Please use this identifier to cite or link to this item:
Title: Evil twin and man-in-the-middle attack II
Authors: Loh, Jing Lun.
Keywords: DRNTU::Engineering::Computer science and engineering::Computer systems organization::Computer-communication networks
Issue Date: 2013
Abstract: Man-in-the-middle attacks are not a new concept. However, they were not viewed as a serious threat until recent years where sophisticated versions of such attacks sent the financial industry into a flurry, introducing new initiatives such as new bank tokens to counter the onslaught of such attacks. This project aims to design and execute proof of concept Man-in-the-middle attacks using free ware available over the Internet to showcase inherent vulnerabilities in WI-FI networks that can be exploited. Through these experiments, it can be shown that careless users and users that are less aware of security issues of the Internet can be compromised through such exploits. In this project, a Man-in-the-middle machine is set up in between a legitimate access point and victim devices and the communication streams between them were monitored and analysed for sensitive information like passwords and login information. Contrary to popular belief that HTTPS communications are secure, part one of this project focuses on proving that HTTPS connections can be compromised, by targeting the transition from HTTP to HTTPS. Part two of the project showcases the possibility of a driveby attack through the use of a phishing website in a Man-in-the-middle setup, whereby an illegal download is loaded onto a victim machine without consent. The outcomes of the experiments show that Man-in-the-middle attacks are still relevant and can be easily propagated in today’s society. It also gives a brief glimpse into modern web browsers’ defense mechanism, especially on mobile devices, where security features are small and easily forgotten by careless users. Even though Man-in-the-middle attacks are devastating, a silver lining remains. It is possible to mitigate the dire consequences these threats cause through educating the public to be more aware of web security.
Rights: Nanyang Technological University
Fulltext Permission: restricted
Fulltext Availability: With Fulltext
Appears in Collections:SCSE Student Reports (FYP/IA/PA/PI)

Files in This Item:
File Description SizeFormat 
  Restricted Access
FYP Report20.44 MBAdobe PDFView/Open

Page view(s) 50

checked on Oct 26, 2020

Download(s) 50

checked on Oct 26, 2020

Google ScholarTM


Items in DR-NTU are protected by copyright, with all rights reserved, unless otherwise indicated.