Defending Retail ATMs from Network Attacks via IP Packet Obfuscation

Authors

Brian Volkmuth, Metropolitan State UniversityFollow

Department

Management, Entrepreneurship, and Human Resource Management

Document Type

Poster

Abstract

The shift of Automated Teller Machines (ATMs) from dedicated dial-up systems to shared, Internet Protocol (IP) networks has fundamentally altered their security risk profile, contributing to a 600% rise between 2019 and 2022. While measures like encryption protect the data payload, they fail to safeguard against network-based adversaries who leverage traffic analysis of packet metadata to deduce transaction volumes, identify targets, and execute sophisticated attacks like jackpotting and Host Spoofing. This qualitative study investigates a critical gap in defense: the ATM's exposed IP address is the single most critical dependency for remote network-centric threats. The research question is: What obfuscation techniques are necessary to secure ATM IP packets against network-based attacks? Utilizing Generic Qualitative Design, semi-structured interviews with cybersecurity professionals will identify feasible obfuscation methods. The findings will introduce a novel, measurable defense layer designed to proactively camouflage critical transaction metadata, thereby bolstering Confidentiality, Availability, and Integrity of financial infrastructure.

Publication Date

12-4-2025

Recommended Citation

Volkmuth, B. (2025, December 4). Defending retail ATMs from network attacks via IP packet obfuscation [Poster presentation]. Student Research Conference Fall 2025, Saint Paul, MN, United States.

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.