A Practical Approach to Man-in-the-Middle (MitM) Attacks Detection in IoT Networks
Keywords:
ARP spoofing, Cybersecurity, IoT security, Man-in-the-middle attack, Network security, Packet sniffingAbstract
The rapid development of the internet of things (IoT) has significantly transformed the contemporary communication system, which connects a vast array of intelligent devices. This growth has, however, also posed severe security lapses occasioned by low computational abilities and low security measures in the IoT devices. The Man-in-the-Middle (MitM) attack is one of the most severe attacks, in which a vulnerable person secretly intercepts and modifies communication between two devices without their awareness. This research work is aimed at the analysis and visualisation of the MitM attacks within a controlled IoT network setting. A real-life practice is followed using tools like Kali Linux, Wireshark and ARP spoofing techniques to help in simulating a real-life attack scenario. The experiment demonstrates the way attackers may intercept sensitive information, including login credentials and network data, by putting themselves between communicating devices. The findings demonstrate the extreme dangers of unsecured communication schemes in the IoT systems. Moreover, the study will discuss effective detection and prevention measures, such as encryption, secure communication protocols, intrusion detection systems, and network monitoring measures. This study has highlighted the need to enhance IoT security systems in order to ensure data integrity, confidentiality, and reliability of the system. It is important to deploy strong security tools that will protect the IoT environment against the emerging cyber threats, such as MitM attacks.
References
M. Conti, N. Dragoni, and V. Lesyk, “A survey of man-in-the-middle attacks,” IEEE Communications Surveys & Tutorials, vol. 18, no. 3, pp. 2027–2051, Mar. 2016.
T. Wang and L. Lilien, “Opportunistic topology control for ad hoc wireless network survivability enhancement based on LIMOS model,” Journal of Network and Computer Applications, vol. 134, pp. 1–12, May 2019.
Conti M, Dragoni N, Lesyk V, “A survey of man in the middle attacks,” IEEE Communications Surveys & Tutorials. vol. 18, no. 3, pp. 2027–2051, Mar. 2016.
A. O. A. Almashhadani, M. Kaiiali, S. Sezer, and P. O’Kane, “A multi-classifier network-based crypto ransomware detection system: Case study of Locky ransomware,” IEEE Access, vol. 7, pp. 47053–47067, Mar. 2019.
O. Almomani, T. Alwada’n, and O. H. Al-Tarawneh, “ML-based detection of ARP spoofing attacks in Internet of Things environments: Comparative study,” Procedia Computer Science, vol. 275, pp. 523–531, Jan. 2026.
S. Majumder, M. K. Deb Barma, and A. Saha, “ARP spoofing detection using machine learning classifiers: An experimental study,” Knowledge and Information Systems, vol. 67, no. 1, pp. 727–766, Jan. 2025.
R. Basri, G. Karmakar, S. S. Newaz, J. Kamruzzaman, L. Nguyen, M. M. Alam, and M. Usman, “Enhancing IoT security: Assessing instantaneous communication trust to detect man-in-the-middle attacks,” Future Generation Computer Systems, vol. 166, p. 107714, May 2025.
Y. Chen, W. Trappe, and R. P. Martin, “Detecting and localizing wireless spoofing attacks,” in Proc. IEEE Communications Society Conf. on Sensor, Mesh and Ad Hoc Communications and Networks, Jun. 2007, pp. 193–202.
R. Sriranjani, R. U. Deepak, J. S. Pravinkumar, A. M. Arshad, N. Hemavathi, and A. Parvathy, “Man-in-the-middle attack detection in smart grid using machine learning,” in AIP Conference Proceedings, vol. 3137, no. 1, p. 020006, Mar. 2025.
J. Makhija, A. A. Shetty, and A. Bangera, “Classification of attacks on MQTT-based IoT system using machine learning techniques,” in Proc. Int. Conf. on Innovative Computing and Communications (ICICC), 2021, pp. 217–224.
N. Sivasankari and S. Kamalakkannan, “Detection and prevention of man-in-the-middle attack in IoT network using regression modeling,” Advances in Engineering Software, vol. 169, p. 103126, Jul. 2022.
M. A. Ali and S. A. Al-Sharafi, “Intrusion detection in IoT networks using machine learning and deep learning approaches for MitM attack mitigation,” Discover Internet of Things, vol. 5, no. 1, p. 48, Apr. 2025.
Y.-R. Lee, J.-S. Kim, and H.-K. Park, “A study on improvement of personal information divulgence prevention system (a case of the health and welfare division),” International Journal of Applied Engineering Research, vol. 12, no. 20, pp. 9936–9941, Jan. 2017.
