Abstract
An overview of network attacks and vulnerabilities of the TCP/IP model with respect to each layer is given using a number of protocols as an example. The purpose of this study is to identify the most common types of network protocol vulnerabilities that are based on an intruder’s incorrect use of fields defined by specifications. For example, the ability to change the value of the IP address field to the victim’s address is not an unspecified vulnerability, while the incorrect exploitation of the fragmentation flags is.
Similar content being viewed by others
REFERENCES
Lavrova, D.S., Alekseev, I.V., and Shtyrkina, A.A., Security analysis based on controlling dependences of network traffic parameters by wavelet transformation, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 931–935.
Lavrova, D., Semyanov, P., Shtyrkina, A., and Zegzhda, P., Wavelet-analysis of network traffic time-series for detection of attacks on digital production infrastructure, SHS Web Conf., 2018, vol. 44. https://doi.org/10.1051/shsconf/20184400052
Lavrova, D., Zaitceva, E., and Zegzhda, P., Bio-inspired approach to self-regulation for industrial dynamic network infrastructure, CEUR Workshop Proc., 2019, vol. 2603, pp. 34–39.
Kalinin, M., Lavrova, D., and Pechenkin, A., High performance traffic processing in virtualized framework, C. R. Acad. Bulg. Sci., 2015, vol. 68, no. 7, pp. 909–916.
Lavrova, D., Zegzhda, D., and Yarmak, A., Using GRU neural network for cyber-attack detection in automated process control systems, IEEE International Black Sea Conference on Communications and Networking (BlackSeaCom), Sochi, 2019, pp. 1–3.
Zegzhda, D., Lavrova, D., and Poltavtseva, M., Multifractal security analysis of cyberphysical systems, Nonlinear Phenom. Complex Syst. (Dordrecht, Neth.), 2019, vol. 22, no. 2, pp. 196–204.
Kalinin, M., Krundyshev, V., Rezedinova, E., and Zegzhda, P., Role-based access control for vehicular adhoc networks, 2018 IEEE International Black Sea Conference on Communications and Networking, BlackSeaCom 2018, 2018. https://doi.org/10.1109/BlackSeaCom.2018.8433628
Belenko, V., Chernenko, V., Krundyshev, V., and Kalinin, M., Data-driven failure analysis for the cyber physical infrastructures, IEEE International Conference on Industrial Cyber Physical Systems, 2019. https://doi.org/10.1109/ICPHYS.2019.8854888
Zegzhda, D.P., Kalinin, M.O., and Levykin, M.V., Actual vulnerabilities of industrial automation protocols of an open platform communications series, Autom. Control Comput. Sci., 2019, vol. 53, no. 8, pp. 972–979.
Busygin, A.G., Konoplev, A.S., and Kalinin, M.O., Approaches to protection of applications based on the TLS protocol against attacks using revoked certificates, Autom. Control Comput. Sci., 2016, vol. 50, no. 8, pp. 743–748.
Dakhnovich, A.D., Moskvin, D.A., and Zegzhda, D.P., Analysis of the information security threats in the digital production networks, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 1071–1075.
Cybersecurity Threatscape 2018: Trends and Forecasts, 2019. https://www.ptsecurity.com/ww-en/analytics/cybersecurity-threatscape-2018/#id2.
Platonov, V.V., Programmno-apparatnye sredstva zashchity informatsii (Software and Hardware Information Security Means), Moscow: Akademiya, 2013.
Dakhnovich, A.D., Zegzhda, D.P., and Moskvin, D.A., Applying garlic routing to guarantee secure collaboration of segments in a digital manufacturing network, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 1127–1133.
Dakhnovich, A., Moskvin, D., and Zeghzda, D., An approach for providing industrial control system sustainability in the age of digital transformation, IOP Conf. Ser.: Mater. Sci. Eng., 2019, vol. 497, no. 1.
Belenko, V., Krundyshev, V., and Kalinin, M., Intrusion detection for Internet of Things applying metagenome fast analysis, 3rd World Conference on Smart Trends in Systems, Security and Sustainability, WorldS4, 2019, pp. 129–135. https://doi.org/10.1109/WorldS4.2019.8904022
Kalinin, M., Krundyshev, V., Zegzhda, P., and Belenko, V., Network security architectures for VANET, ACM International Conference Proceeding Series, 2017, pp. 73–79.
Krundyshev, V., Kalinin, M., and Zegzhda, P., Artificial swarm algorithm for VANET protection against routing attacks, IEEE Industrial Cyber-Physical Systems, ICPS, 2018, pp. 795–800. https://doi.org/10.1109/ICPHYS.2018.8390808
Kalinin, M., Krundyshev, V., Rezedinova, E., and Zegzhda, P., Role-based access control for vehicular adhoc networks, 2018 IEEE International Black Sea Conference on Communications and Networking, BlackSeaCom, 2018. https://doi.org/10.1109/BlackSeaCom.2018.8433628
Platonov, V.V. and Semenov, P.O., Detection of abnormal traffic in dynamic computer networks with mobile consumer devices, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 959–964.
Bellovin, S.M., Security problems in the TCP/IP protocol suite, Comput. Commun. Rev., 1989, vol. 19, no. 2, pp. 32–48.
Tsipenyuk, K., Chess, B., and McGraw, G., Seven Pernicious Kingdoms: A Taxonomy of Software Security Errors, 2005. https://cwe.mitre.org/documents/sources/SevenPerniciousKingdoms.pdf.
Albandari, M.A., et al., Security issues in protocols of TCP/IP model at layers level, Int. J. Comput. Networks Commun. Secur., 2017, vol. 5, no. 5, pp. 96–104.
OWASP Foundation. https://www.owasp.org/.
Boneh, D., Network protocols and vulnerabilities, Computer and Network Security, 2010. https://crypto.stanford.edu/cs155old/cs155-spring11/lectures/08-tcp-dns.pdf.
DHCP Security Vulnerabilities, 2019. https://www.cvedetails.com/vulnerability-list/vendor_id-64/product_ id-17706/ISC-Dhcp.html.
Mitchell, J., Network security protocols and defensive mechanisms, Computer and Network Security, 2009. https://crypto.stanford.edu/cs155old/cs155-spring11/lectures/13-network-defense.pdf.
Pothamsetty, V. and Akyol, B., A vulnerability taxonomy for network protocols: Corresponding engineering best practicecountermeasures, IASTED International Conference on Communications, Internet, and Information Technology, 2004. https://www.researchgate.net/publication/221425438_A_vulnerability_taxonomy_for_network_ protocols_Corresponding_engineering_best_practice_countermeasures.
Author information
Authors and Affiliations
Corresponding authors
Ethics declarations
The authors declare that they have no conflicts of interest.
Additional information
Translated by M. Chubarova
About this article
Cite this article
Alekseev, I.V., Zegzhda, P.D. Specification-Based Classification of Network Protocol Vulnerabilities. Aut. Control Comp. Sci. 54, 922–929 (2020). https://doi.org/10.3103/S0146411620080040
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.3103/S0146411620080040