In this article, an enhanced version of address resolution protocol (ARP) is proposed to prevent ARP poisoningbased man-in-the-middle (MITM) attacks in wired or wireless LAN environments. The proposed mechanism is based on the idea that when a node knows the correct MAC address for a given IP address, if it does not delete the mapping while the machine is alive, then MITM attack is not possible...

Syftet med det här arbetet har varit att utveckla en praktisk Man-In-The-Middle-attack mot trådlösa klienter på NetLogon-systemet vid Linköpings Universitet. Målsättningen har varit att attacken skall ske så transparent som möjligt ur offrets synvinkel. Attacken använder DNS-spoofing och en MITM-metod med förfalskade avsändaradresser genom packet injection. Vi har implementerat ett fungerande v...

Current research on verifying security properties of communication protocols has focused on proving integrity and confidentiality using models that include a strong Man-in-the-Middle (MitM) threat. By contrast, protection measures against Denial-of-Service (DoS) must assume a weaker model in which an adversary has only limited ability to interfere with network communications. In this paper we d...

Recently, intelligent transport systems have been applied to vehicle cloud environments. Such technology is especially useful for the systematic management of road traffic. Moreover, automobiles are increasingly equipped with a black box for accident prevention and preservation of evidence. Vehicle black boxes have become mandatory because black box images and voice data have served as forensic...

Payload authentication is vulnerable to Man-in-the-middle (MITM) attack. Blockchain technology offers methods such as peer peer, block hash, and proof-of-work secure the payload of process. The implementation uses hash on blockchain testing using White-box-testing security tests distributed system practitioners who are competent in MITM attacks. analyisis results before implementing show that s...

Web users are shown an invalid certificate warning when their browser cannot validate the identity of the websites they are visiting. While these warnings often appear in benign situations, they can also signal a man-in-the-middle attack. We conducted a survey of over 400 Internet users to examine their reactions to and understanding of current SSL warnings. We then designed two new warnings us...

In 2013, Althobaiti et al. proposed an efficient biometricbased user authentication scheme for wireless sensor networks. We analyze their scheme for the security against known attacks. Though their scheme is efficient in computation, in this paper we show that their scheme has some security pitfalls such as (1) it is not resilient against node capture attack, (2) it is insecure against imperson...

Recent attacks on the German identity card show that a compromised client computer allows for PIN compromise and man-inthe-middle attacks on eID cards. We present a selection of new solutions to that problem which do not require changes in the card specification. All presented solutions protect against PIN compromise attacks, some of them additionally against man-in-the-middle attacks.

This paper discusses a new protocol implementing authentication in a multi-located environment that avoids man-in-the-middle (MIM) attack, replay attack and provides privacy, integrity of a message for multi-located parties. The protocol uses the concept that each party is associated with a subsidiary agent.