Man-in-the-Middle Attack | Essay

Verified

Added on 2022/09/16

AI Summary

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: MAN-IN-THE-MIDDLE-ATTACK
Man-in-the-Middle Attack
Name of the Student:
Name of the University:
Author note:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

1MAN-IN-THE-MIDDLE-ATTACK
Man-in-the-Middle attack
A Man-in-the-Middle attack, more popularly known as the MITM is an attack where the
attacker or the hacker is plays an intermediate role between the two parties without any of them
being aware of that. All the information exchange that occurs between the parties are kept a
watch over and the sensitive a confidential information are collected. The hacker may
communicate with either of the two parties with such an elegance and pretend so well that both
of them are pretty assured that the conversation is going on with genuine people. In fact, the
entire conversation is dominated by the attacker (Rahim, 2017). One of the very famous example
of the Man-in-the-Middle attack is eavesdropping at an active level. Man-in-the-Middle attack
can even occur in the open Wi-Fi range where the attacker can directly go through the
unencrypted messages of the victim. In this essay we will discuss about such attacks which have
taken place in real time and had resulted in loss of money and has caused fatal issues to the
systems as well as the individuals.
In the year 2015, a British couple, Mr. and Mrs. Lupton, was attacked by the Man-
in-the-Middle attackers, who attacked and hijacked their email subjecting them to a loss of
£340,000. As per the case file, they purchased a flat for their daughter named Tracey. The
property was purchased near Waterloo situated in the South of London. They bought it worth
£340,000. Tracey had a child back then for which they had to shift to a bigger house. Two days
prior to the date of completion, a mailed was sent to them by their lawyer asking for them for the
details of their bank account for proceeding with the sales. A lot of people trusts the mailing
system and sends the banking details without giving a second thought to it. So were done by the
Luptons. They shared their bank account details with their solicitors without hesitation. The mail
chain was intercepted by the hackers. These hackers acts as an intermediate between the solicitor

2MAN-IN-THE-MIDDLE-ATTACK
and the Luptons without their knowledge. The mail exchanged between them was very normal
but the receiver was altered. The mail was supposed to go to the solicitor instead it was
intercepted by the fraudsters. A lump sum amount of money was debited from their amount of
which they had no clue just like the lawyer himself.
In the year 2013, in formation was leaked by the NSA to intercept The Onion
Router or Tor users. The Tor is an online network which works anonymously. It is a target set
at high-priority for the NSA, National Security Agency. There is branch of the NSA which
works in the division of the System Intelligence Directorate, popularly known as the SID.
According to Edward Snowden, the whistle-blower for the organization, revealed that the
National Security Agency has developed a technology which exploits some the browsers which
are using the Tor services. It also says that there are few programs that are designed to make it
super easy for ordinary people to install it and use the software according to their requirements.
The powerful anonymity of the Tor technology has a positive and the negative side effect. The
anonymity of the Tor web user look very similar on the internet which makes it easier to locate
and differentiated from the other web user (Huang, and Bashir, 2016). On the other hand, this same
quality of the NSA’s Tor makes it difficult for the NSA agents to differentiate the Tor user and
whether or not the user is present in US or not.
There are two types of Man-in-the-Middle attack. One is active and the other is passive.
Passive MITM attack consists if eavesdropping, where the attackers just observes and collect
data without harming the system or altering the operations (Belkhouja, Mohamed, Al-Ali, Du, and
Guizani, 2018). The problem arises due to the active attacks. Here the attackers inserts malwares
and make drastic changes to the system. This can be done on the basis of interception. In the
above mention cases, the Man-in-the-Middle attack is in its active mode as in both the system,

3MAN-IN-THE-MIDDLE-ATTACK
the attack is done by interception of the attacker. Especially in the first case where the fraudster
acting as the intermediate between the two parties without their knowledge collected the
sensitive data and initiated a financial transaction (Bernal, Parra, and Díaz, 2018). This is a pure
case of active Man-in-the-Middle attack. The second case shows how a small whistle blowing
can affect an entire organization. The Man-in-the-Middle attack is a very serious problem for the
IT managers. With the proper usage of the IMSI catchers one can be aware of the breaches in an
organization or the system (Calvert, Khoshgoftaar, Najafabadi, and Kemp, 2017).
As the technologies are developing every day, the hackers are getting more and more
powerful. They too are improvising their methods of accessing information present in the
systems. As it is known to all, “prevention is better than cure” it is better to take preventive
measures for the Man-in-the-Middle attack instead of regretting later for what could have been
done. Thus detecting the problem and taking preventive measures is a must. There are several
types of Man-in-the-Middle attack out of which some are not quite easy to detect (Gangan, 2015).
The best possible way to prevent these attack is to be sure of whatever is transferred and have
less faith in everything. Preventing interception is one of the most difficult thing in the MITM
attack. If the hacker or the attacker gains control of the system server, network or compromises
the destination server, there is little or no scope of anything that can be done in such cases. Thus,
some unbreakable methods of the encryption should be used. Patching the systems and using
authorized renowned anti-malwares are effective and prevents many undesired installation
without users notice. Public networks or the public Wi-Fi must be avoided. This is because they
form a network which is open to all, the attacker may watch for this opportunity to hack into a
system. Hotspots should be avoided for sensitive activities. While accessing a Wi-Fi, it should be
kept in mind that the names must not be similar. It may be a trap one may walk into (Nguyen,

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

4MAN-IN-THE-MIDDLE-ATTACK
Mimura, and Tanaka, 2017). Using a secured connection saves people from undesired website to
open. The connection security can be checked in the browser address bar. More information
about the website or the address can be checked by clicking the lock button on the address bar
beside the address. CheckMyHTTPS can be used to detect SSL hijacking. Mailing sensitive
information via Email should not be proceeded without proper encryption (Jie, Choo, Li, Chen and
Guo, 2019). Two factor authentication method should be used wherever possible. It is a method
to add additional security to a personal system. The two factors includes two steps of
authentication. The first factor is the standard to difficult password set up by the user. The
second step is a verification code which is retrieved from the application on the mobile device or
computers. These two steps acts as two factors and enhance the prevention process.
SSL or the Secured Service Layer present in a network also plays a role in preventing
Man-in-the-Middle attack. Mostly the Man-in-the-Middle attack is caused due to human
activities when one does not check the address properly. Though this can be done with just one
click on the lock symbol, and a user can be saved from the trap of HTTP stripping attack. The
older version of the SSL or TLS are exposed to the MITM attack (Zou, and Wang, 2015). Older
version is easily decrypted by the hackers. Tapping a communication becomes easier for the
hacker if the system and the network is compromised, and this is done before encryption of the
data. In case of Emails, the server may be encrypted but the server where the mails are stored
often uses plain texts which are again vulnerable to the attackers.
There are some security measures that can be used to mitigate these problem faced by the
users while exchanging information over the internet. Authentication of data is an important
method of mitigation. For exchanging message over a secure channel public keys are used along
with the messages that is to be sent. These protocols makes use of the key agreement protocols

5MAN-IN-THE-MIDDLE-ATTACK
which have different level of security requirement (He, Chan, and Guizani, 2015). The Transport
layer security or TLS makes the transmission control protocol harder against the Man-in-the-
Middle attack. The certificates of authority is issued and verified by the trusted authority which
are exchanged by the servers and clients. Generally the validation is done from the server end by
default but Mutual validation is used by either of the server and the client to validate the
communication from both the client and the servers end (Wiese, Nötzel and Boche, 2016). This
protects the server and client from the MITM attack from both the end. Certificate pinning,
popularly known as the HTTP Public Key Pinning (HPKP) can be used to prevent the Man-in-
the-Middle attack in which the authority providing the certificate itself is compromised.
DNSSEC is used for authentication of the DNS records which prevents simple Man-in-the-
Middle attacks by extension of the DNS protocol.
Employment of encryption techniques can mitigate the risk of Man-in-the-Middle attack.
Every application used in an organization or a system, which includes email, web and voice
traffic must be encrypted. This is because even if one data is un-encrypted in a system, an active
Man-in-the-Middle attacker can intercept the communication. Then data can be inserted which
may change the DNS responses which can insert malwares in the system and then the rest will be
seen in the systems performance. A recent innovation known as the HTTP strict transport
security or HSTS can be implemented which does not allow the users to exchange unencrypted
data while using organization’s server (Zhou, Yang, and Yang, 2017). VPN tunnel can be used for
extreme cases in which the IT managers, who have a very low tolerance for risk, uses their
Mobile Device Management (MDM) to send corporate and non-corporate traffic to a VPN
provider. Though there is an additional overhead present, the security is also increased which
provides more resistance towards the Man-in-the-Middle attack. Cryptographic libraries are

6MAN-IN-THE-MIDDLE-ATTACK
updated for the server end by the IT managers who uses application delivery controller for
managing TLS and SSL (Banakh, and Piskozub, 2018). The system becomes complicated when
there is a different settings for TLS and SSL of each server. This makes the things difficult for
the hackers as synchronizing becomes harder.
Guidelines are provided by the OWASP or Open Web Application Security Project on
configuration of TLS properly on the web server (Rasheed, Shanmugam, Samy, Maarop,
Magalingam, Yeo, and Azam, 2017). The same guidelines are applicable for the TLS protected
services which includes SSL VPNs and IMAP and STMP servers.
Thus, with advancement of technologies, new security threats are also increasing. The
data is not at all secure when it is kept unencrypted. Thus proper end to end encryption of data is
needed for protecting sensitive data from getting revealed to the attackers. The Man-in-the-
Middle attack is very clever way of cyber attacking. This is because is undetected till any harm is
done to the system or any change is noticed in the behavior of the server (Kim, Shin, Shin, and Kim,
2019). Eavesdropping in the server is dangerous as the unencrypted data is easily readable to the
attackers. The only way to stop it is prevent it from happening, cause once the server is
compromised, there is not much that can be done to bring it back. Moreover, with the increasing
rate of the cybercrime, encryption should be done to every single information that is passed
through the server. There is no such information that is ‘unimportant’ and can be left out as the
attack can be initiated from that point and can cause serious issues in the later processes (Denis,
Zena, and Hayajneh, 2016). Better passwords or keys should be used for preventing the risk of the
Man-in-the-Middle attack.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

7MAN-IN-THE-MIDDLE-ATTACK
References:
Banakh, R. and Piskozub, A., 2018, September. Attackers' Wi-Fi Devices Metadata Interception
for their Location Identification. In 2018 IEEE 4th International Symposium on Wireless
Systems within the International Conferences on Intelligent Data Acquisition and Advanced
Computing Systems (IDAACS-SWS) (pp. 112-116). IEEE.
Belkhouja, T., Mohamed, A., Al-Ali, A.K., Du, X. and Guizani, M., 2018, December. Light-
Weight Solution to Defend Implantable Medical Devices against Man-In-The-Middle Attack.
In 2018 IEEE Global Communications Conference (GLOBECOM) (pp. 1-5). IEEE.
Bernal, A.J.P., Parra, O.J.S. and Díaz, R.A.P., 2018. Man in the Middle Attack: Prevention in
Wireless LAN. International Journal of Applied Engineering Research, 13(7), pp.4672-4671.
Calvert, C., Khoshgoftaar, T.M., Najafabadi, M.M. and Kemp, C., 2017. A procedure for
collecting and labeling man-in-the-middle attack traffic. International Journal of Reliability,
Quality and Safety Engineering, 24(01), p.1750002.
Denis, M., Zena, C. and Hayajneh, T., 2016, April. Penetration testing: Concepts, attack
methods, and defense strategies. In 2016 IEEE Long Island Systems, Applications and
Technology Conference (LISAT) (pp. 1-6). IEEE.
Gangan, S., 2015. A review of man-in-the-middle attacks. arXiv preprint arXiv:1504.02115.
He, D., Chan, S. and Guizani, M., 2015. Mobile application security: malware threats and
defenses. IEEE Wireless Communications, 22(1), pp.138-144.

8MAN-IN-THE-MIDDLE-ATTACK
Huang, H.Y. and Bashir, M., 2016, October. The onion router: Understanding a privacy
enhancing technology community. In Proceedings of the 79th ASIS&T Annual Meeting:
Creating Knowledge, Enhancing Lives through Information & Technology (p. 34). American
Society for Information Science.
Jie, Y., Choo, K.K.R., Li, M., Chen, L. and Guo, C., 2019. Tradeoff gain and loss optimization
against man-in-the-middle attacks based on game theoretic model. Future Generation Computer
Systems.
Kim, D., Shin, D., Shin, D. and Kim, Y.H., 2019. Attack detection application with attack tree
for mobile system using log analysis. Mobile Networks and Applications, 24(1), pp.184-192.
Nguyen, S.D., Mimura, M. and Tanaka, H., 2017, December. Leveraging Man-in-the-middle
DoS Attack with Internal TCP Retransmissions in Virtual Network. In International Conference
on Information Systems Security (pp. 367-386). Springer, Cham.
Rahim, R., 2017. Man-in-the-middle-attack prevention using interlock protocol method. ARPN
J. Eng. Appl. Sci, 12(22), pp.6483-6487.
Rasheed, A.B.M., Shanmugam, B., Samy, G.N., Maarop, N., Magalingam, P., Yeo, K. and
Azam, S., 2017. Secure Web Application Development Prototype Using Enterprise Security
Application Programming Interface (ESAPI). Asian Journal of Information Technology, 16(1),
pp.7-13.
Wiese, M., Nötzel, J. and Boche, H., 2016. A channel under simultaneous jamming and
eavesdropping attack—Correlated random coding capacities under strong secrecy criteria. IEEE
Transactions on Information Theory, 62(7), pp.3844-3862.

9MAN-IN-THE-MIDDLE-ATTACK
Zhou, H., Yang, W. and Yang, C., 2017, July. Privacy preserving consensus under interception
attacks. In 2017 36th Chinese Control Conference (CCC) (pp. 8485-8490). IEEE.
Zou, Y. and Wang, G., 2015. Intercept behavior analysis of industrial wireless sensor networks
in the presence of eavesdropping attack. IEEE Transactions on Industrial Informatics, 12(2),
pp.780-787.

1 out of 10

+13062052269

info@desklib.com

Man-in-the-Middle Attack | Essay

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Related Documents