信息工程大学学报2024,Vol.25Issue(2):189-195,7.DOI:10.3969/j.issn.1671-0673.2024.02.010
基于时间特征的HTTPS中间人攻击检测方法
Man-in-the-Middle Attack Detection Method for HTTPS Based on Temporal Features
摘要
Abstract
Man-in-the-middle attack is a common means of network attacks,in which attacks on HT-TPS protocols are more harmful.Existing detection methods are mainly oriented to single clients,with certificate matching verification as the main means but with high deployment cost and perform-ance overhead.By analyzing key packets such as key negotiation and certificate verification during the SSL handshake phase,we propose a man-in-the-middle HTTPS attack detection method based on temporal characteristics,which provides a detection idea from the traffic perspective and has a broader application scenario.Experimental results show that the proposed method has high accuracy under the Internet environment test dataset.关键词
HTTPS协议/流量劫持/中间人攻击/攻击检测/机器学习Key words
HTTPS protocol/traffic hijacking/man-in-the-middle attack/attack detection/ma-chine learning分类
信息技术与安全科学引用本文复制引用
姜博,林伟..基于时间特征的HTTPS中间人攻击检测方法[J].信息工程大学学报,2024,25(2):189-195,7.基金项目
国家重点研发计划前沿科技创新专项基金资助项目(2019QY1300) (2019QY1300)
