English
Related papers

Related papers: Exploiting Cross-Layer Vulnerabilities: Off-Path A…

200 papers

In this paper, we uncover a new side-channel vulnerability in the widely used NAT port preservation strategy and an insufficient reverse path validation strategy of Wi-Fi routers, which allows an off-path attacker to infer if there is one…

Cryptography and Security · Computer Science 2024-04-09 Yuxiang Yang , Xuewei Feng , Qi Li , Kun Sun , Ziqiang Wang , Ke Xu

We analyzed the generation of protocol header fields in the implementations of multiple TCP/IP network stacks and found new ways to leak information about global protocol states. We then demonstrated new covert channels by remotely…

Cryptography and Security · Computer Science 2022-09-02 Amit Klein

Path MTU Discovery (PMTUD) and IP address sharing are integral aspects of modern Internet infrastructure. In this paper, we investigate the security vulnerabilities associated with PMTUD within the context of prevalent IP address sharing…

Cryptography and Security · Computer Science 2025-09-16 Xuewei Feng , Zhaoxi Li , Qi Li , Ziqiang Wang , Kun Sun , Ke Xu

In this paper, we unveil a fundamental side channel in Wi-Fi networks, specifically the observable frame size, which can be exploited by attackers to conduct TCP hijacking attacks. Despite the various security mechanisms (e.g., WEP and…

Networking and Internet Architecture · Computer Science 2024-10-02 Ziqiang Wang , Xuewei Feng , Qi Li , Kun Sun , Yuxiang Yang , Mengyuan Li , Ganqiu Du , Ke Xu , Jianping Wu

Currently, the TCP/IP model enables exploitation of vulnerabilities anonymously by unconditionally fulfilling every request for a connection into an application; the model only incorporates authentication within applications themselves,…

Cryptography and Security · Computer Science 2025-09-17 Jonathon Anderson

In this paper, we uncover a new off-path TCP hijacking attack that can be used to terminate victim TCP connections or inject forged data into victim TCP connections by manipulating the new mixed IPID assignment method, which is widely used…

Cryptography and Security · Computer Science 2020-09-01 Xuewei Feng , Chuanpu Fu , Qi Li , Kun Sun , Ke Xu

Internet-of-Things (IoT) devices, ranging from smart home assistants to health devices, are pervasive: Forecasts estimate their number to reach 29 billion by 2030. Understanding the security of their machine-to-machine communication is…

Cryptography and Security · Computer Science 2024-10-02 Carlotta Tagliaro , Martina Komsic , Andrea Continella , Kevin Borgolte , Martina Lindorfer

Everyone is concerned about the Internet security, yet most traffic is not cryptographically protected. The usual justification is that most attackers are only off-path and cannot intercept traffic; hence, challenge-response mechanisms…

Cryptography and Security · Computer Science 2013-05-07 Yossi Gilad , Amir Herzberg , Haya Shulman

IP spoofing enables reflection and amplification attacks, which cause major threats to the current Internet infrastructure. Detecting IP packets with incorrect source addresses would help to improve the situation. This is easy at the…

Networking and Internet Architecture · Computer Science 2021-10-05 Jasper Eumann , Raphael Hiesgen , Thomas C. Schmidt , Matthias Wählisch

-Multipath communications at the Internet scale have been a myth for a long time, with no actual protocol being deployed so that multiple paths could be taken by a same connection on the way towards an Internet destination. Recently, the…

Networking and Internet Architecture · Computer Science 2017-04-25 Ho-Dac-Duy Nguyen , Chi-Dung Phung , Stefano Secci , Benevid Felix , Michele Nogueira

The advancement of manufacturing technologies has enabled the integration of more intellectual property (IP) cores on the same system-on-chip (SoC). Scalable and high throughput on-chip communication architecture has become a vital…

Cryptography and Security · Computer Science 2023-09-29 Hansika Weerasena , Prabhat Mishra

Targeted attacks against network infrastructure are notoriously difficult to guard against. In the case of communication networks, such attacks can leave users vulnerable to censorship and surveillance, even when cryptography is used. Much…

Cryptography and Security · Computer Science 2017-04-11 Edward L. Platt , Daniel M. Romero

We show how an off-path (spoofing-only) attacker can perform cross-site scripting (XSS), cross-site request forgery (CSRF) and site spoofing/defacement attacks, without requiring vulnerabilities in either web-browser or server and…

Cryptography and Security · Computer Science 2012-05-01 Yossi Gilad , Amir Herzberg

The paper demonstrates how traffic load of a shared packet queue can be exploited as a side channel through which protected information leaks to an off-path attacker. The attacker sends to a victim a sequence of identical spoofed segments.…

Cryptography and Security · Computer Science 2012-01-25 Jan Wrobel

Cellular phones, wireless laptops, personal portable devices that supports both voice and data access are all examples of communicating devices that uses wireless communication. Sine TCP/IP (and UDP) is the dominant technology in use in the…

Networking and Internet Architecture · Computer Science 2007-05-23 Milenko Petrovic , Mokhtar Aboelaze

Computers and computer networks have become integral to virtually every aspect of modern life, with the Internet playing an indispensable role. Organizations, businesses, and individuals now store vast amounts of proprietary, confidential,…

Cryptography and Security · Computer Science 2025-07-28 Yuksel Arslan

Internet resources form the basic fabric of the digital society. They provide the fundamental platform for digital services and assets, e.g., for critical infrastructures, financial services, government. Whoever controls that fabric…

Cryptography and Security · Computer Science 2022-05-12 Tianxiang Dai , Philipp Jeitner , Haya Shulman , Michael Waidner

The emergence of quantum computing poses a formidable security challenge to network protocols traditionally safeguarded by classical cryptographic algorithms. This paper provides an exhaustive analysis of vulnerabilities introduced by…

Cryptography and Security · Computer Science 2024-05-08 Yaser Baseri , Vikas Chouhan , Abdelhakim Hafid

Attacks on Internet routing are typically viewed through the lens of availability and confidentiality, assuming an adversary that either discards traffic or performs eavesdropping. Yet, a strategic adversary can use routing attacks to…

Networking and Internet Architecture · Computer Science 2020-08-13 Yixin Sun , Maria Apostolaki , Henry Birge-Lee , Laurent Vanbever , Jennifer Rexford , Mung Chiang , Prateek Mittal

The Model Context Protocol (MCP) has emerged as a standard for connecting large language models (LLMs) with external tools. However, this MCP ecosystem introduces new security risks across hosts, servers, and registries. In this paper, we…

Cryptography and Security · Computer Science 2026-04-29 Xiaofan Li , Xing Gao
‹ Prev 1 2 3 10 Next ›