IJISC
  • Indexed in

  • Latest News

    July 1, 2024
    Volume 13, Issue 1 of the International Journal of Information Security and Cybercrime was published
    December 27, 2023
    Volume 12, Issue 2 of the International Journal of Information Security and Cybercrime was published
    June 28, 2023
    Volume 12, Issue 1 of the International Journal of Information Security and Cybercrime was published
  • --- More News ---
  • Popular Articles

  • Heartbleed – The Vulnerability That Changed the Internet


    Author(s): BARBU, Ionuț-Daniel; BACIVAROV, Ioan

    Quick view | Full article | Citations | Views: 2,559


    Author(s) keywords: , , ,


    Reference keywords:


    Abstract:

    This article is intended to present the Heartbleed bug and will include information from statistical aspects and impact of the vulnerability to an overview of how it actually works. In addition to this, a reproduction of the exploit is described and some affected software distributions listed. For educational purposes, during this research a vulnerable version of Apache server has been targeted. The well - known, low cost device RaspberryPI built on ARM architecture serves as the hardware platform for the targeted machine and it supports a Linux image. Heartbleed vulnerability has been categorized as a critical vulnerability of the cryptographic software library OpenSSL and its name has proven to be a good choice from various perspectives. 14th of March 2012 is the day when the bug has been released after its introduction in the code. Although the discovery’s precise time is questionable by a lot of critics, at least the public disclosure date is known and that is 1st of April 2014. So 2 years have passed without notification of the existence of the bug and this raised some discussions. Some of them also targeted the SSL/TLS encryption itself as its original purpose was to protect the information. It seems that Heartbleed was introducing the exact opposite aspect of this by giving attackers the chance to gather valuable information from system’s memory. By valuable we are referring to highly sensitive information including secret keys used for traffic encryption. From a statistical point of view it is worth mentioning that it affected two thirds of the Internet as the base servers were running OpenSSL. In terms of traces left by the attack exploiting it, unfortunately it is highly unlikely to discover abnormal activity in system’s logs. The conclusion we reached while writing this article is that this vulnerability is extremely serious therefore it should be studied and tested against.



    References:

    [1]. J. Erickson, Hacking: the Art of Exploitation, 2nd Edition, No Starch Press, 2008.

    [2]. Z. Durumeric, F. Li, J. Kasten, J. Amann, J. Beekman, M. Payer, N. Weaver, A. David, V. Paxson, M. Bailey, and J. A. Halderman, The Matter of Heartbleed, ACM Internet Measurement Conference (IMC'14), 2014.

    [3]. B. Chandra, A technical view of the OpenSSL ‘Heartbleed’ vulnerability, White paper, IBM developerWorks, May 2014.

    [4]. Heartbleed, (2014, Jul 12) [Online]. Available: http://heartbleed.com/

    [5]. Heartbleed, (2014, Jul 15) [Online]. Available: en.wikipedia.org/wiki/Heartbleed

    [6]. CVE, (2014, Jul 21) [Online]. Available: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160

    [7]. OpenSSL, (2014, Aug 05) [Online]. Available: www.openssl.org/news/secadv_20140407.txt

    [8]. NMap, (2014, Aug 05) [Online]. Available: https://svn.nmap.org/nmap/scripts/ssl-heartbleed.nse



    Additional Information

    Article Title: Heartbleed – The Vulnerability That Changed the Internet
    Author(s): BARBU, Ionuț-Daniel; BACIVAROV, Ioan
    Date of Publication: 2014-12-29
    Publication: International Journal of Information Security and Cybercrime
    ISSN: 2285-9225 e-ISSN: 2286-0096
    Digital Object Identifier: 10.19107/IJISC.2014.02.06
    Issue: Volume 3, Issue 2, Year 2014
    Section: Cyber-Attacks Evolution and Cybercrime Trends
    Page Range: 49-60 (12 pages)



    Copyright ©2012-2024
    The International Journal of Information Security and Cybercrime (IJISC)

    All rights reserved
    The International Journal of Information Security and Cybercrime is a trademark of the Romanian Association for Information Security Assurance (RAISA).
    No part of this publication may be reproduced, stored in a retrieval system, photocopied, recorded or archived, without the written permission from RAISA. When authors submit their papers for publication, they agree that the copyright for their article be transferred to the Romanian Association for Information Security Assurance, if the articles are accepted for publication. The copyright covers the exclusive rights to reproduce and distribute the article, including reprints and translations.