Port randomized VPN by mobile codes

A key advantage of SSL (secure socket layer) VPN is that no specialized client software is required. When a user requests access to a server, the SSL client module, which is a Java applet code, is downloaded into the host first. However, it is quite likely that not all applications run well, because a client cannot connect with a server through an HTTPS tunnel in some applications. Moreover, there is the possibility that we can not use the VPN connections when the SSL port is under denial of service (DoS) or distributed DoS (DDoS) attack. We propose a port randomized VPN architecture such that any application can use the VPN and the VPN has strength against DoS or DDoS attack. The proposed VPN uses the same Java applet as existing SSL VPNs use, but the function of the applet, which we call mobile code, is dynamically changed by Java remote method invocation (RMI). The VPN client applet can cooperate with a VPN server and a firewall in the server side.