Portal de Periódicos da CAPES

Revisiting QUIC attacks: a comprehensive review on QUIC security and a hands-on study

2022; Springer Science+Business Media; Volume: 22; Issue: 2 Linguagem: Inglês

10.1007/s10207-022-00630-6

1615-5270

Efstratios Chatzoglou, Vasileios Kouliaridis, Γεώργιος Καρόπουλος, Georgios Kambourakis,

Advanced Malware Detection Techniques

Abstract Built on top of UDP, the recently standardized QUIC protocol primarily aims to gradually replace the TCP plus TLS plus HTTP/2 model. For instance, HTTP/3 is designed to exploit QUIC’s features, including reduced connection establishment time, multiplexing without head of line blocking, always-encrypted end-to-end security, and others. This work serves two key objectives. Initially, it offers the first to our knowledge full-fledged review on QUIC security as seen through the lens of the relevant literature so far. Second and more importantly, through extensive fuzz testing, we conduct a hands-on security evaluation against the six most popular QUIC-enabled production-grade servers. This assessment identified several effective and practical zero-day vulnerabilities, which, if exploited, can quickly overwhelm the server resources. This finding is a clear indication that the fragmented production-level implementations of this contemporary protocol are not yet mature enough. Overall, the work at hand provides the first wholemeal appraisal of QUIC security from both a literature review and empirical standpoint, and it is therefore foreseen to serve as a reference for future research in this timely area.