Mitigating the attacks of malicious terminals

نویسنده

  • István Zsolt BERTA
چکیده

Smart cards, having no user interface, are unable to communicate with the user directly. Communication is only possible with the aid of a terminal, which leads to several security problems. For example, if the terminal is untrusted (which is a very typical scenario), it may perform a man-in-the middle attack. I have created a formal model for dealing with untrusted terminals, and developed mathematical proofs on the limitations of a user in an untrusted terminal environment. Unfortunately, these limitations are too severe, so the attacks of malicious terminals cannot be fully eliminated. Thus, I elaborated solutions to mitigate the problem: I have developed a protocol that takes advantage of the biometric abilities of the user and thus allows sending authentic messages from untrusted terminals. I have also developed a framework for the user to review signatures made in untrusted environment, and to revoke unintended signatures.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

IMNTV-Identifying Malicious Nodes using Trust Value in Wireless Sensor Networks

Security is the major area of concern in communication channel. Security is very crucial in wireless sensor networks which are deployed in remote environments. Adversary can disrupt the communication within multi hop sensor networks by launching the attack. The common attacks which disrupt the communication of nodes are packet dropping, packet modification, packet fake routing, badmouthing atta...

متن کامل

MCA2: multi-core architecture for mitigating complexity attacks

This paper takes advantage of the emerging multi-core computer architecture to design a general framework for mitigating network-based complexity attacks. In complexity attacks, an attacker carefully crafts “heavy” messages (or packets) such that each heavy message consumes substantially more resources than a normal message. Then, it sends a sufficient number of heavy messages to bring the syst...

متن کامل

Mitigating Flooding-Based DDoS Attacks by Stochastic Fairness Queueing

Flooding-based DDoS attacks is a very common way to attack a victim machine by directly or indirectly sending a large amount of malicious traffic to it. Stochastic Fairness Queueing (SFQ) is a typical implementation of Fair Queueing. This paper focuses on exploring the feasibility of mitigating flooding-based DDoS attacks by queueing disciplines. A comparative study is made between SFQ and FCFS...

متن کامل

Mitigating Colluding Injected and Duplication Key Attacks in Manet

In this chapter, two new attacks are introduced in MANETs. The CIA in Mobile Ad hoc networks (MANETs) has been successfully eliminated in Wireless Sensor networks, but in MANETs the legitimate node is also reported as a malicious node (Farah Kandah et al 2011). In CIA, an adversary utilizes a colluding attack in MANETs by injecting malicious nodes in the network and hiding their identities from...

متن کامل

Analyzing new features of infected web content in detection of malicious web pages

Recent improvements in web standards and technologies enable the attackers to hide and obfuscate infectious codes with new methods and thus escaping the security filters. In this paper, we study the application of machine learning techniques in detecting malicious web pages. In order to detect malicious web pages, we propose and analyze a novel set of features including HTML, JavaScript (jQuery...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2005