Validating a (hack-free) web experience

Patent verifies information flow downgraders  

Hacks, phishing, and other malicious cyberattacks all happen due to bugs in a software program’s code. Because no one can manually check the millions of lines of code behind a mobile app or a website, developers use verification software to check their work. And even then, sometimes the analysis that traditionally trusts that defenses installed by the developer were implemented correctly, misses vulnerabilities.

The patent process

What I see most often is someone with a great idea, but who doesn't think of it in terms of a patentable idea. As a Master Inventor, I want to help my colleagues move those ideas to patents. – Marco Pistoia

It’s also about point of view. Many file patents that describe what they have done. But what’s more valuable is the abstract, creative use of the idea. – Omer Tripp
This is where IBM Master Inventors Omer Tripp, PhD and Marco Pistoia, PhD focused patent #8,635,602: Verification of information-flow downgraders. Filed in 2010, the invention aims to close the loop on code that – because of poorly implemented defenses – compromises sensitive data, such as bank account numbers, and passwords. 

“I would say the patent is more valuable today (it was issued in 2014) because of the explosion in cloud and mobile technologies, which necessitate defenses that are more challenging to implement correctly than ever before. We’re all accessing websites that require sensitive information about ourselves, and sometimes the software asking for that information is vulnerable,” said Omer, who has filed 174 patent applications and been issued 64. In 2012, Omer earned more than 1 percent of IBM’s entire patent total of 6,478.

Omer and Marco set out four years ago to verify what software applications claimed to be secure “downgrader” code (the part of a software program that sanitizes or validates untrusted input to a website, or obfuscates and declassifies confidential data before its release). By developing a way to check a website’s information flow downgrader, they found that live, implemented code still had security holes. “Our tool simulates what developers have a hard time testing for, such as ‘double encoded’ input, or other odd combinations of validation routines,” said Marco, who has 148 patent filings and 72 patent issuances to his name.

Their ISSTA 2011 paper, Path-and index-sensitive string analysis based on monadic second-order logic demonstrated vulnerabilities on several open source websites, earning ACM SIGSOFT’s Distinguished Paper Award. 

Trust and verify

Downgraders take input that’s not trusted, like erroneous details entered into a website login form, and help make it trusted. They sanitize the information by getting rid of certain unintended, and potentially malicious, characters and substrings. But they can be tricked by recursive nesting of the payload, and other clever tricks. The invention detects when a downgrader incorrectly allows (or rejects) accurate input – and can be integrated into standard analysis tools.

"Developers do validate that their software works as it should. But what’s often left unchecked are the inputs to the software – how the average person checks Twitter, or applies for a bank account,” Marco said. “We can now analyze those inputs to make sure the defenses a developer puts in place work, or alternatively, have errors.”  

“Now, we want to connect this invention with others we’re working on in this area, namely tools that automatically fix broken defenses. This would help developers check their code, and their downgraders,” Omer said.

More about IBM's 2014 patent leadership

Labels: , , , ,