Man-in-the-Middle Attack in HTTP/2

被引：0

作者：

Patni, Parth ^{[1
]}

Iyer, Kartik ^{[1
]}

Sarode, Rohan ^{[1
]}

Mali, Amit ^{[1
]}

Nimkar, Anant ^{[1
]}

机构：

[1] Univ Mumbai, Sardar Patel Inst Technol, Dept Comp Engn, Mumbai 400053, Maharashtra, India

来源：

PROCEEDINGS OF 2017 INTERNATIONAL CONFERENCE ON INTELLIGENT COMPUTING AND CONTROL (I2C2) | 2017年

关键词：

http/2; spdy; man in the middle; TLS; certificate forging; DNS poisoning;

D O I：

暂无

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Hyper Text Transfer Protocol Version 2 (HTTP/2) is the upgrade to the popularly used HTTP/1.1. This protocol has been created to enhance the already existing services and applications based on the older protocol with few modifications and rewriting. Thus, this has opened up to new possible vulnerabilities and attacks on them. HTTP/2 relies on Transport Layer Security (TLS) for its security. This paper intends to carry out Man-in-the-Middle (MITM) attack in an HTTP/2 environment by exploiting a known vulnerability of TLS. To the best of our knowledge, no study has been done on how MITM attacks can be launched against HTTP/2 services.

引用

页数：6

共 50 条

[1] Optimal Man-In-The-Middle Stealth Attack
Faramondi, Luca
Oliva, Gabriele
Setola, Roberto
CRITICAL INFORMATION INFRASTRUCTURES SECURITY, CRITIS 2021, 2021, 13139 : 44 - 59
[2] Man-in-the-Middle Attack to the HTTPS Protocol
Callegati, Franco
Cerroni, Walter
Ramilli, Marco
IEEE SECURITY & PRIVACY, 2009, 7 (01) : 78 - 81
[3] Man-in-the-Middle (MITM) Attack Based Hijacking of HTTP Traffic Using Open Source Tools
Chordiya, Ankita R.
Majumder, Subhrajit
Javaid, Ahmad Y.
2018 IEEE INTERNATIONAL CONFERENCE ON ELECTRO/INFORMATION TECHNOLOGY (EIT), 2018, : 438 - 443
[4] Modeling of Man-in-the-Middle Attack in the Wireless Networks
Chen, Zhe
Guo, Shize
Zheng, Kangfeng
Yang, Yixian
2007 INTERNATIONAL CONFERENCE ON WIRELESS COMMUNICATIONS, NETWORKING AND MOBILE COMPUTING, VOLS 1-15, 2007, : 2255 - 2258
[5] On the Security of HB# against a Man-in-the-Middle Attack
Ouafi, Khaled
Overbeck, Raphael
Vaudenay, Serge
ADVANCES IN CRYPTOLOGY - ASIACRYPT 2008, 2008, 5350 : 108 - 124
[6] Detection of Stealth Man-In-The-Middle Attack in Wireless LAN
Kumar, Vikas
Chakraborty, Sandip
Barbhuiya, Ferdous A.
Nandi, Sukumar
2012 2ND IEEE INTERNATIONAL CONFERENCE ON PARALLEL, DISTRIBUTED AND GRID COMPUTING (PDGC), 2012, : 290 - 295
[7] Man-in-the-middle Pilot Attack for Physical Layer Authentication
Wang Shaoyu
Huang Kaizhi
Xu Xiaoming
Ma Keming
Chen Yajun
JOURNAL OF ELECTRONICS & INFORMATION TECHNOLOGY, 2021, 43 (11) : 3141 - 3148
[8] Man-in-the-middle attack on quantum secure communications with authentication
Lin, Tzu Han
Hwang, Tzonelish
QUANTUM INFORMATION PROCESSING, 2014, 13 (04) : 917 - 923
[9] Defending Against Man-In-The-Middle Attack in Repeated Games
Li, Shuxin
Li, Xiaohong
Hao, Jianye
An, Bo
Feng, Zhiyong
Chen, Kangjie
Zhang, Chengwei
PROCEEDINGS OF THE TWENTY-SIXTH INTERNATIONAL JOINT CONFERENCE ON ARTIFICIAL INTELLIGENCE, 2017, : 3742 - 3748
[10] Man-in-the-middle attack on quantum secure communications with authentication
Tzu Han Lin
Tzonelish Hwang
Quantum Information Processing, 2014, 13 : 917 - 923

← 1 2 3 4 5 →