Man-in-the-Middle Attack in HTTP/2

被引：0

作者：

Patni, Parth ^{[1
]}

Iyer, Kartik ^{[1
]}

Sarode, Rohan ^{[1
]}

Mali, Amit ^{[1
]}

Nimkar, Anant ^{[1
]}

机构：

[1] Univ Mumbai, Sardar Patel Inst Technol, Dept Comp Engn, Mumbai 400053, Maharashtra, India

来源：

PROCEEDINGS OF 2017 INTERNATIONAL CONFERENCE ON INTELLIGENT COMPUTING AND CONTROL (I2C2) | 2017年

关键词：

http/2; spdy; man in the middle; TLS; certificate forging; DNS poisoning;

D O I：

暂无

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Hyper Text Transfer Protocol Version 2 (HTTP/2) is the upgrade to the popularly used HTTP/1.1. This protocol has been created to enhance the already existing services and applications based on the older protocol with few modifications and rewriting. Thus, this has opened up to new possible vulnerabilities and attacks on them. HTTP/2 relies on Transport Layer Security (TLS) for its security. This paper intends to carry out Man-in-the-Middle (MITM) attack in an HTTP/2 environment by exploiting a known vulnerability of TLS. To the best of our knowledge, no study has been done on how MITM attacks can be launched against HTTP/2 services.

引用

页数：6

共 50 条

[21] Nino Man-In-The-Middle attack on Bluetooth Secure Simple Pairing
Hypponen, Konstantin
Haataja, Keijo M. J.
2007 THIRD IEEE/IFIP INTERNATIONAL CONFERENCE IN CENTRAL ASIA ON INTERNET, 2007, : 64 - 68
[22] Principle of and Protection of Man-in-the-middle Attack Based on ARP Spoofing
Hao, Guo
Tao, Guo
JOURNAL OF INFORMATION PROCESSING SYSTEMS, 2009, 5 (03): : 131 - 134
[23] Research on User Authentication Scheme against the Man-in-the-Middle Attack
Zhou, Xiancun
Xiong, Yan
Liu, Renjin
INFORMATION COMPUTING AND APPLICATIONS, PT 2, 2012, 308 : 1 - 8
[24] A self-confirming engine for preventing man-in-the-middle attack
Kanamori, M
Kobayashi, T
Yamaguchi, S
IEICE TRANSACTIONS ON COMMUNICATIONS, 2004, E87B (03) : 530 - 538
[25] Research on Man-in-the-Middle Denial of Service Attack in SIP VoIP
Chen, Zhe
Guo, Shize
Zheng, Kangfeng
Li, Haitao
NSWCTC 2009: INTERNATIONAL CONFERENCE ON NETWORKS SECURITY, WIRELESS COMMUNICATIONS AND TRUSTED COMPUTING, VOL 2, PROCEEDINGS, 2009, : 263 - +
[26] Comprehensive Demonstration of Man-in-the-Middle Attack in PDC and PMU Network
Swain, Kamakshi Prashadini
Tiwari, Amit
Sharma, Ankush
Chakrabarti, Saikat
Karkare, Amey
2022 22ND NATIONAL POWER SYSTEMS CONFERENCE, NPSC, 2022,
[27] Live Demonstration: Man-in-the-Middle Attack on Edge Artificial Intelligence
Hu, Bowen
He, Weiyang
Wang, Si
Liu, Wenye
Chang, Chip-Hong
2024 IEEE INTERNATIONAL SYMPOSIUM ON CIRCUITS AND SYSTEMS, ISCAS 2024, 2024,
[28] Different Flavours of Man-In-The-Middle Attack, Consequences and Feasible Solutions
Nayak, Gopi Nath
Samaddar, Shefalika Ghosh
PROCEEDINGS OF 2010 3RD IEEE INTERNATIONAL CONFERENCE ON COMPUTER SCIENCE AND INFORMATION TECHNOLOGY (ICCSIT 2010), VOL 5, 2010, : 491 - 495
[29] 论Man-in-the-Middle Attack对“云”资源威胁
王天明
网络安全技术与应用, 2012, (02) : 37 - 39
[30] Optimal Personalized Defense Strategy Against Man-In-The-Middle Attack
Li, Xiaohong
Li, Shuxin
Hao, Jianye
Feng, Zhiyong
An, Bo
THIRTY-FIRST AAAI CONFERENCE ON ARTIFICIAL INTELLIGENCE, 2017, : 593 - 599

← 1 2 3 4 5 →