Abstract
In this work, we outline a procedure for collecting and labeling Man-in-the-Middle (MITM) attack traffic. Our capture procedure allows for the collection of real-world representative data using a full-scale network environment. MITM attacks are typically performed with the purpose of intercepting information amongst two networked machines. This enables the attacker to gain access to otherwise confidential communications and potentially alter said communications maliciously. MITM attacks are still a very common attack that can be implemented with relative ease across a variety of network environments. Our work establishes experimental procedures for enacting three prevalent MITM attack variants through penetration testing. The process for data collection is defined, along with our approach on gathering real-world, representative data. We also present a novel labeling procedure based on the inherent behaviors of each MITM attack variant. Our work aims to address the challenges associated with collecting such data within a live production environment, as well as identify the impact MITM attacks have on traffic behavior. We also present a case study to provide some quantitative analysis regarding the data collected.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Reliability, Quality and Safety Engineering
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
