US 11,989,289 B2
Remediating software vulnerabilities
Robert Hercock, London (GB); and Giulio Giaconi, London (GB)
Assigned to British Telecommunications Public Limited Company, (GB)
Appl. No. 17/309,531
Filed by BRITISH TELECOMMUNICATIONS PUBLIC LIMITED COMPANY, London (GB)
PCT Filed Dec. 1, 2019, PCT No. PCT/EP2019/083206
§ 371(c)(1), (2) Date Jun. 3, 2021,
PCT Pub. No. WO2020/114923, PCT Pub. Date Jun. 11, 2020.
Claims priority of application No. 18209888 (EP), filed on Dec. 3, 2018.
Prior Publication US 2022/0027465 A1, Jan. 27, 2022
Int. Cl. G06F 21/54 (2013.01); G06F 18/214 (2023.01); G06F 21/55 (2013.01); G06F 21/57 (2013.01); G06N 3/044 (2023.01); G06N 3/084 (2023.01)
CPC G06F 21/554 (2013.01) [G06F 18/214 (2023.01); G06F 21/54 (2013.01); G06F 21/577 (2013.01); G06N 3/044 (2023.01); G06N 3/084 (2013.01)] 13 Claims
OG exemplary drawing
 
1. A computer implemented method of remediating an increased vulnerability of a software system including a plurality of software components, the method comprising:
generating a vector representation of each software component derived from a neural network trained using training data defined from known vulnerabilities of the plurality of software components in the software system;
aggregating the vector representations for the software component to an aggregate vector representation for a particular time;
repeating the generating and the aggregating for a plurality of points in time to generate multiple generations of aggregate vector representations; and
comparing the multiple generations of aggregate vector representations to detect a change in an aggregate vector representation exceeding a maximum threshold degree of change as an indication of an increased vulnerability of the software system, responsive to which iteratively adjusting the software components in the software system and, at each iteration, regenerating an aggregate vector representation for the software system so adjusted to compare with the multiple generations of aggregate vector representations to identify a software component adjustment leading to a change in vector representation not exceeding the maximum threshold degree of change so as to reduce the vulnerability of the software system.