * 2007-02-06 2013-03-26 The United States Of America As Represented By The Secretary Of The Navy Extraction of executable code and translation to alternate platform
CN101246486B (en) * 2007-02-13 2012-02-01 国际商业机器公司 Method and apparatus for improved process of expressions
US8613080B2 (en) 2007-02-16 2013-12-17 Veracode, Inc. Assessment and analysis of software security flaws in virtual machines
US7802299B2 (en) * 2007-04-09 2010-09-21 Microsoft Corporation Binary function database system
US7996798B2 (en) * 2007-05-24 2011-08-09 Microsoft Corporation Representing binary code as a circuit
US8321836B2 (en) * 2007-06-21 2012-11-27 Microsoft Corporation Late bound programmatic assistance
US20080320453A1 (en) * 2007-06-21 2008-12-25 Microsoft Corporation Type inference and late binding
US8584094B2 (en) * 2007-06-29 2013-11-12 Microsoft Corporation Dynamically computing reputation scores for objects
US8601451B2 (en) * 2007-08-29 2013-12-03 Mcafee, Inc. System, method, and computer program product for determining whether code is unwanted based on the decompilation thereof
US8250541B2 (en) * 2007-09-20 2012-08-21 The Boeing Company Reversible object code compiler for mathematical models
KR100916329B1 (en) * 2007-11-01 2009-09-11 한국전자통신연구원 Device and Method for Inspecting Vulnerability of Software
US8136095B2 (en) * 2007-12-19 2012-03-13 Microsoft Corporation Relations in fuzzing data
US8286133B2 (en) * 2007-12-19 2012-10-09 Microsoft Corporation Fuzzing encoded data
US8181167B2 (en) * 2008-01-09 2012-05-15 Kan Zhao Method and system for presenting and analyzing software source code through intermediate representation
US8527965B2 (en) * 2008-04-14 2013-09-03 Oracle America, Inc. Layered static program analysis framework for software testing
US9063765B2 (en) * 2008-04-28 2015-06-23 Kaazing Corporation System and methods for distributed execution of computer executable programs utilizing asymmetric translation
US8423879B2 (en) * 2008-05-14 2013-04-16 Honeywell International Inc. Method and apparatus for test generation from hybrid diagrams with combined data flow and statechart notation
US9779234B2 (en) * 2008-06-18 2017-10-03 Symantec Corporation Software reputation establishment and monitoring system and method
CA2680306C (en) 2008-09-24 2018-01-16 Accenture Global Services Gmbh Identification of concepts in software
US20100083238A1 (en) * 2008-09-30 2010-04-01 Microsoft Corporation Binary manipulation of intermediate-language code
US8479169B1 (en) * 2008-10-20 2013-07-02 Google Inc. Code analysis via ranged values
US8645923B1 (en) * 2008-10-31 2014-02-04 Symantec Corporation Enforcing expected control flow in program execution
US20130227533A1 (en) * 2008-11-06 2013-08-29 Albert Donald Tonkin Code transformation
US8225298B2 (en) * 2008-11-06 2012-07-17 International Business Machines Corporation Tool for analyzing Siebel escripts
US9274930B2 (en) * 2008-12-22 2016-03-01 Microsoft Technology Licensing, Llc Debugging system using static analysis
US8479161B2 (en) * 2009-03-18 2013-07-02 Oracle International Corporation System and method for performing software due diligence using a binary scan engine and parallel pattern matching
CA2660748C (en) * 2009-03-31 2016-08-09 Trapeze Software Inc. System for aggregating data and a method for providing the same
US8612951B2 (en) * 2009-04-21 2013-12-17 Oracle International Corporation Method of determining which computer program functions are changed by an arbitrary source code modification
US8397300B2 (en) * 2009-09-22 2013-03-12 International Business Machines Corporation Detecting security vulnerabilities relating to cryptographically-sensitive information carriers when testing computer software
US9098619B2 (en) 2010-04-19 2015-08-04 Honeywell International Inc. Method for automated error detection and verification of software
US8572591B2 (en) 2010-06-15 2013-10-29 Microsoft Corporation Dynamic adaptive programming
JP5496792B2 (en) * 2010-06-29 2014-05-21 インターナショナル・ビジネス・マシーンズ・コーポレーション Code conversion program, method and system
WO2012025865A1 (en) 2010-08-24 2012-03-01 Checkmarx Ltd. Mining source code for violations of programming rules
US9424010B2 (en) * 2010-08-30 2016-08-23 International Business Machines Corporation Extraction of functional semantics and isolated dataflow from imperative object oriented languages
US20120102474A1 (en) * 2010-10-26 2012-04-26 International Business Machines Corporation Static analysis of client-server applications using framework independent specifications
US8782603B2 (en) * 2010-12-21 2014-07-15 Sap Ag Standardized configuration checklists for software development
US8464232B2 (en) * 2010-12-27 2013-06-11 Aleksandr F. Urakhchin Compiler compiler system with syntax-controlled runtime and binary application programming interfaces
US8984488B2 (en) * 2011-01-14 2015-03-17 Honeywell International Inc. Type and range propagation through data-flow models
US8984343B2 (en) 2011-02-14 2015-03-17 Honeywell International Inc. Error propagation in a system model
US8700580B1 (en) * 2011-04-29 2014-04-15 Google Inc. Moderation of user-generated content
US9256401B2 (en) 2011-05-31 2016-02-09 Microsoft Technology Licensing, Llc Editor visualization of symbolic relationships
US8695098B2 (en) 2011-06-30 2014-04-08 International Business Machines Corporation Detecting security vulnerabilities in web applications
US9009686B2 (en) * 2011-11-07 2015-04-14 Nvidia Corporation Algorithm for 64-bit address mode optimization
US9098624B1 (en) 2011-12-22 2015-08-04 Dell Software Inc. Deep type parsing
US9971896B2 (en) 2011-12-30 2018-05-15 International Business Machines Corporation Targeted security testing
US9286063B2 (en) 2012-02-22 2016-03-15 Veracode, Inc. Methods and systems for providing feedback and suggested programming methods
US8918881B2 (en) 2012-02-24 2014-12-23 Appthority, Inc. Off-device anti-malware protection for mobile devices
US8713684B2 (en) 2012-02-24 2014-04-29 Appthority, Inc. Quantifying the risks of applications for mobile devices
US8819772B2 (en) 2012-06-25 2014-08-26 Appthority, Inc. In-line filtering of insecure or unwanted mobile device software components or communications
CN102855139B (en) * 2012-08-10 2015-04-22 浙江省电力公司电力科学研究院 Method and system for clearing register in decompiling data flow analysis
EP2901290A4 (en) * 2012-09-25 2016-04-20 Checkmarx Ltd Detecting malicious advertisements using source code analysis
US9588777B2 (en) 2012-10-10 2017-03-07 Landmark Graphics Corporation Method and system of knowledge transfer between users of a software application
US9690945B2 (en) * 2012-11-14 2017-06-27 International Business Machines Corporation Security analysis using relational abstraction of data structures
CN103177215B (en) * 2013-03-05 2016-01-20 四川电力科学研究院 Based on the computer malware new detecting method of software control stream feature
US9110758B2 (en) * 2013-03-15 2015-08-18 Western Digital Technologies, Inc. Cross-platform software framework for embedded systems on data storage device
US9104432B2 (en) 2013-06-24 2015-08-11 International Business Machines Corporation Extracting stream graph structure in a computer language by pre-executing a deterministic subset
US9898310B2 (en) * 2013-10-16 2018-02-20 International Business Machines Corporation Symmetrical dimensions in context-oriented programming to optimize software object execution
CA2831711A1 (en) * 2013-10-31 2015-04-30 Ibm Canada Limited - Ibm Canada Limitee Performing safe conditional-load and conditional-store operations
GB201405755D0 (en) * 2014-03-31 2014-05-14 Irdeto Bv Optimizing and protecting software
US9378001B2 (en) 2014-05-02 2016-06-28 Microsoft Technology Licensing, Llc Matching program sections through feature extraction
US9483297B2 (en) 2014-05-28 2016-11-01 Red Hat Israel, Ltd. Intelligent detection of inconsistent advanced configuration and power interface (ACPI) table instances in virtualized systems
US9442707B2 (en) * 2014-06-25 2016-09-13 Microsoft Technology Licensing, Llc Incremental whole program compilation of code
US10599852B2 (en) 2014-08-15 2020-03-24 Securisea, Inc. High performance software vulnerabilities detection system and methods
US9454659B1 (en) 2014-08-15 2016-09-27 Securisea, Inc. Software vulnerabilities detection system and methods
US9824214B2 (en) 2014-08-15 2017-11-21 Securisea, Inc. High performance software vulnerabilities detection system and methods
US10783254B2 (en) 2014-10-02 2020-09-22 Massachusetts Institute Of Technology Systems and methods for risk rating framework for mobile applications
US9984105B2 (en) * 2014-12-04 2018-05-29 International Business Machines Corporation Automatic discovery of code and data stores that populate a user interface element
CN107431646A (en) * 2014-12-23 2017-12-01 安提特软件有限责任公司 Load testing
US9594913B2 (en) 2015-01-28 2017-03-14 Wal-Mart Stores, Inc. System, method, and non-transitory computer-readable storage media for analyzing software application modules and provide actionable intelligence on remediation efforts
RU2635271C2 (en) * 2015-03-31 2017-11-09 Закрытое акционерное общество "Лаборатория Касперского" Method of categorizing assemblies and dependent images
US9772925B2 (en) * 2015-10-22 2017-09-26 Microsoft Technology Licensing, Llc Storage access debugging with disassembly and symbol entries
US9886249B2 (en) * 2015-11-16 2018-02-06 Sap Se Universal transcompiling framework
US9910646B2 (en) * 2015-12-26 2018-03-06 Intel Corporation Technologies for native code invocation using binary analysis
US9696973B1 (en) * 2016-02-24 2017-07-04 Semmle Limited Compilation cache with imports scanner
US10133649B2 (en) 2016-05-12 2018-11-20 Synopsys, Inc. System and methods for model-based analysis of software
US10354069B2 (en) * 2016-09-02 2019-07-16 Bae Systems Information And Electronic Systems Integration Inc. Automated reverse engineering
US10521591B2 (en) 2016-12-01 2019-12-31 International Business Machines Corporation Detection of compiler injected security flaws
EP3401827A1 (en) 2017-05-10 2018-11-14 Checkmarx Ltd. Method and system of static and dynamic data flow analysis
US10338902B1 (en) * 2017-06-26 2019-07-02 Unity IPR ApS Method and system for a compiler and decompiler
US10303449B2 (en) * 2017-07-31 2019-05-28 Oracle International Corporation Compiling non-native constants
RU2697948C1 (en) * 2018-04-19 2019-08-21 Акционерное общество "Лаборатория Касперского" System and method of detecting vulnerabilities using interception of function calls
TWI661355B (en) * 2018-08-03 2019-06-01 中華電信股份有限公司 Context-aware data structure reverse engineering system and method thereof
US10657025B2 (en) * 2018-10-18 2020-05-19 Denso International America, Inc. Systems and methods for dynamically identifying data arguments and instrumenting source code
US11074167B2 (en) * 2019-03-25 2021-07-27 Aurora Labs Ltd. Visualization of code execution through line-of-code behavior and relation models
US11074055B2 (en) * 2019-06-14 2021-07-27 International Business Machines Corporation Identification of components used in software binaries through approximate concrete execution
US11210405B2 (en) * 2019-07-31 2021-12-28 Blackberry Limited Binary vulnerability determination
CN110837372B (en) * 2019-11-04 2021-01-26 贵阳动视云科技有限公司 Method, apparatus, medium, and device for clearing confusion of assembly code
EP3872663A1 (en) * 2020-02-28 2021-09-01 BlackBerry Limited Method and device for symbolic analysis of a software program
US11836258B2 (en) 2020-07-28 2023-12-05 Checkmarx Ltd. Detecting exploitable paths in application software that uses third-party libraries
WO2022026802A1 (en) * 2020-07-31 2022-02-03 Code Walker L.L.C. Comparative method for computer code mapping and visualization
US11363055B2 (en) 2020-11-02 2022-06-14 Bank Of America Corporation System and methods for dynamic controlled evaluation of cloud service vulnerabilities

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5854924A (en) * 1996-08-08 1998-12-29 Globetrotter Software, Inc. Static debugging tool and method

Family Cites Families (140)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4533997A (en) * 1972-08-25 1985-08-06 Westinghouse Electric Corp. Computer monitored or controlled system which may be modified and de-bugged on-line by one not skilled in computer programming
US4527237A (en) * 1979-10-11 1985-07-02 Nanodata Computer Corporation Data processing system
US4931928A (en) * 1988-11-09 1990-06-05 Greenfeld Norton R Apparatus for analyzing source code
US5325531A (en) * 1989-06-30 1994-06-28 Digital Equipment Corporation Compiler using clean lines table with entries indicating unchanged text lines for incrementally compiling only changed source text lines
US5263162A (en) * 1990-11-07 1993-11-16 Hewlett-Packard Company Method of validating a label translation configuration by parsing a real expression describing the translation configuration
IL100986A (en) * 1991-02-27 1997-01-10 Digital Equipment Corp Method for compiling code
IL100990A (en) * 1991-02-27 1995-10-31 Digital Equipment Corp Multilanguage optimizing compiler using templates in multiple pass code generation
US5274815A (en) * 1991-11-01 1993-12-28 Motorola, Inc. Dynamic instruction modifying controller and operation method
US5481708A (en) * 1992-06-05 1996-01-02 Borland International, Inc. System and methods for optimizing object-oriented compilations
US6151701A (en) * 1997-09-30 2000-11-21 Ahpah Software, Inc. Method for reconstructing debugging information for a decompiled executable file
US5432942A (en) * 1993-06-10 1995-07-11 The United States Of America As Represented By The Secretary Of The Navy Data structure extraction, conversion and display tool
US6064819A (en) * 1993-12-08 2000-05-16 Imec Control flow and memory management optimization
US5937190A (en) * 1994-04-12 1999-08-10 Synopsys, Inc. Architecture and methods for a hardware description language source level analysis and debugging system
US5694539A (en) * 1994-08-10 1997-12-02 Intrinsa Corporation Computer process resource modelling method and apparatus
US5586328A (en) * 1994-10-21 1996-12-17 Microsoft Corporation Module dependency based incremental compiler and method
US5590330A (en) * 1994-12-13 1996-12-31 International Business Machines Corporation Method and system for providing a testing facility in a program development tool
US5892900A (en) 1996-08-30 1999-04-06 Intertrust Technologies Corp. Systems and methods for secure transaction management and electronic rights protection
CA2171570C (en) * 1995-03-29 1999-09-21 Swee Boon Lim Compiler with generic front end and dynamically loadable back ends
US5862382A (en) * 1995-05-08 1999-01-19 Kabushiki Kaisha Toshiba Program analysis system and program analysis method
US5918035A (en) * 1995-05-15 1999-06-29 Imec Vzw Method for processor modeling in code generation and instruction set simulation
US5793374A (en) * 1995-07-28 1998-08-11 Microsoft Corporation Specialized shaders for shading objects in computer generated images
US5875334A (en) * 1995-10-27 1999-02-23 International Business Machines Corporation System, method, and program for extending a SQL compiler for handling control statements packaged with SQL query statements
GB9600823D0 (en) * 1996-01-16 1996-03-20 British Telecomm Distributed processing
US6021469A (en) * 1996-01-24 2000-02-01 Sun Microsystems, Inc. Hardware virtual machine instruction processor
US5854929A (en) * 1996-03-08 1998-12-29 Interuniversitair Micro-Elektronica Centrum (Imec Vzw) Method of generating code for programmable processors, code generator and application thereof
US5864871A (en) 1996-06-04 1999-01-26 Multex Systems Information delivery system and method including on-line entitlements
FR2754367B1 (en) * 1996-10-09 1999-01-22 Bull Sa METHOD FOR ANALYZING COMPLEX STRUCTURES AND SYSTEM FOR CARRYING OUT SUCH A METHOD
US5819097A (en) * 1996-12-09 1998-10-06 Allen Bradley Company, Llc Industrial controller compiler with expandable instruction set
US5881290A (en) * 1996-12-09 1999-03-09 Allen-Bradley Company, Llc Industrial controller decompiler accommodating an expandable instruction set
US5859998A (en) * 1997-03-19 1999-01-12 Advanced Micro Devices, Inc. Hierarchical microcode implementation of floating point instructions for a microprocessor
DE69804708T2 (en) * 1997-03-29 2002-11-14 Imec Vzw Method and device for size optimization of storage units
US6009256A (en) * 1997-05-02 1999-12-28 Axis Systems, Inc. Simulation/emulation system and method
US6668325B1 (en) * 1997-06-09 2003-12-23 Intertrust Technologies Obfuscation techniques for enhancing software security
US6014518A (en) * 1997-06-26 2000-01-11 Microsoft Corporation Terminating polymorphic type inference program analysis
US5933635A (en) * 1997-10-06 1999-08-03 Sun Microsystems, Inc. Method and apparatus for dynamically deoptimizing compiled activations
US5913047A (en) * 1997-10-29 1999-06-15 Advanced Micro Devices, Inc. Pairing floating point exchange instruction with another floating point instruction to reduce dispatch latency
US6289505B1 (en) * 1997-11-18 2001-09-11 Sun Microsystems, Inc. Method, apparatus and computer programmed product for binary re-optimization using a high level language compiler
WO1999030229A1 (en) * 1997-12-11 1999-06-17 Digits Corp. Object code analysis and remediation system and method
US6175948B1 (en) * 1998-02-05 2001-01-16 Motorola, Inc. Method and apparatus for a waveform compiler
US6311327B1 (en) * 1998-03-02 2001-10-30 Applied Microsystems Corp. Method and apparatus for analyzing software in a language-independent manner
US6249910B1 (en) * 1998-05-04 2001-06-19 Hewlett-Packard Company Apparatus and method for incrementally update static single assignment form for cloned variable name definitions
US6151706A (en) * 1998-06-16 2000-11-21 Silicon Graphics, Inc. Method, system, and computer program product for extending sparse partial redundancy elimination to support speculative code motion within an optimizing compiler
US6336087B2 (en) * 1998-07-24 2002-01-01 Luc M. Burgun Method and apparatus for gate-level simulation of synthesized register transfer level design with source-level debugging
US6240376B1 (en) * 1998-07-24 2001-05-29 Mentor Graphics Corporation Method and apparatus for gate-level simulation of synthesized register transfer level designs with source-level debugging
US6374358B1 (en) 1998-08-05 2002-04-16 Sun Microsystems, Inc. Adaptive countermeasure selection method and apparatus
US6230313B1 (en) * 1998-12-23 2001-05-08 Cray Inc. Parallelism performance analysis based on execution trace information
US6457172B1 (en) * 1999-04-13 2002-09-24 International Business Machines Corporation Compiler for supporting multiple runtime data representations
US6594761B1 (en) * 1999-06-09 2003-07-15 Cloakware Corporation Tamper resistant software encoding
US6412106B1 (en) * 1999-06-16 2002-06-25 Intervoice Limited Partnership Graphical system and method for debugging computer programs
US6381738B1 (en) * 1999-07-16 2002-04-30 International Business Machines Corporation Method for optimizing creation and destruction of objects in computer programs
US7430670B1 (en) * 1999-07-29 2008-09-30 Intertrust Technologies Corp. Software self-defense systems and methods
US6779114B1 (en) * 1999-08-19 2004-08-17 Cloakware Corporation Tamper resistant software-control flow encoding
US6560774B1 (en) * 1999-09-01 2003-05-06 Microsoft Corporation Verifier to check intermediate language
US6892303B2 (en) 2000-01-06 2005-05-10 International Business Machines Corporation Method and system for caching virus-free file certificates
US7032216B1 (en) * 2000-02-25 2006-04-18 Oracle International Corporation Native compilation and safe deployment of virtual machine code
WO2001086427A2 (en) 2000-05-09 2001-11-15 Sun Microsystems, Inc. Transformation of objects between a computer programming language and a data representation language
US7577834B1 (en) * 2000-05-09 2009-08-18 Sun Microsystems, Inc. Message authentication using message gates in a distributed computing environment
US7389208B1 (en) * 2000-06-30 2008-06-17 Accord Solutions, Inc. System and method for dynamic knowledge construction
US6807569B1 (en) 2000-09-12 2004-10-19 Science Applications International Corporation Trusted and anonymous system and method for sharing threat data to industry assets
US6925638B1 (en) * 2000-09-21 2005-08-02 International Business Machines Corporation Mutability analysis in Java
US6820256B2 (en) * 2000-12-13 2004-11-16 Microsoft Corporation System and method for whole-system program analysis
US7284274B1 (en) 2001-01-18 2007-10-16 Cigital, Inc. System and method for identifying and eliminating vulnerabilities in computer software applications
CA2445195A1 (en) * 2001-04-24 2002-10-31 Wvhtc Foundation Software suitability testing system
US7315903B1 (en) * 2001-07-20 2008-01-01 Palladia Systems, Inc. Self-configuring server and server network
US6928638B2 (en) * 2001-08-07 2005-08-09 Intel Corporation Tool for generating a re-generative functional test
US7313734B2 (en) * 2002-01-14 2007-12-25 International Business Machines Corporation Method and system for instruction tracing with enhanced interrupt avoidance
US7376939B1 (en) * 2002-02-07 2008-05-20 Xilinx, Inc. System for architecture and resource specification and methods to compile the specification onto hardware
US6941467B2 (en) 2002-03-08 2005-09-06 Ciphertrust, Inc. Systems and methods for adaptive message interrogation through multiple queues
US7930753B2 (en) 2002-07-01 2011-04-19 First Data Corporation Methods and systems for performing security risk assessments of internet merchant entities
US6983456B2 (en) * 2002-10-31 2006-01-03 Src Computers, Inc. Process for converting programs in high-level programming languages to a unified executable for hybrid computing platforms
US7155708B2 (en) * 2002-10-31 2006-12-26 Src Computers, Inc. Debugging and performance profiling using control-dataflow graph representations with reconfigurable hardware emulation
US7140008B2 (en) * 2002-11-25 2006-11-21 Microsoft Corporation Dynamic temporal optimization framework
US6980927B2 (en) 2002-11-27 2005-12-27 Telos Corporation Enhanced system, method and medium for certifying and accrediting requirements compliance utilizing continuous risk assessment
US7051322B2 (en) * 2002-12-06 2006-05-23 @Stake, Inc. Software analysis framework
EP1627319A4 (en) 2003-05-01 2009-11-11 Samsung Electronics Co Ltd Authenticating method and apparatus
US7185323B2 (en) * 2003-05-16 2007-02-27 Sun Microsystems, Inc. Using value speculation to break constraining dependencies in iterative control flow structures
US7707566B2 (en) * 2003-06-26 2010-04-27 Microsoft Corporation Software development infrastructure
US7162473B2 (en) 2003-06-26 2007-01-09 Microsoft Corporation Method and system for usage analyzer that determines user accessed sources, indexes data subsets, and associated metadata, processing implicit queries based on potential interest to users
US7840951B1 (en) * 2003-08-22 2010-11-23 Oracle America, Inc. Reducing the overhead involved in executing native code in a virtual machine through binary reoptimization
US7340734B1 (en) * 2003-08-27 2008-03-04 Nvidia Corporation Method and apparatus to make code more difficult to reverse engineer
US7207038B2 (en) * 2003-08-29 2007-04-17 Nokia Corporation Constructing control flows graphs of binary executable programs at post-link time
US7856624B2 (en) * 2003-09-15 2010-12-21 Thomas Plum Automated safe secure techniques for eliminating undefined behavior in computer software
US7266813B2 (en) * 2003-09-30 2007-09-04 International Business Machines Corporation Determining how many class-type checks to inline
US20050138426A1 (en) 2003-11-07 2005-06-23 Brian Styslinger Method, system, and apparatus for managing, monitoring, auditing, cataloging, scoring, and improving vulnerability assessment tests, as well as automating retesting efforts and elements of tests
US20060136424A1 (en) 2004-03-25 2006-06-22 Jayasimha Nuggehalli Approach for collecting and reporting status data from network devices
US8171553B2 (en) 2004-04-01 2012-05-01 Fireeye, Inc. Heuristic based capture with replay to virtual machine
US20070180490A1 (en) 2004-05-20 2007-08-02 Renzi Silvio J System and method for policy management
US7356672B2 (en) * 2004-05-28 2008-04-08 The Regents Of The University Of California Warp processor for dynamic hardware/software partitioning
EP1612509A1 (en) 2004-07-01 2006-01-04 Sick IVP AB Optical profilometer
WO2006101549A2 (en) 2004-12-03 2006-09-28 Whitecell Software, Inc. Secure system for allowing the execution of authorized computer program code
ATE425503T1 (en) * 2004-12-22 2009-03-15 Ericsson Telefon Ab L M WATERMARKING OF A COMPUTER PROGRAM CODE
US7458067B1 (en) * 2005-03-18 2008-11-25 Sun Microsystems, Inc. Method and apparatus for optimizing computer program performance using steered execution
US8225409B2 (en) 2005-03-23 2012-07-17 Belarc, Inc. Security control verification and monitoring subsystem for use in a computer information database system
EP1891560A2 (en) * 2005-04-27 2008-02-27 Avici Systems, Inc. An application specific reconfigurable network processor
US7874001B2 (en) 2005-07-15 2011-01-18 Microsoft Corporation Detecting user-mode rootkits
US8272058B2 (en) 2005-07-29 2012-09-18 Bit 9, Inc. Centralized timed analysis in a network security system
US20070038984A1 (en) * 2005-08-12 2007-02-15 Gschwind Michael K Methods for generating code for an architecture encoding an extended register specification
US7779472B1 (en) 2005-10-11 2010-08-17 Trend Micro, Inc. Application behavior based malware detection
US20070261061A1 (en) 2005-11-26 2007-11-08 Staniford Stuart G System and method of aggregating and consolidating security event data
WO2007117585A2 (en) 2006-04-06 2007-10-18 Smobile Systems Inc. System and method for managing malware protection on mobile devices
US8161464B2 (en) * 2006-04-11 2012-04-17 International Business Machines Corporation Compiling source code
US7937693B2 (en) * 2006-04-26 2011-05-03 9Rays.Net, Inc. System and method for obfuscation of reverse compiled computer code
US8136104B2 (en) * 2006-06-20 2012-03-13 Google Inc. Systems and methods for determining compute kernels for an application in a parallel-processing computer system
US8201159B2 (en) * 2006-08-04 2012-06-12 International Business Machines Corporation Method and apparatus for generating data parallel select operations in a pervasively data parallel system
JP5042315B2 (en) * 2006-10-19 2012-10-03 チェックマークス リミテッド Detect security vulnerabilities in source code
US8046751B1 (en) * 2007-01-11 2011-10-25 The Mathworks, Inc. Structuring unstructured regions in a control flow graph
US8407675B1 (en) * 2007-02-06 2013-03-26 The United States Of America As Represented By The Secretary Of The Navy Extraction of executable code and translation to alternate platform
US8613080B2 (en) 2007-02-16 2013-12-17 Veracode, Inc. Assessment and analysis of software security flaws in virtual machines
US9069967B2 (en) 2007-02-16 2015-06-30 Veracode, Inc. Assessment and analysis of software security flaws
GB2459629A (en) 2007-02-16 2009-11-04 Veracode Inc Assessment and analysis of software security flaws
US20100281248A1 (en) 2007-02-16 2010-11-04 Lockhart Malcolm W Assessment and analysis of software security flaws
US8166465B2 (en) * 2007-04-02 2012-04-24 International Business Machines Corporation Method and system for composing stream processing applications according to a semantic description of a processing goal
US8281290B2 (en) * 2007-06-22 2012-10-02 Alcatel Lucent Software diversity using context-free grammar transformations
US8806619B2 (en) 2007-12-20 2014-08-12 Cybernet Systems Corporation System and methods for detecting software vulnerabilities and malicious code
US8719936B2 (en) 2008-02-01 2014-05-06 Northeastern University VMM-based intrusion detection system
US20100031353A1 (en) 2008-02-04 2010-02-04 Microsoft Corporation Malware Detection Using Code Analysis and Behavior Monitoring
US8930926B2 (en) * 2008-02-08 2015-01-06 Reservoir Labs, Inc. System, methods and apparatus for program optimization for multi-threaded processor architectures
US8572590B2 (en) * 2008-09-17 2013-10-29 Reservoir Labs, Inc. Methods and apparatus for joint parallelism and locality optimization in source code compilation
US8661422B2 (en) * 2008-02-08 2014-02-25 Reservoir Labs, Inc. Methods and apparatus for local memory compaction
US8589897B2 (en) * 2008-08-26 2013-11-19 Apple Inc. System and method for branch extraction obfuscation
US8429637B2 (en) * 2008-09-02 2013-04-23 Apple Inc. System and method for conditional expansion obfuscation
US8127058B1 (en) * 2008-07-29 2012-02-28 Marvell International Ltd. System and method of video decoding using hybrid buffer
US20100058475A1 (en) 2008-08-26 2010-03-04 Nec Laboratories America, Inc. Feedback-guided fuzz testing for learning inputs of coma
US20100058474A1 (en) 2008-08-29 2010-03-04 Avg Technologies Cz, S.R.O. System and method for the detection of malware
US8087067B2 (en) 2008-10-21 2011-12-27 Lookout, Inc. Secure mobile platform system
US8984628B2 (en) 2008-10-21 2015-03-17 Lookout, Inc. System and method for adverse mobile application identification
US8347386B2 (en) 2008-10-21 2013-01-01 Lookout, Inc. System and method for server-coupled malware prevention
US8108933B2 (en) 2008-10-21 2012-01-31 Lookout, Inc. System and method for attack and malware prevention
US9367680B2 (en) 2008-10-21 2016-06-14 Lookout, Inc. System and method for mobile communication device application advisement
US8181251B2 (en) 2008-12-18 2012-05-15 Symantec Corporation Methods and systems for detecting malware
IL197477A0 (en) 2009-03-08 2009-12-24 Univ Ben Gurion System and method for detecting new malicious executables, based on discovering and monitoring of characteristic system call sequences
US8407800B2 (en) * 2009-11-24 2013-03-26 Honeywell International Inc. Method for software vulnerability flow analysis, generation of vulnerability-covering code, and multi-generation of functionally-equivalent code
US8756691B2 (en) 2010-11-10 2014-06-17 Symantec Corporation IP-based blocking of malware
US8832836B2 (en) 2010-12-30 2014-09-09 Verisign, Inc. Systems and methods for malware detection and scanning
US9672355B2 (en) 2011-09-16 2017-06-06 Veracode, Inc. Automated behavioral and static analysis using an instrumented sandbox and machine learning classification for mobile security
US8893973B2 (en) * 2012-04-06 2014-11-25 Wayne Shaffer Coded articles and systems and methods of identification of the same
US8726255B2 (en) * 2012-05-01 2014-05-13 Concurix Corporation Recompiling with generic to specific replacement
US8656378B2 (en) * 2012-11-08 2014-02-18 Concurix Corporation Memoization configuration file consumed at compile time
US9501382B2 (en) * 2013-06-25 2016-11-22 Purdue Research Foundation Systems and methods of detecting power bugs
US9454659B1 (en) * 2014-08-15 2016-09-27 Securisea, Inc. Software vulnerabilities detection system and methods

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5854924A (en) * 1996-08-08 1998-12-29 Globetrotter Software, Inc. Static debugging tool and method

Also Published As

Publication number Publication date
WO2004053647A2 (en) 2004-06-24
AU2003296374A8 (en) 2004-06-30
US20040111713A1 (en) 2004-06-10
US20130152062A1 (en) 2013-06-13
US20060253841A1 (en) 2006-11-09
US9916146B2 (en) 2018-03-13
US7752609B2 (en) 2010-07-06
US20150106795A1 (en) 2015-04-16
US7051322B2 (en) 2006-05-23
US8789027B2 (en) 2014-07-22
US20100306749A1 (en) 2010-12-02
US9286041B2 (en) 2016-03-15
AU2003296374A1 (en) 2004-06-30
US20160274879A1 (en) 2016-09-22
US8365155B2 (en) 2013-01-29

Similar Documents

Publication Publication Date Title
WO2004053647A3 (en) Software analysis framework
AU2009287433B2 (en) System and method for detection of malware
WO2008091372A3 (en) Geospatial modeling system providing non-linear inpainting for voids in geospatial model terrain data and related methods
WO2003021389A3 (en) Method and system for creating, storing and using patient-specific and population-based genomic drug safety data
Lami QuARS: A tool for analyzing requirements
WO2003093945A3 (en) Method and system of optimizing the response and profitability of a marketing program
WO2001059594A3 (en) System and method for assessing the security vulnerability of a network using fuzzy logic rules
WO2007103817A3 (en) Apparatus and method for computer modeling respiratory disease
WO2008133699A3 (en) Geospatial modeling system providing non-linear inpainting for voids in geospatial model frequency domain data and related methods
ATE508443T1 (en) METHOD AND DEVICE FOR MODEL-BASED DETECTION OF A STRUCTURE IN PROJECTION DATA
ATE419586T1 (en) SYSTEMS AND PROCEDURES FOR SECURE TRANSACTION MANAGEMENT AND ELECTRONIC LEGAL PROTECTION
AU2891499A (en) System and method for model mining complex information technology systems
DE60231103D1 (en) Method and device for providing a data set stored in a database
CN103262088A (en) Formal analysis of the quality and conformance of information flow downgraders
CN107968951A (en) The method that Auto-Sensing and shielding are carried out to live video
EA200200433A1 (en) METHOD AND SYSTEM FOR CREATING WITH THE HELP OF THE COMPUTER OF OWN OPERATORS AND A FILE FOR THE DEVICE FOR MODELING A FLOW OF LIQUID IN POROUS MEDIA
Ponsard et al. A goal‐driven approach for the joint deployment of safety and security standards for operators of essential services
CN108959860A (en) Whether a kind of detection android system is cracked and cracks record acquisition methods
WO2005048108A3 (en) System, method, and computer program product for testing program code
Lane Social impact assessment: strategies for improving practice
Maiti Capturing, Eliciting, and Prioritizing (CEP) Non-Functional Requirements Metadata during the Early Stages of Agile Software Development
WO2008031078A3 (en) Method of performing software updates (installations), on networked 32/64-bit microsoft computers in an automated environment without introducing a possible security threat
Person et al. BIOSURVEILLANCE: DHS Should Not Pursue BioWatch Upgrades or Enhancements Until System Capabilities Are Established
Hanna et al. Slede: Framework for automatic verification of sensor network security protocol implementations
Burton et al. Mining PSP data

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): BW GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP