Which one of the following techniques is useful in preventing replay attacks?

Q: What are the different types of replay attacks?

Therere different types of replay attacks in networking. Well discuss four types of most widely used replay attacks: network, wireless, session, and HTTP replay attacks. In network replay attacks, the attacker intercepts network traffic and then resends it at a later time.

Department of Computer Science, National University of Technology, Islamabad 44000, Pakistan

Inhaltsverzeichnis Show

1. Introduction
2. Literature Review
3. Proposed Algorithm
4. Experiment
5. Comparative Analysis
6. Conclusions
Author Contributions
Acknowledgments
Conflicts of Interest
Share and Cite
Which technique is useful in preventing replay attacks?
What is replay attack in cyber security?
What are the different types of replay attacks?
What is a replay attack quizlet?

Department of Computer Science and Information Systems, College of Applied Sciences, AlMaarefa University, Riyadh 13713, Saudi Arabia

Department of Natural and Applied Sciences, Faculty of Community College, Majmaah University, Majmaah 11952, Saudi Arabia

Author to whom correspondence should be addressed.

Appl. Sci. 2022, 12(16), 8143; https://doi.org/10.3390/app12168143

Received: 7 July 2022 / Revised: 8 August 2022 / Accepted: 12 August 2022 / Published: 14 August 2022

(This article belongs to the Section Computing and Artificial Intelligence)

Download

Download PDF

Download Epub

Versions Notes

Abstract

Cloud computing is an online data storage system that can be easily accessed anywhere. Various algorithms and techniques have been developed to secure cloud data, which, if used correctly, can detect cloud attacks. These algorithms can only detect cloud data attacks and cannot prevent such attacks. If an attacker gains access to the data, he or she can tamper with the data in any way that could lead to misuse of the data. This paper will design a secure architecture for securing data with various algorithm implementations on the architecture so that cloud data can be saved from replay attacks. First, a text file will be taken, the text file will be encrypted using the encryption mechanism, and this file will be transmitted on the SaaS cloud server platform. Whenever a file is uploaded to a cloud server, it will be broadcast across the network, after which any user can access it, whether it is valid or invalid. Whenever a file is downloaded from a cloud server, it will be necessary to decrypt it to access it. If the file is successfully decrypted, then the file will be verified. A verification mechanism will be used to verify the data, which will be used to check whether a replay attack has been made on the data or not. If the data authentication is successful, this data will be called authentic data. The novelty of this paper is that an algorithm has been developed in this paper to prevent replay attacks so that if the data is retransmitted with slight changes, then the authenticity and inauthenticity of the data will be identified. Recent papers will be compared with the proposed paper in the conclusion, and it will be pointed out how much better the current technique is than the previous one.

Keywords:

replay attacks; cryptography; encryption; decryption; server; symmetric cryptography; network; intrusion detection; prevention

1. Introduction

Cloud computing is an online-user service model consisting of various servers, software, databases, storage, routers, and switches []. When all these components are connected, a centralized database storage system, called cloud computing, is created to provide different user services []. Whenever data is stored online, the data can be accessed from any part of the world. Nowadays, every organization is moving its data toward the cloud []. When one organization’s data has to be accessed in another, then physically accessing the data is a complicated process that requires the presence of all the hardware and software required to access the data []. If physical data storage is replaced by online data storage, in that case, data can be easily accessed, and users’ access can be restricted. Still, when the system is based on a physical network, all connected users will have access to data, but in cloud computing, limited access can be given to each user [].

1.1. Classification of Cloud Computing

Cloud computing is divided into two main categories [], the first is a deployment-based model and the second is a service-based model, as shown in . The Deployment-based model is a model that provides end-users with sizes, ownership, and a variety of access [], while service-based models are those that provide a variety of services, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS). The deployment-based model includes public, private, and protected models [].

1.2. Cryptosystem

A cryptosystem is one of the essential systems to provide security for data protection, which can be used to protect data from replay attacks []. A cryptosystem is the shortest form of a cryptographic system. A cryptosystem is a combination of various methods and algorithms that enable all information and communication to be transmitted to any node on a network in a secure form []. Whenever an attacker tries to access cloud data, he uses all sorts of internal and external attacking algorithms that can help to gain access to that data []. If the attacker gains access to the data, it is difficult to protect that data from the attacker. A cloud cryptosystem is a technique used to protect data from attackers []. When different techniques are used in this algorithm, the attacker cannot use the data even though he has access.

The cloud cryptosystem consists of two techniques: encryption and decryption []. Whenever data is converted from a readable format to a non-readable format, various steps and techniques are used to convert the data []. A non-readable text is obtained; this process is called encryption []. Non-readable text is a cipher text that is impossible for both authentic and inauthentic users to understand or read []. Whenever data is converted from a non-readable form to a readable form, such a process is called decryption. Decryption is a process in which various steps convert cipher text to plain text [].

1.3. Replay Attacks on Data

In cloud computing, whenever data is transmitted, the data can be of two types; the first is authentic data and the second non-authentic data []. Authentic data comes from valid users, while inauthentic data is the data that comes from the attacker [], or is the data that the attacker sends for phishing. Various techniques and detection mechanisms have been developed to prevent intrusive activities. However, suppose an attacker snatches data through a man-in-the-middle attack and transmits the same data back to the cloud server; in that case, it will be complicated to differentiate between the original and malicious data [].

Whenever a man-in-the-middle attack on a cloud network succeeds, the attacker transmits the same message repeatedly on the cloud network with the same name []. This type of attack is called a replay attack, which can have a malicious injection of any kind and cause damage to the cloud network or user, as shown in . It is challenging to detect such attackers and malicious data in the cloud server because it shows the same data from the valid user [].

1.4. Problem Formulation

Researchers have worked on different methods and algorithms to protect data from replay attacks. Some researchers have developed a hybrid deep-learning-based model to protect data from replay attacks. Some researchers have designed an architecture consisting of 3-nodes and identified faulty nodes on this network. Some researchers have worked on different techniques and have implemented these techniques on different datasets, while other researchers have developed protocol-based security to prevent replay attacks. With the help of all these algorithms and mechanisms, replay attacks can be detected, and faulty nodes can be identified, but with the help of such a technique, data transmission cannot be secured, nor can malicious data be differentiated from the original data.

The way this paper works is different from all other papers. This paper will develop a secure architecture to protect the data from replay attacks, which will be protected using security mechanisms in each phase. Whenever data is transmitted to a cloud server, the data is broadcast over the entire network, and all valid and invalid users can access the data. Cryptosystem will be used to solve this problem in which cipher values will be obtained by implementing Cryptosystem on the text, sender name, and Key received from the receiver, and a cipher catenation will be implemented on these cipher values. The reason for using cipher citation is that if an attacker tries to change any cipher value, he will not be able to understand the original text in that cipher value due to the implementation of cipher citation. Changing the cipher value and re-transferring a new value, it will affect the entire cipher text. The most significant advantage of using a username is that when the receiver decrypts the data, it will match the Key and the username. If both match after decryption, then the original text data will be shown, and if there is any change in the cipher value, then it will affect the whole data, and malicious data will not be shown, which is the novelty of this paper.

The rest of the paper will be managed in this way. will deal with various papers related to the existing technique. will discuss the latest work. Testing will be undertaken in . The latest technique in will be compared with the previous technique, and the latest work’s novelty will be discussed. will consist of conclusions.

2. Literature Review

This article [] surveyed various research articles to understand replay attacks and the problems that arise from them. After that, the various techniques, datasets, and algorithms used in these papers were collected. First, the underlying causes of the replay attack were studied. After that, the causes of the replay attack were identified, including unprotected communication, improper cryptography, insecure architecture, and the development of the insecure protocol. After surveying the techniques used in different papers, various solutions were provided that can be used to save cloud data from replay attacks, which included the construction of a secure database, framework policy design, unique mitigation approaches, secure user authentication, and structure; then, we discussed that if data is to be protected from replay attacks, then all these efficient techniques should be used, which can save data from any replay attack.

Detection of intrusion from IoT devices is the biggest issue affecting smart device reliability. The biggest threat to IoT smart devices is replay attacks that significantly affect the authenticity of the smart city. According to the researchers [], different literature developed different techniques and deep learning frameworks to prevent replay attacks and detect interference. This paper developed a hybrid deep learning-based model to detect replay attacks on smart IoT devices. The efficiency of this algorithm is that this algorithm is implemented on an application to identify replay attacks. To test the performance of this algorithm, real-life smart city datasets were taken. This deep learning-based model was implemented on these datasets and discussed that the deep learning-based model could distinguish between normal and abnormal packets.

According to Amirreza Zaman et al. [], whenever the attacker tries to replay the values stored in the control system network, it is difficult to prevent such replay attacks. To solve this problem, the LQG controller was used in the control system, with the help of which the replay attacks in the control system had been detected. First, a network was designed in which the packet-dropout features were collected using the Kullback–Leibler divergence algorithm. Then, the attack was detected with this algorithm’s help. It was then discussed that whenever the network is attacked, the attack rate is several times higher than the detection rate, for which the attack detection criteria must be effective.

According to researchers [], Serial Communication Protocol is one of the significant Control Area Network (CAN) components that transmit the message on the Control Area Network. When CAN broadcasts this message, the message is transmitted to all nodes across the network, and each node can access this message. If an incorrect person captures a message from the network and sends the same message to the network, then such a user is considered an inauthentic user because of the incorrect message. The paper designed a control area network in which three control area nodes were taken, and a replay attack on a faulty node was tested. Two forms of replay attack were used in this paper. The first type of replay attack captured the entire message and re-broadcast it over the network, while the second type of replay attack captured the whole message and re-broadcast part of the message over the network. The second replay attack was then implemented on the control area network in which some portion of the message was transmitted. It was then discussed that detecting such an attacking method is easy whenever an entire message is retransmitted over a network. When a partial message is transmitted over a network, such an attacking method is hard to detect on the network.

According to Elsaeidy et al. [], The Internet of Things (IoT) technologies are heavily used in today’s smart city infrastructure. IoT technology primarily serves as a platform for service automation by allowing various things to communicate over the Internet backbone. On the other hand, smart public infrastructure is prone to cyber due to the security vulnerabilities connected with IoT networks. This paper created a hybrid deep learning model for identifying replay and DDoS attacks in a real-world smart city platform. DDOS attacks attempt to access data without permission, while replay attacks attempt to insert malicious data. Both types of attacks can cause damage to the cloud server. To check the performance of the Hybrid Model, three real-time, smart-city datasets (smart river dataset, smart soil dataset, environmental dataset) were taken, and DDOS and replay attacks were performed on these datasets. It was then discussed whenever DDoS and replay attacks are performed on a cloud server. DDoS attacks can be easily detected on the behavior of DDoS, but when the same message is received from two users, it is difficult to detect the original and malicious message in such messages.

According to Rajesh et al. [], the supervisory control system and data acquisition system (SCADA) is the core component of the Industrial Control System (ICS), with the help of which the industrial control system is being controlled. This component operates within its network and implements a proprietary protocol, making it less vulnerable to attacks on the cloud network. According to researchers, industrial control systems are used for data sharing and remote access on the Internet and local networks, which increases the likelihood of network attacks. Cyber-attacks on ICS are far more likely now than before, and these attacks can be both internal and external. This paper used the Modbus protocol to prevent Command Injection Attacks, Replay Attacks, and False Access Injections. First, the SCADA testbed technique had been set, and the effects of these attacks on the testbed data had been shown, for which a local area network was taken and simulated by carrying out various attacks on this network. After launching various attacks on the LAN, an algorithm Modbus protocol was developed to prevent replay attacks, false-access injection, and command-injection attacks. After that, the attack block rate (ABR) was used to check the algorithm’s performance, which blocked 97% of the attacks and saved the SCADA system from being attacked.

Different researchers have used different techniques and algorithms to protect cloud data from replay attacks. Some researchers have tried to identify the causes of replay attacks [], which have identified all the problems that cause replay attacks. After that, various solutions have been provided that can be used to protect against replay attacks. Some researchers [] developed deep-learning algorithms that can be applied to an application and determine the application’s characteristics by different datasets. Some researchers [] developed an algorithm to protect the control system network from replay attacks. Some researchers [] designed a three-node control area network to detect replay attacks on partial broadcast messages, arguing that such replay messages are difficult to detect, while other researchers [] designed a hybrid deep learning model that had capabilities to detect DDoS and replay attacks. Various datasets have been implemented on this model and it has been discussed that DDoS attacks are easier to detect than replay attacks based on their behavior. No algorithm has been developed in any paper to detect replay attacks and protect data from replay attacks. No such technique has been used in any paper in which the information of each user is stored along with the user’s data. Cloud data can be protected from replay attacks if cloud cryptography is used to protect against replay attacks. If an attacker performs a replay attack, based on the data transmitted from the replay attack, it can be identified whether the incoming data is malicious or authentic, and whether the data has been altered or not. To solve such problems, an algorithm has been developed in the proposed paper to detect replay attacks and protect the cloud server from replay attacks data.

3. Proposed Algorithm

To protect data from replay attacks, architecture will be designed; then, the architecture will be further divided into transmission systems. Complete encryption and decryption processes will be discussed with the help of two different architectures.

3.1. Architecture

A cloud architecture will consist of different routers, users, and a cloud server. First, three different routers will be taken in this architecture, and different users will be connected to these routers. The IP address of each router will be different from the other router, and the IP address of each user will be different from all the users of the other router, as shown in . First, from IP address 192.168.10.4, a text file will be encrypted via Router 10.0.0.1 and transmitted to the cloud server (SaaS). Every user will access the file when the file will be transmitted to the cloud server. This file will have to be decrypted whenever a valid user has to access this file. Suppose an attacker tries to make a Replay Attack on a file in which he uploads the file to the cloud server by creating his file or modifying a valid user’s file. In that case, the exact decryption mechanism will have to be implemented, which will be made for valid users. In , a valid user encrypted a file and uploaded it to a cloud server (SaaS), and as soon as the file was uploaded, the attacker, whose IP address is 192.168.15.3, downloaded the file to that IP address and changed the cipher values in that file, and re-uploaded it to the cloud server with the same name. When two files of the same name will be received on the receiver side or the original file will be replaced, it will be difficult for the receiver to differentiate between them, which is a big problem. This problem will be solved by a mechanism discussed in .

Cloud Server (Software-as-a-Service)

Software-as-a-Service (SaaS) is a platform that can be used to provide a variety of services to end-users. These services can be stored in cloud servers and can be accessed remotely from anywhere. Different organizations purchase various Software-as-a-Service (SaaS) domains to provide customers services, which can be public or private for each customer. In this article, a public SaaS platform is used. With this help, all the data has been publicly uploaded, and all the users have been given access to this data.

3.2. Transmission System

First, a plain text file “demo. txt” will be taken on the sender side, the encryption mechanism will be applied to that file, and the encrypted text will be obtained, and then this file will be transmitted to the cloud server as shown in . The “demo. text” file was broadcast over the entire cloud network when uploaded to the cloud server. This file was received by an attacker who wanted to use the sender data, but because of the cipher text, the attacker made some changes to this file and re-uploaded it to the cloud server as an authentic user. Now, when the receiver accesses this file, that file can be authentic or inauthentic. When the receiver implements the decryption mechanism on the file, if there are any new cipher values other than the defined cipher values used in the encryption algorithm, the decryption mechanism will not work on such data, and it will be considered inauthentic data. If data is successfully decrypted, then this file will be verified. The cipher catenation will be used for file verification. In cipher-catenation, the Key will be added at the beginning of the text, and the username will be added at the end of the text. The receiver will first check the Key as to whether it is valid or invalid. It will then check the sender’s name to see if the name of the file sender is correct or not. The attacker cannot decrypt the cipher text, but he can make changes to it. In case of changes, the original and malicious data will be identified in the verification step. This is an efficient way to detect replay attacks and prevent data from being tampered with.

Cipher Catenation

Cipher-Catenation is a technique that can be used to secure the data on the left and right sides. Whenever an attacker accesses the data, cipher-catenation in cipher text forces the attacker to decrypt the entire text as only some of the cipher values are difficult to convert to readable form. In cipher-catenation, firstly, the Key, then the text, and then the username will be concatenated. After that, a cipher text will be obtained.

3.3. Encryption

In Algorithm 1, first, a plain text file will be taken to encrypt the data, and the characters of this plain text will be converted to ASCII to get values in bytes. These values will be converted to 4-bits binary groups, and then different decimal values will be obtained. After that, a public key (K) will be received from the receiver. The encryption mechanism will be implemented on the Key (K) received from the receiver, and then the length of the Key will be identified and will be used in “X = (C*C) + Klen.” Klen will represent the length of the Key. When the sender uploads the data to the cloud server, it will also use the encryption mechanism on the username. The user name of the sender and the Key received from the receiver will show the authenticity of the data. The encrypted Key, text and username will then be concatenated using cipher catenation, as shown in , and a cipher text will be obtained. This cipher text will be uploaded to the cloud server with the help of a text file.

Algorithm 1: EncryptionInput: Plain Text
Output: Cipher text

Plain Text
Convert all characters of text to its equivalent ASCII.
Convert each ASCII value to 8-bit binary values.
Make 4-bit groups of binary values.
Convert 4-bit group binary values to decimal (C).
Get the text key (K) from receiver and apply X = (C*C) + Klen; while C = decimal values, Klen = length of key.
Convert each decimal value obtained in step 6 to its equivalent ASCII.
Get the cipher text.

ASCII Table

This paper has developed an ASCII table that can be used only among authentic users. When an attacker tries to convert cipher text to the original text, he will use the pre-defined ASCII table, but when the user-defined ASCII table is used for the Cryptosystem unless the attacker has a user-defined ASCII, he cannot decrypt the data, which may be the best data security technique. A complete ASCII table is shown in .

3.4. Decryption

In Algorithm 2, to decrypt the data, first, the cipher text will be converted to ASCII and then on the derived ASCII values “P=X−Klen” formula will be implemented, and obtained decimal values will be converted to binary, as shown in . These binary values will then be converted to decimal by making pairs of 8-bits. When different decimal values are obtained, then these decimal values will be converted to ASCII to get a text. After receiving the text, a verification mechanism will be applied to the text based on which the authentication of the data will be checked, as shown in .

Algorithm 2: DecryptionInput: Cipher text
Output: Plain Text

Cipher Text
Convert every character of cipher text to its equivalent ASCII (X).
Apply P = (X−Klen) on step 1; while X = ASCII values obtained in step 1, Klen = length of key obtained in encryption.
Convert each decimal value into 4 bits binary.
Convert 4-bit binary values obtained in step 4 into 8-bit values by merging two groups.
Convert step 5 results to decimal values.
Convert each decimal value to equivalent ASCII.
Obtained plain text.
Apply verification mechanism on obtained text.

IF (plaintext! = DECRYPT)
THEN
EXIT () Function
ELSE IF (plaintext = DECRYPT)
THEN
{
VERIFICATION Function
{
IF (plaintext == KEY && TEXT && U_NAME)
THEN
AUTHENTIC Function
ELSE
INAUTHENTIC Function
}
}

4. Experiment

First, the plaintext is converted and transmitted to the cloud server to protect data from replay attacks. To upload the data, a public domain of the service model SaaS has been used to broadcast the data. It will be necessary to decrypt the data to convert it to a readable format.

4.1. Authentic Transmission

A tool has been developed to encrypt the data in which plain text is taken, and this plain text is encrypted with a Key and username. The reason for encrypting the file with the username and Key is that when an attacker makes a replay attack, the attacker will not be able to decrypt the encrypted file, and if the attacker replaces the cipher value with a negative value, at the decryption time key and username will be verified. If the data does not match, then that data will be called replay attack data.

First, a plain text “Welcome” has been taken, and this plain text has been encrypted with username “[email protected]” and key “Ali”. After encrypting the data, a cipher value has been obtained, as shown in .

After encrypting the text, the ciphertext is stored in a text file name “demo.txt”, then a public cloud domain “Software-as-a-Service (SaaS)” application is used to broadcast the data, and the file is broadcast on the cloud server, as shown in .

4.1.1. Encryption Mechanism

Step-1: Various steps have been taken to demonstrate the implementation of the encryption process in which; first, plain text has been taken, and different techniques have been implemented on this plain text. A plain text is shown in .

Step-2: The plain text has been converted to its equivalent ASCII using the ASCII table, as shown in . The ASCII table is shown in .

Step-3: After converting plain text to its equivalent ASCII, it has been converted to bytes (B), as shown in .

Step-4: After converting values to bytes, each byte value has been split into 4-bits, as shown in . The reason for splitting bytes is to increase the number of cipher text.

Step-5: After splitting byte values into 4-bits, each bit has been converted to decimal values, as shown in .

Step-6: After converting binary to decimal “: X = (C*C) + Klen” formula has been used, on each decimal value, this formula has been implemented, and different results have been obtained, as shown in . Klen means the length of the Key received from the receiver. In this paper, “Ali” is taken as a key from the receiver whose length is 3, so Klen = 3.

Step-7: After getting the different results in step 6, each decimal value has been converted to its equivalent ASCII value, as shown in .

Step-8: Ciphertext has been obtained after converting decimal values to its equivalent ASCII, as shown in .

The encryption mechanism to encrypt the plain text has been used to encrypt the entire text, and complete ciphertext has been obtained, as shown in .

4.1.2. Decryption Mechanism

Step-1: To decrypt the data, the same ciphertext has been used that was obtained in encryption. The ciphertext is shown in .

Step-2: First, cipher text has been converted to its equivalent ASCII, as shown in .

Step-3: After obtaining different ASCII values, “P = (X−K)” formula has been implemented on decimal values, and different results have been obtained, as shown in .

Step-4: After getting different decimal results, each decimal has been converted to binary, as shown in .

Step-5: 8-bit pairs will be formed from the binary values obtained in step 4, as shown in .

Step-6: After obtaining 8-bit values, these binary values have been converted to decimal, as shown in .

Step-7: After obtaining equivalent ASCII of each decimal value, different values have been obtained called plain text, as shown in .

4.2. Prevention from Replay Attacks

4.2.1. Identification of Authentic Transmission

Whenever the file is downloaded on the receiver side, the file must be decrypted with the help of the decryption tool. The verification is undertaken on the Key and username to decrypt the cipher text. For verification, it is necessary to have the same username and Key that has been used during encryption. If the verification is successful, then such data will be called original data. If the username and Key do not match with the encrypted data, then such data will be called replay attack data. When the ciphertext is decrypted, authentication will be undertaken using the Key and username at the time of decryption, and then the plain text will be retrieved, as shown in .

4.2.2. Identification of Inauthentic Transmission

A replay attack has been carried out to check the authenticity of the data, which has changed some of the values of the ciphertext and retransmitted it to the cloud server. Once the file has been uploaded to the cloud server, a message appears on the screen, as shown in .

When clicking on the “Replace,” the previous file will be deleted, and the new file will be saved in place of the previous file. When clicking “Keep both,” both files will be saved, as shown in .

The authenticity of the “demo (2).txt” file has been checked with the help of the decryption tool, as shown in . First, ciphertext has been inserted into the text box, and the text has been decrypted.

When the text was successfully decrypted, the authenticity of the cipher text was verified using the Key and Username, as shown in .

The verification time values could not be successfully decrypted due to changes in ciphertext, so the receiver could not receive the data. Whenever there is an inside attack on a cloud server, it is difficult to stop the attack, but with the help of a cryptosystem, the data can be secured. The most significant advantage of cryptosystems is that if someone tries to carry out a replay attack, such data can be detected during verification time, as is achieved in this paper.

Different time testing has been undertaken to identify the performance and time complexity of the tool, in which the length of each plain text and Key has been kept different and different results have been obtained by implementing it on the tool. Different tool testing results are shown in , and the time complexity of encryption and decryption is shown in .

5. Comparative Analysis

Researchers worked on different algorithms and techniques to protect data from replay attacks. Some researchers have used protocol-based security to prevent data from being attacked. Some researchers have undertaken detection by implementing machine-learning models on different datasets, and some researchers surveyed various papers and collected efficient techniques that can be used for detecting replay attacks, but these techniques are not enough to protect data from replay attacks. If an attacker makes replay attacks, the attacker can be detected, and the attacker’s IP address can be blocked, but the data cannot be secured.

In the paper [], the researcher identified the problems of various replay attacks to show the reasons for replay attacks and collected various techniques to solve these problems, and discussed the effective techniques among these techniques. Instead of discussing these techniques if these techniques are implemented in architecture and discussing the new features of these techniques, such techniques can be used to protect data from replay attacks, but better techniques are collected in this paper and are discussed, which is the drawback of this paper.

In paper [], a deep-learning-based model was developed to detect replay attacks. This algorithm was implemented on an application, and the performance of the application was identified by applying different datasets to this application, and it was then discussed that normal and abnormal packets could be identified with the help of this deep learning algorithm. Normal and abnormal packets can only be distinguished with the help of this algorithm. If, instead of distinguishing between normal and abnormal packets, the data is protected from the attacker, the cloud data can also be protected, which is the drawback of this paper.

In paper [], to detect the replay attacks in the control system network, a Kullback–Leibler divergence algorithm was used in which the packet-dropout feature was used, and the replay attacks were detected. If the data is stored in an encrypted format instead of replay attacks in the control system network, then a replay attack cannot happen on this data. If a replay attack occurs, the value obtained from the replay attack and actual value can be easily determined, which is not undertaken in this paper and is the drawback of this paper.

In paper [], a control area network was designed using three nodes to detect replay attacks. The data was broadcast in two categories to detect replay attacks: the first was to broadcast the complete message, and the second was to broadcast the partial message. After broadcasting, it was discussed that it is challenging to detect replay attacks when the partial message is broadcasted in the network. Whenever a replay attack occurs in a cloud server, it can be performed using any mechanism. If the data at the end of the cloud server is encrypted with different keys, the name of the sender and receiver, then any replay attacks on the data can be easily detected, which is the drawback of this paper.

In paper [], researchers developed a hybrid deep learning algorithm to detect DDOS and replay attacks. The algorithm was implemented on three different datasets, and the algorithm’s performance was determined by performing DDOS and replay attacks. It was then discussed that DDoS could be easily detected based on its behavior, but replay attacks cannot be easily detected. If such a mechanism is used in the cloud server to help detect such attacks, as soon as there is a replay attack or a change in the data is broadcast, in this paper, no such techniques are discussed. That is the drawback of this paper.

In paper [], researchers developed a Modbus protocol algorithm. With the help of which the data was saved from Replay Attack. At first SCADA testbed technique was set, and the algorithm was tested at different times. After that, ABR techniques were used to check the algorithm’s performance. The problem with this paper is that whenever an attacker attacks with a replay attack on the cloud server, the attacker always forwards the same message the sender sent. The front-end of this replay message may be similar to the front-end of the sender, but the back-end may also be malicious, leading to an attack. If a secure cryptographic architecture had been developed in place of the Modbus protocol to protect cloud-server data from replay attacks, the data could have been further secured, which has not been undertaken in this paper, which is the drawback of this paper. A complete comparison of previous work with the latest work is shown in .

Novelty of Proposed Work

This paper uses a cryptosystem to protect data from replay attacks. Whenever an attacker makes a replay attack, the attacker can modify the data and send it back to the cloud server with the same name. When two files with the same name are sent to the receiver, it will be difficult for the receiver to find the original file from the malicious and original files. If the recipient receives a malicious file instead of the original one, that file may harm the recipient. The best way to solve such problems is to use a cryptosystem. Various algorithms can be designed to detect replay attacks on cloud servers and can also be used to avoid replay attacks, but cloud data cannot be saved with such an algorithm. If an attacker stores and broadcasts information that could be harmful to authentic users instead of the original information, such a problem cannot be solved by detection algorithms. The best way to protect data from an attacker is to use an efficient cryptosystem algorithm as used in this paper. In this paper, a cryptosystem has been developed to encrypt data, in which a bit encryption mechanism has been implemented on the message, sender name and public Key. The bit encryption mechanism doubles the number of cipher data from the original data. Whenever an attacker tries to decrypt the ciphertext, the attacker decrypts each cipher value. When the value of each plain text is double the cipher text, it is difficult for an attacker to decrypt the data. If someone changes the cipher value, the decryption mechanism cannot be implemented, allowing the receiver to distinguish between actual and malicious data. The results obtained from the bit encryption have been stored with the help of a formula, and the cipher concatenation mechanism has been implemented on the obtained results. In cipher-catenation, the Key, Text-message and Username have been encrypted and transmitted to the cloud server. One of the significant advantages of using cipher-catenation is that when an attacker modifies the data and retransmits it, the malicious data can be detected in the receiver verification. The novelty of this paper is the use of Bit encryption and a cipher-catenation mechanism, which prevents data misuse or replay attacks. The number of data has been doubled with the help of a bit encryption mechanism, while cipher catenation has been used to broadcast the data in a secure form so that it can be detected if there is a replay attack on the data.

6. Conclusions

After protecting the data from replay attacks and comparing it with different papers, it is concluded that the cloud cryptosystem is a technique that can be used to protect the data from attackers. If an attacker gains access to the data, the Cryptosystem is the best way to protect that data. This paper has developed an efficient cryptosystem that can save data completely from replay attacks. A public key was taken from the receiver to protect the data from replay attacks. Then, the Cryptosystem was implemented on the text, Key and sender name, and cipher-catenation on the cipher values obtained. Then a cipher text was obtained and sent to the receiver side. If the attacker makes a replay attack on the data, the receiver side data will be fully verified, and then the authentication of the data will be known. If the attacker replaces any cipher value, the cipher value replacement will affect all decryption mechanisms because while generating ciphertext, 4-bits encryption was used to increase the number of cipher data which exceeded the original number of data, which is a kind of security

This paper has developed an efficient algorithm to protect data from replay attacks in which plain text data has been encrypted. In the future, an algorithm will be developed to encrypt all file types and protect data from replay attacks and DDoS attacks. Whenever there is a DDoS or replay attack on the data, such attacks will be detected, and the cloud data will be protected.

Author Contributions

Conceptualization, M.N.; Software, Writing—review and editing, A.A.; Writing—review and editing, S.R.; Methodology, S.W.Z.; Editing, A.K.D.; funding acquisition, S.A. All authors have read and agreed to the published version of the manuscript.

Funding

This research was supported by the Researchers Supporting Program (TUMA-Project-2021-27) Almaarefa University, Riyadh, Saudi Arabia.

Acknowledgments

The authors deeply acknowledge the Researchers supporting program (TUMA-Project-2021-27) Almaarefa University, Riyadh, Saudi Arabia for supporting steps of this work.

Conflicts of Interest

The authors declare no conflict of interest.

References

Srivastava, P.; Khan, R. A Review Paper on Cloud Computing. Int. J. Adv. Res. Comput. Sci. Softw. Eng. 2018, 8, 17. [Google Scholar] [CrossRef]
Nath, M.; Sridharan, R.; Bhargava, A.; Mohammed, T. Cloud Computing: An Overview, Benefits, Issues & Research Challenges. Int. J. Res. Sci. Innov. 2019, 6, 25–35. [Google Scholar]
Chithra, S.; Maheswari, D.; Sethurathinam, C. A Comparative Study on Cloud Computing and Edge Computing with its Applications. Indian J. Nat. Sci. 2022, 12, 32241–32247. [Google Scholar]
Gopala, M.; Sriram, G. Green Cloud Computing: An Approach towards Sustainability. Int. Res. J. Mod. Eng. Technol. Sci. 2022, 4. [Google Scholar] [CrossRef]
Nadeem, M.; Arshad, A.; Riaz, S.; Band, S.S.; Mosavi, A. Intercept the Cloud Network from Brute Force and DDoS Attacks via Intrusion Detection and Prevention System. IEEE Access 2021, 9, 152300–152309. [Google Scholar] [CrossRef]
Jaiswal, M. Cloud Computing and Infrastructure. SSRN Electron. J. 2017, 4, 742–746. [Google Scholar]
Budhwani, T.; Tejaswini, P.; Chowdhury, A.; Bolli, D.B.; Uddin, F.; Kurapati, C. An Analysis of Cloud Security. Int. Res. J. Eng. Technol. 2022, 9. [Google Scholar] [CrossRef]
Nadiminti, S.; Kola, C.P.; Shankar, P. Cryptography: The Emerging Technology. Int. Res. J. Mod. Eng. Technol. Sci. 2021, 3, 38–42. [Google Scholar]
Kumari, S. A research Paper on Cryptography Encryption and Compression Techniques. Int. J. Eng. Comput. Sci. 2017, 6. [Google Scholar] [CrossRef]
Mushtaq, M.F.; Jamel, S.; Disina, A.H.; Pindar, Z.A. A Survey on the Cryptographic Encryption Algorithms. Int. J. Adv. Comput. Sci. Appl. 2017, 8, 333–344. [Google Scholar]
Sharma, N.; Prabhjot, P.; Kaur, E.H. A Review of Information Security using Cryptography Technique. Int. J. Adv. Res. Comput. Sci. 2017, 8, 323–326. [Google Scholar]
Tayal, S.; Gupta, N.; Gupta, P.; Goyal, D.; Goyal, M. A Review paper on Network Security and Cryptography. Adv. Comput. Sci. Technol. 2017, 10, 763–770. [Google Scholar]
Hasan, M.; Ariffin, N.; Sani, N. A review of cryptographic impact in cybersecurity on smart grid: Threat, challenges and countermeasures. J. Theor. Appl. Inf. Technol. 2021, 99, 2458–2472. [Google Scholar]
Guru, A.; Ambhaikar, A. Enhancing the Cyber Security by Using Advance Cryptographic Techniques. In Proceedings of the National E-Conference on Innovative Research in Electronics and Telecommunication, Addis Ababa, Ethiopia, 26–27 November 2021. [Google Scholar]
Lei, S.; Zewu, W.; Kun, Z.; Ruichen, S.; Shuai, L. Research and Design of Cryptography Cloud Framework. In Proceedings of the 2018 IEEE 3rd International Conference on Cloud Computing and Big Data Analysis, Chengdu, China, 20–22 April 2018. [Google Scholar]
Jirwan, N.; Singh, A.; Vijay, S. Review and Analysis of Cryptography Techniques. Inter. J. Sci. Eng. Res. 2019, 4, 1–6. [Google Scholar]
Al-Shareeda, M.; Anbar, M.; Hasbullah, I.; Manickam, S.; Nibras, A.; Hamdi, M. Prevention schemes for Replay Attack in VANETs. In Proceedings of the 2020 IEEE 3rd International Conference on Information Communication and Signal Processing, Shanghai, China, 12–15 September 2020. [Google Scholar]
Abdelwahab, A.; Lucia, W.; Youssef, A. Set-Theoretic Control for Active Detection of Replay Attacks with Applications to Smart Grid. In Proceedings of the 2020 IEEE Conference on Control Technology and Applications, Montreal, QC, Canada, 24–26 August 2020; pp. 1004–1009. [Google Scholar] [CrossRef]
Jana, S.; Yashwanth, V.S.; Dheeraj, K.V.N.; Balaji, S.; Bharath, K.P.; Kumar, M.R. Replay Attack Detection for Speaker Verification Using Different Features Level Fusion System. In Proceedings of the 2021 Innovations in Power and Advanced Computing Technologies, Kuala Lumpur, Malaysia, 27–29 November 2021; pp. 1–5. [Google Scholar] [CrossRef]
Trapiello, C.; Puig, V.; Rotondo, D. A zonotopic set-invariance analysis of replay attacks affecting the supervisory layer. Syst. Control Lett. 2021, 157, 105056. [Google Scholar] [CrossRef]
Naha, A.; Teixeira, A.M.H.; Ahlen, A.; Dey, S. Sequential detection of Replay attacks. IEEE Trans. Autom. Control 2022. [Google Scholar] [CrossRef]
Singh, V.; Pandey, S.K. Revisiting Cloud Security Threats: Replay Attack. In Proceedings of the 2018 4th International Conference on Computing Communication and Automation, Greater Noida, India, 14–15 December 2018; pp. 1–6. [Google Scholar] [CrossRef]
Elsaeidy, A.A.; Jagannath, N.; Sanchis, A.G.; Jamalipour, A.; Munasinghe, K.S. Replay Attack Detection in Smart Cities Using Deep Learning. IEEE Access 2020, 8, 137825–137837. [Google Scholar] [CrossRef]
Zaman, A.; Safarinejadian, B.; Birk, W. Security analysis and fault detection against stealthy replay attacks. Int. J. Control 2020, 95, 1562–1575. [Google Scholar] [CrossRef]
Thirumavalavasethurayar, P.; Ravi, T. Implementation of Replay Attack in Controller Area Network Bus using Universal Verification Methodology. In Proceedings of the 2021 International Conference on Artificial Intelligence and Smart Systems (ICAIS), Coimbatore, India, 25–27 March 2021; pp. 1142–1146. [Google Scholar] [CrossRef]
Elsaeidy, A.A.; Jamalipour, A.; Munasinghe, K.S. A Hybrid Deep Learning Approach for Replay and DDoS Attack Detection in a Smart City. IEEE Access 2021, 9, 154864–154875. [Google Scholar] [CrossRef]
L, R.; Satyanarayana, P. Detection and Blocking of Replay, False Command, and False Access Injection Commands in SCADA Systems with Modbus Protocol. Secur. Commun. Netw. 2021, 2021, 1–15. [Google Scholar] [CrossRef]

Applsci 12 08143 g001 550

Figure 1. Classification of cloud computing.

Applsci 12 08143 g001

Applsci 12 08143 g002 550

Figure 2. Replay Attack on data.

Applsci 12 08143 g002

Applsci 12 08143 g003 550

Figure 3. Cloud Architecture.

Applsci 12 08143 g003

Applsci 12 08143 g004 550

Figure 4. Data Transmission system.

Applsci 12 08143 g004

Applsci 12 08143 g005 550

Figure 5. Encryption Mechanism.

Applsci 12 08143 g005

Applsci 12 08143 g006 550

Figure 6. ASCII Table.

Applsci 12 08143 g006

Applsci 12 08143 g007 550

Figure 7. Decryption Mechanism.

Applsci 12 08143 g007

Applsci 12 08143 g008 550

Figure 8. File Encryption.

Applsci 12 08143 g008

Applsci 12 08143 g009 550

Figure 9. Transmitted Data.

Applsci 12 08143 g009

Applsci 12 08143 g010 550

Figure 10. Plain Text.

Applsci 12 08143 g010

Applsci 12 08143 g011 550

Figure 11. ASCII of each character.

Applsci 12 08143 g011

Applsci 12 08143 g012 550

Figure 12. Bytes of each ASCII value.

Applsci 12 08143 g012

Applsci 12 08143 g013 550

Figure 13. Splitting of bytes.

Applsci 12 08143 g013

Applsci 12 08143 g014 550

Figure 14. The decimal value of each binary.

Applsci 12 08143 g014

Applsci 12 08143 g015 550

Figure 15. Results of decimal values.

Applsci 12 08143 g015

Applsci 12 08143 g016 550

Figure 16. Equivalent ASCII value of decimals.

Applsci 12 08143 g016

Applsci 12 08143 g017 550

Figure 17. Message Cipher Text.

Applsci 12 08143 g017

Applsci 12 08143 g018 550

Figure 18. Message Ciphertext.

Applsci 12 08143 g018

Applsci 12 08143 g019 550

Figure 19. Decimal values of each ASCII.

Applsci 12 08143 g019

Applsci 12 08143 g020 550

Figure 20. Decimal values results.

Applsci 12 08143 g020

Applsci 12 08143 g021 550

Figure 21. Binary values of each decimal.

Applsci 12 08143 g021

Applsci 12 08143 g022 550

Figure 22. 8-bits pair.

Applsci 12 08143 g022

Applsci 12 08143 g023 550

Figure 23. Equivalent ASCII of each decimal.

Applsci 12 08143 g023

Applsci 12 08143 g024 550

Figure 24. Plain Text.

Applsci 12 08143 g024

Applsci 12 08143 g025 550

Figure 25. File Authenticity.

Applsci 12 08143 g025

Applsci 12 08143 g026 550

Figure 26. Confliction of files.

Applsci 12 08143 g026

Applsci 12 08143 g027 550

Figure 27. Replay Attack.

Applsci 12 08143 g027

Applsci 12 08143 g028 550

Figure 28. Ciphertext Decryption.

Applsci 12 08143 g028

Applsci 12 08143 g029 550

Figure 29. Inauthentic Transmission result.

Applsci 12 08143 g029

Table

Table 1. Various time tool testing results.

Sr #User Name (U)Plain Text (P)Key (K)Cipher Text1[email protected]HelloCloudx2¬1 D└ Ã¬qq ₤ΔUϘdϘϘϘQϘ qqxq ¬└2s sD¬D Ã¬qq RϘûϘûϘÛϘÓÓ qq xq2└ qD AD;s1s Ãs2s Ã¬qq ąRûϘÛϘRdΔϘϘR qq2admin12AlertFISEx2¬1 D└ Ã¬qqð‘TBüðBB qqxq ¬└2s sD¬D Ã¬qqABëâBâQT¤Tqq xq2└ qD AD;s1s Ãs2s Ã¬qq Aâ¤âÎâTâKâA¤Q¤qq3User23Server side cryptographyReplayx2¬1 D└ Ã¬qqqtbísífíaítqqxq ¬└2s sD¬D Ã¬qq tf¬bíqtkqbíqtÇÇfttí’íbíÇÇfíqttt¼í´t לí¬íqtaí¼íí íϟϟ qq xq2└ qD AD;s1s Ãs2s Ã¬qq b¬ftbíqtq´f ´qq

Table

Table 2. Time Complexity of Encryption and Decryption.

Sr #Actual Text Memory AllocationEnc. Time (s)Dec. Time (s)Cipher Text Memory AllocationTotal Time (s)112.4 KB106.52230.4214.5 KB336.94212.4 KB109.45243.1714.5 KB352.62313.7 KB167.35314.5316.3 KB481.88

Table

Table 3. Comparative Analysis.

Sr #123345Proposed WorkReference No.[][][][][][]Year201820202020202120212021Proposed AlgorithmReplay attacks detection techniquesHybrid deep- learning-based model for detecting the replay attackKullback–Leibler divergence algorithmDesigned three nodes CAN to identify the replay attacka hybrid deep- learning algorithm for identifying replay and DDoS attacks in a real-world smart cityModbus protocol algorithmCryptosystem, cipher-catenationNoveltyEffective techniques that can prevent replay attacks are discussed.Identification of normal and abnormal packetsDetect replay attacks from the control system networkFull message replay attacks are easier to detect than partial message replay attacks.Prevention of DDoS and Replay attacksPrevention from Command Injection, Replay, and False Access Injections attacks through SCADA testbed techniqueSecure transmission between clients and complete prevention of replay attacksResearch GapsThe techniques were not implemented on any algorithm or architectureonly suitable for packets identificationOnly suitable for replay attack detectionNot suitable for partial replay attacksDDoS attacks are easy to detect than Replay attacksOnly provide security from attacksIdentified all existing gaps and addressed themProposed Paper SolutionDevelopment of secure architecture and algorithmThe algorithm provides security to the data and identifies the packets’ identity.Suitable for replay detection as well as prevention of data from replay attacksThe algorithm can detect all types of replay attacksThe algorithm can detect and prevent from replay attacksAlgorithms protect against attacks as well as also provide data securitySolve all problems by developing architecture, and then implement by application

Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations.

© 2022 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).

MDPI and ACS Style

Nadeem, M.; Arshad, A.; Riaz, S.; Zahra, S.W.; Dutta, A.K.; Almotairi, S. A Secure Architecture to Protect the Network from Replay Attacks during Client-to-Client Data Transmission. Appl. Sci. 2022, 12, 8143. https://doi.org/10.3390/app12168143

AMA Style

Nadeem M, Arshad A, Riaz S, Zahra SW, Dutta AK, Almotairi S. A Secure Architecture to Protect the Network from Replay Attacks during Client-to-Client Data Transmission. Applied Sciences. 2022; 12(16):8143. https://doi.org/10.3390/app12168143

Chicago/Turabian Style

Nadeem, Muhammad, Ali Arshad, Saman Riaz, Syeda Wajiha Zahra, Ashit Kumar Dutta, and Sultan Almotairi. 2022. "A Secure Architecture to Protect the Network from Replay Attacks during Client-to-Client Data Transmission" Applied Sciences 12, no. 16: 8143. https://doi.org/10.3390/app12168143

Find Other Styles

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Which technique is useful in preventing replay attacks?

The answer to preventing replay attacks is encrypting messages and including a key. IPsec provides anti-replay protection against attackers who could potentially intercept, duplicate or resend encrypted packets.

What is replay attack in cyber security?

Definition(s): An attack that involves the capture of transmitted authentication or access control information and its subsequent retransmission with the intent of producing an unauthorized effect or gaining unauthorized access. Source(s): CNSSI 4009-2015 under replay attacks.

What are the different types of replay attacks?

There're different types of replay attacks in networking. We'll discuss four types of most widely used replay attacks: network, wireless, session, and HTTP replay attacks. In network replay attacks, the attacker intercepts network traffic and then resends it at a later time.

What is a replay attack quizlet?

A replay attack is a category of network attack in which an attacker detects a data transmission and fraudulently has it delayed or repeated. The delay or repeat of the data transmission is carried out by the sender or by the malicious entity, who intercepts the data and retransmits it.