To see the other types of publications on this topic, follow the link: MITM sniffing.
Journal articles on the topic 'MITM sniffing'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 15 journal articles for your research on the topic 'MITM sniffing.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
Ajharie, Mohamad Arie, and Mulia Sulistiyono. "IMPLEMENTASI FRAMEWORK MITM (MAN IN THE MIDDLE ATTACK) UNTUK MEMANTAU AKTIFITAS PENGGUNA DALAM SATU JARINGAN." Jurnal Infomedia 7, no. 1 (2022): 45. http://dx.doi.org/10.30811/jim.v7i1.2966.
Full textAbstract:
Kemajuan teknologi informasi yang semakin kencang harus diimbangi dengan kemampuan untuk melakukan pengamanan terhadap informasi. Berbagai masalah penyerangan jaringan yang bertujuan merugikan pengguna perlu kita pahami bagaimana konsep penyerangan tersebut. Serangan MITM (Man In The Middle) membelokan traffic paket data melewati perangkat penyerang. Perangkat penyerang mengaku sebagai router ketika berkomunikasi dengan client dan mengaku client ketika berkomunikasi dengan router. Tools MITMF mampu menjalankan program sslstrip dimana website yang menggunakan teknologi SSL (HTTPS) akan dipaksa menjadi HTTP. Penyerang harus berada dalam satu jaringan dan pada saat tools MITMF diaktifkan secara otomatis akan melakukan serangan sekaligus melakukan paket sniffing dan menampilkan secara langsung pada terminal. Website yang tidak menggunakan teknologi SSL akan menampilkan informasi tanpa enkripsi. Dalam penelitian ini akan dibahas tentang bagaimana serangan MITM bekerja terutama dari sisi klien dan menggunakan metode sniffing serta akan memberikan hasil berupa data proses MITM yang akurat dan dapat dibuktikan menggunakan framework MITM. Hasil pengujian menunjukan website yang dapat di bypass username dan passwordnya adalah website dengan protokol keamanan HTTP. Sedangkan terhadap protokol keamanan HTTPS tidak mampu untuk mendeteksi aktivitas browser. Akses terhadap website dengan protokol keamanan HTTPS bisa dialihkan ke protokol keamanan HTTP.
2
Chliah, Mouhcine, Ghizlane Orhanou, and Said El Hajji. "Countering MitM Attacks Using Evolved PathFinder Algorithm." International Journal of Cloud Applications and Computing 7, no. 2 (2017): 41–61. http://dx.doi.org/10.4018/ijcac.2017040104.
Full textAbstract:
In this paper, we focus on attacks based on sniffing like MitM, and how to counter them from the network layer perspective. We've already developed an algorithm called pathfinder that allows us to forward segments from same packets via different paths. Doing so, we'll ensure that an attacker will not be able to get hands on the entire message being transmitted. So, in this paper, we'll start by recalling the first version of pathfinder algorithm, followed by an introduction to the newest release that allows us to handle hundreds of nodes in the same network, finally we'll put this algorithm under test by simulating a sniffing attack with Wireshark. The simulation proves, in addition to its efficiency to handle a great number of nodes, that this new way of routing will help facing a lot of attacks based on sniffing, and other type of attacks like DoS.
3
B., Prabadevi, and Jeyanthi N. "A Review on Various Sniffing Attacks and its Mitigation Techniques." Indonesian Journal of Electrical Engineering and Computer Science 12, no. 3 (2018): 1117–25. https://doi.org/10.11591/ijeecs.v12.i3.pp1117-1125.
Full textAbstract:
Security in the era of digital computing plays a vital role. Of various attacks in the field of computing, Distributed Denial of service (DDoS) attacks, Man-in-the-Middle Attack (MITM) and data theft have their major impact on the emerging applications. The sniffing attacks, one of the most prominent reasons for DDoS attacks, are the major security threats in the client-server computing. The content or packet sniffer snorts the most sensitive information from the network and alters or disturbs the legitimate functionality of the victim system. Therefore it is extremely important to have a greater knowledge on these vulnerabilities, their issues, and various mitigation techniques. This study analyses the existing sniffing attacks, variations of sniffing attacks and prevention or detection mechanisms. The reasons for most vital Ransomware are also discussed.
4
Abdinurova, N., D. Akmyrza, and A. Mirash. "MITM. WHAT IS IT, HOW TO PROTECT YOURSELF ANDIMPLEMENTATION FOR INSTRUCTIONAL USE." Suleyman Demirel University Bulletin Natural and Technical Sciences 56, no. 3 (2021): 28–35. https://doi.org/10.47344/sdubnts.v56i3.612.
Full textAbstract:
This is an attack in which a cybercriminal intercepts data while it is being transmitted. Man-in-the-Middle attacks are a common type of cybersecurity attack that allows attackers to eavesdrop on communications between two targets. This article discusses how people can protect themselves, what they need to know, and how an attacker performs a MITM attack using the open-source tools bettercap and net-creds in kali Linux. Buttercup is a network attack and monitoring program that can perform ARP spoofing and sniffing. Netcreds is a sniffing tool available by cloning on Github. This article attempts to implement this attack for instructional use.
5
Arianto, Ilham Gumeraruloh, Wina Witanti, and Herdi Ashaury. "Sistem Keamanan Otentikasi Pengguna Pada Modul Single Sign On Menggunakan OAuth 2.0 dan One Time Password." Jurnal Ilmu Komputer dan Teknologi 6, no. 1 (2025): 25–31. https://doi.org/10.35960/ikomti.v6i1.1768.
Full textAbstract:
Keamanan informasi menjadi prioritas utama dalam melindungi data sensitif pada sistem yang menangani transfer data. Penelitian ini mengembangkan sistem Technical Support Assistance (TSA) dengan keamanan yang ditingkatkan melalui kombinasi modul Single Sign-On (SSO) berbasis Open Authentication (OAuth 2.0) dan metode One-Time Password (OTP) berbasis waktu. Pendekatan ini menciptakan autentikasi dua faktor (2FA) yang efektif dalam menghadapi risiko serangan seperti sniffing, brute force attacks, dan man-in-the-middle (MITM). Hasil pengujian menunjukkan bahwa tanpa OTP, tingkat keberhasilan serangan adalah 63% untuk brute force, 50% untuk sniffing, dan 65% untuk MITM. Setelah penerapan Oauth 2.0 dan OTP, angka ini turun signifikan menjadi masing-masing 25%, 5%, dan 10%, membuktikan bahwa kombinasi OAuth 2.0 dan OTP meningkatkan perlindungan sistem secara signifikan. Dibandingkan metode autentikasi terdahulu, TSA menawarkan keunggulan berupa keamanan berbasis token dinamis, pengurangan risiko serangan secara drastis, integrasi yang lebih mudah dengan layanan lain, serta efisiensi autentikasi yang lebih tinggi. Penelitian ini memberikan solusi inovatif untuk meningkatkan keamanan data sensitif dan relevan bagi organisasi yang memerlukan perlindungan tingkat tinggi dalam sistem mereka.
6
Prabadevi, B., and N. Jeyanthi. "A Review on Various Sniffing Attacks and its Mitigation Techniques." Indonesian Journal of Electrical Engineering and Computer Science 12, no. 3 (2018): 1117. http://dx.doi.org/10.11591/ijeecs.v12.i3.pp1117-1125.
Full textAbstract:
<p>Security in the era of digital computing plays a vital role. Of various attacks in the field of computing, Distributed Denial of service (DDoS) attacks, Man-in-the-Middle Attack (MITM) and data theft have their major impact on the emerging applications. The sniffing attacks, one of the most prominent reasons for DDoS attacks, are the major security threats in the client-server computing. The content or packet sniffer snorts the most sensitive information from the network and alters or disturbs the legitimate functionality of the victim system. Therefore it is extremely important to have a greater knowledge on these vulnerabilities, their issues, and various mitigation techniques. This study analyses the existing sniffing attacks, variations of sniffing attacks and prevention or detection mechanisms. The reasons for most vital Ransomware are also discussed.</p>
7
Shaik, Faqrunnisa, Adil Shaik, Mohammed Arbaaz Shaik, Althaf Ali Shaik, and Arifullah Shaik. "Exploring Web Security Vulnerabilities Considering Man in the Middle and Session Hijacking." International Journal of Computational Learning & Intelligence 4, no. 4 (2025): 580–90. https://doi.org/10.5281/zenodo.15224950.
Full textAbstract:
Cybersecurity threats such as Man-in-the-Middle (MITM) attacks and Session Hijacking (SH) account for over 35% of web-based cyber intrusions, causing financial losses exceeding $6 billion annually. Despite extensive research on these attacks independently, a unified analysis remains underexplored. This study bridges that gap by conducting a Systematic Literature Review (SLR) on over 150 research papers from IEEE, ACM, and ScienceDirect, comparing MITM and SH in terms of attack frequency, methodologies, vulnerabilities, and countermeasures.<strong> </strong>Our findings indicate that MITM attacks constitute 27% of credential theft incidents, exploiting weak HTTPS encryption, phony server links, and packet sniffing. In contrast, Session Hijacking is responsible for 18% of unauthorized access cases, often leveraging TCP/UDP hijacking, cookie theft, and replay attacks. The study also reveals that 70% of successful MITM and SH attacks stem from improper session security configurations. To mitigate these risks, we propose an advanced cybersecurity framework integrating real-time behavioral analytics to detect anomalies with an 85% accuracy rate, significantly reducing unauthorized access attempts. By implementing adaptive security measures and AI-driven intrusion detection, organizations can enhance their defenses against these evolving threats
8
R, Santhakumar, Keerthana R, Madhubala S, and Dr Thamizh Selvam D. "Session Hijacking in Cybersecurity: Threats, Prevention Strategies, and Future Directions." INTERNATIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT 09, no. 06 (2025): 1–8. https://doi.org/10.55041/ijsrem.ncft029.
Full textAbstract:
Session hijacking poses a grim threat to cybersecurity, for the attackers take undue advantage of an active session to access protected user accounts and confidential information without consent. This is a direct attack on the session tokens, usually performed by packet sniffing, XSS, or MITM. Web session protection is vital with the growing trend of digital interactions to avert identification theft, financial scamming, and data breaches. This paper helps analyse methods of session hijacking, methods of prevention, and the building of better security practices such as encryption, token validation, and AI-based detection methods to plug security loopholes against session hijacking attacks. An extensive exposition of security strategies and future research routes is directed at intensifying cybersecurity resilience against session hijacking threats. Keywords: Session Hijacking, Cybersecurity, Web Security, Session Tokens, MITM Attack, Encryption, Token Validation, AI-based Detection.
9
Rahman Ismansyah Putra, Muhammad Arief, and Agus Prihanto. "Analisis Keamanan Data Pada Aplikasi Android Menggunakan HTTP Canary (Studi Kasus : Siakadu UNESA Mobile)." Journal of Informatics and Computer Science (JINACS) 3, no. 03 (2022): 308–14. http://dx.doi.org/10.26740/jinacs.v3n03.p308-314.
Full textAbstract:
Abstrak— Saat ini, Teknologi berkembang pesat dan kita harus beradaptasi dengan cepat, salah satu teknologi tersebut adalah Internet, manusia dapat mencari informasi apapun dengan mudah, transaksi jual beli, dan sebagainya menggunakan website. Unesa sebagai Lembaga Pendidikan juga menggunakan website sebagai sumber informasi, untuk lebih memudahkan pengguna, Unesa mempunyai Siakad Unesa versi mobile, dalam Siakad Unesa versi mobile Mahasiswa bisa mendapatkan informasi seperti absensi, jadwal kuliah, lokasi kelas, nama Dosen, hasil nilai studi, riwayat pembayaran spp, profile Mahasiswa, dan lain sebagainya. Pada aplikasi yang menggunakan REST API tentunya membutuhkan koneksi internet untuk mengirim dan mendapatkan informasi dari server. Aplikasi yang tidak menerapkan standar keamanan akan dengan mudahnya dimodifikasi atau diretas oleh pihak yang tidak bertanggung jawab. Dalam penelitian ini penulis menganalisis keamanan API pada aplikasi dengan menggunakan MitM untuk sniffing dan REST CLIENT untuk uji coba REST API serta saran untuk menghindari hal seperti yang telah disebutkan terjadi. Http Canary sebagai MitM dapat merekam seluruh traffic antara client dengan server, Postman sebagai REST CLIENT digunakan untuk uji coba REST API. Dari hasil pengujian yang telah dilakukan oleh penulis, aplikasi Siakad Unesa versi Mobile dinilai kurang aman, yakni hanya dengan menggunakan HTTP Canary sebagai MitM, MitM dapat merekam seluruh aktifitas aplikasi walaupun ber-SSL, dan server tidak memerlukan autentikasi pengguna dari aplikasi saat melakukan request API, selain itu tidak adanya pembatasan untuk melakukan request API sehingga seseorang dapat melakukan request berulang tanpa hambatan serta tidak adanya proses validasi NIM pengguna yang sedang login dengan yang diminta ke server sehingga Mahasiswa dapat meminta informasi tentang Mahasiswa lain.
10
Robayet, Nasim. "SECURITY THREATS ANALYSIS IN BLUETOOTH ENABLED MOBILE DEVICES." International Journal of Network Security & Its Applications (IJNSA) 4, no. 3 (2012): 41 to 56. https://doi.org/10.5281/zenodo.3360100.
Full textAbstract:
Exponential growth of the volume of Bluetooth-enabled devices indicates that it has become a popular way of wireless interconnections for exchanging information. The main goal of this paper is to analyze the most critical Bluetooth attacks in real scenarios. In order to find out the major vulnerabilities in modern Bluetooth-enabled mobile devices several attacks have performed successfully such asSurveillance, Obfuscation, Sniffing, Unauthorized Direct Data Access (UDDA) and Man-in-the-Middle Attack (MITM). To perform the testbed, several devices are used such as mobile phones, laptops, notebooks, wireless headsets, etc. and all the tests are carried out by pen-testing software like hcittml, braudit, spoafiooph, hridump, bluesnarfer, bluebugger and carwhisperer.
11
Purnamasari, Dian Neipa, Amang Sudarsono, and Prima Kristalina. "Modifikasi Identity-based Encryption pada Keamanan dan Kerahasiaan Data Rekam Medis." INOVTEK POLBENG 9, no. 2 (2019): 196. http://dx.doi.org/10.35314/ip.v9i2.1005.
Full textAbstract:
Keamanan pada data rekam medis menjadi hal yang penting selain mengingat pentingnya isi dari rekam medis tersebut, keamanan pada data rekam medis telah diatur oleh kemeterian di Indonesia. Perkembangan teknologi membawa pengaruh pada penyimpanan data rekam medis, salah satunya perubahan data rekam medis dari konvensional menjadi elektronik. Namun, perkembangan teknologi ini juga memiliki dampak buruk yaitu munculnya oknum-oknum yang menjalankan kegiatan ilegal untuk mendapatkan keuntungan pribadi atau kelompok. Salah satunya adalah mencuri data rekam medis untuk memeras pasien, bahkan melakukan perubahan pada data rekam medis yang berdampak fatal pada kesehatan pasien. Pada penelitian ini diusulkan metode keamanan data rekam medis menggunakan modifikasi skema Identity-based Encryption (IBE) dan algoritma AES atau dapat disebut dengan mIBE-AES. Keunikan dari metode yang diusulkan adalah nilai awal yang telah ditentukan dari tiap byte pada identitas pengguna sehingga dapat menekan waktu komputasi pada proses pembangkitan kunci. Metode yang diusulkan akan dibandingkan dengan metode keamanan yang hanya menggunakan algoritma AES. Evaluasi performa yang telah dilakukan adalah pengujian kinerja dan tingkat keamanan pada penyerangan Man in The Middle (MITM). Didapatkan hasil bahwa metode mIBE-AES lebih unggul dengan total waktu komputasi 0,799 detik serta mampu menangani penyerangan MITM dengan skenario sniffing dan chosen-plaintext.
12
Muhammad fauzi pulungan. "Penerapan Dns Over Https Dan Arp Spoofing Dalam Upaya Meningkatkan Keamanan Jaringan Di Lingkungan Cafe." JOURNAL ZETROEM 7, no. 1 (2025): 27–31. https://doi.org/10.36526/ztr.v7i1.4414.
Full textAbstract:
Penelitian ini bertujuan untuk meningkatkan keamanan jaringan komputer di lingkungan kafe dengan menerapkan metode DNS over HTTPS (DoH) dan mengatasi masalah ARP Spoofing, mengingat risiko seperti pencurian data dan gangguan yang dapat merugikan pengguna tanpa sepengetahuan mereka. Jaringan internet publik, termasuk yang ada di lingkungan kafe, sering kali menjadi target serangan yang mengancam integritas data, seperti ARP Spoofing yang memanipulasi tabel ARP untuk merusak komunikasi jaringan. Penelitian ini berfokus pada penerapan DoH, yang mengenkripsi permintaan DNS untuk melindungi informasi pengguna dari penyadapan dan manipulasi pihak tidak berwenang. Implementasi DoH bertujuan untuk memperkuat keamanan komunikasi DNS dengan mengamankan data yang dikirimkan antara komputer dan server DNS, serta mengurangi kerentanan terhadap serangan man in the middle (MITM) dan spoofing lainnya. Selain itu, penelitian ini juga mengevaluasi dan menawarkan solusi deteksi ARP Spoofing untuk memperkuat perlindungan jaringan dari serangan tersebut. Metode penelitian melibatkan simulasi topologi jaringan di kafe Kome Katamso Medan, menggunakan perangkat keras seperti Laptop Compaq CQ40 dan LAN Card, serta perangkat lunak seperti Ettercap-NG-0.7.3 untuk sniffing paket dan Netstumbler untuk pemantauan wifi. Hasil implementasi DoH menunjukkan peningkatan signifikan dalam keamanan komunikasi antara komputer dan server DNS, serta peningkatan kecepatan akses situs web. Enkripsi yang diterapkan oleh DoH terbukti efektif dalam mengurangi kerentanan terhadap serangan MITM dan spoofing lainnya, serta memastikan bahwa hanya pengguna dan server DNS yang dapat mengakses informasi DNS. Penelitian ini juga menunjukkan bahwa penerapan DoH dan solusi deteksi ARP Spoofing secara signifikan meningkatkan keamanan jaringan di lingkungan kafe, memberikan perlindungan tambahan terhadap serangan yang dapat merusak integritas data.
13
Kamarudin, Nur Khairani, Nur Syafiqa Bismi, Nurul Hidayah Ahmad Zukri, Mohd Faris Mohd Fuzi, and Rashidah Ramle. "Network Security Performance Analysis of Mobile Voice Over Ip Application (mVoIP): Kakao Talk, WhatsApp, Telegram and Facebook Messenger." Journal of Computing Research and Innovation 5, no. 2 (2020): 21–27. http://dx.doi.org/10.24191/jcrinn.v5i2.136.
Full textAbstract:
VoIP application usage has increased from time to time and makes our daily life more convenient. VoIP application has features to make a phone call, send a text message and share the file through the apps for free. However, most of the users did not seem aware of VoIP security features such as authentication ability, password encryption ability, or voice or audio and text communication encryption ability. It is essential to ensure the VoIP used is secure from password decrypter and eavesdrops the user conversation. Thus, the first objective of this research was to study and investigate VoIP application consist of Kakao Talk, Telegram, Facebook Messenger and WhatsApp for both Android and web application. The second objective was to evaluate the four VoIP application identified based on authentication requirement, password encryption, voice or audio encryption communication, and text encryption communication. There were two mobile phones used. One acts as a client and a personal computer act as an attacker. Wireshark and packet capture were run in personal computer and mobile phone to monitoring and scanning the network traffic while both devices connected in the same WLAN. The experiment implements MITM, interception, and sniffing attacks. This research project has identified Facebook Messenger and WhatsApp web application do not provide secure password ability.
14
El-Taj, Dr. Homam, and Lamar Miralam. "Network sniffing and its consequences: a comprehensive survey." July 16, 2024. https://doi.org/10.5281/zenodo.12750104.
Full textAbstract:
With the consistent evolution of technology,organizations are becoming more dependent on networks totransfer a substantial amount of information to perform tasksand achieve objectives. A packet sniffing attack puts theinformation flowing in a network at risk. It is critical tounderstand the several types of sniffing attacks and theirimpacts on a network, and how to detect and mitigate themappropriately. By intercepting network traffic, attackers canextract sensitive information that can be used to launch otherattacks, such as Man-in-the-Middle (MITM) attacks or packetspoofing. These attacks can lead to data leakage, compromisenetwork integrity, and disrupt critical network operations. Toeffectively address these challenges, it is crucial to understandthe various types of sniffing attacks and their specific impactson a network. Furthermore, the development of robustdetection techniques and mitigation strategies is essential tominimize the risk posed by these attacks. This can be achievedthrough measures such as implementing secure communicationprotocols, encrypting sensitive data, and regularly monitoringnetwork traffic for suspicious activities.Keywords— Network sniffing, Network security, Packetsniffing, MITM attacks, packet spoofing, Detection techniques,Mitigation strategies, cybersecurity, data leakage, sniffingimpacts.
15
Hiba, Imad Nasser, and Abdulridha Hussain Mohammed. "Provably curb man-in-the-middle attack-based ARP spoofing in a local network." August 1, 2022. https://doi.org/10.11591/eei.v11i4.3810.
Full textAbstract:
Even today, internet users” data security remains a significant concern. One problem is ARP poisoning, otherwise referred to as ARP spoofing. Such attacks are intended to exploit the identified ARP protocol vulnerability. Despite no straightforward remedy for ARP spoofing being apparent, certain actions may be taken to maintain one”s safety. The most basic and common defence against a poisoning attack is manually adding MAC and IP addresses to the static ARP cache table. However, this solution is ineffective for large networks where static entries require considerable time and effort to maintain, whether by human input or via special tools and settings for the static entries of network devices. Accordingly, this paper aimed to monitor network packet information and detect the behaviour of ARP poison attacks on operating systems, for instance Windows and Linux. The discovery and defence policy systematically and periodically check the MAC addresses in the ARP table, enabling alerts to be issued if a duplicate entry is detected. This enables the poison-IP address to be blocked before a reply is sent. Finally, the results showed that the superiority was successfully achieved in the detection, prevention and reporting mechanisms in the real-world environment.