Research on the Security of Initial Sequence Number Generation Arithmetic

Many operating systems have already adopted strong TCP ISN generation methods. However, the probability of successful TCP Reset attack is not only1/2\+32as people expected. Based on Paul Waston's “slipping in the window: TCP Reset attacks” method, and combined with the sequence number guessing technology which uses chaotic time series analysis, a new TCP Reset attack method is presented in this paper in order to validate the security of TCP ISN generation methods. The experiment results under Windows operating system indicate that this method increases the success probability of TCP Reset attack, and the attackers can terminatethe established TCP connection by sending only 17 RST packets in 10 ms. Present Operation Systems' TCP ISN generation methods still have serious security risk.