Method and system for filtering communications to prevent exploitation of a software vulnerability
The invention is directed to a system for detecting when a vulnerability of an application would be exposed as a result of messages being sent the application, comprising a specification for the application that defines a state machine that indicates when a message would expose the vulnerability of...
Gespeichert in:
Hauptverfasser: | , , , , |
---|---|
Format: | Patent |
Sprache: | eng ; fre ; ger |
Schlagworte: | |
Online-Zugang: | Volltext bestellen |
Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
Zusammenfassung: | The invention is directed to a system for detecting when a vulnerability of an application would be exposed as a result of messages being sent the application, comprising a specification for the application that defines a state machine that indicates when a message would expose the vulnerability of the application and defines actions to take to prevent exposing the vulnerability of the application, the state machine based on a communication protocol used by the application a state store that stores a current state of the state machine for the application; and an engine that receives a message for the application, retrieves a current state of the state machine for the application, and identifies from the specification for the application actions to perform when in the retrieved current state and that message is received. |
---|