首页>
外国专利>
Entropy-based detection of sensitive information in code
Entropy-based detection of sensitive information in code
展开▼
机译:基于熵的代码中敏感信息检测
展开▼
页面导航
摘要
著录项
相似文献
摘要
Techniques are described for identifying security credentials or other sensitive information based on an entropy-based analysis of information included in documents such as source code files, object code files, or other types of files. A baseline information entropy may be determined for one or more documents, indicating a baseline level of randomness for information in the document(s). One or more of the documents may be analyzed to identify the presence of high entropy portions that have an information entropy above a threshold value. The threshold value may be based on the baseline information entropy, or based on other criteria such as a programming language of the document(s). Because security credentials may have a higher level of information entropy than the surrounding code, any high entropy portions of the document(s) may be identified as potential security risks.
展开▼