DETECTION OF MAN-IN-THE-MIDDLE IN HTTPS TRANSACTIONS INDEPENDENT OF CERTIFICATE TRUST CHAIN

DETECTION OF MAN-IN-THE-MIDDLE IN HTTPS TRANSACTIONS INDEPENDENT OF CERTIFICATE TRUST CHAIN

Systems and computer program products implement methods for detecting a man-in-the-middle (MITM) during HTTPS communications. The methods include establishing a TCP connection for the retrieval of a web page from a domain name using an alternate IP address that is different from the IP address of th...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Nyíri, Juraj, Doleh, Yaser K, Bolger, Rosa M, Marzorati, Mauro
Format: Patent
Sprache:eng
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Systems and computer program products implement methods for detecting a man-in-the-middle (MITM) during HTTPS communications. The methods include establishing a TCP connection for the retrieval of a web page from a domain name using an alternate IP address that is different from the IP address of the target domain where receipt of the target web page in response to a HTTP GET message indicates that a MITM is present, using a domain name as the SNI in a TLS connection and an alternate domain name in a HTTP GET message where receipt of a target web page of the alternate domain name indicates that a MITM is present, and generating an alternate domain name using a domain generation algorithm and using the generated alternate domain name as the SNI in the TLS message where receipt of a certificate for the generated alternate domain name indicates that a MITM is present.