A Network Forensics System Bypassing Web Local Encryption Businesses

P. Li; R.Z. Wang; Y.Z. Zhang; D.W. Chen

doi:10.4028/www.scientific.net/KEM.426-427.494

Paper Titles

Development of PCD Combined Tool for Machining Cylinder Block
p.477

A Study on the Intergenerational Succession of Family-Owned Businesses
p.481

An Empirical Analysis on Regional Manufacturing Integration of the Yangtze River Delta Area
p.485

Design of Virtual Enterprises’ Organization Based on Supply Chain Management
p.490

A Network Forensics System Bypassing Web Local Encryption Businesses
p.494

Research on the Mechanism of Sludge Dewatering Treatment by High-Voltage
p.499

The Data Exchange of the IGES Cured Surface in Reverse Engineering
p.503

Methods to Control Financing Risks in Colleges and Universities
p.507

A Study on Quality Management System Based on Customer Value
p.511

HomeKey Engineering MaterialsKey Engineering Materials Vols. 426-427A Network Forensics System Bypassing Web Local...

A Network Forensics System Bypassing Web Local Encryption Businesses

Abstract:

Sniffer and MITM attack can do nothing to local encryption, which is a new technology, because the plaintext is merely encrypted in user’s browser. Therefore, this paper proposed a clever way to bypass local encryption to achieve the goal of network forensics, based on the idea of MITM attack. A middle device is added to the key point of the network in which the forensics is realized through hijacking and tampering with HTML pages. The system redirects the IP packet to another computer in LAN by hijacking the real IP of the server. That computer fakes the real web server, and then by inserting some code in HTML page, the unencrypted plaintext is got before the code of local encryption been executed. The results show that the object is not aware of the existence of the forensics system, but the system has logged all the information of a HTTP request, including the plaintext bypassed local encryption.