Integrated security systems for protecting payment synchronization from MITM attacks

I.O. Shahmatov, I.V. Zamrii

Abstract


The article addresses the challenge of securing payment synchronization against Man-in-the-Middle (MITM) attacks in multichannel payment systems, where cash, card, and online transactions are integrated with CRM and accounting platforms. It examines MITM attack scenarios and their impact on transaction integrity. A multi-layered security framework is proposed, leveraging artificial intelligence techniques, cryptographic methods (digital signatures and timestamps), and additional client verification mechanisms. The model enhances resilience against fraud, replay attacks, and data substitution, ensuring high reliability and scalability across electronic transaction systems.

Prombles in programming 2025; 2: 28-39


Keywords


payment security; MITM attack; financial transaction security; artificial intelligence in cybersecurity

References


Moon I. T., Shamsuzzaman M., Mridha M. M. R., Rahaman A. S. M. Towards the advancement of cashless transaction: A security analysis of electronic payment systems // Journal of Computer and Communications. – 2022. – Т. 10, № 7.

Mishra S. Exploring the impact of AI-based cyber security financial sector management // 37 Програмні системи захисту інформації Applied Sciences. – 2023. – Т. 13, № 10. Article 5875.

Rabbani H., Shahid M. F., Khanzada T. J. S., Siddiqui S., Jamjoom M. M., Ashari R. B., Ullah Z., Mukati M. U., Nooruddin M. Enhancing security in financial transactions: A novel blockchain-based federated learning framework for detecting counterfeit data in fintech // PeerJ Computer Science. – 2024. Т. 10. – Article e2280.

Kawano T., Okada Y. Experimental validation of the attack-detection capability of encrypted control systems using man-in-the middle attacks // IEEE Transactions on Industrial Informatics. – 2023. – Т. 19, № 1. С. 123–132.

Obonna U. O., Opara F. K., Mbaocha C. C., Obichere J.-K. C., Akwukwaegbu I. O., Amaefule M. M., Nwakanma C. I. Detection of man-in-the-middle (MitM) cyber-attacks in oil and gas process control networks using machine learning algorithms // Future Internet. – 2023. – Т. 15, № 8. – Article 280.

Ahuja N., Singal G., Mukhopadhyay D. Ascertain the efficient machine learning approach to detect different ARP attacks // Computers & Electrical Engineering. – 2022. – Т. 99. – Article 107757.

Kampourakis V., Kambourakis G., Chatzoglou E., Zaroliagis C. Revisiting man in-the-middle attacks against HTTPS // Network Security. – 2022. – Т. 2022, № 3. С. 8–16.

Muzammil M. B., Bilal M., Ajmal S., Shongwe S. C., Ghadi Y. Y. Unveiling vulnerabilities of web attacks considering man-in-the-middle attack and session hijacking // IEEE Access. – 2024. – Т. 12. С. 6365–6375.

Alenezi M. A., Alabdulkreem E. A. Encryption algorithms modeling in detecting man-in-the-middle attacks // International Journal of Advanced Computer Science and Applications. – 2020. – Т. 11, № 5. – С. 1–7.

Al-Abadi A. A. J., Mohamed M. B., Fakhfakh A. Enhanced random forest classifier with K means clustering (ERF-KMC) for detecting and preventing distributed-denial-of-service and man-in-the-middle attacks in Internet-of Medical-Things networks // Computers. 2023.– Т. 12, № 12. – Article 262.

Agrawal S. Harnessing quantum cryptography and artificial intelligence for next-gen payment security: A comprehensive analysis of threats and countermeasures in distributed ledger environments // International Journal of Science and Research. – 2024.– Т. 13, № 3. С. 682–687.

Saranya A., Naresh R. Dual authentication for payment request verification over cloud using bilinear dual authentication payments transaction protocol // International Journal of Advanced Computer Science and Applications.– 2022. – Т. 13, № 7. – С. 25-30.

Luo B., Zhang Z., Wang Q., Ke A., Lu S., He B. AI-powered fraud detection in decentralized finance: A project life cycle perspective // ACM Computing Surveys. 2024.– Т. 57, № 4. – Article 96.

Omer N., Samak A. H., Taloba A. I., Abd El Aziz R. M. A novel optimized probabilistic neural network approach for intrusion detection and categorization // Alexandria Engineering Journal. – 2023. – Т. 72. – С. 351–361.

Ren Y., Ren Y., Tian H., Song W., Yang Y. Improving transaction safety via anti-fraud protection based on blockchain // Connection Science. – 2023.– Т. 35, № 1. – Article 2163983.

Ashfaq T., Khalid R., Yahaya A. S., Aslam S., Azar A. T., Alsafari S., Hameed I. A. A machine learning and blockchain based efficient fraud detection mechanism // Sensors. – 2022. – Т. 22, № 19. – Article 7162.

Zamrii I., Shakhmatov I., Yaskevych V. BlockchainSQLSecure: Integration of blockchain to strengthen protection against SQL injections // Bulletin of Taras Shevchenko National University of Kyiv. Series: Physics and Mathematics. – 2024.– Т. 78, № 1. – С. 160–168.

Yisroel Mirsky. Kitsune Network Attack Dataset: Nine labeled attacks with extracted features and the original network capture [Електронний ресурс] / Kaggle. – Режим доступу: https://www.kaggle.com/datasets/ymirsky/net work-attack-dataset-kitsune


Refbacks

  • There are currently no refbacks.