English
Related papers

Related papers: Subverting Stateful Firewalls with Protocol States…

200 papers

In this work, we propose a novel framework to identify and mitigate a recently disclosed covert channel scheme exploiting unprotected broadcast messages in cellular MAC layer protocols. Examples of covert channel are used in data…

Cryptography and Security · Computer Science 2022-09-14 Reza Soosahabi , Magdy Bayoumi

The flexibility and complexity of IPv6 extension headers allow attackers to create covert channels or bypass security mechanisms, leading to potential data breaches or system compromises. The mature development of machine learning has…

Cloud providers' support for network evasion techniques that misrepresent the server's domain name is more prevalent than previously believed, which has serious implications for security and privacy due to the reliance on domain names in…

Cryptography and Security · Computer Science 2023-07-18 Blake Anderson , David McGrew

Firewalls have long been in use to protect local networks from threats of the larger Internet. Although firewalls are effective in preventing attacks initiated from outside, they are vulnerable to insider threats, e.g., malicious insiders…

Cryptography and Security · Computer Science 2018-10-04 Ken Goss , Wei Jiang

We note that constituent fields (notably the fraction-of-seconds timestamp field) in the data payload structure of the synchrophasor communication protocol (IEEE C37.118 standard) are overprovisioned relative to real-world usage and needs,…

Cryptography and Security · Computer Science 2025-08-28 Prashanth Krishnamurthy , Ramesh Karri , Farshad Khorrami

Wireless covert channels promise to exfiltrate information with high bandwidth by circumventing traditional access control mechanisms. Ideally, they are only accessible by the intended recipient and---for regular system…

Networking and Internet Architecture · Computer Science 2015-05-06 Jiska Classen , Matthias Schulz , Matthias Hollick

Many organizations protect secure networked devices from non-secure networked devices by assigning each class of devices to a different logical network. These two logical networks, commonly called the host network and the guest network, use…

Cryptography and Security · Computer Science 2019-08-08 Adar Ovadya , Rom Ogen , Yakov Mallah , Niv Gilboa , Yossi Oren

Current low-latency anonymity systems use complex overlay networks to conceal a user's IP address, introducing significant latency and network efficiency penalties compared to normal Internet usage. Rather than obfuscating network identity…

Cryptography and Security · Computer Science 2014-07-15 Jody Sankey , Matthew Wright

Denial-of-Service attacks continue to be a serious problem for the Internet community despite the fact that a large number of defense approaches has been proposed by the research community. In this paper we introduce IP Fast Hopping, easily…

Networking and Internet Architecture · Computer Science 2014-03-31 Vladimir Krylov , Kirill Kravtsov

One of the applications of quantum technology is to use quantum states and measurements to communicate which offers more reliable security promises. Quantum data hiding, which gives the source party the ability of sharing data among…

Quantum Physics · Physics 2018-04-06 Xingyao Wu , Jianxin Chen

Modern corporations physically separate their sensitive computational infrastructure from public or other accessible networks in order to prevent cyber-attacks. However, attackers still manage to infect these networks, either by means of an…

Cryptography and Security · Computer Science 2017-03-31 Yisroel Mirsky , Mordechai Guri , Yuval Elovici

In this paper, we uncover a new side-channel vulnerability in the widely used NAT port preservation strategy and an insufficient reverse path validation strategy of Wi-Fi routers, which allows an off-path attacker to infer if there is one…

Cryptography and Security · Computer Science 2024-04-09 Yuxiang Yang , Xuewei Feng , Qi Li , Kun Sun , Ziqiang Wang , Ke Xu

Development of information technology, especially in the field of computer network allows the exchange of information faster and more complex and the data that is exchanged can vary. Security of data on communication in the network is a…

Cryptography and Security · Computer Science 2015-08-25 Heru Pranata , Leon Andretti Abdillah , Usman Ependi

In a hostile network environment, users must communicate without being detected. This involves blending in with the existing traffic. In some cases, a higher degree of secrecy is required. We present a proof-of-concept format transforming…

Cryptography and Security · Computer Science 2020-02-28 Jonathan Oakley , Lu Yu , Xingsi Zhong , Ganesh Kumar Venayagamoorthy , Richard Brooks

Web Application Firewalls (WAFs) have been introduced as essential and popular security gates that inspect incoming HTTP traffic to filter out malicious requests and provide defenses against a diverse array of web-based threats. Evading…

Cryptography and Security · Computer Science 2026-03-17 Seyed Ali Akhavani , Bahruz Jabiyev , Ben Kallus , Cem Topcuoglu , Sergey Bratus , Engin Kirda

In the presence of security countermeasures, a malware designed for data exfiltration must do so using a covert channel to achieve its goal. Among existing covert channels stands the domain name system (DNS) protocol. Although the detection…

Cryptography and Security · Computer Science 2018-06-19 Asaf Nadler , Avi Aminov , Asaf Shabtai

Source Address Validation (SAV) is a standard aimed at discarding packets with spoofed source IP addresses. The absence of SAV for outgoing traffic has been known as a root cause of Distributed Denial-of-Service (DDoS) attacks and received…

Networking and Internet Architecture · Computer Science 2023-03-29 Yevheniya Nosyk , Maciej Korczyński , Qasim Lone , Marcin Skwarek , Baptiste Jonglez , Andrzej Duda

Spoofing with falsified IP-MAC pair is the first step in most of the LAN based-attacks. Address Resolution Protocol (ARP) is stateless, which is the main cause that makes spoofing possible. Several network level and host level mechanisms…

Networking and Internet Architecture · Computer Science 2013-07-26 Ferdous A Barbhuiya , Santosh Biswas , Sukumar Nandi

We show how an off-path (spoofing-only) attacker can perform cross-site scripting (XSS), cross-site request forgery (CSRF) and site spoofing/defacement attacks, without requiring vulnerabilities in either web-browser or server and…

Cryptography and Security · Computer Science 2012-05-01 Yossi Gilad , Amir Herzberg

In the last 15 years, the Internet architecture has continued evolving organically, introducing new headers and protocols to the classic TCP/IP stack. More specifically, we have identified two major trends. First, it is common that most…

Networking and Internet Architecture · Computer Science 2022-08-11 Jordi Paillisse , Alberto Rodriguez-Natal , Fabio Maino , Albert Cabellos