Assignment on Computer Network and Security
Added on - 21 Apr 2020
Running head: COMPUTER NETWORK AND SECURITYComputer Network and SecurityName of the StudentName of the UniversityAuthor Note
1COMPUTER NETWORK AND SECURITY1. Literature Review-Man in middle AttackMan in middle attack is a privacy attack on cryptography and computer security where anattacker targets a conversation between two parties without their knowledge. The conversationcan be in form of email, social media, and web surfing. The attacker eavesdrop the conversationin order to collect confidential information from the conversation. According to Aggarwal andNandi (2015), Wi-Fi or wireless networks are more vulnerable to a number of attacks includingthe man in the middle attack due to the openness of the medium. A common vulnerability of hole196 present in WPA2 or Wi-Fi protected access can be exploited by the attacker for accessingthe encrypted network.Yang et al., (2012), investigate an Address Resolution Protocol spoofing, which is basedon the man in the middle attack. The man in the middle attack is a major malicious code attacksthat damage the industrial infrastructure directly. This type of attack is dangerous as it canmodify and compromise the secure and the reliable operation of wireless networks.The scenario of man in the middle attack involves the attacker as the third party, and actas an intercommunicating node between a server and the client. The attacker captures themessages between a server and the client. The attacker then alters the messages before it reachesthe receiver (Kumar, Verma & Tomar, 2013). However, in case of a wireless domain, the sharedchannel will require to undergo the association and disassociation phase for communication. Thisattack is possible in ARP, as the response of the request packet is not authenticated andtherefore; any node is allowed on behalf of any other node can send a request in a network. Theattacker makes use of this vulnerability. Furthermore, the stateless nature of does not requires amatching request and therefore, man in the middle attack is more prominent here.
2COMPUTER NETWORK AND SECURITYZhao and Ge, (2013), discusses that the man in the middle attack is prominent in smartobjects such as Internet of Things as well. It is generally assumed that no third party is able tointercept the messages of two communicating parties in an IOT environment. This type of attackis dangerous as the attacker can even track an object’s location using this method that can giverise to privacy risks for the user of Internet of Things. The attacker after getting access to theIOT environment may attempt to extract the security information and misuse it.Man in the middle attack is prominent in TLS as well, which is an essential buildingblock for virtual private networks. The security in TLS mainly deals with authentication and keyexchange. Absence of proper security in key exchange results in man in the middle attack. Thesecurity in the key exchange process in TLS is mainly achieved using Public Key Infrastructureor PKI (de la Hoz et al., 2014). Researches prove that man in the middle attack on PKIs hasconsiderably increased over the years. This is because the attackers make use of the vulnerabilityof classical PKI model. A number of security concerns have arisen over the years, which provesthat TLS is prone to man-in-the middle attacks.Man in the middle attack is prominent in fog computing as well. In this particular attack,the gateways, that serve as fog devices are targeted and are compromised or replaced by the fakeones. Furthermore, it is impossible for the traditional anomaly detection method to detect orexpose the man in the middle attacks (Lee et al., 2015). Encryption is not a feasible option inpreventing this attack in fog computing as it is tough to establish communication between fognode and IOT devices with the help of encryption.With the increase in the number of wireless users with the increase in availability of themobile devices in lower costs, the man in the middle attack posses a real threat to the wireless