Mark Allman - LBW+15

Mark Allman / ICSI

@mallman_icsi

Updated on Oct 27, 2020

Home Contact Information Schedule

Papers Talks Software Data Projects

Teaching Students

Professional Activities Group Blog

Fun and Trivia

Matthew Luckie, Robert Beverly, Tiange Wu, Mark Allman, kc claffy. Resilience of Deployed TCP to Blind Off-Path Attacks. ACM Internet Measurement Conference, October 2015.
PDF | Matthew's Slides
Abstract:

As part of TCP's steady evolution, recent standards have recommended mechanisms to protect against weaknesses in TCP. But adoption, configuration, and deployment of TCP improvements can be slow. In this work, we consider the resilience of deployed TCP implementations to blind in-window attacks, where an off-path adversary disrupts an established connection by sending a packet that the victim believes came from its peer, causing data corruption or connection reset. We tested operating systems (and middleboxes deployed in front) of webservers in the wild in September 2015 and found 22% of connections vulnerable to in-window SYN and reset packets, 30% vulnerable to in-window data packets, and 38.4% vulnerable to at least one of three in-window attacks we tested. We also tested out-of-window packets and found that while few deployed systems were vulnerable to reset and SYN packets, 5.4% of connections accepted in-window data with an invalid acknowledgment number. In addition to evaluating commodity TCP stacks, we found vulnerabilities in 12 of 14 of the routers and switches we characterized -- critical network infrastructure where the potential impact of any TCP vulnerabilities is particularly acute. This surprisingly high level of extant vulnerabilities in the most mature Internet transport protocol in use today is a perfect illustration of the Internet's fragility. Embedded in historical context, it also provides a strong case for more systematic, scientific, and longitudinal measurement and quantitative analysis of fundamental properties of critical Internet infrastructure, as well as for the importance of better mechanisms to get best security practices deployed.

BibTeX:
@inproceedings{LBW+15,
    author    = "Matthew Luckie and Robert Beverly and Tiange Wu and Mark Allman and kc claffy",
    title     = "{Resilience of Deployed TCP to Blind Off-Path Attacks}",
    booktitle = "ACM SIGCOMM Internet Measurement Conference",
    year      = 2015,
    month     = oct,
}
IMC 2015 Best Paper Award

PRINT NOTHING

"We are what we repeatedly do. Excellence, then, is not an act, but a habit." --Aristotle