Support Vector Machine Prediction a Man in the Middle Attack on Traffic Networking

A Detection and Prevention Technique for Man in the Middle Attack in Fog Computing

Man in the middle (MITM) attacks can dramatically compromise the security of Wi-Fi network where an attacker eavesdrops and intercepts the communication medium over the wireless communication networks. This kind of attack aims to steal sensitive data such as credit card details, login accounts, and other important financial transactions. Even though that many detection techniques have been proposed to mitigate MITM attacks, however, this attack still occurs and causes tremendous damages. In this study, we propose a set of machine learning techniques to detect and identify MITM attacks on a wireless communication network. In addition, we evaluate and validate our approach based on the performance metrics, and compare the performance results with other machine learning techniques.

A cryptographic scheme is as strong as its underlying key exchange algorithm. In this paper we explored NTRU key exchange and found that it is exposed to Man In The Middle (MITM) attack. Similar vulnerability has been found in original Diffie-Hellman key exchange and prevented using Zero Knowledge Proof (ZKP). We applied ZKP scheme to solve the lattice based NTRU key exchange MITM and found that even with ZKP, NTRU scheme is still vulnerable to MITM attacks. Implementation results confirm this vulnerability of MITM attack in NTRU key exchange algorithm with ZKP.

Network security on internet of things (IoT) devices in the IoT development process may open rooms for hackers and other problems if not properly protected, particularly in the addition of internet connectivity to computing device systems that are interrelated in transferring data automatically over the network. This study implements network detection on IoT network security resembles security systems from man in the middle (MITM) attacks on blockchains. Security systems that exist on blockchains are decentralized and have peer to peer characteristics which are categorized into several parts based on the type of architecture that suits their use cases such as blockchain chain based and graph based. This study uses the principal component analysis (PCA) to extract features from the transaction data processing on the blockchain process and produces 9 features before the k-means algorithm with the elbow technique was used for classifying the types of MITM attacks on IoT networks and comparing the types of blockchain chain-based and graph-based architectures in the form of visualizations as well. Experimental results show 97.16% of normal data and 2.84% of MITM attack data were observed.

Network security on internet of things (IoT) devices in the IoT development process may open rooms for hackers and other problems if not properly protected, particularly in the addition of internet connectivity to computing device systems that are interrelated in transferring data automatically over the network. This study implements network detection on IoT network security resembles security systems from man in the middle (MITM) attacks on blockchains. Security systems that exist on blockchains are decentralized and have peer to peer characteristics which are categorized into several parts based on the type of architecture that suits their use cases such as blockchain chain based and graph based. This study uses the principal component analysis (PCA) to extract features from the transaction data processing on the blockchain process and produces 9 features before the k-means algorithm with the elbow technique was used for classifying the types of MITM attacks on IoT networks and comparing the types of blockchain chain-based and graph-based architectures in the form of visualizations as well. Experimental results show 97.16% of normal data and 2.84% of MITM attack data were observed.

Mobile Ad hoc NETworks (MANET) are a special kind of wireless net- works where there is neither centralized authority nor pre-existing infrastructure. Hence, in such situation, authenticating nodes becomes a challenging task. This is even more true that some nodes may be tempted by spoofing other nodes identity in order to gain some rights and privileges. In such context, a protocol based on keys exchange such as Diffie-Hellman can be used. However, even such protocol is vulnerable to impersonation attack e.g. the Man in the Middle (MIM) attack. The main objective of this work is then, to evaluate the impact of a MIM attack on the context of MANET and to propose a security solution to such situation. This is done by (1) estimating the needed ratio of attackers to achieve a MIM attack in a given MANET and (2) proposing a security process based on the well known Diffie-Helman protocol.

In this paper, an architectural framework for Web Service Security System that secures Web services effectively from message alteration attacks, Man-in-the Middle (MIM) attacks and Denial of Service (DoS) attacks has been proposed and implemented. This proposed system provides intelligent mechanisms for effective detection and preventions of message alteration attacks at message level, man-in-the middle attacks at transport level and denial of service attacks at application level. For this purpose, new approaches have been proposed for intelligent identification of the services requested by the user to the service provider. Moreover, new agents called requester agent and provider agent have been deployed for effective communication between the service requester and the service provider. An encryption mechanism and digital signature generation is incorporated to secure the Simple Object Access Protocol (SOAP) message over communication between the client and the server. The new approach proposed in this research work called Web Service Registration and Routing System and Inter Proxy Web Service that effectively prevents the message alteration attacks, Man-in-the Middle attacks and other types of attacks in order to secure Web service at message level. Also, new agents are such as requester agent and provider agent have been deployed at the client and server side respectively. These two agents are responsible for effective monitoring and controlling of various messages and attacks at the message level. In addition to this, a security token is created for each user request to verify the validity of the service provider and service requester for effective and secured communication. This system also provides a new approach for the intelligent prevention of Man-in-the Middle attack and Denial of Service attack in Web services.

Secure web sites usually use HTTPS connection to secure transactions such as money transactions, online payment, and e-commerce. The use of HTTPS gives a sense of protection against attacks such as man in the middle (MITM) attack. This paper analyzes HTTPS connections against MITM by simulating real MITM attacks on different HTTPS connections such as Gmail, Yahoo Mail and Bank accounts. It was found that with the use of right tools, HTTPS connections can be broken and passwords can be sniffed and viewed in plain text. To prevent MITM against HTTPS in LAN environment a novel algorithm (DepMAC-IP) is proposed and discussed in detail. DepMAC-IP is expected to secure LAN environment not only against MITM but also against other similar attacks.

Cyber security of distribution power systems is of an increasing and pressing importance due to the fast modernisation of current systems. Cyber attacks on distribution power systems may aim to operate the system inefficiently, steal private smart meter data or cause intentional false tripping of few or all feeders. In this paper, a Man in The Middle (MiTM) attack on a power factor correction unit is implemented and demonstrated to overload a distribution feeder and cause an intentional false tripping of the entire feeder causing regional blackout. Experimental implementation of the attack is carried out in a laboratory-scale setup using commercial power equipment under different loading conditions to demonstrate the effectiveness of this attack.

The Address Resolution Protocol (ARP) takes the IP address and determines the corresponding MAC address through a broadcast reply mechanism. ARP poisoning can be done though a Man in the Middle (MITM) attack. In this paper, we present a trust based mechanism for addressing the problem of MITBM based ARP poisoning in a WLAN. The problem of ARP poisoning becomes acute in the wireless LAN environment due limited bandwidth, computation and memory, intermittent connectivity of nodes and the shared nature of the wireless broadcast channel. The resource constraints preclude employment of cryptographic primitives for authentication. The volatile connectivity and the possibility of continual arrival and departure from the networks makes manual configuration difficult. The proposed solution allows pairing of an IP address with multiple MAC addresses. This mapping prioritized according to an online trust mechanism. The implementation only requires the devices in the network to update their kernel with the modified ARP scheme. To determine the efficacy of the proposed method, it was implemented in FreeBSD kernel and tested for the successful prevention of MITM based ARP poisoning attack in a WLAN network.

Zero conf protocols date from 1999. They provide plug and play mechanisms to set up networks without having to conFigure DNS or DHCP servers. Almost every device (PCs, printers, scanners, etc.) nowadays “speaks” one of these protocols, sometimes without its owner being even aware of it. The booming IoT ecosystem, in particular, relies heavily on them. Unfortunately, these protocols offer a number of different ways to run, so called, man in the middle attacks (MITM). Some previous publications have mentioned and have taken advantage of one or another of these design flaws. In this paper, we provide a deep dive into the various issues at hand and show the extent of the problem. We consider that the growing reliance of networks on these protocols represent an underestimated and ill covered threat. We have run a number of experiments (300) to test various implementations and discuss our results. We also propose means to detect these attacks thanks to Zeek (aka Bro). We make the attack code as well as the Zeek scripts available to the research community in a format that makes replication of our results possible by researchers while not easy to use by script kiddies.

In this paper, a blockchain-based secure routing model is proposed for the Internet of Sensor Things (IoST). The blockchain is used to register the nodes and store the data packets’ transactions. Moreover, the Proof of Authority (PoA) consensus mechanism is used in the model to avoid the extra overhead incurred due to the use of Proof of Work (PoW) consensus mechanism. Furthermore, during routing of data packets, malicious nodes can exist in the IoST network, which eavesdrop the communication. Therefore, the Genetic Algorithm-based Support Vector Machine (GA-SVM) and Genetic Algorithm-based Decision Tree (GA-DT) models are proposed for malicious node detection. After the malicious node detection, the Dijkstra algorithm is used to find the optimal routing path in the network. The simulation results show the effectiveness of the proposed model. PoA is compared with PoW in terms of the transaction cost in which PoA has consumed 30% less cost than PoW. Furthermore, without Man In The Middle (MITM) attack, GA-SVM consumes 10% less energy than with MITM attack. Moreover, without any attack, GA-SVM consumes 30% less than grayhole attack and 60% less energy than mistreatment. The results of Decision Tree (DT), Support Vector Machine (SVM), GA-DT, and GA-SVM are compared in terms of accuracy and precision. The accuracy of DT, SVM, GA-DT, and GA-SVM is 88%, 93%, 96%, and 98%, respectively. The precision of DT, SVM, GA-DT, and GA-SVM is 100%, 92%, 94%, and 96%, respectively. In addition, the Dijkstra algorithm is compared with Bellman Ford algorithm. The shortest distances calculated by Dijkstra and Bellman are 8 and 11 hops long, respectively. Also, security analysis is performed to check the smart contract’s effectiveness against attacks. Moreover, we induced three attacks: grayhole attack, mistreatment attack, and MITM attack to check the resilience of our proposed system model.

This paper investigates cybersecurity attack models and defense strategies for water distribution systems (WDS) in smart city environments. As water infrastructure becomes increasingly digitized, it faces sophisticated cyber threats that could compromise system integrity and operational reliability. This study presents a systematic analysis of two prevalent attack vectors Denial of Service (DoS) and Man in the Middle (MITM) attacks and evaluates blockchain based defense mechanisms against these threats. Through experimental simulation using the C-town WDS model with 953 timestamp data points, we assess the vulnerability of water systems and the effectiveness of six consensus mechanisms: Proof of Work (PoW), Proof of Trust (PoT), Proof of Authority (PoA), Proof of Vote (PoV), Proof of Authentication (PoAuth), and Practical Byzantine Fault Tolerance (PBFT). The research quantifies attack impacts and demonstrates the superior resilience of PBFT, which achieved an 82.5% defense rate against DoS attacks and an 82.7% defense rate against MITM attacks, significantly outperforming alternative approaches. Furthermore, PBFT exhibited exceptional recovery capabilities with 71.1% recovery after DoS attacks and 89.3% recovery following MITM attacks. These findings provide valuable insights for implementing robust security frameworks that can maintain water system integrity even under sophisticated attack conditions.

Chapter 5 - RFID Attacks: Tag Application Attacks

The adoption rate of Bluetooth technology has been very fast. It is estimated that there will be around 1 billion users who will be using some Bluetooth devices one way or the other. The fast adoption rate has made the manufacturers and users to work on delivering products based on the latest version of Bluetooth which is v4.0. One of the major attacks on Bluetooth is the Man in the middle attack. This paper reviews the existing literature on various man in the middle attacks. The existing counter measures for thwarting the man in the middle attack are also discussed. We propose an additional counter measure that will help in countering the attack and making the communication more secure.