Catching the fraudulent Man-in-the-Middle and Man-in-the-Browser

Eisen, Ori

doi:10.1016/s1353-4858(10)70046-5

Cited by 5 publications

(3 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Some others do allow first-time transfers to new accounts, but only with an extra authentication step or with a limit on the amount of money (which is sometimes adjustable by the user in the home banking environment). (3) Malware aimed at home banking can be written once and customized for each targeted bank site to allow browser injection and hijacking, a modus operandi known as Man-in-the-Browser [Eisen 2010;Curran and Dougan 2012]. Malware kits are developed as an open platform to be customized by an adversary for a specific target audience [Ollmann 2008;Alazab et al 2012].…”

Section: Security Implicationsmentioning

confidence: 99%

A Survey of Authentication and Communications Security in Online Banking

Kiljan

Simoens²,

Cock

et al. 2016

ACM Comput. Surv.

View full text Add to dashboard Cite

A survey was conducted to provide a state of the art of online banking authentication and communications security implementations. Between global regions the applied (single or multifactor) authentication schemes differ greatly, as well as the security of SSL/TLS implementations. Three phases for online banking development are identified. It is predicted that mobile banking will enter a third phase, characterized by the use of standard web technologies to develop mobile banking applications for different platforms. This has the potential to make mobile banking a target for attacks in a similar manner that home banking currently is.

show abstract

Section: Security Implicationsmentioning

confidence: 99%

A Survey of Authentication and Communications Security in Online Banking

Kiljan

Simoens²,

Cock

et al. 2016

ACM Comput. Surv.

View full text Add to dashboard Cite

show abstract

“…Roberto, Davide Ariu, Prahlad, Giacinto and Wenke Lee have presented the multiple classifier system for anomaly detection [14] that has a high detection rate against shell code attacks, polymorphic attacks and generic attacks. Ori Eisen has discussed the method of catching the man-in-the-middle and man-in-the-browser [15]. Yi pin Liao and S. S. Wang have presented the Self Certified public keys (SCPKs) which are more secure than the traditional HTTP digest authentication protocol for Session Initiation Protocol [16].…”

Section: Related Workmentioning

confidence: 99%

A Prevention Model for Session Hijack Attacks in Wireless Networks Using Strong and Encrypted Session ID

Manivannan

Sathiyamoorthy

2014

Cybernetics and Information Technologies

View full text Add to dashboard Cite

Most of the web applications are establishing the web session with the client. It is very important to protect the wireless networks against session hijacking attack. Session Hijack attack is easy to execute and difficult to detect. Wireless networks do not have specific boundary regions for the packets to be transferred. As the data packets are transferred in air, the chances of sniffing the network packets by the hackers or attackers are high by using the network sniffing tools. In this paper, we have proposed the Strong and Encrypted Session ID to prevent the session hijack attacks in web applications. Session ID is generated and the generated Session ID is encrypted, using a Secret Key Sharing algorithm and decrypted at the client side. We have tested the integrity of the session ID of length 32, 92 and 212 characters in a web application. Attacks are executed to capture the session ID of a web application. Our experimental results proved that 212 characters encrypted session ID completely prevents the session hijack attacks in web applications of wireless networks.

show abstract

“…MITM attacks exploit vulnerabilities at various levels of the OSI (Open System Interconnection) architecture: Man-inthe-browser attacks at application level [27], Secure Socket Layer (SSL) hijack at the transport level [19], IP spoofing at the network layer [33] and ARP Poisoning attacks at the data link layer [1]. Over the years these attacks have been adapted to work with new emerging network technologies such as GSM (Global System for Mobile communications) and UMTS (Universal Mobile Telecommunications System) [16], WiFi [5] and to IoT (Internet-of-Things) systems [18].…”

Section: Introductionmentioning

confidence: 99%

A Formal Verification of ArpON – A Tool for Avoiding Man-in-the-Middle Attacks in Ethernet Networks

Bruschi

Pasquale²,

Ghilardi

et al. 2022

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

Since the nineties, the Man-in-The-Middle (MITM) attack has been one of the most effective strategies adopted for compromising information security in network environments. In this paper, we focus our attention on ARP cache poisoning, which is one of the most well-known and more adopted techniques for performing MITM attacks in Ethernet local area networks. More precisely, we will prove that, in network environments with at least one malicious host in the absence of cryptography, an ARP cache poisoning attack cannot be avoided. Subsequently, we advance ArpON, an efficient and effective solution to counteract ARP cache poisoning, and we use a model-checker for verifying its safety property. Our main finding, in accordance with the above impossibility result, is that the only event that compromises the safety of ArpON is a cache poisoning that nevertheless is removed by ArpON itself after a very short period, thus making it practically infeasible to perpetrate an ARP cache poisoning attack on network hosts where ArpON is installed.

show abstract

Catching the fraudulent Man-in-the-Middle and Man-in-the-Browser

Cited by 5 publications

References 0 publications

A Survey of Authentication and Communications Security in Online Banking

A Survey of Authentication and Communications Security in Online Banking

A Prevention Model for Session Hijack Attacks in Wireless Networks Using Strong and Encrypted Session ID

A Formal Verification of ArpON – A Tool for Avoiding Man-in-the-Middle Attacks in Ethernet Networks

Contact Info

Product

Resources

About