Patent
A method and equipment for detecting man-in-the-middle attack by user equipment
Reads0
Chats0
TLDR
In this article, the authors proposed a method for detecting man-in-the-middle attacks by user equipment, which comprises the following steps: transmitting a plurality of corresponding TCP (Transmission Control Protocol) handshake requests to the plurality of random IP (Internet Protocol) addresses; determining TCP handshake success count corresponding to the corresponding TCP handshake requests according to whether the corresponding PT handshake requests succeed in preset time; and determining whether manin the middle attack does not exist or not in a current network of the user equipment if the TCP handshake successful count is less than or equal to a TCP handshakeAbstract:
The purpose of the invention is to provide a method for detecting man-in-the-middle attack by user equipment. The method comprises the following steps: transmitting a plurality of corresponding TCP (Transmission Control Protocol) handshake requests to a plurality of random IP (Internet Protocol) addresses; determining TCP handshake success count corresponding to the corresponding TCP handshake requests according to whether the corresponding TCP handshake requests succeed in preset time; and determining whether man-in-the-middle attack does not exist or not in a current network of the user equipment if the TCP handshake success count is less than or equal to a TCP handshake success threshold. According to the method disclosed by the invention, SSLSniff man-in-the-middle attack, SSLStrip man-in-the-middle attack and website distortion man-in-the-middle attack in the man-in-the-middle attack can be actively detected, the coverage area is wide, the man-in-the-middle attack is rapidly recognized, the user waiting time is greatly shortened, and the user side can conveniently take corresponding defensive measures in the shortest time.read more
Citations
More filters
Patent
Threat discovery model construction technology based on digital certificate
Sun Bo,Li Yingbo,Zhang Wei,Si Chengxiang,Zhang Jiansong,Li Shengnan,Mao Weixuan,Ge Weilin,Wang Yifang,Hu Xiaoxu,Wang Mengyu +10 more
TL;DR: In this paper, a threat discovery model construction technology based on a digital certificate is proposed, which comprises the following steps: detecting a port of a specified IP end: (1) acquiring detailed information of a port certificate; (2) acquiring a connection response time difference; (1.3) acquiring port connection home page information;(1.4) acquiring information of other ports; and 2) analyzing the acquired data: (2.
References
More filters
Patent
Methods and Systems for Detecting Man-in-the-Browser Attacks
William E. Sobel,Sourabh Satish +1 more
TL;DR: A computer-implemented method for detecting man-in-the-browser attacks may include identifying a transaction fingerprint associated with a web site and tracking a user's input to the web site as mentioned in this paper.
Patent
TLS connection abandoning
TL;DR: In this article, the authors propose a mechanism to enable the appliance to extract itself from man-in-the-middle (MITM) processing during a client-server handshake and without interrupting that connection.
Patent
Method of detecting man-in-middle attack and apparatus thereof
Wu Rong,He Chengdong,Gan Lu +2 more
TL;DR: In this paper, a method for detecting a man-in-middle attack and an apparatus thereof was proposed, which comprises the following steps that a MeNB receives a first inspection request message sent by a SeNB and the first inspection message comprises first identification information and a first data package counting value; the MeNB generates a second inspection response message generated by the user terminal according to the second request message and the second response message comprises second IDS and a second data package count value.
Patent
Establishing method for SSL connection and communication method and device based on SSL connection
TL;DR: In this paper, an interlocking mechanism is introduced in the process of establishing SSL connection between a client side and a server, and the MAC values of the encrypted message ciphertext data are respectively calculated.
Patent
Method and device of detecting session hijacking
TL;DR: In this paper, the authors present a method and a device for detecting session hijacking. The method comprises the steps of, in response to a fact that a session request message sent to a server-side by a clientis detected, detecting a response message for asession request message; when the response message is detected, obtaining an identifier of a first session based on the response messages, wherein the first session is a session built for the session request messages; judging whether the response is detected for the first time based on identifier of the firstsession; and if the judgment result is negative
Related Papers (5)
Anti-attack method and device, router device and machine readable memory medium
Xu Liangzhang,Wang Dong +1 more
Method and device for transmitting handshake message in communication system
Kaijun Xia,Yijiong Zhang +1 more