With the fast development of computers and data networks, there have been an increasing number of hacker attacks, virus attacks on computer systems, and the introduction of malicious software. These attacks can cause failure of operating systems, loss of data files, disruption of network services, damage to computer hardware, and even loss of human lives. Many computer attacks involve illegal invocation of existing software programs in a targeted system. For example, an attacker can interject a malicious program to be executed by a host processor. The malicious program can then invoke otherwise benign programs in a pattern designed to initiate a buffer overflow for the host processor, thereby allowing the attacker to execute malicious program designed to give the attacker control over the targeted system.
Many existing computer systems are vulnerable to computer attacks employing illegal invocation of software programs. Yet, few existing solutions can effectively prevent this type of security breach. One prior art approach uses an operating system reference monitor to supervise intercommunications among program objects and to check program privileges and to control access to program assets. However, the reference monitor approach is usually very difficult to implement and is not readily adaptable to different system platforms. Some hardware solutions have also been proposed to protect memory buffers against overflow attacks. However, these solutions are usually applicable only to particular types of attacks. And hardware solutions are generally expensive and inflexible.
In view of the foregoing, it would be desirable to provide a countermeasure for illegal invocation of software programs which overcomes the above-described inadequacies and shortcomings.