UCL logo

UCL Discovery

UCL home » Library Services » Electronic resources » UCL Discovery

Exploit hijacking: Side effects of smart defenses

Raiciu, C; Handley, M; Rosenblum, DS; (2006) Exploit hijacking: Side effects of smart defenses. In: (pp. pp. 123-130).

Full text not available from this repository.


Recent advances in the defense of networked computers use instrumented binaries to track tainted data and can detect attempted break-ins automatically. These techniques identify how the transfer of execution to the attacker takes place, allowing the automatic generation of defenses. However, as with many technologies, these same techniques can also be used by the attackers: the information provided by detectors is accurate enough to allow an attacker to create a new worm using the same vulnerability, hijacking the exploit. Hijacking changes the threat landscape by pushing attacks to extremes (targeting selectively or creating a rapidly spreading worm), and increasing the requirements for automatic worm containment mechanisms. In this paper, we show that hijacking is feasible for two categories of attackers: those running detectors and those using Self-Certifying Alerts, a novel mechanism proposed by Costa et al. for end-to-end worm containment. We provide a discussion of the effects of hijacking on the threat landscape and list a series of possible countermeasures. Copyright 2006 ACM.

Type: Proceedings paper
Title: Exploit hijacking: Side effects of smart defenses
ISBN: 1595935711
DOI: 10.1145/1162666.1162670
URI: http://discovery.ucl.ac.uk/id/eprint/4994
Downloads since deposit
Download activity - last month
Download activity - last 12 months
Downloads by country - last 12 months

Archive Staff Only

View Item View Item