针对移动设备的SSL代理攻击及防范

2016 8th International Congress on Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT) Pub Date : 2016-10-01 DOI:10.1109/ICUMT.2016.7765380

Syed Salman Khatai, Benjamin Selormey, K. Elleithy, L. Almazaydeh

{"title":"针对移动设备的SSL代理攻击及防范","authors":"Syed Salman Khatai, Benjamin Selormey, K. Elleithy, L. Almazaydeh","doi":"10.1109/ICUMT.2016.7765380","DOIUrl":null,"url":null,"abstract":"Most of mobile applications tend to function in an insecure manner whenever they are presented with SSL certificates which cannot be trusted. This is true for the applications which are not web browsers and need to connect/communicate with the internet as a part of their operation. This paper intends to research and show if proxy SSL based attacks can be used to steal user's credentials when they enter them on mobile applications.","PeriodicalId":174688,"journal":{"name":"2016 8th International Congress on Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT)","volume":"33 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"SSL proxy attacks on mobile devices and their prevention\",\"authors\":\"Syed Salman Khatai, Benjamin Selormey, K. Elleithy, L. Almazaydeh\",\"doi\":\"10.1109/ICUMT.2016.7765380\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Most of mobile applications tend to function in an insecure manner whenever they are presented with SSL certificates which cannot be trusted. This is true for the applications which are not web browsers and need to connect/communicate with the internet as a part of their operation. This paper intends to research and show if proxy SSL based attacks can be used to steal user's credentials when they enter them on mobile applications.\",\"PeriodicalId\":174688,\"journal\":{\"name\":\"2016 8th International Congress on Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT)\",\"volume\":\"33 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 8th International Congress on Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICUMT.2016.7765380\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 8th International Congress on Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICUMT.2016.7765380","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

摘要

大多数移动应用程序倾向于以不安全的方式运行，只要它们提供不可信的SSL证书。对于不是web浏览器的应用程序来说，这是正确的，并且需要与互联网连接/通信作为其操作的一部分。本文旨在研究并展示基于代理SSL的攻击是否可以用于窃取用户在移动应用程序上输入的凭据。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

SSL proxy attacks on mobile devices and their prevention

Most of mobile applications tend to function in an insecure manner whenever they are presented with SSL certificates which cannot be trusted. This is true for the applications which are not web browsers and need to connect/communicate with the internet as a part of their operation. This paper intends to research and show if proxy SSL based attacks can be used to steal user's credentials when they enter them on mobile applications.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2016 8th International Congress on Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT)

自引率

0.00%

发文量