Patents by Inventor Aharon Abadi
Aharon Abadi has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11880470Abstract: A method, computerized apparatus and computer program product, the method comprising: obtaining user code; obtaining an indication of at least one vulnerability, the vulnerability associated with one or more sets comprising at least a first instruction type and a second instruction type; scanning the code using dependency analysis, to obtain for one set: one or more first instructions of the first instruction type, one or more second instructions of the second instruction type, and further instructions associated with entities relevant to the first instruction and the second instruction; eliminating instructions other than the first instruction, the second instruction and one of the further instructions, thereby obtaining a collection of instructions that behaves differently from the user code; and providing the collection of instructions for vulnerability detection.Type: GrantFiled: October 4, 2021Date of Patent: January 23, 2024Assignee: WHITESOURCE LTD.Inventors: Aharon Abadi, Bar Makovitzki, Ron Shemer
-
Publication number: 20230315862Abstract: A method, computerized apparatus and computer program product, the method comprising: obtaining user code; determining whether the code uses a reflection mechanism; subject to the code using reflection mechanism, identifying a reflection-related instruction; identifying at least one possible value for at least one variable affecting execution of the reflection-related instruction; determining code components that comply with the at least one possible value for the at least one literal and are reachable from the reflection-related instruction; and outputting information about the reachable code components.Type: ApplicationFiled: March 30, 2022Publication date: October 5, 2023Inventors: Aharon ABADI, Bar MAKOVITZKI
-
Publication number: 20230229460Abstract: A method, computerized apparatus and computer program product, the method comprising: obtaining user code; using static analysis, determining from the user code a collection of components upon which the user code depends, the collection of components comprising a first component representing a first entity, wherein one or more components of the collection of components is to be loaded dynamically by the user code; determining whether the user code or the first component from the collection of components uses dynamic invocation; subject to the user code or the first component using dynamic invocation, adding a new connection to a second component from the collection of components, the second component representing a second entity that augments an entity reachable from the first entity; and outputting information about the second entity.Type: ApplicationFiled: January 17, 2022Publication date: July 20, 2023Inventors: Aharon ABADI, Ron SHEMER
-
Publication number: 20230107164Abstract: A method, computerized apparatus and computer program product, the method comprising: obtaining user code; obtaining an indication of at least one vulnerability, the vulnerability associated with one or more sets comprising at least a first instruction type and a second instruction type; scanning the code using dependency analysis, to obtain for one set: one or more first instructions of the first instruction type, one or more second instructions of the second instruction type, and further instructions associated with entities relevant to the first instruction and the second instruction; eliminating instructions other than the first instruction, the second instruction and one of the further instructions, thereby obtaining a collection of instructions that behaves differently from the user code; and providing the collection of instructions for vulnerability detection.Type: ApplicationFiled: October 4, 2021Publication date: April 6, 2023Inventors: Aharon ABADI, Bar MAKOVITZKI, Ron SHEMER
-
Patent number: 11288044Abstract: A computer-implemented method, system and computer program product, the method comprising: obtaining a representation of computer code; analyzing the computer code using a first algorithm to obtain a call graph; subject to the call graph not complying with a stopping criteria: analyzing a part of the computer code using a second algorithm to obtain further edges for the at least one second node; and combining the further edges with the call graph, to obtain a second call graph; and outputting the second call graph.Type: GrantFiled: May 20, 2021Date of Patent: March 29, 2022Assignee: WHITESOURCE LTD.Inventors: Aharon Abadi, Bar Makovitzki, Ron Shemer
-
Patent number: 11288063Abstract: A method, apparatus and computer program product, the method comprising: accessing user computer code; automatically extracting a slice from the user computer code indicating usage or usage attempt of source code, the slice comprising a multiplicity of words; subject to a word from the multiplicity of words being combined of at least two words, splitting the word to the at least two words; issuing a query based on at least some of the multiplicity of words and the at least two words, to a source and document database; and receiving in response to the query, at least one source section or document related to usage of the source code.Type: GrantFiled: October 20, 2019Date of Patent: March 29, 2022Assignee: WHITESOURCE LTD.Inventors: Aharon Abadi, Doron Cohen, Rami Sass
-
Patent number: 11210083Abstract: A method, computerized apparatus and computer program product, the method comprising: obtaining code; determining a collection of open source libraries used by the code; for each open source library: determining whether an updated version comprising an update area exists for the library; and subject to the existence of an updated version: subject to the updated area not being reachable from the user code, updating the open source library to the updated version; subject to the updated area being reachable only from a non-updated area of the updated version wherein the non-updated area is reachable from the user code, updating the open source library to the updated version; and subject to the updated area being reachable directly from a part of the user code, notifying a user about the updated version of the open source library and the part of the computer code.Type: GrantFiled: October 15, 2020Date of Patent: December 28, 2021Assignee: WHITESOURCE LTD.Inventors: Aharon Abadi, Doron Cohen, Ram Elron, Anna Rozin Lellouche, Rami Sass, Asaf Savich
-
Patent number: 11210087Abstract: A computer-implemented method, system and computer program product, the method comprising: obtaining computer code; abstracting the computer code to obtain abstracted computer code comprising a plurality of instructions; generating a constraint system, comprising one or more constraints on one or more entities of the abstracted computer code; obtaining a solution to the constraint system, the solution comprising one or more possible types for each entity; and creating a call graph based on the types of the entities.Type: GrantFiled: December 4, 2019Date of Patent: December 28, 2021Assignee: WHITESOURCE LTD.Inventors: Aharon Abadi, Bar Makovitzki, Ron Shemer, Eugen Horovitz
-
Publication number: 20210173639Abstract: A computer-implemented method, system and computer program product, the method comprising: obtaining computer code; abstracting the computer code to obtain abstracted computer code comprising a plurality of instructions; generating a constraint system, comprising one or more constraints on one or more entities of the abstracted computer code; obtaining a solution to the constraint system, the solution comprising one or more possible types for each entity; and creating a call graph based on the types of the entities.Type: ApplicationFiled: December 4, 2019Publication date: June 10, 2021Inventors: Aharon ABADI, Bar MAKOVITZKI, Ron SHEMER, Eugen HOROVITZ
-
Publication number: 20210117185Abstract: A method, apparatus and computer program product, the method comprising: accessing user computer code; automatically extracting a slice from the user computer code indicating usage or usage attempt of source code, the slice comprising a multiplicity of words; subject to a word from the multiplicity of words being combined of at least two words, splitting the word to the at least two words; issuing a query based on at least some of the multiplicity of words and the at least two words, to a source and document database; and receiving in response to the query, at least one source section or document related to usage of the source code.Type: ApplicationFiled: October 20, 2019Publication date: April 22, 2021Inventors: Aharon ABADI, Doron COHEN, Rami SASS
-
Patent number: 10956279Abstract: A document management system including a document manager connected to a document storage, and a backup coordinator connected to the document manager and adapted to: continuously receive a plurality of notifications from the document manager, each including information describing a change in a document stored in the document manager's document storage; and for each notification in the plurality of notifications: select a backup agent from a plurality of backup agents connected to the backup coordinator; send a backup request to the backup agent including the information, for the purpose of updating a copy of the document stored in a backup storage connected to the backup agent; wait for an acknowledgement message from the backup agent; and send another backup request to another backup agent selected from the plurality of backup agents upon a failure to receive the acknowledgement message within an identified amount of time after sending the backup request.Type: GrantFiled: December 4, 2017Date of Patent: March 23, 2021Assignee: International Business Machines CorporationInventors: Aharon Abadi, Roie Melamed, Hisham Yasin, Ashraf Haib
-
Patent number: 10789067Abstract: A method, system and computer program product, the method comprising: obtaining one or more source files to be examined for open source usage; extracting partial representation of a source file from the source files; creating fingerprints from the partial representation; encoding the fingerprints into characteristics; issuing a query to a database for retrieving from an open source and characteristics index one or more open source files associated with the characteristics; receiving a response including the retrieved open source file; checking whether the source file comprises a snippet from the open source file; and subject to the source file comprising the snippet, outputting an identification of the open source file.Type: GrantFiled: November 5, 2018Date of Patent: September 29, 2020Assignee: WHITESOURCE LTD.Inventors: Aharon Abadi, Doron Cohen, Rami Sass
-
Patent number: 10747871Abstract: A system for producing secure data management software, comprising at least one hardware processor adapted to: receive a plurality of data patterns, each comprising at least one data field identifier selected from a set of protected data field identifiers of at least one data repository, at least one output target, and an access instruction; identify in a plurality of computer instructions of the data management software one or more forbidden output instructions by matching one or more reaching definitions of some of the plurality of computer instructions with one or more of the plurality of data patterns; and remove the one or more forbidden output instructions from the plurality of computer instructions.Type: GrantFiled: June 21, 2018Date of Patent: August 18, 2020Assignee: International Business Machines CorporationInventors: Aharon Abadi, Moria Abadi, Roie Melamed, Aidan Shribman
-
Patent number: 10713364Abstract: A method, computerized apparatus and computer program product, the method comprising: obtaining computer code; determining from the computer code a collection of components reachable from the computer code; providing information about the components to a server; identifying by the server using information retrieved from a database, reachable components associated with the collection of components, which have stored vulnerabilities; determining from the computer code and the reachable components that have stored vulnerabilities, a collection of reachable finer resolution components; identifying, further components from the collection of reachable finer resolution components, which have stored vulnerabilities; and outputting information about the further components, wherein the computer code cannot be reconstructed from the information about the collection of components and the information about the finer resolution components.Type: GrantFiled: May 8, 2018Date of Patent: July 14, 2020Assignee: WHITESOURCE LTD.Inventors: Aharon Abadi, Doron Cohen, David Habusha, Ron Rymon, Rami Sass
-
Publication number: 20200142972Abstract: A computer-implemented method, system and computer program product, the method comprising: obtaining a multiplicity of files; dividing the multiplicity of files into disjoint file subsets, such that all files in each file subset from the disjoint file sets are contained in a different combination of repository and repository tag, comprising: searching for repository tag and repository combinations in which each file is contained; and selecting a subset of the repository tag and repository combinations which contain all files, such that one or more repository and repository tag combinations containing a collection of files is selected over one or more other repository and repository tag combinations containing the collection of files, in accordance with one or more value indications associated with each repository and repository tag combination; and outputting the repository and repository tag combination for each of the file subsets.Type: ApplicationFiled: November 5, 2018Publication date: May 7, 2020Inventors: Aharon ABADI, Doron COHEN, Ofir BECKER
-
Publication number: 20200142692Abstract: A method, system and computer program product, the method comprising: obtaining one or more source files to be examined for open source usage; extracting partial representation of a source file from the source files; creating fingerprints from the partial representation; encoding the fingerprints into characteristics; issuing a query to a database for retrieving from an open source and characteristics index one or more open source files associated with the characteristics; receiving a response including the retrieved open source file; checking whether the source file comprises a snippet from the open source file; and subject to the source file comprising the snippet, outputting an identification of the open source file.Type: ApplicationFiled: November 5, 2018Publication date: May 7, 2020Inventors: Aharon ABADI, Doron COHEN, Rami SASS
-
Patent number: 10560356Abstract: A computer implemented method of assuring correctness of data updated at a remote server and used by a local application, comprising one or more processors at a client terminal adapted to receive from a remote server updated values for a plurality of data items associated with a dataset required for execution of an application executed by the processor(s) where the dataset defines a close relation among the plurality of associated data items, determine whether the reception includes updated values for all of the associated data items, retrieve automatically from a local memory resource, previous values for all of the associated data items in case the updated value is missing for at least one of the associated data items and provide to the application the updated values or the previous values according to the determination.Type: GrantFiled: July 14, 2016Date of Patent: February 11, 2020Assignee: International Business Machines CorporationInventors: Aharon Abadi, Dmitri Pikus
-
Publication number: 20190392133Abstract: A system for producing secure data management software, comprising at least one hardware processor adapted to: receive a plurality of data patterns, each comprising at least one data field identifier selected from a set of protected data field identifiers of at least one data repository, at least one output target, and an access instruction; identify in a plurality of computer instructions of the data management software one or more forbidden output instructions by matching one or more reaching definitions of some of the plurality of computer instructions with one or more of the plurality of data patterns; and remove the one or more forbidden output instructions from the plurality of computer instructions.Type: ApplicationFiled: June 21, 2018Publication date: December 26, 2019Inventors: Aharon Abadi, Moria Abadi, Roie Melamed, Aidan Shribman
-
Patent number: 10509634Abstract: According to some embodiments of the present invention there is provided a method for identifying control dependencies between a source code and selected paths though the source code comprising: receiving an source code having a plurality of application functionalities, calculating a control graph dataset mapping a plurality of code segments of the source code into a plurality of source code execution paths, defining at least one control dependency from at least one source code execution path to the source code, receiving a subgroup defining a plurality of selected application functionalities from the plurality of application functionalities, identifying at least one of the plurality of source code execution paths that covers suitable code segments of the plurality of code segments which are required for performing application functionalities from the subset, and identifying at least one control dependency to eliminate within the one identified source code execution path.Type: GrantFiled: March 30, 2016Date of Patent: December 17, 2019Assignee: International Business Machines CorporationInventors: Aharon Abadi, Idan Ben-Harrush, Shmuel Kallner, Oleg Sternberg
-
Publication number: 20190347422Abstract: A method, computerized apparatus and computer program product, the method comprising: obtaining computer code; determining from the computer code a collection of components reachable from the computer code; providing information about the components to a server; identifying by the server using information retrieved from a database, reachable components associated with the collection of components, which have stored vulnerabilities; determining from the computer code and the reachable components that have stored vulnerabilities, a collection of reachable finer resolution components; identifying, further components from the collection of reachable finer resolution components, which have stored vulnerabilities; and outputting information about the further components, wherein the computer code cannot be reconstructed from the information about the collection of components and the information about the finer resolution components.Type: ApplicationFiled: May 8, 2018Publication date: November 14, 2019Inventors: Aharon ABADI, Doron COHEN, David HABUSHA, Ron RYMON, Rami SASS