2009
DOI: 10.1109/msp.2009.12
|View full text |Cite
|
Sign up to set email alerts
|

Man-in-the-Middle Attack to the HTTPS Protocol

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
120
0
2

Year Published

2011
2011
2024
2024

Publication Types

Select...
3
3
2

Relationship

0
8

Authors

Journals

citations
Cited by 280 publications
(122 citation statements)
references
References 1 publication
0
120
0
2
Order By: Relevance
“…6, we assume that the hacker is able to intercept the HTTPS connection between the client and the guest book form using a proxy tool by, for example, following the guidelines explained in [1]. The hacker first configures the tool to automatically inject an XSS script in a certain part of the HTTPS request sent to the guest book form (<<create>> and configureAutoInjectXSSscriptInMsgInHTTPSRequest).…”
Section: Identifying Threat Scenarios With Respect To the Integrity Omentioning
confidence: 99%
See 2 more Smart Citations
“…6, we assume that the hacker is able to intercept the HTTPS connection between the client and the guest book form using a proxy tool by, for example, following the guidelines explained in [1]. The hacker first configures the tool to automatically inject an XSS script in a certain part of the HTTPS request sent to the guest book form (<<create>> and configureAutoInjectXSSscriptInMsgInHTTPSRequest).…”
Section: Identifying Threat Scenarios With Respect To the Integrity Omentioning
confidence: 99%
“…Figure 12 shows likelihood estimates for the third path in which UI1 occurs. Intercepting HTTPS connections is possible and in some situations easy to carry out [1]. However, the exploitability of vulnerabilities in encrypted communication protocols, such as HTTPS, is difficult on a large scale [20].…”
Section: Estimating Risks Posed On the Integrity Of The Guest-book's mentioning
confidence: 99%
See 1 more Smart Citation
“…Un ataque Spoofing consiste en aplicar técnicas de suplantación de identidad generalmente con usos maliciosos o de investigación [20]. El objetivo de este ataque es alcanzar la confianza de su víctima haciéndose pasar por otra máquina.…”
Section: Ataque De Suplantación De Identidad (Spoofing)unclassified
“…Other types of MITM attack can be found in https [41,42], Bluetooth [43]. [42] shows a more thorough discussion of MITM attacks in tunneled authentication protocols.…”
Section: Man In the Middlementioning
confidence: 99%