A Survey of Man In The Middle Attacks

@article{Conti2016ASO,
  title={A Survey of Man In The Middle Attacks},
  author={Mauro Conti and Nicola Dragoni and Viktor Lesyk},
  journal={IEEE Communications Surveys \& Tutorials},
  year={2016},
  volume={18},
  pages={2027-2051}
}
The Man-In-The-Middle (MITM) attack is one of the most well known attacks in computer security, representing one of the biggest concerns for security professionals. MITM targets the actual data that flows between endpoints, and the confidentiality and integrity of the data itself. In this paper, we extensively review the literature on MITM to analyse and categorize the scope of MITM attacks, considering both a reference model, such as the open systems interconnection (OSI) model, as well as two… 
View on IEEE
orbit.dtu.dk
288 Citations
Highly Influential Citations
15
Background Citations
155
Methods Citations
20

288 Citations

Citation Type

Citation Type

Man in the Middle Attacks: Analysis, Motivation and Prevention
TLDR
This paper aims to present some of mechanism for the prevention of Man in the Middle attacks and to identify some of the future research directions in such area.
Browser-in-the-Middle (BitM) attack
TLDR
Modelling and describing a new method of attack, named Browser-in-the-Middle (BitM), which, despite the similarities with MitM in the way it controls the data flow between a client and the service it accesses, bypasses some of MitM’s typical shortcomings.
Understanding Man-in-the-middle-attack through Survey of Literature
TLDR
The result showed that the MITM has correlation to the user behavior, in which this must be considered and careful understood for the way how to solve this problem.
MAN IN THE MIDDLE (MITM) ATTACK DETECTION TOOL DESIGN
TLDR
A simple, fast and reliable MITM attack detection tool for LAN users who are often exposed to the threat, which detects ARP Spoofing/Poisoning attacks on clients is designed.
Man-in-the-Middle (MITM) Attack Based Hijacking of HTTP Traffic Using Open Source Tools
TLDR
This work demonstrates the MITM attack over secure network connections and rerouting of all the traffic from victim's machine towards the attacker's machine.
MAN-IN-THE-MIDDLE-ATTACK: UNDERSTANDING IN SIMPLE WORDS
  • Avijit Mallik
  • Computer Science
    Cyberspace: Jurnal Pendidikan Teknologi Informasi
  • 2019
TLDR
The view of understanding the term of ‘men-in-the-middle-attack’ is essentially included to accumulate related data/information in a single article so that it can be a reference to conduct research further on this topic at college/undergraduate level.
A Research of MITM Attacks in Wi-Fi Networks Using Single-board Computer
TLDR
The article describes how to implement MITM attack using different utilities and presents materials demonstrating realization of this attack, including the use of a remote connection to a single-board computer like a Raspberry Pi and the possibilities of using it in listening to user information via Wi-Fi networks.
Man in the Middle: Attack and Protection
TLDR
The current situation of cybersecurity and usage of Man-In-TheMiddle attacks, what constitutes a proper MITM attack, why this approach is chosen among many other options, how such an attack is implemented in a real-life scenario and how to achieve maximal protection for both individuals and systems are explored.
Vulnerability Assessment and Evaluation of Associated Attacks on Physical and Virtual Networks
TLDR
The research concluded that when strong cryptographic algorithms for key generation such as Diffie-Hellman and Blowfish algorithm for data encryption are rooted in the network either during configuration or during configuration, the security of data over SSL and HTTPs of such a network can be greatly enhanced and vulnerabilities greatly reduced.
Real-World Man-in-the-Middle (MITM) Attack Implementation Using Open Source Tools for Instructional Use
TLDR
This paper attempts to implement the Man-in-the-middle (MITM) attack for instructional use in an academic setup for teaching a foundational cybersecurity course using the open source Ettercap tool in Kali Linux environment.
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 243 REFERENCES
Analysis of a Man-inthe-Middle Experiment with Wireshark
TLDR
An experiment was employed to demonstrate a form of active attacks, called Man-in-the-middle (MITM) attack, in which the entire communication between the victims is controlled by the attacker.
A low-cost embedded IDS to monitor and prevent Man-in-the-Middle attacks on wired LAN environments
  • J. Belenguer, C. M. Calafate
  • Computer Science
    The International Conference on Emerging Security Information, Systems, and Technologies (SECUREWARE 2007)
  • 2007
TLDR
This work presents a low-cost embedded IDS which is able to detect and/or prevent MitM attacks automatically and efficiently and can be produced at a very low cost, which is attractive for large scale production and deployment.
Using JPCAP to Prevent Man-in-the-Middle Attacks in a Local Area Network Environment
TLDR
The methodology to prevent MITM attacks conducted by ARP spoofing is to first assign unique IP addresses to every node on the local area network (LAN) based upon their MAC address.
A man-in-the-middle attack on UMTS
TLDR
A man-in-the-middle attack on the Universal Mobile Telecommunication Standard (UMTS), one of the newly emerging 3G mobile technologies, is presented, showing that an attacker can mount an impersonation attack since GSM base stations do not support integrity protection.
Different flavours of Man-In-The-Middle attack, consequences and feasible solutions
TLDR
Different types of MITM attacks, their consequences and feasible solutions under different circumstances are emphasized giving users options to choose one from various solutions.
Stealth and semi-stealth MITM attacks, detection and defense in IPv4 networks
TLDR
This paper proposes two new attacks namely Stealth MITM(SMITM) and Semi-Stealth MITM (SSMITM) at the Data Link Layer using ARP Spoofing which add stealth capabilities to MITM attacks, thereby concealing the identity of an attacker.
A Survey on Man in the Middle Attack
TLDR
This survey paper on man in the middle attack focuses on the execution of man inThe middle attack on Diffie-Hellman and what are the different methods with which it can be performed and the various defenses against the attack.
On the Effective Prevention of TLS Man-in-the-Middle Attacks in Web Applications
TLDR
This paper uses Channel ID-based authentication in combination with server invariance to create a novel mechanism that is called SISCA: Server Invariance with Strong Client Authentication, which resists user impersonation via TLS MITM attacks, regardless of how the attacker is able to successfully achieve server impersonation.
X.509 Forensics: Detecting and Localising the SSL/TLS Men-in-the-Middle
TLDR
The development and deployment of Crossbear is reported on, a tool to detect MitM attacks on SSL/TLS and localise their position in the network with a fair degree of confidence and the degree of effectivity that Crossbear achieves against attackers of different kinds and strengths is analysed.
On the impact of GSM encryption and man-in-the-middle attacks on the security of interoperating GSM/UMTS networks
  • Ulrike Meyer, S. Wetzel
  • Computer Science
    2004 IEEE 15th International Symposium on Personal, Indoor and Mobile Radio Communications (IEEE Cat. No.04TH8754)
  • 2004
TLDR
To protect UMTS connections from GSM attacks by integrating an additional authentication and key agreement on intersystem handovers between GSM and UMTS.
...
1
2
3
4
5
...