SYSTEM AND METHOD FOR EXPLOITING ATTACK DETECTION BY VALIDATING APPLICATION STACK AT RUNTIME

摘要

In one aspect, a computer-implemented method for monitoring and validating execution of an executable binary code, includes the step of, prior to beginning execution of the executable binary code, disassembling the executable binary code, listing all of application programming interfaces (API) or function calls in the executable binary code, generating a validation table for a type of each of the APIs or each of the function calls, a location of each of the APIs or each of the function calls, and a return address of each of the APIs or each of the function calls in the executable binary code, and listing in the validation table the type of each of the APIs or each of the function calls