Research PapersNo Access

Deep Q learning-based mitigation of man in the middle attack over secure sockets layer websites

Saloni Manhas

AIIT, Amity University, Jaipur, India

E-mail Address: salonithakur786@gmail.com

Search for more papers by this author

Swapnesh Taterh

AIIT, Amity University, Jaipur, India

E-mail Address: staterh@jpr.amity.edu

Search for more papers by this author

, and

Dilbag Singh

Computer Science Engineering, School of Engineering and Applied Sciences, Bennett University, Greater Noida, 201310, India

E-mail Address: dilbag@ieee.org

Corresponding author.

Search for more papers by this author

https://doi.org/10.1142/S0217984920503662Cited by:4 (Source: Crossref)

Abstract

To ensure the security of web applications and to reduce the constant risk of increasing cybercrime, basic security principles like integrity, confidentiality and availability should not be omitted. Even though Transport Layer Security/Secure Socket Layer (TLS/SSL) authentication protocols are developed to shield websites from intruders, these protocols also have their fair share of problems. Incorrect authentication process of websites can give birth to notorious attack like Man in The Middle attack, which is widespread in HTTPS websites. In MITM attack, the violator basically positions himself in a communication channel between user and website either to eavesdrop or impersonate the communicating party to achieve malicious goals. Initially, the MITM attack is defined as a binary machine learning problem. Deep Q learning is utilized to build the MITM attack classification model. Thereafter, training process is applied on 60% of the obtained dataset. Remaining 40% dataset is used for testing purpose. The experimental results indicate that the proposed technique performs significantly better than the existing machine learning technique-based MITM prediction techniques for SSL/TLS-based websites.

Keywords:

References

1. 95% of HTTPS servers vulnerable to trivial MITM attacks — Netcraft News. Available https://news.netcraft.com/archives/2016/03/17/95-of-https-servers-vulnerable-to-trivial-mitm-attacks.html. Accessed 2 April 2020. Google Scholar
2. M. Conti, N. Dragoni and V. Lesyk, IEEE Commun. Surv. Tut. 18(3) (2016) 2027. Crossref, Web of Science, Google Scholar
3. M. S. Hossain, A. Paul, M. H. Islam and M. Atiquzzaman, Netw. Protoc. Algorithms 10(1) (2018) 83. Crossref, Google Scholar
4. R. Holz, T. Riedmaier, N. Kammenhuber and G. Carle, X.509 Forensics: Detecting and Localising the SSL/TLS Men-in-the-middle, in European Symp. on Research in Computer Security, 2012, pp. 217–234. Crossref, Google Scholar
5. E. De La Hoz, G. Cochrane, J. M. Moreira-Lemus, R. Paez-Reyes, I. Marsa-Maestre and B. Alarcos, Detecting and defeating advanced man-in-the-middle attacks against TLS, in Int. Conf. Cyber Conflict (Cycon 2014), 2014, pp. 209–221. Crossref, Google Scholar
6. Independent Iranian Hacker claims responsibility for Comodo Hack — WIRED. Available: https://www.wired.com/2011/03/comodo-hack/. Accessed 2 April 2020. Google Scholar
7. Y. Joshi, D. Das and S. Saha, Mitigating man in the middle attack over secure sockets layer, in 2009 IEEE Int. Conf. Internet Multimedia Services Architecture and Applications (IMSAA 2009) (2009). Crossref, Google Scholar
8. P. K. Pateriya and S. S. Kumar, Int. J. Comput. 45(23) (2012) 43. Google Scholar
9. I. Dacosta, M. Ahamad and P. Traynor, Trust no one else: Detecting MITM attacks against SSL/TLS without third-parties, in Lecture Notes in Computer Science (including Subseries Lecture Notes Artificial Intelligence and Lecture Notes Bioinformatics), LNCS, Vol. 7459, 2012, pp. 199–216. Crossref, Google Scholar
10. I. Tyagi, J. Shad, S. Sharma, S. Gaur and G. Kaur, A novel machine learning approach to detect phishing websites, in 2018 5th Int. Conf. Signal Processing Integrated Networks (SPIN 2018), 2018, pp. 425–430. Crossref, Google Scholar
11. S. Osterland and J. Weber, Int. J. Hydromechatronics 2(1) (2019) 32. Crossref, Google Scholar
12. R. Wang, H. Yu, G. Wang, G. Zhang and W. Wang, Int. J. Hydromechatronics 2(3) (2019) 189. Crossref, Google Scholar
13. P. K. Shukla, P. K. Shukla, P. Sharma, P. Rawat, J. Samar, R. Moriwal and M. Kaur, IET Syst. Biol. 14(4) (2020) 211. Crossref, Web of Science, Google Scholar
14. T. Shubh and S. Sharma, Int. J. Comput. Sci. Mob. Comput. 5(6) (2016) 569. Google Scholar
15. M. Kaur and D. Singh, Cluster Comput. 23 (2019) 1439. Crossref, Web of Science, Google Scholar
16. T. Wiens, Int. J. Hydromechatronics 2(1) (2019) 16. Crossref, Google Scholar
17. H. S. Pannu, D. Singh and A. K. Malhi, Clean–Soil, Air, Water 46(5) (2018) 1700162. Crossref, Web of Science, Google Scholar
18. H. S. Pannu, D. Singh and A. K. Malhi, Neural Comput. Appl. 31 (2019) 2195. Crossref, Web of Science, Google Scholar
19. M. Kaur, H. K. Gianey, D. Singh and M. Sabharwal, Mod. Phys. Lett. B 33(5) (2019) 1950022. Link, Web of Science, ADS, Google Scholar
20. X. Xue, J. Lu and J. Chen, CAAI Trans. Intell. Technol. 4(3) (2019) 135. Crossref, Google Scholar
21. G. Qi, H. Wang, M. Haner, C. Weng, S. Chen and Z. Zhu, CAAI Trans. Intell. Technol. 4(2) (2019) 80. Crossref, Google Scholar
22. H. S. Basavegowda and G. Dagnew, CAAI Trans. Intell. Technol. 5(1) (2020) 22. Crossref, Google Scholar
23. D. Singh, V. Kumar and M. Kaur, Appl. Intell. 49(12) (2019) 4276. Crossref, Web of Science, Google Scholar
24. M. Kaur, D. Singh, V. Kumar and K. Sun, Inf. Sci. 521 (2020) 326. Crossref, Web of Science, Google Scholar
25. D. Singh, M. Kaur and H. Singh, Remote Sens. Lett. 9(10) (2018) 942. Crossref, Web of Science, Google Scholar
26. D. Singh and V. Kumar, Sci. China Inform. Sci. 62(7) (2019) 79101. Crossref, Web of Science, Google Scholar
27. D. Singh and V. Kumar, Comput. Electr. Eng. 69 (2018) 14. Crossref, Web of Science, Google Scholar
28. M. Kaur, D. Singh and R. S. Uppal, IET Image Process. 14(6) (2019) 1015. Crossref, Web of Science, Google Scholar
29. A. Gupta, D. Singh and M. Kaur, J. Ambient Intell. Humaniz. Comput. 11(3) (2020) 1309. Crossref, Web of Science, Google Scholar
30. M. Kaur, D. Singh, K. Sun and U. Rawat, Future Gener. Comput. Syst. 107 (2020) 333. Crossref, Web of Science, Google Scholar
31. M. Kaur and V. Kumar, Int. J. Bifurcation Chaos 28(11) (2018) 1850132. Link, Web of Science, Google Scholar
32. M. Kaur, V. Kumar and L. Li, Neural Comput. Appl. 31(11) (2019) 7975. Crossref, Web of Science, Google Scholar
33. M. Kaur and V. Kumar, Imaging Sci. J. 66(8) (2018) 453. Crossref, Web of Science, Google Scholar