English
Related papers

Related papers: Reflection Scan: an Off-Path Attack on TCP

200 papers

In this paper, we uncover a new off-path TCP hijacking attack that can be used to terminate victim TCP connections or inject forged data into victim TCP connections by manipulating the new mixed IPID assignment method, which is widely used…

Cryptography and Security · Computer Science 2020-09-01 Xuewei Feng , Chuanpu Fu , Qi Li , Kun Sun , Ke Xu

This paper presents Packet Chasing, an attack on the network that does not require access to the network, and works regardless of the privilege level of the process receiving the packets. A spy process can easily probe and discover the…

Cryptography and Security · Computer Science 2020-05-27 Mohammadkazem Taram , Ashish Venkat , Dean Tullsen

In this paper, we uncover a new side-channel vulnerability in the widely used NAT port preservation strategy and an insufficient reverse path validation strategy of Wi-Fi routers, which allows an off-path attacker to infer if there is one…

Cryptography and Security · Computer Science 2024-04-09 Yuxiang Yang , Xuewei Feng , Qi Li , Kun Sun , Ziqiang Wang , Ke Xu

In this paper, we unveil a fundamental side channel in Wi-Fi networks, specifically the observable frame size, which can be exploited by attackers to conduct TCP hijacking attacks. Despite the various security mechanisms (e.g., WEP and…

Networking and Internet Architecture · Computer Science 2024-10-02 Ziqiang Wang , Xuewei Feng , Qi Li , Kun Sun , Yuxiang Yang , Mengyuan Li , Ganqiu Du , Ke Xu , Jianping Wu

Everyone is concerned about the Internet security, yet most traffic is not cryptographically protected. The usual justification is that most attackers are only off-path and cannot intercept traffic; hence, challenge-response mechanisms…

Cryptography and Security · Computer Science 2013-05-07 Yossi Gilad , Amir Herzberg , Haya Shulman

We show how an off-path (spoofing-only) attacker can perform cross-site scripting (XSS), cross-site request forgery (CSRF) and site spoofing/defacement attacks, without requiring vulnerabilities in either web-browser or server and…

Cryptography and Security · Computer Science 2012-05-01 Yossi Gilad , Amir Herzberg

In a spoofing attack, an attacker impersonates a legitimate user to access or modify data belonging to the latter. Typical approaches for spoofing detection in the physical layer declare an attack when a change is observed in certain…

Signal Processing · Electrical Eng. & Systems 2023-10-18 Daniel Romero , Tien Ngoc Ha , Peter Gerstoft

Website fingerprinting attacks, which use statistical analysis on network traffic to compromise user privacy, have been shown to be effective even if the traffic is sent over anonymity-preserving networks such as Tor. The classical attack…

Cryptography and Security · Computer Science 2019-02-22 Anatoly Shusterman , Lachlan Kang , Yarden Haskal , Yosef Meltser , Prateek Mittal , Yossi Oren , Yuval Yarom

Anonymity systems such as Tor aim to enable users to communicate in a manner that is untraceable by adversaries that control a small number of machines. To provide efficient service to users, these anonymity systems make full use of…

Cryptography and Security · Computer Science 2015-03-19 Prateek Mittal , Ahmed Khurshid , Joshua Juen , Matthew Caesar , Nikita Borisov

After more than 40 years of development, the fundamental TCP/IP protocol suite, serving as the backbone of the Internet, is widely recognized for having achieved an elevated level of robustness and security. Distinctively, we take a new…

Cryptography and Security · Computer Science 2024-11-20 Xuewei Feng , Qi Li , Kun Sun , Ke Xu , Jianping Wu

IP spoofing enables reflection and amplification attacks, which cause major threats to the current Internet infrastructure. Detecting IP packets with incorrect source addresses would help to improve the situation. This is easy at the…

Networking and Internet Architecture · Computer Science 2021-10-05 Jasper Eumann , Raphael Hiesgen , Thomas C. Schmidt , Matthias Wählisch

Path MTU Discovery (PMTUD) and IP address sharing are integral aspects of modern Internet infrastructure. In this paper, we investigate the security vulnerabilities associated with PMTUD within the context of prevalent IP address sharing…

Cryptography and Security · Computer Science 2025-09-16 Xuewei Feng , Zhaoxi Li , Qi Li , Ziqiang Wang , Kun Sun , Ke Xu

Before executing an attack, adversaries usually explore the victim's network in an attempt to infer the network topology and identify vulnerabilities in the victim's servers and personal computers. Falsifying the information collected by…

Cryptography and Security · Computer Science 2019-03-08 Rami Puzis , Hadar Polad , Bracha Shapira

To meet the ever-growing need for performance in silicon devices, SoC providers have been increasingly relying on software-hardware cooperation. By controlling hardware resources such as power or clock management from the software,…

Cryptography and Security · Computer Science 2021-11-03 Joseph Gravellier , Jean-Max Dutertre , Yannick Teglia , Philippe Loubet Moundi

Machine learning models have been shown to leak information violating the privacy of their training set. We focus on membership inference attacks on machine learning models which aim to determine whether a data point was used to train the…

Cryptography and Security · Computer Science 2020-09-02 Shadi Rahimian , Tribhuvanesh Orekondy , Mario Fritz

Security can be seen as an optimisation objective in NoC resource management, and as such poses trade-offs against other objectives such as real-time schedulability. In this paper, we show how to increase NoC resilience against a concrete…

Distributed, Parallel, and Cluster Computing · Computer Science 2016-07-13 Leandro Soares Indrusiak , James Harbin , Martha Johanna Sepulveda

Despite encryption, the packet size is still visible, enabling observers to infer private information in the Internet of Things (IoT) environment (e.g., IoT device identification). Packet padding obfuscates packet-length characteristics…

Cryptography and Security · Computer Science 2023-09-13 Mnassar Alyami , Abdulmajeed Alghamdi , Mohammed Alkhowaiter , Cliff Zou , Yan Solihin

The transient-execution attack Meltdown leaks sensitive information by transiently accessing inaccessible data during out-of-order execution. Although Meltdown is fixed in hardware for recent CPU generations, most currently-deployed CPUs…

Cryptography and Security · Computer Science 2023-10-09 Daniel Weber , Fabian Thomas , Lukas Gerlach , Ruiyi Zhang , Michael Schwarz

We study the problem of secure message multicasting over graphs in the presence of a passive (node) adversary who tries to eavesdrop in the network. We show that use of feedback, facilitated through the existence of cycles or undirected…

Information Theory · Computer Science 2013-05-29 Shaunak Mishra , Christina Fragouli , Vinod Prabhakaran , Suhas Diggavi

We present a novel mechanism to construct a covert channel based on page faults. A page fault is an event that occurs when a process or a thread tries to access a page of memory that is not currently mapped to its address space. The kernel…

Operating Systems · Computer Science 2025-09-26 Sathvik Swaminathan
‹ Prev 1 2 3 10 Next ›