Enhancing security of cookie-based sessions in mobile networks using sparse caching

    Authors

    A. Alabrah; J. Cashion;M. Bassiouni

    Comments

    Authors: contact us about adding a copy of your work at STARS@ucf.edu

    Abbreviated Journal Title

    Int. J. Inf. Secur.

    Keywords

    Session cookies; Mobile devices; Wireless networks; Caching; AUTHENTICATION; Computer Science, Information Systems; Computer Science, Software; Engineering; Computer Science, Theory & Methods

    Abstract

    The exponential growth in the use of mobile phones and tablets to gain wireless access to the Internet has been accompanied by a similar growth in cyber attacks over wireless links to steal session cookies and compromise private users' accounts. The popular one-way hash chain authentication technique in its conventional format is not optimal for mobile phones and other handheld devices due to its high computational overhead. In this paper, we propose and evaluate the use of sparse caching techniques to reduce the overhead of one-way hash chain authentication. Sparse caching schemes with uniform spacing, non-uniform spacing and geometric spacing are designed and analyzed. A Weighted Overhead formula is used to obtain insight into the suitable cache size for different classes of mobile devices. Additionally, the scheme is evaluated from an energy consumption perspective. We show that sparse caching can also be effective in the case of uncertainty in the number of transactions per user session. Our extensive performance tests have shown the significant improvement achieved by the sparse caching schemes.

    Journal Title

    International Journal of Information Security

    Volume

    13

    Issue/Number

    4

    Publication Date

    1-1-2014

    Document Type

    Article

    Language

    English

    First Page

    355

    Last Page

    366

    WOS Identifier

    WOS:000339340100004

    ISSN

    1615-5262

    Share

    COinS