Abstract
Sniffer and MITM attack can do nothing to local encryption, which is a new technology, because the plaintext is merely encrypted in user’s browser. Therefore, this paper proposed a clever way to bypass local encryption to achieve the goal of network forensics, based on the idea of MITM attack. A middle device is added to the key point of the network in which the forensics is realized through hijacking and tampering with HTML pages. The system redirects the IP packet to another computer in LAN by hijacking the real IP of the server. That computer fakes the real web server, and then by inserting some code in HTML page, the unencrypted plaintext is got before the code of local encryption been executed. The results show that the object is not aware of the existence of the forensics system, but the system has logged all the information of a HTTP request, including the plaintext bypassed local encryption.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
