IEEE Access (Jan 2024)

Unveiling Vulnerabilities of Web Attacks Considering Man in the Middle Attack and Session Hijacking

  • Muteeb Bin Muzammil,
  • Muhammad Bilal,
  • Sahar Ajmal,
  • Sandile C. Shongwe,
  • Yazeed Y. Ghadi

DOI
https://doi.org/10.1109/ACCESS.2024.3350444
Journal volume & issue
Vol. 12
pp. 6365 – 6375

Abstract

Read online

The current era extensively utilizes the Internet, which uses data. Due to the apparent open-access Internet service, this data is highly vulnerable to attacks. Data privacy is affected by Web-based attacks. This Systematic Literature Review (SLR) focuses on two Web-based attacks: Man-In-The-Middle and session hijacking. It reviews about 30 studies from the years 2016–2023 that have been selected utilizing a proper study selection procedure. This SLR comprises three research questions. The first describes the overall trends in Man-In-The-Middle attacks and session hijacking studies. It shows that 7 articles were published in 2018, and the trend is decreasing to 4 articles by 2021. Moreover, 73% articles are published in conference venues, and India is the top contributor in this domain. Lastly, this question elaborated that IEEE is the top contributor as a publisher. The second addresses the sorts of attacks used by Man-In-The-Middle attacks and session hijacking on Transmission Control Protocol / Internet Protocol (TCP/IP). This demonstrates that Man-In-The-Middle attacks invade all layers and session hijacking attacks on only two, that is, the application and network layer. The third research question discusses the solutions provided by different studies to deal with Man-In-The-Middle attacks and session hijacking. In conclusion, this analysis highlights the need for stronger cybersecurity measures against Man-in-the-Middle and session hijacking assaults in the Internet era by revealing evolving trends, contributors, and solutions in data privacy.

Keywords