Simulation and Analysis of Network Security Performance Using Attack Vector Method for Public Wifi Communication

Abstract

The use of wifi networks in public spaces has a risk of robbery of user access data in cyberspace, such as banking transactions, social media and other online access. The threat of Man In The Middle Attack (MITM) attacks is carried out on public wifi networks to gain access to user information by illegal means. The attack vector simulation process is carried out on the site access exampleriset.com/dvwa/login.php. ARP Poisoning attack with Ettercap device performs interception and manipulation which provides 08: 00: 27: 25: 22: 99 MAC address information to the target. Session Hijacking attack simulations are carried out using a cookie manager plugin on the HTTP and HTTPS protocols. SSL Stripping attacks by better intercepting and downgrading HTTPS to HTTP communication protocols. Poisoning ARP attacks get information from targets such as Mobile IP MAC Address 192.168.3.249 F4: 09: D8: EA: EC: E7 and Server 192.168.3.5 08: 00; 27: CC: 59: OE and user: admin Passed: password. The results of the Session Hijacking attack on the HTTP protocol get a session id in the form of phpsessiid = 4f1pnfr081e4jero11truspb60 \ r \ n which is used the specified session id time without entering user authentication. The Session Hijacking attack on the HTTPS protocol was unsuccessful and the SSL Striping attack on the HTTPS protocol was unsuccessful