公开(公告)号：US11675584B1

公开(公告)日：2023-06-13

申请号：US17217327

申请日：2021-03-30

Applicant: Amazon Technologies, Inc.

Inventor： Aritra Sengupta ,  Lee Pike ,  Martin Schaef ,  Nicolas Leandro Rosner ,  Willem Conradie Visser

IPC: G06F9/44 ,  G06F8/75 ,  G06F16/901 ,  G06F8/10

CPC classification number: G06F8/75 ,  G06F8/10 ,  G06F16/9027

Abstract: Techniques for visualizing dependent relationships in computer program analysis trace elements are described. A code analysis service analyzes computer code associated with a software application for at least one of errors or policy violations. The service outputs a trace log identifying a path within the computer code that results in an error or policy violation. The trace log includes a set of trace elements each corresponding to a line of the computer code. The output is displayed as a tree data structure including nodes. The nodes may include indentations indicating dependent relationships between and among variables initialized at lines in the computer code corresponding to the nodes. Alternatively, the nodes may be arranged as a hierarchy with edges connecting adjacent nodes, and nodes at different levels indicating dependent relationships. The tree data structure may include annotations providing additional contextual information about the actions performed at each node.

公开(公告)号：US11301357B1

公开(公告)日：2022-04-12

申请号：US16584611

申请日：2019-09-26

Applicant: Amazon Technologies, Inc.

Inventor： Andrew Jude Gacek ,  Neha Rungta ,  Lee Pike

IPC: G06F11/36 ,  G06F11/32

Abstract: Techniques for performing compile-time checks of source code using static analysis are described herein. One or more application programming interface calls to a remote computing service provider are detected in a set of source code listings using static analysis, and properties of each call are checked against a user-defined model containing rules defining incorrect behavior. If incorrect behavior is detected, a visualization is presented containing information about the incorrect behavior.

公开(公告)号：US12079106B1

公开(公告)日：2024-09-03

申请号：US17545770

申请日：2021-12-08

Applicant: Amazon Technologies, Inc.

Inventor： Yaojie Hu ,  Xingjian Shi ,  Qiang Zhou ,  Lee Pike

IPC: G06F11/36 ,  G06N5/04

CPC classification number: G06F11/3636 ,  G06N5/04

Abstract: Techniques for determining buggy code are described. An encoder/decoder-based (e.g., transformer-based) model approach is described. In some embodiments, a service receives request to perform transformer-based bug fixing on code, performs bug fixing inference to the code by applying a trained encoder/decoder-based model, and reports out a result of the inference, wherein the output includes an indication of a location of a potential edit to be made in the code and the potential edit in the code.

公开(公告)号：US12299134B1

公开(公告)日：2025-05-13

申请号：US17936993

申请日：2022-09-30

Applicant: Amazon Technologies, Inc.

Inventor： Peixuan Li ,  Yingjun Lyu ,  Qiang Zhou ,  Lee Pike ,  Michael McDougall ,  Thodoris Sotiropoulos

IPC: G06F21/57 ,  G06N5/022

Abstract: Security vulnerability analysis may be performed using policy inference. Application code may have operations that are labeled according to the respective functions that they perform. Some operations may be labeled according to a knowledge database of known operations while others may be inferred through similarity to known operations. The knowledge database may be associated with libraries of programmatic interfaces. Once components of the application code are labeled, a vulnerability database may be that identifies potential vulnerabilities based on data sources, data sinks and threat mitigation operations. Using the labeled operations, one or more potential vulnerabilities may be identified based on labeled data sources and data sinks. The application may then be evaluated for potential security threats based on the identified potential vulnerabilities.