Lin et al., 2025 - Google Patents
{PreAcher}: Secure and Practical Password {Pre-Authentication} by Content Delivery NetworksLin et al., 2025
View PDF- Document ID
- 9726864305220817053
- Author
- Lin S
- Chen S
- Xiao Y
- Gu Y
- Kuzmanovic A
- Yang X
- Publication year
- Publication venue
- 22nd USENIX Symposium on Networked Systems Design and Implementation (NSDI 25)
External Links
Snippet
In today's Internet, websites widely rely on password authentication for user logins. However, the intensive computation required for password authentication exposes web servers to Application-layer DoS (ADoS) attacks that exploit the login interfaces. Existing …
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
- H04L63/083—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using passwords
- H04L63/0838—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using passwords using one-time-passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/166—Implementing security features at a particular protocol layer at the transport layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3231—Biological data, e.g. fingerprint, voice or retina
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
- H04L63/0823—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
- H04L63/0807—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/168—Implementing security features at a particular protocol layer above the transport layer
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10484365B2 (en) | Space-time separated and jointly evolving relationship-based network access and data protection system | |
| US10469251B2 (en) | System and method for preemptive self-healing security | |
| CN108418691B (en) | SGX-based dynamic network identity authentication method | |
| Xu et al. | Data-provenance verification for secure hosts | |
| WO2014092702A1 (en) | Detecting matched cloud infrastructure connections for secure off-channel secret generation | |
| Abusaimeh | Security attacks in cloud computing and corresponding defending mechanisims | |
| Chimuco et al. | Secure cloud-based mobile apps: attack taxonomy, requirements, mechanisms, tests and automation | |
| Wu et al. | SGX-UAM: A secure unified access management scheme with one time passwords via Intel SGX | |
| CN115486030A (en) | Rogue certificate detection | |
| Kumar | Cloud computing: threats, attacks and solutions | |
| Ren et al. | Enabling secure and versatile packet inspection with probable cause privacy for outsourced middlebox | |
| Jain et al. | A literature review on machine learning for cyber security issues | |
| Joarder et al. | Exploring quic security and privacy: A comprehensive survey on quic security and privacy vulnerabilities, threats, attacks and future research directions | |
| Singh | The Role of Multi-Factor Authentication and Encryption in Securing Data Access of Cloud Resources in a Multitenant Environment | |
| Ahn et al. | Exploring encryption algorithms and network protocols: A comprehensive survey of threats and vulnerabilities | |
| Bhudia et al. | RansomClave: ransomware key management using SGX | |
| Prosper | Advanced Techniques for Securing Smart Devices: Combining Android App Vulnerability Testing, Intrusion Detection Systems, and Cryptographic Protocols | |
| Lin et al. | {PreAcher}: Secure and Practical Password {Pre-Authentication} by Content Delivery Networks | |
| Rani et al. | Classification of security issues and cyber attacks in layered internet of things | |
| Anny | Advanced Techniques for Securing Smart Devices: Combining Android App Vulnerability Testing, Intrusion Detection Systems, and Cryptographic Protocols | |
| CN115277201B (en) | A website defense system with dynamic code encapsulation | |
| Cai et al. | Appcracker: Widespread vulnerabilities in user and session authentication in mobile apps | |
| Joseph et al. | Cookie based protocol to defend malicious browser extensions | |
| Karthiga et al. | Enhancing performance of user authentication protocol with resist to password reuse attacks | |
| Bwalya et al. | A Security Framework for Mobile Application Systems: Case of Android Applications. |