Skip to main content
Conference Proceedings

A new scheme with secure cookie against SSLStrip attack

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2012) 7529 LNCS 214-221
DOI: 10.1007/978-3-642-33469-6_30
4Citations
Citations of this article
6Readers
Mendeley users who have this article in their library.
Get full text

Abstract

In 2009 Moxie Marlinspike proposed a new Man-in-the- Middle (MitM) attack on secure socket layer (SSL) called SSLStrip attack at Black Hat DC, which is a serious threat to Web users. Some solutions have been proposed in literature. However, until now there is no practical countermeasure to resist on such attack. In this paper, we propose a new scheme to defend against SSLStrip attack by improving the previous secure cookie protocols and using proxy pattern and reverse proxy pattern. It implements a secure LAN guaranteed proxy in clientside, a secure server guaranteed proxy in server-side and a cookie authentication mechanism to provide the following security services: source authentication, integrity control and defending SSLStrip attack. © Springer-Verlag Berlin Heidelberg 2012.

Author supplied keywords

Cite

CITATION STYLE

APA

Zhao, S., Yang, W., Wang, D., & Qiu, W. (2012). A new scheme with secure cookie against SSLStrip attack. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 7529 LNCS, pp. 214–221). https://doi.org/10.1007/978-3-642-33469-6_30

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free