JP2010515177A - 自動的脆弱性検出および応答 - Google Patents

自動的脆弱性検出および応答 Download PDF

Info

Publication number
JP2010515177A
JP2010515177A JP2009544323A JP2009544323A JP2010515177A JP 2010515177 A JP2010515177 A JP 2010515177A JP 2009544323 A JP2009544323 A JP 2009544323A JP 2009544323 A JP2009544323 A JP 2009544323A JP 2010515177 A JP2010515177 A JP 2010515177A
Authority
JP
Japan
Prior art keywords
crash
interface
function
user
program
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
JP2009544323A
Other languages
English (en)
Japanese (ja)
Other versions
JP2010515177A5 (enExample
Inventor
ロジャース ジャスティン
エム.ローレンス エリック
エフ.ブリッジ ヘンリー
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Microsoft Corp
Original Assignee
Microsoft Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Microsoft Corp filed Critical Microsoft Corp
Publication of JP2010515177A publication Critical patent/JP2010515177A/ja
Publication of JP2010515177A5 publication Critical patent/JP2010515177A5/ja
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F15/00Digital computers in general; Data processing equipment in general
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/0703Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
    • G06F11/0706Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation the processing taking place on a specific hardware platform or in a specific software environment
    • G06F11/0748Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation the processing taking place on a specific hardware platform or in a specific software environment in a remote unit communicating with a single-box computer node experiencing an error/fault
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/0703Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
    • G06F11/079Root cause analysis, i.e. error or fault diagnosis

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Quality & Reliability (AREA)
  • Computing Systems (AREA)
  • Debugging And Monitoring (AREA)
  • Computer And Data Communications (AREA)
  • Storage Device Security (AREA)
  • Radar Systems Or Details Thereof (AREA)
JP2009544323A 2006-12-29 2007-12-31 自動的脆弱性検出および応答 Pending JP2010515177A (ja)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US11/618,470 US8453245B2 (en) 2006-12-29 2006-12-29 Automatic vulnerability detection and response
PCT/US2007/089221 WO2008083382A1 (en) 2006-12-29 2007-12-31 Automatic vulnerability detection and response

Publications (2)

Publication Number Publication Date
JP2010515177A true JP2010515177A (ja) 2010-05-06
JP2010515177A5 JP2010515177A5 (enExample) 2011-02-17

Family

ID=39586025

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2009544323A Pending JP2010515177A (ja) 2006-12-29 2007-12-31 自動的脆弱性検出および応答

Country Status (10)

Country Link
US (1) US8453245B2 (enExample)
EP (1) EP2118802A4 (enExample)
JP (1) JP2010515177A (enExample)
KR (1) KR20090117705A (enExample)
CN (1) CN101573712A (enExample)
AU (1) AU2007341952B2 (enExample)
BR (1) BRPI0720666A2 (enExample)
MX (1) MX2009007064A (enExample)
RU (1) RU2462754C2 (enExample)
WO (1) WO2008083382A1 (enExample)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101619691B1 (ko) 2015-01-22 2016-05-10 주식회사 엔씨소프트 프로그램 오류 분석 방법 및 시스템
JP2018522359A (ja) * 2015-08-11 2018-08-09 シマンテック コーポレーションSymantec Corporation コンピューティングプロセス内の未知の脆弱性を検出するためのシステム及び方法
WO2018154701A1 (ja) * 2017-02-24 2018-08-30 株式会社Fuji 不具合情報共有システム

Families Citing this family (30)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8453245B2 (en) 2006-12-29 2013-05-28 Microsoft Corporation Automatic vulnerability detection and response
US8627475B2 (en) * 2010-04-08 2014-01-07 Microsoft Corporation Early detection of potential malware
US20120311715A1 (en) * 2011-05-30 2012-12-06 Yaron Tal System and method for protecting a website from hacking attacks
CN103595708B (zh) * 2013-10-22 2017-08-25 北京奇虎科技有限公司 浏览器异常关闭的处理方法、系统、浏览器和服务器
CN106453509B (zh) * 2013-10-22 2019-06-04 北京奇虎科技有限公司 浏览器异常关闭的处理方法、系统、浏览器和服务器
US10445505B2 (en) 2014-09-22 2019-10-15 Mcafee, Llc Process vulnerability assessment
US10089473B2 (en) 2014-12-24 2018-10-02 Sap Se Software nomenclature system for security vulnerability management
CN110096873B (zh) 2018-01-31 2025-03-25 开利公司 通过补丁变换的自动诱饵推导
US11886390B2 (en) 2019-04-30 2024-01-30 JFrog Ltd. Data file partition and replication
US11340894B2 (en) 2019-04-30 2022-05-24 JFrog, Ltd. Data file partition and replication
US11386233B2 (en) 2019-04-30 2022-07-12 JFrog, Ltd. Data bundle generation and deployment
US10972289B2 (en) 2019-07-19 2021-04-06 JFrog, Ltd. Software release verification
US10999314B2 (en) * 2019-07-19 2021-05-04 JFrog Ltd. Software release tracking and logging
US11307920B2 (en) 2019-11-26 2022-04-19 Disney Enterprises, Inc. Automated crash recovery
RU2739831C1 (ru) * 2019-11-27 2020-12-28 Акционерное общество "Лаборатория Касперского" Способ устранения неполадки, возникшей при работе приложения
RU2739867C1 (ru) * 2019-11-27 2020-12-29 Акционерное общество "Лаборатория Касперского" Способ определения модуля приложения, связанного с причиной неполадки, возникшей при работе приложения
US11860680B2 (en) 2020-11-24 2024-01-02 JFrog Ltd. Software pipeline and release validation
US12061889B2 (en) 2021-10-29 2024-08-13 JFrog Ltd. Software release distribution across a hierarchical network
US12169568B2 (en) * 2022-10-19 2024-12-17 Dell Products, L.P. Systems and methods for vulnerability proofing when booting an IHS
US12174968B2 (en) * 2022-10-19 2024-12-24 Dell Products, L.P. Systems and methods for vulnerability proofing when adding and replacing IHS hardware
US12158959B2 (en) * 2022-10-19 2024-12-03 Dell Products, L.P. Systems and methods for vulnerability proofing when updating an IHS
US12141294B2 (en) * 2022-10-20 2024-11-12 Dell Products, L.P. Systems and methods for context-aware vulnerability risk scores
US12153685B2 (en) * 2022-10-20 2024-11-26 Dell Products, L.P. Systems and methods for vulnerability proofing when using a bootable image
US12137112B2 (en) * 2022-10-20 2024-11-05 Dell Products, L.P. Systems and methods for vulnerability proofed cluster management
US12135794B2 (en) * 2022-10-20 2024-11-05 Dell Products, L.P. Systems and methods for validated vulnerability proofing
US12141295B2 (en) * 2022-10-21 2024-11-12 Dell Products, L.P. Systems and methods for vulnerability proofing machine learning recommendations
US12235970B2 (en) * 2022-10-21 2025-02-25 Dell Products, L.P. Systems and methods for aggregated vulnerability proofing of an IHS
US12223059B2 (en) * 2022-10-21 2025-02-11 Dell Products, L.P. Systems and methods for vulnerability proofing when configuring an IHS
US12130931B2 (en) * 2022-10-21 2024-10-29 Dell Products, L.P. Systems and methods for vulnerability proofing interdependent IHS components
US12147544B2 (en) * 2022-10-21 2024-11-19 Dell Products, L.P. Systems and methods for vulnerability proofing during IHS provisioning

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH0433105A (ja) * 1990-05-30 1992-02-04 Toshiba Corp プログラマブル・コントローラのプログラム監視装置
JP2002264455A (ja) * 2001-03-07 2002-09-18 Canon Inc 画像形成装置および画像形成装置管理装置および画像形成装置の制御方法および画像形成装置管理装置の制御方法および記憶媒体
US6629267B1 (en) * 2000-05-15 2003-09-30 Microsoft Corporation Method and system for reporting a program failure
JP2006094046A (ja) * 2004-09-22 2006-04-06 Fuji Xerox Co Ltd 複合機および複合機の管理システム
JP2006127422A (ja) * 2004-11-01 2006-05-18 Ntt Docomo Inc 端末制御装置及び端末制御方法
JP2006228206A (ja) * 2005-02-17 2006-08-31 Microsoft Corp 識別された脆弱性を遮蔽するためのシステムおよび方法

Family Cites Families (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6874084B1 (en) * 2000-05-02 2005-03-29 International Business Machines Corporation Method and apparatus for establishing a secure communication connection between a java application and secure server
US6675295B1 (en) * 2000-06-19 2004-01-06 Microsoft Corporation Method and computer system for detecting and correcting a failure in a computer application program during startup
US6708333B1 (en) * 2000-06-23 2004-03-16 Microsoft Corporation Method and system for reporting failures of a program module in a corporate environment
US20020124172A1 (en) * 2001-03-05 2002-09-05 Brian Manahan Method and apparatus for signing and validating web pages
US7313822B2 (en) 2001-03-16 2007-12-25 Protegrity Corporation Application-layer security method and system
US7096362B2 (en) * 2001-06-01 2006-08-22 International Business Machines Corporation Internet authentication with multiple independent certificate authorities
US7231659B2 (en) * 2001-07-31 2007-06-12 Verisign, Inc. Entity authentication in a shared hosting computer network environment
US7562222B2 (en) * 2002-05-10 2009-07-14 Rsa Security Inc. System and method for authenticating entities to users
US8042179B2 (en) 2003-09-04 2011-10-18 Science Park Corporation False code execution prevention method, program for the method, and recording medium for recording the program
US7437764B1 (en) * 2003-11-14 2008-10-14 Symantec Corporation Vulnerability assessment of disk images
RU2261470C1 (ru) * 2004-03-01 2005-09-27 Федеральное государственное унитарное предприятие "Научно-производственное предприятие "Полет" Устройство программного управления
US7413085B2 (en) * 2004-09-07 2008-08-19 Iconix, Inc. Techniques for displaying emails listed in an email inbox
US7979889B2 (en) * 2005-01-07 2011-07-12 Cisco Technology, Inc. Methods and apparatus providing security to computer systems and networks
US7743254B2 (en) * 2005-03-23 2010-06-22 Microsoft Corporation Visualization of trust in an address bar
US7735136B2 (en) * 2005-04-18 2010-06-08 Vmware, Inc. 0-touch and 1-touch techniques for improving the availability of computer programs under protection without compromising security
US8453245B2 (en) 2006-12-29 2013-05-28 Microsoft Corporation Automatic vulnerability detection and response

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH0433105A (ja) * 1990-05-30 1992-02-04 Toshiba Corp プログラマブル・コントローラのプログラム監視装置
US6629267B1 (en) * 2000-05-15 2003-09-30 Microsoft Corporation Method and system for reporting a program failure
JP2002264455A (ja) * 2001-03-07 2002-09-18 Canon Inc 画像形成装置および画像形成装置管理装置および画像形成装置の制御方法および画像形成装置管理装置の制御方法および記憶媒体
JP2006094046A (ja) * 2004-09-22 2006-04-06 Fuji Xerox Co Ltd 複合機および複合機の管理システム
JP2006127422A (ja) * 2004-11-01 2006-05-18 Ntt Docomo Inc 端末制御装置及び端末制御方法
JP2006228206A (ja) * 2005-02-17 2006-08-31 Microsoft Corp 識別された脆弱性を遮蔽するためのシステムおよび方法

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101619691B1 (ko) 2015-01-22 2016-05-10 주식회사 엔씨소프트 프로그램 오류 분석 방법 및 시스템
JP2018522359A (ja) * 2015-08-11 2018-08-09 シマンテック コーポレーションSymantec Corporation コンピューティングプロセス内の未知の脆弱性を検出するためのシステム及び方法
WO2018154701A1 (ja) * 2017-02-24 2018-08-30 株式会社Fuji 不具合情報共有システム
JPWO2018154701A1 (ja) * 2017-02-24 2019-11-07 株式会社Fuji 不具合情報共有システム
US11157344B2 (en) 2017-02-24 2021-10-26 Fuji Corporation Failure information sharing system

Also Published As

Publication number Publication date
AU2007341952A1 (en) 2008-07-10
MX2009007064A (es) 2009-07-09
EP2118802A4 (en) 2012-08-22
RU2009129132A (ru) 2011-02-10
RU2462754C2 (ru) 2012-09-27
US20080163374A1 (en) 2008-07-03
BRPI0720666A2 (pt) 2014-01-14
CN101573712A (zh) 2009-11-04
AU2007341952B2 (en) 2011-10-13
US8453245B2 (en) 2013-05-28
EP2118802A1 (en) 2009-11-18
KR20090117705A (ko) 2009-11-12
WO2008083382A1 (en) 2008-07-10

Similar Documents

Publication Publication Date Title
JP2010515177A (ja) 自動的脆弱性検出および応答
US12282549B2 (en) Methods and apparatus for malware threat research
TWI559166B (zh) 應用程式的威脅程度評估
RU2566329C2 (ru) Способ защиты компьютерной системы от вредоносного программного обеспечения
CN112541178B (zh) 控制流完整性实施的设备和方法
Reis et al. Browser security: lessons from google chrome
US7665139B1 (en) Method and apparatus to detect and prevent malicious changes to tokens
US8561198B2 (en) Detection of malicious system calls
US20170331848A1 (en) System and method of comparative evaluation for phishing mitigation
CN103890771A (zh) 用户定义的对抗措施
CN101529385A (zh) 用于修复应用程序的方法和系统
JPWO2004075060A1 (ja) コンピュータウィルス判断方法
Seifert et al. Capture–A behavioral analysis tool for applications and documents
CN111177726A (zh) 一种系统漏洞检测方法、装置、设备及介质
CN113544676A (zh) 攻击估计装置、攻击控制方法和攻击估计程序
US10880316B2 (en) Method and system for determining initial execution of an attack
US9483645B2 (en) System, method, and computer program product for identifying unwanted data based on an assembled execution profile of code
KR100976961B1 (ko) 인터넷 사이트 보안 시스템 및 그 방법
EP3482335A2 (en) Mitigation of malicious actions associated with graphical user interface elements
Yu et al. MiniTaintDev: Unveiling Mini-App Vulnerabilities through Dynamic Taint Analysis
Dao et al. Security sensitive data flow coverage criterion for automatic security testing of web applications
KR20090080220A (ko) 유해 프로세스 검출/차단 재발방지 방법
CA3236695A1 (en) Memory hybrid-dynamic vulnerability assessment
Turner To Patch or Not to Patch?
CN117852041A (zh) 漏洞检测样本的防御机制突破功能识别与迁移方法和系统

Legal Events

Date Code Title Description
A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20101224

A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20101224

A977 Report on retrieval

Free format text: JAPANESE INTERMEDIATE CODE: A971007

Effective date: 20120207

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20120210

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20120510

A02 Decision of refusal

Free format text: JAPANESE INTERMEDIATE CODE: A02

Effective date: 20120713