KIMO

Anti-exploit solution that
effectively blocks inflow of malicious code

Anti-exploit solution that effectively blocks
inflow of malicious code using software security vulnerability

  • E-mail overseas@igloosec.com

Product Introduction

KiMO detects and blocks vulnerability attack behavior itself of various software and application programs instead of detecting and treating malicious codes.
Therefore, it can defend against zero day attack in real time that could not be detected by previous pattern based solutions.

KiMO

  • Track the running flow of targeted SW depending on the vulnerability attack model
  • Detect attacks bypassing protection technology provided as a default from OS including DEP, ASLR
  • Monitor abnormal requests by monitoring specific areas used by attackers
  • Protect the memory area by monitoring the running flow of application program
  • Identify abnormal areas in a document through structural analysis of targeted SW

Advantages of KiMO

Comparison of KiMO (Anti-exploit) and Anti-virus

Comparison of KiMO (Anti-exploit) and Anti-virus
Classification KiMO Anti-virus
Responding method Advance response Post response
Purpose Detects vulnerability attacks Detects malicious files
SW Protection Protects SW itself that occur vulnerability attacks frequently. -
Known vulnerability Detects and blocks attacking behavior itself Signature based diagnosis
Zero day vulnerability Detect and block -
Treatment of malicious code No treating function Treats malicious code detected by diagnosis name
Signature DB update None Update with new sample
SW Update cycle Functional and model update At the time of functional update

System Structure of KiMO

  • Attack attempt
    Attack attempt
    • Attempt malicious code flow by using weakness of program
  • STOP
    STOP
  • Detect/block/
    analyze
    Detect/block/
    analyze
    • penetration that cannot be detected by pattern based vaccine
  • Company-wide dispersion
    Company-wide dispersion
    • security policy management
Attack
attempt
  • Attack attempt with malicious code in the form of web & attached file by using program's vulnerability (including zero-day vulnerability)
  • Stealthily penetrate so that the user cannot perceive at all
Detect/block/
/analyze
  • Detect/block stealthy penetration that cannot be detected by pattern-based vaccine
Company-wide
propagation
Company-wide
security policy
change
  • Post prevention measure by company-wide propagation and security policy modification through central security policy management