A novel algorithm to prevent man in the middle attack in LAN environment

Secure web sites usually use HTTPS connection to secure transactions such as money transactions, online payment, and e-commerce. The use of HTTPS gives a sense of protection against attacks such as man in the middle (MITM) attack. This paper analyzes HTTPS connections against MITM by simulating real...

Full description

Bibliographic Details
Main Authors: Ahmed , Mohiuddin, Hazza, Muataz
Format: Conference or Workshop Item
Language:English
Published: 2010
Subjects:
Online Access:http://irep.iium.edu.my/13337/
http://irep.iium.edu.my/13337/1/A_Novel_Algorithm_to_Prevent_Man.pdf
Description
Summary:Secure web sites usually use HTTPS connection to secure transactions such as money transactions, online payment, and e-commerce. The use of HTTPS gives a sense of protection against attacks such as man in the middle (MITM) attack. This paper analyzes HTTPS connections against MITM by simulating real MITM attacks on different HTTPS connections such as Gmail, Yahoo Mail and Bank accounts. It was found that with the use of right tools, HTTPS connections can be broken and passwords can be sniffed and viewed in plain text. To prevent MITM against HTTPS in LAN environment a novel algorithm (DepMAC-IP) is proposed and discussed in detail. DepMAC-IP is expected to secure LAN environment not only against MITM but also against other similar attacks.