Man-in-the-Middle Attack Detection Method for HTTPS Based on Temporal Features
扫码查看
点击上方二维码区域,可以放大扫码查看
原文链接
国家科技期刊平台
NETL
NSTL
万方数据
中间人攻击是网络攻击的一种常用手段,其中超文本传输安全(Hypertext Transfer Proto-col Secure,HTTPS)协议的中间人攻击危害较大,已有检测方法主要面向单客户端,以证书匹配验证为主要手段,部署成本和性能开销较高.通过分析SSL(Secure Sockets Layer)握手阶段的密钥协商、证书验证等关键报文,提出基于时间特征的HTTPS中间人攻击检测方法,从流量角度提供了 一种检测思路,具有更广泛的适用场景.实验结果表明,该方法在互联网环境测试数据集下具有较高的准确率.
Man-in-the-middle attack is a common means of network attacks,in which attacks on HT-TPS protocols are more harmful.Existing detection methods are mainly oriented to single clients,with certificate matching verification as the main means but with high deployment cost and perform-ance overhead.By analyzing key packets such as key negotiation and certificate verification during the SSL handshake phase,we propose a man-in-the-middle HTTPS attack detection method based on temporal characteristics,which provides a detection idea from the traffic perspective and has a broader application scenario.Experimental results show that the proposed method has high accuracy under the Internet environment test dataset.
国家科技期刊平台
NSTL
万方数据
