all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Exploiting Sequence Number Leakage: TCP Hijacking in NAT-Enabled Wi-Fi Networks

Add to bookmarks
April 9, 2024, 4:11 a.m. | Yuxiang Yang, Xuewei Feng, Qi Li, Kun Sun, Ziqiang Wang, Ke Xu

cs.CR updates on arXiv.org arxiv.org

arXiv:2404.04601v1 Announce Type: new
Abstract: In this paper, we uncover a new side-channel vulnerability in the widely used NAT port preservation strategy and an insufficient reverse path validation strategy of Wi-Fi routers, which allows an off-path attacker to infer if there is one victim client in the same network communicating with another host on the Internet using TCP. After detecting the presence of TCP connections between the victim client and the server, the attacker can evict the original NAT mapping …

arxiv attacker channel client cs.cr exploiting hijacking nat network networks path port preservation reverse routers sequence number side-channel strategy tcp uncover validation victim vulnerability wi-fi wi-fi networks

Visit resource

More from arxiv.org / cs.CR updates on arXiv.org

Decentralised, Collaborative, and Privacy-preserving Machine Learning for Multi-Hospital Data 8 hours ago | arxiv.org
accuracy analysis arxiv cs.cr +17
Pruning for Protection: Increasing Jailbreak Resistance in Aligned LLMs Without Fine-Tuning 8 hours ago | arxiv.org
arxiv attacks can cs.ai +13
Relay Mining: Incentivizing Full Non-Validating Nodes Servicing All RPC Types 8 hours ago | arxiv.org
arxiv client crypto cryptographic +19
Laccolith: Hypervisor-Based Adversary Emulation with Anti-Detection 8 hours ago | arxiv.org
advanced advanced persistent threats adversary adversary emulation +18
Commercial Anti-Smishing Tools and Their Comparative Effectiveness Against Modern Threats 8 hours ago | arxiv.org
arxiv attacker attacks commercial +19
PriSampler: Mitigating Property Inference of Diffusion Models 8 hours ago | arxiv.org
arxiv attacks banking cs.cr +12
PrescientFuzz: A more effective exploration approach for grey-box fuzzing 8 hours ago | arxiv.org
arxiv box campaigns control +13
Evaluating and Mitigating Linguistic Discrimination in Large Language Models 8 hours ago | arxiv.org
arxiv can capabilities cs.ai +16
Towards Classical Software Verification using Quantum Computers 8 hours ago | arxiv.org
aid arxiv computer computers +15

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Senior Security Engineer

@ Core10 | Nashville, Tennessee, United States - Remote
View on infosec-jobs.com

Security Operations Engineer I

@ Jamf | US Remote
View on infosec-jobs.com

IT Security ISSO Specialist (15.10)

@ OCT Consulting, LLC | Washington, District of Columbia, United States
View on infosec-jobs.com

Compliance Officer

@ Aspire Software | Canada - Remote
View on infosec-jobs.com

Security Operations Center (SOC) - AVP

@ Paytm | Noida, Uttar Pradesh
View on infosec-jobs.com
View more jobs