Cloud Technology is an emerging technology that has improved the performance of many organizations by utilizing minimum resources and maximum outcomes. Cloud provides virtualized services, applications and can store a large amount of data from various locations. As the cloud environment is accessed through Internet, it cannot be trusted blindly. Thus security is considered as major barrier for users to adopt Cloud, where threats are considered as the major reason for the degradation of the quality of services. For effective use of cloud services, individual focus on the cloud threats is required and an approach is needed from the end user side to gain knowledge about various threats pertaining inside a cloud infrastructure. In the cloud deployment process, various network protocols are used to establish the connectivity between the infrastructure, services and clients. As a result, the server-end needs to be enough strong to provide security to network transmission. However, still the invader secretly accesses the transaction and modifies the communication between two parties. This invader gives birth to most common and critical Man-in-the-Middle (MiTM) attack. The aim of the paper is to re-examine ‘Man-in-the-Middle’ attack and its root causes. The focus is to present a broad indication on ‘Man-in-the-Middle’ attack, rising as an imperative security concern in cloud computing. The research study aims to review the previous literature and to emphasis on conclusive findings for future research in the related domain based on the published work and industry/organization reports.

Cloud Computing, Cloud Security, Cloud Threats, Man-in-the-Middle Attack, MiTM

[1]. Vaishali Singh & S. K. Pandey, “Research in Cloud Security: Problems and Prospects”, International Journal of Computer Science Engineering and Information Technology Research (IJCSEITR) Vol. 3, Issue 3, Aug 2013, pp. 305-314.
[2]. Vaishali Singh & S. K. Pandey, “Revisiting Cloud Security Issues and Challenges”, International Journal of Advanced Research in Computer Science and Software Engineering Vol.3.Issue7, July-2013, pp. 1-10.
[3]. Vaishali Singh & S. K. Pandey, “Cloud Security Related Threats”, International Journal of Scientific & Engineering Research, Volume 4, Issue 9, September-2013 pp. 2571.
[4]. Lea Toms, 5 Common Cyber Attacks in the IoT - Threat Alert on a Grand Scale, 29 Apr 2016, GlobalsIGN, Available fromhttps://www.globalsign.com/en/blog/five-common-cyber-attacks-in-the-iot/
[5]. NehaKhandelwal, Chetan Kumar, Security in Cloud: Attacks & Prevention Techniques, International Journal of Latest Trends in Engineering and Technology (IJLTET), Vol. 5 Issue 1 January 2015
[6]. Ricky Publico, What is a Man-in-the-Middle Attack and How Can You Prevent It?, 01 Mar 2017, Available fromhttps://www.globalsign.com/en-in/blog/what-is-a-man-in-the-middle-attack/
[7]. Ramakrishna Thurimella, Leemon C. Baird III, Network Security, Available fromhttp://web.cs.du.edu/~ramki/courses/security/2010Spring/ networkSecurity.pdf
[8]. Most Common Wireless Network Attacks, Apr 19, 2018, Cybersecurity Advice, Internet Security, Mobile Security, Network Security, Web Filtering, Available fromhttps://www.webtitan.com/blog/most-common-wireless-network-attacks/
[9]. Martin Vondráček, Jan Pluskal,OndřejRyšavý, Automated Man-in-the-Middle Attack Against WiFi Networks, Journal of digital forensics security and law, Volume 13, Number 1 Article 9, 31 March 2018
[10]. Qi Alfred Chen, Eric Osterweil, Matthew Thomas, , Z. Morley Mao, MiTM Attack by Name Collision: Cause Analysis and Vulnerability Assessment in the New gTLD Era, 2016 IEEE Symposium on Security and Privacy, IEEE Computer Society.
[11]. Neil DuPaul, What Is a Man-in-the-Middle Attack?, Veracode,https://www.veracode.com/security/man-middle-attack,2018
[12]. Jeff Bilger, Holly Cosand, Noor-E-Gagan Singh, Joe Xavier, Security and Legal Implications of Wireless Networks, Protocols, and Devices, https://courses.cs.washington.edu/courses/csep590/05au/whitepaper_turnin/WiFi%20-%20final.pdf
[13]. Alberto Ornaghi, Marco Valleri, Man in the middle Man in the middle attacks, Blackhat Conference - Europe 2003, https://www.blackhat.com/presentations/bh-europe-03/bh-europe-03-valleri.pdf
[14]. Jesudoss A., Subramaniam N.P., A Survey On Authentication Attacks And Countermeasures In A Distributed Environment, Vol. 5 No.2 Apr-May 2014
[15]. Paul Mutton, 95% of HTTPS servers vulnerable to trivial MITM attacks,17th March, 2016, https://news.netcraft.com/archives/2016/03/17/95-of-https-servers-vulnerable-to-trivial-MiTM-attacks.html
[16]. TulikaShubh and Shweta Sharma, Man-In-The-Middle-Attack Prevention Using HTTPS and SSL, IJCSMC, Vol. 5, Issue. 6, June 2016, pg.569 – 579
[17]. Cyber Attacks Explained Man In The Middle Attack, Valency Network, http://www.valencynetworks.com/articles/cyber-attacks-explained-man-in-the-middle-attack.html
[18]. How to Prevent Man in The Middle Attacks, Solid State System LLC, http://solidsystemsllc.com/prevent-man-in-the-middle-attacks/
[19]. Anna, Man In The Middle Attack Prevention And Detection, May 22, 2018, https://www.protectimus.com/blog/MiTM-prevention-and-detection/
[20]. Davey Winder, Man in the cloud attacks, IT Security Things,https://itsecuritything.com/man-in-the-cloud-attacks/
[21]. Christopher Risner, How a Man-In-The-Middle Cybersecurity Attack Works, https://www.blueboltsolutions.com/how-a-man-in-the-middle-cybersecurity-attack-works-3.aspx
[22]. Bill, The Rising Security Threats of 2018, https://blog.eccouncil.org/the-rising-security-threats-of-2018/
[23]. Man in the Middle (MiTM) Attack, Imperva , Incapsula, https://www.incapsula.com/web-application-security/man-in-the-middle-MiTM.html
[24]. Brian Contos, Man in the middle attacks on mobile apps, https://www.csoonline.com/article/3126363/mobile-security/man-in-the-middle-attacks-on-mobile-apps.html
[25]. Subramaniam.T.K, Deepa.B, Security Attack Issues and Mitigation Techniques In Cloud Computing Environments, International Journal of UbiComp (IJU), Vol.7, No.1, January 2016
[26]. Man-in-the-Middle (MITM) Attacks: Techniques and Prevention, https://www.rapid7.com/fundamentals/man-in-the-middle-attacks/
[27]. What is a man-in-the-middle attack?, Symantec, https://us.norton.com/internetsecurity-wifi-what-is-a-man-in-the-middle-attack.html
[28]. Infosec Guide: Defending Against Man-in-the-Middle Attacks, July 27, 2017, https://www.trendmicro.com/vinfo/us/security/ news/cybercrime-and-digital-threats/infosec-guide-defending-against-man-in-the-middle-attacks
[29]. Top four best practices to avoid man-in-the-middle attacks, Feb 04, 2014,https://www.forcepoint.com/blog/insights/top-four-best-practices-avoid-man-middle-attacks
[30]. Chris Sanders, Understanding Man-In-The-Middle Attacks - Part 4: SSL Hijacking, http://techgenix.com/understanding-man-in-the-middle-attacks-arp-part4/
[31]. Sean Michael Kerner, Man in the Cloud Attack Leverages SaaS Vulnerability, August 5, 2015, https://www.esecurityplanet.com/network-security/man-in-the-cloud-attack-leverages-saas-vulnerability.html
[32]. Jovi Umawing,When three isn’t a crowd: Man-in-the-Middle (MiTM) attacks explained, July 12, 2018
[33]. How To Secure RDP Sessions From MiTM Attacks, v2cloud, https://medium.com/@v2cloud/how-to-secure-rdp-sessions-from-cyber-attacks-4482a9f84f79
[34]. Subodh Gangan, A Review of Man-in-the-Middle Attacks, https://arxiv.org/ftp/arxiv/papers/1504/ 1504.02115.pdf
[35]. Kapil M. Jain and Manoj V. Jain, A Survey on Man in the Middle Attack, IJSTE - International Journal of Science Technology & Engineering, Volume 2, Issue 09, March 2016
[36]. Pushpendra Kumar Pateriya and Srijith S Kumar. Article: Analysis on Man in the Middle Attack on SSL. International Journal of Computer Applications 45(23):43-46, May 2012
[37]. Radhika.P, Ramya.G , Sadhana.K , Salini.R, Defending Man In The Middle Attacks, International Research Journal of Engineering and Technology, Volume: 04 Issue: 3, Mar -2017
[38]. Sonia Rachel, Subhashkar S, An Overview of the Man-In-The-Middle Attack, National Conference On Contemporary Research and Innovations in Computer Science (NCCRICS)- Dec 2017
[39]. Praveen Kumar Mishra, Analysis of MiTM Attack in Secure Simple Pairing, Journal of Global Research in Computer Science, Volume 4, No. 2, February 2013
[40]. Joel J.P.C. Rodrigues, Isabel de la Torre, Analysis of the Security and Privacy Requirements of Cloud-BasedElectronic Health Records Systems, Journal of Medical Internet Research, 2013, vol. 15, iss. 7, e148, p.1
[41]. Jon Watson, What is a Man in the Middle attack and how can I avoid it?,Comparitech, October 19, 2017,
[42]. MalihehShirvanian and NiteshSaxena, CCCP: Closed Caption Crypto Phones to Resist MITM Attacks, Human Errors and Click-Through, CCS’17, October 30-November 3, 2017, Dallas, TX, USA
[43]. Omar Achbarou, My Ahmed El kiram, and Salim El Bouanani, Securing Cloud Computing from Different Attacks Using Intrusion Detection Systems, International Journal of Interactive Multimedia and Artificial Intelligence, Vol. 4, No.3
[44]. Vaishali Singh & S. K. Pandey, “Revisiting Security Ontologies”, International Journal of Computer Science Issues, Vol 11, Issue 6, No. 1, November 2014 Pg150-159.
[45]. Vaishali Singh & S. K. Pandey, “A Comparative Study of Cloud Security Ontologies” 2014 IEEE 3rd International Conference on Reliability, Infocom Technologies and Optimization (Trends and Future Directions), Page 797-803.
[46]. Vikas Mangotra,, Richa Dogra, Cloud reliability enhancement mechanisms: A Survey, International Journal of Scientific Research in Computer Science and Engineering, Vol.6, Issue.3, pp.31-34 , June (2018)
[47]. P. Santra, An Expert Forensic Investigation System for Detecting Malicious Attacks and Identifying Attackers in Cloud Environment IJSRNSC Volume-6, Issue-5, October 2018