{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,25]],"date-time":"2026-02-25T17:11:37Z","timestamp":1772039497400,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":33,"publisher":"ACM","license":[{"start":{"date-parts":[[2012,10,16]],"date-time":"2012-10-16T00:00:00Z","timestamp":1350345600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2012,10,16]]},"DOI":"10.1145\/2382196.2382258","type":"proceedings-article","created":{"date-parts":[[2012,10,15]],"date-time":"2012-10-15T17:13:12Z","timestamp":1350321192000},"page":"593-604","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":62,"title":["Collaborative TCP sequence number inference attack"],"prefix":"10.1145","author":[{"given":"Zhiyun","family":"Qian","sequence":"first","affiliation":[{"name":"University of Michigan, Ann Arbor, MI, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Z. Morley","family":"Mao","sequence":"additional","affiliation":[{"name":"University of Michigan, Ann Arbor, MI, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yinglian","family":"Xie","sequence":"additional","affiliation":[{"name":"Microsoft Research Silicon Valley, Mountain View, CA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2012,10,16]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Blind TCP\/IP Hijacking is Still Alive. http:\/\/www.phrack.org\/issues.php?issue=64&id=15.  Blind TCP\/IP Hijacking is Still Alive. http:\/\/www.phrack.org\/issues.php?issue=64&id=15."},{"key":"e_1_3_2_1_2_1","unstructured":"CERT Advisory CA-1995-01 IP Spoofing Attacks and Hijacked Terminal Connections. http:\/\/www.cert.org\/advisories\/CA-1995-01.html.  CERT Advisory CA-1995-01 IP Spoofing Attacks and Hijacked Terminal Connections. http:\/\/www.cert.org\/advisories\/CA-1995-01.html."},{"key":"e_1_3_2_1_3_1","unstructured":"Golomb Ruler. http:\/\/en.wikipedia.org\/wiki\/Golomb_ruler.  Golomb Ruler. http:\/\/en.wikipedia.org\/wiki\/Golomb_ruler."},{"key":"e_1_3_2_1_4_1","unstructured":"Linux Blind TCP Spoofing Vulnerability. http:\/\/www.securityfocus.com\/bid\/580\/info.  Linux Blind TCP Spoofing Vulnerability. http:\/\/www.securityfocus.com\/bid\/580\/info."},{"key":"e_1_3_2_1_5_1","unstructured":"Linux: TCP Random Initial Sequence Numbers. http:\/\/kerneltrap.org\/node\/4654.  Linux: TCP Random Initial Sequence Numbers. http:\/\/kerneltrap.org\/node\/4654."},{"key":"e_1_3_2_1_6_1","unstructured":"MSN Messenger Protocol. http:\/\/www.hypothetic.org\/docs\/msn\/.  MSN Messenger Protocol. http:\/\/www.hypothetic.org\/docs\/msn\/."},{"key":"e_1_3_2_1_7_1","unstructured":"RFC 1948 - Defending Against Sequence Number Attacks. http:\/\/tools.ietf.org\/html\/rfc1948.  RFC 1948 - Defending Against Sequence Number Attacks. http:\/\/tools.ietf.org\/html\/rfc1948."},{"key":"e_1_3_2_1_8_1","unstructured":"RFC 5961 - Improving TCP's Robustness to Blind In-Window Attacks. http:\/\/tools.ietf.org\/html\/rfc5961.  RFC 5961 - Improving TCP's Robustness to Blind In-Window Attacks. http:\/\/tools.ietf.org\/html\/rfc5961."},{"key":"e_1_3_2_1_9_1","unstructured":"RFC 793 - Transmission Control Protocol. http:\/\/tools.ietf.org\/html\/rfc793.  RFC 793 - Transmission Control Protocol. http:\/\/tools.ietf.org\/html\/rfc793."},{"key":"e_1_3_2_1_10_1","unstructured":"Stateful Firewall and Masquerading on Linux. http:\/\/www.puschitz.com\/FirewallAndRouters.shtml.  Stateful Firewall and Masquerading on Linux. http:\/\/www.puschitz.com\/FirewallAndRouters.shtml."},{"key":"e_1_3_2_1_11_1","unstructured":"sysctl Mac OS X Manual. https:\/\/developer.apple.com\/library\/mac\/#documentation\/Darwin\/Reference\/Manpages\/man3\/sysctl.3.html#\/\/apple_ref\/doc\/man\/3\/sysctl.  sysctl Mac OS X Manual. https:\/\/developer.apple.com\/library\/mac\/#documentation\/Darwin\/Reference\/Manpages\/man3\/sysctl.3.html#\/\/apple_ref\/doc\/man\/3\/sysctl."},{"key":"e_1_3_2_1_12_1","unstructured":"TCP Delayed Ack in Linux. http:\/\/wiki.hsc.com\/wiki\/Main\/InsideLinuxTCPDelayedAck.  TCP Delayed Ack in Linux. http:\/\/wiki.hsc.com\/wiki\/Main\/InsideLinuxTCPDelayedAck."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.20"},{"key":"e_1_3_2_1_14_1","volume-title":"Proc. of USENIX Security Symposium","author":"Dietz M.","year":"2011","unstructured":"M. Dietz , S. Shekhar , Y. Pisetsky , A. Shu , and D. S. Wallach . Quire: Lightweight Provenance for Smart Phone Operating Systems . In Proc. of USENIX Security Symposium , 2011 . M. Dietz, S. Shekhar, Y. Pisetsky, A. Shu, and D. S. Wallach. Quire: Lightweight Provenance for Smart Phone Operating Systems. In Proc. of USENIX Security Symposium, 2011."},{"key":"e_1_3_2_1_15_1","volume-title":"NDSS","author":"Egele M.","year":"2011","unstructured":"M. Egele , C. Kruegel , E. Kirda , and G. Vigna . PiOS: Detecting Privacy Leaks in iOS Applications . In NDSS , 2011 . M. Egele, C. Kruegel, E. Kirda, and G. Vigna. PiOS: Detecting Privacy Leaks in iOS Applications. In NDSS, 2011."},{"key":"e_1_3_2_1_16_1","volume-title":"OSDI","author":"Enck W.","year":"2010","unstructured":"W. Enck , P. Gilbert , B.-G. Chun , L. P. Cox , J. Jung , P. McDaniel , and A. N. Sheth . TaintDroid: An Information-flow Tracking System for Realtime Privacy Monitoring on Smartphones . In OSDI , 2010 . W. Enck, P. Gilbert, B.-G. Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth. TaintDroid: An Information-flow Tracking System for Realtime Privacy Monitoring on Smartphones. In OSDI, 2010."},{"key":"e_1_3_2_1_17_1","volume-title":"Proc. of USENIX Security Symposium","author":"Enck W.","year":"2011","unstructured":"W. Enck , D. Octeau , P. McDaniel , and S. Chaudhuri . A Study of Android Application Security . In Proc. of USENIX Security Symposium , 2011 . W. Enck, D. Octeau, P. McDaniel, and S. Chaudhuri. A Study of Android Application Security. In Proc. of USENIX Security Symposium, 2011."},{"key":"e_1_3_2_1_18_1","volume-title":"Proc. of USENIX Security Symposium","author":"Ensafi R.","year":"2010","unstructured":"R. Ensafi , J. C. Park , D. Kapur , and J. R. Crandall . Idle Port Scanning and Non-interference Analysis of Network Protocol Stacks using Model Checking . In Proc. of USENIX Security Symposium , 2010 . R. Ensafi, J. C. Park, D. Kapur, and J. R. Crandall. Idle Port Scanning and Non-interference Analysis of Network Protocol Stacks using Model Checking. In Proc. of USENIX Security Symposium, 2010."},{"key":"e_1_3_2_1_19_1","volume-title":"Proc. of USENIX Security Symposium","author":"Felt A. P.","year":"2011","unstructured":"A. P. Felt , H. J. Wang , A. Moshchuk , S. Hanna , and E. Chin . Permission Re-delegation: Attacks and Defenses . In Proc. of USENIX Security Symposium , 2011 . A. P. Felt, H. J. Wang, A. Moshchuk, S. Hanna, and E. Chin. Permission Re-delegation: Attacks and Defenses. In Proc. of USENIX Security Symposium, 2011."},{"key":"e_1_3_2_1_20_1","volume-title":"Proc. of USENIX Workshop on Offensive Technologies (WOOT)","author":"Gilad Y.","year":"2012","unstructured":"Y. Gilad and A. Herzberg . Off-Path Attacking the Web . In Proc. of USENIX Workshop on Offensive Technologies (WOOT) , 2012 . Y. Gilad and A. Herzberg. Off-Path Attacking the Web. In Proc. of USENIX Workshop on Offensive Technologies (WOOT), 2012."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.5555\/1251086.1251104"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.19"},{"key":"e_1_3_2_1_23_1","volume-title":"Proc. of USENIX Security Symposium","author":"Joncheray L.","year":"1995","unstructured":"L. Joncheray . A Simple Active Attack against TCP . In Proc. of USENIX Security Symposium , 1995 . L. Joncheray. A Simple Active Attack against TCP. In Proc. of USENIX Security Symposium, 1995."},{"key":"e_1_3_2_1_24_1","unstructured":"G. LEECH P. RAYSON and A. WILSON. Procfs Analysis. http:\/\/www.nsa.gov\/research\/_files\/selinux\/papers\/slinux\/node57.shtml.  G. LEECH P. RAYSON and A. WILSON. Procfs Analysis. http:\/\/www.nsa.gov\/research\/_files\/selinux\/papers\/slinux\/node57.shtml."},{"key":"e_1_3_2_1_25_1","volume-title":"A Weakness in the 4.2BSD Unix TCP\/IP Software. Technical report","author":"Morris R.","year":"1985","unstructured":"R. Morris . A Weakness in the 4.2BSD Unix TCP\/IP Software. Technical report , 1985 . R. Morris. A Weakness in the 4.2BSD Unix TCP\/IP Software. Technical report, 1985."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.29"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.42"},{"key":"e_1_3_2_1_28_1","volume-title":"NDSS","author":"Schlegel R.","year":"2011","unstructured":"R. Schlegel , K. Zhang , X. yong Zhou , M. Intwala , A. Kapadia , and X. Wang . Soundcomber: A Stealthy and Context-Aware Sound Trojan for Smartphones . In NDSS , 2011 . R. Schlegel, K. Zhang, X. yong Zhou, M. Intwala, A. Kapadia, and X. Wang. Soundcomber: A Stealthy and Context-Aware Sound Trojan for Smartphones. In NDSS, 2011."},{"key":"e_1_3_2_1_29_1","volume-title":"Proc. of USENIX Security Symposium","author":"Song D. X.","year":"2001","unstructured":"D. X. Song , D. Wagner , and X. Tian . Timing Analysis of Keystrokes and Timing Attacks on SSH . In Proc. of USENIX Security Symposium , 2001 . D. X. Song, D. Wagner, and X. Tian. Timing Analysis of Keystrokes and Timing Attacks on SSH. In Proc. of USENIX Security Symposium, 2001."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.5555\/1855768.1855769"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/2018436.2018479"},{"key":"e_1_3_2_1_32_1","volume-title":"CanSecWest","author":"Watson P. A.","year":"2004","unstructured":"P. A. Watson . Slipping in the Window: TCP Reset Attacks . In CanSecWest , 2004 . P. A. Watson. Slipping in the Window: TCP Reset Attacks. In CanSecWest, 2004."},{"key":"e_1_3_2_1_33_1","volume-title":"Proc. of USENIX Security Symposium","author":"Zhang K.","year":"2009","unstructured":"K. Zhang and X. Wang . Peeping Tom in the Neighborhood: Keystroke Eavesdropping on Multi-User Systems . In Proc. of USENIX Security Symposium , 2009 . K. Zhang and X. Wang. Peeping Tom in the Neighborhood: Keystroke Eavesdropping on Multi-User Systems. In Proc. of USENIX Security Symposium, 2009."}],"event":{"name":"CCS'12: the ACM Conference on Computer and Communications Security","location":"Raleigh North Carolina USA","acronym":"CCS'12","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2012 ACM conference on Computer and communications security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2382196.2382258","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2382196.2382258","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T09:34:48Z","timestamp":1750239288000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2382196.2382258"}},"subtitle":["how to crack sequence number under a second"],"short-title":[],"issued":{"date-parts":[[2012,10,16]]},"references-count":33,"alternative-id":["10.1145\/2382196.2382258","10.1145\/2382196"],"URL":"https:\/\/doi.org\/10.1145\/2382196.2382258","relation":{},"subject":[],"published":{"date-parts":[[2012,10,16]]},"assertion":[{"value":"2012-10-16","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}