SSL strip defense method based on historical information

A technology of historical information and rules, applied in the field of network security, can solve problems such as difficult to unify and affect wide-scale use, and achieve the effect of improving security and reliability

Active Publication Date: 2016-11-23
NANJING UNIV OF POSTS & TELECOMM
View PDF5 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Scoring standards are highly subjective and difficult to unify, which affects the possibility of wide-scale use

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • SSL strip defense method based on historical information
  • SSL strip defense method based on historical information
  • SSL strip defense method based on historical information

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0058] Below in conjunction with accompanying drawing, the specific implementation of the present invention is described in further detail:

[0059] Step 1: Establish detection rules, which include dangerous modifications to each typical sensitive data structure. Each page from the network will be checked and compared with strict rules before being sent back to the user. The HTTP Moved message detection rule detects whether the conversion of HTTP and HTTPS requests is allowed;

[0060] Establish JS detection rules through the JS preprocessing program to check whether the loaded JavaScript code has been maliciously modified; the Iframe tags rule is used to prohibit additional Iframes from overwriting the original page; the HTTP Forms rule records the form information of the page, and does not allow modification that may leak users information form.

[0061] Step 2: Configuration file generation. Such as figure 2 As shown, the page analyzer identifies key data and their attr...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a defense method aiming at SSL strip attack and based on historical information. The defense method includes: establishing detection rules, and creating configuration files of all safe sites browsed by a user through the detection rules, wherein each configuration file contains accurate using status of the corresponding site; defaulting that an attacker successfully realizes MITM (man in the middle), establishing a MITM detector, and using the configuration file and the detection rules, wherein once a page is tampered maliciously by the MITM, a system can recognize and inform the user of a network attack while stopping connection of the attacker; establishing a private data tracking module, inserting JavaScript code into a login page, and detecting whether a login request contains plaintext private information or not to completely eradicate leakage of private information. By detecting client requests and server response content, the user can be protected from the SSL strip attack, and certificate of the user can be protected from being stolen by illegal means, so that safety and reliability when the user accesses websites are improved.

Description

technical field [0001] The invention relates to a defense method against SSLstrip attack based on historical information, and belongs to the technical field of network security. Background technique [0002] The SSL protocol works on top of TCP / IP, and can provide upper-layer applications with information encryption, identity authentication, and identification services of whether the message has been modified, so that the communication between the user and the server can be transmitted on a reliable and secure channel. In addition, because it is independent from the upper-layer applications, it can be used in a very wide range. All WEB-based applications can be reliably transmitted through the SSL protocol, which is very convenient. [0003] The SSL / TLS protocol has always been considered to have password-level security. However, the implementation of their deployment and the use of them by ordinary users make this protocol prone to insecurity. This insecurity is likely to m...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/0281H04L63/1416H04L63/1441H04L63/166
Inventor 陈丹伟别宜东
Owner NANJING UNIV OF POSTS & TELECOMM
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap