METHOD AND SYSTEM FOR FILTERING COMMUNICATIONS TO PREVENT EXPLOITATION OF A SOFTWARE VULNERABILITY

The invention is directed to a system for detecting when a vulnerability of an application would be exposed as a result of messages being sent the application, comprising a specification for the application that defines a state machine that indicates when a message would expose the vulnerability of...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Simon, Daniel R, Wang, Jiahe Helen, Guo, Chuanxiong, Zugenmaier, Alf, Garms, Jason
Format: Patent
Sprache:eng ; fre ; ger
Schlagworte:
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The invention is directed to a system for detecting when a vulnerability of an application would be exposed as a result of messages being sent the application, comprising a specification for the application that defines a state machine that indicates when a message would expose the vulnerability of the application and defines actions to take to prevent exposing the vulnerability of the application, the state machine based on a communication protocol used by the application a state store that stores a current state of the state machine for the application; and an engine that receives a message for the application, retrieves a current state of the state machine for the application, and identifies from the specification for the application actions to perform when in the retrieved current state and that message is received.