| With the development of e-commerce, transaction security has become public attention. SSL provides a secure and reliable network environment for online transactions so that it is widely used. Although the SSL protocol provides data encryption, authentication and other security services, it still has potential risks. There's a lot of attack methods utilizing SSL protocol, one of which, SSL MITM attack (Man-in-the-Middle, MITM) is a serious method. This thesis is conducted by a series of research and development in these areas, mainly including:This thesis summarizes the existing SSL MITM attack protection in major browsers including IE, Firefox and Chrome, and analyzes their advantages and disadvantages. A SSL MITM attack detection that based on bingding of domain and certificate is proposed. This system can detect attack behavior even when computer is being injected a self-signed root certificate into root certificate list. This system uses C/S structure, consists of browser extensions and client service process in client part, and web service and data collection module in server part.To deal with difference of certificates between regions, this thesis designs and implements a crawl module, which will fetch subdomain of website first and then get root certificate info for each subdomain, and finally store the subdomain and certificate info into database, to be used in the detection system.The experimental results show that when malicious certificate is installed in a user's system, the domain and certificate's binding-based method can detect SSL-based man-in-the-middle attack behaviour. With the asynchronous detection implementation, there's little impact on user's accessing network through browser. |
PDF Full Text Request