Security Investigate

Peeping Tom in the Neighborhood: Keystroke Eavesdropping on Multi-User Systems

Download now Free registration required

Executive Summary

A multi-user system usually involves a large amount of information shared among its users. The security implications of such information can never be underestimated. In this paper, the authors present a new attack that allows a malicious user to eavesdrop on other users' keystrokes using such information. Their attack takes advantage of the stack information of a process disclosed by its virtual file within procfs, the process file system supported by Linux. They show that on a multi-core system, the ESP of a process when it is making system calls can be effectively sampled by a "Shadow" program that continuously reads the public statistical information of the process.

  • Format: PDF
  • Size: 456.9 KB