Man-in-the-middle attacks on Secure Simple Pairing in Bluetooth standard V5.0 and its countermeasure

Sun, Da‐Zhi; Mu, Yi; Susilo, Willy

doi:10.1007/s00779-017-1081-6

Cited by 53 publications

(30 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Hypponen and Haataja (2007), made a research on secure Bluetooth communication and showed their developed system was capable of preventing MITM attack (Hypponen & Haataja, 2007). Sun et al, 2018 andSaif et al, 2018; made similar type of researches on updated version of Bluetooth networks security and discussed about new techniques to prevent MITM in two party's communication (Sun et al, 2018;Saif et al, 2018). Ouafi et al (2008), Callegati et al (2009), Joshi et al, (2009), Desmedt, (2011 and Sounthiraraj et al, (2014) conducted researches about HTTP security and those researches found MITM as a very serious threat and those also discussed about the prevention techniques (Ouafi et al, 2008;Callegati et al, 2009;Joshi et al, 2009;Desmedt, 2011;Sounthiraraj et al, 2014).…”

Section: Literature Reviewmentioning

confidence: 99%

“…Effective MITM execution has two distinct stages: interception and decryption; which involves being within physical closeness to the intended target, and another that exclusive involves malware, known as a man-in-the-browser (MITB) attack. With a conventional MITM attack, the attacker needs access to an unsecured, or ineffectively anchored Wi-Fi switch (Li et al, 2017;Rahim, 2017;Fei et al, 2018;Howell et al, 2018;Sun et al, 2018). These sorts of associations are by and large found out in the open territories with free Wi-Fi hotspots, and even in a few people's homes.…”

Section: Progression Of 'Man-in-the-middle-attack'mentioning

confidence: 99%

“…Subsequently, information sent by the client to the host ip deliver is instead transmitted to the attacker (Meyer & Wetzel, 2004;Kish, 2006;Hypponen & Haataja, 2007;Ouafi et al, 2008;Callegati et al, 2009;Joshi et al, 2009;Desmedt, 2011) • DNS spoofing, otherwise called DNS store poisoning, involves infiltrating a DNS server and altering a site's address record. Accordingly, clients attempting to get to the site are sent by the adjusted dns record to the attacker's site (Ouafi et al, 2008;Joshi et al, 2009;Khader et al, 2015;Howell et al, 2018;Sun et al, 2018;Usman et al, 2018;Kuo et al, 2018;Saif et al, 2018; 'man in the middle (mitm) attack' (incapsula co.)).…”

Section: Interceoptionmentioning

confidence: 99%

See 2 more Smart Citations

Man-in-the-middle-attack: Understanding in simple words

Mallik¹,

Ahsan²,

Shahadat³

et al. 2019

10.5267/j.ijdns

View full text Add to dashboard Cite

These days cyberattack is a serious criminal offense and it is a hotly debated issue moreover. A man-in-the-middle-attack is a kind of cyberattack where an unapproved outsider enters into an online correspondence between two users, remains escaped the two parties. The malware that is in the middle-attack often monitors and changes individual/classified information that was just realized by the two users. A man-in-the-middle-attack as a protocol is subjected to an outsider inside the system, which can access, read and change secret information without keeping any tress of manipulation. This issue is intense, and most of the cryptographic systems without having a decent authentication security are threatened to be hacked by the malware named 'men-in-themiddle-attack' (MITM/MIM). This paper essentially includes the view of understanding the term of 'men-in-the-middle-attack'; the current work is mainly emphasized to accumulate related data/information in a single article so that it can be a reference to conduct research further on this topic at college/undergraduate level. This paper likewise audits most cited research and survey articles on 'man-in-the-middle-attack' recorded on 'Google Scholar'. The motivation behind this paper is to help the readers for understanding and familiarizing the topic 'man-in-the-middle attack'.

show abstract

Section: Literature Reviewmentioning

confidence: 99%

Section: Progression Of 'Man-in-the-middle-attack'mentioning

confidence: 99%

Section: Interceoptionmentioning

confidence: 99%

See 1 more Smart Citation

Man-in-the-middle-attack: Understanding in simple words

Mallik¹,

Ahsan²,

Shahadat³

et al. 2019

10.5267/j.ijdns

View full text Add to dashboard Cite

show abstract

“…The stages involve physical closeness to the intended target, and another that exclusive involves malware, known as a man-in-the-browser (MITB) attack. With a conventional MITM attack, the attacker needs access to an unsecured, or ineffectively anchored Wi-Fi switch (Sun et al, 2018). These sorts of associations are by and large found out in the open territories with free Wi-Fi hotspots, and even in a few people's homes.…”

Section: Progress Of Mitmmentioning

confidence: 99%

Understanding Man-in-the-middle-attack through Survey of Literature

Mallik

Ahsan

Shahadat

et al. 2019

IJoCED

View full text Add to dashboard Cite

These days cyberattack is a serious criminal offense and it is a hotly debated issue moreover. A man-in-the-middle-attack (MITM) is a kind of cyberattack where an unapproved outsider enters into an online correspondence between two users, remains escaped the two parties. The malware that is in the middle-attack often monitors and changes individual/classified information that was just realized by the two users. A man-in-the-middle-attack as a protocol is subjected to an outsider inside the system, which can access, read and change secret information without keeping any tress of manipulation. This issue is intense, and most of the cryptographic systems without having a decent authentication security are threatened to be hacked by the malware named MITM. This paper essentially includes the view of understanding the term of MITM; the current work is mainly emphasized to accumulate related data/information in a single article so that it can be a reference to conduct research further on this topic at college/undergraduate level. This paper likewise audits most cited research and survey articles on MITM recorded on 'Google Scholar'. The result showed that the MITM has correlation to the user behavior, in which this must be considered and careful understood for the way how to solve this problem. The motivation behind this paper is to help the readers for understanding and familiarizing the topic 'man-in-the-middle attack'.

show abstract

“…Typically, sensor devices can communicate with smartphones by key pairing using a Bluetooth protocol, and communicate with MCUs by sharing radio pipe addresses [20]. These typical approaches do not protect from malicious sensor attacks, or they do not recognize the issues that might occur in the sensor device side [21,22].…”

Section: Wireless Network Securitymentioning

confidence: 99%

Trustworthiness of Dynamic Moving Sensors for Secure Mobile Edge Computing

Yoon

2018

Computers

View full text Add to dashboard Cite

Wireless sensor network is an emerging technology, and the collaboration of wireless sensors becomes one of the active research areas for utilizing sensor data. Various sensors collaborate to recognize the changes of a target environment, to identify, if any radical change occurs. For the accuracy improvement, the calibration of sensors has been discussed, and sensor data analytics are becoming popular in research and development. However, they are not satisfactorily efficient for the situations where sensor devices are dynamically moving, abruptly appearing, or disappearing. If the abrupt appearance of sensors is a zero-day attack, and the disappearance of sensors is an ill-functioning comrade, then sensor data analytics of untrusted sensors will result in an indecisive artifact. The predefined sensor requirements or meta-data-based sensor verification is not adaptive to identify dynamically moving sensors. This paper describes a deep-learning approach to verify the trustworthiness of sensors by considering the sensor data only. The proposed verification on sensors can be done without having to use meta-data about sensors or to request consultation from a cloud server. The contribution of this paper includes (1) quality preservation of sensor data for mining analytics. The sensor data are trained to identify their characteristics of outliers: whether they are attack outliers, or outlier-like abrupt changes in environments; and (2) authenticity verification of dynamically moving sensors, which was possible. Previous unknown sensors are also identified by deep-learning approach.

show abstract

Man-in-the-middle attacks on Secure Simple Pairing in Bluetooth standard V5.0 and its countermeasure

Cited by 53 publications

References 23 publications

Man-in-the-middle-attack: Understanding in simple words

Man-in-the-middle-attack: Understanding in simple words

Understanding Man-in-the-middle-attack through Survey of Literature

Trustworthiness of Dynamic Moving Sensors for Secure Mobile Edge Computing

Contact Info

Product

Resources

About