Buffer
Overflow Defenses. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle.
http://sfsecurity.pr.erau.edu.
Find-and-patch Methods–
Programs that block known attacks
Programs that block known attacks
Example: An
anti-virus program that checks files and other inputs to the system for signatures of known attacks
Pros:
–Very effective against
specific attacks that are known
Cons:
–Not effective against
unknown attacks or attacks for which the anti-virus
program does not yet have the signature
–The program must keep a
current list of signatures for known attacks and
must be updated regularly