SSL STRIP ATTACK THREAT DETECTION DESIGN FOR IMPLEMENTATION ON RASPBERRY PI MODULE
Online transactions now rely on the security of connection between client and server. SSL protocol in HTTP communication (commonly known as HTTPS) provide security functions in network communication by utilizing the application of cryptography inside. The latest SSL version was designed to prevent d...
Saved in:
| Main Author: | |
|---|---|
| Format: | Theses |
| Language: | Indonesia |
| Online Access: | https://digilib.itb.ac.id/gdl/view/45588 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Institut Teknologi Bandung |
| Language: | Indonesia |
| id |
id-itb.:45588 |
|---|---|
| spelling |
id-itb.:455882020-01-08T08:55:06ZSSL STRIP ATTACK THREAT DETECTION DESIGN FOR IMPLEMENTATION ON RASPBERRY PI MODULE Hadynoer, Yan Indonesia Theses Detection, SSL strip, Raspberry Pi INSTITUT TEKNOLOGI BANDUNG https://digilib.itb.ac.id/gdl/view/45588 Online transactions now rely on the security of connection between client and server. SSL protocol in HTTP communication (commonly known as HTTPS) provide security functions in network communication by utilizing the application of cryptography inside. The latest SSL version was designed to prevent data theft, but still found exploitation of security holes in the implementation of SSL with MITM attacks such as hijacking HTTP traffic using SSL strip technique. SSL strip attack has long been published, but nowadays the threat can still be done for some applications that allow redirecting access. SSL Strip Mitigation models and prevention against SSL-stripping, such as Forcehttps, HProxy, SSLock, HTTPS-enforcement, MyBrowser, and CAT+S, there are still limits to these models and generally run in the application’s layer which depends on direct interaction with users, where most of them were not aware the threat of SSL stripping when accessing to the webpage. This research designed a detection method for SSL strip attack as a form of network security services that running on network layer and already implemented to Raspberry Pi module. text |
| institution |
Institut Teknologi Bandung |
| building |
Institut Teknologi Bandung Library |
| continent |
Asia |
| country |
Indonesia Indonesia |
| content_provider |
Institut Teknologi Bandung |
| collection |
Digital ITB |
| language |
Indonesia |
| description |
Online transactions now rely on the security of connection between client and server. SSL protocol in HTTP communication (commonly known as HTTPS) provide security functions in network communication by utilizing the application of cryptography inside. The latest SSL version was designed to prevent data theft, but still found exploitation of security holes in the implementation of SSL with MITM attacks such as hijacking HTTP traffic using SSL strip technique.
SSL strip attack has long been published, but nowadays the threat can still be done for some applications that allow redirecting access. SSL Strip Mitigation models and prevention against SSL-stripping, such as Forcehttps, HProxy, SSLock, HTTPS-enforcement, MyBrowser, and CAT+S, there are still limits to these models and generally run in the application’s layer which depends on direct interaction with users, where most of them were not aware the threat of SSL stripping when accessing to the webpage.
This research designed a detection method for SSL strip attack as a form of network security services that running on network layer and already implemented to Raspberry Pi module. |
| format |
Theses |
| author |
Hadynoer, Yan |
| spellingShingle |
Hadynoer, Yan SSL STRIP ATTACK THREAT DETECTION DESIGN FOR IMPLEMENTATION ON RASPBERRY PI MODULE |
| author_facet |
Hadynoer, Yan |
| author_sort |
Hadynoer, Yan |
| title |
SSL STRIP ATTACK THREAT DETECTION DESIGN FOR IMPLEMENTATION ON RASPBERRY PI MODULE |
| title_short |
SSL STRIP ATTACK THREAT DETECTION DESIGN FOR IMPLEMENTATION ON RASPBERRY PI MODULE |
| title_full |
SSL STRIP ATTACK THREAT DETECTION DESIGN FOR IMPLEMENTATION ON RASPBERRY PI MODULE |
| title_fullStr |
SSL STRIP ATTACK THREAT DETECTION DESIGN FOR IMPLEMENTATION ON RASPBERRY PI MODULE |
| title_full_unstemmed |
SSL STRIP ATTACK THREAT DETECTION DESIGN FOR IMPLEMENTATION ON RASPBERRY PI MODULE |
| title_sort |
ssl strip attack threat detection design for implementation on raspberry pi module |
| url |
https://digilib.itb.ac.id/gdl/view/45588 |
| _version_ |
1822927141238472704 |