Keywords
Man-in-the-Middle (MITM)
Network Security
Security
Penetration testing
Abstract
Man-in-the-middle attacks are commonly used by penetration testers and malicious hackers to intercept, monitor and manipulate network traffic. MITM attacks may take place at the first four networking layers and are often used in exploit-chains to spread laterally within a target network. In this paper, we describe the various types of MITM attacks and how they can be used to deliver effective client-side exploits. Various challenges commonly encountered are discussed followed by a novel approach that significantly lowers risks while simultaneously enriching the learning experience for students. We discuss the introduction of this approach into the classroom environment and student feedback. We conclude with a discussion of future development objectives and a summary of our key findings.
Open Access License Notice:
This article is © its author(s) and licensed under the Creative Commons Attribution 4.0 International License (CC BY 4.0), regardless of any copyright or pricing statements appearing in the PDF. The PDF reflects formatting used for the print edition and not the current open access licensing policy.