Network Security Issues and Effective Protection Against Network Attacks

This article defines a VPN as a virtual private network. This technology is based on the formation of an internal network within another network to exchange all information between users in order to provide reliable protection.

Download Full-text

Charging wireless sensor network security technology based on encryption algorithms and dynamic model

International Journal of Distributed Sensor Networks ◽

10.1177/1550147720901999 ◽

2020 ◽

Vol 16 (3) ◽

pp. 155014772090199

Author(s):

Yuanming Li ◽

Wei Guo ◽

Xuejun Meng ◽

Wen Xia

Keyword(s):

Wireless Networks ◽

Network Security ◽

Wireless Network ◽

Virtual Private Network ◽

Media Access Control ◽

Security Model ◽

Security Technology ◽

Security Issues ◽

Remote Authentication ◽

Private Network

With the popularization of the Internet, the related information technology is developing faster and faster, and the scale and complexity of the network are also increasing. Wireless networks cover all aspects of life, along with it, network security issues have gradually emerged. In recent years, network security vulnerabilities have been exposed continuously, from WiFi to Bluetooth, people gradually realize the security of wireless networks. The purpose of this article is to solve the existing security problems and study the operation process of RC4 and Advanced Encryption Standard algorithms, and the improvement scheme is put forward. This article is based on the inherent media access control address filtering technology of wireless network card; a dynamic security model for wireless networks is proposed and constructed. Devices accessing the network use 802.1x authentication method and distribute and set security status values for each device, the authentication server uses Remote Authentication Dial in User Service. This article uses the method of virtual private network encryption network to provide an encryption layer for communication between devices and wireless networks, thus, the data in network transmission can be encrypted and protected. In this article, the structure and strategy of Remote Authentication Dial in User Service are changed, in order to ensure the high security of wireless network equipment in the connection process. In the testing phase of this article, we have tested the model in detail several times. Tests are divided into middleman and session interception tests. A large number of test results show that this model can improve the security of wireless network and has good performance.

Download Full-text

Cisco Secured Virtual Private Networks: A Review

Asian Journal of Computer Science and Technology ◽

10.51983/ajcst-2018.7.2.1886 ◽

2018 ◽

Vol 7 (2) ◽

pp. 30-33

Author(s):

Yusera Farooq Khan

Keyword(s):

Review Paper ◽

Virtual Private Network ◽

Virtual Private Networks ◽

Public Network ◽

The Public ◽

Internal Network ◽

Private Network ◽

A Site ◽

Destination Address

Now-a-days the significance of security has been greater than before because of the fact that data has been accessed and transferred through public network. The data which has been transferred could be sniffed which may be a loss for us. When data is transferred in to public network we need confidentiality, integration and authentication. In this review paper we will discuss all these factors that keep our data safe enough. In order to provide this factor a site-to-site virtual private network has been designed which provide more security to data and made the public network into private network. The virtual private network hides the source and destination address as well as it also hides the internal network so that our network would be safe enough.

Download Full-text

Keamanan Jaringan Menggunakan VPN (Virtual Private Network) Dengan Metode PPTP (Point To Point Tunneling Protocol) Pada Kantor Desa Kertaraharja Ciamis

Evolusi : Jurnal Sains dan Manajemen ◽

10.31294/evolusi.v8i1.7658 ◽

2020 ◽

Vol 8 (1) ◽

Author(s):

Sari Dewi

Keyword(s):

Network Security ◽

Data Security ◽

Data Exchange ◽

Virtual Private Network ◽

Security Systems ◽

Proxy Data ◽

Technological Developments ◽

Point To Point ◽

Private Network ◽

District Offices

AbstractSistem Keamanan Jaringan semakin berkembang seiring dengan perkembangan teknologi. Instansi - instansi sudah melakukan komputerisasi, dimana setiap bagian di dalam instansi tersebut sudah menggunakan komputer dalam operasionalnya, hal ini membuat instansi pemerintahan meningkatkan kualitas dan kuantitas sistem teknologi informasi. Dengan adanya komputerisasi di pemerintahan perlu adakannya Sistem Keamanan Jaringan yang baik, agar pertukaran data dari kantor kabupaten ke kantor desa dapat dilakukan secara aman dan terkendali. Berbagai software sudah bisa mengatasi permasalahaan tersebut, akan tetapi dari segi keamanan data itu sendiri yang masih sangat dikhawatirkan kebocoran datanya, oleh karena itu dengan menggunakan teknologi VPN dengan metode PPTP sangat cocok digunakan untuk mengamankan pertukaran data, karena proses kerja VPN yaitu dengan membuat jaringan sendiri yang sifatnya rahasia dengan menggunakan IP Publik, membuat keamanan data lebih terjaga kerahasiaannya dan mencegah kebocoran data oleh pihak-pihak yang tidak bertanggung jawab. Keywords: VPN, PPTP, Keamanan Jaringan, mikrotik, Data. AbstractNetwork Security Systems are increasingly developing along with technological developments. Agencies have done computerization, where every part in the agency has used computers in its operations, this has made government agencies improve the quality and quantity of information technology systems. With computerization in government it is necessary to have a good Network Security System, so that data exchange from district offices to village offices can be done safely and in a controlled manner. Various software can overcome these problems, but in terms of data security itself that is still very much concerned about data leakage, therefore using VPN technology with PPTP method is very suitable to be used to secure data exchange, because the VPN work process is to create its own network which is confidential by using Public IP, makes data security more confidential and prevents data leakage by irresponsible parties.Keywords: VPN, PPTP, Network Security, proxy, Data.

Download Full-text

A Survey of Network and Information Security

International Journal of Informatics and Computation ◽

10.35842/ijicom.v1i2.6 ◽

2019 ◽

Vol 1 (2) ◽

pp. 15

Author(s):

Huang Jie

Keyword(s):

Cloud Computing ◽

Network Security ◽

Information Security ◽

Ad Hoc Network ◽

Ad Hoc ◽

Wireless Sensor ◽

Security Threats ◽

Network Attacks ◽

Related Data ◽

Security Issues

Security threats and shows abnormality about security, safety, privacy and trust as network security-related data, in short, security-related data. Apparently, the first step to detect network attacks and intrusions is to collect the security-related data. In this paper, we will present a lot of approaches to solving Networks and Information Security issues. We survey network security in LTE technologies, Vehicular Ad-Hoc Network, and security in Wireless Sensor Network. Internet of Things. In this paper, we describe many methods in Information Security. Is consist of Information Security in Big Data and Cloud Computing.

Download Full-text

VPN Traffic Detection in SSL-Protected Channel

Security and Communication Networks ◽

10.1155/2019/7924690 ◽

2019 ◽

Vol 2019 ◽

pp. 1-17

Author(s):

Muhammad Zain ul Abideen ◽

Shahzad Saleem ◽

Madiha Ejaz

Keyword(s):

Network Security ◽

Intrusion Detection ◽

Network Traffic ◽

Communication Protocols ◽

Virtual Private Network ◽

Domain Name ◽

Network Intrusion ◽

Hypertext Transfer Protocol ◽

Private Network ◽

Transfer Protocol

In recent times, secure communication protocols over web such as HTTPS (Hypertext Transfer Protocol Secure) are being widely used instead of plain web communication protocols like HTTP (Hypertext Transfer Protocol). HTTPS provides end-to-end encryption between the user and service. Nowadays, organizations use network firewalls and/or intrusion detection and prevention systems (IDPS) to analyze the network traffic to detect and protect against attacks and vulnerabilities. Depending on the size of organization, these devices may differ in their capabilities. Simple network intrusion detection system (NIDS) and firewalls generally have no feature to inspect HTTPS or encrypted traffic, so they rely on unencrypted traffic to manage the encrypted payload of the network. Recent and powerful next-generation firewalls have Secure Sockets Layer (SSL) inspection feature which are expensive and may not be suitable for every organizations. A virtual private network (VPN) is a service which hides real traffic by creating SSL-protected channel between the user and server. Every Internet activity is then performed under the established SSL tunnel. The user inside the network with malicious intent or to hide his activity from the network security administration of the organization may use VPN services. Any VPN service may be used by users to bypass the filters or signatures applied on network security devices. These services may be the source of new virus or worm injected inside the network or a gateway to facilitate information leakage. In this paper, we have proposed a novel approach to detect VPN activity inside the network. The proposed system analyzes the communication between user and the server to analyze and extract features from network, transport, and application layer which are not encrypted and classify the incoming traffic as malicious, i.e., VPN traffic or standard traffic. Network traffic is analyzed and classified using DNS (Domain Name System) packets and HTTPS- (Hypertext Transfer Protocol Secure-) based traffic. Once traffic is classified, the connection based on the server’s IP, TCP port connected, domain name, and server name inside the HTTPS connection is analyzed. This helps in verifying legitimate connection and flags the VPN-based traffic. We worked on top five freely available VPN services and analyzed their traffic patterns; the results show successful detection of the VPN activity performed by the user. We analyzed the activity of five users, using some sort of VPN service in their Internet activity, inside the network. Out of total 729 connections made by different users, 329 connections were classified as legitimate activity, marking 400 remaining connections as VPN-based connections. The proposed system is lightweight enough to keep minimal overhead, both in network and resource utilization and requires no specialized hardware.

Download Full-text

Virtual Private Network Security

Complete Book of Remote Access ◽

10.1201/9781420000429-29 ◽

2002 ◽

pp. 263-280

Keyword(s):

Network Security ◽

Virtual Private Network ◽

Private Network

Download Full-text

Traffic Engineering for Provisioning Hose Model VPNs with Delay Requirements

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.383-390.4241 ◽

2011 ◽

Vol 383-390 ◽

pp. 4241-4245

Author(s):

Yu Liang Liu

Keyword(s):

Service Provider ◽

Traffic Engineering ◽

Virtual Private Network ◽

Network Service ◽

Security Issues ◽

Network Service Provider ◽

Encryption Decryption ◽

Bandwidth Guarantees ◽

Private Network ◽

Hose Model

Virtual Private Network (VPN) is a logic network established on top of a public packet switched network. Previous research works on VPN mainly focused on security issues, such as tunneling, encryption/decryption and authentication. To guarantee that customers’ QoS requirements specified by customers can be met, the network service provider needs to reserve enough network resources on the network, and allocate/manage them in an optimal way. Traffic engineering algorithms can be used by the network service provider to establish multiple VPNs in an optimal way, while meeting customers’ QoS requirements. Previous works on VPN traffic engineering focus on meeting bandwidth guarantees, however, for some network applications, such as VOIP and IPTV, meeting delay requirement is one of another vital issue. To our knowledge until now, issues about traffic engineering for establishing VPNs meeting both bandwidth and delay requirements have not been investigated. In this paper, we proposed a novel VPN traffic engineering algorithm for establishing hose model VPNs with delay requirements. According to experimental simulations conducted our algorithm achieved better performance compared to previous ones.

Download Full-text

Analysis of network security organization based on SD-WAN technology

Eastern-European Journal of Enterprise Technologies ◽

10.15587/1729-4061.2021.242993 ◽

2021 ◽

Vol 5 (9 (113)) ◽

pp. 56-69

Author(s):

Gulzinat Ordabayeva ◽

Abdizhapar Saparbayev ◽

Bibinur Kirgizbayeva ◽

Gulzat Dzhsupbekova ◽

Nazira Rakhymbek

Keyword(s):

Network Security ◽

Network Architecture ◽

Virtual Private Network ◽

Wide Area ◽

Area Network ◽

Wide Area Network ◽

Complete Control ◽

Secure Networks ◽

Private Network ◽

The Cost

A Software-Defined Network (SDN) on a Wide Area Network (WAN) is a computer network that is controlled and created by software. SD-WAN is an emerging research area that has received a lot of attention from industry and government. This technology offers tremendous opportunities to support the creation of consolidated data centers and secure networks. This is an innovation that allows the network to be monitored and programmed so that it can respond to network events caused by security breaches. This solution provides network security, offers a single network management console, and provides complete control over the network architecture. Also controls security in the cloud software-defined infrastructure (SDI), such as dynamically changing the network configuration when forwarding packets, blocking, redirecting, changing Media Access Control (MAC) or Internet Protocol (IP) addresses, limiting the packet flow rate etc. Using SD-WAN technology, it is possible to reduce the cost of dedicated bandwidth channels, achieve a high-quality Virtual Private Network (VPN), and the ability to automatically select a channel for certain channels. The main advantages of SD-WAN are the management of an unlimited number of devices from a single center, reducing the cost of deploying branch infrastructure. According to the results of the survey, 7 % of respondents use SD-WAN for security solutions, 14% at the piloting stage. As a result of the research, it was revealed that by 2024, to increase the flexibility and support of cloud applications, more than 60 % of SD-WAN customers will implement the SASE (Secure Access Service Edge) architecture, which is 30% more than in 2020 and the main concept - application security and cloud functions. Keywords: OpenFlow, Software defined wide area network (SD-WAN), architecture, DDoS attack, WAN network

Download Full-text