Automated Attack Discovery in TCP Congestion Control Using a Model-guided Approach

Samuel Jero, Endadul Hoque, David Choffnes, Alan Mislove, Cristina Nita-Rotaru

Research output: Chapter in Book/Entry/PoemConference contribution

26 Scopus citations

Abstract

One of the most important goals of TCP is to ensure fairness and prevent congestion collapse by implementing congestion control. Various attacks against TCP congestion control have been reported over the years, most of which have been discovered through manual analysis. In this paper, we propose an automated method that combines the generality of implementation-agnostic fuzzing with the precision of runtime analysis to find attacks against implementations of TCP congestion control. It uses a model-guided approach to generate abstract attack strategies, by leveraging a state machine model of TCP congestion control to find vulnerable state machine paths that an attacker could exploit to increase or decrease the throughput of a connection to his advantage. These abstract strategies are then mapped to concrete attack strategies, which consist of sequences of actions such as injection or modification of acknowledgements and a logical time for injection. We design and implement a virtualized platform, TCPWN, that consists of a a proxy-based attack injector and a TCP congestion control state tracker that uses only network traffic to create and inject these concrete attack strategies. We evaluated 5 TCP implementations from 4 Linux distributions and Windows 8.1. Overall, we found 11 classes of attacks, of which 8 are new.

Original languageEnglish (US)
Title of host publication25th Annual Network and Distributed System Security Symposium, NDSS 2018
PublisherThe Internet Society
ISBN (Electronic)1891562495, 9781891562495
DOIs
StatePublished - 2018
Externally publishedYes
Event25th Annual Network and Distributed System Security Symposium, NDSS 2018 - San Diego, United States
Duration: Feb 18 2018Feb 21 2018

Publication series

Name25th Annual Network and Distributed System Security Symposium, NDSS 2018

Conference

Conference25th Annual Network and Distributed System Security Symposium, NDSS 2018
Country/TerritoryUnited States
CitySan Diego
Period2/18/182/21/18

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Control and Systems Engineering
  • Safety, Risk, Reliability and Quality

Fingerprint

Dive into the research topics of 'Automated Attack Discovery in TCP Congestion Control Using a Model-guided Approach'. Together they form a unique fingerprint.

Cite this