Marco Pistoia  Marco Pistoia photo         

contact information

Distinguished Research Staff Member, Senior Manager, Master Inventor - Quantum Computing Algorithms and Applications
IBM Thomas J. Watson Research Center, Yorktown Heights, NY USA
  +1dash914dash945dash1263

links


more information

More information:  Personal Web Site


Patents Granted (source: uspto.gov)

1.         10,324,820         Providing specialization for static program analysis using coding hints

2.         10,298,678         Omnichannel approach to application sharing across different devices

3.         10,296,737         Security enforcement in the presence of dynamic code loading

4.         10,289,540         Performing entropy-based dataflow analysis

5.         10,275,238         Hybrid program analysis

6.         10,268,458         Prospective voice user interface modality identification

7.         10,268,457         Prospective voice user interface modality identification

8.         10,268,350         Automatically capturing user interactions and evaluating user interfaces in software programs using field testing

9.         10,250,642         System, method and apparatus for fine-grained privacy specification and verification

10.      10,248,965         Location oriented membership code device

11.      10,248,385         Extracting mobile application workflow from design files

12.      10,237,734         Social and proximity based access control for mobile applications

13.      10,228,917         Mapping of software code via user interface summarization

14.      10,223,079         Mapping of software code via user interface summarization

15.      10,222,955         Automatically capturing user interactions and evaluating user interfaces in software programs using field testing

16.      10,218,777         System, method and apparatus for ad-hoc utilization of available resources across mobile devices

17.      10,218,587         Transparently tracking provenance information in distributed data systems

18.      10,216,954         Privacy detection of a mobile application program

19.      10,212,054         Transparently tracking provenance information in distributed data systems

20.      10,127,689         Mobile user interface design testing tool

21.      10,095,490         System, method and apparatus for preventing vulnerable interleavings in web applications at compile time

22.      10,080,248         System, method and apparatus for sensor virtualization in mobile devices

23.      10,073,975         Application integrity verification in multi-tier architectures

24.      10,055,590         Rule matching in the presence of languages with no types or as an adjunct to current analyses for security vulnerability analysis

25.      10,015,181         Using natural language processing for detection of intended or unexpected application behavior

26.      9,996,324           Cooperative creation of dataflow models using sparse random instrumentation

27.      9,946,629           System, method and apparatus for deriving root cause for software test failure

28.      9,940,478           Fine-grained user control over usages of sensitive system resources having private data with applications in privacy enforcement

29.      9,940,465           Static security analysis using a hybrid representation of string values

30.      9,940,464           Static security analysis using a hybrid representation of string values

31.      9,910,833           Automatically rendering web and/or hybrid applications natively in parallel

32.      9,900,340           Testing web applications for security vulnerabilities with metarequests

33.      9,892,263           System, method and apparatus to visually configure an analysis of a program

34.      9,888,021           Crowd based detection of device compromise in enterprise setting

35.      9,858,419           System, method, and apparatus for modular, string-sensitive, access rights analysis with demand-driven precision

36.      9,836,608           System, method and apparatus for simultaneous definition and enforcement of access-control and integrity policies

37.      9,836,193           Automatically capturing user interactions and evaluating user interfaces in software programs using field testing

38.      9,823,998           Trace recovery via statistical reasoning

39.      9,787,798           Generating collapsed user interface interaction sequence controls in mobile applications

40.      9,747,187           Simulating black box test results using information from white box testing

41.      9,733,927           Detection of software or hardware incompatibilities in software packages

42.      9,720,798           Simulating black box test results using information from white box testing

43.      9,706,009           Generating collapsed user interface interaction sequence controls in mobile applications

44.      9,705,910           Testing web applications for security vulnerabilities with metarequests

45.      9,703,990           Protecting content displayed on a mobile device

46.      9,697,108           System, method, and apparatus for automatic recording and replaying of application executions

47.      9,697,018           Synthesizing inputs to preserve functionality

48.      9,684,804           Protecting content displayed on a mobile device

49.      9,684,803           Protecting content displayed on a mobile device

50.      9,684,788           Self-repair and distributed-repair of applications

51.      9,680,859           System, method and apparatus to visually configure an analysis of a program

52.      9,619,222           System, method and apparatus for automatic device registration and secure application activation

53.      9,607,154           System, method and apparatus for simultaneous definition and enforcement of access-control and integrity policies

54.      9,558,014           System, method and apparatus for transparently enabling software applications with adaptive user interfaces

55.      9,531,600           Automatic extraction, modeling, and code mapping of application user interface display screens and components

56.      9,485,268           System, method and apparatus to visually configure an analysis of a program

57.      9,479,512           Social and proximity based access control for mobile applications

58.      9,473,507           Social and proximity based access control for mobile applications

59.      9,471,553           Automatically rendering web or hybrid applications natively

60.      9,460,282           Static security analysis using a hybrid representation of string values

61.      9,459,990           Automatic and transparent application logging

62.      9,459,986           Automatic generation of analysis-equivalent application constructs

63.      9,449,190           Method and system for run-time dynamic and interactive identification software authorization requirements and privileged code locations, and for validation of other software program analysis results

64.      9,443,102           Protecting content displayed on a mobile device

65.      9,424,423           Static security analysis using a hybrid representation of string values

66.      9,405,916           Automatic correction of security downgraders

67.      9,396,336           Automatic correction of security downgraders

68.      9,384,354           Rule matching in the presence of languages with no types or as an adjunct to current analyses for security vulnerability analysis

69.      9,372,779           System, method, apparatus and computer program for automatic evaluation of user interfaces in software programs

70.      9,369,349           Automatic extraction, modeling, and code mapping of application user interface display screens and components

71.      9,363,284           Testing web applications for security vulnerabilities with metarequests

72.      9,338,063           Automatic extraction, modeling, and code mapping of application user interface display screens and components

73.      9,336,120           Enhanced string analysis that improves accuracy of static analysis

74.      9,326,237           Method, apparatus and computer program product providing performance and energy optimization for mobile computing

75.      9,326,236           Method, apparatus and computer program product providing performance and energy optimization for mobile computing

76.      9,282,013           Transparently tracking provenance information in distributed data systems

77.      9,276,829           Transparently tracking provenance information in distributed data systems

78.      9,275,246           System and method for static detection and categorization of information-flow downgraders

79.      9,256,409           Building reusable function summaries for frequently visited methods to optimize data-flow analysis

80.      9,251,352           Quantitative analysis of information leakage vulnerabilities

81.      9,250,876           Building reusable function summaries for frequently visited methods to optimize data-flow analysis

82.      9,246,885           System, method, apparatus and computer programs for securely using public services for private or enterprise purposes

83.      9,223,984           After-the-fact configuration of static analysis tools able to reduce user burden

84.      9,208,061           Partitioning of program analyses into sub-analyses using dynamic hints

85.      9,208,055           Importance-based call graph construction

86.      9,178,856           System, method, apparatus and computer programs for securely using public services for private or enterprise purposes

87.      9,177,143           Progressive static security analysis

88.      9,176,849           Partitioning of program analyses into sub-analyses using dynamic hints

89.      9,166,996           Automatic correction of security downgraders

90.      9,164,869           Scalable and precise string analysis using index-sensitive static string abstractions

91.      9,158,923           Mitigating security risks via code movement

92.      9,158,848           Web testing tools system and method

93.      9,141,792           Application-level anomaly detection

94.      9,135,441           Progressive static security analysis

95.      9,135,147           Automated testing of applications with scripting code

96.      9,129,119           Enforcement of data privacy to maintain obfuscation of certain data

97.      9,122,734           Transparent data service suitable for modifying data storage capabilities in applications

98.      9,111,091           Automatic extraction, modeling, and code mapping of application user interface display screens and components

99.      9,098,623           Static analysis of validator routines

100.   9,094,400           Authentication in virtual private networks

101.   9,092,723           Using a heuristically-generated policy to dynamically select string analysis algorithms for client queries

102.   9,081,968           Quantitative analysis of information leakage vulnerabilities

103.   9,075,997           Global variable security analysis

104.   9,043,761           Fault localization using condition modeling and return value modeling

105.   9,021,450           Scalable and precise string analysis using index-sensitive static string abstractions

106.   9,009,535           Anomaly detection at the level of run time data structures

107.   8,990,949           Automatic correction of security downgraders

108.   8,984,642           Detecting security vulnerabilities in web applications

109.   8,984,495           Enhanced string analysis that improves accuracy of static analysis

110.   8,984,493           Distributed static analysis of computer software applications

111.   8,972,334           Transparent data service suitable for modifying data storage capabilities in applications

112.   8,955,139           Sound and effective data-flow analysis in the presence of aliasing

113.   8,955,058           Automatically generating challenge questions inferred from user history data for user authentication

114.   8,949,995           Certifying server side web applications against security vulnerabilities

115.   8,943,599           Certifying server side web applications against security vulnerabilities

116.   8,935,680           Differential static program analysis

117.   8,935,674           Determining correctness conditions for use in static analysis

118.   8,931,101           Application-level anomaly detection

119.   8,930,884           Efficient extraction of software dependencies from program code

120.   8,918,886           Training classifiers for program analysis

121.   8,914,890           Determining the vulnerability of computer software applications to privilege-escalation attacks

122.   8,910,293           Determining the vulnerability of computer software applications to privilege-escalation attacks

123.   8,904,543           Discovery of application vulnerabilities involving multiple execution flows

124.   8,898,188           String analysis based on three-valued logic

125.   8,881,300           Automated detection of flaws and incompatibility problems in information flow downgraders

126.   8,875,297           Interactive analysis of a security specification

127.   8,863,292           Interactive analysis of a security specification

128.   8,856,764           Distributed static analysis of computer software applications

129.   8,850,589           Training classifiers for program analysis

130.   8,850,405           Generating sound and minimal security reports based on static analysis of a program

131.   8,844,046           Method and apparatus for paralleling and distributing static source code security analysis using loose synchronization

132.   8,819,635           Confidence-based static analysis

133.   8,799,874           Static analysis of computer software applications

134.   8,793,800           Static analysis for verification of software program access to secure resources for computer systems

135.   8,789,188           Method and apparatus for automatic determination of authorization requirements while editing or generating code

136.   8,769,696           Automated detection of flaws and incompatibility problems in information flow downgraders

137.   8,756,587           Static analysis of computer software applications

138.   8,751,422           Using a heuristically-generated policy to dynamically select string analysis algorithms for client queries

139.   8,745,578           Eliminating false-positive reports resulting from static analysis of computer software

140.   8,726,246           Static analysis of validator routines

141.   8,701,186           Formal analysis of the quality and conformance of information flow downgraders

142.   8,695,098           Detecting security vulnerabilities in web applications

143.   8,695,056           Method for information tracking in multiple interdependent dimensions

144.   8,683,599           Static analysis for verification of software program access to secure resources for computer systems

145.   8,671,284           Security model for actor-based languages and apparatus, methods, and computer programming products using same

146.   8,667,584           Formal analysis of the quality and conformance of information flow downgraders

147.   8,661,264           Security model for actor-based languages and apparatus, methods, and computer programming products using same

148.   8,656,496           Global variable security analysis

149.   8,650,546           Static analysis based on observed string values during execution of a computer-based software application

150.   8,646,088           Runtime enforcement of security checks

151.   8,635,602           Verification of information-flow downgraders

152.   8,627,465           Automatic inference of whitelist-based validation as part of static analysis for security

153.   8,584,246           Eliminating false reports of security vulnerabilities when testing computer software

154.   8,572,748           Label-based taint analysis

155.   8,572,747           Policy-driven detection and verification of methods such as sanitizers and validators

156.   8,572,727           System, method and apparatus for simultaneous definition and enforcement of access-control and integrity policies

157.   8,572,674           System, method, and apparatus for modular, string-sensitive, access rights analysis with demand-driven precision

158.   8,561,035           Method and system to discover possible program variable values by connecting program value extraction with external data sources

159.   8,544,104           Enforcement of data privacy to maintain obfuscation of certain data

160.   8,533,694           Identification of read/write chains during static analysis of computer software

161.   8,533,659           Efficient extraction of software dependencies from program code

162.   8,528,095           Injection context based static analysis of computer software applications

163.   8,516,449           Detecting and localizing security vulnerabilities in client-server application

164.   8,490,057           Confidence-based static analysis

165.   8,473,899           Automatic optimization of string allocations in a computer program

166.   8,468,605           Identifying security vulnerability in computer software

167.   8,453,125           Generating inputs for client-server programs for fault-detection and localization

168.   8,434,070           Generating specifications of client-server applications for static analysis

169.   8,387,111           Type independent permission based access control

170.   8,387,018           Fault localization using directed test generation

171.   8,381,242           Static analysis for verification of software program access to secure resources for computer systems

172.   8,381,199           Modular and/or demand-driven string analysis of a computer program

173.   8,375,371           Importance-based call graph construction

174.   8,365,281           Determining whether method of computer program is a validator

175.   8,365,280           System, method, and program for determining validity of string

176.   8,332,939           System and method for the automatic identification of subject-executed code and subject-granted access rights

177.   8,296,722           Crawling of object model using transformation graph

178.   8,230,477           System and method for the automatic evaluation of existing security policies and automatic creation of new security policies

179.   8,006,233           System and method for the automatic verification of privilege-asserting and subject-executed code

180.   7,877,812           Method, system and computer program product for enforcing privacy policies

181.   7,827,613           System and method for supporting digital rights management in an enhanced Java.TM. 2 runtime environment

182.   7,810,135           Apparatus for adopting authorizations

183.   7,496,757           Software verification system, method and computer program element

184.   7,343,620           Method and apparatus for adopting authorizations

185.   7,308,717           System and method for supporting digital rights management in an enhanced Java.TM. 2 runtime environment

186.   7,237,236           Method and apparatus for automatically determining optimum placement of privileged code locations in existing code

187.   7,171,558           Transparent digital rights management for extendible content viewers

188.   7,076,804           Automated program resource identification and association

189.   8,646,087           Answering security queries statically based on dynamically-determined information

190.     7,219,341           Code analysis for selective runtime data processing

191.     10,372,582         Enhanced string analysis that improves accuracy of static analysis

Additionally, Dr. Pistoia is the inventor or co-inventor of 280 patent-pending applications.