Reverse TCP and Social Engineering Attacks in the Era of Big Data

TCP is a connection-oriented protocol used for the transport of information across the Internet. The very nature of this powerful medium attracts cyber criminals who are continuously searching for new vulnerabilities within the TCP protocol to exploit for nefarious means. Reverse TCP attacks are a relatively new approach to exploit this connection process. The attacker is able to seize remote access to the victim end user's network. Success in this attack largely depends on skillful social engineering techniques to target specific end users in order to open the connection. In the era of Big Data, social engineering are expected to be more feasible. This paper examines various methods that adversaries may use to implement their attacks. Our work implements a reverse TCP attack via a virtualized environment, detailing the process used to gain unauthorized access to victim's machine. This paper also discusses the key threats that the reverse TCP attack may pose to end users and will provide a testbed to determine how effective computer systems are able to defend against this attack.

[1]  Deep Medhi,et al.  Performance analysis of IPSec protocol: encryption and authentication , 2002, 2002 IEEE International Conference on Communications. Conference Proceedings. ICC 2002 (Cat. No.02CH37333).

[2]  Hannes Holm,et al.  Signature Based Intrusion Detection for Zero-Day Attacks: (Not) A Closed Chapter? , 2014, 2014 47th Hawaii International Conference on System Sciences.

[3]  D. Loganathan,et al.  Prevention Mechanism for Denial of Service in Web Application Services , 2015 .

[4]  Sana Ullah,et al.  An Enhanced WLAN Security System With FPGA Implementation for Multimedia Applications , 2017, IEEE Systems Journal.

[5]  Thaier Hayajneh,et al.  Performance and Information Security Evaluation with Firewalls , 2013 .

[6]  Romany F. Mansour Understanding how big data leads to social networking vulnerability , 2016, Comput. Hum. Behav..

[7]  Prashant Krishnamurthy,et al.  SECLOUD: Source and Destination Seclusion Using Clouds for wireless ad hoc networks , 2009, 2009 IEEE Symposium on Computers and Communications.

[8]  Athanasios V. Vasilakos,et al.  Energy model for light-weight block ciphers for WBAN applications , 2014, 2014 4th International Conference on Wireless Mobile Communication and Healthcare - Transforming Healthcare Through Innovations in Mobile and Wireless Technologies (MOBIHEALTH).

[9]  Athanasios V. Vasilakos,et al.  A survey on lightweight block ciphers for low-resource devices: Comparative study and open issues , 2015, J. Netw. Comput. Appl..

[10]  Thaier Hayajneh,et al.  Optimization and modeling of FPGA implementation of the Katan Cipher , 2015, 2015 6th International Conference on Information and Communication Systems (ICICS).

[11]  Samer Khasawneh,et al.  Analyzing the Impact of Security Protocols on Wireless LAN with Multimedia Applications , 2012, SECURWARE 2012.

[12]  M.J.S Joshi,et al.  Analysis of EEG Rhythms in Epilepsy Patients Using MPSO Method , 2015 .

[13]  Jun Li,et al.  On the state of IP spoofing defense , 2009, TOIT.