Abstract
With the rapid development of the Internet industry, from a global perspective, the risks brought by network security are becoming increasingly prominent, and continue to penetrate into political, economic, cultural, social, national defense and other fields. Network security has attracted more and more researchers’ attention. This paper first analyzes the two types of network protcol attacks, reviews the development history and current status of off-path attacks, analyzes and summarizes the domestic and foreign literature from the morris TCP injection attacks inwa 1985 to the present. Finally, relying upon the reviewed work, we prospect the future development direction and research focus of off-path attacks.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Gilad, Y., Herzberg, A.: Off-path attacking the web. In: WOOT, pp. 41–52 (2012)
Gilad, Y., Herzberg, A.: Off-path TCP injection attacks. ACM Trans. Inf. Syst. Secur. (TISSEC) 16(4), 1–32 (2014)
Qian, Z., Mao, Z.M., Xie, Y.: Collaborative TCP sequence number inference attack: how to crack sequence number under a second. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 593–604 (2012)
Qian, Z., Mao, Z.M.: Off-path TCP sequence number inference attack-how firewall middleboxes reduce security. In: 2012 IEEE Symposium on Security and Privacy, pp. 347–361. IEEE (2012)
Gilad, Y., Herzberg, A.: Spying in the dark: TCP and Tor traffic analysis. In: Fischer-Hübner, S., Wright, M. (eds.) privacy enhancing technologies, pp. 100–119. Springer Berlin Heidelberg, Berlin, Heidelberg (2012). https://doi.org/10.1007/978-3-642-31680-7_6
Herzberg, A., Shulman, H.: Fragmentation considered poisonous, or: One-domain-to-rule-them-all. In: 2013 IEEE Conference on Communications and Network Security (CNS), pp. 224–232. IEEE (2013)
Gilad, Y., Herzberg, A., Shulman, H.: Off-path hacking: the illusion of challenge-response authentication. IEEE Secur. Priv. 12(5), 68–77 (2013)
Gilad, Y., Herzberg, A.: When tolerance causes weakness: the case of injection-friendly browsers. In: Proceedings of the 22nd International Conference on World Wide Web, pp. 435–446 (2013)
Knockel, J., Crandall, J.R.: Counting packets sent between arbitrary internet hosts. In: 4th {USENIX} Workshop on Free and Open Communications on the Internet ({FOCI} 14) (2014)
Chen, Q.A., Qian, Z., Jia, Y.J., et al.: Static detection of packet injection vulnerabilities: a case for identifying attacker-controlled implicit information leaks. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 388–400 (2015)
Cao, Y., Qian, Z., Wang, Z., et al.: Off-Path {TCP} exploits: global rate limit considered dangerous. In: 25th {USENIX} Security Symposium ({USENIX} Security 16), pp. 209–225 (2016)
Chen, W., Qian, Z.: Off-path {TCP} exploit: how wireless routers can jeopardize your secrets. In: 27th {USENIX} Security Symposium ({USENIX} Security 18), pp. 1581–1598 (2018)
Zhang, X., Knockel, J., Crandall, J.R.: Onis: inferring tcp/ip-based trust relationships completely off-path. In: IEEE INFOCOM 2018-IEEE Conference on Computer Communications, pp. 2069–2077. IEEE (2018)
Pearce, P., Ensafi, R., Li, F., et al.: Toward continual measurement of global network-level censorship. IEEE Secur. Priv. 16(1), 24–33 (2018)
Cao, Y., Wang, Z., Qian, Z., et al.: Principled unearthing of TCP side-channel vulnerabilities. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, pp. 211–224 (2019)
Feng, X., Fu, C., Li, Q., et al.: Off-path TCP exploits of the mixed IPID assignment. In: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, pp. 1323–1335 (2020)
Jeitner, P., Shulman, H., Waidner, M.: The impact of DNS insecurity on time. In: 2020 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 266–277. IEEE (2020)
Wang, K., Teng, Y., Wang, Q., et al.: Research on the application of SM algorithms of implicit certificate. Netinfo Secur. 21(5), 74–81 (2021)
Liu, J., Han, Y., Liu, B., Yu, B.: Research on 5G network slicing security model. Netinfo Secur. 20(4), 1–11 (2020)
Alexander, G., Espinoza, A., Crandall, J.: Detecting TCP/IP connections via IPID hash collisions. Proc. Priv. Enhancing Technol. 2019(4), 311–328 (2019)
Acknowledgments
This work was supported by the National Natural Science Foundation of China (no. 61876019, U1936218 and 62072037).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Hou, F., Yu, X., Qiu, K., Liu, J., Shi, Z., Li, Y. (2021). Research on Off-Path Exploits of Network Protocols. In: Tan, Y., Shi, Y., Zomaya, A., Yan, H., Cai, J. (eds) Data Mining and Big Data. DMBD 2021. Communications in Computer and Information Science, vol 1453. Springer, Singapore. https://doi.org/10.1007/978-981-16-7476-1_7
Download citation
DOI: https://doi.org/10.1007/978-981-16-7476-1_7
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-16-7475-4
Online ISBN: 978-981-16-7476-1
eBook Packages: Computer ScienceComputer Science (R0)