With the rapid growth of the Internet user population and the magnitude of the applications depending on the Internet these days, network security measures are becoming extremely important. For the Internet users, one of the best defenses against network attacks is to understand the patterns of the attacks and raise the awareness of abnormality as much as possible. In this paper, an experiment ...

We revisit meet-in-the-middle (MITM) attacks on block ciphers. Despite recent significant improvements of the MITM attack, its application is still restrictive. In other words, most of the recent MITM attacks work only on block ciphers consisting of a bit permutation based key schedule such as KTANTAN, GOST, IDEA, XTEA, LED and Piccolo. In this paper, we extend the MITM attack so that it can be...

TCP is the main transport protocol over the Internet, ensuring reliable and efficient connections. TCP is trivially vulnerable to man-in-the-middle (MitM) attackers; they can intercept, modify and inject TCP traffic [Joncheray 1995]. Despite significant possible threats, a common assumption is that MitM capabilities are difficult to obtain; this assumption is demonstrated by OWASP’s list of top...

Most SSL/TLS-based e-commerce applications employ conventional mechanisms for user authentication. These mechanisms—if decoupled from SSL/TLS session establishment—are vulnerable to manin-the-middle (MITM) attacks. In this paper, we elaborate on the feasibility of MITM attacks, survey countermeasures, introduce the notion of SSL/TLS session-aware user authentication (TLS-SA), and present a proo...

With the rapid development of WLAN, more and more schools and businesses have begun to provide the WLAN for users. However, WLAN is considerably more susceptible to MitM (man-in-the-middle) attack. To overcome it, we propose a dynamic password technology named Two-way Dynamic Authentication Technology (TDAT). It uses two-factor during the initial authentication, and uses a two-way hash chain du...

This paper describes a meet-in-the-middle (MITM) attack against the round reduced versions of the block cipher mCrypton-64/96/128. We construct a 4-round distinguisher and lower the memory requirement from 2 to 2 using the differential enumeration technique. Based on the distinguisher, we launch a MITM attack on 7-round mCrypton-64/96/128 with complexities of 2 64-bit blocks and 2 encryptions. ...

Software defined networking (SDN) is a developing technology which completely changes the architecture and working of traditional networks. There has been growing urgency among networking developers to come up with a new set of devices to support Software Defined Networks and to implement better services in SDN compared to traditional networks. During these activities, security of the packets i...

The Man-In-The-Middle (MITM) attack is one of the most common attacks employed in the network hacking. MITM attackers can successfully invoke attacks such as denial of service (DoS) and port stealing, and lead to surprisingly harmful consequences for users in terms of both financial loss and security issues. The conventional defense approaches mainly consider how to detect and eliminate those a...

In this article, an enhanced version of address resolution protocol (ARP) is proposed to prevent ARP poisoningbased man-in-the-middle (MITM) attacks in wired or wireless LAN environments. The proposed mechanism is based on the idea that when a node knows the correct MAC address for a given IP address, if it does not delete the mapping while the machine is alive, then MITM attack is not possible...

It has been publicly known that keyboards and mice, either wired or wireless, can be potentially attacked by eavesdropping or hijacking. Although there are many secure keyboards and some secure mice in the market, there are still vulnerabilities under different types of Man-In-The-Middle (MITM) attacks such as hijack or replay. Usually these attacks are low cost and easy to implement, but so fa...