The Experts below are selected from a list of 590325 Experts worldwide ranked by ideXlab platform
Owen L Henry - One of the best experts on this subject based on the ideXlab platform.
-
wireless intrusion detection and response a case study using the classic man in the middle attack
Wireless Communications and Networking Conference, 2004Co-Authors: Schmoyer R Timothy, Owen L HenryAbstract:Intrusion detection and countermeasures response is an active area of research. In this paper, we examine integrating an intrusion detection engine with an active countermeasure capability. We use a classic man in the middle attack as a case study to specify the integrated wireless intrusion detection capability with the active countermeasure response. We present the case study in dynamically defending against an example attack in an 802.11 infrastructure basic service set by combining the concepts for a distributed wireless intrusion detection and response system architecture with adaptive response strategies based on alarm confidence, attack frequency, assessed risks, and estimated response costs. We also include a description of a tool kit we have implemented to prototypically test and evaluate our concepts.
Schmoyer R Timothy - One of the best experts on this subject based on the ideXlab platform.
-
wireless intrusion detection and response a case study using the classic man in the middle attack
Wireless Communications and Networking Conference, 2004Co-Authors: Schmoyer R Timothy, Owen L HenryAbstract:Intrusion detection and countermeasures response is an active area of research. In this paper, we examine integrating an intrusion detection engine with an active countermeasure capability. We use a classic man in the middle attack as a case study to specify the integrated wireless intrusion detection capability with the active countermeasure response. We present the case study in dynamically defending against an example attack in an 802.11 infrastructure basic service set by combining the concepts for a distributed wireless intrusion detection and response system architecture with adaptive response strategies based on alarm confidence, attack frequency, assessed risks, and estimated response costs. We also include a description of a tool kit we have implemented to prototypically test and evaluate our concepts.
R.j. Lipton - One of the best experts on this subject based on the ideXlab platform.
-
ISCC - Defense against man-in-the-middle attack in client-server systems
Proceedings. Sixth IEEE Symposium on Computers and Communications, 1Co-Authors: Dimitrios Serpanos, R.j. LiptonAbstract:The deployment of several client-server applications over the Internet and emerging networks requires the establishment of the client's integrity. This is necessary for the protection of copyright of distributed material and, in general, for protection from loss of "sensitive" (secret) information. Clients are vulnerable to powerful man-in-the-middle attacks through viruses, which are undetectable by conventional anti-virus technology. We describe such powerful viruses and show their ability to lead to compromised clients, that cannot protect copyrighted or "sensitive " information. We introduce a methodology based on simple hardware devices, called "spies", which enables servers to establish client integrity, and leads to a successful defense against viruses that use man-in-the-middle attacks.
Jayashri Mittal - One of the best experts on this subject based on the ideXlab platform.
-
Securing SMS Based One Time Password Technique from Man in the Middle attack
International Journal of Engineering Trends and Technology, 2014Co-Authors: Safa Hamdare, Varsha Nagpurkar, Jayashri MittalAbstract:Security of financial transactions in E-Commerce is difficult to implement and there is a risk that user's confidential data over the internet may be accessed by hackers. Unfortunately, interacting with an online service such as a banking web application often requires certain degree of technical sophistication that not all Internet users possess. For the last couple of year such naive users have been increasingly targeted by phishing attacks that are launched by miscreants who are aiming to make an easy profit by means of illegal financial transactions. In this paper, we have proposed an idea for securing e-commerce transaction from phishing attack. An approach already exists where phishing attack is prevented using one time password which is sent on user's registered mobile via SMS for authentication. But this method can be counter attacked by "Man in the Middle". In our paper, a new idea is proposed which is more secure compared to the existing online payment system using OTP. In this mechanism OTP is combined with the secure key and is then passed through RSA algorithm to generate the Transaction password. A Copy of this password is maintained at the server side and is being generated at the user side using a mobile application; so that it is not transferred over the insecure network leading to a fraudulent transaction. Keywords—Phishing, Replay attack, MITM attack, RSA, Random Generator.
-
securing sms based one time password technique from man in the middle attack
arXiv: Cryptography and Security, 2014Co-Authors: Safa Hamdare, Varsha Nagpurkar, Jayashri MittalAbstract:Security of financial transaction in e-commerce is difficult to implement and there is a risk that users confidential data over the internet may be accessed by hackers. Unfortunately, interacting with an online service such as a banking web application often requires certain degree of technical sophistication that not all Internet users possess. For the last couple of years such naive users have been increasingly targeted by phishing attacks that are launched by miscreants who are aiming to make an easy profit by means of illegal financial transactions. In this paper, we have proposed an idea for securing e-commerce transaction from phishing attack. An approach already exists where phishing attack is prevented using one time password which is sent on users registered mobile via SMS for authentication.But this method can be counter attacked by man in the middle.In our paper, a new idea is proposed which is more secure compared to the existing online payment system using OTP. In this mechanism, OTP is combined with the secure key and is then passed through RSA algorithm to generate the Transaction password. A copy of this password is maintained at the server side and is being generated at the user side using a mobile application.So that it is not transferred over the insecure network leading to a fraudulent transaction.
Jiang Lan-fan - One of the best experts on this subject based on the ideXlab platform.
-
The Implementation of SSL man-in-the-middle attack Using OpenSSL
Computers & Security, 2009Co-Authors: Jiang Lan-fanAbstract:SSL was a cryptographic protocol that provides secure communications on the Internet. This paper first analysed the principle of SSL protocol and man-in-the-middle attack, then introduced how to implemente man-in-the-middle attack using OpenSSL Library, including Session Hijack, falsification of X.509 digital certificate and relayed messages between victims. The experiment provided recommendations and reference for clients using SSL protocol in security.