Patents by Inventor Sora BAE
Sora BAE has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240136138Abstract: A field emission assembly and an electromagnetic wave generator are provided, the field emission assembly includes a linear emitter which includes carbon nanotube (CNT) fibers and emits electrons and a holder configured to fix the emitter, both ends of the emitter are fixed to the holder, and the emitter includes at least one of a curved portion so as to form a peak in an electron emission direction and a bent portion so as to form a peak in the electron emission direction.Type: ApplicationFiled: November 28, 2022Publication date: April 25, 2024Inventors: Hong Soo CHOI, Young Bae KIM, Hyeongu CHO, Namkyu LEE, Keunsoo JEONG, Se Hoon GIHM, Sora LEE
-
Patent number: 11709930Abstract: A taint report represents a taint flow from a source value at a source program point to a sink value at a sink program point. Candidate watchpoints that correspond to taint-like values similar to the source value may be inferred from an execution trace. Different subsets of candidate watchpoints represent solutions to the problem of determining an optimal subset of watchpoints contributing to a taint flow. Using a hill-climbing heuristic, incremental improvements are efficiently applied to a solution until no more improvements are found. An objective function may determine whether one solution improves another solution. The objective function may be based on validity, understandability, and performance. Validity favors candidate watchpoints that reduce the edit distance between the source and sink values. Understandability favors candidate watchpoints included in a call chain from the source program point to the sink program point. Performance favors small subsets of candidate watchpoints.Type: GrantFiled: May 12, 2020Date of Patent: July 25, 2023Assignee: Oracle International CorporationInventors: Sora Bae, Francois Gauthier, Alexander Jordan
-
Publication number: 20230140645Abstract: A method for detecting a deserialization attack may include identifying, in a byte stream, a class name corresponding to a class, generating, for the class, a feature vector, generating, by applying a benign deserialization model to the feature vector, a benign probability window, generating, by applying a malicious deserialization model to the feature vector, a malicious probability window, comparing the benign probability window and the malicious probability window to obtain a comparison result, and determining, based on the comparison result, that the class is malicious.Type: ApplicationFiled: October 29, 2021Publication date: May 4, 2023Applicant: Oracle International CorporationInventors: François Gauthier, Sora Bae
-
Patent number: 11494489Abstract: A method for detecting malicious code may include generating, from deserialization examples, a finite automaton including states. The states may include labeled states corresponding to the deserialization examples. A state may correspond to a path from a start state to the state. The method may further include while traversing the states, generating a state mapping including, for the state, a tracked subset of the states, determining that the path corresponds to a path type, inferring, using the path type and the state mapping, a regular expression for the state, and determining, for a new deserialization example and using the regular expression, a polarity indicating whether it is safe to deserialize the new deserialization example.Type: GrantFiled: June 25, 2021Date of Patent: November 8, 2022Assignee: Oracle International CorporationInventors: Kostyantyn Vorobyov, François Gauthier, Sora Bae, Padmanabhan Krishnan
-
Patent number: 11204746Abstract: A method for modifying a call graph may include identifying, in source code, a first call site including a first predicate and a call from a first function to a second function. The first call site may correspond to a first edge of the call graph. The first edge may connect a first node corresponding to the first function and a second node corresponding to the second function. The method may further include modifying the call graph by labelling the first edge with a first encoding of the first predicate, and identifying, in the source code, a second call site including a second predicate and a call from a third function to the first function. The method may further include in response to determining that the first predicate is unsatisfied, modifying the call graph by labelling the second edge with a second encoding of a violation of the first predicate.Type: GrantFiled: January 28, 2020Date of Patent: December 21, 2021Assignee: Oracle International CorporationInventors: Sora Bae, Nathan Robert Albert Keynes, Cristina Cifuentes
-
Publication number: 20210360005Abstract: A taint report represents a taint flow from a source value at a source program point to a sink value at a sink program point. Candidate watchpoints that correspond to taint-like values similar to the source value may be inferred from an execution trace. Different subsets of candidate watchpoints represent solutions to the problem of determining an optimal subset of watchpoints contributing to a taint flow. Using a hill-climbing heuristic, incremental improvements are efficiently applied to a solution until no more improvements are found. An objective function may determine whether one solution improves another solution. The objective function may be based on validity, understandability, and performance. Validity favors candidate watchpoints that reduce the edit distance between the source and sink values. Understandability favors candidate watchpoints included in a call chain from the source program point to the sink program point. Performance favors small subsets of candidate watchpoints.Type: ApplicationFiled: May 12, 2020Publication date: November 18, 2021Applicant: Oracle International CorporationInventors: Sora Bae, Francois Gauthier, Alexander Jordan
-
Publication number: 20210232377Abstract: A method for modifying a call graph may include identifying, in source code, a first call site including a first predicate and a call from a first function to a second function. The first call site may correspond to a first edge of the call graph. The first edge may connect a first node corresponding to the first function and a second node corresponding to the second function. The method may further include modifying the call graph by labelling the first edge with a first encoding of the first predicate, and identifying, in the source code, a second call site including a second predicate and a call from a third function to the first function. The method may further include in response to determining that the first predicate is unsatisfied, modifying the call graph by labelling the second edge with a second encoding of a violation of the first predicate.Type: ApplicationFiled: January 28, 2020Publication date: July 29, 2021Applicant: Oracle International CorporationInventors: Sora Bae, Nathan Robert Albert Keynes, Cristina Cifuentes
-
Publication number: 20170318026Abstract: A method for analyzing a software library may include obtaining the software library, identifying a candidate security-sensitive entity in the software library, and generating a control flow graph that includes execution paths. Each execution path may include a public entry node corresponding to a public entry and a candidate security-sensitive entity node corresponding to the candidate security-sensitive entity. The public entry is a point where an application program external to the software library may access the software library. The method may further include determining whether each execution path in the control flow graph includes a permission check node between the respective public entry node and the candidate security-sensitive entity node in the respective execution path. Each permission check node may correspond to a permission check in the software library.Type: ApplicationFiled: April 29, 2016Publication date: November 2, 2017Inventors: Yi Lu, Padmanabhan Krishnan, Raghavendra Kagalavadi Ramesh, Sora Bae
-
Patent number: 9807101Abstract: A method for analyzing a software library may include obtaining the software library, identifying a candidate security-sensitive entity in the software library, and generating a control flow graph that includes execution paths. Each execution path may include a public entry node corresponding to a public entry and a candidate security-sensitive entity node corresponding to the candidate security-sensitive entity. The public entry is a point where an application program external to the software library may access the software library. The method may further include determining whether each execution path in the control flow graph includes a permission check node between the respective public entry node and the candidate security-sensitive entity node in the respective execution path. Each permission check node may correspond to a permission check in the software library.Type: GrantFiled: April 29, 2016Date of Patent: October 31, 2017Assignee: Oracle International CorporationInventors: Yi Lu, Padmanabhan Krishnan, Raghavendra Kagalavadi Ramesh, Sora Bae
-
Publication number: 20170110113Abstract: An electronic device is provided. The electronic device includes a processor and a memory electrically connected to the processor. The memory stores a super-clustered common acoustic data set and instructions to allow the processor to acquire at least one text, select information associated with a speech into which the acquired text is transformed, when the selected information is first information, select at least one of first paths, load elements of the super-clustered common acoustic data set based on the selected first paths, and generate a first acoustic signal based on the elements of the super-clustered common acoustic data set, and when the selected information is second information, select at least one of second paths, load elements of the super-clustered common acoustic data set based on the at least one second path, and generate a second acoustic signal based on the elements of the super-clustered common acoustic data set.Type: ApplicationFiled: October 14, 2016Publication date: April 20, 2017Inventors: Junesig SUNG, Gunu JHO, Jaecheol BAE, Gwanghoon KIM, Hana KO, Sora BAE, Eunzu YUN, Hongil CHO