Av
A.J. van Diepen
info
Please Note
<p>This page displays the records of the person named above and is not linked to a unique person identifier. This record may need to be merged to a profile.</p>
2 records found
1
HSTS-Enforced
Enhancing HTTP Strict Transport Security through Secure-by-Default Principles
Over the years, the web has slowly been moving towards more security. This is done to ensure integrity, authenticity, and confidentiality of the communication between clients and servers. The most significant improvement to the security on the web has been HTTPS, which provides secure communication using encryption. However, downgrade attacks can bypass HTTPS entirely by reverting the communication to the insecure HTTP protocol. HSTS is the primary defense against such attacks. However, previous research has uncovered numerous vulnerabilities in the HSTS protocol, particularly those that allow attackers to disable HSTS by invalidating its state and a method that uses HSTS headers to enable websites to track users.
In this thesis, we present HSTS-Enforced, an alternative to traditional HSTS. HSTS-Enforced effectively prevents downgrade attacks by employing a Secure-by-Default approach. Website administrators can explicitly opt out of security by specifying an HTTP-Required indicator. We propose two indicators: a new DNSSEC record and the HTTP-Required Preload list.
We demonstrate the effectiveness of HSTS-Enforced, through the creation and validation of a protocol implementation encompassing both client and server-side components. Our evaluation reveals that HSTS-Enforced eliminates the vulnerabilities found in conventional HSTS. Additionally, we show that while enhancing security, HSTS-Enforced imposes a minimal load on all involved components (i.e., client, network, and server). ...
In this thesis, we present HSTS-Enforced, an alternative to traditional HSTS. HSTS-Enforced effectively prevents downgrade attacks by employing a Secure-by-Default approach. Website administrators can explicitly opt out of security by specifying an HTTP-Required indicator. We propose two indicators: a new DNSSEC record and the HTTP-Required Preload list.
We demonstrate the effectiveness of HSTS-Enforced, through the creation and validation of a protocol implementation encompassing both client and server-side components. Our evaluation reveals that HSTS-Enforced eliminates the vulnerabilities found in conventional HSTS. Additionally, we show that while enhancing security, HSTS-Enforced imposes a minimal load on all involved components (i.e., client, network, and server). ...
Over the years, the web has slowly been moving towards more security. This is done to ensure integrity, authenticity, and confidentiality of the communication between clients and servers. The most significant improvement to the security on the web has been HTTPS, which provides secure communication using encryption. However, downgrade attacks can bypass HTTPS entirely by reverting the communication to the insecure HTTP protocol. HSTS is the primary defense against such attacks. However, previous research has uncovered numerous vulnerabilities in the HSTS protocol, particularly those that allow attackers to disable HSTS by invalidating its state and a method that uses HSTS headers to enable websites to track users.
In this thesis, we present HSTS-Enforced, an alternative to traditional HSTS. HSTS-Enforced effectively prevents downgrade attacks by employing a Secure-by-Default approach. Website administrators can explicitly opt out of security by specifying an HTTP-Required indicator. We propose two indicators: a new DNSSEC record and the HTTP-Required Preload list.
We demonstrate the effectiveness of HSTS-Enforced, through the creation and validation of a protocol implementation encompassing both client and server-side components. Our evaluation reveals that HSTS-Enforced eliminates the vulnerabilities found in conventional HSTS. Additionally, we show that while enhancing security, HSTS-Enforced imposes a minimal load on all involved components (i.e., client, network, and server).
In this thesis, we present HSTS-Enforced, an alternative to traditional HSTS. HSTS-Enforced effectively prevents downgrade attacks by employing a Secure-by-Default approach. Website administrators can explicitly opt out of security by specifying an HTTP-Required indicator. We propose two indicators: a new DNSSEC record and the HTTP-Required Preload list.
We demonstrate the effectiveness of HSTS-Enforced, through the creation and validation of a protocol implementation encompassing both client and server-side components. Our evaluation reveals that HSTS-Enforced eliminates the vulnerabilities found in conventional HSTS. Additionally, we show that while enhancing security, HSTS-Enforced imposes a minimal load on all involved components (i.e., client, network, and server).
Recurrent neural networks (RNNs) used in time series prediction are still not perfect in their predictions and improvements can still be made in the area. Most recently transformers have led to great improvements in the field of RNNs, however transformers can not be used on time series data, because the architecture of transformers does not account for the flow of time and would use future data to predict past events. This research aims to further improve the performance of machine learning models on time-series prediction. It attempts to do so by implementing a new neural network model based on the multi-head attention mechanism (used in transformers) and combining it with an already existing neural network model called long short term memory (LSTM). To test whether the newly implemented models have improved performance they are tested on a weather dataset and compared on their ability to correctly predict daily maximum temperatures. The final results however show that combining LSTM and ALSTM models does not results in an improved loss that is worth the extra instability that is added to the model and the extra computational cost that is needed to train the model.
...
Recurrent neural networks (RNNs) used in time series prediction are still not perfect in their predictions and improvements can still be made in the area. Most recently transformers have led to great improvements in the field of RNNs, however transformers can not be used on time series data, because the architecture of transformers does not account for the flow of time and would use future data to predict past events. This research aims to further improve the performance of machine learning models on time-series prediction. It attempts to do so by implementing a new neural network model based on the multi-head attention mechanism (used in transformers) and combining it with an already existing neural network model called long short term memory (LSTM). To test whether the newly implemented models have improved performance they are tested on a weather dataset and compared on their ability to correctly predict daily maximum temperatures. The final results however show that combining LSTM and ALSTM models does not results in an improved loss that is worth the extra instability that is added to the model and the extra computational cost that is needed to train the model.