FEATURES OF NETWORK ATTACK IMPLEMENTATION THROUGH TCP/IP PROTOCOLS
DOI:
https://doi.org/10.28925/2663-4023.2025.29.915Keywords:
TCP/IP, network attacks, IP spoofing, ARP poisoning, cyber threats, attack vectors, information security, routing, network protection, CVE, SIEM, Explainable AI, behavioral analysis, Zero TrustAbstract
This article investigates the implementation specifics of common network attacks that exploit vulnerabilities within the TCP/IP protocol stack - a critical infrastructural foundation of global network interaction. A comprehensive analysis is conducted on the architectural limitations and functional-protocol characteristics of key components of the network stack (ARP, IP, ICMP, TCP, UDP, DNS), which currently serve as primary vectors for the initiation of cyber threats. Based on the OSI reference model, a formalized classification of attacks by interaction layers is proposed, with emphasis on representative scenarios including IP spoofing, ARP poisoning, TCP session hijacking, DNS cache poisoning, UDP flooding, and ICMP-based covert channels. Typical mechanisms for bypassing traditional security tools have been identified, including route manipulation, alteration of control messages, and encapsulation of malicious packets within legitimate traffic. Special attention is given to the overview of tools and proactive threat detection techniques, including intrusion detection systems (IDS), firewalls, deep packet inspection (DPI) technologies, as well as behavioral and entropy-based anomaly analysis methods in network flows. The findings provide both a theoretical foundation for modeling attacks and assessing risks, and a practical basis for enhancing information security in heterogeneous network environments.
Downloads
References
Hidouri, A., Hajlaoui, N., Touati, H., Hadded, M., & Muhlethaler, P. (2022). A survey on security attacks and intrusion detection mechanisms in named data networking. Computers, 11(12), 186. https://doi.org/10.3390/computers11120186
Pittman, J. M., Hoffpauir, K., Markle, N., & Meadows, C. (2020). A taxonomy for dynamic honeypot measures of effectiveness. arXiv preprint, arXiv:2005.12969.
Shah, Z., & Cosgrove, S. (2019). Mitigating ARP cache poisoning attack in software-defined networking (SDN): A survey. Electronics, 8(10), 1095. https://doi.org/10.3390/electronics8101095
Jin, Y., Tomoishi, M., & Matsuura, S. (2019). A detection method against DNS cache poisoning attacks using machine learning techniques: Work in progress. In 2019 IEEE 18th International Symposium on Network Computing and Applications (NCA) (pp. 1–3). IEEE. https://doi.org/10.1109/NCA.2019.8935025
Yang, C. (2019). Anomaly network traffic detection algorithm based on information entropy measurement under the cloud computing environment. Cluster Computing, 22(Suppl 4), 8309–8317. https://doi.org/10.1007/s10586-018-1755-5
Dai, T., & Shulman, H. (2021). SMap: Internet-wide scanning for spoofing. In Proceedings of the 37th Annual Computer Security Applications Conference (pp. 1039–1050). https://doi.org/10.1145/3485832.3485917
Nosyk, Y., Korczyński, M., Lone, Q., Skwarek, M., Jonglez, B., & Duda, A. (2023). The Closed Resolver Project: Measuring the deployment of inbound source address validation. IEEE/ACM Transactions on Networking, 31(6), 2589–2603. https://doi.org/10.1109/TNET.2023.3257413
Tang, T. A., Mhamdi, L., McLernon, D., Zaidi, S. A. R., & Ghogho, M. (2016). Deep learning approach for network intrusion detection in software defined networking. In 2016 International Conference on Wireless Networks and Mobile Communications (WINCOM) (pp. 258–263). https://doi.org/10.1109/WINCOM.2016.7777224
Krämer, L., Rossow, C., Bos, H., Monrose, F., & Blanc, G. (2015). AmpPot: Monitoring and defending against amplification DDoS attacks. In H. Bos, F. Monrose, & G. Blanc (Eds.), Research in Attacks, Intrusions, and Defenses (RAID 2015) (Vol. 9404, pp. 1–20). Springer. https://doi.org/10.1007/978-3-319-26362-5_28
Rossow, C. (2014, February). Amplification hell: Revisiting network protocols for DDoS abuse. In NDSS (pp. 1–15). https://doi.org/10.14722/ndss.2014.23233
Guo, J., He, L., & Liu, Y. (2024). Overlooked backdoors: Investigating 6to4 tunnel nodes and their exploitation in the wild. In 2024 IEEE International Performance, Computing, and Communications Conference (IPCCC) (pp. 1–8). https://doi.org/10.1109/IPCCC59868.2024.10850165
Nosyk, Y., Korczyński, M., & Duda, A. (2023). Guardians of DNS integrity: A remote method for identifying DNSSEC validators across the internet. In 2023 IEEE 22nd International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) (pp. 1470–1479). https://doi.org/10.1109/TrustCom60117.2023.00201
Kostiuk, Y., Skladannyi, P., Korshun, N., Bebeshko, B., & Khorolska, K. (2024). Integrated protection strategies and adaptive resource distribution for secure video streaming over a Bluetooth network. Information Technology, 4(6), 14–33.
Tourani, R., Misra, S., Mick, T., & Panwar, G. (2018). Security, privacy, and access control in information-centric networking: A survey. IEEE Communications Surveys & Tutorials, 20(1), 566–600. https://doi.org/10.1109/COMST.2017.2749508
Kumar, N., Singh, A. K., Aleem, A., & others. (2019). Security attacks in named data networking: A review and research directions. Journal of Computer Science and Technology, 34, 1319–1350. https://doi.org/10.1007/s11390-019-1978-9
Kostiuk, Y., Skladannyi, P., Samoilenko, Y., Khorolska, K., Bebeshko, B., & Sokolov, V. (2025). A system for assessing the interdependencies of information system agents in information security risk management using cognitive maps. In Cyber Hygiene & Conflict Management in Global Information Networks, vol. 3925, pp. 249–264.
Ullah, S. S., Hussain, S., Ali, I., & others. (2025). Mitigating content poisoning attacks in named data networking: A survey of recent solutions, limitations, challenges and future research directions. Artificial Intelligence Review, 58, 42. https://doi.org/10.1007/s10462-024-10994-x
Kostiuk, Y., Skladannyi, P., Samoilenko, Y., Khorolska, K., Bebeshko, B., & Sokolov, V. (2025). A system for assessing the interdependencies of information system agents in information security risk management using cognitive maps. In Proceedings of the Third International Conference on Cyber Hygiene & Conflict Management in Global Information Networks (CH&CMiGIN’24) (Vol. 3925, pp. 249–264).
Benmoussa, A., Kerrache, C. A., Lagraa, N., Mastorakis, S., Lakas, A., & Tahari, A. E. K. (2022). Interest flooding attacks in named data networking: Survey of existing solutions, open issues, requirements, and future directions. ACM Computing Surveys, 55(7), 1–37. https://doi.org/10.1145/3539730
Kostiuk, Y., Skladannyi, P., Sokolov, V., Hulak, H., & Korshun, N. (2025). Models and algorithms for analyzing information risks during the security audit of personal data information system. In Proceedings of the Third International Conference on Cyber Hygiene & Conflict Management in Global Information Networks (CH&CMiGIN’24) (Vol. 3925, pp. 155–171).
Lee, R. T., Leau, Y. B., Park, Y. J., & Anbar, M. (2022). A survey of interest flooding attack in named-data networking: Taxonomy, performance and future research challenges. IETE Technical Review, 39(5), 1027–1045. https://doi.org/10.1080/02564602.2021.1957029
Jeet, R., & Arun Raj Kumar, P. (2022). A survey on interest packet flooding attacks and its countermeasures in named data networking. International Journal of Information Security, 21, 1163–1187. https://doi.org/10.1007/s10207-022-00591-w
Mejri, S., Touati, H., & Kamoun, F. (2018). Hop-by-hop interest rate notification and adjustment in named data networks. In 2018 IEEE Wireless Communications and Networking Conference (WCNC) (pp. 1–6). https://doi.org/10.1109/WCNC.2018.8377374
Kostiuk, Y., Skladannyi, P., Sokolov, V., Zhyltsov, O., & Ivanichenko, Y. (2025). Effectiveness of information security control using audit logs. In Proceedings of the Workshop on Cybersecurity Providing in Information and Telecommunication Systems (CPITS 2025) (pp. 524–538).
Nguyen, T., Hoang, D. T., Nguyen, D. N., & others. (2019). Reliable detection of interest flooding attack in real deployment of named data networking. IEEE Transactions on Information Forensics and Security, 14(9), 2470–2485. https://doi.org/10.1109/TIFS.2019.2899247
Compagno, A., Conti, M., Losiouk, E., Tsudik, G., & Valle, S. (2020). A proactive cache privacy attack on NDN. In NOMS 2020 – 2020 IEEE/IFIP Network Operations and Management Symposium (pp. 1–7). https://doi.org/10.1109/NOMS47738.2020.9110318
Vorokhob, M., Kyrychok, R., Yaskevych, V., Dobryshyn, Y., & Sydorenko, S. (2023). Modern Perspectives of Applying the Concept of Zero Trust in Building a Corporate Information Security Policy. Electronic Professional Scientific Journal «Cybersecurity: Education, Science, Technique», 1(21), 223–233. https://doi.org/10.28925/2663-4023.2023.21.223233
Tsekhmeister, R., Platonenko, A., Vorokhob, M., Cherevyk, V., & Semeniaka, S. (2025). Research of Information Security Provision Methods in a Virtual Environment. Electronic Professional Scientific Journal «Cybersecurity: Education, Science, Technique», 3(27), 63–71. https://doi.org/10.28925/2663-4023.2025.27.703
Kriuchkova, L., Skladannyi, P., & Vorokhob, M. (2023). Pre-project Solutions for Building an Authorization System Based on the Zero Trust Concept. Electronic Professional Scientific Journal «Cybersecurity: Education, Science, Technique», 3(19), 226–242. https://doi.org/10.28925/2663-4023.2023.13.226242
Brzhevska, Z., Kyrychok, R., Platonenko, A., & Hulak, H. (2022). Assessment of the Preconditions of Formation of the Methodology of Assessment of Information Reliability. Electronic Professional Scientific Journal «Cybersecurity: Education, Science, Technique», 3(15), 164–174. https://doi.org/10.28925/2663-4023.2022.15.164174
Skladannyi, P., et al. (2023). Improving the Security Policy of the Distance Learning System based on the Zero Trust Concept. In Cybersecurity Providing in Information and Telecommunication Systems, vol. 3421 (pp. 97–106).
Syrotynskyi, R., et al. (2024). Methodology of Network Infrastructure Analysis as Part of Migration to Zero-Trust Architecture. In Cyber Security and Data Protection, vol. 3800 (pp. 97–105).
Kostiuk, Yu. V., Skladannyi, P. M., Bebeshko, B. T., Khorolska, K. V., Rzaieva, S. L., & Vorokhob, M. V. (2025). Information and communication systems security. [Textbook] Kyiv: Borys Grinchenko Kyiv Metropolitan University.
Kostiuk, Yu. V., Skladannyi, P. M., Hulak, H. M., Bebeshko, B. T., Khorolska, K. V., & Rzaieva, S. L. (2025). Information security systems. [Textbook] Kyiv: Borys Grinchenko Kyiv Metropolitan University.
Hulak, H. M., Zhyltsov, O. B., Kyrychok, R. V., Korshun, N. V., & Skladannyi, P. M. (2023). Enterprise information and cyber security. [Textbook] Kyiv: Borys Grinchenko Kyiv Metropolitan University.
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Юлія Костюк, Павло Складанний, Світлана Рзаєва, Наталія Мазур, В’ячеслав Черевик, Андрій Аносов
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
