Man in The Middle Attacks Against SSL/TLS: Mitigation and Defeat

Alwazzeh, M.; Karaman, Sameer; Shamma, Mohammad

doi:10.13052/jcsm2245-1439.933

Cited by 10 publications

(10 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This is one of the downsides of the TLS protocol. In addition, TLS has the potential to be susceptible to man-in-themiddle (MiTM) attacks [182]. However, TLS can also increase the processing overhead and communication latency, which may be problematic in resource-constrained IoT devices with limited processing power and battery life.…”

Section: Transport Layer Security (Tls)mentioning

confidence: 99%

A Critical Cybersecurity Analysis and Future Research Directions for the Internet of Things: A Comprehensive Review

Tariq

Ahmed

Bashir

et al. 2023

Sensors

112

View full text Add to dashboard Cite

The emergence of the Internet of Things (IoT) technology has brought about tremendous possibilities, but at the same time, it has opened up new vulnerabilities and attack vectors that could compromise the confidentiality, integrity, and availability of connected systems. Developing a secure IoT ecosystem is a daunting challenge that requires a systematic and holistic approach to identify and mitigate potential security threats. Cybersecurity research considerations play a critical role in this regard, as they provide the foundation for designing and implementing security measures that can address emerging risks. To achieve a secure IoT ecosystem, scientists and engineers must first define rigorous security specifications that serve as the foundation for developing secure devices, chipsets, and networks. Developing such specifications requires an interdisciplinary approach that involves multiple stakeholders, including cybersecurity experts, network architects, system designers, and domain experts. The primary challenge in IoT security is ensuring the system can defend against both known and unknown attacks. To date, the IoT research community has identified several key security concerns related to the architecture of IoT systems. These concerns include issues related to connectivity, communication, and management protocols. This research paper provides an all-inclusive and lucid review of the current state of anomalies and security concepts related to the IoT. We classify and analyze prevalent security distresses regarding IoT’s layered architecture, including connectivity, communication, and management protocols. We establish the foundation of IoT security by examining the current attacks, threats, and cutting-edge solutions. Furthermore, we set security goals that will serve as the benchmark for assessing whether a solution satisfies the specific IoT use cases.

show abstract

Section: Transport Layer Security (Tls)mentioning

confidence: 99%

A Critical Cybersecurity Analysis and Future Research Directions for the Internet of Things: A Comprehensive Review

Tariq

Ahmed

Bashir

et al. 2023

Sensors

112

View full text Add to dashboard Cite

show abstract

“…Security issues at the transport layer encompass a wide range of threats, including session hijacking, man-in-the-middle attacks, and denial-of-service (DoS) attacks. TCP/IP protocols like TCP and UDP are vulnerable to these attacks due to their connection-oriented and connectionless nature, respectively [184]- [187]. TCP-based attacks, such as SYN flooding and TCP reset attacks, exploit weaknesses in the TCP handshake process to overwhelm target systems with a high volume of malicious traffic, causing service disruptions or denial of service.…”

Section: Traffic Analysismentioning

confidence: 99%

TCP/IP stack transport layer performance, privacy, and security issues

Oroo Oyondi Felix

2024

World J. Adv. Eng. Technol. Sci.

View full text Add to dashboard Cite

Transmission Control Protocol/ Internet Protocol (TCP/IP) is the backbone of Internet transmission. The Transport Layer of the TCP/IP stack, which includes TCP (Transmission Control Protocol) and UDP (User Datagram Protocol) protocols, plays a crucial role in ensuring reliable communication between devices over a network. To come up with measures that make networks more secure, it is important to learn about the vulnerabilities that exist in the transport TCP/IP stack and then have an understanding of the typical attacks carried out in such layer. This paper explores how the TCP Protocol works, the TCP/IP 3 Way Handshake, TCP Header Structure, the typical vulnerabilities and the classical attacks of transport layer TCP/IP, tools, and solutions adopted to prevent and reduce the chances of some of these attacks. The findings indicated that the major TCP/ IP stack transport layer threats include Finger printing, SYN Flood, TCP reassembly and sequencing, IP Spoofing, TCP session hijacking, RST and FIN denial of service attack, Ping of Death, Low Rate/ Shrew Attacks. Their preventive measures and mechanisms are discussed.

show abstract

“…Alwazzeh et al [15] the researchers developed a novel model comprising two sender and receiver systems in order to counter MITM attacks, specifically using the public key environment and the private key to enhance the system"s performance, as well as improve the efficiency, reliability, and confidentiality of the server-client data transfer. Public and private key creation and distribution is carried out using ECC and Diff-Helman cryptography, hybrid AES and Blowfish encryption, in addition to ECDS and SHA-256 authentication and integration.…”

Section: Related Workmentioning

confidence: 99%

Provably curb man-in-the-middle attack-based ARP spoofing in a local network

Nasser

Hussain

2022

Bulletin EEI

View full text Add to dashboard Cite

Even today, internet users’ data security remains a significant concern. One problem is ARP poisoning, otherwise referred to as ARP spoofing. Such attacks are intended to exploit the identified ARP protocol vulnerability. Despite no straightforward remedy for ARP spoofing being apparent, certain actions may be taken to maintain one’s safety. The most basic and common defence against a poisoning attack is manually adding MAC and IP addresses to the static ARP cache table. However, this solution is ineffective for large networks where static entries require considerable time and effort to maintain, whether by human input or via special tools and settings for the static entries of network devices. Accordingly, this paper aimed to monitor network packet information and detect the behaviour of ARP poison attacks on operating systems, for instance Windows and Linux. The discovery and defence policy systematically and periodically check the MAC addresses in the ARP table, enabling alerts to be issued if a duplicate entry is detected. This enables the poison-IP address to be blocked before a reply is sent. Finally, the results showed that the superiority was successfully achieved in the detection, prevention and reporting mechanisms in the real-world environment.

show abstract

Man in The Middle Attacks Against SSL/TLS: Mitigation and Defeat

Cited by 10 publications

References 20 publications

A Critical Cybersecurity Analysis and Future Research Directions for the Internet of Things: A Comprehensive Review

A Critical Cybersecurity Analysis and Future Research Directions for the Internet of Things: A Comprehensive Review

TCP/IP stack transport layer performance, privacy, and security issues

Provably curb man-in-the-middle attack-based ARP spoofing in a local network

Contact Info

Product

Resources

About