Keying Hash Functions for Message Authentication
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Dos and don'ts of client authentication on the web
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Man-in-the-Middle Attack to the HTTPS Protocol
IEEE Security and Privacy
Secure session management with cookies
ICICS'09 Proceedings of the 7th international conference on Information, communications and signal processing
HProxy: client-side detection of SSL stripping attacks
DIMVA'10 Proceedings of the 7th international conference on Detection of intrusions and malware, and vulnerability assessment
An empirical study of visual security cues to prevent the SSLstripping attack
Proceedings of the 27th Annual Computer Security Applications Conference
Hi-index | 0.00 |
In 2009 Moxie Marlinspike proposed a new Man-in-the- Middle (MitM) attack on secure socket layer (SSL) called SSLStrip attack at Black Hat DC, which is a serious threat to Web users. Some solutions have been proposed in literature. However, until now there is no practical countermeasure to resist on such attack. In this paper, we propose a new scheme to defend against SSLStrip attack by improving the previous secure cookie protocols and using proxy pattern and reverse proxy pattern. It implements a secure LAN guaranteed proxy in client-side, a secure server guaranteed proxy in server-side and a cookie authentication mechanism to provide the following security services: source authentication, integrity control and defending SSLStrip attack.