Abstract: A system and apparatus for enhancing the functionality and utility of an authentication process for web applications is disclosed.

Abstract: A novel compiler is described. The compiler is able to view source code of the application in its entirety and can do so from the inside. Unlike other tools which examine the forensic data from an application crash after the fact, from the outside, the compiler of the present invention can provide novel data on function call stacks and function profiles during runtime. The application may be stopped immediately during runtime to prevent further or potential damage, but the forensic data that is collected is focused and can be used to show where vulnerabilities exists in the application and how they were exploited. Hashes are taken of function call stacks and used as unique identifiers or thumbprints which can be used to reduce the volume of forensic data that needs to be analyzed after an attack.

Abstract: The design for modern graphical interfaces generated by an application under test (AUT) can take many forms. A codeless testing system reads the output generated by the AUT to identify components, however, scroll bars may be present but in a form that is not reliably identified. As a result, an AUT may comprise scrollable graphical elements that are not identified as such resulting in the performance of tests that are incomplete. By applying a middle button click event, an associated pointer changes form and reveals an associated graphical element to comprise a scrollable element. When the pointer change occurs, testing directed to the scrollable element is then included to perform a more complete testing of the features of the AUT.

Abstract: A method of generating a core dump in a User Equipment (UE) may include detecting, using at least one processor, a trigger, the trigger including an instruction to generate a core dump of the UE. The method may further include classifying, using the at least one processor, data stored in memory of the UE as Read-Write (RW) data or Read Only (RO) data. The method may further include generating, using the at least one processor, a partial core dump based on the RW data of the memory.

Abstract: An error incident is determined to have occurred on an electronic device. Responsive to the error incident, a remote error logging system is queried for reports of the error incident by one or more additional electronic devices. The error incident is determined to have or have not been reported by the one or more additional electronic devices. A report of the error incident is transmitted to the remote error logging system based on the determination. An adjustment to the electronic device is applied to resolve the error incident. The adjustment is, for example, an amendment to the behavior of a component of the electronic device where the error incident occurred.

Abstract: The disclosed technology provides resource locators keyed to resource names with failover alternate resource locators keyed to resource positions on user interfaces in a test environment: providing a central repository for resource locators and storing a set of alternative locator expressions for a resource in the central repository. The set includes first resource locators keyed to resource names on UIs and respective second resource locators keyed to resource positions on UIs that can be evaluated when the resource name in the respective first resource locator is invalid. The method invokes a resource location navigator to locate a particular resource using a first resource locator keyed to a resource name on the user interface, automatically invoking the resource location navigator using the second resource locator keyed to the resource position after failure of locating the particular resource using the resource name, and accessing the particular resource using the second resource locator.

Abstract: Disclosed herein are system, method, and computer program product embodiments for a processor health monitoring system. An embodiment operates by determining that a plurality of messages are transmitted to both a primary processor and a recovery processor. A functional health of the primary processor is monitored based on one or more metrics, and a failure event is detected at the primary processor based on the one or more metrics. A timestamp of a first message of the plurality of messages is identified, the first message having been successfully processed by the primary processor prior to the failure event. The timestamp of the first message is provided to the recovery processor, wherein the recovery processor is configured to actively process the plurality of messages from the timestamp of the first message. The primary processor is deactivated.

Abstract: Intelligent collection and analysis of in-app failure data is disclosed herein. Upon an application failure in a client device, the client device may collect failure information uniquely identifying a specific failure and provide the failure information to an analysis system. The analysis system may identify a specific failure that identifies the application and a specific portion of the code in the application, based on the failure information and match an action correlated to the specific failure where the action is uniquely designed to resolve the specific failure in the application. The action may include instructions for the client device used to intelligently lead to a resolution of the specific failure. The analysis system may transmit the action to the client device to perform the action and provide any follow up information to the analysis server. The analysis server may use the information to further analyze the specific failure.

Abstract: Input data for an operating system command of an automation process is received. The operating system command is generated based on the received input data. The generated operating system command is parsed to identify one or more metrics. The identified one or more metrics are automatically evaluated to determine a security risk associated with the generated operating system command.

Abstract: Embodiments provide for automated testing of an Application Under Test (AUT) that utilizes an infinite scroll element. Automated testing of the AUT can comprise executing one or more test scripts on the AUT which can present a user interface including a plurality of elements and the test scripts can perform one or more functional tests on the AUT through the plurality of elements of the user interface. During performance of the one or more functional tests, a scroll event associated with an element of the user interface can be detected and a determination can be made as to whether the element associated with the scroll event is an infinite scroll element. In response to determining the element is an infinite scroll element, a set of test results for the functional test can be recorded including results for the infinite scroll element and an interaction with the infinite scroll element.

Abstract: An automated testing method and apparatus relate to the technical field of software test. The automated testing method includes: configuring a common Software Development Kit (SDK) interface and a Basic SDK model, and receiving a to-be-tested script comprising control information data and an operation type by using the SDK interface; performing a standardization process on the control information data using the SDK basic model to obtain a standard data structure; and running the to-be-tested script according to the operation type, and positioning a to-be-tested control in the to-be-tested script according to the standard data structure.

Abstract: In some examples, a system receives information traffic communicated over a network by or with a system under test (SUT), and analyzes the information traffic to identify a potential attack point in the SUT and a technology used by the SUT. The system determines a collection of penetration tests for testing a stack comprising a plurality of layers associated with the SUT based on the identified potential attack point and the identified technology, and further based on a dynamic knowledge base that includes information relating to vulnerabilities and threats.

Abstract: Identifying and evaluating exploitability of software vulnerabilities is provided. A vulnerability identified and a level of exploitability of the vulnerability corresponding to a software package is evaluated prior to installation of the software package on a data processing system based on data collected from a plurality of software vulnerability data sources. Related alternative software packages corresponding to the software package to be installed on the data processing system are identified based on a comparative analysis between alternative software packages and the software package. A confidence level is determined for each respective related alternative software package for resolving the level of exploitability. The related alternative software packages are ranked from least to most vulnerable based on a calculated exploitability score corresponding to each respective related alternative software package.

Abstract: Techniques regarding mitigating bias in one or more machine learning models are provided. For example, one or more embodiments described herein can comprise a system, which can comprise a memory that can store computer executable components. The system can also comprise a processor, operably coupled to the memory, and that can execute the computer executable components stored in the memory. The computer executable components can comprise a model component that can evaluate a machine learning model at a plurality of threshold settings to generate a sample set and can define a relationship between a fairness metric and a utility metric of the machine learning model based on the sample set.

Abstract: This application relates to a computing system and method for an automated program error repair. In one aspect, the computing system includes a storage, a preprocessing processor, and an automated error repair processor. The storage stores a program code. The preprocessing processor acquires the program code from the storage and preprocesses the program code. Preprocessing includes tokenizing the program code with tokens, converting the tokens into vectors, and adding location information for the tokens. The automated error repair processor receives the preprocessed program code as an input from the preprocessing processor, detects an error in the preprocessed program code, corrects the detected error, and outputs the error-corrected program code. Detecting and correcting the error are performed based on a deep learning result and the location information for the tokens.

Abstract: A website vulnerability test is performed by automatically checking that a website has not been compromised by malicious third party scripts. A system can test a dynamic behavior of a website that indicates a functional user flow through the website. Instead of merely analyzing static code of a website, the system automatically tests the website in their runtime environments for the presence of malicious third party scripts.

Abstract: A system can monitor applications and analyze the metrics to determine if one or more of the applications are regressing or performing as expected. The metric analysis includes performing a first short term data analysis and, if data is not as expected, a second short term analysis based on machine learning-based pattern recognition machines. If the short-term analysis finds the metrics aren't as expected, a long-term analysis is performed. The long-term analysis can compare chunks of streaming metric data to cached metric blocks and historical data, and can include a concept drift analysis.

Abstract: A crash analysis system for identifying the cause of application crashes. The crash analysis system generates mapped stack traces that combine code version history data with logging information. The mapped stack traces are used to identify the causal stack frame which includes the function that caused the application crash. The crash analysis system also identifies the author of the function that caused the application crash and distributes a notification to the author that prompts the author to develop a fix that resolves the application crash.

Abstract: A method for testing a software component implemented in a host system on the basis of one or more test campaigns, a test campaign includes computer test cases and being associated with input test data. The method comprises the steps of: executing the computer test cases of each test campaign for an operating time of the software component, which provides output test data associated with each test campaign; determining a reference operating model and a data partition on the basis of the input and output test data associated with each test campaign; running the software component using input production run data, which provides output production run data; determining an operating characteristic of the software component on the basis of the reference operating models according to a comparison between the input and output production run data and the data from the data partitions associated with the one or more test campaigns.

Abstract: A method of testing an operations support system (OSS). The method comprises receiving an input by a test tool executing on a computer system from a user interface of the test tool selecting an OSS application to test, querying the data store by the test tool for test system configuration information associated with the selected OSS application, automatically generating test case OSS input data by the test tool, testing a plurality of different user interface screens of the OSS by the test tool based on the test system configuration information associated with the selected OSS application and based on the automatically generated test case OSS input data, capturing screen shots of test results presented in the user interface screens of the OSS by the test tool, and storing the screen shots of test results in a test results data store.

Abstract: A method for network deployment is disclosed. The method includes receiving, from a user by a centralized system, a plurality of completed task detail forms, retrieving, by the centralized system and from the plurality of completed task detail forms, deployment task descriptions of a plurality of network devices, generating, by the centralized system and based on the deployment task descriptions, an engineering design package comprising a specification and associated configuration and connectivity information of each of the plurality of network devices, and deploying, based on the engineering design package, the plurality of network devices.

Abstract: Methods, non-transitory computer readable media, audit management apparatuses, and audit management systems that execute an automated test script comprising a plurality of script instructions corresponding to one or more step changes or one or more action changes performed with respect to a web site. A snapshot of at least a portion of a web page of the web site is generated for each of the step changes and each of the action changes. One or more semantic attributes are obtained and associated with each of the snapshots. One or more rules are applied to the semantic attributes to generate one or more issues associated with each of the snapshots. A selection of one of the step changes or one of the action changes is received. A subset of the issues and one of the snapshots corresponding to the selected step change or action change are output to a display device.

Abstract: Determining interactions between scripts and elements of a markup language document includes loading a markup language document into a browser. The markup language document includes a plurality of markup language elements. A call from within the markup language document to a method specified by a script is detected. The markup language element of the plurality of markup language elements that is modified by execution of the method is determined using the processor. Log data is stored that includes a name of the modified markup language element in association with a name of the method.

Abstract: Methods, systems and computer program products for clustering simulation failures are provided. Aspects include receiving simulation data comprising a plurality of simulation failure files, generating a token for each simulation failure file of the plurality of simulation failure files, determining a token score for each token for each simulation failure file of the plurality simulation failure files, normalizing each token score for each token in the plurality of simulation failure files utilizing a weighting scheme to create a normalized token score for each token, determining a set of groups for the plurality of simulation failure files, and assigning one or more simulation failure files from the plurality of simulation failure files into a group in the set of groups based at least in part on normalized token score.

Abstract: There is provided a computer implemented method of vaccination of a computing device against infection by malicious code, comprising: obtaining a vaccination profile including vaccination artifact system calls indicative of a malicious code attempting to identify another instance of the malicious code executing on the computing device prior to the malicious code infecting the computing device, monitoring the computing device for an indication of execution of at least one of the vaccination artifact system calls by the malicious code, and providing a false response to the at least one of the vaccination artifact system calls for emulating an existing infection of the computing device by another instance of the malicious code according to the indication of execution of at least one of the plurality of vaccination artifact system calls, wherein the emulation of the existing infection prevents infection of the computing device by the malicious code.

Abstract: Techniques for automatically generating a target software object herein include accessing an initial version of a candidate software object that does not satisfy one or more functional requirements; mutating executable binary object code of the initial version of the candidate software object to generate a first intermediate version; testing the first intermediate version to determine whether the first intermediate version satisfies at least one of the one or more functional requirements by executing the first intermediate version and a set of automated tests; and continuing to mutate and test the candidate software object through successive intermediate versions of the candidate software object until a version of the candidate software object satisfies all of the one or more functional requirements, wherein each successive intermediate version of the candidate software satisfies at least one functional requirement not satisfied by preceding versions of the candidate software object.

Abstract: Systems and methods for modifying for extracting assets from a target program. The systems and methods may include or be configured to locate function calls and properties of classes within a DLL associated with the target program, modify the DLL by inserting a redirector function in the DLL to redirect the function to a communication assembly module, insert the communication assembly module into a location accessible to the DLL, parse the DLL associated with the target program for opcodes used by the redacted functions, and modify the communication assembly modules to receive the opcode and associated parameters and to pass the opcode and associated parameters to a target source engine assembly.

Abstract: Methods and systems are presented for automatically configuring a staging environment to facilitate testing of online use-case scenarios for an online service provider. In response to receiving a request to test an online use-case scenario, a user account configuration may be derived from the use-case scenario. Account data for creating a user account is generated based on the user account configuration. The account data is inserted into a database of the staging environment to create the user account within the staging environment. A workflow associated with the online use-case scenario is automatically performed based on the newly generated user account in the staging environment. One or more defects observed while performing the workflow is reported to a user.

Abstract: Determining interactions between scripts and elements of a markup language document includes loading a markup language document into a browser. The markup language document includes a plurality of markup language elements. A call from within the markup language document to a method specified by a script is detected. The markup language element of the plurality of markup language elements that is modified by execution of the method is determined using the processor. Log data is stored that includes a name of the modified markup language element in association with a name of the method.

Abstract: An apparatus comprises a processing device configured to monitor traffic associated with a production application in a production environment of a software development platform, to generate software testing plans based on the monitored traffic, to identify software code to be tested for an updated version of the production application, and to select one or more of the software testing plans for testing the identified software code in a staging environment prior to integration testing in an integration testing environment of the software development platform. The processing device is also configured to perform the selected software testing plans on the identified software code in the staging environment, and to deploy the identified software code in the updated version of the production application in the integration testing environment based at on results of performing the selected software plans on the identified software code in the staging.

Abstract: A processor is configured to record a replay-able trace of execution of an execution entity. Based on detection of a cache miss during the execution of the execution entity, the processor records an influx of data imported into a processor cache in response to the cache miss, and sets a hardware bit on a cache line of the processor cache storing the influx of data. The hardware bit indicates that the cache line has been recorded into a trace. In addition, the processor records by recording at least one side effect of the access by the execution entity to the model-specific register.

Abstract: A method, apparatus and computer-readable medium for testing a target device. A fuzzer and a monitor are connected to the target device via a tactical bus. The fuzzer records messages sent from a source device to the target device over the tactical bus, creates a first fuzzed message having a data structure of the recorded message, and sends the first fuzzed message to the target device over the tactical bus. A fuzzer monitor monitors the target device for an anomalous response to the first fuzzed message, and determines a vulnerability of the target device from the response to the first fuzzed message.

Abstract: Methods, systems, apparatuses, and computer program products are provided for validating a graphical user interface (GUI). An application comprising the GUI may be executed. A test script may also be executed that is configured to interact with the GUI of the application. Images representing the GUI of the application may be captured at different points in time, such as different interaction points. For each image, a set of tags that identify expected objects may be associated with the image. A model may be applied that classifies one or more graphical objects identified in each image. Based on the associated set of tags and the classification of the graphical objects in the image, each image may be validated, thereby enabling the validation of the GUI of the application.

Abstract: Methods and systems for improved test execution and log file tracking are presented. In one embodiment, a method includes receiving a log file, which may be associated with a test. An original logging position of the log file may be stored and the test may be executed. Executing the test may cause logging information to be appended to the original logging position at the original logging position. An output file corresponding to the log file may be created and the original logging position within the log file may be located. A portion of the log file may then be copied to the output file starting at the original logging position.

Abstract: Methods and systems are disclosed for logging trace data generated by executing program code at an instruction level. In aspects, high volumes of trace data are generated during certain time periods, e.g., immediately following a start of the tracing. Processors operating at normal speeds are often unable to log such high volumes of trace data. The issue of such high volumes of trace data may be addressed by selectively and dynamically controlling logging of outstanding trace data. For example, a rate of generating the trace may be reduced by slowing processor speeds, logging of outstanding trace data may be suspended for a period, and logging of non-urgent trace data may be selectively delayed.

Abstract: Systems, methods, and devices for creating test and testing a plurality of touchscreen devices are described. The methods comprise creating a test script by recording the touch events performed on a touchscreen device by a technician. The method of recording touch events for later use as a test script is faster and requires less programming knowledge, compared to manually writing a test script. This is beneficial if a new test script is needed quickly because a technician can perform a desired touch sequence on a device recording the sequence and then distribute the recorded sequence to be played on a plurality of devices to be tested. The recorded sequence may include a plurality of sequential touch events. Additionally, the recorded sequence may include conditional statements used to determining the timing of simulating one of the touch events in the sequence.

Abstract: A method for collecting diagnostic information associated with an error is disclosed. In one embodiment, such a method includes detecting an error condition associated with mirroring data from a primary volume to a secondary volume. In response to detecting the error condition, the method modifies various diagnostic parameters to improve collection of diagnostic information. The method then immediately re-drives the data from the primary volume to the secondary volume. This will ideally recreate the error. Upon recreating the error, the method captures diagnostic information associated with the error in accordance with the modified diagnostic parameters. A corresponding system and computer program product are also disclosed.

Abstract: A method, performed by a computing system deployed in a server environment, comprises receiving, from a client computing device that is remote from the server environment, a problem scenario identifier that identifies a problem scenario indicative of a problem associated with the client computing device, identifying a problem-specific diagnostic analyzer, that is specific to the problem associated with the client computing device, based on mapping information that maps the problem scenario to the problem-specific diagnostic analyzer, running the problem-specific diagnostic analyzer to obtain problem-specific diagnostic data that is specific to the problem associated with the client computing device, the problem-specific diagnostic data including first data associated with the client computing device and second data associated with the server environment, identifying a suggested recovery action based on the problem-specific diagnostic data, and communicating the suggested recovery action to the client computin

Abstract: According to certain aspects of the disclosure, non-transitory computer readable media, systems and methods are disclosed for creating and executing test scenarios for automated testing of web pages. A computer system, for example, may perform operations including: recording one or more actions performed by a user on a web page, the one or more actions resulting in a web page element being displayed in the web browser application, recording an identifier of the web page element, in response to detecting a user input indicating a selection of the web page element, and recording a characteristic of the web page element; and generating, by the testing extension, a test scenario specifying a testable outcome resulting from the one or more actions, the testable outcome being an occurrence of an element having the identifier and the characteristic.

Abstract: In capturing software element state changes during software application runtime, a computing device executes a software application that a set of software sensors integrated within executable code of the software application. The software sensors correspond to software elements in the software application. During runtime, a given software sensor corresponding to a given software element continuously determines whether the given software element changes state. In response to a change in state, the given software sensor captures and stores the current state of the given software element. An application control module associated with the software application obtains state data stored by the software sensors. The application control module determines commands for modifying a behavior of the software application based on an analysis of the state data and executes the commands.

Abstract: Apparatus and methods for an intelligent audit engine are provided. Product development artifacts may be associated with artifact tags and stored in an artifact repository. The audit engine may retrieve an artifact for audit. The audit engine may identify a set of development guidelines in a rule repository based on their artifact tags. The audit engine may determine whether the development guidelines have been satisfied based on stored product testing data. A failed development guideline may initiate a workflow that includes notification of a project stakeholder regarding the failure. The notification may include remediation measures to be taken by the stakeholder. The validation process may iterate until all guidelines have passed validation. A machine-learning algorithm may prioritize a development guideline for future audits to increase efficiency. The machine learning algorithm may educate stakeholders to reduce audit failures.

Abstract: Methods and systems are described for determining an image resource allocation for displaying content within a display area. An image or data capture device associated with a display device may capture an image of a space associated with the user or capture data related to other objects in the space. The viewing distance between the user and the display area (e.g., the display device) may be monitored and processed to determine and/or adjust the image resource allocation for content displayed within the display area. User movement, including eye movement, may also be monitored and processed to determine and/or adjust the image resource allocation for content displayed within the display area.

Abstract: Described are techniques to enable computers to efficiently determine if they should run a program based on an immediate (i.e., real-time, etc.) analysis of the program. Such an approach leverages highly trained ensemble machine learning algorithms to create a real-time discernment on a combination of static and dynamic features collected from the program, the computer's current environment, and external factors. Related apparatus, systems, techniques and articles are also described.

Abstract: A method for data analysis of a backup system, including interrogating a plurality of computer systems to generate for each computer system at least one dump file, each dump file including configuration and state information; extracting predetermined configuration and state information from the respective dump files; and storing the extracted configuration and state information in a database in a normalized format.

Abstract: Addressability of instructions and the addressing of data ranges are extended. One or more operands obtained from fields explicitly specified by an instruction are overridden (i.e., ignored), and instead, an address based on the instruction (e.g., an instruction address) is substituted for the one or more operands. This provides an address having more bits than allowed by the operand being overridden, thereby extending addressability of the instruction and extended data range addressing. Further, in one aspect, additional bits may be added to one or more immediate fields of the instruction, thereby extending addressability of the instructions and extending data range addressing.

Abstract: Addressability of instructions and the addressing of data ranges are extended. One or more operands obtained from fields explicitly specified by an instruction are overridden (i.e., ignored), and instead, an address based on the instruction (e.g., an instruction address) is substituted for the one or more operands. This provides an address having more bits than allowed by the operand being overridden, thereby extending addressability of the instruction and extended data range addressing. Further, in one aspect, additional bits may be added to one or more immediate fields of the instruction, thereby extending addressability of the instructions and extending data range addressing.

Abstract: A computer-implemented consolidation method is provided for identifying software vulnerability anomalies in a source code. This method includes providing a plurality of diagnostic tools; receiving the source code; selecting a subset plurality of tools; scanning the source code by the subset plurality for the anomalies to produce a diagnostic output; sorting the output by removing anomaly duplicates into a report; and saving the report into memory. Each tool among the plurality is able to detect the anomalies in software.

Abstract: A system and method for utilizing metadata of a client computer in form of transactions and/or software operations (e.g., actions) in an enterprise system hosted by a host entity, such as in a cloud environment for testing the software operations is disclosed. The host entity stores metadata (e.g., response time, delay, processing time, usage) about the transactions in a database for the client computer system's actions. The host entity then uses the stored metadata to automatically generate a test script based on actual user interactions with the software operations of the enterprise resource planning system for specific data range and environment in order to test functionality of a plurality of software operations in the enterprise resource planning systems being operated by users of the client computers.

Abstract: An approach is provided for collecting data for diagnosing a failure of a computer hardware device. An address translation table of a central processing unit (CPU) of the device is collected. A format of call stack frames of an operating system (OS) image of the device is retrieved. The call stack frames are retrieved and outputted to a computer file. A second address translation table of the CPU is collected. A second format of second call stack frames is retrieved. The OS image and the second OS image are of different types but have common anchor structures. The format of the call stack frames is different from the second format. Based on the second address translation table and the second format, the second call stack frames are retrieved and outputted to the computer file. A diagnosis of the failure is received based on the computer file.

Abstract: A method and apparatus are disclosed for identifying malicious software in the technical field of computers. The method includes: obtaining, according to a source code of to-be-detected software, a function call diagram of the software; generating a feature sequence of the software according to the function call diagram, the feature sequence including an eigenvalue of at least one feature, the feature being a function in a preset function library, and the eigenvalue of the feature being a quantity of times of calling of the function by the software; and identifying whether the software is malicious software according to the feature sequence and a random forest, the random forest including at least one decision tree, and the decision tree including reference eigenvalues of multiple features. The apparatus includes: an obtaining module, a generation module, and an identification module. The present disclosure may improve identification accuracy.