Please use this identifier to cite or link to this item: https://hdl.handle.net/10356/70367
Title: Developing a Xen hypervisor based alternate defense against cipher suite downgrade attacks for virtual TLS servers
Authors: Pathangi Janardhanan Jatinshravan
Keywords: DRNTU::Engineering::Computer science and engineering
Issue Date: 2017
Abstract: TLS is a commonly used protocol that provides a secure communication channel through the use of encryption and is widely used by HTTPS websites. TLS allows client/server applications to communicate securely in a way that is “designed to prevent eavesdropping, tampering and message forgery” [1]. However, there are possible ways an attacker can break the security offered by TLS, one of which is a cipher suite downgrade attack, which can take the form of a FREAK attack or a Logjam, both discovered in 2015, wherein a man in the middle can force the client and the server to use a weaker cipher suite which can be broken, thus allowing the attacker access to the communication between the client and the server. In this project, I attempted to defend a TLS virtual server running on a Xen Hypervisor against downgrade attack attempts by intercepting the TLS Client Hello, which is the first message in a TLS communication, and examining the client’s preferred cipher suite, dropping the client hello if the cipher suite is not of the desired standard, thus ensuring that a TLS connection does not take place. This is done by monitoring incoming network packets from the Hypervisor’s netback driver. This solution has the benefit of the user of the virtual machine or virtual server not having to modify or worry about placing restrictions on their TLS server, as TLS Security is handled by the Hypervisor without the interference of the virtual machine. This solution can have positive implications, especially considering that the world is moving more towards virtualization and virtualized servers.
URI: http://hdl.handle.net/10356/70367
Schools: School of Computer Science and Engineering 
Rights: Nanyang Technological University
Fulltext Permission: restricted
Fulltext Availability: With Fulltext
Appears in Collections:SCSE Student Reports (FYP/IA/PA/PI)

Files in This Item:
File Description SizeFormat 
FYP Report.pdf
  Restricted Access
1.51 MBAdobe PDFView/Open

Page view(s)

292
Updated on Jun 19, 2024

Download(s) 50

20
Updated on Jun 19, 2024

Google ScholarTM

Check

Items in DR-NTU are protected by copyright, with all rights reserved, unless otherwise indicated.