中科微点-全球专利检索

  1. Login
  2. Sign Up

Search Results

2 records (took 0.016 seconds)

    Detection of man-in-the-middle in HTTPS transactions
    1.
    发明专利
    Detection of man-in-the-middle in HTTPS transactions 未知

    公开(公告)号:GB2583431B

    公开(公告)日:2021-03-17

    申请号:GB202011925

    申请日:2019-01-08

    Applicant: IBM

    Inventor: MAURO MARZORATI YASER DOLEH ROSA BOLGER JURAJ NYIRI

    IPC: H04L29/06 H04L29/08

    Abstract: Systems and computer program products implement methods for detecting a man-in-the-middle (MITM) during HTTPS communications. The methods include establishing a TCP connection for the retrieval of a web page from a domain name using an alternate IP address that is different from the IP address of the target domain where receipt of the target web page in response to a HTTP GET message indicates that a MITM is present, using a domain name as the SNI in a TLS connection and an alternate domain name in a HTTP GET message where receipt of a target web page of the alternate domain name indicates that a MITM is present, and generating an alternate domain name using a domain generation algorithm and using the generated alternate domain name as the SNI in the TLS message where receipt of a certificate for the generated alternate domain name indicates that a MITM is present.

    Detection of man-in-the-middle in HTTPS transactions
    2.
    发明专利
    Detection of man-in-the-middle in HTTPS transactions 未知

    公开(公告)号:GB2583431A

    公开(公告)日:2020-10-28

    申请号:GB202011925

    申请日:2019-01-08

    Applicant: IBM

    Inventor: MAURO MARZORATI YASER DOLEH ROSA BOLGER JURAJ NYIRI

    IPC: H04L29/06 H04L29/08

    Abstract: Various methods for detecting a man-in-the-middle (MITM) during HTTPS communications are disclosed including, in some aspects, establishing a TCP connection for the retrieval of a web page from a domain name using an alternate IP address that is different from the IP address of the target domain where receipt of the target web page in response to a HTTP GET message indicates that a MITM is present, using a domain name as the SNI in a TLS connection and an alternate domain name in a HTTP GET message where receipt of a target web page of the alternate domain name indicates that a MITM is present, and generating an alternate domain name using a domain generation algorithm and using the generated alternate domain name as the SNI in the TLS message where receipt of a certificate for the generated alternate domain name indicates that a MITM is present.

Patent Agency Ranking