Exploiting software vulnerabilities, such as stack overflow, heap overflow, and format string exploits, enables attackers to break into victim machines. Moreover, attackers tend to use obfuscation techniques, such as encryption, to evade intrusion detection systems. In this paper, we show that a common stack-overflow attack, namely the return-to-libc attack, coupled with a common defense, namely the Address Space Layout Randomization (ASLR), together allow for constructing a keyagreement protocol that allows two entities (e.g., a Trojan and a controller) to agree on a shared key, whereas the shared key can then be used to encrypt further communication. We have developed a prototype of our key-agreement protocol to evaluate its feasibility and performance. Our results show that both time and message overhead of our protocol are linear in key length. Although our key-agreement protocol can be used by attackers for malicious purposes, it has low computation overhead, making it a candidate for adoption in CPU-constrained platforms.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.