Patents by Inventor Christien Rioux
Christien Rioux has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9916146Abstract: Presently described is a decompilation method of operation and system for parsing executable code, identifying and recursively modeling data flows, identifying and recursively modeling control flow, and iteratively refining these models to provide a complete model at the nanocode level. The nanocode decompiler may be used to determine if flaws, security vulnerabilities, or general quality issues exist in the code. The nanocode decompiler outputs in a standardized, human-readable intermediate representation (IR) designed for automated or scripted analysis and reporting. Reports may take the form of a computer annotated and/or partially human annotated nanocode listing in the above-described IR. Annotations may include plain English statements regarding flaws and pointers to badly constructed data structures, unchecked buffers, malicious embedded code or “trap doors,” and the like. Annotations may be generated through a scripted analysis process or by means of an expert-enhanced, quasi-autonomous system.Type: GrantFiled: January 29, 2016Date of Patent: March 13, 2018Assignee: Veracode, Inc.Inventor: Christien Rioux
-
Publication number: 20160274879Abstract: Presently described is a decompilation method of operation and system for parsing executable code, identifying and recursively modeling data flows, identifying and recursively modeling control flow, and iteratively refining these models to provide a complete model at the nanocode level. The nanocode decompiler may be used to determine if flaws, security vulnerabilities, or general quality issues exist in the code. The nanocode decompiler outputs in a standardized, human-readable intermediate representation (IR) designed for automated or scripted analysis and reporting. Reports may take the form of a computer annotated and/or partially human annotated nanocode listing in the above-described IR. Annotations may include plain English statements regarding flaws and pointers to badly constructed data structures, unchecked buffers, malicious embedded code or “trap doors,” and the like. Annotations may be generated through a scripted analysis process or by means of an expert-enhanced, quasi-autonomous system.Type: ApplicationFiled: January 29, 2016Publication date: September 22, 2016Inventor: Christien Rioux
-
Patent number: 9286041Abstract: Presently described is a decompilation method of operation and system for parsing executable code, identifying and recursively modeling data flows, identifying and recursively modeling control flow, and iteratively refining these models to provide a complete model at the nanocode level. The nanocode decompiler may be used to determine if flaws, security vulnerabilities, or general quality issues exist in the code. The nanocode decompiler outputs in a standardized, human-readable intermediate representation (IR) designed for automated or scripted analysis and reporting. Reports may take the form of a computer annotated and/or partially human annotated nanocode listing in the above-described IR Annotations may include plain English statements regarding flaws and pointers to badly constructed data structures, unchecked buffers, malicious embedded code or “trap doors,” and the like. Annotations may be generated through a scripted analysis process or by means of an expert-enhanced, quasi-autonomous system.Type: GrantFiled: June 4, 2014Date of Patent: March 15, 2016Assignee: Veracode, Inc.Inventor: Christien Rioux
-
Patent number: 9207920Abstract: A system for testing a software application receives one or more object spaces extracted from a development or runtime environment of the software application. The extracted object space includes information about various objects associated with the software application, its dependencies, and/or environment, and some of the objects may be dynamically created and/or modified. The extracted object space does not include any source code. A language dependent extraction component can extract the object space using introspections and/or reflection APIs. The extracted object can be translated into a language-independent format and can be analyzed to identify any vulnerabilities in the software application without access to the source code, compiled binary, and runtime environment of the software application.Type: GrantFiled: May 30, 2014Date of Patent: December 8, 2015Assignee: Veracode, Inc.Inventors: Ryan O'Boyle, John Mcenerney, Christien Rioux
-
Publication number: 20150106795Abstract: Presently described is a decompilation method of operation and system for parsing executable code, identifying and recursively modeling data flows, identifying and recursively modeling control flow, and iteratively refining these models to provide a complete model at the nanocode level. The nanocode decompiler may be used to determine if flaws, security vulnerabilities, or general quality issues exist in the code. The nanocode decompiler outputs in a standardized, human-readable intermediate representation (IR) designed for automated or scripted analysis and reporting. Reports may take the form of a computer annotated and/or partially human annotated nanocode listing in the above-described IR. Annotations may include plain English statements regarding flaws and pointers to badly constructed data structures, unchecked buffers, malicious embedded code or “trap doors,” and the like. Annotations may be generated through a scripted analysis process or by means of an expert-enhanced, quasi-autonomous system.Type: ApplicationFiled: June 4, 2014Publication date: April 16, 2015Applicant: Veracode, Inc.Inventor: Christien Rioux
-
Publication number: 20140359588Abstract: A system for testing a software application receives one or more object spaces extracted from a development or runtime environment of the software application. The extracted object space includes information about various objects associated with the software application, its dependencies, and/or environment, and some of the objects may be dynamically created and/or modified. The extracted object space does not include any source code. A language dependent extraction component can extract the object space using introspections and/or reflection APIs. The extracted object can be translated into a language-independent format and can be analyzed to identify any vulnerabilities in the software application without access to the source code, compiled binary, and runtime environment of the software application.Type: ApplicationFiled: May 30, 2014Publication date: December 4, 2014Inventors: Ryan O'Boyle, John Mcenerney, Christien Rioux
-
Patent number: 8789027Abstract: Presently described is a decompilation method of operation and system for parsing executable code, identifying and recursively modeling data flows, identifying and recursively modeling control flow, and iteratively refining these models to provide a complete model at the nanocode level. The nanocode decompiler may be used to determine if flaws, security vulnerabilities, or general quality issues exist in the code. The nanocode decompiler outputs in a standardized, human-readable intermediate representation (IR) designed for automated or scripted analysis and reporting. Reports may take the form of a computer annotated and/or partially human annotated nanocode listing in the above-described IR. Annotations may include plain English statements regarding flaws and pointers to badly constructed data structures, unchecked buffers, malicious embedded code or “trap doors,” and the like. Annotations may be generated through a scripted analysis process or by means of an expert-enhanced, quasi-autonomous system.Type: GrantFiled: December 14, 2012Date of Patent: July 22, 2014Assignee: Veracode, Inc.Inventor: Christien Rioux
-
Patent number: 8365155Abstract: Presently described is a decompilation method of operation and system for parsing executable code, identifying and recursively modeling data flows, identifying and recursively modeling control flow, and iteratively refining these models to provide a complete model at the nanocode level. The nanocode decompiler may be used to determine if flaws, security vulnerabilities, or general quality issues exist in the code. The nanocode decompiler outputs in a standardized, human-readable intermediate representation (IR) designed for automated or scripted analysis and reporting. Reports may take the form of a computer annotated and/or partially human annotated nanocode listing in the above-described IR. Annotations may include plain English statements regarding flaws and pointers to badly constructed data structures, unchecked buffers, malicious embedded code or “trap doors,” and the like. Annotations may be generated through a scripted analysis process or by means of an expert-enhanced, quasi-autonomous system.Type: GrantFiled: May 24, 2010Date of Patent: January 29, 2013Assignee: Veracode, Inc.Inventor: Christien Rioux
-
Publication number: 20060253841Abstract: Presently described is a decompilation method of operation and system for parsing executable code, identifying and recursively modeling data flows, identifying and recursively modeling control flow, and iteratively refining these models to provide a complete model at the nanocode level. The nanocode decompiler may be used to determine if flaws, security vulnerabilities, or general quality issues exist in the code. The nanocode decompiler outputs in a standardized, human-readable intermediate representation (IR) designed for automated or scripted analysis and reporting. Reports may take the form of a computer annotated and/or partially human annotated nanocode listing in the above-described IR. Annotations may include plain English statements regarding flaws and pointers to badly constructed data structures, unchecked buffers, malicious embedded code or “trap doors,” and the like. Annotations may be generated through a scripted analysis process or by means of an expert-enhanced, quasi-autonomous system.Type: ApplicationFiled: May 1, 2006Publication date: November 9, 2006Inventor: Christien Rioux