{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,13]],"date-time":"2026-04-13T12:21:56Z","timestamp":1776082916647,"version":"3.50.1"},"reference-count":225,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"3","license":[{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"}],"funder":[{"name":"Marie Curie Fellowship"},{"DOI":"10.13039\/501100000780","name":"European Commission","doi-asserted-by":"publisher","award":["PCIG11-GA-2012-321980"],"award-info":[{"award-number":["PCIG11-GA-2012-321980"]}],"id":[{"id":"10.13039\/501100000780","id-type":"DOI","asserted-by":"publisher"}]},{"name":"EU TagItSmart","award":["H2020-ICT30-2015-688061"],"award-info":[{"award-number":["H2020-ICT30-2015-688061"]}]},{"name":"EU-India REACH","award":["ICI+\/2014\/342-896"],"award-info":[{"award-number":["ICI+\/2014\/342-896"]}]},{"name":"TENACE PRIN","award":["20103P34XC"],"award-info":[{"award-number":["20103P34XC"]}]},{"name":"Italian MIUR"},{"name":"Tackling Mobile Malware with Innovative Machine Learning Techniques"},{"name":"Physical-Layer Security for Wireless Communication"},{"name":"Content Centric Networking: Security and Privacy Issues"},{"name":"University of Padua"},{"name":"Erasmus Mundus Scholarship"},{"name":"European Commission for the NordSecMob"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Commun. Surv. Tutorials"],"published-print":{"date-parts":[[2016]]},"DOI":"10.1109\/comst.2016.2548426","type":"journal-article","created":{"date-parts":[[2016,3,29]],"date-time":"2016-03-29T18:29:54Z","timestamp":1459276194000},"page":"2027-2051","source":"Crossref","is-referenced-by-count":564,"title":["A Survey of Man In The Middle Attacks"],"prefix":"10.1109","volume":"18","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-3612-1934","authenticated-orcid":false,"given":"Mauro","family":"Conti","sequence":"first","affiliation":[]},{"given":"Nicola","family":"Dragoni","sequence":"additional","affiliation":[]},{"given":"Viktor","family":"Lesyk","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref170","first-page":"1197","article-title":"LDC: Detecting BGP prefix hijacking by load distribution change","author":"liux","year":"0","journal-title":"Proc IEEE 26th Int Conf Parallel Distrib Process Symp Workshops PhD Forum (IPDPSW)"},{"key":"ref172","first-page":"153","article-title":"PHAS: A prefix hijack alert system","author":"lad","year":"0","journal-title":"Proc Usenix Secur Symp"},{"key":"ref171","doi-asserted-by":"publisher","DOI":"10.1145\/2398776.2398779"},{"key":"ref174","doi-asserted-by":"publisher","DOI":"10.1145\/1282427.1282412"},{"key":"ref173","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-45248-5_2"},{"key":"ref176","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2007.7"},{"key":"ref175","doi-asserted-by":"publisher","DOI":"10.1145\/1402946.1402996"},{"key":"ref178","doi-asserted-by":"publisher","DOI":"10.1109\/ICNP.2006.320179"},{"key":"ref177","doi-asserted-by":"publisher","DOI":"10.1109\/APNOMS.2011.6077014"},{"key":"ref168","first-page":"11","article-title":"Listen and whisper: Security mechanisms for BGP","author":"subramanian","year":"0","journal-title":"Proc 1st Symp Netw Syst Des Implement (NSDI)"},{"key":"ref169","doi-asserted-by":"publisher","DOI":"10.1109\/SURV.2011.041010.00041"},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1186\/1687-1499-2012-89"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1049\/cp.2012.1831"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1109\/ITAP.2011.6006145"},{"key":"ref32","doi-asserted-by":"crossref","DOI":"10.31979\/etd.fu2m-skmj","article-title":"Securing wireless networks from ARP cache poisoning","author":"philip","year":"2007"},{"key":"ref31","first-page":"1","article-title":"Investigation of DHCP packets using Wireshark","volume":"63","author":"alshomrani","year":"2013","journal-title":"Int J Comput Appl"},{"key":"ref30","author":"thuc","year":"0","journal-title":"A Software Solution for Defending Against Man-in-the-Middle Attacks on WLAN"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-23971-7_39"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.4018\/jdcf.2011070104"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1109\/LCOMM.2010.02.092108"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.3745\/JIPS.2009.5.3.131"},{"key":"ref181","first-page":"47","article-title":"Securing BGP through secure origin BGP (SOBGP)","volume":"33","author":"white","year":"2003","journal-title":"Bus Commun Rev"},{"key":"ref180","doi-asserted-by":"publisher","DOI":"10.1109\/DISCEX.2001.932219"},{"key":"ref185","article-title":"Route-leaks & MITM attacks against BGPSEC","author":"mcpherson","year":"2014"},{"key":"ref184","article-title":"BGPsec protocol specification","author":"lepinski","year":"2014"},{"key":"ref183","doi-asserted-by":"publisher","DOI":"10.1145\/2377677.2377702"},{"key":"ref182","doi-asserted-by":"publisher","DOI":"10.1145\/1266977.1266980"},{"key":"ref189","author":"sempere","year":"0","journal-title":"An Overview of the GSM System"},{"key":"ref188","doi-asserted-by":"crossref","first-page":"2166","DOI":"10.1049\/el:19981500","article-title":"jamming system for mobile communications","volume":"34","author":"pousada-carballo","year":"1998","journal-title":"Electronics Letters"},{"key":"ref187","first-page":"520","article-title":"The GSM\/UMTS phone number catcher","author":"yubo","year":"0","journal-title":"Proc Int Conf Multimedia Inf Netw Secur (MINES)"},{"key":"ref186","article-title":"The security of the GSM air interface protocol","author":"mitchell","year":"2001"},{"key":"ref28","first-page":"461","article-title":"Analysis of a man-in-the-middle experiment with Wireshark","author":"chiu","year":"0","journal-title":"Proc Int Conf Secur Manage (SAM’11)"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.7125\/APAN.30.10"},{"key":"ref179","doi-asserted-by":"publisher","DOI":"10.1109\/49.839934"},{"key":"ref29","first-page":"120","article-title":"Recovering and protecting against DNS cache poisoning attacks","volume":"2","author":"xi","year":"0","journal-title":"Proc Int Conf Inf Technol Comput Eng Manage Sci (ICM)"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1007\/11506157_4"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1109\/ICDCSW.2007.19"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1109\/ICC.2006.255120"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2007.05.007"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1109\/ICC.2007.228"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-13577-4_11"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1109\/LANOMS.2009.5338799"},{"key":"ref50","first-page":"26","article-title":"ARP spoofing and poisoning: Traffic tricks","volume":"56","author":"demuth","year":"2005","journal-title":"Linux Mag"},{"key":"ref51","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-24707-4_18"},{"key":"ref154","doi-asserted-by":"publisher","DOI":"10.1109\/CICSyN.2012.50"},{"key":"ref153","author":"engert","year":"0","journal-title":"Detector io"},{"key":"ref156","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/2532780.2532802","article-title":"SHS-HTTPS enforcer: Enforcing HTTPS and preventing MITM attacks","volume":"38","author":"sugavanesh","year":"2013","journal-title":"ACM SIGSOFT Softw Eng Notes"},{"key":"ref155","author":"hodges","year":"2012","journal-title":"HTTP Strict Transport Security (HSTS)"},{"key":"ref150","first-page":"321","article-title":"Perspectives: Improving SSH-style host authentication with multi-path probing","author":"wendlandt","year":"0","journal-title":"Proc USENIX Annu Tech Conf"},{"key":"ref152","doi-asserted-by":"publisher","DOI":"10.1109\/ISCC.2009.5202224"},{"key":"ref151","article-title":"SSL and the future of authenticity","author":"marlinspike","year":"2011"},{"key":"ref146","article-title":"Public key pinning extension for HTTP","author":"evans","year":"2011"},{"key":"ref147","article-title":"Trust assertions for certificate keys","author":"marlinspike","year":"2013"},{"key":"ref148","article-title":"Public key pinning","author":"langley","year":"2011"},{"key":"ref149","article-title":"The DNS-based authentication of named entities (DANE) transport layer security (TLS) protocol: TLSA","author":"hoffman","year":"6698"},{"key":"ref59","author":"arpdefender","year":"2010","journal-title":"What is Arpdefender Designed For?"},{"key":"ref58","author":"gmbh","year":"0","journal-title":"ARP-Guard"},{"key":"ref57","author":"bhaiji","year":"0","journal-title":"Security features on switches"},{"key":"ref56","year":"0"},{"key":"ref55","doi-asserted-by":"publisher","DOI":"10.1109\/AHICI.2011.6113951"},{"key":"ref54","doi-asserted-by":"publisher","DOI":"10.1109\/ETCS.2010.75"},{"key":"ref53","author":"lab","year":"2002","journal-title":"Anticap Naive ARP Poisoning Mitigation"},{"key":"ref52","doi-asserted-by":"publisher","DOI":"10.1109\/ICCIT.2008.345"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2013.09.011"},{"key":"ref167","article-title":"Defending against BGP man-in-the-middle attacks","author":"hepner","year":"0","journal-title":"Proc Black Hat DC Conf"},{"key":"ref166","doi-asserted-by":"publisher","DOI":"10.1002\/nem.1805"},{"key":"ref165","article-title":"Inter-domain routing security BGP route hijacking","author":"mizuguchi","year":"0","journal-title":"Proc Asia Pac Reg Internet Conf Oper Technol (APRICOT’07)"},{"key":"ref164","doi-asserted-by":"publisher","DOI":"10.1145\/1282427.1282411"},{"key":"ref163","author":"genachowski","year":"0","journal-title":"FCC CSRIC Makes Recommendations Regarding ISP Cyber Security"},{"key":"ref162","first-page":"12","article-title":"Stealing the Internet: An Internet-scale man in the middle attack","author":"pilosov","year":"2008"},{"key":"ref161","doi-asserted-by":"crossref","DOI":"10.17487\/rfc4272","article-title":"BGP security vulnerabilities analysis","author":"murphy","year":"2006"},{"key":"ref160","doi-asserted-by":"crossref","DOI":"10.17487\/rfc1771","article-title":"A border gateway protocol 4 (BGP-4)","author":"rekhter","year":"1995"},{"key":"ref4","first-page":"1","article-title":"Data breach investigations report","volume":"36","author":"baker","year":"2011","journal-title":"Methods"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1109\/MC.1983.1654298"},{"key":"ref6","article-title":"Establishing wireless robust security networks: A guide to IEEE 802.11i","author":"frankel","year":"0"},{"key":"ref5","year":"2014","journal-title":"Capec-94 Man in the Middle Attack"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1109\/ISCCSP.2008.4537388"},{"key":"ref159","article-title":"Transport layer security (TLS) channel IDs","author":"balfanz","year":"2013"},{"key":"ref7","article-title":"Address resolution protocol spoofing and man-in-the-middle attacks","author":"wagner","year":"2001"},{"key":"ref49","first-page":"83","article-title":"P-ARP: A novel enhanced authentication scheme for securing ARP","author":"limmaneewichid","year":"0","journal-title":"Proc Int Conf Comput Commun Manage (ICCCM’11)"},{"key":"ref157","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-41098-7_5"},{"key":"ref9","article-title":"Man in the middle attacks","author":"ornaghi","year":"0","journal-title":"Proc Blackhat Conf Eur"},{"key":"ref158","first-page":"317","article-title":"Origin-bound certificates: A fresh approach to strong client authentication for the web","author":"dietz","year":"0","journal-title":"Proc Usenix Secur Symp"},{"key":"ref46","doi-asserted-by":"publisher","DOI":"10.1016\/S1389-1286(02)00326-2"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.1109\/CSAC.2003.1254311"},{"key":"ref48","doi-asserted-by":"publisher","DOI":"10.1109\/LANMAN.2010.5507143"},{"key":"ref47","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-85855-3_3"},{"key":"ref42","article-title":"An innovative method for detection and prevention against ARP spoofing in MANET","volume":"5","author":"shukla","year":"2015","journal-title":"Int J Comput Sci Inf Secur"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1109\/MPOT.2012.2187102"},{"key":"ref44","first-page":"8","article-title":"Thwarting address resolution protocol poisoning using man in the middle attack in WLAN","volume":"1","author":"kumar","year":"2013","journal-title":"Int J Rel Inf Assur"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1049\/iet-com.2011.0566"},{"key":"ref73","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-16161-2_27"},{"key":"ref72","doi-asserted-by":"publisher","DOI":"10.1109\/HASE.2010.25"},{"key":"ref71","author":"su","year":"2005","journal-title":"STREAMS Programming Guide"},{"key":"ref70","doi-asserted-by":"publisher","DOI":"10.1109\/CSAC.1999.816040"},{"key":"ref76","author":"chopra","year":"2014","journal-title":"Man in the Middle (MITM) DNS Spoofing Explained"},{"key":"ref77","doi-asserted-by":"publisher","DOI":"10.1109\/ICET.2012.6375486"},{"key":"ref74","article-title":"DNS cache poisoning—The next generation","author":"stewart","year":"2003"},{"key":"ref75","doi-asserted-by":"publisher","DOI":"10.1109\/ICACT.2007.358755"},{"key":"ref78","article-title":"It’s the end of the cache as we know it","author":"kaminsky","year":"2008","journal-title":"presentation at Blackhat Briefings"},{"key":"ref79","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2012.27"},{"key":"ref60","year":"0","journal-title":"arpwatch the ethernet monitor program for keeping track of ethernet\/ip address pairings"},{"key":"ref62","doi-asserted-by":"publisher","DOI":"10.1109\/SECUREWARE.2007.4385321"},{"key":"ref61","doi-asserted-by":"publisher","DOI":"10.1109\/ICCASM.2010.5619113"},{"key":"ref63","doi-asserted-by":"publisher","DOI":"10.1109\/APCC.2003.1274480"},{"key":"ref64","doi-asserted-by":"publisher","DOI":"10.1109\/GLOCOM.2006.282"},{"key":"ref65","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-17878-8_44"},{"key":"ref66","doi-asserted-by":"publisher","DOI":"10.1155\/2014\/264654"},{"key":"ref67","doi-asserted-by":"publisher","DOI":"10.1145\/358790.358797"},{"key":"ref68","author":"teterin","year":"0","journal-title":"ARP Spoofing Defence"},{"key":"ref69","first-page":"1375","article-title":"Secure mobility management application capable of fast layer 3 handovers for MIPv6-non-aware mobile hosts","volume":"97","author":"peradilla","year":"2014","journal-title":"IEICE Trans Commun"},{"key":"ref197","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2006.81"},{"key":"ref198","doi-asserted-by":"publisher","DOI":"10.1109\/NGMAST.2008.88"},{"key":"ref199","first-page":"158","article-title":"Security measures and weaknesses of the GPRS security architecture","volume":"6","author":"xenakis","year":"2008","journal-title":"IJ Network Security"},{"key":"ref193","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-45146-4_35"},{"key":"ref194","doi-asserted-by":"publisher","DOI":"10.1016\/j.comcom.2004.05.018"},{"key":"ref195","doi-asserted-by":"publisher","DOI":"10.1016\/j.comcom.2005.01.015"},{"key":"ref196","first-page":"413","article-title":"GSM security issues and challenges","author":"siddique","year":"0","journal-title":"Proc 7th ACIS Int Conf Softw Eng Artif Intell Netw Parallel Distrib Comput"},{"key":"ref95","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2007.139"},{"key":"ref190","first-page":"25","article-title":"Mutual authentication and key agreement for GSM","author":"kumar","year":"0","journal-title":"Proc Int Conf Mobile Bus (ICMB’06)"},{"key":"ref94","doi-asserted-by":"publisher","DOI":"10.1109\/SPW.2014.20"},{"key":"ref191","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-57341-0_63"},{"key":"ref93","doi-asserted-by":"crossref","DOI":"10.17487\/rfc4033","article-title":"DNS security introduction and requirements","author":"arends","year":"2005"},{"key":"ref192","doi-asserted-by":"crossref","first-page":"904","DOI":"10.1109\/TVT.2002.801547","article-title":"Real-time interception systems for the GSM protocol","volume":"51","author":"vales-alonso","year":"2002","journal-title":"IEEE Trans Veh Technol"},{"key":"ref92","first-page":"21","article-title":"DNS server cryptography using symmetric key cryptography","volume":"3","author":"shrivastava","year":"2014","journal-title":"Int J Innov Adv Comput Sci"},{"key":"ref91","doi-asserted-by":"crossref","DOI":"10.17487\/rfc2931","article-title":"DNS request and transaction signatures (SIG (0)\ufffds)","author":"eastlake","year":"2000"},{"key":"ref90","doi-asserted-by":"crossref","DOI":"10.17487\/rfc2845","article-title":"Secret key transaction authentication for DNS (TSIG)","author":"vixie","year":"2000"},{"key":"ref98","doi-asserted-by":"publisher","DOI":"10.4018\/978-1-4666-0104-8.ch012"},{"key":"ref99","first-page":"213","article-title":"Identity-based encryption from the Weil pairing","author":"boneh","year":"2001","journal-title":"Adv Cryptology"},{"key":"ref96","doi-asserted-by":"publisher","DOI":"10.1109\/CATCH.2009.21"},{"key":"ref97","author":"bernstein","year":"2009","journal-title":"DNSCurve Usable Security for DNS"},{"key":"ref82","first-page":"3","article-title":"ConfiDNS: Leveraging scale and history to improve DNS security","author":"poole","year":"0","journal-title":"Proc 3rd Workshop on Real Large Distrib Syst (WORLDS'06)"},{"key":"ref81","first-page":"14","article-title":"CoDNS: Improving DNS performance and reliability via cooperative lookups","volume":"4","author":"park","year":"0","journal-title":"Proc 6th Conf Symp Operat Syst Des Implement (OSDI)"},{"key":"ref84","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-18178-8_4"},{"key":"ref83","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-10433-6_12"},{"key":"ref80","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-15512-3_2"},{"key":"ref89","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-31909-9_18"},{"key":"ref85","author":"bernstein","year":"0","journal-title":"DNS Forgery"},{"key":"ref86","doi-asserted-by":"publisher","DOI":"10.1145\/1455770.1455798"},{"key":"ref87","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2009.5270363"},{"key":"ref88","article-title":"Domain name system (DNS) cookies","author":"eastlake","year":"2014"},{"key":"ref200","author":"chandra","year":"2011","journal-title":"Bulletproof Wireless Security GSM UMTS 802 11 and Ad Hoc Security"},{"key":"ref101","doi-asserted-by":"publisher","DOI":"10.1016\/j.compeleceng.2012.06.005"},{"key":"ref100","doi-asserted-by":"publisher","DOI":"10.1109\/ICON.2011.6168490"},{"key":"ref209","doi-asserted-by":"publisher","DOI":"10.4304\/jnw.1.6.18-27"},{"key":"ref203","first-page":"14","article-title":"IMSI catcher","author":"strobel","year":"2007"},{"key":"ref204","author":"luthi","year":"0","journal-title":"Improving Security of Mobile Devices"},{"key":"ref201","doi-asserted-by":"publisher","DOI":"10.1145\/1734583.1734597"},{"key":"ref202","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2015.01.017"},{"key":"ref207","year":"0","journal-title":"Ettus Research—The Leader in Software Defined Radio (SDR)"},{"key":"ref208","doi-asserted-by":"crossref","first-page":"326","DOI":"10.1109\/EURCOM.2000.874826","article-title":"An efficient authentication protocol for GSM networks","author":"hwang","year":"0","journal-title":"Proc IEEE Inf Syst Enhanced Public Safety Secur (EUROCOMM)"},{"key":"ref205","doi-asserted-by":"publisher","DOI":"10.1109\/WICOM.2007.562"},{"key":"ref206","year":"0","journal-title":"OpenBTS—Open Cource Cellular Infrastructure"},{"key":"ref211","doi-asserted-by":"publisher","DOI":"10.1109\/CCECE.2009.5090238"},{"key":"ref210","first-page":"3","article-title":"A TESLA-based mutual authentication protocol for GSM networks","volume":"1","author":"fanian","year":"0","journal-title":"ISC Int J Inf Security"},{"key":"ref212","doi-asserted-by":"publisher","DOI":"10.1007\/s11235-009-9276-4"},{"key":"ref213","author":"ericsson","year":"0","journal-title":"Traffic and Market Report"},{"key":"ref214","doi-asserted-by":"publisher","DOI":"10.1145\/1023646.1023662"},{"key":"ref215","doi-asserted-by":"publisher","DOI":"10.1109\/WTS.2009.5068979"},{"key":"ref216","year":"0","journal-title":"3G Security Security Threats and Requirements"},{"key":"ref217","doi-asserted-by":"publisher","DOI":"10.1109\/PIMRC.2004.1368846"},{"key":"ref218","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2010.01.005"},{"key":"ref219","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2009.08.019"},{"key":"ref220","doi-asserted-by":"publisher","DOI":"10.1109\/LCOMM.2010.04.092279"},{"key":"ref222","doi-asserted-by":"publisher","DOI":"10.1007\/s11277-013-1501-5"},{"key":"ref221","doi-asserted-by":"publisher","DOI":"10.1109\/TVT.2011.2168247"},{"key":"ref225","doi-asserted-by":"publisher","DOI":"10.1109\/PDGC.2012.6449847"},{"key":"ref224","doi-asserted-by":"publisher","DOI":"10.1007\/s40012-013-0030-4"},{"key":"ref223","first-page":"220","author":"saxena","year":"0","journal-title":"Proc Int conf Adv Comput Sci Electron Eng (CSEE’14)"},{"key":"ref127","doi-asserted-by":"publisher","DOI":"10.1109\/INFCOM.2005.1497921"},{"key":"ref126","first-page":"365","article-title":"Passport: Secure and adoptable source authentication","volume":"8","author":"liu","year":"0","journal-title":"Proc Netw Syst Des Implement (NSDI)"},{"key":"ref125","doi-asserted-by":"publisher","DOI":"10.1145\/1229285.1229293"},{"key":"ref124","first-page":"1557","article-title":"SAVE: Source address validity enforcement protocol","volume":"3","author":"li","year":"0","journal-title":"Proc 21st Annu Joint Conf IEEE Comput Commun Soc"},{"key":"ref129","doi-asserted-by":"publisher","DOI":"10.1145\/1402946.1402997"},{"key":"ref128","doi-asserted-by":"publisher","DOI":"10.1109\/TNET.2006.890133"},{"key":"ref130","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.2003.1199330"},{"key":"ref133","doi-asserted-by":"publisher","DOI":"10.1016\/j.comcom.2006.03.004"},{"key":"ref134","author":"prentow","year":"0","journal-title":"MITM Attacks on SSL\/TLS Related to Renegotiation"},{"key":"ref131","doi-asserted-by":"publisher","DOI":"10.1016\/j.comcom.2015.03.003"},{"key":"ref132","article-title":"RFC 2246: The TLS protocol","author":"dierks","year":"1999"},{"key":"ref136","doi-asserted-by":"publisher","DOI":"10.1109\/IMCCC.2011.117"},{"key":"ref135","doi-asserted-by":"publisher","DOI":"10.1145\/2179298.2179365"},{"key":"ref138","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382204"},{"key":"ref137","article-title":"Empirical analysis of public key infrastructures and investigation of improvements","author":"holz","year":"2014"},{"key":"ref139","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-27576-0_20"},{"key":"ref140","first-page":"399","article-title":"Crying wolf: An empirical study of SSL warning effectiveness","author":"sunshine","year":"0","journal-title":"Proc Usenix Secur Symp"},{"key":"ref141","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-33167-1_12"},{"key":"ref142","author":"langley","year":"0","journal-title":"Certificate Transparency ImperialViolet"},{"key":"ref143","year":"0","journal-title":"The ICSI Certificate Notary"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1109\/RISP.1992.213269"},{"key":"ref144","year":"0","journal-title":"The EFF SSL Observatory"},{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1109\/ICCSIT.2010.5563900"},{"key":"ref145","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-33167-1_13"},{"key":"ref109","article-title":"An authentication method based on certificate for DHCP","author":"wong","year":"2011"},{"key":"ref108","article-title":"DHCP authentication via Kerberos V","author":"hornstein","year":"2000"},{"key":"ref107","first-page":"570","article-title":"DHCP message authentication with an effective key management","volume":"8","author":"ju","year":"2007","journal-title":"World Acad Sci Eng Technol"},{"key":"ref106","article-title":"Dynamic host configuration protocol (DHCP) authentication using challenge handshake authentication protocol (CHAP) challenge","author":"de graaf","year":"2013"},{"key":"ref105","doi-asserted-by":"publisher","DOI":"10.1109\/LCN.2002.1181774"},{"key":"ref104","article-title":"Authentication for DHCP messages; RFC3118. txt","author":"droms","year":"2001"},{"key":"ref103","doi-asserted-by":"publisher","DOI":"10.1109\/ICComm.2014.6866756"},{"key":"ref102","author":"bhaiji","year":"2007","journal-title":"Understanding Preventing and Defending Against Layer 2 Attacks"},{"key":"ref111","doi-asserted-by":"publisher","DOI":"10.1109\/SECCOM.2007.4550359"},{"key":"ref112","doi-asserted-by":"publisher","DOI":"10.1109\/CSE.2009.204"},{"key":"ref110","article-title":"Certificate-based authentication for DHCP","author":"glazer","year":"2003"},{"key":"ref10","author":"ericsson","year":"2014","journal-title":"Ericsson Mobility Report"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.41"},{"key":"ref12","author":"coe","year":"2014","journal-title":"Detecting and Defeating Advanced Man-in-the-Middle Attacks Against TLS"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.13"},{"key":"ref14","first-page":"150","article-title":"On the effective prevention of TLS man-in-the-middle attacks in web applications","author":"karapanos","year":"2014","journal-title":"IACR Cryptology ePrint"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1007\/s11277-014-1821-0"},{"key":"ref16","author":"prowell","year":"2010","journal-title":"Seven Deadliest Network Attacks"},{"key":"ref118","doi-asserted-by":"crossref","DOI":"10.17487\/rfc3704","article-title":"Ingress filtering for multihomed networks","author":"baker","year":"2004"},{"key":"ref17","author":"green","year":"2005","journal-title":"DNS spoofing by the man in the middle"},{"key":"ref117","doi-asserted-by":"crossref","DOI":"10.17487\/rfc2827","article-title":"Network ingress filtering: Defeating denial of service attacks which employ IP source address spoofing","author":"ferguson","year":"2000"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1007\/11593980_18"},{"key":"ref19","article-title":"ARP spoofing detection on switched Ethernet networks: A feasibility study","author":"carnut","year":"0","journal-title":"Proc 5th Symp Seguranca Inf"},{"key":"ref119","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2012.08.018"},{"key":"ref114","doi-asserted-by":"publisher","DOI":"10.1109\/SCAT.2013.7055097"},{"key":"ref113","article-title":"6500 series switches","volume":"20","author":"catalyst","year":"2012"},{"key":"ref116","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2013.2296437"},{"key":"ref115","author":"tanase","year":"1674","journal-title":"IP Spoofing an Introduction"},{"key":"ref120","first-page":"7","article-title":"Various anti IP spoofing techniques","volume":"4","author":"patel","year":"2015","journal-title":"J Eng Comput Appl Sci"},{"key":"ref121","doi-asserted-by":"publisher","DOI":"10.1145\/1516539.1516541"},{"key":"ref122","doi-asserted-by":"publisher","DOI":"10.1145\/964723.383061"},{"key":"ref123","doi-asserted-by":"publisher","DOI":"10.1109\/INFOCOM.2006.128"}],"container-title":["IEEE Communications Surveys & Tutorials"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/9739\/7548084\/07442758.pdf?arnumber=7442758","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,1,12]],"date-time":"2022-01-12T11:43:43Z","timestamp":1641987823000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/7442758\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016]]},"references-count":225,"journal-issue":{"issue":"3"},"URL":"https:\/\/doi.org\/10.1109\/comst.2016.2548426","relation":{},"ISSN":["1553-877X"],"issn-type":[{"value":"1553-877X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2016]]}}}