US20220318332A1 - Intelligent naming of application program interfaces - Google Patents

Intelligent naming of application program interfaces Download PDF

Info

Publication number
US20220318332A1
US20220318332A1 US17/339,946 US202117339946A US2022318332A1 US 20220318332 A1 US20220318332 A1 US 20220318332A1 US 202117339946 A US202117339946 A US 202117339946A US 2022318332 A1 US2022318332 A1 US 2022318332A1
Authority
US
United States
Prior art keywords
nodes
same
node
digital data
data structure
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
US17/339,946
Inventor
Shubham Jindal
Avinash Kolluru
Ravindra Guntar
Anuj Toyal
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Traceable Inc
Original Assignee
Traceable Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Traceable Inc filed Critical Traceable Inc
Priority to US17/339,946 priority Critical patent/US20220318332A1/en
Publication of US20220318332A1 publication Critical patent/US20220318332A1/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/08Learning methods
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/901Indexing; Data structures therefor; Storage structures
    • G06F16/9027Trees
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/955Retrieval from the web using information identifiers, e.g. uniform resource locators [URL]
    • G06F16/9566URL specific, e.g. using aliases, detecting broken or misspelled links
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/54Interprogram communication
    • G06F9/541Interprogram communication via adapters, e.g. between incompatible applications
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/54Interprogram communication
    • G06F9/543User-generated data transfer, e.g. clipboards, dynamic data exchange [DDE], object linking and embedding [OLE]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/54Interprogram communication
    • G06F9/547Remote procedure calls [RPC]; Web services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/04Architecture, e.g. interconnection topology
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/133Protocols for remote procedure calls [RPC]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/034Test or assess a computer or a system
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/2866Architectures; Arrangements
    • H04L67/30Profiles
    • H04L67/303Terminal profiles

Definitions

  • API application program interface
  • the present technology renames a number of uniform resource locators as application program interfaces in an intelligent way based on live traffic.
  • Live traffic between a server and multiple users is monitored and intercepted by an agent.
  • the agent may be within the customer server, or positioned elsewhere to intercept traffic between users and the server. Intercepted traffic is forwarded to a remote server that processes the traffic.
  • Generating API names may be based on nodes in a URL.
  • a URL may be considered to have a domain followed by a path. The path may have one or more portions, wherein each path portion begins with a forward slash.
  • a digital data structure can be generated from a URL, wherein the domain and each path portion can correspond to a node in the digital data structure. For example, for the URL of /server/request/ 1234 , the digital data structure can be considered to have a first node of server, a second note of request, and a third node of 1234 . For URLs having matching nodes, the digital data structure represents the matching nodes as a single node. For URLs having nodes that are different, the different nodes may branch out from the previous node in the hierarchy.
  • the digital data structure may have base nodes of /server/request/and to third level notes that branch out from request and consist of 123 and 234 .
  • Processing includes building a digital data structure, such as a trie, that represents nodes or portions generated from each URL.
  • a digital data structure such as a trie
  • the present system may replace those different nodes with a representative node.
  • the representative node replaces the nodes at the same hierarchical level having the same type, but having different values.
  • the replacement representative node is provided in response to detecting that specifications associated with the nodes being replaced are related or the same. For example, if the specifications for requests for the nodes have a similar format and specifications for the responses for nodes have a similar format, the nodes may be replaced with a replacement representative node.
  • a method can generate application program interfaces from uniform resource locator information.
  • the method can include receiving intercepted requests and responses sent to a URL address at the first server by a plurality of remote computing devices.
  • the method continues with building a digital data structure based on the URLs to which the requests and the responses are sent, the digital data structure including a single node for identical portions of URLs located at the same hierarchical position within the digital data structure and including a separate node for different portions of URLs located at the same hierarchical position within the digital data structure, wherein each separate node is associated with a node type and a value.
  • Specification data associated with a plurality of nodes which have the same hierarchical position, the same value type, and a different value can be compared.
  • An API is generated based on two or more of the plurality of nodes which have the same hierarchical position and same value type, the new name based at least in part on the compared specification.
  • a non-transitory computer readable storage medium has embodied thereon a program that is executable by a processor to perform a method.
  • the method generates application program interfaces from uniform resource locator information.
  • the method can include receiving intercepted requests and responses sent to a URL address at the first server by a plurality of remote computing devices.
  • the method continues with building a digital data structure based on the URLs to which the requests and the responses are sent, the digital data structure including a single node for identical portions of URLs located at the same hierarchical position within the digital data structure and including a separate node for different portions of URLs located at the same hierarchical position within the digital data structure, wherein each separate node is associated with a node type and a value.
  • Specification data associated with a plurality of nodes which have the same hierarchical position, the same value type, and a different value can be compared.
  • An API is generated based on two or more of the plurality of nodes which have the same hierarchical position and same value type, the new name based at least in part on the compared specification.
  • a system can include a server, memory and one or more processors.
  • One or more modules may be stored in memory and executed by the processors to receive intercepted requests and responses sent to a URL address at the first server by a plurality of remote computing devices, build a digital data structure based on the URLs to which the requests and the responses are sent, the digital data structure including a single node for identical portions of URLs located at the same hierarchical position within the digital data structure and including a separate node for different portions of URLs located at the same hierarchical position within the digital data structure, wherein each separate node is associated with a node type and a value, compare specification data associated with a plurality of nodes which have the same hierarchical position, the same value type, and a different value, and generate an API based on two or more of the plurality of nodes which have the same hierarchical position and same value type, the new name based at least in part on the compared specification.
  • FIG. 1 is a block diagram of a system for intelligently naming APIs.
  • FIG. 2 is a block diagram of an application that intelligently names APIs.
  • FIG. 3 is a method for intelligently naming APIs.
  • FIG. 4 is a method for building digital data structures from URLs.
  • FIG. 5 is a method for determining if digital data structures are associated with matching specifications.
  • FIG. 6 illustrates URLs from which an API can be intelligently named.
  • FIG. 7 illustrates a representation of a digital data structure.
  • FIG. 8 illustrates an intelligently named API based on the URLs of FIG. 6 .
  • FIG. 9 is a block diagram of a system for implementing machines that implement the present technology.
  • the present system renames a number of uniform resource locators as application program interfaces in an intelligent way based on live traffic.
  • Live traffic between a server and multiple users is monitored and intercepted by an agent.
  • the agent may be within the customer server, or positioned elsewhere to intercept traffic between users and the server. Intercepted traffic is forwarded to a remote server that processes the traffic.
  • Generating API names may be based on nodes in a URL.
  • a URL may be considered to have a domain followed by a path. The path may have one or more portions, wherein each path portion begins with a forward slash.
  • a digital data structure can be generated from a URL, wherein the domain and each path portion can correspond to a node in the digital data structure. For example, for the URL of /server/request/ 1234 , the digital data structure can be considered to have a first node of server, a second note of request, and a third node of 1234 . For URLs having matching nodes, the digital data structure represents the matching nodes as a single node. For URLs having nodes that are different, the different nodes may branch out from the previous node in the hierarchy.
  • the digital data structure may have base nodes of /server/request/and to third level notes that branch out from request and consist of 123 and 234 .
  • Processing includes building a digital data structure, such as a trie, that represents nodes or portions generated from each URL.
  • a digital data structure such as a trie
  • the present system may replace those different nodes with a representative node.
  • the representative node replaces the nodes at the same hierarchical level having the same type, but having different values.
  • the replacement representative node is provided in response to detecting that specifications associated with the nodes being replaced are related or the same. For example, if the specifications for requests for the nodes have a similar format and specifications for the responses for nodes have a similar format, the nodes may be replaced with a replacement representative node.
  • FIG. 1 is a block diagram of a system for intelligently naming (i.e., generating) APIs.
  • the block diagram 100 of FIG. 1 includes client devices 110 - 140 , customer server 150 , network 160 , API naming server 170 , and data store 180 .
  • Client devices 110 - 140 may send requests to and receive responses from customer server 150 .
  • the client devices may be any device which can access the service, network page, webpage, or other content from customer server 150 .
  • Client devices 110 - 140 may send a request to customer server 150 , and customer server 150 may send a response to the devices based on the request.
  • the request may be sent to a particular URL provided by customer server 150 in the sponsors may be sent from the same URL or different URLs. Though only for four client devices are shown, any number of client devices may be used to interact with customer server 150 .
  • Customer server 150 may provide a service to client devices 110 - 140 .
  • Agent 152 on customer server 150 may monitor the communication between customer server 150 and client devices 110 - 140 and intercept traffic between the server and the devices. Upon intercepting the traffic, agent 152 may forward the traffic to application 172 on API naming server 170 .
  • one or more agents may be installed on customer server 150 , which may be implemented by one or more physical or logical machines. In some instances, server 150 may actually be implemented by multiple servers in different locations, providing a distributed service for devices 110 - 140 . In any case, one or more agents 152 may be installed to intercept requests and responses sent between devices 110 - 140 and customer server 150 and for those requests and responses to application 172 on server 170 .
  • Network 140 may include one or more private networks, public networks, intranets, the Internet, an intranet, wide-area networks, local area networks, cellular networks, radio-frequency networks, Wi-Fi networks, any other network which may be used to transmit data, and any combination of these networks.
  • Client devices 110 - 140 , customer server 150 , API naming server 170 , and data store 180 may all communicate over network 160 .
  • API naming server 170 may be implemented as one or more physical or logical machines that provide API naming functionality as described herein.
  • API naming server may include one or more applications 172 .
  • the application 172 may be stored on one or more API naming servers 170 and be executed to perform functionality as described herein.
  • API naming server and application 172 may both communicate over network 160 and data store 180 .
  • data store 180 may include one or more URLs, generated API names, and other data.
  • FIG. 2 is a block diagram of an application that intelligently names APIs.
  • Application 172 of FIG. 2 provides more detail for application 172 of the system of FIG. 1 .
  • Application 172 includes one or more modules, including digital data structure builder to 10 , specification analyzer 220 , node threshold engine 230 , and API naming manager 240 .
  • Digital data structure builder 210 may build a data structure from received URLs at application 172 .
  • Digital data structure may replace nodes, increment node counters, and otherwise build and manage digital data structures.
  • Specification analyzer 220 may analyze specifications related to intercepted URLs.
  • specification analyzer 220 may access and compare the specification between URL requests, URL responses, and other data associated with a URL.
  • Node threshold engine 230 may determine if the number of occurrences of a particular node value and type at a particular position in a node hierarchy has exceeded a threshold associated with a particular node hierarchy position and type.
  • the node threshold engine may maintain a counter, increment a counter, and flag nodes for which the threshold has or has not been exceeded.
  • API naming manager 240 may generate an API name based on URL similarity and specification analysis. API naming manager may generate the API name and store the API locally at server 170 or remotely at data store 180 .
  • Application 172 may include more or fewer modules and the listed, and the modules as it may be grouped together or divided into multiple modules to implement the technology described herein.
  • FIG. 3 is a method for intelligently naming APIs.
  • the method of FIG. 3 begins with installing an agent in a customer system to intercept customer traffic at step 310 .
  • Installing the agent may be performed remotely or locally by an admin.
  • the agent may be installed, within the customer server or elsewhere, to intercept traffic between the server and computing devices associated with users of the server. Once installed, the agent may intercept traffic between the customer computing devices and the server.
  • Live traffic consisting of URL requests and responses sent between computing devices and a server are intercepted at step 320 .
  • the computing devices may be associated with customers of the particular server.
  • the request may be intercepted by one or more agents located within a customer server or otherwise positioned to intercept traffic between users of the server, for example from one or more computing devices to the customer servers.
  • intercepted traffic includes requests and responses sent to and from URLs supported by the customer server.
  • the URL traffic is forwarded by the agent to the API naming server at step 330 .
  • the URL traffic may include a request, a corresponding response, the URL to which the request and response were sent to and from, and other data.
  • the agent may send the data in batches, periodically, or based on an event.
  • a digital data structure is built from URLs at step 340 .
  • a digital data structure may include nodes generated at least in part from or derived from received URLs.
  • the digital data structure may be a trie.
  • the digital data structure may be built and updated as additional traffic information is received from one or more remote agents. More data for building digital data structures is discussed with respect to the method of FIG. 4 .
  • the specifications may be associated with nodes at the same level, and may be specifications related to a node request, response, or some other specification. Determining if digital data structure nodes at the same level in a URL hierarchy are associated with matching specifications is discussed in more detail with respect to the method of FIG. 5 .
  • An API is renamed with related digital data structure nodes at the same level at step 360 .
  • Renaming an API with digital data structure nodes that are related may be performed if the digital data structure nodes represent the same type, are the same hierarchical level, and have specifications that match.
  • FIG. 6 An example of APIs that are generated or renamed are illustrated in FIG. 6 .
  • the APIs 600 of FIG. 6 begin with a path of /api/profiles/.
  • the next path portion in each URL of FIG. 6 is a number.
  • the path portions after each number include text “view” and “requests.”
  • the digital data structure constructed from the URLs of FIG. 6 is displayed in FIG. 7 .
  • the numbers that make up the third node of the digital data structure can be examined to see if they're the same type (e.g., integer, GUID, etc.), and their related specifications match.
  • the nodes have specifications that match.
  • the API names generated from the URLs are those as illustrated in FIG. 8 .
  • FIGS. 6-8 are discussed in more detail below.
  • the renamed APIs may be stored at step 370 .
  • the APIs may be stored locally at API naming server 170 or at a remote location, such as for example a data store 180 .
  • FIG. 4 is a method for building digital data structures from URLs.
  • the method of FIG. 4 provides more detail for step 340 of the method of FIG. 3 .
  • a digital data structure is built from the received URLs at step 410 .
  • the digital data structure may be built in any of several ways, including as a trie.
  • a trie may have several nodes, each of which correspond to a portion of a URL path separated by a forward slash.
  • An example of a trie built from a series of URLs is illustrated and discussed in more detail with respect to FIG. 7 .
  • a node counter is incremented for the nodes at step 420 .
  • the node counter is used to track how many occurrences of a particular node occur in order to determine if that particular node should be combined to a single node within a named API.
  • the threshold may depend on the type associated with the node. For example, if a node has an integer type, the threshold may be 5, 8, 10, 12, or some other value between 5-25. If a node represents a GUID type, the threshold may also be somewhere between 5-25. If a node represents a string type, the threshold may be much larger, such as for example 100, 200 or even higher. In some instances, a threshold for any type may be as low as 2 or greater than 10,000, depending on design preferences. If the node counter is not exceeded a threshold for a node type at step 430 , the method returns to step 420 . If the node counter does exceed the threshold for the node type, then the particular note is flagged for a naming replacement at step 440 .
  • FIG. 5 is a method for determining if digital data structures are associated with matching specifications.
  • the method of FIG. 5 provides more detail for step 350 of the method of FIG. 3 .
  • URL requests are accessed for a digital data structure node level that satisfies a threshold at step 510 . These URL requests include requests that were made to the URL by computing devices in communication with the server providing the URL.
  • the access URL request specifications are then compared at step 250 .
  • a determination is then made if the request for stations match at step 530 .
  • the request specifications match if they include similar formats in the request header, request body, and other aspects of the request. If the request specifications do not match, then the request may be associated with different URLs, and should not be combined into a single API. In this case, the method of FIG. 5 continues to step 570 where the digital data structure nodes are determined to not match at step 570 .
  • access URL response specifications are compared at step 540 .
  • the response specifications may be compared to determine if the response header, response body, and other portions of the responses match in content and/or format. If the response specifications match at step 550 , the digital data structure nodes are determined to match at step 560 . If the response specifications do not match at step 550 , it is determined that the digital data structure nodes do not match at step 570 .
  • FIG. 6 illustrates URLs from which an API can be intelligently named.
  • the URLs of FIG. 6 can be provided by a server which receives requests and provides responses to computing devices accessing services provided by the server.
  • the URLs each include a path that contains “/api/profiles/” but have subsequent portions of a path that differ.
  • a digital data structure for the URLs in FIG. 6 is shown in FIG. 7 .
  • FIG. 7 illustrates a representation of a digital data structure.
  • the digital data structure of FIG. 7 is a trie, other types of digital data structures can be used to organize URL paths into nodes.
  • the top or parent node is API
  • the second note is profiles, corresponding to the first portions of the path of the URLs in FIG. 6 .
  • From the profiles note there are three child nodes, 123 , 234 , and 456 . These correspond to the different sub paths from the “profiles” path portion.
  • the child node 123 includes child nodes of view and requests
  • the child node 234 includes a child node of view
  • the child node of 456 includes a child node of requests.
  • APIs may be named from the trie illustrated in FIG. 7 , each of which include replacement type after the node “profiles.” The two named APIs are illustrated in FIG. 8 .
  • FIG. 9 is a block diagram of a system for implementing machines that implement the present technology.
  • System 900 of FIG. 9 may be implemented in the contexts of the likes of machines that implement client devices 110 - 140 , customer server 150 , API naming server 170 , and data store 180 .
  • the computing system 900 of FIG. 9 includes one or more processors 910 and memory 920 .
  • Main memory 920 stores, in part, instructions and data for execution by processor 910 .
  • Main memory 920 can store the executable code when in operation.
  • the system 900 of FIG. 9 further includes a mass storage device 930 , portable storage medium drive(s) 940 , output devices 950 , user input devices 960 , a graphics display 970 , and peripheral devices 980 .
  • processor unit 910 and main memory 920 may be connected via a local microprocessor bus, and the mass storage device 930 , peripheral device(s) 980 , portable storage device 940 , and display system 970 may be connected via one or more input/output (I/O) buses.
  • I/O input/output
  • Mass storage device 930 which may be implemented with a magnetic disk drive, an optical disk drive, a flash drive, or other device, is a non-volatile storage device for storing data and instructions for use by processor unit 910 . Mass storage device 930 can store the system software for implementing embodiments of the present invention for purposes of loading that software into main memory 920 .
  • Portable storage device 940 operates in conjunction with a portable non-volatile storage medium, such as a floppy disk, compact disk or Digital video disc, USB drive, memory card or stick, or other portable or removable memory, to input and output data and code to and from the computer system 900 of FIG. 9 .
  • a portable non-volatile storage medium such as a floppy disk, compact disk or Digital video disc, USB drive, memory card or stick, or other portable or removable memory
  • the system software for implementing embodiments of the present invention may be stored on such a portable medium and input to the computer system 900 via the portable storage device 940 .
  • Input devices 960 provide a portion of a user interface.
  • Input devices 960 may include an alpha-numeric keypad, such as a keyboard, for inputting alpha-numeric and other information, a pointing device such as a mouse, a trackball, stylus, cursor direction keys, microphone, touch-screen, accelerometer, and other input devices.
  • the system 900 as shown in FIG. 9 includes output devices 950 . Examples of suitable output devices include speakers, printers, network interfaces, and monitors.
  • Display system 970 may include a liquid crystal display (LCD) or other suitable display device. Display system 970 receives textual and graphical information and processes the information for output to the display device. Display system 970 may also receive input as a touch-screen.
  • LCD liquid crystal display
  • Peripherals 980 may include any type of computer support device to add additional functionality to the computer system.
  • peripheral device(s) 980 may include a modem or a router, printer, and other device.
  • the system of 900 may also include, in some implementations, antennas, radio transmitters and radio receivers 990 .
  • the antennas and radios may be implemented in devices such as smart phones, tablets, and other devices that may communicate wirelessly.
  • the one or more antennas may operate at one or more radio frequencies suitable to send and receive data over cellular networks, Wi-Fi networks, commercial device networks such as a Bluetooth device, and other radio frequency networks.
  • the devices may include one or more radio transmitters and receivers for processing signals sent and received using the antennas.
  • the components contained in the computer system 900 of FIG. 9 are those typically found in computer systems that may be suitable for use with embodiments of the present invention and are intended to represent a broad category of such computer components that are well known in the art.
  • the computer system 900 of FIG. 9 can be a personal computer, handheld computing device, smart phone, mobile computing device, workstation, server, minicomputer, mainframe computer, or any other computing device.
  • the computer can also include different bus configurations, networked platforms, multi-processor platforms, etc.
  • Various operating systems can be used including Unix, Linux, Windows, Macintosh OS, Android, as well as languages including Java, .NET, C, C++, Node.JS, and other suitable languages.

Abstract

A system generates a number of uniform resource locators as application program interfaces in an intelligent way based on live traffic. Live traffic between a server and multiple users is monitored and intercepted and forwarded to a remote server that processes the traffic. Traffic URLs are processed to build a digital data structure that represents nodes or portions within each URL. For URLs having different nodes at the same hierarchical level that have the same type, the present system may replace those different nodes with a representative node. The representative node replaces the nodes at the same hierarchical level having the same type, but having different values.

Description

    CROSS REFERENCE TO RELATED APPLICATIONS
  • The present application claims the priority benefit of U.S. provisional patent application 63/167,649, filed on Mar. 30, 2021, titled “INTELLIGENT APPLICATION PROTECTION,” the disclosure of which IS incorporated herein by reference.
    • BACKGROUND
  • When analyzing, tracking, or monitoring a system, it is often important to know the specification of the system, including application program interface (API) specifications. However, when monitoring a new system, the API specification and related data is often unknown. This forces administrators and users working with the system to work with uniform resource locators (URL), and for example associate each URL with a particular API. This results in very large numbers of APIs, which requires a large number of resources to work with. What is needed is an improved method for naming APIs.
    • SUMMARY
  • The present technology, roughly described, renames a number of uniform resource locators as application program interfaces in an intelligent way based on live traffic. Live traffic between a server and multiple users is monitored and intercepted by an agent. The agent may be within the customer server, or positioned elsewhere to intercept traffic between users and the server. Intercepted traffic is forwarded to a remote server that processes the traffic.
  • Generating API names may be based on nodes in a URL. A URL may be considered to have a domain followed by a path. The path may have one or more portions, wherein each path portion begins with a forward slash. A digital data structure can be generated from a URL, wherein the domain and each path portion can correspond to a node in the digital data structure. For example, for the URL of /server/request/1234, the digital data structure can be considered to have a first node of server, a second note of request, and a third node of 1234. For URLs having matching nodes, the digital data structure represents the matching nodes as a single node. For URLs having nodes that are different, the different nodes may branch out from the previous node in the hierarchy. For example, for the URL of /server/request/123 and a URL of /server/request/234, the digital data structure may have base nodes of /server/request/and to third level notes that branch out from request and consist of 123 and 234.
  • Processing includes building a digital data structure, such as a trie, that represents nodes or portions generated from each URL. For URL based nodes at the same hierarchical level that have the same type, the present system may replace those different nodes with a representative node. The representative node replaces the nodes at the same hierarchical level having the same type, but having different values. In some instances, the replacement representative node is provided in response to detecting that specifications associated with the nodes being replaced are related or the same. For example, if the specifications for requests for the nodes have a similar format and specifications for the responses for nodes have a similar format, the nodes may be replaced with a replacement representative node.
  • In some instances, a method can generate application program interfaces from uniform resource locator information. The method can include receiving intercepted requests and responses sent to a URL address at the first server by a plurality of remote computing devices. The method continues with building a digital data structure based on the URLs to which the requests and the responses are sent, the digital data structure including a single node for identical portions of URLs located at the same hierarchical position within the digital data structure and including a separate node for different portions of URLs located at the same hierarchical position within the digital data structure, wherein each separate node is associated with a node type and a value. Specification data associated with a plurality of nodes which have the same hierarchical position, the same value type, and a different value can be compared. An API is generated based on two or more of the plurality of nodes which have the same hierarchical position and same value type, the new name based at least in part on the compared specification.
  • In some instances, a non-transitory computer readable storage medium has embodied thereon a program that is executable by a processor to perform a method. The method generates application program interfaces from uniform resource locator information. The method can include receiving intercepted requests and responses sent to a URL address at the first server by a plurality of remote computing devices. The method continues with building a digital data structure based on the URLs to which the requests and the responses are sent, the digital data structure including a single node for identical portions of URLs located at the same hierarchical position within the digital data structure and including a separate node for different portions of URLs located at the same hierarchical position within the digital data structure, wherein each separate node is associated with a node type and a value. Specification data associated with a plurality of nodes which have the same hierarchical position, the same value type, and a different value can be compared. An API is generated based on two or more of the plurality of nodes which have the same hierarchical position and same value type, the new name based at least in part on the compared specification.
  • In embodiments, a system can include a server, memory and one or more processors. One or more modules may be stored in memory and executed by the processors to receive intercepted requests and responses sent to a URL address at the first server by a plurality of remote computing devices, build a digital data structure based on the URLs to which the requests and the responses are sent, the digital data structure including a single node for identical portions of URLs located at the same hierarchical position within the digital data structure and including a separate node for different portions of URLs located at the same hierarchical position within the digital data structure, wherein each separate node is associated with a node type and a value, compare specification data associated with a plurality of nodes which have the same hierarchical position, the same value type, and a different value, and generate an API based on two or more of the plurality of nodes which have the same hierarchical position and same value type, the new name based at least in part on the compared specification.
    • BRIEF DESCRIPTION OF FIGURES
  • FIG. 1 is a block diagram of a system for intelligently naming APIs.
  • FIG. 2 is a block diagram of an application that intelligently names APIs.
  • FIG. 3 is a method for intelligently naming APIs.
  • FIG. 4 is a method for building digital data structures from URLs.
  • FIG. 5 is a method for determining if digital data structures are associated with matching specifications.
  • FIG. 6 illustrates URLs from which an API can be intelligently named.
  • FIG. 7 illustrates a representation of a digital data structure.
  • FIG. 8 illustrates an intelligently named API based on the URLs of FIG. 6.
  • FIG. 9 is a block diagram of a system for implementing machines that implement the present technology.
    •  DETAILED DESCRIPTION
  • The present system renames a number of uniform resource locators as application program interfaces in an intelligent way based on live traffic. Live traffic between a server and multiple users is monitored and intercepted by an agent. The agent may be within the customer server, or positioned elsewhere to intercept traffic between users and the server. Intercepted traffic is forwarded to a remote server that processes the traffic.
  • Generating API names may be based on nodes in a URL. A URL may be considered to have a domain followed by a path. The path may have one or more portions, wherein each path portion begins with a forward slash. A digital data structure can be generated from a URL, wherein the domain and each path portion can correspond to a node in the digital data structure. For example, for the URL of /server/request/1234, the digital data structure can be considered to have a first node of server, a second note of request, and a third node of 1234. For URLs having matching nodes, the digital data structure represents the matching nodes as a single node. For URLs having nodes that are different, the different nodes may branch out from the previous node in the hierarchy. For example, for the URL of /server/request/123 and a URL of /server/request/234, the digital data structure may have base nodes of /server/request/and to third level notes that branch out from request and consist of 123 and 234.
  • Processing includes building a digital data structure, such as a trie, that represents nodes or portions generated from each URL. For URL based nodes at the same hierarchical level that have the same type, the present system may replace those different nodes with a representative node. The representative node replaces the nodes at the same hierarchical level having the same type, but having different values. In some instances, the replacement representative node is provided in response to detecting that specifications associated with the nodes being replaced are related or the same. For example, if the specifications for requests for the nodes have a similar format and specifications for the responses for nodes have a similar format, the nodes may be replaced with a replacement representative node.
  • FIG. 1 is a block diagram of a system for intelligently naming (i.e., generating) APIs. The block diagram 100 of FIG. 1 includes client devices 110-140, customer server 150, network 160, API naming server 170, and data store 180.
  • Client devices 110-140 may send requests to and receive responses from customer server 150. The client devices may be any device which can access the service, network page, webpage, or other content from customer server 150. Client devices 110-140 may send a request to customer server 150, and customer server 150 may send a response to the devices based on the request. The request may be sent to a particular URL provided by customer server 150 in the sponsors may be sent from the same URL or different URLs. Though only for four client devices are shown, any number of client devices may be used to interact with customer server 150.
  • Customer server 150 may provide a service to client devices 110-140. Agent 152 on customer server 150 may monitor the communication between customer server 150 and client devices 110 - 140 and intercept traffic between the server and the devices. Upon intercepting the traffic, agent 152 may forward the traffic to application 172 on API naming server 170. In some instances, one or more agents may be installed on customer server 150, which may be implemented by one or more physical or logical machines. In some instances, server 150 may actually be implemented by multiple servers in different locations, providing a distributed service for devices 110-140. In any case, one or more agents 152 may be installed to intercept requests and responses sent between devices 110-140 and customer server 150 and for those requests and responses to application 172 on server 170.
  • Network 140 may include one or more private networks, public networks, intranets, the Internet, an intranet, wide-area networks, local area networks, cellular networks, radio-frequency networks, Wi-Fi networks, any other network which may be used to transmit data, and any combination of these networks. Client devices 110-140, customer server 150, API naming server 170, and data store 180 may all communicate over network 160.
  • API naming server 170 may be implemented as one or more physical or logical machines that provide API naming functionality as described herein. In some instances, API naming server may include one or more applications 172. The application 172 may be stored on one or more API naming servers 170 and be executed to perform functionality as described herein. API naming server and application 172 may both communicate over network 160 and data store 180. In some instances, data store 180 may include one or more URLs, generated API names, and other data.
  • FIG. 2 is a block diagram of an application that intelligently names APIs. Application 172 of FIG. 2 provides more detail for application 172 of the system of FIG. 1. Application 172 includes one or more modules, including digital data structure builder to 10, specification analyzer 220, node threshold engine 230, and API naming manager 240.
  • Digital data structure builder 210 may build a data structure from received URLs at application 172. Digital data structure may replace nodes, increment node counters, and otherwise build and manage digital data structures.
  • Specification analyzer 220 may analyze specifications related to intercepted URLs. In particular, specification analyzer 220 may access and compare the specification between URL requests, URL responses, and other data associated with a URL.
  • Node threshold engine 230 may determine if the number of occurrences of a particular node value and type at a particular position in a node hierarchy has exceeded a threshold associated with a particular node hierarchy position and type. The node threshold engine may maintain a counter, increment a counter, and flag nodes for which the threshold has or has not been exceeded.
  • API naming manager 240 may generate an API name based on URL similarity and specification analysis. API naming manager may generate the API name and store the API locally at server 170 or remotely at data store 180.
  • Application 172 may include more or fewer modules and the listed, and the modules as it may be grouped together or divided into multiple modules to implement the technology described herein.
  • FIG. 3 is a method for intelligently naming APIs. The method of FIG. 3 begins with installing an agent in a customer system to intercept customer traffic at step 310. Installing the agent may be performed remotely or locally by an admin. The agent may be installed, within the customer server or elsewhere, to intercept traffic between the server and computing devices associated with users of the server. Once installed, the agent may intercept traffic between the customer computing devices and the server.
  • Live traffic consisting of URL requests and responses sent between computing devices and a server are intercepted at step 320. In some instances, the computing devices may be associated with customers of the particular server. The request may be intercepted by one or more agents located within a customer server or otherwise positioned to intercept traffic between users of the server, for example from one or more computing devices to the customer servers. In some instances, intercepted traffic includes requests and responses sent to and from URLs supported by the customer server.
  • URL traffic is forwarded by the agent to the API naming server at step 330. The URL traffic may include a request, a corresponding response, the URL to which the request and response were sent to and from, and other data. In some instances, the agent may send the data in batches, periodically, or based on an event.
  • A digital data structure is built from URLs at step 340. A digital data structure may include nodes generated at least in part from or derived from received URLs. In some instances, the digital data structure may be a trie. In any case, the digital data structure may be built and updated as additional traffic information is received from one or more remote agents. More data for building digital data structures is discussed with respect to the method of FIG. 4.
  • A determination is made as to whether digital data structure nodes at the same level are associated with matching specifications at step 350. The specifications may be associated with nodes at the same level, and may be specifications related to a node request, response, or some other specification. Determining if digital data structure nodes at the same level in a URL hierarchy are associated with matching specifications is discussed in more detail with respect to the method of FIG. 5.
  • An API is renamed with related digital data structure nodes at the same level at step 360. Renaming an API with digital data structure nodes that are related may be performed if the digital data structure nodes represent the same type, are the same hierarchical level, and have specifications that match.
  • An example of APIs that are generated or renamed are illustrated in FIG. 6. The APIs 600 of FIG. 6 begin with a path of /api/profiles/. The next path portion in each URL of FIG. 6 is a number. The path portions after each number include text “view” and “requests.”
  • The digital data structure constructed from the URLs of FIG. 6 is displayed in FIG. 7. The numbers that make up the third node of the digital data structure can be examined to see if they're the same type (e.g., integer, GUID, etc.), and their related specifications match. With respect to the present example of FIGS. 6-7, it is presumed that the nodes have specifications that match. In this example, the API names generated from the URLs are those as illustrated in FIG. 8. FIGS. 6-8 are discussed in more detail below.
  • After renaming (e.g., generating) the APIs, the renamed APIs may be stored at step 370. The APIs may be stored locally at API naming server 170 or at a remote location, such as for example a data store 180.
  • FIG. 4 is a method for building digital data structures from URLs. The method of FIG. 4 provides more detail for step 340 of the method of FIG. 3. First, a digital data structure is built from the received URLs at step 410. The digital data structure may be built in any of several ways, including as a trie. A trie may have several nodes, each of which correspond to a portion of a URL path separated by a forward slash. An example of a trie built from a series of URLs is illustrated and discussed in more detail with respect to FIG. 7.
  • For nodes within a digital data structure that have the same hierarchical level and type but have different values, a node counter is incremented for the nodes at step 420. The node counter is used to track how many occurrences of a particular node occur in order to determine if that particular node should be combined to a single node within a named API.
  • A determination is made as whether the node counter exceeds a threshold for the node type at step 430. In some instances, the threshold may depend on the type associated with the node. For example, if a node has an integer type, the threshold may be 5, 8, 10, 12, or some other value between 5-25. If a node represents a GUID type, the threshold may also be somewhere between 5-25. If a node represents a string type, the threshold may be much larger, such as for example 100, 200 or even higher. In some instances, a threshold for any type may be as low as 2 or greater than 10,000, depending on design preferences. If the node counter is not exceeded a threshold for a node type at step 430, the method returns to step 420. If the node counter does exceed the threshold for the node type, then the particular note is flagged for a naming replacement at step 440.
  • FIG. 5 is a method for determining if digital data structures are associated with matching specifications. The method of FIG. 5 provides more detail for step 350 of the method of FIG. 3. URL requests are accessed for a digital data structure node level that satisfies a threshold at step 510. These URL requests include requests that were made to the URL by computing devices in communication with the server providing the URL. The access URL request specifications are then compared at step 250. A determination is then made if the request for stations match at step 530. The request specifications match if they include similar formats in the request header, request body, and other aspects of the request. If the request specifications do not match, then the request may be associated with different URLs, and should not be combined into a single API. In this case, the method of FIG. 5 continues to step 570 where the digital data structure nodes are determined to not match at step 570.
  • If the request specifications match, access URL response specifications are compared at step 540. The response specifications may be compared to determine if the response header, response body, and other portions of the responses match in content and/or format. If the response specifications match at step 550, the digital data structure nodes are determined to match at step 560. If the response specifications do not match at step 550, it is determined that the digital data structure nodes do not match at step 570.
  • FIG. 6 illustrates URLs from which an API can be intelligently named. The URLs of FIG. 6 can be provided by a server which receives requests and provides responses to computing devices accessing services provided by the server. The URLs each include a path that contains “/api/profiles/” but have subsequent portions of a path that differ. A digital data structure for the URLs in FIG. 6 is shown in FIG. 7.
  • FIG. 7 illustrates a representation of a digital data structure. Although the digital data structure of FIG. 7 is a trie, other types of digital data structures can be used to organize URL paths into nodes. In the trie 700 of FIG. 7, the top or parent node is API, and the second note is profiles, corresponding to the first portions of the path of the URLs in FIG. 6. From the profiles note, there are three child nodes, 123, 234, and 456. These correspond to the different sub paths from the “profiles” path portion. The child node 123 includes child nodes of view and requests, the child node 234 includes a child node of view, and the child node of 456 includes a child node of requests.
  • Though the values of the child nodes below the child node profile have different numbers, they are all of the same type: integers. As such, they can be combined as a replacement type in a named API. From that replacement type node, the four remaining child nodes have two different values. As such, APIs may be named from the trie illustrated in FIG. 7, each of which include replacement type after the node “profiles.” The two named APIs are illustrated in FIG. 8.
  • FIG. 9 is a block diagram of a system for implementing machines that implement the present technology. System 900 of FIG. 9 may be implemented in the contexts of the likes of machines that implement client devices 110-140, customer server 150, API naming server 170, and data store 180. The computing system 900 of FIG. 9 includes one or more processors 910 and memory 920. Main memory 920 stores, in part, instructions and data for execution by processor 910. Main memory 920 can store the executable code when in operation. The system 900 of FIG. 9 further includes a mass storage device 930, portable storage medium drive(s) 940, output devices 950, user input devices 960, a graphics display 970, and peripheral devices 980.
  • The components shown in FIG. 9 are depicted as being connected via a single bus 990. However, the components may be connected through one or more data transport means. For example, processor unit 910 and main memory 920 may be connected via a local microprocessor bus, and the mass storage device 930, peripheral device(s) 980, portable storage device 940, and display system 970 may be connected via one or more input/output (I/O) buses.
  • Mass storage device 930, which may be implemented with a magnetic disk drive, an optical disk drive, a flash drive, or other device, is a non-volatile storage device for storing data and instructions for use by processor unit 910. Mass storage device 930 can store the system software for implementing embodiments of the present invention for purposes of loading that software into main memory 920.
  • Portable storage device 940 operates in conjunction with a portable non-volatile storage medium, such as a floppy disk, compact disk or Digital video disc, USB drive, memory card or stick, or other portable or removable memory, to input and output data and code to and from the computer system 900 of FIG. 9. The system software for implementing embodiments of the present invention may be stored on such a portable medium and input to the computer system 900 via the portable storage device 940.
  • Input devices 960 provide a portion of a user interface. Input devices 960 may include an alpha-numeric keypad, such as a keyboard, for inputting alpha-numeric and other information, a pointing device such as a mouse, a trackball, stylus, cursor direction keys, microphone, touch-screen, accelerometer, and other input devices. Additionally, the system 900 as shown in FIG. 9 includes output devices 950. Examples of suitable output devices include speakers, printers, network interfaces, and monitors.
  • Display system 970 may include a liquid crystal display (LCD) or other suitable display device. Display system 970 receives textual and graphical information and processes the information for output to the display device. Display system 970 may also receive input as a touch-screen.
  • Peripherals 980 may include any type of computer support device to add additional functionality to the computer system. For example, peripheral device(s) 980 may include a modem or a router, printer, and other device.
  • The system of 900 may also include, in some implementations, antennas, radio transmitters and radio receivers 990. The antennas and radios may be implemented in devices such as smart phones, tablets, and other devices that may communicate wirelessly. The one or more antennas may operate at one or more radio frequencies suitable to send and receive data over cellular networks, Wi-Fi networks, commercial device networks such as a Bluetooth device, and other radio frequency networks. The devices may include one or more radio transmitters and receivers for processing signals sent and received using the antennas.
  • The components contained in the computer system 900 of FIG. 9 are those typically found in computer systems that may be suitable for use with embodiments of the present invention and are intended to represent a broad category of such computer components that are well known in the art. Thus, the computer system 900 of FIG. 9 can be a personal computer, handheld computing device, smart phone, mobile computing device, workstation, server, minicomputer, mainframe computer, or any other computing device. The computer can also include different bus configurations, networked platforms, multi-processor platforms, etc. Various operating systems can be used including Unix, Linux, Windows, Macintosh OS, Android, as well as languages including Java, .NET, C, C++, Node.JS, and other suitable languages.
  • The foregoing detailed description of the technology herein has been presented for purposes of illustration and description. It is not intended to be exhaustive or to limit the technology to the precise form disclosed. Many modifications and variations are possible in light of the above teaching. The described embodiments were chosen to best explain the principles of the technology and its practical application to thereby enable others skilled in the art to best utilize the technology in various embodiments and with various modifications as are suited to the particular use contemplated. It is intended that the scope of the technology be defined by the claims appended hereto.

Claims (20)

What is claimed is:
1. A method for generating application program interfaces (APIs) from uniform resource locator (URL) information, comprising:
receiving intercepted requests and responses sent to a URL address at the first server by a plurality of remote computing devices;
building a digital data structure based on the URLs to which the requests and the responses are sent, the digital data structure including a single node for identical portions of URLs located at the same hierarchical position within the digital data structure and including a separate node for different portions of URLs located at the same hierarchical position within the digital data structure, wherein each separate node is associated with a node type and a value;
comparing specification data associated with a plurality of nodes which have the same hierarchical position, the same value type, and a different value; and
generating an API based on two or more of the plurality of nodes which have the same hierarchical position and same value type, the new name based at least in part on the compared specification.
2. The method of claim 1, wherein the specification has the same format for each of the two or more of the plurality of nodes which have the same hierarchical position and same value type.
3. The method of claim 1, wherein the specification data for the plurality of nodes which have the same hierarchical position and the same value type includes a specification for a request sent to a URL associated with the node.
4. The method of claim 1, wherein the specification data for the plurality of nodes which have the same hierarchical position and the same value type includes a specification for a response sent from a URL associated with the node.
5. The method of claim 1, wherein the digital data structure is a trie
6. The method of claim 1, further comprising:
determining if the number of nodes which have the same hierarchical position and the same value type exceed a threshold number of nodes; and
comparing the specification data if the number of nodes exceeds the threshold.
7. The method of claim 6, wherein the threshold is greater than five nodes having a numerical value type.
8. The method of claim 6, wherein the threshold is greater than 5 for nodes having a unique identifier type.
9. The method of claim 1, wherein the requests and responses are intercepted by an agent installed on a first server, the building, comparing and generating performed by an application on a second server in response to the agent transmitting the URL requests and responses to the application.
10. A non-transitory computer readable storage medium having embodied thereon a program, the program being executable by a processor to perform a method for generating application program interfaces (APIs) from uniform resource locator (URL) information, the method comprising:
receiving intercepted requests and responses sent to a URL address at the first server by a plurality of remote computing devices;
building a digital data structure based on the URLs to which the requests and the responses are sent, the digital data structure including a single node for identical portions of URLS located at the same hierarchical position within the digital data structure and including a separate node for different portions of URLs located at the same hierarchical position within the digital data structure, wherein each separate node is associated with a node type and a value;
comparing specification data associated with a plurality of nodes which have the same hierarchical position, the same value type, and a different value; and
generating an API based on two or more of the plurality of nodes which have the same hierarchical position and same value type, the new name based at least in part on the compared specification.
11. The non-transitory computer readable storage medium of claim 10, wherein the specification has the same format for each of the two or more of the plurality of nodes which have the same hierarchical position and same value type.
12. The non-transitory computer readable storage medium of claim 10, wherein the specification data for the plurality of nodes which have the same hierarchical position and the same value type includes a specification for a request sent to a URL associated with the node.
13. The non-transitory computer readable storage medium of claim 10, wherein the specification data for the plurality of nodes which have the same hierarchical position and the same value type includes a specification for a response sent from a URL associated with the node.
14. The non-transitory computer readable storage medium of claim 10, wherein the digital data structure is a trie.
15. The non-transitory computer readable storage medium of claim 10, the method further comprising:
determining if the number of nodes which have the same hierarchical position and the same value type exceed a threshold number of nodes; and
comparing the specification data if the number of nodes exceeds the threshold.
16. The non-transitory computer readable storage medium of claim 15, wherein the threshold is greater than 5 for nodes having a numerical value type.
17. The non-transitory computer readable storage medium of claim 15, wherein the threshold is greater than 5 for nodes having a unique identifier type.
18. The non-transitory computer readable storage medium of claim 10, wherein the requests and responses are intercepted by an agent installed on a first server, the building, comparing and generating performed by an application on a second server in response to the agent transmitting the URL requests and responses to the application.
19. A system for generating application program interfaces (APIs) from uniform resource locator (URL) information, comprising:
a server including a memory and a processor; and
one or more modules stored in the memory and executed by the processor to receive intercepted requests and responses sent to a URL address at the first server by a plurality of remote computing devices, build a digital data structure based on the URLs to which the requests and the responses are sent, the digital data structure including a single node for identical portions of URLs located at the same hierarchical position within the digital data structure and including a separate node for different portions of URLs located at the same hierarchical position within the digital data structure, wherein each separate node is associated with a node type and a value, compare specification data associated with a plurality of nodes which have the same hierarchical position, the same value type, and a different value, and generate an API based on two or more of the plurality of nodes which have the same hierarchical position and same value type, the new name based at least in part on the compared specification.
20. The system of claim 19, wherein the specification has the same format for each of the two or more of the plurality of nodes which have the same hierarchical position and same value type.
US17/339,946 2021-03-30 2021-06-05 Intelligent naming of application program interfaces Pending US20220318332A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US17/339,946 US20220318332A1 (en) 2021-03-30 2021-06-05 Intelligent naming of application program interfaces

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US202163167649P 2021-03-30 2021-03-30
US17/339,946 US20220318332A1 (en) 2021-03-30 2021-06-05 Intelligent naming of application program interfaces

Publications (1)

Publication Number Publication Date
US20220318332A1 true US20220318332A1 (en) 2022-10-06

Family

ID=83448116

Family Applications (5)

Application Number Title Priority Date Filing Date
US17/339,951 Pending US20220321587A1 (en) 2021-03-30 2021-06-05 Automatic anomaly detection based on api sessions
US17/339,946 Pending US20220318332A1 (en) 2021-03-30 2021-06-05 Intelligent naming of application program interfaces
US17/339,949 Pending US20220318081A1 (en) 2021-03-30 2021-06-05 Automatic generation of an api interface description
US17/348,785 Pending US20220318618A1 (en) 2021-03-30 2021-06-16 Multi-api metric modeling using lstm system
US17/349,942 Pending US20220318378A1 (en) 2021-03-30 2021-06-17 Detecting threats based on api service business logic abuse

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US17/339,951 Pending US20220321587A1 (en) 2021-03-30 2021-06-05 Automatic anomaly detection based on api sessions

Family Applications After (3)

Application Number Title Priority Date Filing Date
US17/339,949 Pending US20220318081A1 (en) 2021-03-30 2021-06-05 Automatic generation of an api interface description
US17/348,785 Pending US20220318618A1 (en) 2021-03-30 2021-06-16 Multi-api metric modeling using lstm system
US17/349,942 Pending US20220318378A1 (en) 2021-03-30 2021-06-17 Detecting threats based on api service business logic abuse

Country Status (1)

Country Link
US (5) US20220321587A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11921847B1 (en) * 2023-07-13 2024-03-05 Intuit, Inc. Detection of abnormal application programming interface (API) sessions including a sequence of API requests using space partitioning data structures

Citations (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7058633B1 (en) * 2002-09-09 2006-06-06 Cisco Technology, Inc. System and method for generalized URL-rewriting
US20070250624A1 (en) * 2006-04-24 2007-10-25 B-Hive Networks, Inc. Method and System for Learning Web Applications
US20080034424A1 (en) * 2006-07-20 2008-02-07 Kevin Overcash System and method of preventing web applications threats
US20080184340A1 (en) * 2007-01-30 2008-07-31 Seiko Epson Corporation Application Execution System, Computer, Application Execution Device, And Control Method And Program For An Application Execution System
US20100235918A1 (en) * 2009-03-13 2010-09-16 Rami Mizrahi Method and Apparatus for Phishing and Leeching Vulnerability Detection
US20100325588A1 (en) * 2009-06-22 2010-12-23 Anoop Kandi Reddy Systems and methods for providing a visualizer for rules of an application firewall
US20110145930A1 (en) * 2009-12-14 2011-06-16 International Business Machines Corporation Method, Program Product and Server for Controlling a Resource Access to an Electronic Resource Stored Within a Protected Data
US20150180745A1 (en) * 2013-12-20 2015-06-25 Netapp, Inc. System, Method and Computer program Product for Accessing Hierarchical Nodes in Information Associated with Computer System Infrastructure and Assets
US20160057107A1 (en) * 2014-08-22 2016-02-25 Shape Security, Inc. Application programming interface wall
US9667704B1 (en) * 2014-04-26 2017-05-30 Google Inc. System and method for classifying API requests in API processing systems using a tree configuration
US20170337052A1 (en) * 2016-05-17 2017-11-23 Dropbox, Inc. Interface description language for application programming interfaces
US20180121320A1 (en) * 2016-10-31 2018-05-03 International Business Machines Corporation Analysis to check web api code usage and specification
US20180196643A1 (en) * 2017-01-10 2018-07-12 International Business Machines Corporation Generating web api specification from online documentation
US20180314622A1 (en) * 2017-04-26 2018-11-01 Jpmorgan Chase Bank, N.A. System and method for implementing an api validator tool
US20180357154A1 (en) * 2017-06-12 2018-12-13 International Business Machines Corporation Automatically Running Tests Against WEB APIs Based on Specifications
US20190196890A1 (en) * 2017-12-22 2019-06-27 MuleSoft, Inc. Api query
US20190196811A1 (en) * 2017-12-21 2019-06-27 Fujitsu Limited Api specification generation
US20190213326A1 (en) * 2018-01-11 2019-07-11 ArecaBay, Inc. Self-adaptive application programming interface level security monitoring
US10747505B1 (en) * 2019-05-17 2020-08-18 Google Llc API specification generation
US20200326913A1 (en) * 2019-04-10 2020-10-15 International Business Machines Corporation Probabilistic Matching of Web Application Program Interface Code Usage to Specifications
US10873618B1 (en) * 2020-01-07 2020-12-22 Volterra, Inc. System and method to dynamically generate a set of API endpoints
US10917401B1 (en) * 2020-03-24 2021-02-09 Imperva, Inc. Data leakage prevention over application programming interface
US20210211486A1 (en) * 2020-01-07 2021-07-08 Volterra, Inc. System and method for generating api schemas for networked services

Family Cites Families (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6226408B1 (en) * 1999-01-29 2001-05-01 Hnc Software, Inc. Unsupervised identification of nonlinear data cluster in multidimensional data
US9781148B2 (en) * 2008-10-21 2017-10-03 Lookout, Inc. Methods and systems for sharing risk responses between collections of mobile communications devices
JP5941149B2 (en) * 2011-09-09 2016-06-29 ヒューレット−パッカード デベロップメント カンパニー エル.ピー.Hewlett‐Packard Development Company, L.P. System and method for evaluating an event according to a temporal position in an event sequence based on a reference baseline
US9699205B2 (en) * 2015-08-31 2017-07-04 Splunk Inc. Network security system
CN109074454B (en) * 2016-02-29 2022-04-19 帕洛阿尔托网络公司 Automatic malware grouping based on artifacts
US10360082B2 (en) * 2017-01-19 2019-07-23 International Business Machines Corporation Analysis of application programming interface usage for improving a computer system
US10764041B2 (en) * 2017-03-03 2020-09-01 Google Llc Systems and methods for establishing a link between identifiers without disclosing specific identifying information
US11258815B2 (en) * 2018-07-24 2022-02-22 Wallarm, Inc. AI-based system for accurate detection and identification of L7 threats
SG10201806602VA (en) * 2018-08-02 2020-03-30 Mastercard International Inc Methods and systems for identification of breach attempts in a client-server communication using access tokens
US11157816B2 (en) * 2018-10-17 2021-10-26 Capital One Services, Llc Systems and methods for selecting and generating log parsers using neural networks
US11831420B2 (en) * 2019-11-18 2023-11-28 F5, Inc. Network application firewall
US11265342B2 (en) * 2020-07-02 2022-03-01 Qualys, Inc. Rest api scanning for security testing

Patent Citations (25)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7058633B1 (en) * 2002-09-09 2006-06-06 Cisco Technology, Inc. System and method for generalized URL-rewriting
US20070250624A1 (en) * 2006-04-24 2007-10-25 B-Hive Networks, Inc. Method and System for Learning Web Applications
US20080034424A1 (en) * 2006-07-20 2008-02-07 Kevin Overcash System and method of preventing web applications threats
US20080184340A1 (en) * 2007-01-30 2008-07-31 Seiko Epson Corporation Application Execution System, Computer, Application Execution Device, And Control Method And Program For An Application Execution System
US20100235918A1 (en) * 2009-03-13 2010-09-16 Rami Mizrahi Method and Apparatus for Phishing and Leeching Vulnerability Detection
US20100325588A1 (en) * 2009-06-22 2010-12-23 Anoop Kandi Reddy Systems and methods for providing a visualizer for rules of an application firewall
US9215212B2 (en) * 2009-06-22 2015-12-15 Citrix Systems, Inc. Systems and methods for providing a visualizer for rules of an application firewall
US20110145930A1 (en) * 2009-12-14 2011-06-16 International Business Machines Corporation Method, Program Product and Server for Controlling a Resource Access to an Electronic Resource Stored Within a Protected Data
US20150180745A1 (en) * 2013-12-20 2015-06-25 Netapp, Inc. System, Method and Computer program Product for Accessing Hierarchical Nodes in Information Associated with Computer System Infrastructure and Assets
US9667704B1 (en) * 2014-04-26 2017-05-30 Google Inc. System and method for classifying API requests in API processing systems using a tree configuration
US20160057107A1 (en) * 2014-08-22 2016-02-25 Shape Security, Inc. Application programming interface wall
US20170337052A1 (en) * 2016-05-17 2017-11-23 Dropbox, Inc. Interface description language for application programming interfaces
US20180121320A1 (en) * 2016-10-31 2018-05-03 International Business Machines Corporation Analysis to check web api code usage and specification
US20180196643A1 (en) * 2017-01-10 2018-07-12 International Business Machines Corporation Generating web api specification from online documentation
US20180314622A1 (en) * 2017-04-26 2018-11-01 Jpmorgan Chase Bank, N.A. System and method for implementing an api validator tool
US20180357154A1 (en) * 2017-06-12 2018-12-13 International Business Machines Corporation Automatically Running Tests Against WEB APIs Based on Specifications
US20190196811A1 (en) * 2017-12-21 2019-06-27 Fujitsu Limited Api specification generation
US20190196890A1 (en) * 2017-12-22 2019-06-27 MuleSoft, Inc. Api query
US20190213326A1 (en) * 2018-01-11 2019-07-11 ArecaBay, Inc. Self-adaptive application programming interface level security monitoring
US20200326913A1 (en) * 2019-04-10 2020-10-15 International Business Machines Corporation Probabilistic Matching of Web Application Program Interface Code Usage to Specifications
US10747505B1 (en) * 2019-05-17 2020-08-18 Google Llc API specification generation
US20200364033A1 (en) * 2019-05-17 2020-11-19 Google Llc API Specification Generation
US10873618B1 (en) * 2020-01-07 2020-12-22 Volterra, Inc. System and method to dynamically generate a set of API endpoints
US20210211486A1 (en) * 2020-01-07 2021-07-08 Volterra, Inc. System and method for generating api schemas for networked services
US10917401B1 (en) * 2020-03-24 2021-02-09 Imperva, Inc. Data leakage prevention over application programming interface

Also Published As

Publication number Publication date
US20220318081A1 (en) 2022-10-06
US20220318618A1 (en) 2022-10-06
US20220318378A1 (en) 2022-10-06
US20220321587A1 (en) 2022-10-06

Similar Documents

Publication Publication Date Title
US11934417B2 (en) Dynamically monitoring an information technology networked entity
US10713108B2 (en) Computing system issue detection and resolution
US10268750B2 (en) Log event summarization for distributed server system
US11252168B2 (en) System and user context in enterprise threat detection
US8005943B2 (en) Performance monitoring of network applications
EP3399415B1 (en) Computing resource identification
CN110602270B (en) Domain name resolution method and device, computer equipment and storage medium
US10565372B1 (en) Subscription-based multi-tenant threat intelligence service
KR102504075B1 (en) Matching and attributes of user device events
CN110109840A (en) Code audit method, audit device and the medium compared based on version number
US9535666B2 (en) Dynamic agent delivery
US10754830B2 (en) Activity information schema discovery and schema change detection and notification
US20190258564A1 (en) Service regression detection using real-time anomaly detection of application performance metrics
US10775751B2 (en) Automatic generation of regular expression based on log line data
US11086919B2 (en) Service regression detection using real-time anomaly detection of log data
US10291492B2 (en) Systems and methods for discovering sources of online content
US20220318332A1 (en) Intelligent naming of application program interfaces
US20170222893A1 (en) Distributed Business Transaction Path Network Metrics
US20210304102A1 (en) Automatically allocating network infrastructure resource usage with key performance indicator
US20230224314A1 (en) Session based anomaly dectection
US20220245470A1 (en) Automatically generating an application knowledge graph
CN111368039B (en) Data management system
CN115496544A (en) Data processing method and device
CN111290870A (en) Method and device for detecting abnormity
CN115309612B (en) Method and device for monitoring data

Legal Events

Date Code Title Description
STPP Information on status: patent application and granting procedure in general

Free format text: NON FINAL ACTION MAILED

STPP Information on status: patent application and granting procedure in general

Free format text: FINAL REJECTION MAILED

STPP Information on status: patent application and granting procedure in general

Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION

STPP Information on status: patent application and granting procedure in general

Free format text: NON FINAL ACTION MAILED

STPP Information on status: patent application and granting procedure in general

Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER

STPP Information on status: patent application and granting procedure in general

Free format text: FINAL REJECTION MAILED