Unveiling Vulnerabilities of Web Attacks Considering Man in the Middle Attack and Session Hijacking

Muteeb Bin Muzammil; Muhammad Bilal; Sahar Ajmal; Sandile C. Shongwe; Yazeed Y. Ghadi

doi:10.1109/ACCESS.2024.3350444

IEEE Access (Jan 2024)

Unveiling Vulnerabilities of Web Attacks Considering Man in the Middle Attack and Session Hijacking

Muteeb Bin Muzammil,
Muhammad Bilal,
Sahar Ajmal,
Sandile C. Shongwe,
Yazeed Y. Ghadi

Affiliations

Muteeb Bin Muzammil: Department of Computing, Riphah International University, Faisalabad Campus, Islamabad, Pakistan
Muhammad Bilal: ORCiD; College of Computer Science and Technology, Zhejiang University, Hangzhou, China
Sahar Ajmal: ORCiD; Department of Software Engineering, FAST School of Computing, National University of Computer and Emerging Sciences, Islamabad, Chiniot-Faisalabad Campus, Chiniot, Pakistan
Sandile C. Shongwe: ORCiD; Department of Mathematical Statistics and Actuarial Science, Faculty of Natural and Agricultural Sciences, University of the Free State, Bloemfontein, South Africa
Yazeed Y. Ghadi: Department of Computer Science/Software Engineering, Al Ain University, Abu Dhabi, United Arab Emirates

DOI: https://doi.org/10.1109/ACCESS.2024.3350444
Journal volume & issue: Vol. 12
pp. 6365 – 6375

Abstract

Read online

The current era extensively utilizes the Internet, which uses data. Due to the apparent open-access Internet service, this data is highly vulnerable to attacks. Data privacy is affected by Web-based attacks. This Systematic Literature Review (SLR) focuses on two Web-based attacks: Man-In-The-Middle and session hijacking. It reviews about 30 studies from the years 2016–2023 that have been selected utilizing a proper study selection procedure. This SLR comprises three research questions. The first describes the overall trends in Man-In-The-Middle attacks and session hijacking studies. It shows that 7 articles were published in 2018, and the trend is decreasing to 4 articles by 2021. Moreover, 73% articles are published in conference venues, and India is the top contributor in this domain. Lastly, this question elaborated that IEEE is the top contributor as a publisher. The second addresses the sorts of attacks used by Man-In-The-Middle attacks and session hijacking on Transmission Control Protocol / Internet Protocol (TCP/IP). This demonstrates that Man-In-The-Middle attacks invade all layers and session hijacking attacks on only two, that is, the application and network layer. The third research question discusses the solutions provided by different studies to deal with Man-In-The-Middle attacks and session hijacking. In conclusion, this analysis highlights the need for stronger cybersecurity measures against Man-in-the-Middle and session hijacking assaults in the Internet era by revealing evolving trends, contributors, and solutions in data privacy.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords