. "77306" . . . . "Hiding TCP Traffic: Threats and Counter-measures" . "Hranick\u00FD, Radek" . "Law Interception, data hiding, TCP, covert channels."@en . "Hiding TCP Traffic: Threats and Counter-measures"@en . "Hiding TCP Traffic: Threats and Counter-measures"@en . "978-80-7231-922-0" . "26230" . . "Computer networks were designed to be simple and routers do not validate the integrity of the processed traffic. Consequently, an attacker can modify his or her traffic with the aim of confusing any analyser that intercepts the traffic, e.g. monitoring and security software or lawful interception. This paper studies the attack that is based on sending additional colliding TCP segments with the same sequential number but different content. The segments with the correct message are delivered to the other communicating party of the TCP connection while the fake segments are dropped en route. The goal of the fake segments is to confuse analysers into decoding a different message to the one that is received by the other communicating party. The other communicating party does not need to be aware of the attack and therefore does not need any specific software. Although this paper discuss the advantages and disadvantages of the attack for an attacker, our ultimate goal was to find counter-me" . "3"^^ . "RIV/00216305:26230/13:PU106357" . . "3"^^ . . "2013-05-22+02:00"^^ . "P(VG20102015022), Z(MSM0021630528)" . . "Security and Protection of Information 2013, Proceedings of the Conference" . . "Univerzita obrany" . . . . . . "Hiding TCP Traffic: Threats and Counter-measures" . . "14"^^ . . "[622AE3C1D32B]" . . "Brno" . "Brno" . "RIV/00216305:26230/13:PU106357!RIV14-MV0-26230___" . "Pol\u010D\u00E1k, Libor" . "Matou\u0161ek, Petr" . . . "Computer networks were designed to be simple and routers do not validate the integrity of the processed traffic. Consequently, an attacker can modify his or her traffic with the aim of confusing any analyser that intercepts the traffic, e.g. monitoring and security software or lawful interception. This paper studies the attack that is based on sending additional colliding TCP segments with the same sequential number but different content. The segments with the correct message are delivered to the other communicating party of the TCP connection while the fake segments are dropped en route. The goal of the fake segments is to confuse analysers into decoding a different message to the one that is received by the other communicating party. The other communicating party does not need to be aware of the attack and therefore does not need any specific software. Although this paper discuss the advantages and disadvantages of the attack for an attacker, our ultimate goal was to find counter-me"@en . . . .