Defense Against Man-in-the-Middle Attack in Client-Server Systems with Secure Servers

Dimitrios N. Serpanos, Richard J. Lipton

Research output: Contribution to journalArticle

Abstract

Digital rights management in client-server environments requires the establishment of client integrity, in order to protect sensitive (secret) information from loss or misuse. Clients are vulnerable to powerful man-in-the-middle attacks through malicious software (viruses, etc.), which is undetectable by conventional anti-virus technology. We present such powerful viruses and demonstrate their ability to compromise clients. Furthermore, we introduce a defense against all viruses, which is based on simple hardware devices that execute specialized protocols to establish client integrity and protect against sensitive data loss.

Original languageEnglish
Pages (from-to)2966-2970
Number of pages5
JournalIEICE Transactions on Communications
VolumeE86-B
Issue number10
Publication statusPublished - 1 Oct 2003
Externally publishedYes

    Fingerprint

Keywords

  • Antivirus technology
  • Digital rights management
  • Man-in-the-middle attack
  • Undetectable virus

ASJC Scopus subject areas

  • Electrical and Electronic Engineering
  • Computer Networks and Communications

Cite this