Quantitative Evaluation of Virtual Private Networks and its Implications for Communication Security in Industrial Protocols
نویسندگان
چکیده
Virtual Private Networks (VPNs) are widely recommended to provide security for otherwise unsecured industrial and SCADA communication protocols. VPNs provide confidentiality, integrity, and availability and are often considered secure. However, implementation vulnerabilities and protocol flaws have exposed VPN weaknesses in many deployments. In this work, we use probabilistic modeling to evaluate and quantify the security of different VPN configurations. By simulating the VPN models in several experiments, we study the trade-offs and parameter dependence of each configuration. Using the evaluation results, we provide a few recommendations for secure VPN deployment in industrial systems.
منابع مشابه
Provably secure and efficient identity-based key agreement protocol for independent PKGs using ECC
Key agreement protocols are essential for secure communications in open and distributed environments. Recently, identity-based key agreement protocols have been increasingly researched because of the simplicity of public key management. The basic idea behind an identity-based cryptosystem is that a public key is the identity (an arbitrary string) of a user, and the corresponding private key is ...
متن کاملOn the Security of O-PSI a Delegated Private Set Intersection on Outsourced Datasets (Extended Version)
In recent years, determining the common information privately and efficiently between two mutually mistrusting parties have become an important issue in social networks. Many Private set intersection (PSI) protocols have been introduced to address this issue. By applying these protocols, two parties can compute the intersection between their sets without disclosing any information about compone...
متن کاملAn Incentive-Aware Lightweight Secure Data Sharing Scheme for D2D Communication in 5G Cellular Networks
Due to the explosion of smart devices, data traffic over cellular networks has seen an exponential rise in recent years. This increase in mobile data traffic has caused an immediate need for offloading traffic from operators. Device-to-Device(D2D) communication is a promising solution to boost the capacity of cellular networks and alleviate the heavy burden on backhaul links. However, dir...
متن کاملDetecting Bot Networks Based On HTTP And TLS Traffic Analysis
Abstract— Bot networks are a serious threat to cyber security, whose destructive behavior affects network performance directly. Detecting of infected HTTP communications is a big challenge because infected HTTP connections are clearly merged with other types of HTTP traffic. Cybercriminals prefer to use the web as a communication environment to launch application layer attacks and secretly enga...
متن کاملPerformance Evaluation of Secure Data Transmission Mechanism (SDTM) for Cloud Outsourced Data and Transmission Layer Security (TLS)
The Cloud has become a significant topic in computing; however, the trend has established a new range of security issues that need to be addressed. In Cloud, the data and associated software are not under their control. In addition, with the growing demands for Cloud networks communication. With the increasing demand for computer communications the need for security is growing dramatically. The...
متن کامل