{"title":"MitM工具分析TLS取证","authors":"Minjun Kim, Yeonghun Shin, Taeshik Shon","doi":"10.1109/PlatCon53246.2021.9680752","DOIUrl":null,"url":null,"abstract":"Most recent major Internet services use TLS based encrypted communication. For the security of TLS communication, use a digital signature certificate between the client and server to ensure that each other can be trusted. Confidentiality is maintained using symmetric key cryptography, and integrity is verified through message authentication. However, even if encrypted communication through TLS is used, security issues such as MitM may occur. In this paper, we analyzed the MitM attack method and tool. The process of TLS encryption communication and representative MitM attack methods such as SSL Strip and SSL Split were analyzed. Bettercap, MitMproxy and Fiddler were analyzed as MitM attack tools. Protocols with strong security such as the HSTS protocol could also perform MitM attacks using SSL strip attack. In encrypted communication, additional authentication is required as well as a certificate.","PeriodicalId":344742,"journal":{"name":"2021 International Conference on Platform Technology and Service (PlatCon)","volume":"77 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-08-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"MitM Tool Analysis for TLS Forensics\",\"authors\":\"Minjun Kim, Yeonghun Shin, Taeshik Shon\",\"doi\":\"10.1109/PlatCon53246.2021.9680752\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Most recent major Internet services use TLS based encrypted communication. For the security of TLS communication, use a digital signature certificate between the client and server to ensure that each other can be trusted. Confidentiality is maintained using symmetric key cryptography, and integrity is verified through message authentication. However, even if encrypted communication through TLS is used, security issues such as MitM may occur. In this paper, we analyzed the MitM attack method and tool. The process of TLS encryption communication and representative MitM attack methods such as SSL Strip and SSL Split were analyzed. Bettercap, MitMproxy and Fiddler were analyzed as MitM attack tools. Protocols with strong security such as the HSTS protocol could also perform MitM attacks using SSL strip attack. In encrypted communication, additional authentication is required as well as a certificate.\",\"PeriodicalId\":344742,\"journal\":{\"name\":\"2021 International Conference on Platform Technology and Service (PlatCon)\",\"volume\":\"77 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-08-23\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 International Conference on Platform Technology and Service (PlatCon)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/PlatCon53246.2021.9680752\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 International Conference on Platform Technology and Service (PlatCon)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PlatCon53246.2021.9680752","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Most recent major Internet services use TLS based encrypted communication. For the security of TLS communication, use a digital signature certificate between the client and server to ensure that each other can be trusted. Confidentiality is maintained using symmetric key cryptography, and integrity is verified through message authentication. However, even if encrypted communication through TLS is used, security issues such as MitM may occur. In this paper, we analyzed the MitM attack method and tool. The process of TLS encryption communication and representative MitM attack methods such as SSL Strip and SSL Split were analyzed. Bettercap, MitMproxy and Fiddler were analyzed as MitM attack tools. Protocols with strong security such as the HSTS protocol could also perform MitM attacks using SSL strip attack. In encrypted communication, additional authentication is required as well as a certificate.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
