Abstract
Globalization is the order of the day. Linking globally dispersed corporate offices and securing the data transferred between them is a critical activity. Virtual Private Network (VPN) is a viable and low cost option. VPN is cost effective as the Internet is its backbone. In addition to security, corporate needs uninterrupted and guaranteed service. Internet Protocol Security (IPSec) VPN can live up to their expectations by having reserved bandwidth. IPSec VPN provides confidentiality, availability and integrity. However it does not protect the network from spoofed packet attacks. These attacks target the bandwidth allocated to VPN and degrade the performance of the VPN. Bandwidth Flooding attack on VPN represents a major threat. In this paper we focus on making the reserved bandwidth available fully to the legitimate VPN users. Source end protection architecture is proposed to maximize the utilization of the reserved bandwidth by protecting VPN sites from insider and outsider attacks. The protection from insider attack is based on a probability based rate limiting model. The protection from outsider attack is based on an Access Token Embedded Encapsulating Security Payload (ATEESP) header. We analyze the effectiveness of our proposed architecture through simulation.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
