scholarly journals DEMILITARIZED ZONE AND PORT KNOCKING METHODS FOR COMPUTER NETWORK SECURITY

2020 ◽  
Vol 3 (2) ◽  
pp. 22-27
Author(s):  
Andik Saputro ◽  
Nanang Saputro ◽  
Hendro Wijayanto
Keyword(s):  
Network Security ◽  
Computer Network ◽  
Denial Of Service ◽  
Online Classes ◽  
Long Distance ◽  
Access Port ◽  
The Public ◽  
Work From Home ◽  
Demilitarized Zone ◽  
Port Access

Currently, the way of network communication has changed a lot. All aspects become very dependent on online services. Employees can work from home, and students of all ages take online classes. The more the public depends on staying connected to the network, the greater potential network attacks to occur. In a computer network, if it is not protected, it will data or file loss, damage to the server system, not being optimal in serving users or even losing valuable institutional assets. The attacks most often used in networks are Port Scanning and DDoS (Distributed Denial Of Service). In this study, the DeMilitarized Zone and Port Knocking methods are combined to secure computer networks. DeMilitarized Zone technique implementation is used to access local servers, so that they can be accessed from outside with Port Knocking technique. To open the access port that is filtered in the router configuration on the server network security system. DeMilitarized Zone and Port Knocking can be implemented on local and long distance networks where if an attacker wants to exploit or attack the main server, the first to be attacked is the firewall server (router). Port Knocking can also be implemented on local and long distance networks with a combined ping request time limit which makes it safer, so that if an attacker wants to access the router, and doesn't know the rules from the remote, what happens is a rejection of port access.

A Survey on Denial of Service Attacks and Preclusions

2017 ◽  
Vol 11 (4) ◽  
pp. 1-15 ◽  
Author(s):  
Nagesh K. ◽  
Sumathy R. ◽  
Devakumar P. ◽  
Sathiyamurthy K.
Keyword(s):  
Network Security ◽  
Rapid Growth ◽  
New Technologies ◽  
Defense Mechanism ◽  
Computer Network ◽  
Denial Of Service ◽  
The Internet ◽  
Access To Services ◽  
Dos Attacks

Security is concerned with protecting assets. The aspects of security can be applied to any situation- defense, detection and deterrence. Network security plays important role of protecting information, hardware and software on a computer network. Denial of service (DOS) attacks causes great impacts on the internet world. These attacks attempt to disrupt legitimate user's access to services. By exploiting computer's vulnerabilities, attackers easily consume victim's resources. Many special techniques have been developed to protest against DOS attacks. Some organizations constitute several defense mechanism tools to tackle the security problems. This paper has proposed various types of attacks and solutions associated with each layers of OSI model. These attacks and solutions have different impacts on the different environment. Thus the rapid growth of new technologies may constitute still worse impacts of attacks in the future.

Using IPv6 Technology to Construct Network Security System of Electronic Commerce

2013 ◽  
Vol 718-720 ◽  
pp. 1986-1991
Author(s):  
Zhong Xia Hu
Keyword(s):  
Network Security ◽  
Electronic Commerce ◽  
High Efficiency ◽  
Computer Network ◽  
Denial Of Service ◽  
Security System ◽  
Public Network ◽  
Ipv6 Network ◽  
Transaction Security ◽  
Network Security System

The e-commerce transaction security is the security of business activities in the public network, and its essence is based on computer network security, protect the business process to precede smoothly, the core content of the e-commerce information security. IPv6 network layer denial of service attacks, the fight against replay attacks, prevent data passive or active eavesdropping, to prevent data session stealing attacks and other functions, which greatly enhances the security of the network can be realized. The paper presents using IPv6 technology to construct network security system of electronic commerce. Experimental results show that the proposed method has high efficiency.

Sistem Keamanan Jaringan Local Area Network Menggunakan Teknik De-Militarized Zone

2018 ◽  
Vol 5 (2) ◽  
pp. 91-106
Author(s):  
Ino Anugrah ◽  
Raden Hengki Rahmanto
Keyword(s):  
Network Security ◽  
Computer Network ◽  
Local Area Network ◽  
Denial Of Service ◽  
Local Area ◽  
Area Network ◽  
Dos Attack ◽  
Security Systems ◽  
Flooding Attack ◽  
Well Data

ABSTRACT   Islamic University”45” computer network needs a safe network to strengthen the network security systems to protect servers from attacks such as Port Scanning and DoS attack (Denial of Service). One of the network security techniques is De-Militarized Zone (DMZ) that is a mechanism to protect the internal system from hacker attacks or other parties who want to enter the system with no access. The purpose of this Project is to implement LAN network security system using De-Militarized Zone (DMZ) technique, with a single firewall that supports the internal and external networks. The results of the DMZ technique implementation at the Islamic University's "45", it is found that filter DoS attack can be implemented well.  Data analysis results show DoS attack with the type of ICMP Flooding attack, and UDP Flooding attack can be blocked with Percentage of success is 98%.   Keywords : attack, network security,  de-militarized zone     ABSTRAK   Jaringan komputer Universitas Islam “45” memerlukan keamanan jaringan untuk dapat memperkuat sistem keamanan jaringan pada server dari serangan seperti Port Scanning dan DoS (Denial of Service). Salah satu teknik keamanan jaringan yaitu De-Militarized Zone (DMZ) yang merupakan mekanisme untuk melindungi sistem internal dari serangan hacker atau pihak-pihak lain yang ingin memasuki sistem tanpa mempunyai hak akses. Tujuan Tugas Akhir ini adalah untuk mengimplementasikan sistem keamanan jaringan LAN menggunakan teknik De-Militarized Zone (DMZ). metode dasar adalah dengan menggunakan firewall tunggal yang menjadi penyangga jaringan internal dan external. Hasil penelitian implementasi teknik DMZ pada layanan server jaringan komputer Universitas Islam “45” dapat melakukan filter DoS attack dengan baik, data hasil analisa  menunjukan DoS attack dengan jenis ICMP Flooding attack, dan UDP Flooding attack dapat di-block dengan Persentase keberhasilan sebesar 98%.   Kata kunci : Serangan,  Keamanan jaringan,  De-Militarized Zone

scholarly journals Analisis Firewall Demilitarized Zone dan Switch Port Security pada Jaringan Universitas Putra Indonesia YPTK

KOMTEKINFO ◽  
2019 ◽  
Vol 6 (1) ◽  
pp. 29-29
Author(s):  
Syafri Arlis ◽  
Sahari
Keyword(s):  
Network Security ◽  
Computer Network ◽  
Human Life ◽  
Security Level ◽  
Port Security ◽  
Security Systems ◽  
Demilitarized Zone ◽  
Computer Network Security ◽  
Prevention System ◽  
The One

The development of information technology so rapidly, greatly helped the works of man. On the one hand man to be very helpful, but on the other side of the system's security level to rise sharply so that in essence the sides of human life is in a threatened position. The techniques of network security systems and precautions against attacks on information systems continue to be developed so that the integrity, availability and confidentiality in an information system becomes more secure. One way is by building a network security system and attack prevention system. In this paper, the authors construct a computer network security systems using a firewall Demiliteralized Zone (DMZ) by using IPtables which is the standard of Linux systems and and Switch Port Security (SPS). Utilization by combining these two technologies to achieve maximum levels of security and is able to block the intruder will attempt an attack with a variety of attacks identified.

A Survey on Denial of Service Attacks and Preclusions

2021 ◽  
pp. 230-247
Author(s):  
Nagesh K. ◽  
Sumathy R. ◽  
Devakumar P. ◽  
Sathiyamurthy K.
Keyword(s):  
Network Security ◽  
Rapid Growth ◽  
New Technologies ◽  
Defense Mechanism ◽  
Computer Network ◽  
Denial Of Service ◽  
The Internet ◽  
Access To Services ◽  
Dos Attacks

Security is concerned with protecting assets. The aspects of security can be applied to any situation- defense, detection and deterrence. Network security plays important role of protecting information, hardware and software on a computer network. Denial of service (DOS) attacks causes great impacts on the internet world. These attacks attempt to disrupt legitimate user's access to services. By exploiting computer's vulnerabilities, attackers easily consume victim's resources. Many special techniques have been developed to protest against DOS attacks. Some organizations constitute several defense mechanism tools to tackle the security problems. This paper has proposed various types of attacks and solutions associated with each layers of OSI model. These attacks and solutions have different impacts on the different environment. Thus the rapid growth of new technologies may constitute still worse impacts of attacks in the future.

Computer Network Security and Directory Services Architecture

2000 ◽  
Author(s):  
James D. Johannes ◽  
Andrew Fanning ◽  
Kyle Hoover ◽  
Tim Lewis ◽  
Marsha Robinson
Keyword(s):  
Network Security ◽  
Computer Network ◽  
Computer Network Security ◽  
Directory Services

scholarly journals The Impact of the COVID-19 Pandemic on the Working Conditions, Employment, Career Development and Well-Being of Refugee Researchers

Societies ◽  
2021 ◽  
Vol 11 (3) ◽  
pp. 71
Author(s):  
Ourania Tzoraki ◽  
Svetlana Dimitrova ◽  
Marin Barzakov ◽  
Saad Yaseen ◽  
Vasilis Gavalas ◽  
...  
Keyword(s):  
Online Survey ◽  
Negative Impact ◽  
Well Being ◽  
Appropriate Technology ◽  
Public Authorities ◽  
Policy Makers ◽  
Home Setting ◽  
The Public ◽  
Work From Home ◽  
The Impact

The ongoing ‘refugee crisis’ of the past years has led to the migration of refugee researchers (RRs) to European countries. Due to the COVID-19 pandemic, RRs often had to work from home and/or to continue their social, cultural and economic integration process under new conditions. An online survey carried out to explore the impact of the pandemic on the refugee researchers showed that RRs found it difficult to adapt their everyday working life to the ‘home’ setting. The majority have had neither a suitable work environment at home nor the appropriate technology. Although they stated that they are rather pleased with the measures taken by the public authorities, they expressed concern about their vulnerability due to their precarious contracts and the bureaucratic asylum procedures, as the pandemic has had a negative impact on these major issues. The majority of RRs working in academia seem not to have been affected at all as far as their income is concerned, while the majority of those employed in other sectors became unemployed during the pandemic (58%). Recommendations are provided to the public authorities and policy makers to assist RRs to mitigate the consequences of the pandemic on their life.

scholarly journals Entropy Based Features Distribution for Anti-DDoS Model in SDN

2021 ◽  
Vol 13 (3) ◽  
pp. 1522
Author(s):  
Raja Majid Ali Ujjan ◽  
Zeeshan Pervez ◽  
Keshav Dahal ◽  
Wajahat Ali Khan ◽  
Asad Masood Khattak ◽  
...  
Keyword(s):  
Network Security ◽  
False Positive ◽  
Denial Of Service ◽  
Network Services ◽  
Detection Accuracy ◽  
Data Sets ◽  
Traffic Patterns ◽  
Average Accuracy ◽  
Ddos Detection ◽  
Quantitative Results

In modern network infrastructure, Distributed Denial of Service (DDoS) attacks are considered as severe network security threats. For conventional network security tools it is extremely difficult to distinguish between the higher traffic volume of a DDoS attack and large number of legitimate users accessing a targeted network service or a resource. Although these attacks have been widely studied, there are few works which collect and analyse truly representative characteristics of DDoS traffic. The current research mostly focuses on DDoS detection and mitigation with predefined DDoS data-sets which are often hard to generalise for various network services and legitimate users’ traffic patterns. In order to deal with considerably large DDoS traffic flow in a Software Defined Networking (SDN), in this work we proposed a fast and an effective entropy-based DDoS detection. We deployed generalised entropy calculation by combining Shannon and Renyi entropy to identify distributed features of DDoS traffic—it also helped SDN controller to effectively deal with heavy malicious traffic. To lower down the network traffic overhead, we collected data-plane traffic with signature-based Snort detection. We then analysed the collected traffic for entropy-based features to improve the detection accuracy of deep learning models: Stacked Auto Encoder (SAE) and Convolutional Neural Network (CNN). This work also investigated the trade-off between SAE and CNN classifiers by using accuracy and false-positive results. Quantitative results demonstrated SAE achieved relatively higher detection accuracy of 94% with only 6% of false-positive alerts, whereas the CNN classifier achieved an average accuracy of 93%.

Sign in / Sign up

Export Citation Format

Share Document