Jump to content

Man-on-the-side attack

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Deku-shrub (talk | contribs) at 22:25, 3 May 2015. The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

A man-on-the-side attack is a form of active attack in computer security similar to a man-in-the-middle attack. Instead of completely controlling a network node as in a man-in-the-middle attack, the attacker only has regular access to the communication channel, which allows him to read the traffic and insert new messages, but not to modify or delete messages sent by other participants. The attacker relies on a timing advantage to make sure that the response he sends to the request of a victim arrives before the legitimate response.

In real-world attacks, the response packet sent by the attacker can be used to place malware on the victim's computer.[1] The need for a timing advantage makes the attack difficult to execute, as it requires a privileged position in the network, for example on the internet backbone.[2]

The 2013 global surveillance revelations revealed that the US National Security Agency (NSA) widely uses a man-on-the-side attack to infect targets with malware through its QUANTUM program.[1]

References

  1. ^ a b Gallagher, Ryan; Greenwald, Glenn (12 March 2014). "How the NSA Plans to Infect 'Millions' of Computers with Malware". The Intercept. Retrieved 15 March 2014.
  2. ^ Schneier, Bruce (4 October 2013). "Attacking Tor: how the NSA targets users' online anonymity". theguardian.com. The Guardian. Retrieved 15 March 2014.