Ajou University repository

MitM Tool Analysis for TLS Forensics
Citations

SCOPUS

0

Citation Export

Publication Year
2021-01-01
Journal
2021 International Conference on Platform Technology and Service, PlatCon 2021 - Proceedings
Publisher
Institute of Electrical and Electronics Engineers Inc.
Citation
2021 International Conference on Platform Technology and Service, PlatCon 2021 - Proceedings
Keyword
Man-in-The-MiddleSSL SplitSSL StripTLS
Mesh Keyword
Attack methodsDigital signature certificatesEncrypted communicationInternet-servicesMan in the middleMessage authenticationSSL splitSSL stripSymmetric key cryptographyTLS
All Science Classification Codes (ASJC)
Computer Networks and CommunicationsInformation SystemsSoftwareInformation Systems and ManagementHealth Informatics
Abstract
Most recent major Internet services use TLS based encrypted communication. For the security of TLS communication, use a digital signature certificate between the client and server to ensure that each other can be trusted. Confidentiality is maintained using symmetric key cryptography, and integrity is verified through message authentication. However, even if encrypted communication through TLS is used, security issues such as MitM may occur. In this paper, we analyzed the MitM attack method and tool. The process of TLS encryption communication and representative MitM attack methods such as SSL Strip and SSL Split were analyzed. Bettercap, MitMproxy and Fiddler were analyzed as MitM attack tools. Protocols with strong security such as the HSTS protocol could also perform MitM attacks using SSL strip attack. In encrypted communication, additional authentication is required as well as a certificate.
Language
eng
URI
https://aurora.ajou.ac.kr/handle/2018.oak/36712
https://www.scopus.com/inward/record.uri?partnerID=HzOxMe3b&scp=85126215105&origin=inward
DOI
https://doi.org/10.1109/platcon53246.2021.9680752
Journal URL
http://ieeexplore.ieee.org/xpl/mostRecentIssue.jsp?punumber=9680743
Type
Conference
Show full item record

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.

Related Researcher

SHON, TAE SHIK Image
SHON, TAE SHIK손태식
Department of Cyber Security
Read More

Total Views & Downloads

File Download

  • There are no files associated with this item.