A man-on-the-side attack is a form of active attack in computer security similar to a man-in-the-middle attack. Instead of completely controlling a network node as in a man-in-the-middle attack, the attacker only has regular access to the communication channel, which allows him to read the traffic and insert new messages, but not to modify or delete messages sent by other participants. The attacker relies on a timing advantage to make sure that the response he sends to the request of a victim arrives before the legitimate response.
In real-world attacks, the response packet sent by the attacker can be used to place malware on the victim's computer. The need for a timing advantage makes the attack difficult to execute, as it requires a privileged position in the network, for example on the internet backbone.
- Gallagher, Ryan; Greenwald, Glenn (12 March 2014). "How the NSA Plans to Infect ‘Millions’ of Computers with Malware". The Intercept. Retrieved 15 March 2014.
- Schneier, Bruce (4 October 2013). "Attacking Tor: how the NSA targets users' online anonymity". theguardian.com. The Guardian. Retrieved 15 March 2014.
|This computer security article is a stub. You can help Wikipedia by expanding it.|