all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Exploiting Sequence Number Leakage: TCP Hijacking in NAT-Enabled Wi-Fi Networks

Add to bookmarks
April 9, 2024, 4:11 a.m. | Yuxiang Yang, Xuewei Feng, Qi Li, Kun Sun, Ziqiang Wang, Ke Xu

cs.CR updates on arXiv.org arxiv.org

arXiv:2404.04601v1 Announce Type: new
Abstract: In this paper, we uncover a new side-channel vulnerability in the widely used NAT port preservation strategy and an insufficient reverse path validation strategy of Wi-Fi routers, which allows an off-path attacker to infer if there is one victim client in the same network communicating with another host on the Internet using TCP. After detecting the presence of TCP connections between the victim client and the server, the attacker can evict the original NAT mapping …

arxiv attacker channel client cs.cr exploiting hijacking nat network networks path port preservation reverse routers sequence number side-channel strategy tcp uncover validation victim vulnerability wi-fi wi-fi networks

Visit resource

More from arxiv.org / cs.CR updates on arXiv.org

PrivLM-Bench: A Multi-level Privacy Evaluation Benchmark for Language Models 2 days, 3 hours ago | arxiv.org
accessibility art arxiv attention +15
Provably Robust Cost-Sensitive Learning via Randomized Smoothing 2 days, 3 hours ago | arxiv.org
arxiv cost cs.cr cs.lg +1
WW-FL: Secure and Private Large-Scale Federated Learning 2 days, 3 hours ago | arxiv.org
arxiv attacks client cs.cr +28
Formalizing and Benchmarking Prompt Injection Attacks and Defenses 2 days, 3 hours ago | arxiv.org
arxiv attacks benchmarking cs.ai +9
SecureFalcon: Are We There Yet in Automated Software Vulnerability Detection with LLMs? 2 days, 3 hours ago | arxiv.org
adoption analysis applications arxiv +30
An Efficient and Multi-private Key Secure Aggregation for Federated Learning 2 days, 3 hours ago | arxiv.org
aggregation arxiv client cs.ai +21
How (not) to Build Quantum PKE in Minicrypt 2 days, 3 hours ago | arxiv.org
arxiv box build can +12
Computing Low-Entropy Couplings for Large-Support Distributions 2 days, 3 hours ago | arxiv.org
arxiv computing cs.cr cs.it +6
Unveiling and Mitigating Backdoor Vulnerabilities based on Unlearning Weight Changes and Backdoor Activeness 2 days, 3 hours ago | arxiv.org
arxiv attacks backdoor backdoor attacks +14

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com