AUTOMATICALLY PROTECTING COMPUTER SYSTEMS FROM ATTACKS THAT EXPLOIT SECURITY VULNERABILITIES
1 Assignment
0 Petitions
Accused Products
Abstract
A first method for automatically protecting a computer system from attacks that exploit security vulnerabilities detects requests for execution of code portions, determines vulnerabilities of a code portion for which an execution request is detected, evaluates whether or not the execution of the code portion shall be prevented in a case at least one vulnerability concerning the code portion is determined, and prevents execution of the code portion if determined to do so in the evaluation. A second method for automatically protecting a computer system from attacks that exploit security vulnerabilities detects code portions which are currently executed, determines vulnerabilities of a code portion that is currently executed, evaluates whether or not the execution of the code portion shall be aborted in a case at least one vulnerability concerning the code portion is determined, and aborts execution of the code portion if determined to do so in the evaluation.
60 Citations
36 Claims
-
1-13. -13. (canceled)
-
14. A method for automatically protecting a computer system from attacks that exploit security vulnerabilities, comprising:
-
detecting requests for execution of code portions; determining vulnerabilities of a code portion for which an execution request is detected; evaluating whether or not the execution of the code portion shall be prevented in a case at least one vulnerability concerning the code portion is determined; and preventing the execution of the code portion if determined to do so in the evaluating. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A method for automatically protecting a computer system from attacks that exploit security vulnerabilities, comprising:
-
detecting code portions that are currently executed; determining vulnerabilities of a code portion that is currently executed; evaluating whether or not the execution of the code portion shall be aborted in a case at least one vulnerability concerning the code portion is determined; and aborting the execution of the code portion if determined to do so in the evaluating. - View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
-
Specification