DeepAI AI Chat
Log In Sign Up

SmartKex: Machine Learning Assisted SSH Keys Extraction From The Heap Dump

by   Christofer Fellicious, et al.
Reykjavik University
Universität Passau

Digital forensics is the process of extracting, preserving, and documenting evidence in digital devices. A commonly used method in digital forensics is to extract data from the main memory of a digital device. However, the main challenge is identifying the important data to be extracted. Several pieces of crucial information reside in the main memory, like usernames, passwords, and cryptographic keys such as SSH session keys. In this paper, we propose SmartKex, a machine-learning assisted method to extract session keys from heap memory snapshots of an OpenSSH process. In addition, we release an openly available dataset and the corresponding toolchain for creating additional data. Finally, we compare SmartKex with naive brute-force methods and empirically show that SmartKex can extract the session keys with high accuracy and high throughput. With the provided resources, we intend to strengthen the research on the intersection between digital forensics, cybersecurity, and machine learning.


page 1

page 2

page 3

page 4


Automatic Extraction of Secrets from the Transistor Jungle using Laser-Assisted Side-Channel Attacks

The security of modern electronic devices relies on secret keys stored o...

Tandem: Securing Keys by Using a Central Server While Preserving Privacy

Users' devices, e.g., smartphones or laptops, are typically incapable of...

Simplifying Electronic Document Digital Signatures

Electronic documents are typically signed using private keys and the mat...

Recovering AES Keys with a Deep Cold Boot Attack

Cold boot attacks inspect the corrupted random access memory soon after ...

Method and apparatus for automatic text input insertion in digital devices with a restricted number of keys

A device which contains number of symbol input keys, where the number of...

Moonshine: An Online Randomness Distiller for Zero-Involvement Authentication

Context-based authentication is a method for transparently validating an...

Disordered vectors in R: introducing the disordR package

Objects in the stl map class of C++ associate a value to each of a set o...