Harsha et al., 2021 - Google Patents
Bicycle attacks considered harmful: Quantifying the damage of widespread password length leakageHarsha et al., 2021
View PDF- Document ID
- 15438249578483502391
- Author
- Harsha B
- Morton R
- Blocki J
- Springer J
- Dark M
- Publication year
- Publication venue
- Computers & Security
External Links
Snippet
This work examines the issue of password length leakage via encrypted traffic ie, bicycle attacks. We aim to quantify both the prevalence of password length leakage bugs as well as the potential harm to users. We discuss several ways in which an eavesdropping attacker …
- 238000004458 analytical method 0 abstract description 34
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
- H04L63/083—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using passwords
- H04L63/0838—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using passwords using one-time-passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Harsha et al. | Bicycle attacks considered harmful: Quantifying the damage of widespread password length leakage | |
| US9686294B2 (en) | Protection of communication on a vehicular network via a remote security service | |
| Khrais | Highlighting the vulnerabilities of online banking system | |
| EP3965364A1 (en) | Hierarchical risk assessment and remediation of threats in mobile networking environment | |
| CN101141447A (en) | HTTPS communication tunnel security inspection and content filtering system and method | |
| Ali et al. | The effects of cyber threats on customer’s behaviour in e-banking services | |
| Prisha et al. | E-commerce security and identity integrity: the future of virtual shopping | |
| Mandlekar et al. | Survey on fog computing mitigating data theft attacks in cloud | |
| Koupaei et al. | Security analysis threats attacks mitigations and its impact on the internet of things (IoT) | |
| Liew et al. | One-time knocking framework using SPA and IPsec | |
| Hussain et al. | A survey on cyber security threats and their solutions | |
| Nwogu | Improving the security of the internet banking system using three-level security implementation | |
| Protection | 50M | |
| Peha | The dangerous policy of weakening security to facilitate surveillance | |
| CN107360132B (en) | Method and system for preventing session replay | |
| Hussein | A proposed anti-fraud authentication approach for mobile banking apps | |
| Fitria | Banking Malware Attacks and Security Solutions Review | |
| Yoo | Research on security threats emerging from blockchain-based services | |
| Varshney et al. | Cyber crime awareness and corresponding countermeasures | |
| Choi et al. | A Study of Prevention Model the Spread of Phishing Attack for Protection the Medical Information | |
| Vinodhini et al. | Prevention of personal data in cloud computing using bio-metric | |
| ES2962828T3 (en) | Method to trace malicious endpoints in direct communication with an application server using TLS fingerprinting technique | |
| Kaur et al. | An Empirical study on Network security threats and Solutions. | |
| Vikhe et al. | Data provenance verification for secure hosts using advance cryptography algorithm | |
| Yinxiang et al. | Research on the S/KEY one-time password authentication system and its application in banking and financial systems |