Man-in-the-Middle Attack in HTTP/2

被引：0

作者：

Patni, Parth ^{[1
]}

Iyer, Kartik ^{[1
]}

Sarode, Rohan ^{[1
]}

Mali, Amit ^{[1
]}

Nimkar, Anant ^{[1
]}

机构：

[1] Univ Mumbai, Sardar Patel Inst Technol, Dept Comp Engn, Mumbai 400053, Maharashtra, India

来源：

PROCEEDINGS OF 2017 INTERNATIONAL CONFERENCE ON INTELLIGENT COMPUTING AND CONTROL (I2C2) | 2017年

关键词：

http/2; spdy; man in the middle; TLS; certificate forging; DNS poisoning;

D O I：

暂无

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Hyper Text Transfer Protocol Version 2 (HTTP/2) is the upgrade to the popularly used HTTP/1.1. This protocol has been created to enhance the already existing services and applications based on the older protocol with few modifications and rewriting. Thus, this has opened up to new possible vulnerabilities and attacks on them. HTTP/2 relies on Transport Layer Security (TLS) for its security. This paper intends to carry out Man-in-the-Middle (MITM) attack in an HTTP/2 environment by exploiting a known vulnerability of TLS. To the best of our knowledge, no study has been done on how MITM attacks can be launched against HTTP/2 services.

引用

页数：6

共 50 条

[41] Defense against man-in-the-middle attack in client-server systems
Serpanos, DN
Lipton, RJ
PROCEEDINGS OF THE SIXTH IEEE SYMPOSIUM ON COMPUTERS AND COMMUNICATIONS, 2001, : 9 - 14
[42] Man-in-the-Middle Attack on “Quantum Dialogue with Authentication Based on Bell States”
Tzu-Han Lin
Ching-Ying Lin
Tzonelih Hwang
International Journal of Theoretical Physics, 2013, 52 : 3199 - 3203
[43] MARINE: Man-in-the-Middle Attack Resistant Trust Model in Connected Vehicles
Ahmad, Farhan
Kurugollu, Fatih
Adnane, Asma
Hussain, Rasheed
Hussain, Fatima
IEEE INTERNET OF THINGS JOURNAL, 2020, 7 (04) : 3310 - 3322
[44] Profinet IO-device emulator based on the man-in-the-middle attack
Baud, Michel
Felser, Max
2006 IEEE CONFERENCE ON EMERGING TECHNOLOGIES & FACTORY AUTOMATION, VOLS 1 -3, 2006, : 1199 - +
[45] A Precise Model to Secure Systems on Ethernet Against Man-In-The-Middle Attack
Salim, Haider
Li, Zhitang
IT PROFESSIONAL, 2021, 23 (01) : 72 - 85
[46] Quantum man-in-the-middle attack on the calibration process of quantum key distribution
Yang-Yang Fei
Xiang-Dong Meng
Ming Gao
Hong Wang
Zhi Ma
Scientific Reports, 8
[47] BLEKeeper: Response Time Behavior Based Man-In-The-Middle Attack Detection
Yurdagul, Muhammed Ali
Sencar, Husrev Taha
2021 IEEE SYMPOSIUM ON SECURITY AND PRIVACY WORKSHOPS (SPW 2021), 2021, : 214 - 220
[48] Covert Channels in the HTTP Network Protocol: Channel Characterization and Detecting Man-in-the-Middle Attacks
Brown, Erik
Yuan, Bo
Johnson, Daryl
Lutz, Peter
PROCEEDINGS OF THE 5TH INTERNATIONAL CONFERENCE ON INFORMATION WARFARE AND SECURITY, 2010, : 56 - 64
[49] Authenticated key exchange provably secure against the man-in-the-middle attack
Johnston, AM
Gemmell, PS
JOURNAL OF CRYPTOLOGY, 2002, 15 (02) : 139 - 148
[50] Analysis of Traffic Signals on an SDN for Detection and Classification of a Man-in-the-Middle Attack
D'Orsaneo, Julian
Tummala, Murali
McEachen, John
Martin, Bryan
2018 12TH INTERNATIONAL CONFERENCE ON SIGNAL PROCESSING AND COMMUNICATION SYSTEMS (ICSPCS), 2018,

← 1 2 3 4 5 →