Scribd
Upload
33 views6 pages

Unveiling Vulnerabilities of Web Attacks Considering Man in the Middle Attack and Session Hijacking

2024 IEEE Transaction on All domains For More Details::Contact::K.Manjunath - 09535866270 http://www.tmksinfotech.com and http://www.bemtechprojects.com 2024 and 2025 IEEE Projects@ TMKS Infotech,Bangalore

Uploaded by

Manju Nath
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
33 views6 pages

Unveiling Vulnerabilities of Web Attacks Considering Man in the Middle Attack and Session Hijacking

2024 IEEE Transaction on All domains For More Details::Contact::K.Manjunath - 09535866270 http://www.tmksinfotech.com and http://www.bemtechprojects.com 2024 and 2025 IEEE Projects@ TMKS Infotech,Bangalore

Uploaded by

Manju Nath
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 6

Unveiling Vulnerabilities of Web Attacks

Considering Man in the Middle Attack and Session


Hijacking

ABSTRACT

The current era extensively utilizes the Internet, which uses data. Due to the apparent
open access Internet service, this data is highly vulnerable to attacks. Data privacy is
affected by Web-based attacks. This Systematic Literature Review (SLR) focuses on
two Web-based attacks: Man-In-The-Middle and session hijacking. It reviews about
30 studies from the years 2016-2023 that have been selected utilizing a proper study
selection procedure. This SLR comprises three research questions. The first describes
the overall trends in Man-In-The-Middle attacks and session hijacking studies. It
shows that 7 articles were published in 2018, and the trend is decreasing to 4 articles
by 2021. Moreover, 73% articles are published in conference venues, and India is the
top contributor in this domain. Lastly, this question elaborated that IEEE is the top
contributor as a publisher. The second addresses the sorts of attacks used by Man-In-
The- Middle attacks and session hijacking on Transmission Control Protocol /
Internet Protocol (TCP/IP). This demonstrates that Man-In-The-Middle attacks
invade all layers and session hijacking attacks on only two, that is, the application
and network layer. The third research question discusses the solutions provided by
different studies to deal with Man-In-The-Middle attacks and session hijacking. In
conclusion, this analysis highlights the need for stronger cyber security measures
against Man-in-the-Middle and session hijacking assaults in the Internet era by
revealing evolving trends, contributors, and solutions in data privacy.
EXISTING SYSTEM

There are a lot of different surveys conducted in the field of MITM and session
hijacking independently, such as a survey on the prevention of session hijacking [2]
on Secure Socket Layer / Transport Layer Protocol (SSL/TLP). Its scope is limited to
SSL/TLP. Furthermore, another survey discusses the state-of-the-art methodology of
session hijacking [10]. This only discusses session hijacking in banking systems. A
survey related to MITM attacks [11] shows the classification of attacks and the
countermeasures to deal with the attacker. Another review article is performed on
MITM in wireless and computing networks [17]. It categorizes the MITM attacks
and shows possible prevention methods.

Another survey [18] is related to Web accessibility and people with disabilities but
does not deal with the issue of security. This paper [19] does not explicitly focus on
matters like MITM attacks or session hijacking. Furthermore, another article deals
withWeb accessibility but does not deal with the security issues of session hijacking
and MITM. By analyzing [2], [10], [11], [17], [18], [19], it is extracted that no study
focuses on both session hijacking and MITM at a single platform. Table 1 shows the
research gap, which identifies a need for SLR that focuses on MITM and Session
Hijacking (MITM-SH). This SLR aims to work on a comparison and analysis of SH
and MITM collectively.
Disadvantages
1) In TCP hijacking, the attacker formulates an environment where the
communicating users cannot communicate or share data. The attacker here duplicates
the data coming from both ends and thus captures the whole network session [40].
2) The IP spoofing takes the mask of an original user by masking its IP address and
communicating over a network, therefore trying to gain access in an
unauthorized manner [24], [26], [31], [34], [35], [46].
3) In a packet sniffer, the attacker uses an interface among the users to look at the
interchanging data [47].
4) In UDP hijacking, the attacker replies to the UDP request as a legitimate user
before the server responds [48].

Proposed System

The proposed system comprises three research questions that will help identify year-
wise distribution, country-wise contribution, publication type, article publishers, the
ratio of attacks, and the proposed solution for MITM and session hijacking.We
compared Man-In-the-Middle (MITM) and Session Hijacking (SH), Web
Accessibility, and SH-MITM variables/parameters from several research studies to
manipulate data for our experiment. This quantitative study is carried out
methodically using pertinent MITM and session hijacking web assaults. Secondly,
we collected information from conference papers and publications. IEEE, ACM, and
Science Direct are the primary sources of data. Thirdly, we analyzed the primary
vulnerabilities identified in this research, which include phony server links, HTTPS
application layers, unauthorized user access, and unexplored upgraded technologies.

Advantages

• The proposed system into incorporating behavioral analytics into cybersecurity


measures is quite promising. Real-time anomalies suggest compromised sessions or
unauthorized access can be identified by examining user behavior patterns. To
provide an adaptable layer of defense against potential risks related to Man-in-the-
Middle assaults and Session Hijacking, research efforts focus on improving and
tailoring behavioral analytics models.

SYSTEM REQUIREMENTS

➢ H/W System Configuration:-

➢ Processor - Pentium –IV


➢ RAM - 4 GB (min)
➢ Hard Disk - 20 GB
➢ Key Board - Standard Windows Keyboard
➢ Mouse - Two or Three Button Mouse
➢ Monitor - SVGA

Software Requirements:
 Operating System - Windows XP
 Coding Language - Java/J2EE(JSP,Servlet)
 Front End - J2EE
 Back End - MySQL

You might also like