An official website of the United States government
- Home
- Search Results
- Page 1 of 1
Search for: All records
-
Total Resources4
- Resource Type
-
0002000002000000
- More
- Availability
-
40
- Author / Contributor
- Filter by Author / Creator
-
-
Espinoza, Antonio M. (2)
-
Forrest, Stephanie (2)
-
Alexander, Geoffrey (1)
-
Al‐Najjar, Maha (1)
-
Boch, Charles (1)
-
Crandall, Jedidiah R. (1)
-
Doupé, Adam (1)
-
Espinoza, Antonio (1)
-
Espinoza, Antonio M (1)
-
Hernandez, Arturo (1)
-
Micheli, Fiorenza (1)
-
Monismith, Stephen G. (1)
-
Reiter, Pemma (1)
-
Saenz‐Arroyo, Andrea (1)
-
Tiwari, Mohit (1)
-
Torre, Jorge (1)
-
Vázquez‐Vera, Leonardo (1)
-
Wang, Ruoyu (1)
-
Weimer, Westley (1)
-
Wood, Riley (1)
-
- Filter by Editor
-
-
& Spizer, S. M. (0)
-
& . Spizer, S. (0)
-
& Ahn, J. (0)
-
& Bateiha, S. (0)
-
& Bosch, N. (0)
-
& Brennan K. (0)
-
& Brennan, K. (0)
-
& Chen, B. (0)
-
& Chen, Bodong (0)
-
& Drown, S. (0)
-
& Ferretti, F. (0)
-
& Higgins, A. (0)
-
& J. Peters (0)
-
& Kali, Y. (0)
-
& Ruiz-Arias, P.M. (0)
-
& S. Spitzer (0)
-
& Sahin. I. (0)
-
& Spitzer, S. (0)
-
& Spitzer, S.M. (0)
-
(submitted - in Review for IEEE ICASSP-2024) (0)
-
-
Have feedback or suggestions for a way to improve these results?
!
Note: When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external site maintained by the publisher.
Some full text articles may not yet be available without a charge during the embargo (administrative interval).
What is a DOI Number?
Some links on this page may take you to non-federal websites. Their policies may differ from this site.
-
Reiter, Pemma; Espinoza, Antonio M.; Doupé, Adam; Wang, Ruoyu; Weimer, Westley; Forrest, Stephanie (, Genetic and Evolutionary Computation Conference, Boston, Massachusetts)
-
Alexander, Geoffrey; Espinoza, Antonio M.; Crandall, Jedidiah R. (, Proceedings on Privacy Enhancing Technologies)Abstract We present a novel attack for detecting the presence of an active TCP connection between a remote Linux server and an arbitrary client machine. The attack takes advantage of side-channels present in the Linux kernel’s handling of the values used to populate an IPv4 packet’s IPID field and applies to kernel versions of 4.0 and higher. We implement and test this attack and evaluate its real world effectiveness and performance when used on active connections to popular web servers. Our evaluation shows that the attack is capable of correctly detecting the IP-port 4-tuple representing an active TCP connection in 84% of our mock attacks. We also demonstrate how the attack can be used by the middle onion router in a Tor circuit to test whether a given client is connected to the guard entry node associated with a given circuit. In addition we discuss the potential issues an attacker would face when attempting to scale it to real world attacks, as well as possible mitigations against the attack. Our attack does not exhaust any global resource, and therefore challenges the notion that there is a direct one-to-one connection between shared, limited resources and non-trivial network side-channels. This means that simply enumerating global shared resources and considering the ways in which they can be exhausted will not suffice for certifying a kernel TCP/IP network stack to be free of privacy risk side-channels.more » « less
-
Woodson, C. Brock; Micheli, Fiorenza; Boch, Charles; Al‐Najjar, Maha; Espinoza, Antonio; Hernandez, Arturo; Vázquez‐Vera, Leonardo; Saenz‐Arroyo, Andrea; Monismith, Stephen G.; Torre, Jorge (, Conservation Letters)
