| Peer-Reviewed

TCP IP Header Attack Vectors and Countermeasures

Received: 10 November 2016     Accepted: 31 January 2017     Published: 27 February 2017
Views:       Downloads:
Abstract

The TCP IP header has security vulnerabilities that make it prone to numerous kinds of attacks such as TCP SYN flooding, TCP RST, source quench, TCP session hijacking, TCP sequence number prediction, port scanning, CHARGEN and ECHO. The purpose of this paper was to investigate the attack vectors for various TCP IP header attacks and suggest possible countermeasures to curb these attacks. The goals were to gain an understanding on what makes the TCP IP header architecture vulnerable, so that appropriate countermeasures to address these shortcomings could be instigated; based on their performance in terms of their efficiency in curbing the various attack vectors exploiting these vulnerabilities. To achieve this, a combined experimental - simulation approach was employed using Wireshark network analyzer, Nmap, Ettercap, Aireplay-ng and Airodump-ng from Aircrack-ng suite software. A sample network utilizing the transmission control protocol was designed and some packets transmitted over it. The packet traffic volume, sequence numbers, acknowledgement numbers, associated protocols, TCP handshake and packets in flight were then studied. The results obtained indicate that the TCP IP header is indeed susceptible, most probably because the initial intent of the TCP was to share information and security was not a major concern at that time. However, as the internet is now open to the general public and not restricted to the department of defense where it was initially meant to serve, there is need to develop novel algorithms that could help mitigate the weaknesses inherent in the TCP architecture. This study is of help to network designers and administrators as it aids them to identify how to structure their networks for in-depth security by adding another layer of security at the TCP IP header level to support the network-based controls such as next generation firewalls.

Published in American Journal of Science, Engineering and Technology (Volume 2, Issue 1)
DOI 10.11648/j.ajset.20170201.17
Page(s) 39-49
Creative Commons

This is an Open Access article, distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution and reproduction in any medium or format, provided the original work is properly cited.

Copyright

Copyright © The Author(s), 2017. Published by Science Publishing Group

Keywords

TCP IP Header, Attack Vector, Vulnerabilities, Countermeasures

References
[1] N. Shaneel (2014). Improving Network Performance: An Evaluation of TCP/UDP on Networks. Department of Computing UNITEC Institute of Technology Auckland, New Zealand.
[2] K. Avi (2016). Lecture 16: TCP/IP Vulnerabilities and DoS Attacks: IP Spoofing, SYN Flooding, and The Shrew DoS Attack. Purdue University.
[3] D. Welian (2010). Attack Lab: Attacks on TCP/IP Protocols. Syracuse University.
[4] Y. Guang (2015). Introduction to TCP/IP Network Attacks. Department of Computer Science Iowa State University.
[5] K. Mirja (2015). Mitigating TCP ACK loop.
[6] M. Robbie (2015). Attacks on TCP/IP Protocols. Computer Network Security.
[7] M. Bellovin (2013). Security Problems in the TCP/IP Protocol Suite.
[8] T. John and E. Barry (2013). TCP veto: A novel network attack and its application to SCADA protocols. Innovative Smart Grid Technologies (ISGT), IEEE PES.
[9] A. Mahdavi (2015). A DDoS Attack Explained: TCP ACK. Staminus.
[10] F. Gont (2015). On the Validation of TCP Sequence Numbers. TCP Maintenance and Minor Extensions.
[11] D. Wei, P. Cao and H. Steven (2010). TCP Pacing Revisited.
[12] C. Zhang, J. Yin, C. Zhiping and C. Weifeng (2010). RRED: robust RED algorithm to counter low-rate denial-of-service attacks. IEEE Communications Letters. 14 (5): 489–491.
[13] J. Stretch (2010). TCP Selective Acknowledgments (SACK).
Cite This Article
  • APA Style

    Vincent O. Nyangaresi, Solomon O. Ogara, Silvance O. Abeka. (2017). TCP IP Header Attack Vectors and Countermeasures. American Journal of Science, Engineering and Technology, 2(1), 39-49. https://doi.org/10.11648/j.ajset.20170201.17

    Copy | Download

    ACS Style

    Vincent O. Nyangaresi; Solomon O. Ogara; Silvance O. Abeka. TCP IP Header Attack Vectors and Countermeasures. Am. J. Sci. Eng. Technol. 2017, 2(1), 39-49. doi: 10.11648/j.ajset.20170201.17

    Copy | Download

    AMA Style

    Vincent O. Nyangaresi, Solomon O. Ogara, Silvance O. Abeka. TCP IP Header Attack Vectors and Countermeasures. Am J Sci Eng Technol. 2017;2(1):39-49. doi: 10.11648/j.ajset.20170201.17

    Copy | Download

  • @article{10.11648/j.ajset.20170201.17,
      author = {Vincent O. Nyangaresi and Solomon O. Ogara and Silvance O. Abeka},
      title = {TCP IP Header Attack Vectors and Countermeasures},
      journal = {American Journal of Science, Engineering and Technology},
      volume = {2},
      number = {1},
      pages = {39-49},
      doi = {10.11648/j.ajset.20170201.17},
      url = {https://doi.org/10.11648/j.ajset.20170201.17},
      eprint = {https://article.sciencepublishinggroup.com/pdf/10.11648.j.ajset.20170201.17},
      abstract = {The TCP IP header has security vulnerabilities that make it prone to numerous kinds of attacks such as TCP SYN flooding, TCP RST, source quench, TCP session hijacking, TCP sequence number prediction, port scanning, CHARGEN and ECHO. The purpose of this paper was to investigate the attack vectors for various TCP IP header attacks and suggest possible countermeasures to curb these attacks. The goals were to gain an understanding on what makes the TCP IP header architecture vulnerable, so that appropriate countermeasures to address these shortcomings could be instigated; based on their performance in terms of their efficiency in curbing the various attack vectors exploiting these vulnerabilities. To achieve this, a combined experimental - simulation approach was employed using Wireshark network analyzer, Nmap, Ettercap, Aireplay-ng and Airodump-ng from Aircrack-ng suite software. A sample network utilizing the transmission control protocol was designed and some packets transmitted over it. The packet traffic volume, sequence numbers, acknowledgement numbers, associated protocols, TCP handshake and packets in flight were then studied. The results obtained indicate that the TCP IP header is indeed susceptible, most probably because the initial intent of the TCP was to share information and security was not a major concern at that time. However, as the internet is now open to the general public and not restricted to the department of defense where it was initially meant to serve, there is need to develop novel algorithms that could help mitigate the weaknesses inherent in the TCP architecture. This study is of help to network designers and administrators as it aids them to identify how to structure their networks for in-depth security by adding another layer of security at the TCP IP header level to support the network-based controls such as next generation firewalls.},
     year = {2017}
    }
    

    Copy | Download

  • TY  - JOUR
    T1  - TCP IP Header Attack Vectors and Countermeasures
    AU  - Vincent O. Nyangaresi
    AU  - Solomon O. Ogara
    AU  - Silvance O. Abeka
    Y1  - 2017/02/27
    PY  - 2017
    N1  - https://doi.org/10.11648/j.ajset.20170201.17
    DO  - 10.11648/j.ajset.20170201.17
    T2  - American Journal of Science, Engineering and Technology
    JF  - American Journal of Science, Engineering and Technology
    JO  - American Journal of Science, Engineering and Technology
    SP  - 39
    EP  - 49
    PB  - Science Publishing Group
    SN  - 2578-8353
    UR  - https://doi.org/10.11648/j.ajset.20170201.17
    AB  - The TCP IP header has security vulnerabilities that make it prone to numerous kinds of attacks such as TCP SYN flooding, TCP RST, source quench, TCP session hijacking, TCP sequence number prediction, port scanning, CHARGEN and ECHO. The purpose of this paper was to investigate the attack vectors for various TCP IP header attacks and suggest possible countermeasures to curb these attacks. The goals were to gain an understanding on what makes the TCP IP header architecture vulnerable, so that appropriate countermeasures to address these shortcomings could be instigated; based on their performance in terms of their efficiency in curbing the various attack vectors exploiting these vulnerabilities. To achieve this, a combined experimental - simulation approach was employed using Wireshark network analyzer, Nmap, Ettercap, Aireplay-ng and Airodump-ng from Aircrack-ng suite software. A sample network utilizing the transmission control protocol was designed and some packets transmitted over it. The packet traffic volume, sequence numbers, acknowledgement numbers, associated protocols, TCP handshake and packets in flight were then studied. The results obtained indicate that the TCP IP header is indeed susceptible, most probably because the initial intent of the TCP was to share information and security was not a major concern at that time. However, as the internet is now open to the general public and not restricted to the department of defense where it was initially meant to serve, there is need to develop novel algorithms that could help mitigate the weaknesses inherent in the TCP architecture. This study is of help to network designers and administrators as it aids them to identify how to structure their networks for in-depth security by adding another layer of security at the TCP IP header level to support the network-based controls such as next generation firewalls.
    VL  - 2
    IS  - 1
    ER  - 

    Copy | Download

Author Information
  • School of Informatics and Innovative Systems, Jaramogi Oginga Odinga University of Science & Technology, Kisumu, Kenya

  • School of Informatics and Innovative Systems, Jaramogi Oginga Odinga University of Science & Technology, Kisumu, Kenya

  • School of Informatics and Innovative Systems, Jaramogi Oginga Odinga University of Science & Technology, Kisumu, Kenya

  • Sections