The propagation method by means of an attack of the “man-in-the-middle” type in the DHCP protocol

The research of the up-to-date malicious software conducted by the authors detected that one of the main methods of their expansion is the attack to the Dynamic Host Configuration Protocol (DHCP) made in order to organize the “man-in-the-middle” scheme. However, the result of such attack is of probabilistic nature and it depends on the difference between the speeds of response of antagonistic and legal (licensed) DHCP servers. The present paper describes the concept of expansion by means of the “man-in-the-middle” attack in the DHCP protocol and its limitations, imposed by the DHCP protocol. Examination of the DHCP protocol and limitations imposed on the expansion concept in it leads to creation of the new method which executes the attack of the “man-in-the-middle” type. This new method of unavoidable attack on the DHCP protocol excludes the probability of its failure and is the main result of the present research.