Enhancing IoT security: Assessing instantaneous communication trust to detect man-in-the-middle attacks

IF 6.2 2区计算机科学 Q1 COMPUTER SCIENCE, THEORY & METHODS

Future Generation Computer Systems-The International Journal of Escience Pub Date : 2025-01-14 DOI:10.1016/j.future.2025.107714

Rabeya Basri , Gour Karmakar , S.H. Shah Newaz , Joarder Kamruzzaman , Linh Nguyen , Mohammad Mahabub Alam , Muhammad Usman

{"title":"Enhancing IoT security: Assessing instantaneous communication trust to detect man-in-the-middle attacks","authors":"Rabeya Basri , Gour Karmakar , S.H. Shah Newaz , Joarder Kamruzzaman , Linh Nguyen , Mohammad Mahabub Alam , Muhammad Usman","doi":"10.1016/j.future.2025.107714","DOIUrl":null,"url":null,"abstract":"<div><div>Communication trust is regarded as an effective tool to detect various dangerous cyber attacks, including Man-in-the-Middle (MITM) attacks and acts as a complement to zero trust. There exist some approaches in the literature to calculate inter-node communication trust in Wireless Sensor Networks (WSNs) and IoT networks and leverage it to detect attacks. In WSNs, since promiscuous communication mode is used in calculating inter-node communication trust, it is not suitable for IoT networks. For IoT, the packet forwarding behavior of edge nodes is used in calculating inter-node communication trust, which is limited to detect the MITM attacks effectively unless an edge node is compromised and acts as an MITM attacker. Additionally, these trust calculation mechanisms neither leverage communication channel characteristics nor the communication trust between sensor and edge nodes. Protecting IoT networks from various cyber attacks like MITM attacks requires the instantaneous trust calculation using communication channel characteristics. Since active MITM attacks incur delays, consideration of delay in trust calculation appears to be an effective means in identifying attacks. Neither end-to-end (E2E) delay nor delay due to attacks has been used in communication trust calculation in the existing literature. To bridge this research gap and detect active MITM attacks accurately and spontaneously, in this paper, a new conceptual model, named IPCTCM is introduced for instantaneous trust calculation of an IoT communication channel leveraging delay due to active MITM attacks. Two popular time-series data estimation tools, named Kalman filter and LSTM are used to estimate the expected E2E delay to identify delay due to attacks. Our proposed communication trust calculation model is validated using the data, generated by a testbed implementation in our IoT lab at Federation University Australia. Performance evaluation shows our proposed model achieves an attack detection accuracy of 98.9%, which outperforms an existing intrusion detection method with the improvement of 48.1% accuracy. Furthermore, our trust calculation method has broader applicability in other communication domains as well.</div></div>","PeriodicalId":55132,"journal":{"name":"Future Generation Computer Systems-The International Journal of Escience","volume":"166 ","pages":"Article 107714"},"PeriodicalIF":6.2000,"publicationDate":"2025-01-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Future Generation Computer Systems-The International Journal of Escience","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167739X25000093","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}

引用次数: 0

Abstract

Communication trust is regarded as an effective tool to detect various dangerous cyber attacks, including Man-in-the-Middle (MITM) attacks and acts as a complement to zero trust. There exist some approaches in the literature to calculate inter-node communication trust in Wireless Sensor Networks (WSNs) and IoT networks and leverage it to detect attacks. In WSNs, since promiscuous communication mode is used in calculating inter-node communication trust, it is not suitable for IoT networks. For IoT, the packet forwarding behavior of edge nodes is used in calculating inter-node communication trust, which is limited to detect the MITM attacks effectively unless an edge node is compromised and acts as an MITM attacker. Additionally, these trust calculation mechanisms neither leverage communication channel characteristics nor the communication trust between sensor and edge nodes. Protecting IoT networks from various cyber attacks like MITM attacks requires the instantaneous trust calculation using communication channel characteristics. Since active MITM attacks incur delays, consideration of delay in trust calculation appears to be an effective means in identifying attacks. Neither end-to-end (E2E) delay nor delay due to attacks has been used in communication trust calculation in the existing literature. To bridge this research gap and detect active MITM attacks accurately and spontaneously, in this paper, a new conceptual model, named IPCTCM is introduced for instantaneous trust calculation of an IoT communication channel leveraging delay due to active MITM attacks. Two popular time-series data estimation tools, named Kalman filter and LSTM are used to estimate the expected E2E delay to identify delay due to attacks. Our proposed communication trust calculation model is validated using the data, generated by a testbed implementation in our IoT lab at Federation University Australia. Performance evaluation shows our proposed model achieves an attack detection accuracy of 98.9%, which outperforms an existing intrusion detection method with the improvement of 48.1% accuracy. Furthermore, our trust calculation method has broader applicability in other communication domains as well.

查看原文本刊更多论文

求助全文

约1分钟内获得全文求助全文

来源期刊

Future Generation Computer Systems-The International Journal of Escience 工程技术-计算机：理论方法

CiteScore

19.90

自引率

2.70%

发文量

376

审稿时长

10.6 months

期刊介绍： Computing infrastructures and systems are constantly evolving, resulting in increasingly complex and collaborative scientific applications. To cope with these advancements, there is a growing need for collaborative tools that can effectively map, control, and execute these applications. Furthermore, with the explosion of Big Data, there is a requirement for innovative methods and infrastructures to collect, analyze, and derive meaningful insights from the vast amount of data generated. This necessitates the integration of computational and storage capabilities, databases, sensors, and human collaboration. Future Generation Computer Systems aims to pioneer advancements in distributed systems, collaborative environments, high-performance computing, and Big Data analytics. It strives to stay at the forefront of developments in grids, clouds, and the Internet of Things (IoT) to effectively address the challenges posed by these wide-area, fully distributed sensing and computing systems.