Persistent MobileApp-in-the-Middle (MAitM) attack-Reference-Cited by-同舟云学术

Persistent MobileApp-in-the-Middle (MAitM) attack

Published:2023-06-30 Issue: Volume: Page:
ISSN:2263-8733
Container-title:Journal of Computer Virology and Hacking Techniques
language:en
Short-container-title:J Comput Virol Hack Tech

Author:

Catalano Christian^ORCID,Tommasi Franco

Abstract

AbstractThe recent publication of the “Browser in the Middle” attack has demonstrated an effective way to compromise a good number of variants of Multifactor Authentication and to control the information flow between the victim an the accessed service. That attack was mainly aimed at the victim use of a desktop browser to access a service. The present paper shows how that attack may be extended to involve the mobile environment and how, thanks to that enhancement, the attack may also gain the persistence attribute. The new attack is named MobileApp-in-the-Middle (MAitM). Again, as in BitM, no installation of malware on the victim’s platform is needed with MAitM.

Funder

Università del Salento

Publisher

Springer Science and Business Media LLC

Subject

Computational Theory and Mathematics,Hardware and Architecture,Software,Computer Science (miscellaneous)

Link

https://link.springer.com/content/pdf/10.1007/s11416-023-00484-z.pdf

Reference46 articles.

1. Tommasi, F., Catalano, C., Taurino, I.: Browser-in-the-middle (BiTM) attack. Int. J. Inf. Secur. 21(2), 179–189 (2022)

2. Sjouwerman, S.: Anti-MFA Phishing Attacks Are Here to Stay – Businesses Need to Prepare. SC Magazine (2022)

3. Abrams, L.: Devious Phishing Method Bypasses MFA Using Remote Access Software. Bleeping Computer (2022)

4. di Corinto, A.: Tre ricercatori italiani hanno scoperto come neutralizzare l’autenticazione a due fattori. la Repubblica (2022)

5. Pirrone, G.: L’autenticazione a due fattori può essere violata? Wired (2022)

Cited by 1 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Artificial Intelligence for Automotive Security: How to Support Developers in Automotive Solutions;2023 IEEE International Conference on Metrology for eXtended Reality, Artificial Intelligence and Neural Engineering (MetroXRAINE);2023-10-25