Deluge of messages from new protocol REVEAL can disrupt man-in-the-middle attacks

SergeyBitos/shutterstock

In the wireless world, discerning the presence of a man-in-the-middle (MiM) during communication poses a significant challenge. Dr. Santosh Ganji, a recent computer engineering doctoral graduate, and Dr P.R. Kumar, a professor in the Department of Electrical and Computer Engineering, have devised a timing-based protocol named REVEAL to address the issue.

REVEAL works by overwhelming the MiM with messages, causing it to fail.

“Suppose the base station communicated data or voice to your phone,” Kumar said. “Your phone thinks it’s connected to the base station, but there may be an interloper in the middle, listening and forwarding messages. This is called a man-in-the-middle attack. The MiM may intercept the messages and pass it on.”

The MiM remains invisible to users, potentially intercepting and redirecting both incoming and outgoing packets without detection. The MiM nodes have different capabilities including half-duplex, full duplex, and double full duplex. “For each of those, we have the capacity to flush the MiM out,” Kumar said.  

“We can detect the presence of an MiM in 4G and 5G networks,” Ganji said.

An MiM is capable of listening talking but not simultaneously (Half-duplex), talking and listening at the same time (Full duplex), or talking and listening to two streams at the same time (Double full duplex). The REVEAL protocol disrupts and overwhelms the MiM capabilities by carefully timing its packets, causing the MiM to fail. The details of the protocol are available on Arxiv.