Abstract:As a result of the expansions that have taken place in the field of networking and the increase in the number of users of networks, there have recently been breakthroughs made in the techniques and methods used for network security. In this paper, a virtual private network (VPN) is proposed as a means of providing the necessary level of security for particular connections that span across vast networks. After the network performance metrics such as time delay and throughput have been accomplished, the suggeste… Show more
“…In [7], a virtual version of a separate secure network based on the use of a VPN gateway is proposed as a means of ensuring the necessary level of security for specific connections that cover large networks. The main indicator for evaluating the efficiency of data transmission in the cited work is the time delay and throughput of data packets through a secure channel.…”
Section: Literature Review and Problem Statementmentioning
This paper considers the process of dynamic reservation of the channel resource of a secure corporate multi-service communication network.
It has been established that the processes of building and functioning of the schemes of a secure corporate multi-service communication network and improving the quality of the implementation of its main work processes involve the evaluation and dynamic reservation of channel resources for incoming aggregated data flows of the network.
The model of dynamic reservation of the channel resource of the aggregated data stream of the secure corporate multi-service communication network was built and proposed. The proposed model makes it possible to set the quantitative values of the reserved channel resource for different service methods depending on the number of component flows in the total aggregated data flow of the VPN tunnel.
It was established that an increase in the density of the aggregated data stream requires an increase in the reserved channel resource. At the same time, its value is influenced by the way of servicing the aggregated data flow in the VPN tunnel of the secure corporate multi-service communication network. Application of the isolated service method gives a gain in the allocated resource for the channel reserve from 10 to 20 percent compared to the group service method for IR and video telephony. This is due to the more flexible management process of the border router's incoming data storage buffer under the isolated service mode.
The model of dynamic reservation of the channel resource of the secure corporate multi-service communication network reported in this paper could be used in the improvement of existing and development of new structures of the secure corporate multi-service communication network. The consequence of such an improvement is a reduction in the delay time for the processing of incoming data packets in the specified network
“…In [7], a virtual version of a separate secure network based on the use of a VPN gateway is proposed as a means of ensuring the necessary level of security for specific connections that cover large networks. The main indicator for evaluating the efficiency of data transmission in the cited work is the time delay and throughput of data packets through a secure channel.…”
Section: Literature Review and Problem Statementmentioning
This paper considers the process of dynamic reservation of the channel resource of a secure corporate multi-service communication network.
It has been established that the processes of building and functioning of the schemes of a secure corporate multi-service communication network and improving the quality of the implementation of its main work processes involve the evaluation and dynamic reservation of channel resources for incoming aggregated data flows of the network.
The model of dynamic reservation of the channel resource of the aggregated data stream of the secure corporate multi-service communication network was built and proposed. The proposed model makes it possible to set the quantitative values of the reserved channel resource for different service methods depending on the number of component flows in the total aggregated data flow of the VPN tunnel.
It was established that an increase in the density of the aggregated data stream requires an increase in the reserved channel resource. At the same time, its value is influenced by the way of servicing the aggregated data flow in the VPN tunnel of the secure corporate multi-service communication network. Application of the isolated service method gives a gain in the allocated resource for the channel reserve from 10 to 20 percent compared to the group service method for IR and video telephony. This is due to the more flexible management process of the border router's incoming data storage buffer under the isolated service mode.
The model of dynamic reservation of the channel resource of the secure corporate multi-service communication network reported in this paper could be used in the improvement of existing and development of new structures of the secure corporate multi-service communication network. The consequence of such an improvement is a reduction in the delay time for the processing of incoming data packets in the specified network
“…In a network pair, a malicious node sends the target node a number of requests, and the target node tries to answer to each one. The target's high request volume lengthens the wait and gives the impression that it is busy (8,9) . This can impede the target from properly responding to legitimate requests or processing them.…”
Objectives: To counteract grey hole and black hole attacks, the proposed method deploys a hybrid framework along with the Ad hoc on-demand distance vector (AODV) routing protocol. A modified protocol is called as SRD-AODV (Secure Route Discovery-Adhoc On-Demand Distance Vector). Methods: The proposed work establishes secure route from secure node discovery, which protects from sequential attacks. The proposed framework has three significant components Node Authentication, Secure Neighbor discovery and route establishment, and Node Isolation system. Findings: Performance metrics like packet delivery ratio and delay are used to assess this protocol's effectiveness. The SRD-AODV protocol contrasts with other active protocols as well as AODV. SRD-AODV has a PDR that is greater by 4.92% than EDRI-AODV and 12.23% than AODV because it excludes network attacks, has flawless routes, and prevents packets drop or connections fail. This is because SRD-AODV has more perfect routes. The proposed SRD-AODV algorithm achieves 58.5% less E2E delay than AODV and 44.5% less than EDRI-AODV. Novelty: This protocol uses a variety of elements and techniques to establish efficient authentication using Elliptic Curve Diffie-Hellman algorithm (ECDHA) techniques, offering both proactive and reactive solutions. Additionally, this tries to secure the data packets and routing table information. Finally, it also aims to identify and stop incursions from sequential attacks in MANET.
Anomaly detection in networks to identify intrusions is a common and successful security measure used in many different types of network infrastructure. Network data traffic has increased due to the proliferation of viruses and other forms of cyber-attacks as network technology and applications have developed quickly. The limitations of classical intrusion detection, such as poor detection accuracy, high false negatives, and dependence on dimensionality reduction methods, become more apparent in the face of massive traffic volumes and characteristic information. That’s why IoT infrastructures often use Software-Defined Networking (SDN), allowing for better network adaptability and control. Hence, this paper’s convolutional neural network-based Security Evaluation Model (CNN-SEM) is proposed to secure the source SDN controller from traffic degradation and protect the source network from DDoS assaults. The proposed CNN-SEM system might defend against DDoS assaults once discovered by applying and testing a Convolutional Neural Network (CNN). The model can automatically extract the useful aspects of incursion samples, allowing for precise classification of such data. The detection and mitigation modules evaluate the proposed SDN security system’s performance, and the findings showed promise against next-generation DDoS assaults. The experimental results show the CNN-SEM achieves a high accuracy ratio of 96.6%, a detection ratio of 97.1%, precision ratio of 97.2%, a performance ratio of 95.1% and an enhanced security rate of 98.1% compared to other methods.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.