-
公开(公告)号:WO2014049499A3
公开(公告)日:2014-05-22
申请号:PCT/IB2013058691
申请日:2013-09-20
Inventor: TRIPP OMER , SALTZMAN ROI , HAY ROEE , KALMAN DANIEL
IPC: G06F21/56
CPC classification number: G06F21/56 , G06F21/51 , G06F21/561 , G06F21/562 , G06F21/566
Abstract: Identifying whether a first application is malicious. The first application can be presented for installation on a processing system. The first application can be scanned, via a static analysis implemented by a processor, to determine whether a user interface layout of the first application is suspiciously similar to a user interface layout of a second application installed on the processing system. When the user interface layout of the first application is suspiciously similar to the user interface layout of the second application installed on the processing system, an alert can be generated indicating that the first application is malicious.
Abstract translation: 识别第一个应用程序是否是恶意的。 可以将第一个应用程序呈现在处理系统上进行安装。 可以通过由处理器实现的静态分析来扫描第一应用,以确定第一应用的用户界面布局是否可疑地类似于安装在处理系统上的第二应用的用户界面布局。 当第一应用的用户界面布局与安装在处理系统上的第二应用的用户界面布局可疑地相似时,可以产生指示第一应用是恶意的警报。
-
Patent Agency Ranking
公开(公告)号:DE102012209006A1
公开(公告)日:2012-12-06
申请号:DE102012209006
申请日:2012-05-29
Applicant: IBM
Inventor: HAY ROEE , AMIT YAIR , SALTZMAN ROI
Abstract: Ein System zum Erkennen von Sicherheitslücken in Web-Anwendungen beim Heraufladen von Dateien, das eine Black-Box-Testeinheit, die so eingerichtet ist, dass sie eine Datei zusammen mit einer zu der Datei gehörigen Signatur über eine durch eine Web-Anwendung verfügbar gemachte Dateiheraufladeschnittstelle herauflädt, und eine Ausführungsüberwachungseinheit beinhaltet, die so eingerichtet ist, dass sie Daten empfängt, die durch Instrumentierungsbefehle in der Web-Anwendung während der Ausführung der Web-Anwendung bereitgestellt werden, wobei die Ausführungsüberwachungseinheit so eingerichtet ist, dass sie die Signatur der heraufgeladenen Datei als Kennzeichen dafür erkennt, dass die heraufgeladene Datei durch die Black-Box-Testeinheit heraufgeladen wurde, und wobei die Ausführungsüberwachungseinheit so eingerichtet ist, dass sie beliebige der Daten dazu nutzt, zumindest eine vordefinierte Ermittlung durchzuführen, um die Sicherheitslücke der Web-Anwendung für einen Dateiherauflade-Exploit zu beurteilen.
-
公开(公告)号:GB2491434A
公开(公告)日:2012-12-05
申请号:GB201206115
申请日:2012-04-05
Applicant: IBM
Inventor: HAY ROEE , AMIT YAIR , SALTZMAN ROI
Abstract: A system for detecting file upload vulnerabilities in a web application 110 running on a server 110. The system includes a black-box tester 112 configured to upload, via a file upload interface of a web application, a file together with a signature associated with the file. An execution monitor 108 is configured to receive information provided by instrumentation instructions 102 within the web application, particularly associated with file upload processing instructions 106, during the execution of the web application. The execution monitor is configured to recognize the signature of the uploaded file as indicating that the uploaded file was uploaded by the black-box tester and use the information to assess the vulnerability of the web application to a file upload exploit. The assessment of vulnerability can be based upon predefined categorisation criteria 114 and the system may produce a report of vulnerabilities detected.
-
公开(公告)号:GB2519882B
公开(公告)日:2015-10-21
申请号:GB201501410
申请日:2013-09-20
Applicant: IBM
Inventor: TRIPP OMER , SALTZMAN ROI , HAY ROEE , KALMAN DANIEL
Abstract: A first application being presented for installation on a processing system can be detected. The first application can be scanned, via a static analysis, to determine whether a user interface layout of the first application is suspiciously similar to a user interface layout of a second application installed on the processing system. If the static analysis is indeterminate, a runtime analysis of the first application can determine whether the interface layout implemented by the first application is suspiciously similar to the user interface layout of the second application. If the user interface layout implemented by the first application is suspiciously similar to the user interface layout of the second application installed on the processing system, the first application can be identified as being unsafe.
-
公开(公告)号:GB2519882A
公开(公告)日:2015-05-06
申请号:GB201501410
申请日:2013-09-20
Applicant: IBM
Inventor: TRIPP OMER , SALTZMAN ROI , HAY ROEE , KALMAN DANIEL
Abstract: Identifying whether a first application is malicious. The first application can be presented for installation on a processing system. The first application can be scanned, via a static analysis implemented by a processor, to determine whether a user interface layout of the first application is suspiciously similar to a user interface layout of a second application installed on the processing system. When the user interface layout of the first application is suspiciously similar to the user interface layout of the second application installed on the processing system, an alert can be generated indicating that the first application is malicious.
-
公开(公告)号:GB2515663A
公开(公告)日:2014-12-31
申请号:GB201413442
申请日:2013-01-11
Applicant: IBM
Inventor: SEGAL ORI , BACHAR RONEN , SALTZMAN ROI , NORDAN RON , KREICHMAN IGAL , AMIT YAIR , LOTEM GUY
IPC: G06F21/55
Abstract: Collecting log file data from at least one log file. From the collected log file data, at least one HTTP request can be generated to exercise a web application to perform a security analysis of the web application. The HTTP request can be communicated to the web application. At least one HTTP response to the HTTP request can be received. The HTTP response can be analyzed to perform validation of the web application. Results of the validation can be output.
-
-
-
-
-
Search Results
6
records
(took 0.016 seconds)
