• Explore
    • Contact Us
  • Faculty
  • Research
    • Research Areas
    • Research Centers
  • Graduate Degrees
    • Computer Science Programs
    • Current Graduate Students
  • Undergraduate Degrees
  • News & Events
    • News
    • Seminar Series
    • Distinguished Lecture Series
    • Research Showcase
  • Apply Now
    • Undergraduate Admissions
    • Graduate Admissions
    • Faculty Candidates

CS/NetSys Seminar Series – Prof. Zhiyun Qian (UC Riverside) – Off-path TCP Exploits: An Oversight Yesterday, A Lingering Threat Today

Date: December 9, 2016

Speaker: Prof. Zhiyun Qian, UC Riverside

Location: DBH 6011

Time: 11am – 12pm

Host: Ardalan Amiri Sani

Title: Off-path TCP Exploits: An Oversight Yesterday, A Lingering Threat Today

Abstract: In this talk, I will discuss the history of off-path TCP attacks and their relationship with side channels. I will demonstrate the multitude of different ways realistic and powerful off-path TCP attacks can be conducted using a variety of side channels. Very recently, we show that a pure off-path attack can be carried out against Linux hosts without being able to run any malicious code on either the client or server. Essentially the attacker can infer if any two arbitrary hosts on the Internet are communicating using a TCP connection. Further, if the connection is present, such an off-path attacker can also infer the TCP sequence numbers in use, from both sides of the connection; this in turn allows the attacker to cause connection termination and perform data injection attacks. I will conclude by giving the insights on how to systematically discover and fix such problems.

Bio: Dr. Zhiyun Qian is an assistant professor at University of California, Riverside. His research interest is on system and network security, including Internet security (e.g., TCP/IP), Android security, side channels, infrastructure security (e.g., cellular networks). He has a passion to discover real-world security flaws with insights and help from program analysis tools. His recent TCP work has been awarded the “most creative idea” at GeekPwn and one of the three Facebook Internet Defense Prize finalists at USENIX Security 2016. He obtained his Ph.D. degree in CSE from University of Michigan in 2012.


Return to the Fall 2016 CS Seminar Series Schedule

Latest news

  • Identifying the Building Blocks of Attention in Deep Learning March 21, 2023
  • Faculty Spotlight: Jennifer Wong-Ma and the Power of Community March 20, 2023
  • Computer Science Ph.D. Candidate Takami Sato Named Public Impact Fellow March 14, 2023
  • Irani Builds New Collaborations as Associate Director of the Simons Institute March 6, 2023
  • UC Irvine Partners With Linux Foundation to Welcome New Open Source Projects from Peraton Labs to Scale 5G Security March 3, 2023
  • © 2023 UC Regents
  • Feedback
  • Privacy Policy