Reflection Scan: an Off-Path Attack on TCP

Details Reflection Scan: an Off-Path Attack on TCP Reflection Scan: an Off-Path Attack on TCP

2012-01-10

arxiv.org/abs/1201.2074v2

Computer Science

Cryptography and Security

Scientific paper

The paper demonstrates how traffic load of a shared packet queue can be exploited as a side channel through which protected information leaks to an off-path attacker. The attacker sends to a victim a sequence of identical spoofed segments. The victim responds to each segment in the sequence (the sequence is reflected by the victim) if the segments satisfy a certain condition tested by the attacker. The responses do not reach the attacker directly, but induce extra load on a routing queue shared between the victim and the attacker. Increased processing time of packets traversing the queue reveal that the tested condition was true. The paper concentrates on the TCP, but the approach is generic and can be effective against other protocols that allow to construct requests which are conditionally answered by the victim. A proof of concept was created to assess applicability of the method in real-life scenarios.

Affiliated with

Also associated with

No associations

Rating

Reflection Scan: an Off-Path Attack on TCP does not yet have a rating. At this time, there are no reviews or comments for this scientific paper.

If you have personal experience with Reflection Scan: an Off-Path Attack on TCP, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Reflection Scan: an Off-Path Attack on TCP will most certainly appreciate the feedback.

Rate now

Comments { 0 }

Profile ID: LFWR-SCP-O-463182