MétaCan
Menu
Back to cohort
Record W4402436629 · doi:10.1109/tnsm.2024.3457858

Exploring QUIC Security and Privacy: A Comprehensive Survey on QUIC Security and Privacy Vulnerabilities, Threats, Attacks, and Future Research Directions

2024· article· en· W4402436629 on OpenAlex

Why this work is in the frame

A frame that forgets how it found something cannot be audited. These are the routes that admitted this work.

affAt least one author lists a Canadian institution in the pinned OpenAlex snapshot.

Bibliographic record

VenueIEEE Transactions on Network and Service Management · 2024
Typearticle
Languageen
FieldComputer Science
TopicUser Authentication and Security Systems
Canadian institutionsConcordia University
Fundersnot available
KeywordsComputer scienceComputer securityInternet privacyInformation privacyCloud computing securitySecurity analysisCloud computing

Abstract

fetched live from OpenAlex

QUIC is a modern transport protocol aiming to improve Web connection performance and security. It is the transport layer for HTTP/3. QUIC offers numerous advantages over traditional transport layer protocols, such as TCP and UDP, including reduced latency, improved congestion control, connection migration and encryption by default. However, these benefits introduce new security and privacy challenges that need to be addressed, as cyber attackers can exploit weaknesses in the protocol. QUIC’s security and privacy issues have been largely unexplored, as existing research on QUIC primarily focuses on performance upgrades. This survey paper addresses the knowledge gap in QUIC’s security and privacy challenges while proposing directions for future research to enhance its security and privacy. Our comprehensive analysis covers QUIC’s history, architecture, core mechanisms (such as cryptographic design and handshaking process), security model, and threat landscape. We examine QUIC’s significant vulnerabilities, critical security and privacy attacks, emerging threats, advanced security and privacy challenges, and mitigation strategies. Furthermore, we outline future research directions to improve QUIC’s security and privacy. By exploring the protocol’s security and privacy implications, this paper informs decision-making processes and enhances online safety for users and professionals. Our research identifies key risks, vulnerabilities, threats, and attacks targeting QUIC, providing actionable insights to strengthen the protocol. Through this comprehensive analysis, we contribute to developing and deploying a faster, more secure next-generation Internet infrastructure. We hope this investigation serves as a foundation for future Internet security and privacy innovations, ensuring robust protection for modern digital communications.

Fetched live from OpenAlex and de-inverted. Abstracts are not stored in this database: the inverted indexes are 8.6 GB of the frame’s 9.3 GB of text, and the host has 13 GB free.

Full frame distilled prediction

Teacher imitation

Not calibrated prevalence, not ground truth. Human validation pending. Learned from the 10,348 direct Codex labels and 10,348 direct Gemma labels. Candidate is the union of thresholded teacher heads; consensus is their intersection. These outputs are machine_predicted_unvalidated and are not human labels or direct frontier model labels.

metaresearch head score (Codex)0.001
metaresearch head score (Gemma)0.000
Version: codex-gemma-dda1882f352aValidation status: machine_predicted_unvalidated
Candidate categoriesMeta-epidemiology (narrow)
Consensus categoriesnone
DomainCandidate signal: none · Consensus signal: none
Study designCandidate signal: Qualitative · Consensus signal: none
GenreCandidate signal: Empirical · Consensus signal: Empirical
Teacher disagreement score0.513
Threshold uncertainty score1.000

Codex and Gemma teacher scores by category

CategoryCodexGemma
Metaresearch0.0010.000
Meta-epidemiology (narrow)0.0000.000
Meta-epidemiology (broad)0.0000.000
Bibliometrics0.0000.001
Science and technology studies0.0010.000
Scholarly communication0.0010.001
Open science0.0000.000
Research integrity0.0000.001
Insufficient payload (model declined to judge)0.0000.000

Machine scores (provisional)

The two teacher heads of the student model, read on this work. A score orders the frame for review; it never asserts a category, and the validation status ships verbatim with every row.

Baseline scores from an immature model (maturity gate not passed, 7 training rounds). Scores rank; they never assert a category.

Opus teacher head0.125
GPT teacher head0.323
Teacher spread0.199 · how far apart the two teachers sit on this one work
Validation statusscore_only:v0-immature-baseline · verbatim from the scoring run: score_only means the number may rank works, and no category label ships from it