Lawal, Damola, Gresty, David, Gan, Diane ORCID: https://orcid.org/0000-0002-0920-7572 and Durojaiye, Tolulope (2023) Forensic implication of a cyber-enabled fraud taking advantage of an offline Adversary-in-the-Middle (AiTM) attack. In: 2023 46th MIPRO ICT and Electronics Convention (MIPRO) 22th - 26th May 2023, Opatija, Croatia. IEEE Xplore . Institute of Electrical and Electronics Engineers (IEEE), Piscataway, New Jersey, pp. 1258-1263. ISBN 978-9532331042; 978-9532331059; 978-1665494205 ISSN 1847-3938 (Print), 2623-8764 (Online) (doi:10.23919/MIPRO57284.2023.10159879)

Preview

PDF (Abstract of conference paper) 43172_LAWAL_Forensic_implication_of_a_cyber_enabled_fraud_taking_advantage_of_an_offline_AiTM_ABSTRACT.pdf - Other Download (50kB) | Preview

Abstract

Many computer users utilise the HighDefinition Multimedia Interface (HDMI) for connecting external displays as this interface is common on modern computers. This work investigates the feasibility of performing an offline adversary-in-the-middle attack with a portable programmable device such as the Screen Crab which leverages the HDMI interface to covertly capture information being sent to the external display. This work also addresses the possibility of such attacks being carried out as the reconnaissance phase of a wider attack or being carried out as a standalone attack for data exfiltration, data theft, or espionage. Among the operational observations of the Screen Crab, while it was exfiltrating data, include its property of being storage and process efficient. In addition, there were no indicators on the external display (e.g., quality drop, lag/latency) to suggest to the target user that any form
of tampering had been done to their machine. This paper also shows how it might be difficult for forensic analysts to detect the use of this device which poses a risk of the target user (victim) being falsely accused or wrongly prosecuted for divulging sensitive or classified information in this kind of situation.

Item Type:	Conference Proceedings
Title of Proceedings:	2023 46th MIPRO ICT and Electronics Convention (MIPRO) 22th - 26th May 2023, Opatija, Croatia
Uncontrolled Keywords:	digital forensics; Adversary-in-the-middle; cyber-enabled fraud; screen crab; portable programmable devices; miscarriage of justice
Subjects:	H Social Sciences > HD Industries. Land use. Labor > HD61 Risk Management Q Science > QA Mathematics > QA75 Electronic computers. Computer science Q Science > QA Mathematics > QA76 Computer software
Faculty / School / Research Centre / Research Group:	Faculty of Engineering & Science Faculty of Engineering & Science > School of Computing & Mathematical Sciences (CMS)
Last Modified:	13 Jul 2023 15:18
URI:	http://gala.gre.ac.uk/id/eprint/43172

Actions (login required)

View Item

Downloads