Networks have become an integral part of today’s world. The ease of deployment, low-cost and high data rates have contributed significantly to their popularity. There are many protocols that are tailored to ease the process of establishing these networks. Nevertheless, security-wise precautions were not taken in some of them. In this paper, we expose some of the vulnerability that exists in a c...

The issue of certificate masquerading against the SSL protocol is pointed out in [4]. In [4], various forms of server certificate masquerading are identified. It should also be noted that the attack described is a man-in-themiddle (MITM) attack that requires direct manipulation of the SSL protocol. This paper is a mirror of [4] and involves client certificate masquerading. The motivation for th...

Abstract Man-in-the-Middle (MitM), one of the best known attacks in world computer security, is among greatest concerns for professionals field. Main goal MitM to compromise confidentiality, integrity and availability data flowing between source destination. However, most its many variants involve difficulties that make it not always possible. The present paper aims at modelling describing a ne...

Authentication protocols, run between a so-called prover and a so-called verifier, enable the verifier to decide whether a prover is legitimate or not. Such protocols enable access control, and are used in e.g. logistics, public transport, or personal identification. An authentication protocol is considered secure if an adversary cannot impersonate a legitimate prover. Such an adversary may eav...

The emerging size and complexity of computer networks and also various services provided by them makes the networks vulnerable to numerous attacks. Although in the last few years a more logical approach to TCP/IP network security problem has been followed, a complete and sound formal approach to this problem is lacking. In this paper, we propose using Description Logics as a formal model to ana...

One of the most common attacks is man-in-the-middle (MitM) which, due to its complex behaviour, difficult detect by traditional cyber-attack detection systems. MitM on internet things systems take advantage special features protocols and cause system disruptions, making them invisible legitimate elements. In this work, an intrusion (IDS), where intelligent models can be deployed, approach type ...

Although the Internet protocol (IP) has become widely successful, it has led to many security issues. Many of these security issues are related to illegal host access. An address resolution protocol (ARP) spoofing attack is another security issue related to an illegal host access. This paper deals with the prevention of these ARP spoofing attacks. ARP provides dynamic mapping between two differ...

Trusted Network Connect (TNC) requires both user authentication and integrity validation of an endpoint before it connects to the internet or accesses some web service. However, as the user authentication and integrity validation are usually done via independent protocols, TNC is vulnerable to the Man-in-the-Middle (MitM) attack. This paper analyzes TNC which uses keys with Subject Key Attestat...

The large distributed electric power system is a hierarchical network involving the transportation of power from the sources of power generation via an intermediate densely connected transmission network to a large distribution network of end-users at the lowest level of the hierarchy. At each level of the hierarchy (generation/ transmission/ distribution), the system is managed and monitored w...