Patents by Inventor Michael Vu Le
Michael Vu Le has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240104221Abstract: A method to test an OS kernel interface, such as an eBPF helper function. The interface has a grammar that defines the kernel interface. Testing is carried out using eBPF code that invokes and tests the interface using a fuzzing engine. To facilitate the process, additional user space code is configured to generate at least one kernel event that triggers the eBPF code to run, and to transform inputs from the fuzzing engine according to the grammar that defines the kernel interface. After loading the eBPF code into the OS kernel, the user space code issues the kernel event that causes the eBPF code to run. In response, and as the fuzzing engine executes, the eBPF code records arguments sent to the OS kernel through the kernel interface. The arguments are passed through a data structure shared by the eBPF code and the user space code. By recording the arguments and other diagnostic information, the security of the kernel interface is evaluated.Type: ApplicationFiled: September 23, 2022Publication date: March 28, 2024Applicant: International Business Machines CorporationInventors: Anthony Saieva, Frederico Araujo, Sanjeev Das, Michael Vu Le, Jiyong Jang
-
Patent number: 11921885Abstract: A method, apparatus and computer program product for scheduling placement of containers in association with a set of hosts. The technique utilizes metrics that characterize container-specific risks. A first metric is a host interface risk for a container that quantifies how similar or dissimilar the container is relative to other containers running on a host. Preferably, host interface risk is derived with respect to a system call interface comprising a set of system calls, and the metric is based at least in part on a measure of dissimilarity among system calls. A second metric is a data sensitivity score that quantifies a degree to which sensitive data accesses are associated to the container. Based at least in part on the host interface risk scores and the data sensitivity scores, one or more containers are automatically scheduled for placement on the set of hosts to minimize security risk for the set of hosts.Type: GrantFiled: June 7, 2021Date of Patent: March 5, 2024Assignee: International Business Machines CorporationInventors: Michael Vu Le, Md Salman Ahmed, Hani Talal Jamjoom
-
Publication number: 20240020389Abstract: Described are techniques for application hardening. The techniques include generating application traces using fuzzing for an application with a known security vulnerability, where the application traces include good traces that do not result in exploitation of the known security vulnerability and bad traces that result in exploitation of the known security vulnerability. The techniques further include identifying code segments that are executed by the bad traces and not executed by the good traces. The techniques further include modifying the identified code segments using binary rewriting.Type: ApplicationFiled: July 13, 2022Publication date: January 18, 2024Inventors: Michael Vu Le, Sanjeev Das
-
Publication number: 20230418859Abstract: A method, computer system, and a computer program product for data processing, comprising obtaining a plurality of files from a data source. These files are analyzed the files for information about the content and in order to determine structural information of each file. Once the files have been analyzed, information in each file may be sorted and categorized by common content. Sensitive information may also be extracted and categorized separately. Information may then be then merged using the categories to create a single unified file.Type: ApplicationFiled: June 27, 2022Publication date: December 28, 2023Inventors: Youngja Park, MOHAMMED FAHD ALHAMID, Stefano Braghin, Jing Xin Duan, Mokhtar Kandil, Michael Vu Le, Killian Levacher, Micha Gideon Moffie, Ian Michael Molloy, Walid Rjaibi, ARIEL FARKASH
-
Patent number: 11709937Abstract: An approach is provided that, after receiving a request to execute a computer program, determines an active set of metadata that corresponds to the requested computer program and then loads basic blocks of the requested computer program into memory. One of the loaded basic blocks is a starting block of the requested computer program. The memory also stores basic blocks corresponding to some previously loaded computer programs. The approach also inactivates basic blocks that are currently stored in the memory, with the inactivated basic blocks being identified based on a comparison of the active set of metadata to the sets of metadata that corresponding to the basic blocks of previously loaded computer programs. After inactivating some basic blocks, the approach executes the starting block of the requested computer program.Type: GrantFiled: August 25, 2021Date of Patent: July 25, 2023Assignee: International Business Machines CorporationInventors: Michael Vu Le, Hani Talal Jamjoom
-
Patent number: 11650801Abstract: Multiple execution traces of an application are accessed. The multiple execution traces have been collected at a basic block level. Basic blocks in the multiple execution traces are scored. Scores for the basic blocks represent benefits of performing binary slimming at the corresponding basic blocks. Runtime binary slimming is performed of the application based on the scores of the basic blocks.Type: GrantFiled: November 10, 2021Date of Patent: May 16, 2023Assignee: International Business Machines CorporationInventors: Michael Vu Le, Ian Michael Molloy, Taemin Park
-
Publication number: 20230069035Abstract: An approach is provided that, after receiving a request to execute a computer program, determines an active set of metadata that corresponds to the requested computer program and then loads basic blocks of the requested computer program into memory. One of the loaded basic blocks is a starting block of the requested computer program. The memory also stores basic blocks corresponding to some previously loaded computer programs. The approach also inactivates basic blocks that are currently stored in the memory, with the inactivated basic blocks being identified based on a comparison of the active set of metadata to the sets of metadata that corresponding to the basic blocks of previously loaded computer programs. After inactivating some basic blocks, the approach executes the starting block of the requested computer program.Type: ApplicationFiled: August 25, 2021Publication date: March 2, 2023Inventors: Michael Vu Le, Hani Talal Jamjoom
-
Publication number: 20220391532Abstract: A method, apparatus and computer program product for scheduling placement of containers in association with a set of hosts. The technique utilizes metrics that characterize container-specific risks. A first metric is a host interface risk for a container that quantifies how similar or dissimilar the container is relative to other containers running on a host. Preferably, host interface risk is derived with respect to a system call interface comprising a set of system calls, and the metric is based at least in part on a measure of dissimilarity among system calls. A second metric is a data sensitivity score that quantifies a degree to which sensitive data accesses are associated to the container. Based at least in part on the host interface risk scores and the data sensitivity scores, one or more containers are automatically scheduled for placement on the set of hosts to minimize security risk for the set of hosts.Type: ApplicationFiled: June 7, 2021Publication date: December 8, 2022Applicant: International Business Machines CorporationInventors: Michael Vu Le, Md Salman Ahmed, Hani Talal Jamjoom
-
Patent number: 11522880Abstract: A method, system, and computer-usable medium for analyzing security data formatted in STIX™ format. Data related to actions performed by one or more users is captured. Individual tasks, such as analytics or extract, transform, load (ETL) tasks related to the captured data is created. Individual tasks are registered to a workflow for executing particular security threat or incident analysis. The workflow is executed and visualized to perform the security threat or incident analysis.Type: GrantFiled: July 9, 2020Date of Patent: December 6, 2022Assignee: International Business Machines CorporationInventors: Sulakshan Vajipayajula, Paul Coccoli, James Brent Peterson, Michael Vu Le, Ian Michael Molloy
-
Patent number: 11277434Abstract: Reducing attack surface by selectively collocating applications on host computers is provided. System resources utilized by each application running in a plurality of host computers of a data processing environment are measured. Which applications running in the plurality of host computers that utilize similar system resources are determined. Those applications utilizing similar system resources are collocated on respective host computers.Type: GrantFiled: March 24, 2020Date of Patent: March 15, 2022Assignee: International Business Machines CorporationInventors: Michael Vu Le, Hani Talal Jamjoom, Ian Michael Molloy
-
Publication number: 20220066757Abstract: Multiple execution traces of an application are accessed. The multiple execution traces have been collected at a basic block level. Basic blocks in the multiple execution traces are scored. Scores for the basic blocks represent benefits of performing binary slimming at the corresponding basic blocks. Runtime binary slimming is performed of the application based on the scores of the basic blocks.Type: ApplicationFiled: November 10, 2021Publication date: March 3, 2022Inventors: Michael Vu Le, Ian Michael Molloy, Taemin Park
-
Patent number: 11262993Abstract: Unused instructions and no longer used instructions in a target application binary are determined. The target application binary is rewritten before and after runtime execution of the target application binary to remove the unused and no longer used instructions to reduce binary attack surface area for the runtime execution of the target application binary. Methods, computer systems, and computer program products are disclosed.Type: GrantFiled: September 26, 2019Date of Patent: March 1, 2022Assignee: International Business Machines CorporationInventors: Michael Vu Le, Ian Michael Molloy, Jacob Tinkhauser
-
Publication number: 20220014531Abstract: A method, system, and computer-usable medium for analyzing security data formatted in STIX™ format. Data related to actions performed by one or more users is captured. Individual tasks, such as analytics or extract, transform, load (ETL) tasks related to the captured data is created. Individual tasks are registered to a workflow for executing particular security threat or incident analysis. The workflow is executed and visualized to perform the security threat or incident analysis.Type: ApplicationFiled: July 9, 2020Publication date: January 13, 2022Inventors: Sulakshan Vajipayajula, Paul Coccoli, James Brent Peterson, Michael Vu Le, Ian Michael Molloy
-
Patent number: 11221835Abstract: One or more execution traces of an application are accessed. The one or more execution traces have been collected at a basic block level. Basic blocks in the one or more execution traces are scored. Scores for the basic blocks represent benefits of performing binary slimming at the corresponding basic blocks. Runtime binary slimming is performed of the application based on the scores of the basic blocks.Type: GrantFiled: February 10, 2020Date of Patent: January 11, 2022Assignee: International Business Machines CorporationInventors: Michael Vu Le, Ian Michael Molloy, Taemin Park
-
Publication number: 20210306367Abstract: Reducing attack surface by selectively collocating applications on host computers is provided. System resources utilized by each application running in a plurality of host computers of a data processing environment are measured. Which applications running in the plurality of host computers that utilize similar system resources are determined. Those applications utilizing similar system resources are collocated on respective host computers.Type: ApplicationFiled: March 24, 2020Publication date: September 30, 2021Inventors: Michael Vu Le, Hani Talal Jamjoom, Ian Michael Molloy
-
Publication number: 20210247971Abstract: One or more execution traces of an application are accessed. The one or more execution traces have been collected at a basic block level. Basic blocks in the one or more execution traces are scored. Scores for the basic blocks represent benefits of performing binary slimming at the corresponding basic blocks. Runtime binary slimming is performed of the application based on the scores of the basic blocks.Type: ApplicationFiled: February 10, 2020Publication date: August 12, 2021Inventors: Michael Vu Le, Ian Michael Molloy, Taemin Park
-
Patent number: 10545745Abstract: Unused instructions and no longer used instructions in a target application binary are determined. The target application binary is rewritten before and after runtime execution of the target application binary to remove the unused and no longer used instructions to reduce binary attack surface area for the runtime execution of the target application binary. Methods, computer systems, and computer program products are disclosed.Type: GrantFiled: April 18, 2018Date of Patent: January 28, 2020Assignee: International Business Machines CorporationInventors: Michael Vu Le, Ian Michael Molloy, Jacob Tinkhauser
-
Publication number: 20200019392Abstract: Unused instructions and no longer used instructions in a target application binary are determined. The target application binary is rewritten before and after runtime execution of the target application binary to remove the unused and no longer used instructions to reduce binary attack surface area for the runtime execution of the target application binary. Methods, computer systems, and computer program products are disclosed.Type: ApplicationFiled: September 26, 2019Publication date: January 16, 2020Inventors: Michael Vu Le, Ian Michael Molloy, Jacob Tinkhauser
-
Publication number: 20190324732Abstract: Unused instructions and no longer used instructions in a target application binary are determined. The target application binary is rewritten before and after runtime execution of the target application binary to remove the unused and no longer used instructions to reduce binary attack surface area for the runtime execution of the target application binary. Methods, computer systems, and computer program products are disclosed.Type: ApplicationFiled: April 18, 2018Publication date: October 24, 2019Inventors: Michael Vu Le, Ian Michael Molloy, Jacob Tinkhauser