UCL  IRIS
Institutional Research Information Service
UCL Logo
Please report any queries concerning the funding data grouped in the sections named "Externally Awarded" or "Internally Disbursed" (shown on the profile page) to your Research Finance Administrator. Your can find your Research Finance Administrator at http://www.ucl.ac.uk/finance/research/post_award/post_award_contacts.php by entering your department
Please report any queries concerning the student data shown on the profile page to:

Email: portico-services@ucl.ac.uk

Help Desk: http://www.ucl.ac.uk/ras/portico/helpdesk
Publication Detail
Exploit Hijacking: Side Effects of Smart Defenses
Abstract
Recent advances in the defense of networked computers use instrumented binaries to track tainted data and can detect attempted break-ins automatically. These techniques identify how the transfer of execution to the attacker takes place, allowing the automatic generation of defenses. However, as with many technologies, these same techniques can also be used by the attackers: the information provided by detectors is accurate enough to allow an attacker to create a new worm using the same vulnerability, hijacking the exploit. Hijacking changes the threat landscape by pushing attacks to extremes (targeting selectively or creating a rapidly spreading worm), and increasing the requirements for automatic worm containment mechanisms. In this paper, we show that hijacking is feasible for two categories of attackers: those running detectors and those using Self-Certifying Alerts, a novel mechanism proposed by Costa et al. for end-to-end worm containment. We provide a discussion of the effects of hijacking on the threat landscape and list a series of possible countermeasures.
Publication data is maintained in RPS. Visit https://rps.ucl.ac.uk
 More search options
UCL Researchers
Author
Dept of Computer Science
Author
Dept of Computer Science
University College London - Gower Street - London - WC1E 6BT Tel:+44 (0)20 7679 2000

© UCL 1999–2011

Search by