Filters: Keyword is MITM Attack  [Clear All Filters]
Khatod, V., Manolova, A..  2020.  Effects of Man in the Middle (MITM) Attack on Bit Error Rate of Bluetooth System. 2020 Joint International Conference on Digital Arts, Media and Technology with ECTI Northern Section Conference on Electrical, Electronics, Computer and Telecommunications Engineering (ECTI DAMT NCON). :153—157.
The ad-hoc network formed by Bluetooth works on radio frequency links. The security aspect of Bluetooth has to be handled more carefully. The radio frequency waves have a characteristic that the waves can pierce the obstructions in the communication path, get rid of the requirement of line of sight between the communicating devices. We propose a software model of man-in-the-middle attack along with unauthorized and authorized transmitter and receiver. Advanced White Gaussian Noise channel is simulated in the designed architecture. The transmitter uses Gaussian Frequency Shift Keying (GFSK) modulation like in Bluetooth. The receiver uses GFSK demodulation. In order to validate the performance of the designed system, bit error rate (BER) measurements are taken with respect to different time intervals. We found that BER drops roughly 18% if hopping duration of 150 seconds is chosen. We propose that a Bluetooth system with hopping rate of 0.006 Hz is used instead of 10Hz.
Khan, M., Rehman, O., Rahman, I. M. H., Ali, S..  2020.  Lightweight Testbed for Cybersecurity Experiments in SCADA-based Systems. 2020 International Conference on Computing and Information Technology (ICCIT-1441). :1—5.

A rapid rise in cyber-attacks on Cyber Physical Systems (CPS) has been observed in the last decade. It becomes even more concerning that several of these attacks were on critical infrastructures that indeed succeeded and resulted into significant physical and financial damages. Experimental testbeds capable of providing flexible, scalable and interoperable platform for executing various cybersecurity experiments is highly in need by all stakeholders. A container-based SCADA testbed is presented in this work as a potential platform for executing cybersecurity experiments. Through this testbed, a network traffic containing ARP spoofing is generated that represents a Man in the middle (MITM) attack. While doing so, scanning of different systems within the network is performed which represents a reconnaissance attack. The network traffic generated by both ARP spoofing and network scanning are captured and further used for preparing a dataset. The dataset is utilized for training a network classification model through a machine learning algorithm. Performance of the trained model is evaluated through a series of tests where promising results are obtained.

Taher, Bahaa Hussein, Wei, Lu Hong, Yassin, Ali A..  2018.  Flexible and Efficient Authentication of IoT Cloud Scheme Using Crypto Hash Function. Proceedings of the 2018 2Nd International Conference on Computer Science and Artificial Intelligence. :487–494.
The Internet of Things and cloud computing (IoT Cloud) have a wide resonance in the Internet and modern communication technology, which allows laptops, phones, sensors, embedded devices, and other things to connect and exchange information via the Internet. Therefore, IoT Cloud offers several facilities, such as resources, storage, sharing, exchange, and communication. However, IoT Cloud suffers from security problems, which are a vital issue in the information technology world. All embedded devices in IoT Cloud need to be supported by strong authentication and preservation of privacy data during information exchange via the IoT Cloud environment. Malicious attacks (such as replay, man-in-the-middle [MITM], and impersonation attacks) play the negative role of obtaining important information of devices. In this study, we propose a good scheme that overcomes the mentioned issues by resisting well-known attacks, such as MITM, insider, offline password guessing, dictionary, replay, and eavesdropping. Our work achieves device anonymity, forward secrecy, confidentiality, and mutual authentication. Security and performance analyses show that our proposed scheme is more efficient, flexible, and secure with respect to several known attacks compared with related schemes.
Gupta, D. S., Biswas, G. P., Nandan, R..  2018.  Security weakness of a lattice-based key exchange protocol. 2018 4th International Conference on Recent Advances in Information Technology (RAIT). :1–5.

A key exchange protocol is an important primitive in the field of information and network security and is used to exchange a common secret key among various parties. A number of key exchange protocols exist in the literature and most of them are based on the Diffie-Hellman (DH) problem. But, these DH type protocols cannot resist to the modern computing technologies like quantum computing, grid computing etc. Therefore, a more powerful non-DH type key exchange protocol is required which could resist the quantum and exponential attacks. In the year 2013, Lei and Liao, thus proposed a lattice-based key exchange protocol. Their protocol was related to the NTRU-ENCRYPT and NTRU-SIGN and so, was referred as NTRU-KE. In this paper, we identify that NTRU-KE lacks the authentication mechanism and suffers from the man-in-the-middle (MITM) attack. This attack may lead to the forging the authenticated users and exchanging the wrong key.