Abstract
It has a long history to launch attacks using vulnerability in the network protocols. More and more researchers are attracted to the attack and defenses of network protocols. It will mitigate the severe consequences that attacks may lead to by maliciously using protocol vulnerability if we have reliable protocol design and prompt defenses. In this paper, we review the research progress about attacks based on protocol vulnerability. We take advantage of critical characteristics in information security to classify these attacks, namely confidentiality attack, integrity attack, availability attack. Some challenges confronted by the researchers are discussed in view of current researches. The prospect of this field in the future comes at last.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
McCumber, J.: Information Systems Security: A Comprehensive Model (1991), http://cryptosmith.com/sites/default/files/docs/MccumberAx.pdf
Desclaux, P.B.F.: Silver Needle in the Skype (2006), https://www.blackhat.com/presentations/bh-europe-06/bh-eu-06-biondi/bh-eu-06-biondi-up.pdf
Yu, K., Zhang, Y., Wang, Y.: Research and Analysis on the Security of QQ Login Protocol (in Chinese). Netinfo Security 11, 55–57 (2008)
Yi, Z.: Research and Analysis of QQ Login Protocol and Improvement (in Chinese). Netinfo Security 6, 85–87 (2011)
Lin, X., Li, S., Yang, Z.: Attacking Algorithms against Continuous Queries in LBS and Anonymity Measurement. Journal of Software 20(4), 1058–1068 (2009) (in Chinese)
Routing Security in Ad hoc Networks, http://citeseer.nj.nec.com/400961.html
Ullah, I., Rehman, S.U.: Analysis of Black Hole Attack on MANETs Using Different MANET Routing Protocols. Blekinge Institute of Technology, Sweden (2010)
Zhang, L., Zhang, Y.: Brute Force Attack on Block Cipher Algorithm Based on Distributed Computation. Computer Engineering 34(13), 121–123 (2008) (in Chinese)
Zhang, L., Zhang, Y.: Brute Force Attack on the RC4 Encryption Algorithm Based on Distributed Computing. Computer Engineering and Science 30(7), 15–20 (2008) (in Chinese)
Qian, Z., Mao, Z.: Off-path TCP Sequence Number Inference Attack-How Firewall Middleboxes Reduce Security. In: IEEE Symposium on Security and Privacy (SP), pp. 347–361. IEEE Press, San Francisco (2012)
Zhang, H.: Security Analysis of HTTPS Protocol Based on MITM Attack. Shanghai Jiao Tong University, Shanghai (2009) (in Chinese)
Callegati, F., Cerroni, W., Ramilli, M.: Man-in-the-Middle Attack to the HTTPS Protocol. In: IEEE Symposium on Security and Privacy, pp. 78–81. IEEE Press, Oakland (2009)
Zhou, S.: P2P Streaming Media Security Research (in Chinese). Central South University, Hunan (2009)
Kuzmanovic, A., Knightly, E.W.: Low-Rate TCP-targeted Denial of Service Attacks: the Shrew vs. the Mice and Elephants. In: Proceedings of the 2003 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, pp. 75–86. ACM, Karlsruhe (2003)
Guirguis, M., Bestavros, A., Matta, I.: Exploiting the Transients of Adaptation for RoQ Attacks on Internet Resources. In: Proceedings of the 12th IEEE International Conference on Network Protocols, pp. 184–195. IEEE Press, Berlin (2004)
Guirguis, M., Bestavros, A., Matta, I., Zhang, Y.T.: Reduction of Quality (RoQ) Attacks on Internet End-Systems. In: INFOCOM 2005, pp. 1362–1372. IEEE Press, Miami (2005)
He, Y., Liu, T., Cao, Q., Xiong, Q., Han, Y.: A Survey of Low-Rate Denial-of-Service Attacks. Journal of Frontiers of Computer Science and Technology 2(1), 1–19 (2008) (in Chinese)
Kumar, V.A., Jayalekshmy, P., Patra, G.K., Thangavelu, R.P.: On Remote Exploitation of TCP Sender for Low-Rate Flooding Denial-of-Service Attack. Communications Letters 13(1), 46–48 (2009)
Douceur, J.R.: The Sybil Attack. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 251–260. Springer, Heidelberg (2002)
Wang, Q., Gong, X., Nguyen, G.T.K., Houmansadr, A., Borisov, N.: CensorSpoofer: Asymmetric Communication Using IP Spoofing for Censorship-Resistant Web Browsing. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 121–132. ACM, New York (2012)
Wang, S., Sun, Q., Yang, F.: Detecting SIP Flooding Attacks against IMS Network. Journal of Software 22(4), 761–772 (2011) (in Chinese)
Nakibly, G., Templin, F.: Routing Loop Attack Using IPv6 Automatic Tunnels: Problem Statement and Proposed Mitigations (2011), http://tools.ietf.org/search/rfc6324
Abley, J., Savola, P., Neville-Neil, G.: Deprecation of Type 0 Routing Headers in IPv6 (2007), http://www.ietf.org/rfc/rfc5095.txt
Paxson, V.: An analysis of Using Reflectors for Distributed Denial-of-Service Attacks. ACM SIGCOMM Computer Communication Review 31(3), 38–47 (2001)
DNS Amplification Attacks, http://www.isotf.org/news/DNS-Amplification-Attacks.pdf
Naoumov, N., Ross, K.: Exploiting P2P Systems for DDoS Attacks. In: Proceedings of the 1st International Conference on Scalable Information Systems, pp. 47–52. ACM, New York (2006)
Athanasopoulos, E., Anagnostakis, K.G., Markatos, E.P.: Misusing Unstructured P2P Systems to Perform DoS Attacks: The Network That Never Forgets. In: Zhou, J., Yung, M., Bao, F. (eds.) ACNS 2006. LNCS, vol. 3989, pp. 130–145. Springer, Heidelberg (2006)
Sia, K.C.: DDoS Vulnerability Analysis of BitTorrent Protocol (2007), http://oak.cs.ucla.edu/~sia/pub/cs239spring06.pdf
El Defrawy, K., Gjoka, M., Markopoulou, A.: BotTorrent: Misusing BitTorrent to Launch DDoS Attacks. In: Proceedings of the 3rd USENIX Workshop on Steps to Reducing Unwanted Traffic on the Internet, pp. 1–6. USENIX Association, Santa Clara (2007)
Steiner, M., En-Najjary, T., Biersack, E.W.: Exploiting KAD: Possible Uses and Misuses. ACM SIGCOMM Computer Communication Review 37(5), 65–70 (2007)
Sun, X., Torres, R., Rao, S.: DDoS Attacks by Subverting Membership Management in P2P Systems. In: 3rd IEEE Workshop on Secure Network Protocols, pp. 1–6. IEEE Press, Beijing (2007)
Yu, J., Li, Z., Chen, X.: Misusing Kademlia Protocol to Perform DDoS Attacks. In: International Symposium on Parallel and Distributed Processing with Applications (ISPA 2008), pp. 80–86. IEEE Press (2008)
Tong, J., Xiong, G., Zhao, Y., Guo, L.: A Research on the Vulnerability in Popular P2P Protocols. In: 8th International Conference on Communications and Networking in China, pp. 405–409. IEEE Press, Guilin (2013)
Lv, G., Sun, Z., Lu, X.: Enhancing the Ability of Inter-Domain IP Spoofing Prevention. Journal of Software 21(7), 1704–1716 (2010) (in Chinese)
Yang, J., Wang, Z., Guo, H.: IPv6 Attack Source Traceback Scheme Based on Extension Header Probabilistic Marking. Application Research of Computers 27(6), 2335–2340 (2010)
Lemon, J.: Resisting SYN Flood DoS Attacks with a SYN Cache. In: Proceedings of the BSD Conference, pp. 89–97. USENIX Association, Berkeley (2002)
Terry, T., Yu, H., Yuan, X., Chu, B.: A Visualization Based Simulator for SYN Flood Attacks. In: Proceedings of the International Conference on Imaging Theory and Applications and International Conference on Information Visualization Theory and Applications, pp. 251–255. Elsevier (2011)
Bellovin, S., Gont, F.: Defending against Sequence Number Attacks (2012), http://tools.ietf.org/html/rfc6528
Zhang, C., Yin, J., Cai, Z., Chen, W.: RRED: Robust RED Algorithm to Counter Low-Rate DoS Attacks. IEEE Press Communications Letters 14(5), 489–491 (2010)
Floyd, S., Jacobson, V.: Random Early Detection Gateways for Congestion Avoidance. IEEE/ACM Transactions on Networking 1(4), 397–413 (1993)
Xiang, Y., Li, K., Zhou, W.: Low-Rate DDoS Attacks Detection and Traceback by Using New Information Metrics. IEEE Transactions on Information Forensics and Security 6(2), 426–437 (2011)
Chang, C., Lee, S., Lin, B., Wang, J.: The Taming of The Shrew: Mitigating Low-Rate TCP-Targeted Attack. IEEE Transactions on Network and Service Management 7(1), 1–13 (2010)
Garfinkel, S.L.: VoIP and Skype Security (2005), http://www.cs.columbia.edu/~salman/skype/SkypeSecurity_1_5_garfinkel.pdf
Huang, Y., Huang, S., Lin, T., Tsai, C.H.: Web Application Security Assessment by Fault Injection and Behavior Monitoring. In: Proceedings of the 12th International Conference on World Wide Web, pp. 148–159. ACM, New York (2003)
Wang, P., Sparks, S., Zou, C.: An Advanced Hybrid Peer-to-Peer Botnet. IEEE Transactions on Dependable and Secure Computing 7(2), 113–127 (2010)
Sun, X., Torres, R., Rao, S.: Preventing DDoS Attacks on Internet Servers Exploiting P2P Systems. Computer Networks 54(15), 2756–2774 (2010)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Xiong, G., Tong, J., Xu, Y., Yu, H., Zhao, Y. (2014). A Survey of Network Attacks Based on Protocol Vulnerabilities. In: Han, W., Huang, Z., Hu, C., Zhang, H., Guo, L. (eds) Web Technologies and Applications. APWeb 2014. Lecture Notes in Computer Science, vol 8710. Springer, Cham. https://doi.org/10.1007/978-3-319-11119-3_23
Download citation
DOI: https://doi.org/10.1007/978-3-319-11119-3_23
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-11118-6
Online ISBN: 978-3-319-11119-3
eBook Packages: Computer ScienceComputer Science (R0)