WHIPS - Windows Host Intrusion Prevention System


The main objective of the WHIPS project consists in developing an Intrusion Prevention System for Windows NT/2000/XP/2003 that is able to detect any attempt to hijack the control of privileged processes, for example by means of buffer overflow attacks. WHIPS is designed to confine root-privileged processes by mediating their use of security-relevant system calls. In particular, WHIPS provides: