Abstract: The invention relates especially to an electrical connection module for a generator set comprising an alternator connected to a heat engine, formed by at least one sub-set of cylinders, said module comprising a casing housing a printed circuit supporting: electric power supply terminals for said printed circuit; a first connector of an electrical harness allowing, in each sub-set of cylinders, connection of at least one device for measuring and controlling parameters of said sub-set of cylinders to a control module of said sub-set of cylinders; second connectors for electrical protection members of said electrical harness; and a third connector for diagnosing the operating state of each control module.

Abstract: A method may include identifying, by executing an application, an entry point corresponding to a Universal Resource Locator (URL) path, extracting, from the application, an entry point declaration corresponding to the entry point, determining, by performing a static analysis starting at the entry point declaration, that a parameter is accessible by the application, and inferring, by the static analysis, a type of the parameter by analyzing usage of the parameter by the application.

Abstract: A taint report represents a taint flow from a source value at a source program point to a sink value at a sink program point. Candidate watchpoints that correspond to taint-like values similar to the source value may be inferred from an execution trace. Different subsets of candidate watchpoints represent solutions to the problem of determining an optimal subset of watchpoints contributing to a taint flow. Using a hill-climbing heuristic, incremental improvements are efficiently applied to a solution until no more improvements are found. An objective function may determine whether one solution improves another solution. The objective function may be based on validity, understandability, and performance. Validity favors candidate watchpoints that reduce the edit distance between the source and sink values. Understandability favors candidate watchpoints included in a call chain from the source program point to the sink program point. Performance favors small subsets of candidate watchpoints.

Abstract: A method for detecting a deserialization attack may include identifying, in a byte stream, a class name corresponding to a class, generating, for the class, a feature vector, generating, by applying a benign deserialization model to the feature vector, a benign probability window, generating, by applying a malicious deserialization model to the feature vector, a malicious probability window, comparing the benign probability window and the malicious probability window to obtain a comparison result, and determining, based on the comparison result, that the class is malicious.

Abstract: The present technology generally relates to an encapsulation system for delivery of an active agent, the encapsulation system comprising a matrix of microcapsules, wherein a first portion of microcapsules in the matrix of microcapsules has an average diameter of from about 0.1 microns to about 10 microns; a second portion of the microcapsules has an average diameter of from about 10 microns to about 100 microns; and a third portion of the microcapsules has an average diameter of from about 100 microns to about 500 microns; and wherein the active agent is encapsulated in the microcapsules.

Abstract: A method for detecting malicious code may include generating, from deserialization examples, a finite automaton including states. The states may include labeled states corresponding to the deserialization examples. A state may correspond to a path from a start state to the state. The method may further include while traversing the states, generating a state mapping including, for the state, a tracked subset of the states, determining that the path corresponds to a path type, inferring, using the path type and the state mapping, a regular expression for the state, and determining, for a new deserialization example and using the regular expression, a polarity indicating whether it is safe to deserialize the new deserialization example.

Abstract: A method may include extracting, from a document, first content of a first content type and second content of a second content type, deriving first features from the first content and second features from the second content, and generating a first prediction by applying a first supervised model to the first features and a second prediction by applying a second supervised model to the second features. The first supervised model may correspond to the first content type, and the second supervised model may correspond to the second content type. The method may further include combining the first prediction and the second prediction to predict that the document comprises malicious code.

Abstract: A method may include sending, to an entry point of an instrumented web application, a first request including a first value of a parameter. The first value may correspond to a first vulnerability category. The method may further include receiving, from the instrumented web application, first taint analysis results, determining that the first taint analysis results include a sink function corresponding to a second vulnerability category, and sending, to the entry point, a second request including a second value of the parameter. The second value may correspond to the second vulnerability category. The method may further include receiving, from the instrumented web application and in response to sending the second request, second taint analysis results including the sink function, and detecting, in the instrumented web application and using the second taint analysis results, a vulnerability corresponding to the sink function and the second vulnerability category.

Abstract: A taint report represents a taint flow from a source value at a source program point to a sink value at a sink program point. Candidate watchpoints that correspond to taint-like values similar to the source value may be inferred from an execution trace. Different subsets of candidate watchpoints represent solutions to the problem of determining an optimal subset of watchpoints contributing to a taint flow. Using a hill-climbing heuristic, incremental improvements are efficiently applied to a solution until no more improvements are found. An objective function may determine whether one solution improves another solution. The objective function may be based on validity, understandability, and performance. Validity favors candidate watchpoints that reduce the edit distance between the source and sink values. Understandability favors candidate watchpoints included in a call chain from the source program point to the sink program point. Performance favors small subsets of candidate watchpoints.

Abstract: A method may include sending, to an entry point of an instrumented web application, a first request including a first value of a parameter. The first value may correspond to a first vulnerability category. The method may further include receiving, from the instrumented web application, first taint analysis results, determining that the first taint analysis results include a sink function corresponding to a second vulnerability category, and sending, to the entry point, a second request including a second value of the parameter. The second value may correspond to the second vulnerability category. The method may further include receiving, from the instrumented web application and in response to sending the second request, second taint analysis results including the sink function, and detecting, in the instrumented web application and using the second taint analysis results, a vulnerability corresponding to the sink function and the second vulnerability category.

Abstract: A method for buffer overflow detection involves obtaining a program code configured to access memory locations in a loop using a buffer index variable, obtaining an assertion template configured to capture a dependency between the buffer index variable and a loop index variable of the loop in the program code, generating an assertion using the assertion template, verifying that the assertion holds using a k-induction; and determining whether a buffer overflow exists using the assertion.

Abstract: A method may include extracting, from a document, first content of a first content type and second content of a second content type, deriving first features from the first content and second features from the second content, and generating a first prediction by applying a first supervised model to the first features and a second prediction by applying a second supervised model to the second features. The first supervised model may correspond to the first content type, and the second supervised model may correspond to the second content type. The method may further include combining the first prediction and the second prediction to predict that the document comprises malicious code.

Abstract: A method may include identifying, by executing an application, an entry point corresponding to a Universal Resource Locator (URL) path, extracting, from the application, an entry point declaration corresponding to the entry point, determining, by performing a static analysis starting at the entry point declaration, that a parameter is accessible by the application, and inferring, by the static analysis, a type of the parameter by analyzing usage of the parameter by the application.

Abstract: A method may include obtaining, from a runtime system that executes code, a source value at a source point of the code and a sink value at a sink point of the code, identifying a potential taint flow from the source point to the sink point by performing a series of taint inferences that each infer a relationship between the source value and the sink value, and determining whether the potential taint flow is an actual taint flow by performing a series of taint checks that each analyze the execution of the code using the source value and the sink value.

Abstract: A method that involves generating, for source code, a set of nodes for a set of statements comprising a first statement and a second statement, wherein each node of the set of nodes comprises a dataflow fact and a statement of the set of statements; identifying a source node and a sink node of the set of nodes; determining that the source node is backward reachable from the sink node by analyzing an incoming access path; and, in response to the determination, identifying a potential taint flow from the source node to the sink node.

Abstract: The present technology generally relates to an encapsulation system for delivery of an active agent, the encapsulation system comprising a matrix of microcapsules, wherein a first portion of microcapsules in the matrix of microcapsules has an average diameter of from about 0.1 microns to about 10 microns; a second portion of the microcapsules has an average diameter of from about 10 microns to about 100 microns; and a third portion of the microcapsules has an average diameter of from about 100 microns to about 500 microns; and wherein the active agent is encapsulated in the microcapsules.

Abstract: A method for analyzing a document may include obtaining a runtime model for an application used to process the document, extracting, from the document, code blocks each including statements, and generating, using the runtime model, a result including a series of abstract states for each statement of a code block. Each abstract state may include a series of abstract values each corresponding to concrete values. The method may further include determining, using the result and the runtime model, whether the document includes potentially malicious code.

Abstract: A method for buffer overflow detection involves obtaining a program code configured to access memory locations in a loop using a buffer index variable, obtaining an assertion template configured to capture a dependency between the buffer index variable and a loop index variable of the loop in the program code, generating an assertion using the assertion template, verifying that the assertion holds using a k-induction; and determining whether a buffer overflow exists using the assertion.

Abstract: A method that involves generating, for source code, a set of nodes for a set of statements comprising a first statement and a second statement, wherein each node of the set of nodes comprises a dataflow fact and a statement of the set of statements; identifying a source node and a sink node of the set of nodes; determining that the source node is backward reachable from the sink node by analyzing an incoming access path; and, in response to the determination, identifying a potential taint flow from the source node to the sink node.

Abstract: A method for analyzing code may include generating, via a flow-insensitive points-to analysis, initial interest points each corresponding to a statement in the code, generating, via a flow-sensitive points-to analysis, flow tuples and refined interest points by removing a subset of the initial interest points, and constructing a flow graph using the refined interest points. The flow graph may include nodes each corresponding to a statement in the code, and edges corresponding to the flow tuples. The method may further include identifying a trace through the flow graph. The trace may include a node corresponding to an interest point of the refined interest points.