US 11,940,901 B2
System and method to use past computer executable instructions to evaluate proposed computer executable instructions
Yue Li, Foster City, CA (US); Theodore Harris, Foster City, CA (US); and Tatiana Korolevskaya, Foster City, CA (US)
Assigned to Visa International Service Association, San Francisco, CA (US)
Filed by VISA INTERNATIONAL SERVICE ASSOCIATION, San Francisco, CA (US)
Filed on Apr. 19, 2022, as Appl. No. 17/723,579.
Application 17/723,579 is a continuation of application No. 16/731,499, filed on Dec. 31, 2019, granted, now 11,321,221.
Prior Publication US 2022/0253373 A1, Aug. 11, 2022
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 11/36 (2006.01); G06N 20/00 (2019.01)
CPC G06F 11/3644 (2013.01) [G06F 11/3688 (2013.01); G06N 20/00 (2019.01)] 20 Claims
OG exemplary drawing
 
1. A method of analyzing computer executable instructions for risk comprising:
receiving computer executable instructions, wherein the computer executable instructions are yet to be executed;
determining a proposed risk factor for the computer executable instructions, wherein the determining the proposed risk factor comprises:
determining code level analyzable elements from the computer executable instructions, wherein the determining comprises reviewing a coding style of the computer executable instructions based on one or more of the following: comments in the computer executable instructions, libraries used by the computer executable instructions, indentation lines of codes of the computer executable instructions, uses of sub-routines of the computer executable instructions, existence of commands in the computer executable instructions, and lack of commands in the computer executable instructions;
recursively separating recognizable sections of the code level analyzable elements from unrecognizable sections;
executing a comparison of a first analyzable element to past analyzable elements stored in the memory that were previously deemed as one of the following: a known malicious code or a failure to align with a known good code, wherein the comparison compares the coding style to coding styles stored in the memory;
based on the comparison, calculating a coding style similarity score as part of the proposed risk factor with a deep learning algorithm, wherein the deep learning algorithm comprises checking the coding style similarity score against a score associated with one or more of the past analyzable elements stored in the memory;
determining a threshold for the proposed risk factor according to at least one of the following: a government authority with grades of thresholds, and a past history of the proposed risk factor of the computer executable instructions; and
in response to the determined risk factor calculated for the first analyzable element being meeting the determined threshold, undertaking a risk response, wherein the risk response comprises one of the following:
communicating a risk warning associated with the computer executable instructions, replacing the computer executable instructions identified as risk with a comparable computer executable instructions that have been determined to have an acceptable risk, or placing a hold on the computer executable instructions.