Understanding PKI: Concepts, Standards, and Deployment Considerations
Understanding PKI: Concepts, Standards, and Deployment Considerations
Web Hacking: Attacks and Defense
Web Hacking: Attacks and Defense
A secure address resolution protocol
Computer Networks: The International Journal of Computer and Telecommunications Networking
S-ARP: a Secure Address Resolution Protocol
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
An Analysis on the Schemes for Detecting and Preventing ARP Cache Poisoning Attacks
ICDCSW '07 Proceedings of the 27th International Conference on Distributed Computing Systems Workshops
SSL/TLS session-aware user authentication - Or how to effectively thwart the man-in-the-middle
Computer Communications
An efficient solution to the ARP cache poisoning problem
ACISP'05 Proceedings of the 10th Australasian conference on Information Security and Privacy
| Hi-index | 0.00 |
Secure web sites usually use HTTPS connection to secure transactions such as money transactions, online payment, and e-commerce. The use of HTTPS gives a sense of protection against attacks such as man in the middle (MITM) attack. This paper analyzes HTTPS connections against MITM by simulating real MITM attacks on different HTTPS connections such as Gmail, Yahoo Mail and Bank accounts. It was found that with the use of right tools, HTTPS connections can be broken and passwords can be sniffed and viewed in plain text. To prevent MITM against HTTPS in LAN environment a novel algorithm (DepMAC-IP) is proposed and discussed in detail. DepMAC-IP is expected to secure LAN environment not only against MITM but also against other similar attacks.