Detecting Risky Authentication Using the OpenID Connect Token Exchange Time

Alex Heunhe Han; Dong Hoon Lee

doi:10.3390/s23198256

Sensors (Oct 2023)

Detecting Risky Authentication Using the OpenID Connect Token Exchange Time

Alex Heunhe Han,
Dong Hoon Lee

Affiliations

Alex Heunhe Han: School of Cybersecurity, Korea University, Seoul 02841, Republic of Korea
Dong Hoon Lee: School of Cybersecurity, Korea University, Seoul 02841, Republic of Korea

DOI: https://doi.org/10.3390/s23198256
Journal volume & issue: Vol. 23, no. 19
p. 8256

Abstract

Read online

With the rise in sophisticated cyber threats, traditional authentication methods are no longer sufficient. Risk-based authentication (RBA) plays a critical role in the context of the zero trust framework—a paradigm shift that assumes no trust within or outside the network. This research introduces a novel proposal as its core: utilization of the time required by OpenID Connect (OIDC) token exchanges as a new RBA feature. This innovative approach enables the detection of tunneled connections without any intervention from the user’s browser or device. By analyzing the duration of OIDC token exchanges, the system can identify any irregularities that may signify unauthorized access attempts. This approach not only improves upon existing RBA frameworks but is also in alignment with the broader movement toward intelligent and responsive security systems.

Published in Sensors

ISSN: 1424-8220 (Online)
Publisher: MDPI AG
Country of publisher: Switzerland
LCC subjects: Technology: Chemical technology
Website: http://www.mdpi.com/journal/sensors

About the journal

Abstract

Keywords