Patents by Inventor Patrice Godefroid
Patrice Godefroid has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20220382860Abstract: According to examples, an apparatus may include a processor and a memory on which is stored machine-readable instructions that when executed by the processor, may cause the processor to access a plurality of features pertaining to an event, apply an anomaly detection model on the accessed plurality of features, in which the anomaly detection model may output a reconstruction of the accessed plurality of features. The processor may calculate a reconstruction error of the reconstruction, determine whether a combination of the plurality of features is anomalous based on the calculated reconstruction error, and based on a determination that the combination of the plurality of features is anomalous, output a notification that the event is anomalous.Type: ApplicationFiled: May 26, 2021Publication date: December 1, 2022Applicant: Microsoft Technology Licensing, LLCInventors: Itay ARGOETY, Jonatan ZUKERMAN, Yasmin BOKOBZA, James David MCCAFFREY, Patrice GODEFROID
-
Patent number: 11321219Abstract: Improved techniques for testing an application to identify bugs. An API request body, which includes input data, is transmitted to a service to exercise the service. An error type response is received from the service, where the response indicates how the service handled the input data. The response is then used to determine an error type response coverage of the service. The coverage is then expanded by repeatedly performing a number of operations until a threshold metric is satisfied. For instance, in response to learning how previously-used input data impacted the coverage, new input data is generated. This new input data is designed to trigger new types of responses from the service. The new input is sent to the service, and a new error type response is received. These processes are repeated in an effort to expand the error type response coverage of the remote service.Type: GrantFiled: January 13, 2020Date of Patent: May 3, 2022Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Patrice Godefroid, Bo-Yuan Huang, Marina Polishchuk
-
Publication number: 20210216435Abstract: Improved techniques for testing an application to identify bugs. An API request body, which includes input data, is transmitted to a service to exercise the service. An error type response is received from the service, where the response indicates how the service handled the input data. The response is then used to determine an error type response coverage of the service. The coverage is then expanded by repeatedly performing a number of operations until a threshold metric is satisfied. For instance, in response to learning how previously-used input data impacted the coverage, new input data is generated. This new input data is designed to trigger new types of responses from the service. The new input is sent to the service, and a new error type response is received. These processes are repeated in an effort to expand the error type response coverage of the remote service.Type: ApplicationFiled: January 13, 2020Publication date: July 15, 2021Inventors: Patrice Godefroid, Bo-Yuan Huang, Marina Polishchuk
-
Patent number: 10983853Abstract: Provided are methods and systems for automatically generating input grammars for grammar-based fuzzing by utilizing machine-learning techniques and sample inputs. Neural-network-based statistical learning techniques are used for the automatic generation of input grammars. Recurrent neural networks are used for learning a statistical input model that is also generative in that the model is used to generate new inputs based on the probability distribution of the learnt model.Type: GrantFiled: June 30, 2017Date of Patent: April 20, 2021Assignee: Microsoft Technology Licensing, LLCInventors: Patrice Godefroid, Rishabh Singh, Hila Peleg
-
Patent number: 10977161Abstract: In a method for automatically testing a service via a programming interface of the service includes, a set of operation descriptions describing a set of operations supported by the service is obtained. The set of operation descriptions includes respective descriptions of requests associated with respective operations in the set of operations and responses expected in response to the requests. Based on the set of operation descriptions, dependencies among the requests associated with the respective operations are determined, and a set of test request sequences that satisfy the determined dependencies is generated. Test request sequences in the set of test request sequences are executed to test the service via the programming interface of the service.Type: GrantFiled: May 30, 2018Date of Patent: April 13, 2021Assignee: Microsoft Technology Licensing, LLCInventors: Patrice Godefroid, Marina Polishchuk, Evangelos Atlidakis
-
Patent number: 10846211Abstract: Described herein are technologies related to testing computer code for bugs, wherein the computer code is to run in kernel mode of an operating system. The computer code is executed in kernel mode of a first operating system, and content of memory that is mapped to kernel mode address space of the first operating system is transferred to user mode memory that is mapped to user mode address space of a second operating system. The computer code is executed in user mode and tested while being executed in user mode.Type: GrantFiled: March 21, 2018Date of Patent: November 24, 2020Assignee: Microsoft Technology Licensing, LLCInventors: Barry C. Bond, Patrice Godefroid
-
Patent number: 10635476Abstract: Apparatus and methods can be implemented to perform software testing or to perform emulated hardware testing using a cloud architecture that can utilize centralized testing technology and can enable scaling up to test for multiple tenants and scaling up to arbitrary numbers of programs tested for each tenant. A user can configure an initial test virtual machine on a cloud platform for a cloud service over a physical network such as the Internet. Components of the cloud architecture can create a set of clones of the initial test virtual machine and inject tools into each clone for testing. Testing of one or more clones of the set can be conducted in an environment isolated from the physical network and isolated from a backend of the cloud service. Additional apparatus, systems, and methods are disclosed.Type: GrantFiled: May 31, 2017Date of Patent: April 28, 2020Assignee: Microsoft Technology Licensing, LLCInventors: William Blum, Patrice Godefroid, David Molnar
-
Publication number: 20190370152Abstract: In a method for automatically testing a service via a programming interface of the service includes, a set of operation descriptions describing a set of operations supported by the service is obtained. The set of operation descriptions includes respective descriptions of requests associated with respective operations in the set of operations and responses expected in response to the requests. Based on the set of operation descriptions, dependencies among the requests associated with the respective operations are determined, and a set of test request sequences that satisfy the determined dependencies is generated.Type: ApplicationFiled: May 30, 2018Publication date: December 5, 2019Applicant: Microsoft Technology Licensing, LLCInventors: Patrice GODEFROID, Marina POLISHCHUK, Evangelos ATLIDAKIS
-
Publication number: 20190294537Abstract: Described herein are technologies related to testing computer code for bugs, wherein the computer code is to run in kernel mode of an operating system. The computer code is executed in kernel mode of a first operating system, and content of memory that is mapped to kernel mode address space of the first operating system is transferred to user mode memory that is mapped to user mode address space of a second operating system. The computer code is executed in user mode and tested while being executed in user mode.Type: ApplicationFiled: March 21, 2018Publication date: September 26, 2019Inventors: Barry C. BOND, Patrice GODEFROID
-
Publication number: 20180329788Abstract: Apparatus and methods can be implemented to perform software testing or to perform emulated hardware testing using a cloud architecture that can utilize centralized testing technology and can enable scaling up to test for multiple tenants and scaling up to arbitrary numbers of programs tested for each tenant. A user can configure an initial test virtual machine on a cloud platform for a cloud service over a physical network such as the Internet. Components of the cloud architecture can create a set of clones of the initial test virtual machine and inject tools into each clone for testing. Testing of one or more clones of the set can be conducted in an environment isolated from the physical network and isolated from a backend of the cloud service. Additional apparatus, systems, and methods are disclosed.Type: ApplicationFiled: May 31, 2017Publication date: November 15, 2018Inventors: William Blum, Patrice Godefroid, David MoInar
-
Publication number: 20180285186Abstract: Provided are methods and systems for automatically generating input grammars for grammar-based fuzzing by utilizing machine-learning techniques and sample inputs. Neural-network-based statistical learning techniques are used for the automatic generation of input grammars. Recurrent neural networks are used for learning a statistical input model that is also generative in that the model is used to generate new inputs based on the probability distribution of the learnt model.Type: ApplicationFiled: June 30, 2017Publication date: October 4, 2018Applicant: Microsoft Technology Licensing, LLCInventors: Patrice GODEFROID, Rishabh SINGH, Hila PELEG
-
Patent number: 9882923Abstract: An automatic context-sensitive sanitization technique detects errors due to the mismatch of a sanitizer sequence with a browser parsing context. A pre-deployment analyzer automatically detects violating paths that contain a sanitizer sequence that is inconsistent with a browsing context associated with outputting an untrusted input. The pre-deployment analyzer determines a correct sanitizer sequence which is stored in a sanitization cache. During the runtime execution of the web application, a path detector tracks execution of the web application in relation to the violating paths. The correct sanitizer sequence can be applied when the runtime execution follows a violating path.Type: GrantFiled: November 24, 2014Date of Patent: January 30, 2018Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC.Inventors: David Molnar, Benjamin Livshits, Patrice Godefroid, Prateek Saxena
-
Patent number: 9552285Abstract: Micro-execution is the ability to run any code segment in isolation. Implementations for micro-execution of code segments are described. A test engine determines an effective address of a memory operation of an instruction of an executable program. The test engine determines, prior to performing the memory operation and based on a memory policy, that the effective address is to be replaced with a replacement address. Based on determining that the effective address is to be replaced, the test engine allocates the replacement address and executes the instruction based on the allocated replacement address.Type: GrantFiled: May 2, 2013Date of Patent: January 24, 2017Assignee: Microsoft Technology Licensing, LLCInventor: Patrice Godefroid
-
Publication number: 20150082439Abstract: An automatic context-sensitive sanitization technique detects errors due to the mismatch of a sanitizer sequence with a browser parsing context. A pre-deployment analyzer automatically detects violating paths that contain a sanitizer sequence that is inconsistent with a browsing context associated with outputting an untrusted input. The pre-deployment analyzer determines a correct sanitizer sequence which is stored in a sanitization cache. During the runtime execution of the web application, a path detector tracks execution of the web application in relation to the violating paths.Type: ApplicationFiled: November 24, 2014Publication date: March 19, 2015Inventors: DAVID MOLNAR, BENJAMIN LIVSHITS, PATRICE GODEFROID, PRATEEK SAXENA
-
Patent number: 8898776Abstract: An automatic context-sensitive sanitization technique detects errors due to the mismatch of a sanitizer sequence with a browser parsing context. A pre-deployment analyzer automatically detects violating paths that contain a sanitizer sequence that is inconsistent with a browsing context associated with outputting an untrusted input. The pre-deployment analyzer determines a correct sanitizer sequence which is stored in a sanitization cache. During the runtime execution of the web application, a path detector tracks execution of the web application in relation to the violating paths. The correct sanitizer sequence can be applied when the runtime execution follows a violating path.Type: GrantFiled: December 28, 2010Date of Patent: November 25, 2014Assignee: Microsoft CorporationInventors: David Molnar, Benjamin Livshits, Patrice Godefroid, Prateek Saxena
-
Publication number: 20140331204Abstract: Micro-execution is the ability to run any code segment in isolation. Implementations for micro-execution of code segments are described. A test engine determines an effective address of a memory operation of an instruction of an executable program. The test engine determines, prior to performing the memory operation and based on a memory policy, that the effective address is to be replaced with a replacement address. Based on determining that the effective address is to be replaced, the test engine allocates the replacement address and executes the instruction based on the allocated replacement address.Type: ApplicationFiled: May 2, 2013Publication date: November 6, 2014Applicant: Microsoft CorporationInventor: Patrice Godefroid
-
Patent number: 8782625Abstract: Concepts and technologies are described herein for determining memory safety of floating-point computations. The concepts and technologies described herein analyze code to determine if any floating-point computations exist in the code, and if so, if the floating-point computations are memory safe. The analysis can include identifying floating-point instructions and conditional statements in the code. The code can be symbolically executed, and behavior of the floating-point instructions and the conditional statements can be monitored to determine if a floating point calculation is ever involved in computation of any memory address during the execution of the code.Type: GrantFiled: June 17, 2010Date of Patent: July 15, 2014Assignee: Microsoft CorporationInventors: Patrice Godefroid, Johannes Kinder
-
Patent number: 8578344Abstract: Concepts and technologies are described herein for incremental compositional dynamic test generation. The concepts and technologies described herein are used to increase the code coverage and security vulnerability identification abilities of testing applications and devices, without significantly increasing, and in some cases decreasing, computational and time costs associated with the testing. Test summaries that describe how code is tested by a test engine are generated and stored during testing of code. These test summaries can be evaluated when additional iterations or versions of the code are tested. If functions corresponding to the test summaries are unchanged from, or logically equivalent to, a version of the function previously tested, the test summary may be used when testing the new version of the code.Type: GrantFiled: June 17, 2010Date of Patent: November 5, 2013Assignee: Microsoft CorporationInventors: Patrice Godefroid, Shuvendu Kumar Lahiri, Cindy Rubio-Gonzalez
-
Patent number: 8549486Abstract: An exemplary method includes providing software for testing; during execution of the software, performing a symbolic execution of the software to produce path constraints; injecting issue constraints into the software where each issue constraint comprises a coded formula; solving the constraints using a constraint solver; based at least in part on the solving, generating input for testing the software; and testing the software using the generated input to check for violations of the injected issue constraints. Such a method can actively check properties of the software. Checking can be performed on a path for a given input using a constraint solver where, if the check fails for the given input, the constraint solver can also generate an alternative input for further testing of the software. Various exemplary methods, devices, systems, etc., are disclosed.Type: GrantFiled: April 21, 2008Date of Patent: October 1, 2013Assignee: Microsoft CorporationInventors: Patrice Godefroid, Michael Y. Levin, David Molnar
-
Publication number: 20120167209Abstract: An automatic context-sensitive sanitization technique detects errors due to the mismatch of a sanitizer sequence with a browser parsing context. A pre-deployment analyzer automatically detects violating paths that contain a sanitizer sequence that is inconsistent with a browsing context associated with outputting an untrusted input. The pre-deployment analyzer determines a correct sanitizer sequence which is stored in a sanitization cache. During the runtime execution of the web application, a path detector tracks execution of the web application in relation to the violating paths. The correct sanitizer sequence can be applied when the runtime execution follows a violating path.Type: ApplicationFiled: December 28, 2010Publication date: June 28, 2012Applicant: Microsoft CorporationInventors: David Molnar, Benjamin Livshits, Patrice Godefroid, Prateek Saxena