1998-ptacek-insertion
findings extracted from this paper
-
The paper proves that any network IDS operating without maintaining complete, OS-specific per-connection state cannot reliably reconstruct the byte stream seen by the end-system. TCP and IP reassembly ambiguities guarantee unavoidable blind spots unless the IDS performs full per-target OS emulation—a fundamental architectural limitation, not an implementation bug, that applies equally to any DPI-based censor.
-
IP-level fragment overlap attacks operate independently of TCP: crafting overlapping IP fragments whose reassembly by the IDS yields benign content while the end-system's reassembly yields the true payload. The paper demonstrates this is a separate attack surface from TCP-level evasion, exploitable below the transport layer before any TCP stream reconstruction begins.
-
Different operating systems apply different precedence rules when TCP segments overlap—some implementations use 'first data wins,' others 'last data wins.' An IDS applying a single universal reassembly policy will systematically diverge from the actual target end-system whenever overlapping segments appear, creating a predictable and repeatable evasion surface that is an inherent consequence of policy misalignment rather than a configuration flaw.
-
An 'evasion' attack exploits the mirror condition: the IDS drops a TCP segment that the end-system accepts, due to differences in overlap-resolution policy. The IDS reconstructs 'ATTCK' while the end-system sees 'ATTACK'; the missing segment carries the content that would trigger the signature, leaving the censor with an incomplete—and non-matching—view of the stream.
-
An 'insertion' attack sends TCP segments with forged TTL values low enough to expire at the IDS/censor but not at the true destination. The IDS incorporates the spurious segment into its reconstructed stream—seeing 'ATXTACK'—while the end-system assembles the intended byte stream 'ATTACK,' causing signature-based content matching to fail without disrupting delivery.