IEEE Access (Jan 2019)
A Deception Model Robust to Eavesdropping Over Communication for Social Network Systems
Abstract
Communication security deals with attributes such as confidentiality, integrity, and availability. The current strategies used to achieve covertness of communication employs encryption. Encryption techniques minimize eavesdropping on the conversation between the conversing parties by transforming the message into an unreadable form. However, it does not prevent or discourage eavesdroppers from stealing and attempting to decrypt the encrypted messages using a brute-force attack or by randomly guessing the key. The probability of the eavesdropper acquiring the key and recovering the message is high as he/she can distinguish a correct key from incorrect keys based on the output of the decryption. This is because a message has some structure-texts, pictures, and videos. Thus, an attempt at decrypting with a wrong key yields random gibberish that does not comply with the expected structure. Furthermore, the consistent increase in computational power implies that stolen encrypted data may gradually debilitate to a brute-force attack. Thus, causing the eavesdropper to learn the content of the message. To this end, the objective of this research is to reinforce the current encryption measures with a decoy-based deception model where the eavesdropper is discouraged from stealing encrypted message by confounding his resources and time. Our proposed model leverages its foundation from decoys, deception, and artificial intelligence. An instant messaging application was developed and integrated with the proposed model as a proof of concept. Further details regarding the design, analysis, and implementation of the proposed model are substantiated. The result shows that the proposed model reinforces state-of-the-art encryption schemes and will serve as an effective component for discouraging eavesdropping and curtailing brute-force attack on encrypted messages.
Keywords
