Patents Assigned to Lucent Sky Corporation
-
Publication number: 20220060501Abstract: A method, a system, and a computer program product for training a model for automatically evaluating a generated vulnerability remediation in a source code of an application are provided. The method includes the following steps. Training input data is obtained, where the training input data includes input features, and each of the input features includes a training vulnerability and a training remediation of the training vulnerability. Training output data is obtained, where the training output data includes output predictions, and each of the output predictions includes a training validation associated with the training vulnerability and the training remediation of the corresponding input feature. The model is trained based on the training input data and the training output data.Type: ApplicationFiled: November 4, 2021Publication date: February 24, 2022Applicant: Lucent Sky CorporationInventors: Jim Liu, Yi-Chia Huang
-
Patent number: 11201894Abstract: A method, a system, and a computer program product for automatically mitigating vulnerabilities in a source code of an application are provided. The method includes the following steps. First, a path graph is built according to the source code, where the path graph includes multiple paths, and each of the paths includes multiple nodes. Multiple tainted paths are identified, where each of the tainted paths corresponds to a vulnerability. A same target node in multiple intersecting tainted paths among the tainted paths is located based on an existence of a tainted object, and multiple vulnerabilities in the target node are mitigated automatically.Type: GrantFiled: March 16, 2020Date of Patent: December 14, 2021Assignee: Lucent Sky CorporationInventors: Jim Liu, Yi-Chia Huang
-
Publication number: 20200220894Abstract: A method, a system, and a computer program product for automatically mitigating vulnerabilities in a source code of an application are provided. The method includes the following steps. First, a path graph is built according to the source code, where the path graph includes multiple paths, and each of the paths includes multiple nodes. Multiple tainted paths are identified, where each of the tainted paths corresponds to a vulnerability. A same target node in multiple intersecting tainted paths among the tainted paths is located based on an existence of a tainted object, and multiple vulnerabilities in the target node are mitigated automatically.Type: ApplicationFiled: March 16, 2020Publication date: July 9, 2020Applicant: Lucent Sky CorporationInventors: Jim Liu, Yi-Chia Huang
-
Patent number: 10630714Abstract: A method for automatically mitigating vulnerabilities in a source code of an application is provided in the present invention. The method includes the following steps. First, the source code is complied, and a path graph is built according to the compiled source code. The path graph includes a plurality of paths traversing from sources to sinks, and each of the paths includes a plurality of nodes. Then, at least one tainted path is identified by enabling a plurality of vulnerability rules. Each of the at least one tainted path corresponds to a vulnerability, and each of the at least one vulnerability corresponds to a sanitization method. Then, the at least one vulnerability is determined if it is mitigable. If the at least one vulnerability is mitigable, the at least one vulnerability is mitigated automatically. Furthermore, the method may be implemented as a system and a computer program product.Type: GrantFiled: July 5, 2018Date of Patent: April 21, 2020Assignee: Lucent Sky CorporationInventors: Jim Liu, Yi-Chia Huang
-
Publication number: 20180316715Abstract: A method for automatically mitigating vulnerabilities in a source code of an application is provided in the present invention. The method includes the following steps. First, the source code is complied, and a path graph is built according to the compiled source code. The path graph includes a plurality of paths traversing from sources to sinks, and each of the paths includes a plurality of nodes. Then, at least one tainted path is identified by enabling a plurality of vulnerability rules. Each of the at least one tainted path corresponds to a vulnerability, and each of the at least one vulnerability corresponds to a sanitization method. Then, the at least one vulnerability is determined if it is mitigable. If the at least one vulnerability is mitigable, the at least one vulnerability is mitigated automatically. Furthermore, the method may be implemented as a system and a computer program product.Type: ApplicationFiled: July 5, 2018Publication date: November 1, 2018Applicant: Lucent Sky CorporationInventors: Jim Liu, Yi-Chia Huang
-
Patent number: 10044747Abstract: A method for automatically mitigating vulnerabilities in a source code of an application is provided in the present invention. The method includes the following steps. First, the source code is complied, and a path graph is built according to the compiled source code. The path graph includes a plurality of paths traversing from sources to sinks, and each of the paths includes a plurality of nodes. Then, at least one tainted path is identified by enabling a plurality of vulnerability rules. Each of the at least one tainted path corresponds to a vulnerability, and each of the at least one vulnerability corresponds to a sanitization method. Then, the at least one vulnerability is determined if it is mitigable. If the at least one vulnerability is mitigable, the at least one vulnerability is mitigated automatically. Furthermore, the method may be implemented as a system and a computer program product.Type: GrantFiled: March 22, 2017Date of Patent: August 7, 2018Assignee: Lucent Sky CorporationInventor: Jim Liu
-
Publication number: 20170195361Abstract: A method for automatically mitigating vulnerabilities in a source code of an application is provided in the present invention. The method includes the following steps. First, the source code is complied, and a path graph is built according to the compiled source code. The path graph includes a plurality of paths traversing from sources to sinks, and each of the paths includes a plurality of nodes. Then, at least one tainted path is identified by enabling a plurality of vulnerability rules. Each of the at least one tainted path corresponds to a vulnerability, and each of the at least one vulnerability corresponds to a sanitization method. Then, the at least one vulnerability is determined if it is mitigable. If the at least one vulnerability is mitigable, the at least one vulnerability is mitigated automatically. Furthermore, the method may be implemented as a system and a computer program product.Type: ApplicationFiled: March 22, 2017Publication date: July 6, 2017Applicant: Lucent Sky CorporationInventor: Jim Liu
-
Patent number: 9639703Abstract: A method for automatically mitigating vulnerabilities in a source code of an application is provided in the present invention. The method includes the following steps. First, the source code is complied, and a path graph is built according to the compiled source code. The path graph includes a plurality of paths traversing from sources to sinks, and each of the paths includes a plurality of nodes. Then, at least one tainted path is identified by enabling a plurality of vulnerability rules. Each of the at least one tainted path corresponds to a vulnerability, and each of the at least one vulnerability corresponds to a sanitization method. Then, the at least one vulnerability is determined if it is mitigable. If the at least one vulnerability is mitigable, the at least one vulnerability is mitigated automatically. Furthermore, the method may be implemented as a system and a computer program product.Type: GrantFiled: September 4, 2015Date of Patent: May 2, 2017Assignee: Lucent Sky CorporationInventor: Jim Liu
-
Patent number: 9158922Abstract: A method for automatically mitigating vulnerabilities in a source code of an application is provided in the present invention. The method includes the following steps. First, the source code is complied, and a path graph is built according to the compiled source code. The path graph includes a plurality of paths traversing from sources to sinks, and each of the paths includes a plurality of nodes. Then, at least one tainted path is identified by enabling a plurality of vulnerability rules. Each of the at least one tainted path corresponds to a vulnerability, and each of the at least one vulnerability corresponds to a sanitization method. Then, the at least one vulnerability is determined if it is mitigable. If the at least one vulnerability is mitigable, the at least one vulnerability is mitigated automatically. Furthermore, the method may be implemented as a system and a computer program product.Type: GrantFiled: May 29, 2013Date of Patent: October 13, 2015Assignee: Lucent Sky CorporationInventor: Jim Liu
-
Publication number: 20140359776Abstract: A method for automatically mitigating vulnerabilities in a source code of an application is provided in the present invention. The method includes the following steps. First, the source code is complied, and a path graph is built according to the compiled source code. The path graph includes a plurality of paths traversing from sources to sinks, and each of the paths includes a plurality of nodes. Then, at least one tainted path is identified by enabling a plurality of vulnerability rules. Each of the at least one tainted path corresponds to a vulnerability, and each of the at least one vulnerability corresponds to a sanitization method. Then, the at least one vulnerability is determined if it is mitigable. If the at least one vulnerability is mitigable, the at least one vulnerability is mitigated automatically. Furthermore, the method may be implemented as a system and a computer program product.Type: ApplicationFiled: May 29, 2013Publication date: December 4, 2014Applicant: Lucent Sky CorporationInventor: Jim Liu