Processing

Please wait...

Settings

Settings

Goto Application

1. WO2020114923 - REMEDIATING SOFTWARE VULNERABILITIES

Publication Number WO/2020/114923
Publication Date 11.06.2020
International Application No. PCT/EP2019/083206
International Filing Date 01.12.2019
IPC
G06F 21/56 2013.01
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
55Detecting local intrusion or implementing counter-measures
56Computer malware detection or handling, e.g. anti-virus arrangements
G06N 3/04 2006.01
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
NCOMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
3Computer systems based on biological models
02using neural network models
04Architecture, e.g. interconnection topology
H04L 29/06 2006.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
29Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/-H04L27/136
02Communication control; Communication processing
06characterised by a protocol
G06F 21/57 2013.01
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
G06F 21/55 2013.01
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
55Detecting local intrusion or implementing counter-measures
G06N 3/08 2006.01
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
NCOMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
3Computer systems based on biological models
02using neural network models
08Learning methods
CPC
G06F 21/554
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
55Detecting local intrusion or implementing counter-measures
554involving event detection and direct action
G06F 21/577
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
577Assessing vulnerabilities and evaluating computer system security
G06N 3/0445
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
NCOMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
3Computer systems based on biological models
02using neural network models
04Architectures, e.g. interconnection topology
0445Feedback networks, e.g. hopfield nets, associative networks
G06N 3/0454
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
NCOMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
3Computer systems based on biological models
02using neural network models
04Architectures, e.g. interconnection topology
0454using a combination of multiple neural nets
G06N 3/084
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
NCOMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
3Computer systems based on biological models
02using neural network models
08Learning methods
084Back-propagation
Applicants
  • BRITISH TELECOMMUNICATIONS PUBLIC LIMITED COMPANY [GB]/[GB]
Inventors
  • HERCOCK, Robert
  • GIACONI, Giulio
Agents
  • BRITISH TELECOMMUNICATIONS PUBLIC LIMITED COMPANY, INTELLECTUAL PROPERTY DEPARTMENT
Priority Data
18209888.903.12.2018EP
Publication Language English (EN)
Filing Language English (EN)
Designated States
Title
(EN) REMEDIATING SOFTWARE VULNERABILITIES
(FR) REMÉDIATION DE VULNÉRABILITÉS LOGICIELLES
Abstract
(EN)
A computer implemented method of remediating an increased vulnerability of a software system including a plurality of software components, the method comprising: generating a vector representation of each software component derived from a neural network trained using training data defined from known vulnerabilities of the software components in the software system; aggregating the vector representations for the software component to an aggregate vector representation for a particular time; repeating the generating and aggregating steps for a plurality of points in time to generate multiple generations of aggregate vector representations; comparing the multiple generations of aggregate vector representations to detect a change in an aggregate vector representation exceeding a maximum threshold degree of change as an indication of an increased vulnerability of the software system, responsive to which iteratively adjusting the software components in the software system and, at each iteration, regenerating an aggregate vector representation for the software system so adjusted to compare with the multiple generations of aggregate vector representations to identify a software component adjustment leading to a change in vector representation not exceeding the maximum threshold degree of change so as to reduce the vulnerability of the software system.
(FR)
Procédé, mis en œuvre par ordinateur, pour remédier à une vulnérabilité accrue d'un système logiciel comprenant une pluralité de composants logiciels, ce procédé comprenant les étapes consistant à : générer une représentation vectorielle de chaque composant logiciel dérivée d'un réseau neuronal entraîné, à l'aide de données d'apprentissage définies à partir de vulnérabilités connues des composants logiciels du système logiciel; agréger les représentations vectorielles pour le composant logiciel à une représentation vectorielle agrégée pendant un temps particulier; répéter les étapes de génération et d'agrégation pour une pluralité de points dans le temps pour générer de multiples générations de représentations vectorielles agrégées; comparer les multiples générations de représentations vectorielles agrégées pour détecter un changement, dans une représentation vectorielle agrégée, dépassant un degré de seuil maximal de changement en tant qu'indication d'une vulnérabilité accrue du système logiciel, en réponse auquel changement, ajuster itérativement les composants logiciels du système logiciel et, à chaque itération, re-générer une représentation vectorielle agrégée pour le système logiciel ainsi ajusté pour la comparer avec les multiples générations de représentations vectorielles agrégées afin d'identifier un ajustement de composant logiciel conduisant à un changement dans une représentation vectorielle ne dépassant pas le degré de seuil maximal de changement de façon à réduire la vulnérabilité du système de logiciel.
Latest bibliographic data on file with the International Bureau