Stonesoft establishes new patent for detection of buffer overflow attacks
http://www.dailyfix.co.uk/articles/3/1/Stonesoft-establishes-new-patent-for-detection-of-buffer-overflow-attacks/Page1.html
By Chief Editor
Published on 29 Aug 2007
Stonesoft patents An intrusion detection method and system
Stonesoft establishes new patent for detection of buffer overflow attacks
HELSINKI, Finland August 29th, 2007 Stonesoft, an innovative provider of integrated network security and business continuity solutions, has developed and patented a new technique for detecting attacks and exploits against previously unknown vulnerabilities.
Generally, fingerprint-based network IDS/IPS detects buffer overflow (bof) attacks by identifying known attack code from the network traffic. This often requires large fingerprints. Moreover, the high number of different vulnerability exploits results in a high number of fingerprints.
Stonesoft has patented a method for performing the recognition using a much smaller piece of information - a part of a specific pointer that has to be included in a bof attack code as the basis for the fingerprint. By also taking into account the context of the fingerprint match, it is possible to identify bof attacks in a relatively reliable way.
The patented invention provides two main advantages: improved performance due to the smaller size and number of fingerprints to be matched with the network traffic; and more importantly, the ability to detect new exploits and attacks against previously unknown vulnerabilities without knowing the exact attack code.
The patent is called An intrusion detection method and system and was officially granted European patent number: 1271283 on 23.5.2007
Stonesoft´s StoneGate solution has already received a number of patents to date, both in the US and in Europe. With this patent, Stonesoft further establishes its position as a forward-thinking and innovative company in the information flow security industry, said Ilkka Hiidenheimo, Chief
Executive Officer of Stonesoft.
Generally, fingerprint-based network IDS/IPS detects buffer overflow (bof) attacks by identifying known attack code from the network traffic. This often requires large fingerprints. Moreover, the high number of different vulnerability exploits results in a high number of fingerprints.
Stonesoft has patented a method for performing the recognition using a much smaller piece of information - a part of a specific pointer that has to be included in a bof attack code as the basis for the fingerprint. By also taking into account the context of the fingerprint match, it is possible to identify bof attacks in a relatively reliable way.
The patented invention provides two main advantages: improved performance due to the smaller size and number of fingerprints to be matched with the network traffic; and more importantly, the ability to detect new exploits and attacks against previously unknown vulnerabilities without knowing the exact attack code.
The patent is called An intrusion detection method and system and was officially granted European patent number: 1271283 on 23.5.2007
Stonesoft´s StoneGate solution has already received a number of patents to date, both in the US and in Europe. With this patent, Stonesoft further establishes its position as a forward-thinking and innovative company in the information flow security industry, said Ilkka Hiidenheimo, Chief
Executive Officer of Stonesoft.