Related papers: TLS hardening
Remote Procedure Calls (RPC) are widely used over the Internet as they provide a simple and elegant way of interaction between the client and the server. This paper proposes a solution for securing the remote procedure calls (RPC) by…
Development of information technology, especially in the field of computer network allows the exchange of information faster and more complex and the data that is exchanged can vary. Security of data on communication in the network is a…
Internet traffic is increasingly encrypted. While this protects the confidentiality and integrity of communication, it prevents network monitoring systems (NMS) and intrusion detection systems (IDSs) from effectively analyzing the now…
Securing the communication between a web server and a browser is a fundamental task of securing the World Wide Web. Websites today rely heavily on HTTPS to set up secure connections. In recent years, several incidents undermined this trust…
Security Hardening is the process of configuring IT systems to ensure the security of the systems' components and data they process or store. In many cases, so-called security-configuration guides are used as a basis for security hardening.…
We present new analytic techniques for inferring HTTP semantics from passive observations of HTTPS that can infer the value of important fields including the status-code, Content-Type, and Server, and the presence or absence of several…
TLS protocol is an essential part of secure Internet communication. In past, many attacks have been identified on the protocol. Most of these attacks are due to flaws in protocol implementation. The flaws are due to improper design and…
Experience shows that most researchers and developers tend to treat plain-domains (those that are not prefixed with "www" sub-domains, e.g. "example.com") as synonyms for their equivalent www-domains (those that are prefixed with "www"…
Traffic monitoring is essential for network management tasks that ensure security and QoS. However, the continuous increase of HTTPS traffic undermines the effectiveness of current service-level monitoring that can only rely on unreliable…
Security and Privacy are crucial in modern Internet services. Transport Layer Security (TLS) has largely addressed the issue of security. However, information about the type of service being accessed goes in plain-text in the initial…
The robustness principle, written by Jon Postel in an early version of TCP implementation, states that the communicating entities should be liberal while accepting the data. Several entities on the Internet do follow this principle. For…
Following QUIC protocol ratification on May 2021, the third major version of the Hypertext Transfer Protocol, namely HTTP/3, was published around one year later in RFC 9114. In light of these consequential advancements, the current work…
With the phenomenal growth in the Internet, network security has become an integral part of computer and information security. In order to come up with measures that make networks more secure, it is important to learn about the…
TLS 1.3 marks a significant departure from previous versions of the Transport Layer Security protocol (TLS). The new version offers a simplified protocol flow, more secure cryptographic primitives, and new features to improve performance,…
Browser fingerprinting is the identification of a browser through the network traffic captured during communication between the browser and server. This can be done using the HTTP protocol, browser extensions, and other methods. This paper…
Mutual TLS (mTLS) provides strong, certificate-based authentication for both clients and servers, yet its adoption for user-facing websites remains rare. This paper presents a longitudinal study of mTLS usability, tracking 46 senior and…
This paper tackles the problems of generating concrete test cases for testing whether an application is vulnerable to attacks, and of checking whether security solutions are correctly implemented. The approach proposed in the paper aims at…
Today, Internet offers many critical applications. So, it becomes very crucial for Internet service providers to ensure traceability of operations and to secure data exchange. Since all these communications are based on the use of the…
Today, Internet becomes the essential part of our lives. Over 90 percent of the ecommerce is developed on the Internet. A security algorithm became very necessary for producer client transactions assurance and the financial applications…
Spectre v1 attacks pose a substantial threat to security-critical software, particularly cryptographic implementations. Existing software mitigations, however, often introduce excessive overhead by indiscriminately hardening instructions…