One of the most critical and talked about Open Secure Socket Layer (SSL) and Transport Layer Security (TLS) threats is Heartbleed vulnerability. This vulnerability affects the “Heartbeat protocol” of the open SSL library. HeartBleed manipulates the Heartbeat protocol to get access and read the memory of the vulnerable web servers. OpenSSL is used in HTTPS for internet security. As OpenSSL vulnerability, heartbeat has affected websites, web servers, VPN concentrators, client applications and mobile devices. The sensitive information that may be retrieved using this vulnerability includes Primary and secondary key material, and protected content. A patch for this vulnerability exists since 2014 yet there are a good number of web platform vulnerable to this threat. This paper focuses on the attack technique of Heartbleed vulnerability. This paper’s primary contribution is the detail analysis of affect of the Heartbleed vulnerability on the web platform of Bangladesh. As a newly emerging country in the digital world, Bangladesh needs to be prepared to the existing threats. This paper attempts to guide web developers of Bangladesh to secure the web platform against the Heartbleed vulnerability.
|Number of pages||6|
|Journal||International Journal of Cyber-Security and Digital Forensics|
|Publication status||Published - 2018|