摘要 |
Method for detecting buffer overflow weakness exploitation including the steps of determining a plurality of threshold parameters, each respective to a buffer overflow weakness exploitation event, analyzing a code to be executed (Figure 4B, 100), thereby producing a plurality of validation values, comparing said validation values to the respective ones of the threshold parameters, and determining a buffer overflow weakness exploitation attempt (Figure 4B, 102), when at least one of the validation values exceeds the respective one of the threshold parameters. Indicate attempted exploitation of buffer overflow weakness is in progress (Figure 4B, 106).
|