Antonio M. Espinoza scite author profile

Antonio M. Espinoza

5Publications

17Citation Statements Received

40Citation Statements Given

How they've been cited

How they cite others

Affiliations

Arizona State University, Universidad Peruana Cayetano Heredia, Biocom

Publications

Order By: Most citations

Detecting TCP/IP Connections via IPID Hash Collisions

Alexander¹,

Espinoza²,

Crandall³

2019

View full text Add to dashboard Cite

We present a novel attack for detecting the presence of an active TCP connection between a remote Linux server and an arbitrary client machine. The attack takes advantage of side-channels present in the Linux kernel’s handling of the values used to populate an IPv4 packet’s IPID field and applies to kernel versions of 4.0 and higher. We implement and test this attack and evaluate its real world effectiveness and performance when used on active connections to popular web servers. Our evaluation shows that the attack is capable of correctly detecting the IP-port 4-tuple representing an active TCP connection in 84% of our mock attacks. We also demonstrate how the attack can be used by the middle onion router in a Tor circuit to test whether a given client is connected to the guard entry node associated with a given circuit. In addition we discuss the potential issues an attacker would face when attempting to scale it to real world attacks, as well as possible mitigations against the attack. Our attack does not exhaust any global resource, and therefore challenges the notion that there is a direct one-to-one connection between shared, limited resources and non-trivial network side-channels. This means that simply enumerating global shared resources and considering the ways in which they can be exhausted will not suffice for certifying a kernel TCP/IP network stack to be free of privacy risk side-channels.

show abstract

Antivirus performance characterisation: system‐wide view

Al-Saleh¹,

Espinoza²,

Crandall³

2013

IET Inf. secur

View full text Add to dashboard Cite

Cyber security threats are still big concerns of the cyber world. Even though many defense techniques have been proposed and used so far, the antivirus (AV) software is very widely used and recommended for the end-users-PC community. Most effective AV products are commercial and thus competitive and it is not obvious for security researchers or system developers how exactly the AV works or how it affects the whole system. The AV adds layers of complications over the already layered, complicated systems. Because there is very little effort in the literature to provide a way for understanding the AV functionality and its performance impact, in this paper we want to shed some light on that direction. To the best of our knowledge, we are the first to present an OS-aware approach to analyse and reason about the AV performance impact. Our results show that the main reason of performance degradation the tasks have with the existence of the AV software is that they mainly spend the extra time waiting on events. Also, the AV in most of our experiments enforces the tasks to spend more time using the CPU. Although there is an overhead from the competition between the tasks and the AV on the CPU, this competition is not a main factor of the overall overhead. Because of the AV intrusiveness, the tasks in our experiments are caused to create more file IO operations, page faults, system calls, and threads.

show abstract

V-DIFT: Vector-Based Dynamic Information Flow Tracking with Application to Locating Cryptographic Keys for Reverse Engineering

Espinoza¹,

Knockel²,

Comesana-Alfaro

et al. 2016

View full text Add to dashboard Cite

Back to the future: N-Versioning of Microservices

Espinoza

Wood

Forrest

et al. 2022

View full text Add to dashboard Cite

Improving source-code representations to enhance search-based software repair

Reiter

Espinoza

Doupé

et al. 2022

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.