General Electric Company
Apparatus and method for analysis of binary targets to generate security policy

Abstract:

A compiled security program is received, for example, by an electronic tool. The compiled security program is in a form that is generally unreadable to a human user. The compiled program is automatically and electronically analyzed to determine permissible computer function calls that can be made by the security program. A security policy is generated by the analysis. Subsequently, the security policy can be utilized by an operating system. The operating system compares the sys calls requested by the security program as the program is executed. If the requested sys call does not match the approved sys calls, then an action can be taken.