US 12,488,113 B2
Computer security using zero-trust principles and artificial intelligence for source code
Stanley Lee, Dublin, CA (US); Michelle Chance, Austin, TX (US); and Dimitry Shvartsman, New York, NY (US)
Assigned to PAYPAL, INC., San Jose, CA (US)
Filed by PayPal, Inc., San Jose, CA (US)
Filed on Dec. 7, 2021, as Appl. No. 17/544,034.
Claims priority of provisional application 63/187,239, filed on May 11, 2021.
Prior Publication US 2022/0366056 A1, Nov. 17, 2022
Int. Cl. G06F 21/57 (2013.01); G06F 8/77 (2018.01); G06F 21/56 (2013.01)
CPC G06F 21/577 (2013.01) [G06F 8/77 (2013.01); G06F 21/563 (2013.01); G06F 2221/033 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method, comprising:
retrieving, via a computer system and from a database, (i) source code developed by a first code developer using a first computing device, and (ii) code development data associated with activities of the first code developer, via the first computing device, during a development of the source code;
applying, via the computer system, a first machine learning algorithm of a plurality of machine learning algorithms of a module configured to assess code and developer security to the source code;
generating, via the computer system and based on the applying the first machine learning algorithm, a confidence level measuring a level of contribution of the first code developer to the development of the source code;
applying, via the computer system, a second machine learning algorithm of the plurality of machine learning algorithms to the code development data;
generating, via the computer system and based on the applying the second machine learning algorithm, an anomaly indicator identifying a code development behavioral anomaly associated with the first code developer and occurring during the development of the source code;
generating, via the computer system and based on a portion of the source code and a third machine learning algorithm of the plurality of machine learning algorithms, a risk indicator associated with executing the portion of the source code separate from other portions of the source code based on a reputational score associated with the portion of the source code;
analyzing, via the computer system, the source code for a security risk based on a combination, generated by the plurality of machine learning algorithms, of at least the confidence level, the anomaly indicator, and the risk indicator;
identifying, via the computer system and based on the analyzing, the security risk associated with executing the source code;
executing the source code in a first execution environment that is different from a second execution environment;
generating, via the computer system, execution behavioral data including a record of an interaction of the source code with a software component based on the executing;
establishing, via the computer system, an execution profile baseline for the source code based on the execution behavioral data; and
monitoring, via the computer system, the source code for an execution anomaly that deviates from the execution profile baseline when the source code is executed in the second execution environment.