Trusted time-based verification model for automatic man-in-the-middle attack detection in cybersecurity

Kang, James Jin, Fahd, Kiran and Venkatraman, Sitalakshmi 2018, Trusted time-based verification model for automatic man-in-the-middle attack detection in cybersecurity, Cryptography, vol. 2, no. 4, doi: 10.3390/cryptography2040038.

Attached Files
Name Description MIMEType Size Downloads

Title Trusted time-based verification model for automatic man-in-the-middle attack detection in cybersecurity
Author(s) Kang, James JinORCID iD for Kang, James Jin
Fahd, Kiran
Venkatraman, Sitalakshmi
Journal name Cryptography
Volume number 2
Issue number 4
Article ID 38
Total pages 21
Publisher MDPI
Place of publication Basel, Switzerland
Publication date 2018-12-05
ISSN 2410-387X
Keyword(s) trusted time server (TTS)
man-in-the-middle (MITM)
Secure Socket Layer (SSL)
Transport Layer Security (TLS)
inference algorithm
digital signature
digital certificate
time-based verification
Summary Due to the prevalence and constantly increasing risk of cyber-attacks, new and evolving security mechanisms are required to protect information and networks and ensure the basic security principles of confidentiality, integrity, and availability—referred to as the CIA triad. While confidentiality and integrity can be achieved using Secure Sockets Layer (SSL)/Transport Layer Security (TLS) certificates, these depend on the correct authentication of servers, which could be compromised due to man-in-the-middle (MITM) attacks. Many existing solutions have practical limitations due to their operational complexity, deployment costs, as well as adversaries. We propose a novel scheme to detect MITM attacks with minimal intervention and workload to the network and systems. Our proposed model applies a novel inferencing scheme for detecting true anomalies in transmission time at a trusted time server (TTS) using time-based verification of sent and received messages. The key contribution of this paper is the ability to automatically detect MITM attacks with trusted verification of the transmission time using a learning-based inferencing algorithm. When used in conjunction with existing systems, such as intrusion detection systems (IDS), which require comprehensive configuration and network resource costs, it can provide a robust solution that addresses these practical limitations while saving costs by providing assurance.
Language eng
DOI 10.3390/cryptography2040038
Field of Research 080303 Computer System Security
Socio Economic Objective 890199 Communication Networks and Services not elsewhere classified
HERDC Research category C1 Refereed article in a scholarly journal
ERA Research output type C Journal article
Copyright notice ©2018, The Authors
Persistent URL

Connect to link resolver
Unless expressly stated otherwise, the copyright for items in DRO is owned by the author, with all rights reserved.

Version Filter Type
Citation counts: TR Web of Science Citation Count  Cited 0 times in TR Web of Science
Scopus Citation Count Cited 0 times in Scopus
Google Scholar Search Google Scholar
Access Statistics: 28 Abstract Views, 1 File Downloads  -  Detailed Statistics
Created: Wed, 12 Dec 2018, 08:38:10 EST

Every reasonable effort has been made to ensure that permission has been obtained for items included in DRO. If you believe that your rights have been infringed by this repository, please contact