Selective import/export address table filtering

What is claimed is: 1. A system comprising: one or more processors; and memory coupled to at least one of the one or more processors, the memory comprising computer executable instructions that, when executed by the one or more processors, performs a method comprising: scanning for exportable functions accessible to an executing program, the exportable functions having exportable function name strings; modifying a relative virtual address (RVA) of one or more of the exportable function name strings to point to an access-restricted memory location; registering an exception handler to process exceptions occurring in response to attempted access of the access-restricted memory location; and processing a received exception, wherein the processing comprises determining whether a memory address of the received exception is within an expected address range. 2. The system of claim 1 , wherein scanning for the exportable functions is performed by an address table filtering module loaded into a memory address space of a target process associated with the executable program. 3. The system of claim 2 , wherein the address table filtering module scans a list of preselected system libraries located in one or more address tables associated with the executable program. 4. The system of claim 1 , wherein the RVA refers to a memory address of an object in an image file after the object is loaded into memory, minus a base address of the image file. 5. The system of claim 1 , wherein modifying the RVA comprises: storing an original function name RVA of a function in a data structure; assigning an alternate memory address to the function; and storing the alternate memory address in the data structure. 6. The system of claim 1 , wherein the modifying the RVA of the one or more of the exportable function name strings comprises modifying only a first function name string listed first in an address table and a second function name string listed last in the address table. 7. The system of claim 1 , wherein processing the received exception further comprises determining, by the exception handler, whether the memory address of the received exception corresponds to the RVA of the one or more of the exportable function name strings. 8. The system of claim 1 , wherein determining whether the memory address of the received exception is within the expected address range comprises comparing an address of an instruction pointer associated with the received exception to a memory address boundary of the exportable function name strings. 9. The system of claim 1 , wherein, when a memory address of the received exception is determined to be within the expected address range, a thread context of a target process associated with the executable program is updated to point to a modified RVA. 10. The system of claim 1 , wherein, when a memory address of the received exception is determined to be outside the expected address range, a remedial action is performed. 11. The system of claim 10 , wherein the remedial action is at least one of: generating a warning, terminating one or more processes associated with the executing program, modifying one or more permissions, quarantining one or more files, or performing an anti-exploit action. 12. The system of claim 1 , wherein processing the received exception further comprises evaluating the received exception using at least one of regular expressions or fuzzy logic. 13. A method comprising: scanning for exportable functions accessible to an executing program, the exportable functions having exportable function name strings; modifying a relative virtual address (RVA) of one or more of the exportable function name strings to point to an access-restricted memory location; registering an exception handler to process exceptions occurring in response to attempted access of the access-restricted memory location; and processing a received exception, wherein the processing comprises determining whether a memory address of the received exception is within an expected address range. 14. The method of claim 13 , further comprising: loading the executable program in an execution environment of an operating system; and in response to loading the executable program, loading an address table filtering module into a memory address space of a target process associated with the executable program. 15. The method of claim 13 , wherein scanning for exportable functions comprises evaluating one or more data sources accessible to the executable program, the one or more data sources including at least one of a library file and an address table. 16. The method of claim 15 , wherein the one or more data sources are dynamically determined during execution of the executing program based on at least one of program identifier, program type, program operational capabilities, or program memory footprint. 17. The method of claim 15 , wherein the one or more data sources are defined prior to execution of the executing program. 18. The method of claim 13 , wherein scanning for exportable functions comprises: identifying function data comprising a function name, a function address, and a function ordinal number; and storing the function data in temporary address table. 19. The method of claim 13 , wherein the expected address range corresponds to memory address boundaries of a whitelisted system binary. 20. A computer-readable storage device storing computer executable instructions that when executed cause a computing system to perform a method comprising: scanning for exportable functions accessible to an executing program, the exportable functions having exportable function name strings; modifying a relative virtual address (RVA) of one or more of the exportable function name strings to point to an access-restricted memory location; registering an exception handler to process exceptions occurring in response to attempted access of the access-restricted memory location; and processing a received exception, wherein the processing comprises determining whether a memory address of the received exception is within an expected address range.