Man-in-the-Middle Attack in HTTP/2

被引：0

作者：

Patni, Parth ^{[1
]}

Iyer, Kartik ^{[1
]}

Sarode, Rohan ^{[1
]}

Mali, Amit ^{[1
]}

Nimkar, Anant ^{[1
]}

机构：

[1] Univ Mumbai, Sardar Patel Inst Technol, Dept Comp Engn, Mumbai 400053, Maharashtra, India

来源：

PROCEEDINGS OF 2017 INTERNATIONAL CONFERENCE ON INTELLIGENT COMPUTING AND CONTROL (I2C2) | 2017年

关键词：

http/2; spdy; man in the middle; TLS; certificate forging; DNS poisoning;

D O I：

暂无

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Hyper Text Transfer Protocol Version 2 (HTTP/2) is the upgrade to the popularly used HTTP/1.1. This protocol has been created to enhance the already existing services and applications based on the older protocol with few modifications and rewriting. Thus, this has opened up to new possible vulnerabilities and attacks on them. HTTP/2 relies on Transport Layer Security (TLS) for its security. This paper intends to carry out Man-in-the-Middle (MITM) attack in an HTTP/2 environment by exploiting a known vulnerability of TLS. To the best of our knowledge, no study has been done on how MITM attacks can be launched against HTTP/2 services.

引用

页数：6

共 50 条

[41] Depending on HTTP/2 for Privacy? Good Luck! [J].

Mitra, Gargi .

2020 50TH ANNUAL IEEE-IFIP INTERNATIONAL CONFERENCE ON DEPENDABLE SYSTEMS AND NETWORKS-SUPPLEMENTAL VOLUME (DSN-S), 2020, :67-68

[42] Depending on HTTP/2 for Privacy? Good Luck! [J].

Mitra, Gargi ;

Vairam, Prasanna Karthik ;

Slpsk, Patanjali ;

Chandrachoodan, Nitin ;

Kamakoti, V .

2020 50TH ANNUAL IEEE/IFIP INTERNATIONAL CONFERENCE ON DEPENDABLE SYSTEMS AND NETWORKS (DSN 2020), 2020, :278-285

[43] A Multipath QUIC Scheduler for Mobile HTTP/2 [J].

Wang, Jing ;

Gao, Yunfeng ;

Xu, Chenren .

PROCEEDINGS OF THE 2019 ASIA-PACIFIC WORKSHOP ON NETWORKING (APNET '19), 2019, :43-49

[44] The upcoming new standard HTTP/2 and its impact on multi-domain websites [J].

Kim, Heejung ;

Lee, Jongseok ;

Park, Ikhyun ;

Kim, Hyungkyung ;

Yi, Dong-Hoon ;

Hur, Taesung .

2015 17TH ASIA-PACIFIC NETWORK OPERATIONS AND MANAGEMENT SYMPOSIUM APNOMS, 2015, :530-533

[45] Improving Virtual Reality Streaming using HTTP/2 [J].

Petrangeli, Stefano ;

De Turck, Filip ;

Swaminathan, Viswanathan ;

Hosseini, Mohammad .

PROCEEDINGS OF THE 8TH ACM MULTIMEDIA SYSTEMS CONFERENCE (MMSYS'17), 2017, :225-228

[46] HTTP/2 Performance Evaluation with Latency and Packet Losses [J].

Oda, Naoki ;

Yamaguchi, Saneyasu .

2018 15TH IEEE ANNUAL CONSUMER COMMUNICATIONS & NETWORKING CONFERENCE (CCNC), 2018,

[47] HTTP/2 Prioritization and its Impact on Web Performance [J].

Wijnants, Maarten ;

Marx, Robin ;

Quax, Peter ;

Lamotte, Wim .

WEB CONFERENCE 2018: PROCEEDINGS OF THE WORLD WIDE WEB CONFERENCE (WWW2018), 2018, :1755-1764

[48] Adaptation method for video streaming over HTTP/2 [J].

Nguyen, Duc V. ;

Le, Hung T. ;

Nam, Pham Ngoc ;

Pham, Anh T. ;

Thang, Truong Cong .

IEICE COMMUNICATIONS EXPRESS, 2016, 5 (03) :69-73

[49] Which Secure Transport Protocol for a Reliable HTTP/2-based Web Service : TLS or QUIC ? [J].

Saverimoutou, Antoine ;

Mathieu, Bertrand ;

Vaton, Sandrine .

2017 IEEE SYMPOSIUM ON COMPUTERS AND COMMUNICATIONS (ISCC), 2017, :879-884

[50] Analysis and Evaluation of HTTP/2 Flow Control Algorithm for IoT [J].

Londono, Diego ;

Cespedes, Sandra ;

Bustos, Javier .

2020 IEEE COLOMBIAN CONFERENCE ON COMMUNICATIONS AND COMPUTING (COLCOM), 2020,

← 1 2 3 4 5 →