A Methodology to Find Artifacts of the Hacker in Man-in-the-Browser Attack

  • Sai Dinesh Kondeti
  • Vishal AdadaEmail author
  • R. Sridevi
Conference paper
Part of the Learning and Analytics in Intelligent Systems book series (LAIS, volume 3)


Man-in-the-browser attack is an evolved version of man-in-the-middle attack which mainly targets the internet banking. These attacks fall under the category of session hijacking, so, it is difficult to detect and stop the malicious actions as they are performed using legitimate session. Computer forensics plays a prominent role in finding the traces left behind by the hacker while compromising a computer. These traces will explain how the attack was carried out, which could serve as an evidence in the court proceedings.


Hacking Session hijacking Computer forensics 


  1. 1.
    RSA White Paper, Making sense of man-in-the-browser attacks: threat analysis and mitigation for financial institutions.
  2. 2.
    Dougan T, Curran K (2012) Man in the browser attacks. Int J Ambient Comput Intell 4(1):29–39.
  3. 3.
    Analysis of man-in-the-browser attack by SANS.
  4. 4.
    OWASP article about man-in-the-browser attack.
  5. 5.
  6. 6.
    Grande CL, Guadrón RS (2016) Computer forensics. In: 2016 IEEE 36th central American and Panama convention (CONCAPAN XXXVI), pp 1–6. San Jose.
  7. 7.
  8. 8.
    Cuckoo sandbox documentation.
  9. 9.
    Carrier B (2005) File system forensic analysis.
  10. 10.
    Carvey H (2011) Windows registry forensics: advanced digital forensic analysis of the windows registry. Syngress Publishing.
  11. 11.
    Ligh M, Adair S, Hartstein B, Richard M (2010) Malware analyst’s cookbook and DVD: tools and techniques for fighting malicious code.
  12. 12.
  13. 13.
    Ligh MH, Case A, Levy J, Walters A (2014) The art of memory forensics: detecting malware and threats in windows, linux, and mac memory.
  14. 14.
    Casey E (2011) Digital evidence and computer crime: forensic science, computers, and the internet.
  15. 15.
    Casey E (2009) Handbook of digital forensics and investigation.

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  1. 1.CSE DepartmentJNTUHCEHHyderabadIndia

Personalised recommendations