Comments on “security problems in the TCP/IP protocol suite”
ACM SIGCOMM Computer Communication Review
ACM SIGCOMM Computer Communication Review
Securing the commercial Internet
Communications of the ACM
A Methodology for Testing Intrusion Detection Systems
IEEE Transactions on Software Engineering
A public-key based secure mobile IP
MobiCom '97 Proceedings of the 3rd annual ACM/IEEE international conference on Mobile computing and networking
Catapults and grappling hooks: the tools and techniques of information warfare
IBM Systems Journal
Design of a high-performance ATM firewall
ACM Transactions on Information and System Security (TISSEC)
A public-key based secure mobile IP
Wireless Networks
International Journal of Network Management
Practical network support for IP traceback
Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
Network traffic tracking systems: folly in the large?
Proceedings of the 2000 workshop on New security paradigms
Adaptive Intrusion Detection: A Data Mining Approach
Artificial Intelligence Review - Issues on the application of data mining
Authenticated ad hoc routing at the link layer for mobile systems
Wireless Networks
Network support for IP traceback
IEEE/ACM Transactions on Networking (TON)
Securing IPv6 neighbor and router discovery
WiSE '02 Proceedings of the 1st ACM workshop on Wireless security
Access Control and Session Management in the HTTP Environment
IEEE Internet Computing
Computer
ACM Transactions on Internet Technology (TOIT)
Specification-Based Testing of Firewalls
PSI '02 Revised Papers from the 4th International Andrei Ershov Memorial Conference on Perspectives of System Informatics: Akademgorodok, Novosibirsk, Russia
Providing Process Origin Information to Aid in Network Traceback
ATEC '02 Proceedings of the General Track of the annual conference on USENIX Annual Technical Conference
State of the Art in Applied Cryptography, Course on Computer Security and Industrial Cryptography - Revised Lectures
Algorithms for mining system audit data
Data mining, rough sets and granular computing
A practical method to counteract denial of service attacks
ACSC '03 Proceedings of the 26th Australasian computer science conference - Volume 16
On Security Study of Two Distance Vector Routing Protocols or Mobile Ad Hoc Networks
PERCOM '03 Proceedings of the First IEEE International Conference on Pervasive Computing and Communications
Probable Plaintext Cryptanalysis of the IP Security Protocols
SNDSS '97 Proceedings of the 1997 Symposium on Network and Distributed System Security
Tracing DDoS Floods: An Automated Approach
Journal of Network and Systems Management
DDoS attacks and defense mechanisms: classification and state-of-the-art
Computer Networks: The International Journal of Computer and Telecommunications Networking
SPV: secure path vector routing for securing BGP
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
Contact networking: a localized mobility system
Proceedings of the 1st international conference on Mobile systems, applications and services
Providing process origin information to aid in computer forensic investigations
Journal of Computer Security
You Can Run, But You Can't Hide: An Effective Statistical Methodology to Trace Back DDoS Attackers
IEEE Transactions on Parallel and Distributed Systems
Towards an architectural treatment of software security: a connector-centric approach
SESS '05 Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications
Exploiting open functionality in SMS-capable cellular networks
Proceedings of the 12th ACM conference on Computer and communications security
Experimental analysis of attacks against intradomain routing protocols
Journal of Computer Security
New architecture for intra-domain network security issues
Communications of the ACM - Entertainment networking
Analysis of the SPV secure routing protocol: weaknesses and lessons
ACM SIGCOMM Computer Communication Review
HOTOS'05 Proceedings of the 10th conference on Hot Topics in Operating Systems - Volume 10
Centertrack: an IP overlay network for tracking DoS floods
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
On interdomain routing security and pretty secure BGP (psBGP)
ACM Transactions on Information and System Security (TISSEC)
Data mining approaches for intrusion detection
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Securing 'classical IP over ATM networks'
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Problem areas for the IP security protocols
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
A Simple active attack against TCP
SSYM'95 Proceedings of the 5th conference on USENIX UNIX Security Symposium - Volume 5
Implementing a secure rlogin environment: a case study of using a secure network layer protocol
SSYM'95 Proceedings of the 5th conference on USENIX UNIX Security Symposium - Volume 5
Independent one-time passwords
SSYM'95 Proceedings of the 5th conference on USENIX UNIX Security Symposium - Volume 5
Using the domain name system for system break-ins
SSYM'95 Proceedings of the 5th conference on USENIX UNIX Security Symposium - Volume 5
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
TARP: Ticket-based address resolution protocol
Computer Networks: The International Journal of Computer and Telecommunications Networking
Noninvasive Methods for Host Certification
ACM Transactions on Information and System Security (TISSEC)
Logging based IP Traceback in switched ethernets
Proceedings of the 1st European Workshop on System Security
An authentication and validation mechanism for analyzing syslogs forensically
ACM SIGOPS Operating Systems Review
Detecting denial of service attacks using database queries
ICCOM'05 Proceedings of the 9th WSEAS International Conference on Communications
On the computational complexity and effectiveness of N-hub shortest-path routing
IEEE/ACM Transactions on Networking (TON)
Record path header for triangle routing attacks in IPv6 networks
WSEAS TRANSACTIONS on COMMUNICATIONS
Exploiting open functionality in SMS-capable cellular networks
Journal of Computer Security
Record path header for triangle routing attacks in IPv6 networks
WSEAS TRANSACTIONS on COMMUNICATIONS
Simulating cyber-attacks for fun and profit
Proceedings of the 2nd International Conference on Simulation Tools and Techniques
An enhanced secure ARP protocol and LAN switch for preveting ARP based attacks
Proceedings of the 2009 International Conference on Wireless Communications and Mobile Computing: Connecting the World Wirelessly
Understanding the efficacy of deployed internet source address validation filtering
Proceedings of the 9th ACM SIGCOMM conference on Internet measurement conference
Configuration management and security
IEEE Journal on Selected Areas in Communications - Special issue on network infrastructure configuration
Spoofing challenges faced by broadband access concentrators
COMSNETS'09 Proceedings of the First international conference on COMmunication Systems And NETworks
Covert messaging through TCP timestamps
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
Towards a unifying approach in understanding security problems
ISSRE'09 Proceedings of the 20th IEEE international conference on software reliability engineering
Lightweight opportunistic tunneling (LOT)
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
An approach towards anomaly based detection and profiling covert TCP/IP channels
ICICS'09 Proceedings of the 7th international conference on Information, communications and signal processing
Computers and Electrical Engineering
Exploiting social networking sites for spam
Proceedings of the 17th ACM conference on Computer and communications security
Privacy requirements engineering for trustworthy e-government services
TRUST'10 Proceedings of the 3rd international conference on Trust and trustworthy computing
Network security via reverse engineering of TCP code: vulnerability analysis and proposed solutions
INFOCOM'96 Proceedings of the Fifteenth annual joint conference of the IEEE computer and communications societies conference on The conference on computer communications - Volume 2
Analysis of BGP prefix origins during google's may 2005 outage
IPDPS'06 Proceedings of the 20th international conference on Parallel and distributed processing
Router based approach to mitigate DOS attacks on the wireless networks
Proceedings of the 2011 International Conference on Communication, Computing & Security
A novel solution for IP spoofing attacks
ISP'07 Proceedings of the 6th WSEAS international conference on Information security and privacy
International Journal of Mobile Communications
Cirripede: circumvention infrastructure using router redirection with plausible deniability
Proceedings of the 18th ACM conference on Computer and communications security
Evaluation of network blocking algorithm based on ARP spoofing and its application
ICCSA'05 Proceedings of the 2005 international conference on Computational Science and Its Applications - Volume Part II
Secure routing using factual correctness
NETWORKING'06 Proceedings of the 5th international IFIP-TC6 conference on Networking Technologies, Services, and Protocols; Performance of Computer and Communication Networks; Mobile and Wireless Communications Systems
A network service access control framework based on network blocking algorithm
KES'05 Proceedings of the 9th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part III
Embedding covert channels into TCP/IP
IH'05 Proceedings of the 7th international conference on Information Hiding
FORTE'05 Proceedings of the 25th IFIP WG 6.1 international conference on Formal Techniques for Networked and Distributed Systems
Review: TCP/IP security threats and attack methods
Computer Communications
Feature: IP spoofing and session hijacking
Network Security
Network Security
WOOT'12 Proceedings of the 6th USENIX conference on Offensive Technologies
SILENTKNOCK: practical, provably undetectable authentication
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
When tolerance causes weakness: the case of injection-friendly browsers
Proceedings of the 22nd international conference on World Wide Web
Protocol-oblivious forwarding: unleash the power of SDN through a future-proof forwarding plane
Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking
DataTraffic Monitoring and Analysis
Hi-index | 0.02 |
The TCP/IP protocol suite, which is very widely used today, was developed under the sponsorship of the Department of Defense. Despite that, there are a number of serious security flaws inherent in the protocols, regardless of the correctness of any implementations. We describe a variety of attacks based on these flaws, including sequence number spoofing, routing attacks, source address spoofing, and authentication attacks. We also present defenses against these attacks, and conclude with a discussion of broad-spectrum defenses such as encryption.