Off-Path TCP Injection Attacks-Reference-Cited by-同舟云学术

Off-Path TCP Injection Attacks

Published:2014-04 Issue:4 Volume:16 Page:1-32
ISSN:1094-9224
Container-title:ACM Transactions on Information and System Security
language:en
Short-container-title:ACM Trans. Inf. Syst. Secur.

Author:

Gilad Yossi¹,Herzberg Amir¹

Affiliation:

1. Bar-Ilan University

Abstract

We present practical off-path TCP injection attacks for connections between current, nonbuggy browsers and Web servers. The attacks allow Web-cache poisoning with malicious objects such as spoofed Web pages and scripts; these objects can be cached for a long period of time, exposing any user of that cache to cross-site scripting , cross-site request forgery , and phishing attacks. In contrast to previous TCP injection attacks, we do not require MitM capabilities or malware running on the client machine. Instead, our attacks rely on a weaker assumption, that the user only enters a malicious Web site, but does not download or install any application. Our attacks exploit subtle details of the TCP and HTTP specifications, and features of legitimate (and very common) browser implementations. An empirical evaluation of our techniques with current versions of browsers shows that connections with most popular Web sites are vulnerable. We conclude this work with practical client- and server-end defenses against our attacks.

Funder

Israel Science Foundation

Check Point Institute for Information Security

Ministry of Science and Technology, Israel

Publisher

Association for Computing Machinery (ACM)

Subject

Safety, Risk, Reliability and Quality,General Computer Science

Link

https://dl.acm.org/doi/pdf/10.1145/2597173

Reference48 articles.

1. Advanced Network Architecture Group. 2013. Spoofer project. http://spoofer.csail.mit.edu/summary.php. Advanced Network Architecture Group. 2013. Spoofer project. http://spoofer.csail.mit.edu/summary.php.

2. Alexa Web Information Company. 2013. Top sites. http://www.alexa.com/topsites. Alexa Web Information Company. 2013. Top sites. http://www.alexa.com/topsites.

3. Baker F. and Savola P. 2004. Ingress Filtering for Multihomed Networks. RFC 3704 (Best Current Practice). Baker F. and Savola P. 2004. Ingress Filtering for Multihomed Networks . RFC 3704 (Best Current Practice).

4. Barth A. 2011. The Web Origin Concept. RFC 6454 (Proposed Standard). Barth A. 2011. The Web Origin Concept . RFC 6454 (Proposed Standard).

Cited by 20 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. TCP Spoofing: Reliable Payload Transmission Past the Spoofed TCP Handshake;2024 IEEE Symposium on Security and Privacy (SP);2024-05-19

2. An SDN-Enabled Elliptic-Curve Diffie-Hellman Key Exchange Towards Secure P2P Networking;2024 International Conference on Computing, Networking and Communications (ICNC);2024-02-19

3. Bijack: Breaking Bitcoin Network with TCP Vulnerabilities;Lecture Notes in Computer Science;2024

4. Heimdallr: Fingerprinting SD-WAN Control-Plane Architecture via Encrypted Control Traffic;Proceedings of the 38th Annual Computer Security Applications Conference;2022-12-05

5. ConMan: A Connection Manipulation-based Attack Against Bitcoin Networking;2021 IEEE Conference on Communications and Network Security (CNS);2021-10-04