Survey on man in the middle attack - ARP spoofing
By: Srikar, Vishnu Datta A
.
Contributor(s): Koushik, Patnam Venkata.
Publisher: Haryana IOSR - International Organization of Scientific Research 2022Edition: Vol.24(6), Nov-Dec.Description: 9-20p.Subject(s): Computer EngineeringOnline resources: Click here
In:
IOSR Journal of Computer Engineering (IOSR-JCE)Summary: The primary goal of any attack is to gain access to the victim’s machine without the knowledge or
with minimal detection of the victim. The man-In-The- Middle attack is the most common attack that takes
advantage of the vulnerability that exists in the ARP protocol. There are various types of MITM attacks and in
this experiment, we are going to perform ARP spoofing using the Python Scapy library to poison the ARP table
and then sniff the data from the victim machine. MITM attack is a technique that violates the confidentiality
and integrity of the communication by inserting a third-party attacker machine in between the communication
channel without the knowledge of the client andserver. MITM attacks occur through ARP poisoning through
ARP protocol. The Address Resolution Protocol (ARP) is a stateless protocol that maps IP addresses to their
corresponding MAC addresses. It maintains a table called ARP cache that keeps a list of MAC addresses and
their corresponding IP addresses within a switched LAN network. In this study, we are trying to poison this
ARP table and perform the MITM attack to sniff the data of the victim.Web browsers interact using IP
addresses and Domain NameService (DNS) helps to resolve the domain names to IP addresses. Attackers
always try to find vulnerabilities to attack the websites and any website that is not secured can be easily
compromised by the attacker. HSTS (Hyper Text Transfer Protocol Strict Transport Security) is a web security
policy introduced to prevent MITM attacks on websites. This HSTS converts all the websites which were trying
to be opened insecurely through HTTP to strict HTTPS securely. Inthis study, we are trying to bypass this
security by changing the domain names and confusing the HSTS as the rules in HSTS would work for valid
Domain names. We are trying to exploit by spoofing/altering the names in such a way that the victim would not
notice the difference. This attack can be successful for websites that are opened by searching the keyword in
google as they can be redirected to the fake domain names.
| Item type | Current location | Call number | Status | Date due | Barcode | Item holds |
|---|---|---|---|---|---|---|
Articles Abstract Database
|
School of Engineering & Technology Archieval Section | Not for loan | 2023-0327 |
The primary goal of any attack is to gain access to the victim’s machine without the knowledge or
with minimal detection of the victim. The man-In-The- Middle attack is the most common attack that takes
advantage of the vulnerability that exists in the ARP protocol. There are various types of MITM attacks and in
this experiment, we are going to perform ARP spoofing using the Python Scapy library to poison the ARP table
and then sniff the data from the victim machine. MITM attack is a technique that violates the confidentiality
and integrity of the communication by inserting a third-party attacker machine in between the communication
channel without the knowledge of the client andserver. MITM attacks occur through ARP poisoning through
ARP protocol. The Address Resolution Protocol (ARP) is a stateless protocol that maps IP addresses to their
corresponding MAC addresses. It maintains a table called ARP cache that keeps a list of MAC addresses and
their corresponding IP addresses within a switched LAN network. In this study, we are trying to poison this
ARP table and perform the MITM attack to sniff the data of the victim.Web browsers interact using IP
addresses and Domain NameService (DNS) helps to resolve the domain names to IP addresses. Attackers
always try to find vulnerabilities to attack the websites and any website that is not secured can be easily
compromised by the attacker. HSTS (Hyper Text Transfer Protocol Strict Transport Security) is a web security
policy introduced to prevent MITM attacks on websites. This HSTS converts all the websites which were trying
to be opened insecurely through HTTP to strict HTTPS securely. Inthis study, we are trying to bypass this
security by changing the domain names and confusing the HSTS as the rules in HSTS would work for valid
Domain names. We are trying to exploit by spoofing/altering the names in such a way that the victim would not
notice the difference. This attack can be successful for websites that are opened by searching the keyword in
google as they can be redirected to the fake domain names.
Click on an image to view it in the image viewer
There are no comments for this item.