{"id":"https://openalex.org/W7151622641","doi":"https://doi.org/10.48550/arxiv.2604.04099","title":"Invisible Adversaries: A Systematic Study of Session Manipulation Attacks on VPNs","display_name":"Invisible Adversaries: A Systematic Study of Session Manipulation Attacks on VPNs","publication_year":2026,"publication_date":"2026-04-05","ids":{"openalex":"https://openalex.org/W7151622641","doi":"https://doi.org/10.48550/arxiv.2604.04099"},"language":null,"primary_location":{"id":"doi:10.48550/arxiv.2604.04099","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2604.04099","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Preprint"},"type":"preprint","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doi.org/10.48550/arxiv.2604.04099","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5133066123","display_name":"Yuxiang Yang","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Yang, Yuxiang","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5133095415","display_name":"Ao Wang","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Wang, Ao","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5133112411","display_name":"Xuewei Feng","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Feng, Xuewei","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5133075909","display_name":"Qi Li","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Li, Qi","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5133084246","display_name":"Ke Xu","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Xu, Ke","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":0,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.3095000088214874,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.3095000088214874,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10651","display_name":"IPv6, Mobility, Handover, Networks, Security","score":0.19040000438690186,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.15970000624656677,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/session","display_name":"Session (web analytics)","score":0.8102999925613403},{"id":"https://openalex.org/keywords/evasion","display_name":"Evasion (ethics)","score":0.5245000123977661},{"id":"https://openalex.org/keywords/botnet","display_name":"Botnet","score":0.44839999079704285},{"id":"https://openalex.org/keywords/private-network","display_name":"Private network","score":0.44290000200271606},{"id":"https://openalex.org/keywords/state","display_name":"State (computer science)","score":0.40400001406669617},{"id":"https://openalex.org/keywords/server","display_name":"Server","score":0.39259999990463257},{"id":"https://openalex.org/keywords/connection","display_name":"Connection (principal bundle)","score":0.3546000123023987},{"id":"https://openalex.org/keywords/censorship","display_name":"Censorship","score":0.3522999882698059},{"id":"https://openalex.org/keywords/resource","display_name":"Resource (disambiguation)","score":0.336899995803833}],"concepts":[{"id":"https://openalex.org/C2779182362","wikidata":"https://www.wikidata.org/wiki/Q17126187","display_name":"Session (web analytics)","level":2,"score":0.8102999925613403},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7382000088691711},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5673999786376953},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.5430999994277954},{"id":"https://openalex.org/C2781251061","wikidata":"https://www.wikidata.org/wiki/Q5416089","display_name":"Evasion (ethics)","level":3,"score":0.5245000123977661},{"id":"https://openalex.org/C22735295","wikidata":"https://www.wikidata.org/wiki/Q317671","display_name":"Botnet","level":3,"score":0.44839999079704285},{"id":"https://openalex.org/C117387248","wikidata":"https://www.wikidata.org/wiki/Q11186","display_name":"Private network","level":2,"score":0.44290000200271606},{"id":"https://openalex.org/C48103436","wikidata":"https://www.wikidata.org/wiki/Q599031","display_name":"State (computer science)","level":2,"score":0.40400001406669617},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.39259999990463257},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.3644999861717224},{"id":"https://openalex.org/C13355873","wikidata":"https://www.wikidata.org/wiki/Q2920850","display_name":"Connection (principal bundle)","level":2,"score":0.3546000123023987},{"id":"https://openalex.org/C52930066","wikidata":"https://www.wikidata.org/wiki/Q543","display_name":"Censorship","level":2,"score":0.3522999882698059},{"id":"https://openalex.org/C206345919","wikidata":"https://www.wikidata.org/wiki/Q20380951","display_name":"Resource (disambiguation)","level":2,"score":0.336899995803833},{"id":"https://openalex.org/C191197275","wikidata":"https://www.wikidata.org/wiki/Q1755775","display_name":"Session key","level":3,"score":0.3346000015735626},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.3043999969959259},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.296999990940094},{"id":"https://openalex.org/C148176105","wikidata":"https://www.wikidata.org/wiki/Q206494","display_name":"Transport Layer Security","level":3,"score":0.2955000102519989},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.2872999906539917},{"id":"https://openalex.org/C196491621","wikidata":"https://www.wikidata.org/wiki/Q554830","display_name":"Man-in-the-middle attack","level":3,"score":0.2791000008583069},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.2768000066280365},{"id":"https://openalex.org/C169485995","wikidata":"https://www.wikidata.org/wiki/Q42283","display_name":"File Transfer Protocol","level":3,"score":0.27639999985694885},{"id":"https://openalex.org/C65567647","wikidata":"https://www.wikidata.org/wiki/Q81414","display_name":"Internet protocol suite","level":3,"score":0.2752000093460083},{"id":"https://openalex.org/C2778137410","wikidata":"https://www.wikidata.org/wiki/Q2732820","display_name":"Government (linguistics)","level":2,"score":0.2736999988555908},{"id":"https://openalex.org/C203133693","wikidata":"https://www.wikidata.org/wiki/Q7283","display_name":"Terrorism","level":2,"score":0.26179999113082886},{"id":"https://openalex.org/C2775936607","wikidata":"https://www.wikidata.org/wiki/Q466845","display_name":"Tracking (education)","level":2,"score":0.2612999975681305},{"id":"https://openalex.org/C86844869","wikidata":"https://www.wikidata.org/wiki/Q2798820","display_name":"Hacker","level":2,"score":0.2556000053882599}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.48550/arxiv.2604.04099","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2604.04099","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"Preprint"}],"best_oa_location":{"id":"doi:10.48550/arxiv.2604.04099","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2604.04099","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Preprint"},"sustainable_development_goals":[{"score":0.8315447568893433,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"Virtual":[0],"Private":[1],"Networks":[2],"(VPNs)":[3],"are":[4,152],"widely":[5],"used":[6],"for":[7],"censorship":[8],"evasion":[9],"and":[10,23,75,90,137,149,174,179],"traffic":[11,92],"protection.":[12],"VPN":[13,38,68,104,141],"users":[14,33],"expect":[15],"to":[16,35,101,154],"be":[17,29,42],"provided":[18],"with":[19,167],"adequate":[20],"security":[21],"protection,":[22],"at":[24,155],"the":[25,36,45,63,102,159,177],"same":[26,37,103],"time":[27],"not":[28],"affected":[30],"by":[31],"other":[32,114],"connected":[34],"server,":[39],"which":[40],"can":[41,106],"illustrated":[43],"as":[44],"non-interference":[46],"property.":[47],"However,":[48],"in":[49,170],"this":[50,59],"paper,":[51],"we":[52],"have":[53,162],"identified":[54],"several":[55],"vulnerabilities":[56],"that":[57,146],"violate":[58],"property,":[60],"specifically":[61],"within":[62],"connection":[64,131],"tracking":[65,132],"frameworks":[66,133,148],"of":[67,78,113,158],"servers,":[69],"stemming":[70],"from":[71,176],"shared":[72],"resource":[73],"misuse":[74],"insufficient":[76],"validation":[77],"session":[79,85],"state":[80],"transitions.":[81],"We":[82,124,161],"present":[83],"three":[84],"manipulation":[86],"attacks":[87,127],"targeting":[88],"TCP":[89,111],"UDP":[91],"tunneled":[93],"through":[94],"VPNs.":[95],"The":[96],"attacker":[97],"who":[98],"only":[99],"connects":[100],"server":[105],"launch":[107],"denial-of-service":[108],"attacks,":[109],"hijack":[110],"connections":[112],"clients,":[115],"or":[116],"inject":[117],"forged":[118],"DNS":[119],"responses":[120],"into":[121],"their":[122],"queries.":[123],"evaluate":[125],"these":[126],"against":[128],"five":[129],"popular":[130],"across":[134],"different":[135],"OSes":[136],"nine":[138],"major":[139],"commercial":[140],"providers.":[142,180],"Experimental":[143],"results":[144],"reveal":[145],"all":[147],"eight":[150],"providers":[151],"vulnerable":[153],"least":[156],"one":[157],"attacks.":[160],"responsibly":[163],"disclosed":[164],"our":[165],"findings":[166],"countermeasures,":[168],"resulting":[169],"19":[171],"assigned":[172],"CVEs/CNVDs":[173],"acknowledgments":[175],"communities":[178]},"counts_by_year":[],"updated_date":"2026-07-01T06:00:48.157686","created_date":"2026-04-08T00:00:00"}
