Abstract
Man-in-the-Middle (MITM) attack is a typical eavesdropping cyberattack.
The attacker can launch a MITM attack whenever the attacker and victims are on the
same network. Here is a scenario: A MITM attacker connects to Subway’s Wi-Fi and
waits for the victim to connect to the Subway Wi-Fi. Eventually, Victim A walks in
and connects to Subway’s Wi-Fi. Once Victim A gets connected and is on the same
network as the attacker, the attacker can launch an attack to intercept the network
traffic of Victim A. Therefore, everyone on the same network connection with the
attacker can be the target of a MITM attack. In this paper, the MITM attack will be
introduced. The attacker can spy on the victim, steal sensitive credentials, disrupt
communications, or even corrupt the data through the said attack. To discover how the
MITM attack works, this paper explains it based on the ARP Spoofing attack, which
exploits the ARP protocol to send out forged ARP responses. ARP Spoofing attack is
one of the MITM attacks. This paper emphasises the MITM attack phases, different
types of MITM attacks, ARP Spoofing attacks, and how ARP works. The
demonstration of steps for launching an ARP Spoofing attack and the tools involved,
like Nmap, Arpspoof, and Wireshark, are also included.