Araştırma Makalesi
BibTex RIS Kaynak Göster

A Hidden Hazard: Man-In-The-Middle Attack in Networks

Yıl 2019, Cilt: 4 Sayı: 2, 96 - 116, 01.12.2019

Ahmet Efe , Gizem Kalkancı Mehmet Donk Serhat Cihangir Ziya Uysal

Öz

The most critical subject in information
communication technologies is information security. Information security is
defined as the prevention of access, use, modification, disclosure, removal,
alteration and damage of information as an entity type without permission or in
an unauthorized manner. Threats to information security continue to increase
with today's evolving technology. Protecting our data is not an easy task these
days when attackers are constantly discovering new techniques and exploits to
steal our data. One of the most used of these techniques is the Man in the middle
(MITM) attack. Attackers can use this attack to listen to local network traffic
and steal end-user data from traffic flowing without malicious software or virus.
In addition, passwords can be obtained by bypassing SSL. There are many common
ways of starting an MITM attack. The simplest of these will be to create a fake
node in an open computer network like Coffee Shops WiFi network. In this study,
the concept of information security has been emphasized and the necessary
criteria have been explained. Then, a popular type of attack, the MITM attack,
has been implemented in various ways over the Linux operating system. After
prevention methods for this attack, which was performed by various methods,
have been described. As a result, the MITM attack, one of the popular types of
attacks that threaten information security, has been introduced, the various
forms of application have been shown both in technical and practical terms, and
the methods of prevention have been described. With this study, it is aimed to
establish an awareness in this issue and to take precautions against the
threats that may arise with developing technology.

Anahtar Kelimeler

Man-in-the-middle (MITM) attack Information security ARP poisoning e-government security

Kaynakça

  • Hekim, H. (2015). Oltalama (Phishing) Saldirilari. Retrieved from academia: http://www.academia.edu/35136881/Oltalama_Phishing_Saldirilari
  • Hugo, E. (2016, March 28). Performing Man-In-The-Middle Attack with ARPSpoof. Retrieved from myhackingjournal.blogspot: http://myhackingjournal.blogspot.com/2016/03/performing-man-in-middle-attack-with-arpspoof.html
  • Infosec Guide: Defending Against Man-in-the-Middle Attacks. (2017, July 27). Retrieved from trendmicro: https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/infosec-guide-defending-against-man-in-the-middle-attacks
  • Man-in-the-Middle (MITM) Attacks. (2018, May 1). Retrieved from rapid7: https://www.rapid7.com/fundamentals/man-in-the-middle-attacks/
  • Man-in-the-middle attack. (2018, May 1). Retrieved from wikipedia: https://tr.wikipedia.org/wiki/Man-in-the-middle_attack
  • Ramadhan, F. B. (2018, January 25). Kali Linux: Social Engineering Toolkit. Retrieved from linuxhint: https://linuxhint.com/kali-linux-set/
  • Rangwala, S. (2015, May 10). Fake Website with DNS Spoofing in Kali Linux. Retrieved from linux-hacking-guide.blogspot: http://linux-hacking-guide.blogspot.com/2015/05/fake-website-with-dns-spoofing-in-kali.html
  • Rouse, M., & Cobb, M. (2015, December 8). Man-in-the-middle attack (MitM). Retrieved from internetofthingsagenda.techtarget: https://internetofthingsagenda.techtarget.com/definition/man-in-the-middle-attack-MitM
  • Sultana, N., Chilamkurti, N., Peng, W., & Alhadad, R. (2018, January 18). Survey on SDN based network intrusion detection system using machine learning approaches. Peer-to-Peer Networking and Applications.
  • Tanmay. (2013, April 12). How to defend yourself against MITM or Man-in-the-middle attack. Retrieved from thewindowsclub: http://www.thewindowsclub.com/man-in-the-middle-attack
  • Tekdoğan, R., & Efe, A. (2018). Prevention Techniques for SSL Hacking Threats to E-Government Services. Ankara: International Journal of Information Security Sciences.
  • Toward More Resilient Cyber Infrastructure: A Practical Approach. (2016). In B. Tanceska, M. Bogdanoski, & A. Risteski, Handbook of Research on Civil Society and National Security in the Era of Cyber Warfare (pp. 305-351). IGI Global.
  • Yeahhub Corporation. (2017, August 15). Sniff HTTPS/FTP Packets Using SSLSTRIP And DSNIFF – ARP Spoofing MITM Attack. Retrieved from yeahhub: https://www.yeahhub.com/sniff-https-ftp-packets-using-sslstrip-dsniff-arp-spoofing-mitm-attack/

Yıl 2019, Cilt: 4 Sayı: 2, 96 - 116, 01.12.2019

Ahmet Efe , Gizem Kalkancı Mehmet Donk Serhat Cihangir Ziya Uysal

Öz

Kaynakça

  • Hekim, H. (2015). Oltalama (Phishing) Saldirilari. Retrieved from academia: http://www.academia.edu/35136881/Oltalama_Phishing_Saldirilari
  • Hugo, E. (2016, March 28). Performing Man-In-The-Middle Attack with ARPSpoof. Retrieved from myhackingjournal.blogspot: http://myhackingjournal.blogspot.com/2016/03/performing-man-in-middle-attack-with-arpspoof.html
  • Infosec Guide: Defending Against Man-in-the-Middle Attacks. (2017, July 27). Retrieved from trendmicro: https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/infosec-guide-defending-against-man-in-the-middle-attacks
  • Man-in-the-Middle (MITM) Attacks. (2018, May 1). Retrieved from rapid7: https://www.rapid7.com/fundamentals/man-in-the-middle-attacks/
  • Man-in-the-middle attack. (2018, May 1). Retrieved from wikipedia: https://tr.wikipedia.org/wiki/Man-in-the-middle_attack
  • Ramadhan, F. B. (2018, January 25). Kali Linux: Social Engineering Toolkit. Retrieved from linuxhint: https://linuxhint.com/kali-linux-set/
  • Rangwala, S. (2015, May 10). Fake Website with DNS Spoofing in Kali Linux. Retrieved from linux-hacking-guide.blogspot: http://linux-hacking-guide.blogspot.com/2015/05/fake-website-with-dns-spoofing-in-kali.html
  • Rouse, M., & Cobb, M. (2015, December 8). Man-in-the-middle attack (MitM). Retrieved from internetofthingsagenda.techtarget: https://internetofthingsagenda.techtarget.com/definition/man-in-the-middle-attack-MitM
  • Sultana, N., Chilamkurti, N., Peng, W., & Alhadad, R. (2018, January 18). Survey on SDN based network intrusion detection system using machine learning approaches. Peer-to-Peer Networking and Applications.
  • Tanmay. (2013, April 12). How to defend yourself against MITM or Man-in-the-middle attack. Retrieved from thewindowsclub: http://www.thewindowsclub.com/man-in-the-middle-attack
  • Tekdoğan, R., & Efe, A. (2018). Prevention Techniques for SSL Hacking Threats to E-Government Services. Ankara: International Journal of Information Security Sciences.
  • Toward More Resilient Cyber Infrastructure: A Practical Approach. (2016). In B. Tanceska, M. Bogdanoski, & A. Risteski, Handbook of Research on Civil Society and National Security in the Era of Cyber Warfare (pp. 305-351). IGI Global.
  • Yeahhub Corporation. (2017, August 15). Sniff HTTPS/FTP Packets Using SSLSTRIP And DSNIFF – ARP Spoofing MITM Attack. Retrieved from yeahhub: https://www.yeahhub.com/sniff-https-ftp-packets-using-sslstrip-dsniff-arp-spoofing-mitm-attack/
Toplam 13 adet kaynakça vardır.

Ayrıntılar

Birincil Dil İngilizce
Konular Bilgisayar Yazılımı
Bölüm PAPERS
Yazarlar

Ahmet Efe

Gizem Kalkancı Bu kişi benim

Mehmet Donk Bu kişi benim

Serhat Cihangir Bu kişi benim

Ziya Uysal Bu kişi benim

Yayımlanma Tarihi 1 Aralık 2019
Gönderilme Tarihi 31 Ekim 2018
Kabul Tarihi 19 Aralık 2018
Yayımlandığı Sayı Yıl 2019 Cilt: 4 Sayı: 2

Kaynak Göster

APA Efe, A., Kalkancı, G., Donk, M., Cihangir, S., vd. (2019). A Hidden Hazard: Man-In-The-Middle Attack in Networks. Computer Science, 4(2), 96-116.

The Creative Commons Attribution 4.0 International License 88x31.png  is applied to all research papers published by JCS and

a Digital Object Identifier (DOI)     Logo_TM.png  is assigned for each published paper.