Off-Path TCP Injection Attacks

作者: Yossi Gilad , Amir Herzberg

DOI: 10.1145/2597173

关键词:

摘要: We present practical off-path TCP injection attacks for connections between current, nonbuggy browsers and Web servers. The allow Web-cache poisoning with malicious objects such as spoofed pages scripts; these can be cached a long period of time, exposing any user that cache to cross-site scripting, request forgery, phishing attacks.In contrast previous attacks, we do not require MitM capabilities or malware running on the client machine. Instead, our rely weaker assumption, only enters site, but does download install application. Our exploit subtle details HTTP specifications, features legitimate (and very common) browser implementations. An empirical evaluation techniques current versions shows most popular sites are vulnerable.We conclude this work client- server-end defenses against attacks.

参考文章(37)
Amit Klein, Web Cache Poisoning Attacks. Encyclopedia of Cryptography and Security (2nd Ed.). pp. 1373- ,(2011)
Laurent Joncheray, A Simple active attack against TCP usenix security symposium. pp. 2- 2 ,(1995)
S.M. Bellovin, A look back at "security problems in the TCP/IP protocol suite annual computer security applications conference. pp. 229- 249 ,(2004) , 10.1109/CSAC.2004.3
J. Postel, Transmission Control Protocol Internet Request for Comment (RFC793). ,vol. 793, pp. 1- 91 ,(1981)
Amir Herzberg, Haya Shulman, Security of Patched DNS Computer Security – ESORICS 2012. pp. 271- 288 ,(2012) , 10.1007/978-3-642-33167-1_16
T. Killalea, Recommended Internet Service Provider Security Services and Procedures RFC. ,vol. 3013, pp. 1- 13 ,(2000)
Wesley M. Eddy, TCP SYN Flooding Attacks and Common Mitigations RFC. ,vol. 4987, pp. 1- 19 ,(2007)