Figure 19 - uploaded by Doç. Dr. Ahmet Efe
Content may be subject to copyright.
Dns attack with MITM Domain Name System (DNS) is the protocol of web address resolution to ip address. DNS servers used to convert web address such as 'www.facebook.com' into the IP address like '35.13.67.23'. Web address names are very easy to use instead of IP address number. Otherwise, people need to remember every web address ip number. Man in the middle methodology which is mentioned previous part, can be used with dns protocol for spoofing victim connection. Attacker can get in to middle connection between victims computer to web address. Then, victim computer tries to connect web address, attacker can get this request and give the fake web page (clone web page) response to the victim computer with changing DNS record in the connection. DNSSPOOFING method provides the Http connection instead of Https like as MITM for SSLSTRIP attack. So, attacker can see all information flow in clear text format from WIRESHARK program. 192.168.1.2 >> Victim Computer (Windows 7) 192.168.1.1 >> Gateway Address 192.168.1.11 >> Attacker Computer (Kali Linux) Step-1, Attacker need to clone target web page. "SET" tool in Kali provide the cloning website and setting up site on the Apache server in attacker computer. Below picture shows the setting clone web page in the attacker computer. (Ramadhan, 2018)
Source publication
Abtract-The most critical subject in information communication technologies is information security. Information security is defined as the prevention of access, use, modification, disclosure, removal, alteration and damage of information as an entity type without permission or in an unauthorized manner. Threats to information security continue to...
Similar publications
Network Traffic Classification (NTC) is an important field for different network statistics like management, malware detection and other paramount constraints. Artificial Intelligence (AI) including Machine Learning (ML) and Deep Learning (DL), on the other hand, plays a very important field nowadays due to its significant capabilities with an extr...
Citations
... DNS-based SQL Injection Attack (AhmetEfe, 2019) ...
This dissertation presents a plan for strengthening the security environment for online applications used in the healthcare industry. Cyber risk factors are always changing, therefore it is crucial to have cutting-edge defenses in place. This study responds to this desire by putting out the idea of a self-adaptive Web Application Firewall (WAF) strengthened by reinforcement learning and artificial intelligence (AI) methods.
This dissertation illustrates the critical necessity of protecting healthcare online applications from threats like SQL Injection Attacks by a thorough study of current vulnerabilities and security problems. The self-adaptive WAF that is being proposed uses cutting-edge AI and reinforcement learning to dynamically adapt to new attack vectors and learn from them, improving the security of critical healthcare data.
... In the past, several techniques have been utilized to mitigate MiTM attack in the works of [7], [8], [9], [10], [11], [12], [13], [14], [15], [16] and [17] respectively they generated a lot of false negative during testing and were unable to detect Man-in-The-Middle attack and its various kinds. In this paper, we intend to employ Bayesian Belief Networks (BBN) for detecting Man-in-The-Middle attack. ...
... However, decision trees are also prone to errors in classification due to differences in perceptions. In [17], recent works of intrusion detection by attack techniques were reviewed especially types of MITM attacks with demonstration against SSL environment in the network layer. Awareness of MiTM attack was established and presented precautionary measures against this kind of attack. ...
Man-in-The-Middle (MiTM) attack is one of the most intimidating forms of attack on a computing device where an attack occurs without the victim having the slightest knowledge that a breach in security has occurred. These attacks are so smartly planned that they are able to elude detection from most network instruction detection systems and they are capable of penetrating sophisticated defenses. In the past, several systems have been developed to defend against MiTM attack, but they generated a lot of false negative during testing and were unable to detect Man-in-The-Middle attack and its various forms. Hence, In this paper, we proposed and simulated a Bayesian Belief Network model to predict Man-in-The-Middle attack. The model was designed using Bayes Server and tested with data collected from cyber security repository. The model had a 99% prediction accuracy.
A Man-in-the-Middle (MITM) attack is a cyber-attack in which the attacker covertly intercepts and passes messages between two parties who mistakenly think they are communicating directly. However, in reality, the attacker intercepts data transfers between a client and a server by deceiving both parties. While the attack occurs, the data is secretly manipulated by inserting false information. This article explores how to create and use MITM attacks in a liquid-level networked control system. The essential tools to execute the attack include Ettercap and Wireshark software applications. Ettercap is a tool for capturing packets, allowing real-time redirection and modification of data streams by writing the packets back onto the network. Wireshark is a flexible network protocol analyzer used to analyze data packets of the networked control system. After implementing the MITM attack on the cyber-physical system, system data was collected and labeled to detect MITM attacks by leveraging machine learning classification algorithms.
