Patents by Inventor Bogdan COPOS
Bogdan COPOS has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11729196Abstract: A method, apparatus and system for determining a weakness or risk for devices of an Internet-of-things (IoT) network include determining a representation of a physical environment of the IoT network and expected physical and cyber interactions between the devices of the IoT network based at least in part on operating characteristics of the devices of the IoT network, monitoring the physical environment and actual interactions between the devices to generate a network model including at least one of uncharacteristic physical or cyber interaction paths between the devices, based on the determined network model, determining at least one weakness or risk of at least one of the IoT network or of at least one of the devices, and providing a metric of security of at least one of the IoT network or of at least one of the devices based on at least one of the determined weakness or risk.Type: GrantFiled: August 13, 2018Date of Patent: August 15, 2023Assignee: SRI InternationalInventors: Gabriela F. Ciocarlie, Ioannis Agadakos, Chien-Ying Chen, Matteo Campanelli, Prashant Anantharaman, Monowar Hasan, Ulf Lindqvist, Michael Locasto, Bogdan Copos, Tancrède Lepoint, Matthew Filippone
-
Publication number: 20200162500Abstract: A method, apparatus and system for determining a weakness or risk for devices of an Internet-of-things (IoT) network include determining a representation of a physical environment of the IoT network and expected physical and cyber interactions between the devices of the IoT network based at least in part on operating characteristics of the devices of the IoT network, monitoring the physical environment and actual interactions between the devices to generate a network model including at least one of uncharacteristic physical or cyber interaction paths between the devices, based on the determined network model, determining at least one weakness or risk of at least one of the IoT network or of at least one of the devices, and providing a metric of security of at least one of the IoT network or of at least one of the devices based on at least one of the determined weakness or risk.Type: ApplicationFiled: August 13, 2018Publication date: May 21, 2020Inventors: Gabriela F. CIOCARLIE, Ioannis AGADAKOS, Chien-Ying CHEN, Matteo CAMPANELLI, Prashant ANANTHARAMAN, Monowar HASAN, Ulf LINDQVIST, Michael LOCASTO, Bogdan COPOS, Tancrède LEPOINT, Matthew FILIPPONE
-
Patent number: 10255166Abstract: A method to determine a valid input sequence for an unknown binary program is provided. The method may include obtaining an input sequence for an unknown binary program. The method may also include obtaining a memory address range for each of one or more variables in the unknown binary program and executing an instrumented version of the unknown binary program with the input sequence as an input to the instrumented version of the unknown binary program. The method may also include recording one or more memory addresses accessed during the execution of the instrumented version of the unknown binary program and determining that the unknown binary program accepts the input sequence as valid based on one or more of the one or more recorded memory addresses corresponding to the memory address range of one or more of the variables in the unknown binary program.Type: GrantFiled: July 6, 2015Date of Patent: April 9, 2019Assignee: FUJITSU LIMITEDInventors: Praveen Murthy, Bogdan Copos
-
Patent number: 9772931Abstract: A method includes selecting a set of printable characters as one or more test inputs for a binary module having no known valid input. The method also includes executing the binary module with the set of printable characters as the one or more test inputs for the binary module. The method also includes determining a number of instructions executed by the binary module responsive to being executed with the set of printable characters. The method also includes generating set data including the one or more printable characters associated with the number of instructions executed for each of the one or more printable characters. The method also includes analyzing the set data to identify one or more printable characters as one or more valid inputs for the binary module based on a comparison of the number of instructions associated with the one or more printable characters and a threshold range.Type: GrantFiled: February 11, 2015Date of Patent: September 26, 2017Assignee: FUJITSU LIMITEDInventors: Bogdan Copos, Praveen Murthy
-
Patent number: 9767290Abstract: A method of vulnerability analysis of a deployed program (program) includes inputting a binary program under analysis (BPUA) derived from the program. The method includes analyzing input/output (I/O) behavior of the program. The method includes discovering inputs to the program based on application of exploration techniques to the BPUA and analysis of the I/O behavior. The method includes determining which of the inputs are negative inputs. The negative inputs are inputs that trigger a response that includes a vulnerability of the program. Based on the negative inputs and triggered responses, the method includes developing a patch for the program that modifies the program to process at least some of the negative inputs without triggering a response that includes the vulnerability. The method includes automatically dispatching the patch.Type: GrantFiled: July 9, 2015Date of Patent: September 19, 2017Assignee: FUJITSU LIMITEDInventors: Praveen Murthy, Bogdan Copos, Thuan Pham
-
Patent number: 9552284Abstract: A method to determine valid input sequences for an unknown binary program is provided. The method includes obtaining multiple input sequences, which each include two or more different inputs, for an unknown binary program. The inputs for the input sequences may be valid inputs for the unknown binary program. The method may further include executing an instrumented version of the unknown binary program separately for each input sequence. For each execution of the instrumented version of the unknown binary program, a set of execution traces may be generated by recording execution traces generated by the execution of the instrumented version of the unknown binary program. The method may further include comparing the sets of execution traces and determining which of the input sequences the unknown binary program accepts as valid based on the comparison of the sets of execution traces.Type: GrantFiled: May 15, 2015Date of Patent: January 24, 2017Assignee: FUJITSU LIMITEDInventors: Bogdan Copos, Praveen Murthy
-
Publication number: 20160335175Abstract: A method to determine valid input sequences for an unknown binary program is provided. The method includes obtaining multiple input sequences, which each include two or more different inputs, for an unknown binary program. The inputs for the input sequences may be valid inputs for the unknown binary program. The method may further include executing an instrumented version of the unknown binary program separately for each input sequence. For each execution of the instrumented version of the unknown binary program, a set of execution traces may be generated by recording execution traces generated by the execution of the instrumented version of the unknown binary program. The method may further include comparing the sets of execution traces and determining which of the input sequences the unknown binary program accepts as valid based on the comparison of the sets of execution traces.Type: ApplicationFiled: May 15, 2015Publication date: November 17, 2016Inventors: Bogdan COPOS, Praveen MURTHY
-
Publication number: 20160259711Abstract: A method to determine a valid input sequence for an unknown binary program is provided. The method may include obtaining an input sequence for an unknown binary program. The method may also include obtaining a memory address range for each of one or more variables in the unknown binary program and executing an instrumented version of the unknown binary program with the input sequence as an input to the instrumented version of the unknown binary program. The method may also include recording one or more memory addresses accessed during the execution of the instrumented version of the unknown binary program and determining that the unknown binary program accepts the input sequence as valid based on one or more of the one or more recorded memory addresses corresponding to the memory address range of one or more of the variables in the unknown binary program.Type: ApplicationFiled: July 6, 2015Publication date: September 8, 2016Inventors: Praveen MURTHY, Bogdan COPOS
-
Publication number: 20160259943Abstract: A method of vulnerability analysis of a deployed program (program) includes inputting a binary program under analysis (BPUA) derived from the program. The method includes analyzing input/output (I/O) behavior of the program. The method includes discovering inputs to the program based on application of exploration techniques to the BPUA and analysis of the I/O behavior. The method includes determining which of the inputs are negative inputs. The negative inputs are inputs that trigger a response that includes a vulnerability of the program. Based on the negative inputs and triggered responses, the method includes developing a patch for the program that modifies the program to process at least some of the negative inputs without triggering a response that includes the vulnerability. The method includes automatically dispatching the patch.Type: ApplicationFiled: July 9, 2015Publication date: September 8, 2016Inventors: Praveen MURTHY, Bogdan COPOS, Thuan PHAM
-
Publication number: 20160232081Abstract: A method includes selecting a set of printable characters as one or more test inputs for a binary module having no known valid input. The method also includes executing the binary module with the set of printable characters as the one or more test inputs for the binary module. The method also includes determining a number of instructions executed by the binary module responsive to being executed with the set of printable characters. The method also includes generating set data including the one or more printable characters associated with the number of instructions executed for each of the one or more printable characters. The method also includes analyzing the set data to identify one or more printable characters as one or more valid inputs for the binary module based on a comparison of the number of instructions associated with the one or more printable characters and a threshold range.Type: ApplicationFiled: February 11, 2015Publication date: August 11, 2016Inventors: Bogdan COPOS, Praveen MURTHY