dc.contributor.author | Samuel Ndichu, Sylvester McOyowo, and Henry Okoyo,Cyrus Wekesa | |
dc.date.accessioned | 2022-01-27T12:20:29Z | |
dc.date.available | 2022-01-27T12:20:29Z | |
dc.date.issued | 2020 | |
dc.identifier.issn | 2020, 5, 38-51 | |
dc.identifier.uri | https://repository.maseno.ac.ke/handle/123456789/4698 | |
dc.description | Online content URI: http://www.mecs-press.org/) | en_US |
dc.description | Online content URI: http://www.mecs-press.org/) | en_US |
dc.description.abstract | Information security threats exploit vulnerabilities in communication networks. Remote access
vulnerabilities are evident from the point of communication initialization following the communication channel to data
or resources being accessed. These threats differ depending on the type of device used to procure remote access. One
kind of these remote access devices can be considered as safe as the organization probably issues it to provide for
remote access. The other type is risky and unsafe, as they are beyond the organization’s control and monitoring. The
myriad of devices is, however, a necessary evil, be it employees on public networks like cyber cafes, wireless networks,
vendors support, or telecommuting. Virtual Private Network (VPN) securely connects a remote user or device to an
internal or private network using the internet and other public networks. However, this conventional remote access
security approach has several vulnerabilities, which can take advantage of encryption. The significant threats are
malware, botnets, and Distributed Denial of Service (DDoS). Because of the nature of a VPN, encryption will prevent
traditional security devices such as a firewall, Intrusion Detection System (IDS), and antivirus software from detecting
compromised traffic. These vulnerabilities have been exploited over time by attackers using evasive techniques to avoid
detection leading to costly security breaches and compromises. We highlight numerous shortcomings for several
conventional approaches to remote access security. We then adopt network tiers to facilitate vulnerability management
(VM) in remote access domains. We perform regular traffic simulation using Network Security Simulator (NeSSi2) to
set bandwidth baseline and use this as a benchmark to investigate malware spreading capabilities and DDoS attacks by
continuous flooding in remote access. Finally, we propose a novel approach to remote access security by passive
learning of packet capture file features using machine learning and classification using a classifier model. | en_US |
dc.description.abstract | Information security threats exploit vulnerabilities in communication networks. Remote access
vulnerabilities are evident from the point of communication initialization following the communication channel to data
or resources being accessed. These threats differ depending on the type of device used to procure remote access. One
kind of these remote access devices can be considered as safe as the organization probably issues it to provide for
remote access. The other type is risky and unsafe, as they are beyond the organization’s control and monitoring. The
myriad of devices is, however, a necessary evil, be it employees on public networks like cyber cafes, wireless networks,
vendors support, or telecommuting. Virtual Private Network (VPN) securely connects a remote user or device to an
internal or private network using the internet and other public networks. However, this conventional remote access
security approach has several vulnerabilities, which can take advantage of encryption. The significant threats are
malware, botnets, and Distributed Denial of Service (DDoS). Because of the nature of a VPN, encryption will prevent
traditional security devices such as a firewall, Intrusion Detection System (IDS), and antivirus software from detecting
compromised traffic. These vulnerabilities have been exploited over time by attackers using evasive techniques to avoid
detection leading to costly security breaches and compromises. We highlight numerous shortcomings for several
conventional approaches to remote access security. We then adopt network tiers to facilitate vulnerability management
(VM) in remote access domains. We perform regular traffic simulation using Network Security Simulator (NeSSi2) to
set bandwidth baseline and use this as a benchmark to investigate malware spreading capabilities and DDoS attacks by
continuous flooding in remote access. Finally, we propose a novel approach to remote access security by passive
learning of packet capture file features using machine learning and classification using a classifier model. | en_US |
dc.publisher | Modern Education & Computer science Press | en_US |
dc.subject | VPN, DMZ, malware, DDoS attack, encrypted traffic, vulnerability management, machine learning | en_US |
dc.subject | VPN, DMZ, malware, DDoS attack, encrypted traffic, vulnerability management, machine learning | en_US |
dc.title | A Remote Access Security Model based on Vulnerability Management | en_US |
dc.type | Article | en_US |