NIST is striving to use more inclusive language. Although present in current NIST publications, this potentially biased term will no longer be used in NIST's new or revised cybersecurity and privacy publications. The deprecated term will be removed from this online glossary once it's no longer defined in a NIST publication.
Alternative language that NIST is using includes:
machine-in-the-middle attack; on-path attack
A form of active wiretapping attack in which the attacker intercepts and selectively modifies communicated data to masquerade as one or more of the entities involved in a communication association. NIST is striving to use more inclusive language.
Although present in current NIST publications, this potentially biased term will no longer be used in NIST's new or revised cybersecurity and privacy publications.
The deprecated term will be removed from this online glossary once it's no longer defined in a NIST publication. Alternative language that NIST is using includes: machine-in-the-middle attack; on-path attack NIST is striving to use more inclusive language.
Although present in current NIST publications, this potentially biased term will no longer be used in NIST's new or revised cybersecurity and privacy publications.
The deprecated term will be removed from this online glossary once it's no longer defined in a NIST publication. Alternative language that NIST is using includes: machine-in-the-middle; on-path attacker
Sources:
CNSSI 4009-2015
from
IETF RFC 4949 Ver 2
An attack in which an attacker is positioned between two communicating parties in order to intercept and/or alter data traveling between them. In the context of authentication, the attacker would be positioned between claimant and verifier, between registrant and CSP during enrollment, or between subscriber and CSP during authenticator binding.
Sources:
NIST SP 1800-21B
under Person (Man)-in-the-Middle Attack
from
NIST SP 800-63-3
NIST SP 800-63-3
under Man-in-the-Middle Attack (MitM)
An attack where the adversary positions himself in between the user and the system so that he can intercept and alter data traveling between them.
Sources:
NISTIR 7711
under Man-In-The-Middle