all InfoSec news
Device Tracking via Linux's New TCP Source Port Selection Algorithm (Extended Version). (arXiv:2209.12993v2 [cs.CR] UPDATED)
Oct. 11, 2022, 1:20 a.m. | Moshe Kol, Amit Klein, Yossi Gilad
cs.CR updates on arXiv.org arxiv.org
We describe a tracking technique for Linux devices, exploiting a new TCP
source port generation mechanism recently introduced to the Linux kernel. This
mechanism is based on an algorithm, standardized in RFC 6056, for boosting
security by better randomizing port selection. Our technique detects collisions
in a hash function used in the said algorithm, based on sampling TCP source
ports generated in an attacker-prescribed manner. These hash collisions depend
solely on a per-device key, and thus the set of collisions …
algorithm device device tracking linux port tcp tracking version
More from arxiv.org / cs.CR updates on arXiv.org
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Information Systems Security Officer (ISSO) (Remote within HR Virginia area)
@ OneZero Solutions | Portsmouth, VA, USA
Security Analyst
@ UNDP | Tripoli (LBY), Libya
Senior Incident Response Consultant
@ Google | United Kingdom
Product Manager II, Threat Intelligence, Google Cloud
@ Google | Austin, TX, USA; Reston, VA, USA
Cloud Security Analyst
@ Cloud Peritus | Bengaluru, India