Understanding Man-in-the-middle-attack through Survey of Literature

Mallik, Avijit; Ahsan, Abid; Shahadat, Mhia Md. Zaglul; Tsou, Jia-Chi

doi:10.35806/ijoced.v1i1.36

Cited by 7 publications

(5 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…There may be many objectives for an attack either using the data overheard for a subsequent action or changing the data before it reaches the other party. The attacker extracts information to be used in many ways: fraud, unapproved support exchanges, blackmail, credential theft, and spying [37].…”

Section: Man-in-the-middlementioning

confidence: 99%

“…A MITM attack intercepts the victim's activity through the attacker's system before it is routed to its intended destination. The attacker gains access to an unsecured network, often targeting networks in public areas such as Wi-Fi access points [37]. This provides the attacker with an avenue to deploy tools that intercept information between the victims, often targeting personal computers where their connection to websites is monitored.…”

Section: Man-in-the-middlementioning

confidence: 99%

“…This provides the attacker with an avenue to deploy tools that intercept information between the victims, often targeting personal computers where their connection to websites is monitored. This can result in credentials, financial details, and personally identifiable information being captured [37]. There are several types of MITM attacks, and the man-in-the-browser variant injects malicious software into the victim's computer or mobile device through phishing.…”

Section: Man-in-the-middlementioning

confidence: 99%

See 2 more Smart Citations

Impact, Vulnerabilities, and Mitigation Strategies for Cyber-Secure Critical Infrastructure

Riggs

Tufail

Parvez

et al. 2023

Sensors

View full text Add to dashboard Cite

Several critical infrastructures are integrating information technology into their operations, and as a result, the cyber attack surface extends over a broad range of these infrastructures. Cyber attacks have been a serious problem for industries since the early 2000s, causing significant interruptions to their ability to produce goods or offer services to their clients. The thriving cybercrime economy encompasses money laundering, black markets, and attacks on cyber-physical systems that result in service disruptions. Furthermore, extensive data breaches have compromised the personally identifiable information of millions of people. This paper aims to summarize some of the major cyber attacks that have occurred in the past 20 years against critical infrastructures. These data are gathered in order to analyze the types of cyber attacks, their consequences, vulnerabilities, as well as the victims and attackers. Cybersecurity standards and tools are tabulated in this paper in order to address this issue. This paper also provides an estimate of the number of major cyber attacks that will occur on critical infrastructure in the future. This estimate predicts a significant increase in such incidents worldwide over the next five years. Based on the study’s findings, it is estimated that over the next 5 years, 1100 major cyber attacks will occur on critical infrastructures worldwide, each causing more than USD 1 million in damages.

show abstract

Section: Man-in-the-middlementioning

confidence: 99%

Section: Man-in-the-middlementioning

confidence: 99%

Section: Man-in-the-middlementioning

confidence: 99%

See 1 more Smart Citation

Impact, Vulnerabilities, and Mitigation Strategies for Cyber-Secure Critical Infrastructure

Riggs

Tufail

Parvez

et al. 2023

Sensors

View full text Add to dashboard Cite

show abstract

“…In this situation, the attacker discovers that the existing security controls provided by the CSP of Prime MotorX have not been correctly implemented, leading to vulnerabilities that grant unauthorized access to the processing layer's resources. One example is the attacker's use of a MITM attack [104] to intercept web traffic and access sensitive information within Prime MotorX's processing layer due to the lack of web traffic encryption. This attack can have severe consequences, enabling the attacker to obtain user credentials and sensitive corporate and customer data, potentially disrupting production or gaining control over Prime MotorX's entire IT environment.…”

Section: Scenario−7mentioning

confidence: 99%

A Critical Overview of Industrial Internet of Things Security and Privacy Issues Using a Layer-Based Hacking Scenario

Eyeleko,

Feng

2023

IEEE Internet Things J.

View full text Add to dashboard Cite

We have witnessed significant technological advancement over the past few years, including the Internet of Things (IoT). The IoT's ability to connect consumer appliances to the internet has changed the way we live. As a result of the significant benefits that IoT has brought to household usage, it has become a topic of discussion for research departments, leading to its expansion into industrial sectors, commonly known as the Industrial Internet of Things (IIoT). IIoT enables automation and the use of intelligent machines to improve product manufacturing processes and enhance our lives as customers. However, as IIoT-enabling technology and applications continue to grow, security issues and privacy protection challenges become harder to manage, which frequently results in data breaches and sensitive information disclosures. This paper first explains what the reader needs to know about the IIoT system architecture in Industry 4.0 to make it easier for them to understand. Second, a hacking scenario is utilized as a methodology to conduct an in-depth analysis of various security issues, as well as their impacts and countermeasures, for each level of the IIoT architecture. Additionally, our hacking scenarios present a variety of targets from which malicious actors can launch their assaults. Third, we provide a thorough review of the various blockchain solutions currently being employed to protect IIoT systems. Finally, this paper draws to a close by outlining certain gaps and potential solutions that could be investigated in subsequent studies to strengthen security and enhance privacy for IIoT systems.

show abstract

“…This attack is quite dangerous because the attacker can sniff the sent packet's information, potentially data hijacking [15]. MITM attacks are likely ball situations where two players intend to pass the ball to each other while one player between them tries to grab it [16]. MITM attacks focus on the information flowing between the endpoints, confidentiality, and the information's accuracy.…”

Section: Introductionmentioning

confidence: 99%

Block-hash of blockchain framework against man-in-the-middle attacks

Riadi

Umar

Busthomi

et al. 2021

regist. j. ilm. teknol. sist. inf.

View full text Add to dashboard Cite

Payload authentication is vulnerable to Man-in-the-middle (MITM) attack. Blockchain technology offers methods such as peer to peer, block hash, and proof-of-work to secure the payload of authentication process. The implementation uses block hash and proof-of-work methods on blockchain technology and testing is using White-box-testing and security tests distributed to system security practitioners who are competent in MITM attacks. The analyisis results before implementing Blockchain technology show that the authentication payload is still in plain text, so the data confidentiality has not minimize passive voice. After implementing Blockchain technology to the system, white-box testing using the Wireshark gives the result that the authentication payload sent has been well encrypted and safe enough. The percentage of security test results gets 95% which shows that securing the system from MITM attacks is relatively high. Although it has succeeded in securing the system from MITM attacks, it still has a vulnerability from other cyber attacks, so implementation of the Blockchain needs security improvisation.

show abstract

Understanding Man-in-the-middle-attack through Survey of Literature

Cited by 7 publications

References 17 publications

Impact, Vulnerabilities, and Mitigation Strategies for Cyber-Secure Critical Infrastructure

Impact, Vulnerabilities, and Mitigation Strategies for Cyber-Secure Critical Infrastructure

A Critical Overview of Industrial Internet of Things Security and Privacy Issues Using a Layer-Based Hacking Scenario

Block-hash of blockchain framework against man-in-the-middle attacks

Contact Info

Product

Resources

About