Analysing Heartbleed vulnerability in OpenSSL
Author(s):
Shuchi B. Shah
Keywords:
Abstract
Abstract–A OpenSSL versions 1.0.1 through 1.0.1f—introduced beginning in March 2012—had a serious memory handling flaw in their implementation of the TLS Heartbeat Extension. This extension helps maintain user Internet connections without the need for continuous data transfers. Attackers could exploit the bug to access an application’s memory, including sensitive data and private encryption keys. The latter could let them launch man-in-the middle attacks and decode intercepted communications. This has been introduced as the worst vulnerability in the modern internet. Existence of this vulnerability for two years without being discovered illustrates that a lot of important open source Internet software is not funded, developed, or reviewed carefully enough and the testing tools are not advanced enough to detect it.
Article Details
Unique Paper ID: 102323

Publication Volume & Issue: Volume 1, Issue 12

Page(s): 1536 - 1541
Article Preview & Download


Share This Article

Join our RMS



Conference Alert

NCSEM 2024

National Conference on Sustainable Engineering and Management - 2024

Last Date: 15th March 2024

Latest Publication

Call For Paper

Volume 10 Issue 10

Last Date for paper submitting for March Issue is 25 June 2024

About Us

IJIRT.org enables door in research by providing high quality research articles in open access market.

Send us any query related to your research on editor@ijirt.org

Social Media

Google Verified Reviews

Contact Details

Telephone:6351679790
Email: editor@ijirt.org
Website: ijirt.org

Policies

Important Links

Browse Rsearch papers