EB
E. Bassetti
info
Please Note
<p>This page displays the records of the person named above and is not linked to a unique person identifier. This record may need to be merged to a profile.</p>
1 records found
1
QUICkly Running Out of Money
Evaluating QUIC Resilience to Traffic Inflating Attacks
The adoption of the QUIC protocol has significantly improved the performance and security of modern internet applications, mainly due to the central role that encryption plays in the protocol. However, this emerging protocol introduces new vulnerabilities that can be exploited for malicious purposes. This paper investigates the resilience of QUIC to selective traffic manipulation attacks aimed at inflating network traffic, which can lead to increased operational costs for service providers and degraded user experiences.We present three distinct attacks designed to manipulate QUIC traffic by selectively dropping or manipulating packets. One attack can be executed by any middlebox in the network path between the client and the server, while the others require the attacker to have some previous control of QUIC components. Through experimental analysis, we evaluate the impact of these attacks on inflating the packet and data accounting. Our results show that attackers can effectively increase data traffic up to 50% of the original transmission size without altering the content of the QUIC communication. These findings highlight the potential for significant traffic inflation and offer insights into countermeasures that could mitigate the risks posed by these vulnerabilities.
...
The adoption of the QUIC protocol has significantly improved the performance and security of modern internet applications, mainly due to the central role that encryption plays in the protocol. However, this emerging protocol introduces new vulnerabilities that can be exploited for malicious purposes. This paper investigates the resilience of QUIC to selective traffic manipulation attacks aimed at inflating network traffic, which can lead to increased operational costs for service providers and degraded user experiences.We present three distinct attacks designed to manipulate QUIC traffic by selectively dropping or manipulating packets. One attack can be executed by any middlebox in the network path between the client and the server, while the others require the attacker to have some previous control of QUIC components. Through experimental analysis, we evaluate the impact of these attacks on inflating the packet and data accounting. Our results show that attackers can effectively increase data traffic up to 50% of the original transmission size without altering the content of the QUIC communication. These findings highlight the potential for significant traffic inflation and offer insights into countermeasures that could mitigate the risks posed by these vulnerabilities.