man-in-the-middle attack

(redirected from MITM attack)

man-in-the-middle attack

An unauthorized interception of network traffic. The packets are viewed or modified by the perpetrator and sent on to the recipient, who is unaware of the intrusion. A man-in-the-middle attack can be used to intercept an encrypted message exchange and spoof the recipient into thinking the message is intact from a legitimate sender. In such a case, the attackers replace the public key from the original sender with their own public key in order to decrypt the message that will be sent back from the unsuspecting recipient. See replay attack, public key cryptography and ARP cache poisoning.
References in periodicals archive ?
Moreover, to avoid the MITM attack in directly sending public key to another device, the device owners need to assert the integrity of the public key.
All cryptographic systems that are secure against MITM attack require mutual authentication.
Komu, Mjumo Mzyece and Karim Djouani [22], analyse a security protocol proposed to mitigate the MITM attack at the initial network entry point in WiMAX referred to as Secure Initial Network Entry Protocol (SINEP), and model the protocol and an intruder process with MITM capabilities in Process/Protocol Meta-language (PROMELA) formalism.
Although eavesdropping and MitM attack methods are considered less risky, these attacks are possible with the use of the expansion method of communication range up to 10 meters in the active communication mode and up to one meter in the passive communication mode [16, 17].
A MITM attack involves a malicious actor inserting himself in the middle of a conversation between two victims, speaking to each one as if he is the other, and is therefore able to extract or modify the information passed between the victims.
No IT administrator will tolerate a MITM attack on company owned or even BYOD assets.
We will show that our scheme is secure against well-known attacks such as MITM attack, replay attack, and insider attack.
MITM attack is to position the attacker between two hosts in order to hijack connection and injecting traffic.
4] (Mij' || A || IDi || IDj), which keeps the adversaries from initiating any modification or MiTM attack.
As there is no protection of any kind even for this procedure, an attacker can potentially download the device's firmware, alter it so that it can include malicious code or a backdoor and then infect a device with the altered firmware using a MiTM attack and pretending that a rogue host is the official Sonos firmware update page.
With the help of an SSL certificate, he/she will be able to avoid MITM attack, phishing and other hazardous scams.