A Strategy for Middleman Attack Prevention in Remote Desktop Protocol

doi:10.1007/s12204-015-1592-0

上海交通大学学报（英文版） ›› 2015, Vol. 20 ›› Issue (1): 82-85.doi: 10.1007/s12204-015-1592-0

A Strategy for Middleman Attack Prevention in Remote Desktop Protocol

HE Jing-sha1,2 (何泾沙), XU Chen1* (徐琛), ZHANG Yi-xuan1 (张伊璇), ZHOU Shi-yi2 (周世义)

(1. School of Software Engineering, Beijing University of Technology, Beijing 100124, China; 2. Low Carbon Research Center, Beijing Development Area Co., Ltd., Beijing 100176, China)

出版日期:2015-02-28 发布日期:2015-03-10
通讯作者: XU Chen (徐琛) E-mail:xc_cn@foxmail.com

A Strategy for Middleman Attack Prevention in Remote Desktop Protocol

HE Jing-sha1,2 (何泾沙), XU Chen1* (徐琛), ZHANG Yi-xuan1 (张伊璇), ZHOU Shi-yi2 (周世义)

(1. School of Software Engineering, Beijing University of Technology, Beijing 100124, China; 2. Low Carbon Research Center, Beijing Development Area Co., Ltd., Beijing 100176, China)

Online:2015-02-28 Published:2015-03-10
Contact: XU Chen (徐琛) E-mail:xc_cn@foxmail.com

摘要/Abstract

摘要： This paper introduces the middleman attack methods which are against the remote desktop protocol (RDP), discusses advantages and disadvantages of several current mainstream prevention strategies, and puts forward a new prevention strategy. The strategy, taking advantage of the original key agreement process of the RDP, designs a piecewise authentication scheme of the key agreement. Using the strategy can achieve the purpose of prevention and detection of middleman attacks. Finally, the security of the strategy is analyzed.

关键词: remote desktop protocol (RDP), key agreement, middleman attack, prevention and detection

Abstract: This paper introduces the middleman attack methods which are against the remote desktop protocol (RDP), discusses advantages and disadvantages of several current mainstream prevention strategies, and puts forward a new prevention strategy. The strategy, taking advantage of the original key agreement process of the RDP, designs a piecewise authentication scheme of the key agreement. Using the strategy can achieve the purpose of prevention and detection of middleman attacks. Finally, the security of the strategy is analyzed.

Key words: remote desktop protocol (RDP), key agreement, middleman attack, prevention and detection

中图分类号:

TP 393.04

HE Jing-sha1,2 (何泾沙), XU Chen1* (徐琛), ZHANG Yi-xuan1 (张伊璇), ZHOU Shi-yi2 (周世义). A Strategy for Middleman Attack Prevention in Remote Desktop Protocol[J]. 上海交通大学学报（英文版）, 2015, 20(1): 82-85.

HE Jing-sha1,2 (何泾沙), XU Chen1* (徐琛), ZHANG Yi-xuan1 (张伊璇), ZHOU Shi-yi2 (周世义). A Strategy for Middleman Attack Prevention in Remote Desktop Protocol[J]. Journal of shanghai Jiaotong University (Science), 2015, 20(1): 82-85.

参考文献 4

[1]	Luo Peng, Zhu Yue-fei. Security of Windows RDP protocol [J]. Computer Engineering, 2007, 33(20):145-147 (in Chinese).
[2]	Guo Hao, Guo Tao. A method of man-in-t he-middle attack based on ARP spoofing [J]. Information Security and Communications Privacy, 2005, 10(1): 66-68(in Chinese).
[3]	Fiat A, Shamir A. How to prove yourself: Practical solutions to identification and signature problems [J].Lecture Notes in Computer Science, 1987, 263: 186-194.
[4]	Shamir A. How to share a secret [J]. Communications of the ACM, 1979, 22(11): 612-613.

A Strategy for Middleman Attack Prevention in Remote Desktop Protocol

A Strategy for Middleman Attack Prevention in Remote Desktop Protocol

可视化

摘要/Abstract

引用本文

使用本文

参考文献 4

相关文章 1

编辑推荐

Metrics

本文评价