Gilad et al., 2014 - Google Patents
Off-path TCP injection attacksGilad et al., 2014
View PDF- Document ID
- 10998419842803932819
- Author
- Gilad Y
- Herzberg A
- Publication year
- Publication venue
- ACM Transactions on Information and System Security (TISSEC)
External Links
Snippet
We present practical off-path TCP injection attacks for connections between current, nonbuggy browsers and Web servers. The attacks allow Web-cache poisoning with malicious objects such as spoofed Web pages and scripts; these objects can be cached for …
- 235000010384 tocopherol 0 title abstract description 100
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Gilad et al. | Off-path TCP injection attacks | |
| CN101072106B (en) | Method and system for defending against denial of service attacks | |
| Qian et al. | Off-path TCP sequence number inference attack-how firewall middleboxes reduce security | |
| Qian et al. | Collaborative TCP sequence number inference attack: how to crack sequence number under a second | |
| Gilad et al. | Off-Path Attacking the Web. | |
| US8321955B2 (en) | Systems and methods for protecting against denial of service attacks | |
| Harris et al. | TCP/IP security threats and attack methods | |
| US9843590B1 (en) | Method and apparatus for causing a delay in processing requests for internet resources received from client devices | |
| Karig et al. | Remote denial of service attacks and countermeasures | |
| Gilad et al. | Off-path hacking: The illusion of challenge-response authentication | |
| Feng et al. | PMTUD is not Panacea: Revisiting IP Fragmentation Attacks against TCP. | |
| Burgers et al. | Prevent session hijacking by binding the session to the cryptographic network credentials | |
| Quach et al. | Investigation of the 2016 linux tcp stack vulnerability at scale | |
| Goldschmidt et al. | Defense against syn flood dos attacksˇ using network-based mitigation techniques | |
| Gilad et al. | When tolerance causes weakness: the case of injection-friendly browsers | |
| Nagesh et al. | A survey on denial of service attacks and preclusions | |
| Alosaimi et al. | Mitigation of distributed denial of service attacks in the cloud | |
| Nagpal et al. | Preventive measures for securing web applications using broken authentication and session management attacks: A study | |
| Wang et al. | Using web-referral architectures to mitigate denial-of-service threats | |
| US10079857B2 (en) | Method of slowing down a communication in a network | |
| Hyppönen | Securing a linux server against cyber attacks | |
| Srivatsa et al. | A client-transparent approach to defend against denial of service attacks | |
| Tolboom | Computer Systems Security | |
| Sørensen et al. | Automatic profile-based firewall for iot devices | |
| Smith et al. | Comparison of operating system implementations of SYN flood defenses (cookies) |