首页> 外国专利> Computer security technique employing patch with detection and/or characterization mechanism for exploit of patched vulnerability

Computer security technique employing patch with detection and/or characterization mechanism for exploit of patched vulnerability

机译：利用具有检测和/或特征化机制的修补程序来利用修补程序漏洞的计算机安全技术

页面导航

摘要
著录项
相似文献

摘要

A patch or set of patches may be deployed, often to a subset of potentially vulnerable systems, to address a particular vulnerability while providing a facility to monitor and, in some cases, characterize post-patch exploit attempts. Often, such a patch will check for an exploit signature and, if an exploit attempt is detected or suspected, take an appropriate action. For example, the patch may include code to log indicative data or trigger such logging. In some exploitations, the patch may generate or contribute to a warning or advisory regarding an additional target (or targets) of the exploit and, if appropriate, initiate a patch or protective measure for the additional target(s). In some exploitations, the patch may simulate responses or behaviors suggestive (to an attacker) of unpatched code. In some exploitations, the patch may direct an exploit attempt to a service (or simulated service) hosted or executing in an isolated protection domain

机译：补丁程序或补丁程序集通常可以部署到潜在易受攻击系统的子集中，以解决特定漏洞，同时提供监视和在某些情况下表征补丁后利用尝试的工具。通常，此类补丁会检查漏洞利用程序签名，如果检测到或怀疑漏洞利用程序尝试，请采取适当的措施。例如，补丁可以包括用于记录指示性数据或触发这种记录的代码。在某些漏洞利用中，补丁可能会产生有关漏洞利用的一个或多个其他目标的警告或建议，或者可能会做出警告或建议，并在适当的情况下启动针对附加目标的补丁或保护性措施。在某些利用中，补丁程序可以模拟暗示（对于攻击者）未补丁程序代码的响应或行为。在某些漏洞利用中，补丁可能会将漏洞利用尝试定向到在隔离保护域中托管或执行的服务（或模拟服务）

著录项

公开/公告号US2007044153A1

专利类型
公开/公告日2007-02-22

原文格式PDF
申请/专利权人 CHRISTOPH L. SCHUBA;DWIGHT F. HARE;GABRIEL E. MONTENEGRO;
展开▼

申请/专利号US20050207341
发明设计人 DWIGHT F. HARE;CHRISTOPH L. SCHUBA;GABRIEL E. MONTENEGRO;
展开▼

申请日2005-08-19
分类号G06F12/14;H04L9/32;G06F11/00;G06F11/30;G06F12/16;G06F15/18;G08B23/00;
国家 US
入库时间 2022-08-21 21:03:56

相似文献

专利
外文文献
中文文献