{"id":"https://openalex.org/W3153427056","doi":"https://doi.org/10.1007/s10207-021-00548-5","title":"Browser-in-the-Middle (BitM) attack","display_name":"Browser-in-the-Middle (BitM) attack","publication_year":2021,"publication_date":"2021-04-17","ids":{"openalex":"https://openalex.org/W3153427056","doi":"https://doi.org/10.1007/s10207-021-00548-5","mag":"3153427056"},"language":"en","primary_location":{"id":"doi:10.1007/s10207-021-00548-5","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s10207-021-00548-5","pdf_url":"https://link.springer.com/content/pdf/10.1007/s10207-021-00548-5.pdf","source":{"id":"https://openalex.org/S164062316","display_name":"International Journal of Information Security","issn_l":"1615-5262","issn":["1615-5262","1615-5270"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Journal of Information Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://link.springer.com/content/pdf/10.1007/s10207-021-00548-5.pdf","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5084437443","display_name":"Franco Tommasi","orcid":"https://orcid.org/0000-0003-2419-7381"},"institutions":[{"id":"https://openalex.org/I142910587","display_name":"University of Salento","ror":"https://ror.org/03fc1k060","country_code":"IT","type":"education","lineage":["https://openalex.org/I142910587"]}],"countries":["IT"],"is_corresponding":true,"raw_author_name":"Franco Tommasi","raw_affiliation_strings":["Dipartimento di Ingegneria dell\u2019Innovazione, University of Salento, Via per Monteroni, Lecce, Italy","Dipartimento di Ingegneria dell'Innovazione, University of Salento, Via per Monteroni, Lecce, Italy"],"affiliations":[{"raw_affiliation_string":"Dipartimento di Ingegneria dell\u2019Innovazione, University of Salento, Via per Monteroni, Lecce, Italy","institution_ids":["https://openalex.org/I142910587"]},{"raw_affiliation_string":"Dipartimento di Ingegneria dell'Innovazione, University of Salento, Via per Monteroni, Lecce, Italy","institution_ids":["https://openalex.org/I142910587"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5069025192","display_name":"Christian Catalano","orcid":"https://orcid.org/0000-0003-4038-2317"},"institutions":[{"id":"https://openalex.org/I142910587","display_name":"University of Salento","ror":"https://ror.org/03fc1k060","country_code":"IT","type":"education","lineage":["https://openalex.org/I142910587"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Christian Catalano","raw_affiliation_strings":["Dipartimento di Ingegneria dell\u2019Innovazione, University of Salento, Via per Monteroni, Lecce, Italy","Dipartimento di Ingegneria dell'Innovazione, University of Salento, Via per Monteroni, Lecce, Italy"],"affiliations":[{"raw_affiliation_string":"Dipartimento di Ingegneria dell\u2019Innovazione, University of Salento, Via per Monteroni, Lecce, Italy","institution_ids":["https://openalex.org/I142910587"]},{"raw_affiliation_string":"Dipartimento di Ingegneria dell'Innovazione, University of Salento, Via per Monteroni, Lecce, Italy","institution_ids":["https://openalex.org/I142910587"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5036627759","display_name":"Ivan Taurino","orcid":null},"institutions":[{"id":"https://openalex.org/I142910587","display_name":"University of Salento","ror":"https://ror.org/03fc1k060","country_code":"IT","type":"education","lineage":["https://openalex.org/I142910587"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Ivan Taurino","raw_affiliation_strings":["Dipartimento di Ingegneria dell\u2019Innovazione, University of Salento, Via per Monteroni, Lecce, Italy","Dipartimento di Ingegneria dell'Innovazione, University of Salento, Via per Monteroni, Lecce, Italy"],"affiliations":[{"raw_affiliation_string":"Dipartimento di Ingegneria dell\u2019Innovazione, University of Salento, Via per Monteroni, Lecce, Italy","institution_ids":["https://openalex.org/I142910587"]},{"raw_affiliation_string":"Dipartimento di Ingegneria dell'Innovazione, University of Salento, Via per Monteroni, Lecce, Italy","institution_ids":["https://openalex.org/I142910587"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5084437443"],"corresponding_institution_ids":["https://openalex.org/I142910587"],"apc_list":{"value":2590,"currency":"EUR","value_usd":3190},"apc_paid":{"value":2590,"currency":"EUR","value_usd":3190},"fwci":2.1529,"has_fulltext":true,"cited_by_count":21,"citation_normalized_percentile":{"value":0.87843374,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":96,"max":99},"biblio":{"volume":"21","issue":"2","first_page":"179","last_page":"189"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/man-in-the-middle-attack","display_name":"Man-in-the-middle attack","score":0.9684345722198486},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.7842530012130737},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7801806926727295},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.5045574903488159},{"id":"https://openalex.org/keywords/confidentiality","display_name":"Confidentiality","score":0.4818638265132904},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.4215685725212097},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.41591739654541016},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.24452310800552368}],"concepts":[{"id":"https://openalex.org/C196491621","wikidata":"https://www.wikidata.org/wiki/Q554830","display_name":"Man-in-the-middle attack","level":3,"score":0.9684345722198486},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7842530012130737},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7801806926727295},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.5045574903488159},{"id":"https://openalex.org/C71745522","wikidata":"https://www.wikidata.org/wiki/Q2476929","display_name":"Confidentiality","level":2,"score":0.4818638265132904},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.4215685725212097},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.41591739654541016},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.24452310800552368}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1007/s10207-021-00548-5","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s10207-021-00548-5","pdf_url":"https://link.springer.com/content/pdf/10.1007/s10207-021-00548-5.pdf","source":{"id":"https://openalex.org/S164062316","display_name":"International Journal of Information Security","issn_l":"1615-5262","issn":["1615-5262","1615-5270"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Journal of Information Security","raw_type":"journal-article"},{"id":"pmh:oai:ricerca.uniba.it:11586/536522","is_oa":false,"landing_page_url":"https://hdl.handle.net/11586/536522","pdf_url":null,"source":{"id":"https://openalex.org/S4377196296","display_name":"CINECA IRIS Institutional Research Information System (University of Bari Aldo Moro)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I5561750","host_organization_name":"University of Bari Aldo Moro","host_organization_lineage":["https://openalex.org/I5561750"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"info:eu-repo/semantics/article"}],"best_oa_location":{"id":"doi:10.1007/s10207-021-00548-5","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s10207-021-00548-5","pdf_url":"https://link.springer.com/content/pdf/10.1007/s10207-021-00548-5.pdf","source":{"id":"https://openalex.org/S164062316","display_name":"International Journal of Information Security","issn_l":"1615-5262","issn":["1615-5262","1615-5270"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Journal of Information Security","raw_type":"journal-article"},"sustainable_development_goals":[{"score":0.75,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3153427056.pdf","grobid_xml":"https://content.openalex.org/works/W3153427056.grobid-xml"},"referenced_works_count":23,"referenced_works":["https://openalex.org/W1491237615","https://openalex.org/W1572431750","https://openalex.org/W1977415353","https://openalex.org/W1992455053","https://openalex.org/W2048884875","https://openalex.org/W2056920038","https://openalex.org/W2076014973","https://openalex.org/W2115091311","https://openalex.org/W2117492729","https://openalex.org/W2188278803","https://openalex.org/W2204155491","https://openalex.org/W2320204756","https://openalex.org/W2545601601","https://openalex.org/W2760047100","https://openalex.org/W2781495646","https://openalex.org/W2790832404","https://openalex.org/W2793582640","https://openalex.org/W2794598542","https://openalex.org/W2888822923","https://openalex.org/W2889513721","https://openalex.org/W2932741641","https://openalex.org/W2953684237","https://openalex.org/W2969394128"],"related_works":["https://openalex.org/W4387497383","https://openalex.org/W3183948672","https://openalex.org/W3173606202","https://openalex.org/W3110381201","https://openalex.org/W2948807893","https://openalex.org/W2935909890","https://openalex.org/W2778153218","https://openalex.org/W2758277628","https://openalex.org/W1531601525","https://openalex.org/W2112141997"],"abstract_inverted_index":{"Abstract":[0],"Man-in-the-Middle":[1],"(MitM),":[2],"one":[3],"of":[4,12,27,36,45,68,97,128,147,153],"the":[5,10,17,23,75,80,84,91,114,126,129,134,145,148,157,161,166],"best":[6],"known":[7],"attacks":[8],"in":[9,22,79,109],"world":[11],"computer":[13],"security,":[14],"is":[15,29],"among":[16],"greatest":[18],"concerns":[19],"for":[20],"professionals":[21],"field.":[24],"Main":[25],"goal":[26],"MitM":[28,78],"to":[30,113,140,150,169],"compromise":[31],"confidentiality,":[32],"integrity":[33],"and":[34,41,63,90,108,160],"availability":[35],"data":[37,85],"flowing":[38],"between":[39,87],"source":[40],"destination.":[42],"However,":[43],"most":[44],"its":[46,143],"many":[47],"variants":[48],"involve":[49],"difficulties":[50],"that":[51],"make":[52],"it":[53,82,93,164],"not":[54],"always":[55],"possible.":[56],"The":[57],"present":[58],"paper":[59],"aims":[60],"at":[61,133],"modelling":[62],"describing":[64],"a":[65,88],"new":[66],"method":[67],"attack,":[69],"named":[70],"Browser-in-the-Middle":[71],"(BitM)":[72],"which,":[73],"despite":[74],"similarities":[76],"with":[77],"way":[81],"controls":[83],"flow":[86],"client":[89],"service":[92],"accesses,":[94],"bypasses":[95],"some":[96,110],"MitM\u2019s":[98],"typical":[99],"shortcomings.":[100],"It":[101,119],"could":[102],"be":[103,121,170],"started":[104],"by":[105],"phishing":[106],"techniques":[107],"cases":[111],"coupled":[112],"well-known":[115],"Man-in-the-Browser":[116],"(MitB)":[117],"attack.":[118],"will":[120],"seen":[122],"how":[123],"BitM":[124],"expands":[125],"range":[127],"possible":[130],"attacker\u2019s":[131],"actions,":[132],"same":[135],"time":[136],"making":[137],"them":[138],"easier":[139],"implement.":[141],"Among":[142],"features,":[144],"absence":[146],"need":[149],"install":[151],"malware":[152],"any":[154],"kind":[155],"on":[156],"victim\u2019s":[158],"machine":[159],"total":[162],"control":[163],"allows":[165],"attacker":[167],"are":[168],"emphasized.":[171]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":6},{"year":2024,"cited_by_count":5},{"year":2023,"cited_by_count":6},{"year":2022,"cited_by_count":3}],"updated_date":"2026-03-18T14:38:29.013473","created_date":"2025-10-10T00:00:00"}