Understanding Man-in-the-middle-attack through Survey of Literature
DOI:
https://doi.org/10.35806/ijoced.v1i1.36Keywords:
Men-In-The-Middle, Cryptography, Internet Security, Wireless Communication, MalwareAbstract
These days cyberattack is a serious criminal offense and it is a hotly debated issue moreover. A man-in-the-middle-attack (MITM) is a kind of cyberattack where an unapproved outsider enters into an online correspondence between two users, remains escaped the two parties. The malware that is in the middle-attack often monitors and changes individual/classified information that was just realized by the two users. A man-in-the-middle-attack as a protocol is subjected to an outsider inside the system, which can access, read and change secret information without keeping any tress of manipulation. This issue is intense, and most of the cryptographic systems without having a decent authentication security are threatened to be hacked by the malware named MITM. This paper essentially includes the view of understanding the term of MITM; the current work is mainly emphasized to accumulate related data/information in a single article so that it can be a reference to conduct research further on this topic at college/undergraduate level. This paper likewise audits most cited research and survey articles on MITM recorded on 'Google Scholar'. The result showed that the MITM has correlation to the user behavior, in which this must be considered and careful understood for the way how to solve this problem. The motivation behind this paper is to help the readers for understanding and familiarizing the topic 'man-in-the-middle attack'.
References
Conti, Mauro, Nicola Dragoni, and Viktor Lesyk. (2016). A survey of man in the middle at-tacks. IEEE Communications Surveys & Tutorials 18, 2027-2051.
Dutta AK. (2018). Deployment of Soft-Computing for System Computing and Informatics. Am J Compt Sci Inform Technol. Vol.6 No.2.
Feher, Ben, Lior Sidi, Asaf Shabtai, Rami Puzis, and Leonardas Marozas. (2018). WebRTC security measures and weaknesses. International Journal of Internet Technology and Secured Transactions 8, no. 1, 78-102
Hardin, Nicole Valdes. (2018). UNCOVERING THE SECRECY OF STINGRAYS: What Every Practitioner Needs to Know. Criminal Justice 32, no. 4, 20-24
Howell, Christopher, Robert Statica, and Kara Lynn Coppa. (2018). In-band identity verification and man-in-the-middle defense. U.S. Patent 9,906,506,
Hudaib, Adam Ali Zare. (2014). Comprehensive Social Media Security Analysis & XKeyscore Espionage Technology. International Journal of Computer Science and Security (IJCSS) 8, no. 4, 97.
Kozaczuk, Wladyslaw. (1984) Enigma: How the German Machine Cipher was Broken, and How it was Read by the Allies in World War Two (Foreign Intelligence Book Series). Lanham, MD: University Publications of America.
M. Oh, Y. -G. Kim, S. Hong, and S. Cha. (2012). Asa: agent-based secure arp cache management, IET communications, vol. 6, no. 7, pp. 685–693.
Meyer, Ulrike, and Susanne Wetzel. (2004). A man-in-the-middle attack on UMTS." In Proceedings of the 3rd ACM workshop on Wireless security, pp. 90-97.
Oh, Myeongjin, Y-G. Kim, Seungpyo Hong, and S. Cha. (2012). ASA: agent-based secure ARP cache management. IET communications 6, no. 7, 685-693.
Pansa, Detchasit, and Thawatchai Chomsiri. (2008). Architecture and protocols for secure LAN by using a software-level certificate and cancellation of ARP protocol. Third International Conference on, vol. 2, pp. 21-26
R. Philip. (2007). Securing wireless networks from arp cache poisoning. Masters Thesis, San Jose State University.
Rahim, Robbi. (2017). Man-in-the-middle-attack prevention using interlock protocol method. ARPN J. Eng. Appl. Sci 12, no. 22, 6483-6487.
Saif, Sohail, Rajni Gupta, and Suparna Biswas. (2018). Implementation of Cloud-Assisted Secure Data Transmission in WBAN for Healthcare Monitoring. In Advanced Computational and Communication Paradigms, pp. 665-674.
Schuckers, Stephanie AC. (2002). Spoofing and anti-spoofing measures. Information Security technical report 7, no. 4, 56-62
Sounthiraraj, David, Justin Sahs, Garret Greenwood, Zhiqiang Lin, and Latifur Khan. (2014). Smv-hunter: Large scale, automated detection of ssl/tls man-in-the-middle vulnerabilities in android apps. In Proceedings of the 21st Annual Network and Distributed System Security Symposium.
Su, Z., W. Timmermans, Y. Zeng, J. Schulz, V. O. John, R. A. Roebeling, P. Poli et al. (2018). An overview of European efforts in generating climate data records. Bulletin of the American Meteorological Society 99, no. 2, 349-359
Sun, Da-Zhi, Yi Mu, and Willy Susilo. (2018). Man-in-the-middle attacks on Secure Simple Pairing in Bluetooth standard V5. 0 and its countermeasure. Personal and Ubiquitous Computing 22, no. 1, 55-67.
T. Demuth and A. Leitner. (2005). Arp spoofing and poisoning: Traffic tricks. Linux magazine, vol. 56, pp. 26–31.
Valluri, Maheswara Rao. (2018). Cryptanalysis of Xinyu et al.'s NTRU-lattice based key ex-change protocol. Journal of Information and Optimization Sciences 39, no. 2, 475-479
Z. Chen, S. Guo, K. Zheng, and Y. Yang. (2007). Modeling of man-in-the middle attack in the wireless networks, in Wireless Communications, Networking and Mobile Computing. IEEE, pp. 2255–2258
