Off-path attacking the web

6th USENIX Workshop on Offensive Technologies, WOOT 2012

Volumn , Issue , 2012, Pages

  Gilad, Yossi ^a   Herzberg, Amir ^a  

^a BAR ILAN UNIVERSITY   (Israel)

Author keywords

[No Author keywords available]

Indexed keywords

TRANSMISSION CONTROL PROTOCOL;

CLIENT MACHINE; CROSS-SITE SCRIPTING; IN BROWSERS; IP SPOOFING; LEARNING TECHNIQUES; SEQUENCE NUMBER; SIDE-CHANNEL; TCP CONNECTIONS;

SIDE CHANNEL ATTACK;

EID: 85084164109     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (36)

1. Advanced Network Architecture Group. ANA Spoofer Project. http://spoofer.csail.mit.edu/summary.php, 2012.
2. Alexa Web Information Company. Top Sites. http://www.alexa.com/topsites, 2012.
3. Spiros Antonatos, Periklis Akritidis, Vinh The Lam, and Kostas G. Anagnostakis. Puppetnets: Misusing Web Browsers as a Distributed Attack Infrastructure. ACM Transactions on Information and System Security, 12(2):12:1–12:15, December 2008.
4. A. Barth. The Web Origin Concept. RFC 6454 (Proposed Standard), December 2011.
5. Adam Barth, Collin Jackson, and John C. Mitchell. Robust Defenses for Cross-Site Request Forgery. In Peng Ning, Paul F. Syverson, and Somesh Jha, editors, ACM Conference on Computer and Communications Security, pages 75–88. ACM, 2008.
6. S. M. Bellovin. Security Problems in the TCP/IP Protocol Suite. Computer Communication Review, 19(2):32–48, apr 1989.
7. Steven M. Bellovin. A Technique for Counting Natted Hosts. In Internet Measurement Workshop, pages 267–272. ACM, 2002.
8. Steven M. Bellovin. A Look Back at”Security Problems in the TCP/IP Protocol Suite”. In ACSAC, pages 229–249. IEEE Computer Society, 2004.
9. T. Dierks and C. Allen. The TLS Protocol Version 1.0. RFC 2246 (Proposed Standard), January 1999. Obsoleted by RFC 4346, updated by RFCs 3546, 5746, 6176.
10. W. Eddy. TCP SYN Flooding Attacks and Common Mitigations. RFC 4987 (Informational), August 2007.
11. Toby Ehrenkranz and Jun Li. On the State of IP Spoofing Defense. ACM Transactions on Internet Technology (TOIT), 9(2), 2009.
12. ~herzbea/ security/code/puppet-example.js, 2012.
13. Yossi Gilad and Amir Herzberg. Spying in the Dark: TCP and Tor Traffic Analysis. In Privacy Enhancing Technologies Symposium (PETS), 2012.
14. F. Gont. Security Assessment of the Internet Protocol Version 4. RFC 6274 (Informational), July 2011.
15. F. Gont and S. Bellovin. Defending against Sequence Number Attacks. RFC 6528 (Proposed Standard), February 2012.
16. Trevor Jim, Nikhil Swamy, and Michael Hicks. Defeating Script Injection Attacks with Browser-Enforced Embedded Policies. In Carey L. Williamson, Mary Ellen Zurko, Peter F. Patel-Schneider, and Prashant J. Shenoy, editors, Proceedings of the 16th International Conference on World Wide Web, pages 601–610. ACM, 2007.
17. S. Kent and K. Seo. Security Architecture for the Internet Protocol. RFC 4301 (Proposed Standard), December 2005.
18. T. Killalea. Recommended Internet Service Provider Security Services and Procedures. RFC 3013 (Best Current Practice), November 2000.
19. Amit Klein. DOM Based Cross Site Scripting or XSS of the Third Kind. Technical report, Web Application Security Consortium: Articles, July 2005.
20. klm. Remote Blind TCP/IP Spoofing. Phrack magazine, http://www.phrack.org/issues.html?id=15&issue=64, 2007.
21. Gunnar Kreitz. Timing Is Everything: The Importance of History Detection. In Vijay Atluri and Claudia Díaz, editors, ESORICS, volume 6879 of Lecture Notes in Computer Science, pages 117–132. Springer, 2011.
22. M. Marlinspike. New Tricks for Defeating SSL in Practice. In BlackHat DC, February 2009.
23. Robert T. Morris. A Weakness in the 4.2BSD Unix TCP/IP Software. Technical report, AT&T Bell Laboratories, February 1985.
24. Paul Petefish, Eric Sheridan, and Dave Wichers. Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet. https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF) _Prevention_Cheat_Sheet, 2011.
25. J. Postel. Transmission Control Protocol. RFC 793 (Standard), September 1981.
26. Tsutomu Shimomura and John Markoff. Take-down: The Pursuit and Capture of Kevin Mitnick, America’s Most Wanted Computer Outlaws - by the Man Who Did It. Hyperion Press, 1st edition, 1995.
27. Sid Stamm, Brandon Sterne, and Gervase Markham. Reining in the Web with Content Security Policy. In Michael Rappa, Paul Jones, Juliana Freire, and Soumen Chakrabarti, editors, Proceedings of the 19th International Conference on World Wide Web, pages 921–930. ACM, 2010.
28. The Open Web Application Security Project. Cross-Site Request Forgery. https://www.owasp.org/index.php/ Cross-Site_Request_Forgery_(CSRF), 2010.
29. Ben Toews. Abusing password managers with xss. http://labs.neohapsis.com/2012/04/25/abusingpassword-managers-with-xss/, 2012.
30. J. Touch. Defending TCP Against Spoofing Attacks. RFC 4953 (Informational), July 2007.
31. Zachary Weinberg, Eric Yawei Chen, Pavithra Ramesh Jayaraman, and Collin Jackson. I Still Know What You Visited Last Summer: Leaking Browsing History via User Interaction and Side Channel Attacks. In IEEE Symposium on Security and Privacy, pages 147–161. IEEE Computer Society, 2011.
32. Wikipedia. Usage Share of Operating Systems. http://en.wikipedia.org/wiki/Usage_ share_of_operating_systems, December 2011.
33. Jeff Williams and Jim Manico. Cross Site Scripting Prevention Cheat Sheet. https://www.owasp.org/index.php/XSS_ (Cross_Site_Scripting)_Prevention_ Cheat_Sheet, January 2012.
34. Michal Zalewski. Strange Attractors and TCP/IP Sequence Number Analysis. http://lcamtuf.coredump.cx/newtcp/, 2001.
35. Michal Zalewski. Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks. No Starch Press, 2005.
36. Michal Zalewski. The Tangled Web: A Guide to Securing Modern Web Applications. No Starch Press, San Francisco, CA, USA, 1st edition, 2011.