文件名称:Active Man in the Middle Atacks
文件大小:293KB
文件格式:PDF
更新时间:2012-03-24 06:41:10
Atacks Security IBM
With an Active MitM attack targeting Web Applications, an attacker can steal users' private data for any site he chooses if his victim uses a public network to read the latest news headlines or weather report on an 'uninteresting' site. In addition, the attack could also be made persistent, even after the victim has left the MitM influence. These attacks are a product of a serious design flaw and not an implementation error or bug. Although MitM attacks against Web Applications have been partially discussed before with similar issues such as "SideJacking" and "Surf Jacking", a comprehensive full research has yet to have been performed. The presentation attached gives an overview of the subject while the paper gives thorough in-depth description of this dangerous category of attacks and proposed remedies.