Review Man-At-The-End attacks: Analysis, taxonomy, human aspects, motivation and future directions Adnan Akhunzada a,n , Mehdi Sookhak a , Nor Badrul Anuar a , Abdullah Gani a , Ejaz Ahmed a , Muhammad Shiraz a , Steven Furnell b , Amir Hayat c , Muhammad Khurram Khan d a Centre for Mobile Cloud Computing Research (C4MCCR), Faculty of Computer Science and Information Technology, University of Malaya, 50603 Kuala Lumpur, Malaysia b Information Security & Network Research Group, School of Computing, Communications and Electronics, University of Plymouth, Plymouth, United Kingdom c Applied Security Engineering Research Group, Dept. of Computer Science, COMSATS Institute of Information Technology, Pakistan d Center of Excellence in Information Assurance (CoEIA), King Saud University, Saudi Arabia article info Article history: Received 26 May 2014 Received in revised form 8 October 2014 Accepted 23 October 2014 Available online 11 November 2014 Keywords: Man-At-The-End Software protection Information security Digital rights management Digital assets Distributed software systems abstract Man-At-The-End (MATE) attacks and fortifications are difficult to analyze, model, and evaluate predominantly for three reasons: firstly, the attacker is human and, therefore, utilizes motivation, creativity, and ingenuity. Secondly, the attacker has limitless and authorized access to the target. Thirdly, all major protections stand up to a determined attacker till a certain period of time. Digital assets range from business to personal use, from consumer devices to home networks, the public Internet, the cloud, and the Internet of Things – where traditional computer and network security are inadequate to address MATE attacks. MATE is fundamentally a hard problem. Much of the extant focus to deal with MATE attacks is purely technical; though security is more than just a technical issue. The main objective of the paper is to mitigate the consequences of MATE attacks through the human element of security and highlight the need for this element to form a part of a holistic security strategy alongside the necessary techniques and technologies. This paper contributes by taking software protection (SP) research to a new realm of challenges. Moreover, the paper elaborates the concept of MATE attacks, the different forms, and the analysis of MATE versus insider threats to present a thematic taxonomy of a MATE attack. The ensuing paper also highlights the fundamental concept of digital assets, and the core protection mechanisms and their qualitative comparison against MATE attacks. Finally, we present state-of-the-art trends and cutting-edge future research directions by taking into account only the human aspects for young researchers and professionals. & 2014 Elsevier Ltd. All rights reserved. Contents 1. Introduction ......................................................................................................... 45 2. Man-At-The-End attacks ............................................................................................... 46 2.1. Different forms of MATE attacks ................................................................................... 46 2.2. MATE versus insider threats ...................................................................................... 47 2.3. MATE attack taxonomy .......................................................................................... 47 3. Core protection mechanisms against MATE attacks .......................................................................... 49 3.1. Software- versus hardware-based software protection ................................................................. 50 4. New trends and future directions ........................................................................................ 50 4.1. Role of mental models and MATE.................................................................................. 51 Contents lists available at ScienceDirect journal homepage: www.elsevier.com/locate/jnca Journal of Network and Computer Applications http://dx.doi.org/10.1016/j.jnca.2014.10.009 1084-8045/& 2014 Elsevier Ltd. All rights reserved. n Corresponding author. Tel.: þ60 1116431032; fax: þ60 379579249. E-mail addresses: a.adnan@siswa.um.edu.my (A. Akhunzada), m.sookhak@ieee.org (M. Sookhak), badrul@um.edu.my (N.B. Anuar), abdullahgani@ieee.org (A. Gani), imejaz@siswa.um.edu.my (E. Ahmed), muh_shiraz@um.edu.my (M. Shiraz), sfurnell@plymouth.ac.uk (S. Furnell), amir.hayat@comsats.edu.pk (A. Hayat), mkhurram@ksu.edu.sa (M. Khurram Khan). Journal of Network and Computer Applications 48 (2015) 44–57