IJSER Home >> Journal >> IJSER
International Journal of Scientific and Engineering Research
ISSN Online 2229-5518
ISSN Print: 2229-5518 7    
Website: http://www.ijser.org
scirp IJSER >> Volume 3,Issue 7,July 2012
Protection against Man-in-the-middle Attack in Banking Transaction using Steganography
Full Text(PDF, )  PP.457-464  
Author(s)
Miss.N.Albina, Dr.M.Sridhar & Dr.M.Rajani
KEYWORDS
Hypertext Transfer Protocol (HTTP), Man-in-the-Middle attack, Steganography and Cued Click Points (CCP).
ABSTRACT
The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative, hypermedia information systems. HTTP is the foundation of data communication for the World Wide Web. HTTP is not only used for communication purpose, it is also used for file/data transfer, chatting, etc. The HTTPS protocol to guarantee privacy and security in transactions ranging from home banking, e-commerce, and e-procurement to those that deal with sensitive data such as career and identity information. Users trust this protocol to prevent unauthorized viewing of their personal, financial, and confidential information over the Web. Even though the transfer of data can be attacked by the Man-in-the-Middle. This paper proposes a Steganography scheme that can be used to detect unauthorized modifications of HTTP communication. This allows detection of a possible attack on the communication. Unauthorized modification of the transmission is considered as the attacks in the banking transaction
References
[1] E. Rescorla, “HTTP Over TLS‖ ,” IETF RFC 2818, www.ietf.org/rfc/rfc2818.txt Last Accessed on February 3, 2010

[2] F. Callegati, W. Cerroni, and M. Ramilli, “Man-in-the-Middle Attack to the HTTPS Protocol‖ ,” IEEE Security and Privacy, vol.7, Jan-Feb. 2009, pp. 78-81, doi: 10.1109/MSP.2009.12

[3] D. Kristol and L. Montulli,”HTTP State Management Mechanism‖ ,” IETF RFC 2965, www.ietf.org/rfc/rfc2965.txt Last Accessed on February 3, 2010

[4] J. Katz and Y. Lindell, "Introduction to Modern Cryptography: Principles and Protocols" Chapman & Hall/CRC Press, 2007, ISBN: 978-1584885511

[5] X. Liu, J. M. Kovacs, C.T. Huang, and M. G. Gouda, “A Secure Cookie Protocol‖ ,” In Proceedings of 14th Computer Communications and Networks, San. Diego, California, USA, 2005

[6] Computer Security “ESORICS 2007 Lecture Notes in Computer Science,” 2007, Volume 4734/2007, 359-374, DOI: 10.1007/978-3-540-74835-9_24

[7] "OSGI The footings of the foundation of the platform". The Eclipse Foundation. http://www.eclipse.org/osgi/. Retrieved 25 June 2008.

[8] "Apache Tomcat 7.0”Change log". http://tomcat.apache.org/tomcat-7.0- doc /changelog.html. Retrieved 2011-03-10.

[9] http://searchsoa.techtarget.com/definition/J2EE

[10] http://www.vocal.com/cryptography/des.html

Untitled Page