Preventing Man in The Middle Attack on E-voting System Using Multi-layer Security Protocol
Keywords:
Technology, Information System, Cyber security, Computer EngineeringAbstract
Intelligent technologies, most notably the growth of the World Wide Web, are used to improve human life. In comparison to prior eras, an increasing number of jobs may now be accomplished swiftly and efficiently thanks to the Internet's spectacular development. One relatively new field that has been identified is e-voting. There are several ways to vote, including online, using a mobile application, and in person at a polling station. The internet's rapid expansion means that application security cannot be ignored. I developed an Android application with a 5-step security process—user authentication, fingerprint authentication, captcha, OTP verification, and cryptography—before voting in order to thwart phishing attempts. With a mobile device, voters may now cast their ballots online at any time and from any place. The application is created and deployed using Android Studio. The software development life cycle is followed in this research when developing the voting application. The outcome of this study is the development of a voter-friendly mobile application that functions as a useful tool to enable voters to cast ballots with five security levels.
References
Ali, M. M., Siddiqui, O. A., Nayeemuddin, M., & Rajamani, L. (2015, January). An approach for deceptive phishing detection and prevention in social networking sites using data mining and wordnet ontology. In Electrical, Electronics, Signals, Communication and Optimization (EESCO), 2015 International Conference on (pp. 1-6).
Arafin, M. T., & Qu, G. (2018). Memristors for secret sharing-based lightweight authentication. IEEE Transactions on Very Large Scale Integration (VLSI) Systems, 26(12), 2671-2683.
Basit, A., Zafar, M., Liu, X., Javed, A. R., Jalil, Z., & Kifayat, K. (2021). A comprehensive survey of AI-enabled phishing attacks detection techniques. Telecommunication Systems, 76, 139-154.
Bishop, M., & Wagner, D. (2007). Risks of e-voting. Communications of the ACM, 50(11), 120-120.
Bojjagani, S., & Sastry, V. N. (2017). A secure end‐to‐end SMS‐based mobile banking protocol. International journal of communication systems, 30(15), e3302.
Chen, J., & Guo, C. (2006, October). Online detection and prevention of phishing attacks. In 2006 First International Conference on Communications and Networking in China (pp. 1-7). IEEE.
Evans, D., & Paul, N. (2004). Election security: Perception and reality. IEEE Security & Privacy, 2(1), 24-31.
Khusial, D., & McKegney, R. (2005). e-Commerce security: Attacks and preventive strategies. IBM Toronto, Canada, Tech. Rep.
Oppliger, R., Hauser, R., & Basin, D. (2008). SSL/TLS session-aware user authentication. Computer, 41(3), 59-65.
Serpanos, D. N., & Lipton, R. J. (2003). Defense against man-in-the-middle attack in client-server systems with secure servers. IEICE Transactions on Communications, 86(10), 2966-2970.
