A novel algorithm to prevent man in the middle attack in LAN environment
Secure web sites usually use HTTPS connection to secure transactions such as money transactions, online payment, and e-commerce. The use of HTTPS gives a sense of protection against attacks such as man in the middle (MITM) attack. This paper analyzes HTTPS connections against MITM by simulating real...
Main Authors: | , |
---|---|
Format: | Conference or Workshop Item |
Language: | English |
Published: |
2010
|
Subjects: | |
Online Access: | http://irep.iium.edu.my/13337/ http://irep.iium.edu.my/13337/1/A_Novel_Algorithm_to_Prevent_Man.pdf |
Summary: | Secure web sites usually use HTTPS connection to secure transactions such as money transactions, online payment, and e-commerce. The use of HTTPS gives a sense of protection against attacks such as man in the middle (MITM) attack. This paper analyzes HTTPS connections against MITM by simulating real MITM attacks on different HTTPS connections such as Gmail, Yahoo Mail and Bank accounts. It was found that with the use of right tools, HTTPS connections can be broken and passwords can be sniffed and viewed in plain text. To prevent MITM against HTTPS in LAN environment a novel algorithm (DepMAC-IP) is proposed and discussed in detail. DepMAC-IP is expected to secure LAN environment not only against MITM but also against other similar attacks.
|
---|