Man-in-the-Middle Attacks and Internet of Things

Čekerevac, Zoran; Dvořák, Zdeněk; Prigoda, Ludmila; Čekerevac, Petar

doi:10.12709/fbim.05.05.02.03

Cited by 7 publications

(5 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Several attacks and risks on the network layer are identified: Man-in-the-Middle (MITM) : According to McAfee [ 6 ], the most recurrent attacks are Denial of Service (DoS) and Man In the Browser (MITB) attacks. This latter, along with the Secure Socket Layer (SSL) attack, which enables attackers to listen to traffic, intercept it, and spoof both ends of the data, constitute the MITM attack [ 48 , 49 ]. Denial of Service (DoS) : This type of attacks occurs also at the network layer by jamming the transmission of radio signals, using a fake node, affecting the transmission or routing of data between nodes [ 50 , 51 ].…”

Section: Security Issues In Iotmentioning

confidence: 99%

“…Man-in-the-Middle (MITM) : According to McAfee [ 6 ], the most recurrent attacks are Denial of Service (DoS) and Man In the Browser (MITB) attacks. This latter, along with the Secure Socket Layer (SSL) attack, which enables attackers to listen to traffic, intercept it, and spoof both ends of the data, constitute the MITM attack [ 48 , 49 ].…”

Section: Security Issues In Iotmentioning

confidence: 99%

See 1 more Smart Citation

A Survey of Internet of Things (IoT) Authentication Schemes

El-Hajj

Fadlallah

Chamoun

et al. 2019

Sensors

317

151

View full text Add to dashboard Cite

The Internet of Things (IoT) is the ability to provide everyday devices with a way of identification and another way for communication with each other. The spectrum of IoT application domains is very large including smart homes, smart cities, wearables, e-health, etc. Consequently, tens and even hundreds of billions of devices will be connected. Such devices will have smart capabilities to collect, analyze and even make decisions without any human interaction. Security is a supreme requirement in such circumstances, and in particular authentication is of high interest given the damage that could happen from a malicious unauthenticated device in an IoT system. This paper gives a near complete and up-to-date view of the IoT authentication field. It provides a summary of a large range of authentication protocols proposed in the literature. Using a multi-criteria classification previously introduced in our work, it compares and evaluates the proposed authentication protocols, showing their strengths and weaknesses, which constitutes a fundamental first step for researchers and developers addressing this domain.

show abstract

Section: Security Issues In Iotmentioning

confidence: 99%

Section: Security Issues In Iotmentioning

confidence: 99%

A Survey of Internet of Things (IoT) Authentication Schemes

El-Hajj

Fadlallah

Chamoun

et al. 2019

Sensors

317

151

View full text Add to dashboard Cite

show abstract

“…The main types of IoT attacks are: (i) denial of service (DoS) attacks that can block the availability of IoT system or services so that the resources are completely exhausted; (ii) physical attacks that can tamper the device components bringing risks to the IoT systems; (iii) eavesdropping that can compromise confidentiality when there is unauthorized access of IoT end-nodes due to impersonation or man-in-the-middle (MITM) of a malicious entity in the IoT network [24]. In an MITM attack, the malicious user replaces the exchanged keys in the public key cryptosystem with its own key to establish a secure channel to gain access to private messages; (iv) access attacks that allow unauthorized entities to gain access to IoT systems or devices; and (v) other attacks, such as channel side attacks, firmware attacks, RAM attacks and ransomware.…”

Section: Iot Authentication Issues and Attacksmentioning

confidence: 99%

“…Such a secure communication channel can be used to share keys for lightweight cryptographic algorithms that are still very robust but require less computing power than the public key cryptosystems [22]. Hence, many algorithms to factor large numbers for attacking schemes such as RSA are gaining attention [23][24][25]. This motivates our research to identify the limitations of RSA-based lightweight block ciphers for IoT authentication requirements.…”

Section: Introductionmentioning

confidence: 99%

New Method of Prime Factorisation-Based Attacks on RSA Authentication in IoT

Venkatraman¹,

Overmars²

2019

Cryptography

View full text Add to dashboard Cite

The potential benefits of the Internet of Things (IoT) are hampered by malicious interventions of attackers when the fundamental security requirements such as authentication and authorization are not sufficiently met and existing measures are unable to protect the IoT environment from data breaches. With the spectrum of IoT application domains increasing to include mobile health, smart homes and smart cities in everyday life, the consequences of an attack in the IoT network connecting billions of devices will become critical. Due to the challenges in applying existing cryptographic standards to resource constrained IoT devices, new security solutions being proposed come with a tradeoff between security and performance. While much research has focused on developing lightweight cryptographic solutions that predominantly adopt RSA (Rivest–Shamir–Adleman) authentication methods, there is a need to identify the limitations in the usage of such measures. This research paper discusses the importance of a better understanding of RSA-based lightweight cryptography and the associated vulnerabilities of the cryptographic keys that are generated using semi-primes. In this paper, we employ mathematical operations on the sum of four squares to obtain one of the prime factors of a semi-prime that could lead to the attack of the RSA keys. We consider the even sum of squares and show how a modified binary greatest common divisor (GCD) can be used to quickly recover one of the factors of a semi-prime. The method presented in this paper only uses binary arithmetic shifts that are more suitable for the resource-constrained IoT landscape. This is a further improvement on previous work based on Euler’s method which is demonstrated using an illustration that allows for the faster testing of multiple sums of squares solutions more quickly.

show abstract

“…"Man in the middle" (MITM/MIM) is a kind of malware which relies on SSL/TSL protocol weakness, being correspondent in communication between two network users (Čekerevac et al, 2017;Mallik et al, 2019). In such a case, downloading of important data occurs while users can rarely detect it.…”

mentioning

confidence: 99%

Maritime Cyber Security Analysis – How to Reduce Threats?

Mraković

Vojinović

2019

ToMS

View full text Add to dashboard Cite

Maritime cyber security management requires a holistic approach as there is an increase in complexity, digitalization, and automation of systems in maritime industry. Numerous interconnected systems between ship and shore, which are in need of a special focus in the internet environment, are increasing on daily basis. Nowadays one of the major concerns in maritime computing is vulnerability to cyber-attacks. In maritime industry, cyber incidents can lead to loss of life, loss of control over ships or sensitive data, as well as ship and/or cargo hijacking. This paper therefore covers key problems of maritime industry from cyber security perspective and proposes solutions on how to eliminate or minimize them.

show abstract

Man-in-the-Middle Attacks and Internet of Things

Cited by 7 publications

References 0 publications

A Survey of Internet of Things (IoT) Authentication Schemes

A Survey of Internet of Things (IoT) Authentication Schemes

New Method of Prime Factorisation-Based Attacks on RSA Authentication in IoT

Maritime Cyber Security Analysis – How to Reduce Threats?

Contact Info

Product

Resources

About