Paper Info
Title
A new strategy to defense against SSLStrip for Android
Abstract
Many Android applications have a legitimate need to communicate over the Internet, so it is needed to protect potential sensitive data during the transmission. Since smart phones are in a mobile network environment, it is easier to be exploited to launch Man-in-the-Middle (MITM) attacks. This paper installs the application SSLStrip for Android which is downloaded from Github, studies its attack process and basic principle, and then proposes a strategy to defense against SSLStrip attacks. The authors extend the function of DHCP server; also an Android application based on Tcpdump is to be developed. This application can receive and analyze DHCP messages from the DHCP server, and get the MAC address of gateway from DHCP message, then record it into ARP-Cache statically. In this way, SSLStrip MITM attacks can be prevented thoroughly in a mobile network environment.
Year
DOI
Venue
2013
10.1109/ICCT.2013.6820349
ICCT
Keywords
Field
DocType
android (operating system),computer network security,cryptographic protocols,data protection,local area networks,network servers,smart phones,transport protocols,arp-cache,android applications,dhcp message analysis,dhcp message receiving,dhcp server function,github,mac address,sslstrip mitm attacks,data transmission,gateway,man-in-the-middle attacks,mobile network environment,sensitive data protection,tcpdump,arp (address resolution protocol),android,dhcp (dynamic host configuration protocol),mitm (man-in-the-middle),sslstrip,logic gates,protocols,humanoid robots,security,servers
ipconfig,Man-in-the-middle attack,Android (operating system),MAC address,Computer security,Computer science,Server,Computer network,Dynamic Host Configuration Protocol,Default gateway,The Internet
Conference
Citations 
PageRank 
References 
1
0.36
8
Authors
4
Name
Order
Citations
PageRank
Yan Zhao11613.39
lei youxun211.37
Tan Yang32310.97
Cui Yidong496.35