Security Assessment on User Authentication by an HttpSendRequest Hooking in an HTTP Client

Most current user authentications on the web server use the server/client based HTTP protocol. In the past, the ID-password based user authentication is exposed the plaintext on the network, because of this problem, the user authentication using the SSL is researched. Through this solution, transferred the user authentication information is able to protect on the network. Nevertheless, a novel problem comes to the fore as an attack using vulnerability of the platform and it causes exposure of the user authentication information. In particular, the attacker utilizes the hooking technique for steal the user authentication information by HttpSendRequest function that sends the user authentication or connection related information. Therefore, in this paper, we analyze this kind of vulnerability and draw its result using implemented sample proof-of concept tools.

[1]  Lina Zhang,et al.  A COMPREHENSIVE ANALYSIS OF ATTACKS ON ONLINE PAYMENT SCHEMES , 2012 .

[2]  Na Li,et al.  Reverse Analysis of Malwares: A Case Study on QQ Passwords Collection , 2012, J. Softw..

[3]  Yuanzhuo Wang,et al.  Analyzing application private information leaks with privacy Petri Net , 2012, 2012 IEEE Symposium on Computers and Communications (ISCC).

[4]  Gojko Grubor,et al.  Forensic investigation of trojan defense in virtual environment , 2012 .

[5]  John C. Mitchell,et al.  Characterizing Bots' Remote Control Behavior , 2007, DIMVA.

[6]  Matej Trampus,et al.  Are e-commerce users defenceless? , 2003, Proceedings International Parallel and Distributed Processing Symposium.

[7]  Manuel García-Cervigón Gutiérrez,et al.  Browser function calls modeling for banking malware detection , 2012, 2012 7th International Conference on Risks and Security of Internet and Systems (CRiSIS).

[8]  Yuanzhuo Wang,et al.  Quantitative analysis for privacy leak software with privacy Petri net , 2012, ISI-KDD '12.