Examples: Intrusion detection, disabling execution of code where
there shouldn’t be code
Pros:
•Disabling the execution of code where there shouldn’t be
code usually has a negligible
performance cost
•Intrusion detection systems can detect unknown attacks by
monitoring user behavior
for anomalies or likely attack patterns
Cons:
•Neither of these will prevent every kind of buffer
overflow attack
•Intrusion detection is a developing technology and is not
perfect