A Route Handoff Method Based on Virtual Private Network in Vehicle Information Network

Vehicle information system is the data center of vehicle communication networks, and the vehicle gateway is the core of the vehicle information system, in order to support the vehicle information system both WLAN and CDMA interfaces, a virtual network device (VND) in Linux embedded System is designed and implemented as a mid-layer module between the real device driver and internet protocol stack called driver middleware. The VND can establish a virtual private network between the vehicle information device and agent server. The virtual network interface is designed to catch the packets both input and output processing for the sake of checking the route before the packets transmission. Both the terminal and the agent have the driver middleware to ensure smooth flow routing.

Download Full-text

IPv6 in IPv4 Virtual Private Network Based on Virtual Devices in Vehicle Information System

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.321-324.2910 ◽

2013 ◽

Vol 321-324 ◽

pp. 2910-2913

Author(s):

Liang Dong Qu ◽

Xin Yu Cui ◽

Xiao Nan Liu

Keyword(s):

Information System ◽

Embedded System ◽

Communication Networks ◽

Device Driver ◽

Virtual Private Network ◽

Vehicle Communication ◽

Remote Server ◽

Vehicle Information ◽

Private Network ◽

Network Device

Vehicle information system is the data center of vehicle communication networks, for the sake of connecting the IPv6 host through IPv4 network area, a virtual network device (VND) in Linux embedded System is designed and implemented as a mid-layer module between the real device driver and internet protocol stack. The VND can establish a virtual tunnel between the vehicle information device and agent server. Both vehicle information device and agent server can support IPv4 and IPv6.Through the virtual tunnel, the agent server picked up the IPv6 packet which was built in IPv4 UDP data area, and transmit the IPv6 packets to the IPv6 remote server. So it works like a VPN device. The hardware platform of the vehicle gateway is based on ARM9, and the software is based on ARM-Linux. The instruction of hardware and software are as well as put forward.

Download Full-text

Virtual Network With Virtual Router/Firewall Using Endian Firewall Community (EFW)

Advances in Computer and Electrical Engineering - Design and Use of Virtualization Technology in Cloud Computing ◽

10.4018/978-1-5225-2785-5.ch013 ◽

2018 ◽

pp. 260-276

Author(s):

Ganesh Chandra Deka ◽

Prashanta Kumar Das

Keyword(s):

Open Source ◽

Secure Communication ◽

Virtual Machines ◽

Virtual Private Network ◽

The Other ◽

Virtual Network ◽

Desktop Computer ◽

Internet Connection ◽

Private Network

With Open source virtualization software like VMware Player and Virtualbox, it is easy to install and run Virtual machines (VMs) in a home desktop computer. Endian Firewall provides a service called VPN (Virtual Private Network); it offers a secure communication between two different networks by using internet connection. In this chapter, we will install an Endian Firewall Community OS in one of the virtual machines (VM) and network it with the other VM for creating a firewall/router/proxy/VPN.

Download Full-text

Harnessing HPC resources for CMS jobs using a Virtual Private Network

EPJ Web of Conferences ◽

10.1051/epjconf/202125102032 ◽

2021 ◽

Vol 251 ◽

pp. 02032

Author(s):

Benjamin Tovar ◽

Brian Bockelman ◽

Michael Hildreth ◽

Kevin Lannon ◽

Douglas Thain

Keyword(s):

High Performance ◽

Single Point ◽

Network Connectivity ◽

Virtual Private Network ◽

Virtual Network ◽

Network Access ◽

Computing Centers ◽

Private Network ◽

The University ◽

Network Interfaces

The processing needs for the High Luminosity (HL) upgrade for the LHC require the CMS collaboration to harness the computational power available on non-CMS resources, such as High-Performance Computing centers (HPCs). These sites often limit the external network connectivity of their computational nodes. In this paper we describe a strategy in which all network connections of CMS jobs inside a facility are routed to a single point of external network connectivity using a Virtual Private Network (VPN) server by creating virtual network interfaces in the computational nodes. We show that when the computational nodes and the host running the VPN server have the namespaces capability enabled, the setup can run entirely on user space with no other root permissions required. The VPN server host may be a privileged node inside the facility configured for outside network access, or an external service that the nodes are allowed to contact. When namespaces are not enabled at the client side, then the setup falls back to using a SOCKS server instead of virtual network interfaces. We demonstrate the strategy by executing CMS Monte Carlo production requests on opportunistic non-CMS resources at the University of Notre Dame. For these jobs, cvmfs support is tested via fusermount (cvmfsexec), and the native fuse module.

Download Full-text

Implementation of a Virtual Private Network-Based Laboratory Information System Serving a Rural Area in Turkey

Laboratory Medicine ◽

10.1309/tbv892flwndnm542 ◽

2006 ◽

Vol 37 (9) ◽

pp. 527-531

Author(s):

Kemal Turhan ◽

Temel Kayikcioglu

Keyword(s):

Information System ◽

Rural Area ◽

Virtual Private Network ◽

Laboratory Information System ◽

Private Network

Download Full-text

A Remote Access Security Model based on Vulnerability Management

International Journal of Information Technology and Computer Science ◽

10.5815/ijitcs.2020.05.03 ◽

2020 ◽

Vol 12 (5) ◽

pp. 38-51

Author(s):

Samuel Ndichu ◽

◽

Sylvester McOyowo ◽

Henry Okoyo ◽

Cyrus Wekesa

Keyword(s):

Communication Networks ◽

Detection System ◽

Denial Of Service ◽

Virtual Private Network ◽

Remote Access ◽

Security Model ◽

Public Networks ◽

Vulnerability Management ◽

Private Network ◽

Access Security

Information security threats exploit vulnerabilities in communication networks. Remote access vulnerabilities are evident from the point of communication initialization following the communication channel to data or resources being accessed. These threats differ depending on the type of device used to procure remote access. One kind of these remote access devices can be considered as safe as the organization probably issues it to provide for remote access. The other type is risky and unsafe, as they are beyond the organization’s control and monitoring. The myriad of devices is, however, a necessary evil, be it employees on public networks like cyber cafes, wireless networks, vendors support, or telecommuting. Virtual Private Network (VPN) securely connects a remote user or device to an internal or private network using the internet and other public networks. However, this conventional remote access security approach has several vulnerabilities, which can take advantage of encryption. The significant threats are malware, botnets, and Distributed Denial of Service (DDoS). Because of the nature of a VPN, encryption will prevent traditional security devices such as a firewall, Intrusion Detection System (IDS), and antivirus software from detecting compromised traffic. These vulnerabilities have been exploited over time by attackers using evasive techniques to avoid detection leading to costly security breaches and compromises. We highlight numerous shortcomings for several conventional approaches to remote access security. We then adopt network tiers to facilitate vulnerability management (VM) in remote access domains. We perform regular traffic simulation using Network Security Simulator (NeSSi2) to set bandwidth baseline and use this as a benchmark to investigate malware spreading capabilities and DDoS attacks by continuous flooding in remote access. Finally, we propose a novel approach to remote access security by passive learning of packet capture file features using machine learning and classification using a classifier model.

Download Full-text

Virtual Network Construction Technique, Treating All VPNs Simultaneously

Elektronika ir Elektrotechnika ◽

10.5755/j01.eie.26.2.22981 ◽

2020 ◽

Vol 26 (2) ◽

pp. 77-84

Author(s):

Srecko Krile ◽

Martin Medvecky

Keyword(s):

Virtual Private Network ◽

Virtual Network ◽

Traffic Flows ◽

Virtual Networks ◽

Huge Number ◽

Construction Technique ◽

New Construction ◽

Private Network ◽

Unbalanced Network ◽

Better Than

In the paper, a new construction technique for virtual network (e.g., Virtual Private Network (VPN)) based on flow permutation algorithm is proposed. In existing methods for creating virtual networks, whereby virtual networks are constructed one by one in time and the new virtual network can use only the remaining resources, it could be non-optimal. Our approach treats all traffic flows simultaneously and is capable of balancing the network much better than other existing techniques. As we show, the proposed new construction technique work well, even in the condition of hard loaded networks operating on the edge of capacity, i.e., in situations when traditional techniques could cause unbalanced network and significant congestion problems. For huge number of traffic flows, heuristic algorithm, whose complexity rises linearly, is evaluated.

Download Full-text

USING OF VIRTUAL PRIVATE NETWORK TECHNOLOGY FOR SIGNAL TRANSMISSION IN CORPORATE NETWORKS

NEWS of National Academy of Sciences of the Republic of Kazakhstan ◽

10.32014/2021.2518-170x.69 ◽

2021 ◽

Vol 447 (3) ◽

pp. 100-103

Author(s):

M.A. Khizirova ◽

Katipa Chezhimbayeva ◽

Almira Mukhamejanova ◽

Zhanat Manbetova ◽

Bulbul Ongar

Keyword(s):

Customer Service ◽

Signal Transmission ◽

Virtual Private Network ◽

Virtual Network ◽

Corporate Networks ◽

Current State ◽

Transmission Modes ◽

Private Network ◽

Corporate Information Systems ◽

New Generation

This paper discusses some modes of signal transmission for corporate systems using the technology of virtual private networks VPN. A very important property of tunnels is the ability to differentiate different types of traffic and assign them the necessary service priorities. In this work, research has been carried out and comparative characteristics of signal transmission modes using virtual networks have been obtained to identify the effectiveness of the network in various modes of organizing a virtual network, and to optimize a virtual network in order to identify an effective method for organizing a VPN. Also, the work analyzes the specifics of the work of corporate information systems and networks intended for their maintenance, showed that for building a corporate network it is advisable to use virtual private network (VPN) technology, which makes it possible to ensure the fulfillment of the basic requirements for the security and quality of customer service and applications and the current state and direction of development of VPN technology when creating new generation corporate networks, while highlighting the main tasks that need to be addressed when creating a network. Some features of setting up an IPSec VPN server for corporate networks are considered.

Download Full-text

RANCANG BANGUN KEAMANAN TRANSFER DATA VOIP OVER VPN PADA SISTEM OPENSOURCE TRIXBOX

Jurnal Pendidikan Teknologi dan Kejuruan ◽

10.23887/jptk-undiksha.v11i1.4077 ◽

2014 ◽

Vol 11 (1) ◽

Author(s):

I Wayan Eka Putra Darmawan

Keyword(s):

Internet Protocol ◽

Virtual Private Network ◽

Transfer Data ◽

Virtual Channels ◽

End To End ◽

Private Network

VoIP (Voice over Internet) dikenal juga dengan sebutan IP (Internet Protocol) Telephony saat ini semakin banyak digunakan karena memiliki beberapa keunggulan, salah satu diantaranya yaitu tarif yang jauh lebih murah daripada tarif telepon tradisional sehinggapengguna telepon dapat memilih layanan tersebut sesuai dengan kebutuhannya. VoIP dapat mereduksi biaya percakapan sampai 70%. Selain memiliki beberapa keunggulan di atas,VoIP juga memiliki kelemahan yang sangat vital yaitu dari segi keamanan transfer suarakarena berbasis IP, sehingga siapapun bisa melakukan penyadapan dan perekaman terhadap data VoIP. Ganguan yang terjadi pada sistem VoIP ada berbagai macam diantaranya, transferdata yang lewat pada suatu jaringan seperti misalnya dapat disalahgunakan (abuse), dapatdibajak isi data tersebut (sniffing), dan tidak dapat mengakses server dikarenakan server yang kelebihan muatan (Denial of Services).Ada beberapa cara untuk mengamankan komunikasi data VoIP, antara lain, dengan mengamankan jalur yang digunakan pengguna untuk melakukan komunikasi VoIP denganmenggunakan metode VPN (Virtual Private Network) dan juga dapat dilakukan suatu metode kriptografi pada aplikasi VoIP tersebut sehingga data yang dikirimkan dapat dilindungidengan baik. VPN adalah teknik pengaman jaringan yang bekerja dengan cara membuat suatu tunnel sehingga jaringan yang dipercaya dapat menghubungkan jaringan yang ada diluar melalui internet. Titik akhir dari VPN adalah tersambungnya Virtual Channels (VCs)dengan cara pemisahan. Kenyataannya koneksi sebuah end-to-end VPN tergantung dari sebuah nilai dari hubungan daripada titik-titiknya. VPN mempunyai dua metode dalampengamanan yakni IPSec dan Crypto IP Encapsulation (CIPE). Selain itu dapat dipergunakan teknik Kriptografi (cryptography) yang merupakan ilmu dan seni penyimpanan pesan, data,atau informasi secara aman.Sistem VoIP menggunakan VPN ini diharapkan dapat memberikan keamanan transfer data pada jaringan internet maupun intranet.

Download Full-text

Analisis Performa Site to Site IP Security Virtual Private Network (VPN) Menggunakan Algoritma Enkripsi ISAKMP

JUITA Jurnal Informatika ◽

10.30595/juita.v7i2.4491 ◽

2019 ◽

Vol 7 (2) ◽

pp. 129

Author(s):

Firmansyah Firmansyah ◽

Mochamad Wahyudi ◽

Rachmat Adi Purnama

Keyword(s):

Virtual Private Network ◽

Private Network

Download Full-text

Analisis Penerapan Virtual Private Network Menggunakan Tools Hacking

10.31227/osf.io/a8c7d ◽

2019 ◽

Author(s):

Amarudin ◽

Sampurna Dadi Riskiono

Keyword(s):

Denial Of Service ◽

Virtual Private Network ◽

Private Network

Akhir-akhir ini sudah mulai banyak perusahaan yang memanfaatkan protokol Virtual Private Network (VPN) sebagai media akses/komunikasi antar jaringan interlokal. VPN adalah sebuah protokol keamanan jaringan yang dapat digunakan sebagai salah satu cara untuk meningkatkan keamanan jaringan dari sisi transmisi data. Dengan pemanfaatan VPN, koneksi antar jaringan dapat terbentuk secara virtual walaupun tidak terbentuk secara fisik. Selain itu, dengan memanfaatkan protokol VPN, user (client) dapat mengkases Server secara private melalui jaringan public. Dengan demikian komunikasi antara Client dan Server terjaga dari Sniffing (penyadapan) dari pihak yang tidak bertanggung jawab. Akan tetap tingkat keamanan yang dihasilkan dari penerapan VPN ini perlu dilakukan pengkajian yang lebih dalam. Sehingga tingkat keamanannya dapat diketahui apakah sudah termasuk dalam kategori aman ataukah masih ada peluang bug yang membahayakan dari penetrasi. Dalam penelitian ini dilakukan pengujian Scanning dan Sniffing pada penerapan VPN menggunakan toos hacking yaitu Nmap dan Wireshark. Sedangkan pengujian performansi service pada VPN Server, dilakukan pengujian Denial of Service (DoS) menggunakan tools hacking yaitu LOIC. Adapun objek penelitian ini adalah perangkat Mikrotik RouterOS yang digunakan pada Universitas Teknokrat Indonesia. Hasil penelitian yang didapatkan bahwa komunikasi data antar jaringan (antara VPN Server dan VPN Client) dapat terenkripsi dengan baik. Akan tetapi dari segi konektifitas antar jaringan sangat dipengaruhi oleh performansi bandwidth yang digunakan oleh sistem jaringan tersebut. Selain itu berdasarkan hasil pengujian performansi service pada VPN Server didapatkan hasil bahwa service pada VPN Server dapat dimatikan pada request (ping) sebesar 1.899.276 request. Hal ini dipengaruhi oleh spesifikasi perangkat Mikrotik RouterOS yang digunakan. Adapun untuk penelitian selanjutnya perlu dilakukan pengujian performansi konektifitas menggunakan bandwith yang lebih besar dan untuk menguji performansi service VPN Server menggunakan spesifikasi perangkat Mikrotik yang lebih baik.

Download Full-text