A method and a device for automatically detecting potential failures in mobile applications implemented on an operating system for mobile devices, a mobile application being executable on the operating system installed on a hosting device by executing code instructions stored in an associated executable file. Provided an executable file associated to a mobile application, the device implements a module for decompiling the executable file to obtain at least one descriptive file of the mobile application containing descriptive code formatted with a markup language, a module for providing a plurality of predetermined string patterns related to potential failures, and a module for searching for the presence of at least one of the string patterns in the at least one descriptive file, and in case of presence, outputting an indication of presence of a potential failure associated to the detected string pattern.

Systems, computer program products, and methods are described herein for software compiler integrity verification. The present invention is configured to retrieve, from a source code repository, a source code; process, using a first build machine, the source code into a first object code; process, using a second build machine, the source code into a second object code; initiate an integrity verification engine on the first object code and the second object code; decompile, using the integrity verification engine, the first object code to create a first decompiled object code and the second object code to create a second decompiled object code; compare the first decompiled object code with the second decompiled object code; determine a match between the first decompiled object code and the second decompiled object code; and transmit an approval notification.

Systems, computer program products, and methods are described herein for software compiler integrity verification. The present invention is configured to retrieve, from a source code repository, a source code; process, using a first build machine, the source code into a first object code; process, using a second build machine, the source code into a second object code; initiate an integrity verification engine on the first object code and the second object code; decompile, using the integrity verification engine, the first object code to create a first decompiled object code and the second object code to create a second decompiled object code; compare the first decompiled object code with the second decompiled object code; determine a match between the first decompiled object code and the second decompiled object code; and transmit an approval notification.

An electronic device is disclosed. An electronic device according to various embodiments comprises: a processor; and a memory electrically connected to the processor, wherein the processor may be configured to: obtain a plurality of first parameters associated with attributes of at least one malicious code and a plurality of second parameters associated with a system in which the at least one malicious code is executed; obtain a similarity on the basis of a first comparison result according to a first comparison method between the plurality of first parameters and a second comparison result according to a second comparison method between the plurality of second parameters; and classify the at least one malicious code into at least one cluster on the basis of the similarity between the at least one malicious code. Other various embodiments may be provided.

An electronic device is disclosed. An electronic device according to various embodiments comprises: a processor; and a memory electrically connected to the processor, wherein the processor may be configured to: obtain a plurality of first parameters associated with attributes of at least one malicious code and a plurality of second parameters associated with a system in which the at least one malicious code is executed; obtain a similarity on the basis of a first comparison result according to a first comparison method between the plurality of first parameters and a second comparison result according to a second comparison method between the plurality of second parameters; and classify the at least one malicious code into at least one cluster on the basis of the similarity between the at least one malicious code. Other various embodiments may be provided.

According to some illustrative embodiments of the invention, a method is performed that includes using a representation of a computer software program, using identified addresses which correspond to a part of the representation, and converting the representation into a created binary program, which includes reserving spaces at the identified addresses in the created binary program's address space at the same addresses as the identified addresses in the representation.

The invention relates to a method for generating executable code from application source code. The method steps include determining a programmatic expression using the application source code and determining a first value for the programmatic expression. The method steps further include compiling the programmatic expression into a first optimized code portion using the first value, an assumption, and an expression scope. The method steps further include executing the application source code. The method steps further include determining that the programmatic expression is modified outside of the expression scope, invalidating the assumption, and de-optimizing the first optimized code portion.

A computer program product according to some embodiments causes a processor to perform operations including disassembling executable code of an application program to provide disassembled code, identifying first wrapping code in the disassembled code, receiving second wrapping code, generating a consolidated application wrapper that manages operation of both the first wrapping code and the second wrapping code, inserting the second wrapping code and the consolidated application wrapper into the disassembled code to form modified disassembled code, and assembling the modified disassembled code to form modified executable code.

An apparatus comprising at least one interface configured to read one or more high-level code instructions; and at least one processor configured to read the one or more high-level code instructions using the interface, determine atomic operations in the high-level code instructions, and translate the one or more high-level code instructions into assembly code instructions, wherein atomic operations are indicated in the assembly code instructions based on the atomic operations in the high-level code instruction.

An apparatus comprising at least one interface configured to read one or more high-level code instructions; and at least one processor configured to read the one or more high-level code instructions using the interface, determine atomic operations in the high-level code instructions, and translate the one or more high-level code instructions into assembly code instructions, wherein atomic operations are indicated in the assembly code instructions based on the atomic operations in the high-level code instruction.