Man-in-the-middle-attack: Understanding in simple words

Mallik, Avijit; Ahsan, Abid; Shahadat, Mhia Md. Zaglul; Tsou, Jia-Chi

doi:10.5267/j.ijdns.2019.1.001

Cited by 59 publications

(35 citation statements)

References 37 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…The security industry offers Security Orchestration, Automation and Response (SOAR) frameworks to provide an automated and proactive security approach to this type of critical threat [33]. • Man-in-the-Middle: The MitM attack is characterised by the presence of a malicious third party interposed between two or more communicating parties, and secretly relaying or intercepting the communication between the parties [79], [101]. For the MEC scenario, a MitM attack is categorised as an infrastructure attack, where the malicious attacker tries to hijack a specific network segment and begins to launch attacks, such as eavesdropping and phishing, on connected devices [98], [100].…”

Section: Homomorphic Encryption Social Participatory Sensing Pattern Clusteringmentioning

confidence: 99%

Multi-Access Edge Computing Architecture, Data Security and Privacy: A Review

Ali

Gregory

2021

IEEE Access

View full text Add to dashboard Cite

Multi-Access Edge Computing (MEC) is an extension of cloud computing that aims to provide computation, storage, and networking capabilities at the edge of the network in close proximity to end-users. The MEC architecture supports applications and services that bridge between cloud computing and end-users. The architecture includes devices and systems that are interconnected, layered, and flexibly deployed. As a result of the technological advancements, MEC is facing a myriad of highly sophisticated threats. This paper provides a review of MEC Architecture, use cases, conceptual guidelines for MEC security architecture, security and privacy techniques, and identifies current and future challenges, their implications, and approaches to overcome the challenges. This research examined significant threats, described the MEC architecture, identified the susceptible functional layers, the different categories of threats, and the potential security safeguards. The research recommends that MEC providers should implement multiple layers of security controls to mitigate targeted attacks.

show abstract

Section: Homomorphic Encryption Social Participatory Sensing Pattern Clusteringmentioning

confidence: 99%

Multi-Access Edge Computing Architecture, Data Security and Privacy: A Review

Ali

Gregory

2021

IEEE Access

View full text Add to dashboard Cite

show abstract

“…This can include credit card information or any other sensitive data. Additionally, the attacker continues to pass the submitted information to the legitimate website so that original transaction is not affected [45].…”

Section: 54) Man-in-the-middle Attackmentioning

confidence: 99%

“…They lack of using safe standards. In most cases, after getting all the required authentications, fake websites may redirect users to their original website having SSL certificates to fool users [45,46].…”

Section: 55) Secure Socket Layer (Ssl) Attackmentioning

confidence: 99%

An Advanced Taxonomy for Social Engineering Attacks

Aldawood¹,

Skinner²

2020

IJCA

View full text Add to dashboard Cite

Rapid technological advancement has not only resulted in a change in the pace of economic development, but also led to increase in cyber-threats. A social engineering attack is one such threat where an attacker not only accesses critical information about a user through technology, but also through manipulation. Although the types of attacks are different i.e. social, physical, technical or socio-technical, the process is the same. This study creates an advanced taxonomy of social engineering attacks with the aim of facilitating the development and implementation of better prevention measures, stressing the importance of organizational awareness.

show abstract

“…However, this way of building the table is not effective in mitigating the ARP Cache Poisoning Attack. This is because of the fact that the attacker can carry out a DHCP spoofing attack [37] which can corrupt or poison the IP-MAC bindings maintained by the Controller. Hence, creation of trusted IP-MAC bindings table in all these solutions is a major issue.…”

Section: Issues With Ip-mac Address Bindings On the Controller Based mentioning

confidence: 99%

Mitigating ARP Cache Poisoning Attack in Software-Defined Networking (SDN): A Survey

Shah

Cosgrove

2019

Electronics

View full text Add to dashboard Cite

Address Resolution Protocol (ARP) is a widely used protocol that provides a mapping of Internet Protocol (IP) addresses to Media Access Control (MAC) addresses in local area networks. This protocol suffers from many spoofing attacks because of its stateless nature and lack of authentication. One such spoofing attack is the ARP Cache Poisoning attack, in which attackers poison the cache of hosts on the network by sending spoofed ARP requests and replies. Detection and mitigation of ARP Cache Poisoning attack is important as this attack can be used by attackers to further launch Denial of Service (DoS) and Man-In-The Middle (MITM) attacks. As with traditional networks, an ARP Cache Poisoning attack is also a serious concern in Software Defined Networking (SDN) and consequently, many solutions are proposed in the literature to mitigate this attack. In this paper, a detailed survey on various solutions to mitigate ARP Cache Poisoning attack in SDN is carried out. In this survey, various solutions are classified into three categories: Flow Graph based solutions; Traffic Patterns based solutions; IP-MAC Address Bindings based solutions. All these solutions are critically evaluated in terms of their working principles, advantages and shortcomings. Another important feature of this survey is to compare various solutions with respect to different performance metrics, e.g., attack detection time, ARP response time, calculation of delay at the Controller etc. In addition, future research directions are also presented in this survey that can be explored by other researchers to propose better solutions to mitigate the ARP Cache Poisoning attack in SDN.

show abstract

Man-in-the-middle-attack: Understanding in simple words

Cited by 59 publications

References 37 publications

Multi-Access Edge Computing Architecture, Data Security and Privacy: A Review

Multi-Access Edge Computing Architecture, Data Security and Privacy: A Review

An Advanced Taxonomy for Social Engineering Attacks

Mitigating ARP Cache Poisoning Attack in Software-Defined Networking (SDN): A Survey

Contact Info

Product

Resources

About