man in the middle attack
n. A computer security breach in which a malicious user intercepts — and possibly alters — data traveling along a network. (Also: man-in-the-middle attack.)

Example Citation:
If it delivers what's promised, Funk's Odyssey software will let enterprises use familiar password-based authentication for wireless LANs and existing authentication databases, but protect these interactions from the special weaknesses of wireless links, such as eavesdropping or so-called "man in the middle" attacks.
—John Cox, "Funk releases 802.1x software for WLAN security," InfoWorld Daily News, February 5, 2002

Earliest Citation:
Computers operating at speeds far in excess of current ones are technically feasible. Building them is only a matter of money. The cost of $4, $10 or $50 million might be high for a university or major corporation, it's peanuts for NSA. Informed sources indicate that such a computer would be capable of cracking a Clipper cipher in a matter of minutes. Clipper also lends itself, under proper conditions, to a 'man in the middle' attack.
—"How string is Clipper?," Computer Fraud & Security Bulletin, May, 1994

Notes:
This exploit also goes by the name TCP hijacking (where TCP is a method by which data is transmitted across a network).

Related Words:

Categories: