Unveiling Vulnerabilities of Web Attacks Considering Man in the Middle Attack and Session Hijacking

Muzammil, Muteeb Bin; Bilal, Muhammad; Ajmal, Sahar; Shongwe, Sandile C.; Ghadi, Yazeed Y.

doi:10.1109/access.2024.3350444

IEEE Access

2024

DOI: 10.1109/access.2024.3350444

|View full text |Cite

Unveiling Vulnerabilities of Web Attacks Considering Man in the Middle Attack and Session Hijacking

Muteeb Bin Muzammil,

Muhammad Bilal,

Sahar Ajmal

et al.

Abstract: The current era extensively utilizes the Internet, which uses data. Due to the apparent openaccess Internet service, this data is highly vulnerable to attacks. Data privacy is affected by Web-based attacks. This Systematic Literature Review (SLR) focuses on two Web-based attacks: Man-In-The-Middle and session hijacking. It reviews about 30 studies from the years 2016-2023 that have been selected utilizing a proper study selection procedure. This SLR comprises three research questions. The first describes the o… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...

Citation Types

Supporting

Mentioning

Contrasting

Year Published

2024

Publication Types

Select...

Article2

Relationship

Self Cite0

Independent2

Authors

Journals

Cited by 2 publications

(1 citation statement)

References 52 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Man in the Middle (MITM): A hacker compromises, stymies, or impersonates two systems' communications. An industrial robot may be blown out of its designated lane and speed restriction by an attacker taking control of a smart actuator, which might harm a meeting place or hurt operators [35]. 10.…”

mentioning

confidence: 99%

Security Assessment of Industrial Control System Applying Reinforcement Learning

Ibrahim,

Elhafiz

2024

Processes

View full text Add to dashboard Cite

Industrial control systems are often used to assist and manage an industrial operation. These systems’ weaknesses in the various hierarchical structures of the system components and communication backbones make them vulnerable to cyberattacks that jeopardize their security. In this paper, the security of these systems is studied by employing a reinforcement learning extended attack graph to efficiently reveal the subsystems’ flaws. Specifically, an attack graph that mimics the environment is constructed for the system using the state–action–reward–state–action technique, in which the agent is regarded as the attacker. Attackers may cause the greatest amount of system damage with the fewest possible actions if they have the highest cumulative reward. The worst-case assault scheme with a total reward of 42.9 was successfully shown in the results, and the most badly affected subsystems were recognized.

show abstract

mentioning

confidence: 99%

Security Assessment of Industrial Control System Applying Reinforcement Learning

Ibrahim,

Elhafiz

2024

Processes

View full text Add to dashboard Cite

show abstract

Unveiling the core of IoT: comprehensive review on data security challenges and mitigation strategies

Kaur,

Gulzar

et al. 2024

Front. Comput. Sci.

View full text Add to dashboard Cite

The Internet of Things (IoT) is a collection of devices such as sensors for collecting data, actuators that perform mechanical actions on the sensor's collected data, and gateways used as an interface for effective communication with the external world. The IoT has been successfully applied to various fields, from small households to large industries. The IoT environment consists of heterogeneous networks and billions of devices increasing daily, making the system more complex and this need for privacy and security of IoT devices become a major concern. The critical components of IoT are device identification, a large number of sensors, hardware operating systems, and IoT semantics and services. The layers of a core IoT application are presented in this paper with the protocols used in each layer. The security challenges at various IoT layers are unveiled in this review paper along with the existing mitigation strategies such as machine learning, deep learning, lightweight encryption techniques, and Intrusion Detection Systems (IDS) to overcome these security challenges and future scope. It has been concluded after doing an intensive review that Spoofing and Distributed Denial of Service (DDoS) attacks are two of the most common attacks in IoT applications. While spoofing tricks systems by impersonating devices, DDoS attacks flood IoT systems with traffic. IoT security is also compromised by other attacks, such as botnet attacks, man-in-middle attacks etc. which call for strong defenses including IDS framework, deep neural networks, and multifactor authentication system.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Unveiling Vulnerabilities of Web Attacks Considering Man in the Middle Attack and Session Hijacking

Cited by 2 publications

References 52 publications

Security Assessment of Industrial Control System Applying Reinforcement Learning

Security Assessment of Industrial Control System Applying Reinforcement Learning

Unveiling the core of IoT: comprehensive review on data security challenges and mitigation strategies

Contact Info

Product

Resources

About