Exploitation vs. Prevention: The Ongoing Saga of Software Vulnerabilities
2020; Óbuda University; Volume: 17; Issue: 7 Linguagem: Inglês
10.12700/aph.17.7.2020.7.11
ISSN2064-2687
Autores Tópico(s)Advanced Malware Detection Techniques
ResumoOnline IT systems are frequently exposed to cyber-attacks.An Exploit is an advanced attack tool that takes advantage of some software vulnerability to attack and cause harm to IT infrastructures.Developers and manufacturers of operating systems and hardware put huge effort into the prevention of vulnerability exploitation (e.g.Data Execution Prevention, Control Flow Integrity, etc.).However, the number and severity of attacks show that new exploit methods are continuously being invented despite the increasingly sophisticated protection methods.The present article summarizes the current, known and most relevant software vulnerability exploitation methods, as well as, the possible methods used to protect against these exploits.Moreover, the effectiveness of both the exploitation and prevention methods (as seen from both the attacker's and the defender's sides) is analyzed to find a possible future direction, to eliminate exploit attacks against an IT infrastructure.
Referência(s)