Methods of counteraction of bypassing two-factor authentication using reverse proxy

Вантажиться...
Ескіз

Дата

2021

Науковий керівник

Назва журналу

Номер ISSN

Назва тому

Видавець

Igor Sikorsky Kyiv Polytechnic Institute

Анотація

The existing solutions for counteracting and preventing the interception of data and tokens of two-factor authentication are considered. Features that may indicate the presence of a silent reverse proxy server are chosen. It is proposed to analyze the information about additional time anomalies, which are usually created by the proxy server. The advantage of this approach is that the time characteristics information is generated on the client-side, and the malicious proxy server cannot modify it. Machine learning methods were used to detect implicit signs of the presence of a proxy server. A new method of detecting a silent reverse proxy server that satisfies the following conditions is proposed: 1) the human factor is minimized, 2) use by an individual user is possible, 3) the method has an acceptable impact on performance and can be used in real-time.

Опис

Ключові слова

two-factor authentication, silent reverse proxy servers, prevention

Бібліографічний опис

Vlasenko, A. Methods of counteraction of bypassing two-factor authentication using reverse proxy / Andrii Vlasenko, Iryna Stopochkina, Mykola Ilin // Theoretical and Applied Cybersecurity : scientific journal. – 2021. – Vol. 3, Iss. 1. – Pp. 33–37. – Bibliogr.: 8 ref.