Defense against man-in-the-middle attack in client-server systems

Abstract

The deployment of several client-server applications over the Internet and emerging networks requires the establishment of the client's integrity. This is necessary for the protection of copyright of distributed material and, in general, for protection from loss of "sensitive" (secret) information. Clients are vulnerable to powerful man-in-the-middle attacks through viruses, which are undetectable by conventional anti-virus technology. We describe such powerful viruses and show their ability to lead to compromised clients, that cannot protect copyrighted or "sensitive " information. We introduce a methodology based on simple hardware devices, called "spies", which enables servers to establish client integrity, and leads to a successful defense against viruses that use man-in-the-middle attacks.