• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文会议>The Second International Conferencen Networks Security, Wireless Communications and Trusted Computing (NSWCTC 2010) >Analysis and Research on HTTPS Hijacking Attacks
【24h】

Analysis and Research on HTTPS Hijacking Attacks

机译:HTTPS劫持攻击的分析与研究

获取原文
获取原文并翻译 | 示例
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

With the development of e-commerce, SSL protocol is more and more widely applied to various network services. For the defect of SSL authentication, this paper analyses two kinds of drawbacks in SSL handshake, and respectively conducts fake certificate and conversion from HTTPS to HTTP data to attack. Both of them are dangerous to HTTPS communication. For that reason, we have proposed three different measures to strengthen data security, which are static ARP table, enhanced certificate system, and two-way authentication. Experimental results show that three methods are effectively defensive against the HTTPS hijacking attacks.
机译:随着电子商务的发展,SSL协议越来越广泛地应用于各种网络服务。针对SSL认证的缺陷,本文分析了SSL握手的两种缺陷,分别进行了伪造证书和从HTTPS到HTTP数据的转换以进行攻击。它们都对HTTPS通信很危险。因此,我们提出了三种不同的措施来增强数据安全性:静态ARP表,增强的证书系统和双向身份验证。实验结果表明,三种方法均可有效防御HTTPS劫持攻击。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号