{"title":"在客户端-服务器系统中防御中间人攻击","authors":"D. Serpanos, R. Lipton","doi":"10.1109/ISCC.2001.935348","DOIUrl":null,"url":null,"abstract":"The deployment of several client-server applications over the Internet and emerging networks requires the establishment of the client's integrity. This is necessary for the protection of copyright of distributed material and, in general, for protection from loss of \"sensitive\" (secret) information. Clients are vulnerable to powerful man-in-the-middle attacks through viruses, which are undetectable by conventional anti-virus technology. We describe such powerful viruses and show their ability to lead to compromised clients, that cannot protect copyrighted or \"sensitive \" information. We introduce a methodology based on simple hardware devices, called \"spies\", which enables servers to establish client integrity, and leads to a successful defense against viruses that use man-in-the-middle attacks.","PeriodicalId":147986,"journal":{"name":"Proceedings. Sixth IEEE Symposium on Computers and Communications","volume":"159 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2003-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"24","resultStr":"{\"title\":\"Defense against man-in-the-middle attack in client-server systems\",\"authors\":\"D. Serpanos, R. Lipton\",\"doi\":\"10.1109/ISCC.2001.935348\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The deployment of several client-server applications over the Internet and emerging networks requires the establishment of the client's integrity. This is necessary for the protection of copyright of distributed material and, in general, for protection from loss of \\\"sensitive\\\" (secret) information. Clients are vulnerable to powerful man-in-the-middle attacks through viruses, which are undetectable by conventional anti-virus technology. We describe such powerful viruses and show their ability to lead to compromised clients, that cannot protect copyrighted or \\\"sensitive \\\" information. We introduce a methodology based on simple hardware devices, called \\\"spies\\\", which enables servers to establish client integrity, and leads to a successful defense against viruses that use man-in-the-middle attacks.\",\"PeriodicalId\":147986,\"journal\":{\"name\":\"Proceedings. Sixth IEEE Symposium on Computers and Communications\",\"volume\":\"159 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2003-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"24\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings. Sixth IEEE Symposium on Computers and Communications\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISCC.2001.935348\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings. Sixth IEEE Symposium on Computers and Communications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISCC.2001.935348","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Defense against man-in-the-middle attack in client-server systems
The deployment of several client-server applications over the Internet and emerging networks requires the establishment of the client's integrity. This is necessary for the protection of copyright of distributed material and, in general, for protection from loss of "sensitive" (secret) information. Clients are vulnerable to powerful man-in-the-middle attacks through viruses, which are undetectable by conventional anti-virus technology. We describe such powerful viruses and show their ability to lead to compromised clients, that cannot protect copyrighted or "sensitive " information. We introduce a methodology based on simple hardware devices, called "spies", which enables servers to establish client integrity, and leads to a successful defense against viruses that use man-in-the-middle attacks.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
