TCP IP Header Attack Vectors and Countermeasures
American Journal of Science, Engineering and Technology
Volume 2, Issue 1, March 2017, Pages: 39-49
Received: Nov. 10, 2016; Accepted: Jan. 31, 2017; Published: Feb. 27, 2017
Views 4975      Downloads 124
Authors
Vincent O. Nyangaresi, School of Informatics and Innovative Systems, Jaramogi Oginga Odinga University of Science & Technology, Kisumu, Kenya
Solomon O. Ogara, School of Informatics and Innovative Systems, Jaramogi Oginga Odinga University of Science & Technology, Kisumu, Kenya
Silvance O. Abeka, School of Informatics and Innovative Systems, Jaramogi Oginga Odinga University of Science & Technology, Kisumu, Kenya
Article Tools
Follow on us
Abstract
The TCP IP header has security vulnerabilities that make it prone to numerous kinds of attacks such as TCP SYN flooding, TCP RST, source quench, TCP session hijacking, TCP sequence number prediction, port scanning, CHARGEN and ECHO. The purpose of this paper was to investigate the attack vectors for various TCP IP header attacks and suggest possible countermeasures to curb these attacks. The goals were to gain an understanding on what makes the TCP IP header architecture vulnerable, so that appropriate countermeasures to address these shortcomings could be instigated; based on their performance in terms of their efficiency in curbing the various attack vectors exploiting these vulnerabilities. To achieve this, a combined experimental - simulation approach was employed using Wireshark network analyzer, Nmap, Ettercap, Aireplay-ng and Airodump-ng from Aircrack-ng suite software. A sample network utilizing the transmission control protocol was designed and some packets transmitted over it. The packet traffic volume, sequence numbers, acknowledgement numbers, associated protocols, TCP handshake and packets in flight were then studied. The results obtained indicate that the TCP IP header is indeed susceptible, most probably because the initial intent of the TCP was to share information and security was not a major concern at that time. However, as the internet is now open to the general public and not restricted to the department of defense where it was initially meant to serve, there is need to develop novel algorithms that could help mitigate the weaknesses inherent in the TCP architecture. This study is of help to network designers and administrators as it aids them to identify how to structure their networks for in-depth security by adding another layer of security at the TCP IP header level to support the network-based controls such as next generation firewalls.
Keywords
TCP IP Header, Attack Vector, Vulnerabilities, Countermeasures
To cite this article
Vincent O. Nyangaresi, Solomon O. Ogara, Silvance O. Abeka, TCP IP Header Attack Vectors and Countermeasures, American Journal of Science, Engineering and Technology. Vol. 2, No. 1, 2017, pp. 39-49. doi: 10.11648/j.ajset.20170201.17
Copyright
Copyright © 2017 Authors retain the copyright of this article.
This article is an open access article distributed under the Creative Commons Attribution License (http://creativecommons.org/licenses/by/4.0/) which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
References
[1]
N. Shaneel (2014). Improving Network Performance: An Evaluation of TCP/UDP on Networks. Department of Computing UNITEC Institute of Technology Auckland, New Zealand.
[2]
K. Avi (2016). Lecture 16: TCP/IP Vulnerabilities and DoS Attacks: IP Spoofing, SYN Flooding, and The Shrew DoS Attack. Purdue University.
[3]
D. Welian (2010). Attack Lab: Attacks on TCP/IP Protocols. Syracuse University.
[4]
Y. Guang (2015). Introduction to TCP/IP Network Attacks. Department of Computer Science Iowa State University.
[5]
K. Mirja (2015). Mitigating TCP ACK loop.
[6]
M. Robbie (2015). Attacks on TCP/IP Protocols. Computer Network Security.
[7]
M. Bellovin (2013). Security Problems in the TCP/IP Protocol Suite.
[8]
T. John and E. Barry (2013). TCP veto: A novel network attack and its application to SCADA protocols. Innovative Smart Grid Technologies (ISGT), IEEE PES.
[9]
A. Mahdavi (2015). A DDoS Attack Explained: TCP ACK. Staminus.
[10]
F. Gont (2015). On the Validation of TCP Sequence Numbers. TCP Maintenance and Minor Extensions.
[11]
D. Wei, P. Cao and H. Steven (2010). TCP Pacing Revisited.
[12]
C. Zhang, J. Yin, C. Zhiping and C. Weifeng (2010). RRED: robust RED algorithm to counter low-rate denial-of-service attacks. IEEE Communications Letters. 14 (5): 489–491.
[13]
J. Stretch (2010). TCP Selective Acknowledgments (SACK).
ADDRESS
Science Publishing Group
1 Rockefeller Plaza,
10th and 11th Floors,
New York, NY 10020
U.S.A.
Tel: (001)347-983-5186