Survey of Attacks against HTTPS: Analysis, Exploitation, and Mitigation Strategies-Reference-Cited by-同舟云学术

Survey of Attacks against HTTPS: Analysis, Exploitation, and Mitigation Strategies

Published:2024-03-30 Issue:4 Volume:13 Page:28-34
ISSN:2278-3075
Container-title:International Journal of Innovative Technology and Exploring Engineering
language:
Short-container-title:IJITEE

Author:

,Kumar Adithyan Arun^ORCID,Rajendran Gowthamaraj^ORCID, ,Srinivasan Nitin^ORCID, ,Sridhar Praveen Kumar^ORCID, ,Perumalsamy Kishore Kumar^ORCID,

Abstract

This research paper aims to provide a comprehensive overview of known attacks against HTTPS, focusing on the SSL and TLS protocols. The paper begins by explaining the working of HTTPS, followed by detailed descriptions of SSL and TLS protocols. Subsequently, it explores common attacks against HTTPS, providing an in-depth analysis of each attack, along with proof-of-concept (PoC) demonstrations. Furthermore, the paper outlines mitigation strategies to address each attack, emphasizing the importance of proactive security measures. Finally, a conclusion is drawn, highlighting the evolving nature of HTTPS attacks and the continuous need for robust security practices.

Publisher

Blue Eyes Intelligence Engineering and Sciences Engineering and Sciences Publication - BEIESP

Reference15 articles.

1. S. Puangpronpitag and N. Sriwiboon, "Simple and Lightweight HTTPS Enforcement to Protect against SSL Striping Attack," 2012 Fourth International Conference on Computational Intelligence, Communication Systems and Networks, Phuket, Thailand, 2012, pp. 229-234, doi: 10.1109/CICSyN.2012.50.

2. Nagendran, K., et al. "Sniffing HTTPS Traffic in LAN by Address Resolution Protocol Poisoning." International Journal of Pure and Applied Mathematics 119.12 (2018): 1187-1195.

3. A. Adithyan, K. Nagendran, R. Chethana, G. Pandy D. and G. Prashanth K., "Reverse Engineering and Backdooring Router Firmwares," 2020 6th International Conference on Advanced Computing and Communication Systems (ICACCS), Coimbatore, India, 2020, pp. 189-193, doi: 10.1109/ICACCS48705.2020.9074317.

4. P. Sirohi, A. Agarwal and S. Tyagi, "A comprehensive study on security attacks on SSL/TLS protocol," 2016 2nd International Conference on Next Generation Computing Technologies (NGCT), Dehradun, India, 2016, pp. 893-898, doi: 10.1109/NGCT.2016.7877537.

5. V. Platenka, A. Mazalek and Z. Vranova, "Attacks on devices using SSL/TLS," 2021 International Conference on Military Technologies (ICMT), Brno, Czech Republic, 2021, pp. 1-6, doi: 10.1109/ICMT52455.2021.9502818.

Cited by 1 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. A Novel Post Exploitation Framework for Red Team Operations - Buzzard;2024 International Conference on Intelligent Systems for Cybersecurity (ISCS);2024-05-03