In recent years, there has been an increasing interest in the authentication process due to the key role that it has in the network security. Port Knocking (PKn) is an authentication method in which data transmits through the closed ports. This method is prone to attacks when attackers sniff the network. This paper proposes a new method which is called "Secure Port Knock-Tunneling" to eliminate both DOS-Knocking and NAT-Knocking attacks. The possibility of implementation of this method is investigated on the Mikrotik devices.
The latest developments in mobile cloud computing (MCC) have changed user's priorities for computing. However, the change towards MCC brings new challenges to cloud service providers and administrators. Authentication is one among the challenges categorized in the classification of security issues for MCC. Port knocking authentication method eliminates user's collaboration during the authentication process. Thus, such technique has the potential to be applied on the MCC environment which can ensure reliable communication. However, current port knocking authentication techniques lack of addressing the issue of knock-sequence length. It is challenging to deploy appropriate length sequence for port knocking authentication for the reason that shorter length knock-sequence degrades security, whereas, deploying longer length sequence involves performance issues in terms of time and buffer management. This paper proposes a dynamic length port knocking authentication framework which addresses the issue of security degradation and optimizes performance in terms of time up and buffer managment. We employ MikroTik RouterOS for the evaluation of the proposed technique. Analysis of the results shows that dynamic length port knocking authentication technique improves performance in terms of time up to 23% and buffer management up to 28% by reducing the imposed load. Furthermore, by deploying dynamic length (DL) and pool of length (PoL), the proposed method reveals high security, which decreases the probability of hacking knock-sequence near to zero for a number of parallel authentication requests. Hence, dynamic length port knocking authentication technique provides an optimal solution for reliable communication in MCC.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.