Title :
Detecting Unauthorized Modification of HTTP Communication with Steganography
Author_Institution :
Fac. of Appl. Sci., Univ. of West Bohemia in Plzen, Plzen, Czech Republic
Abstract :
HTTP does not secure its requests and responses. Using Man-in-the-Middle attack, it is possible to alter the HTTP communication, while it still would look authentic. This can be a problem, if you download data such as PGP key, TOR client, access banking services on-line, or when there is an interest to filter what you can read on the Internet. It should be noted that under particular circumstances, it is possible to attack HTTPS secured communication successfully. This paper proposes a steganography scheme that can be used to detect unauthorized modifications of HTTP communication.
Keywords :
Internet; banking; steganography; telecommunication security; transport protocols; HTTP communication; HTTPS secured communication; Internet; PGP key; TOR client; banking services; man-in-the-middle attack; steganography; Access protocols; Banking; Computer networks; Cryptographic protocols; Cryptography; Information filtering; Network servers; Steganography; Web and internet services; Web server; HTTP; HTTPS; attack; cryptography; detection; steganography;
Conference_Titel :
Internet and Web Applications and Services (ICIW), 2010 Fifth International Conference on
Conference_Location :
Barcelona
Print_ISBN :
978-1-4244-6728-0
DOI :
10.1109/ICIW.2010.12
