Buffer
Overflow Defenses. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle.
http://sfsecurity.pr.erau.edu.
Find-and-patch Methods–
Programs that block known
attacks
•Example:
An anti-virus program that checks files and other
inputs to the system for signatures
of known attacks
•Pros:
–Very effective against specific attacks that are known
•Cons:
–Not effective against unknown attacks or attacks for which the anti-virus program does not
yet have the signature
–The program must keep a current list of signatures for known attacks and must be updated
regularly