Intrusion Prevention System in VPN with Entities Based Access Rule and Vibrant Key Authentication.

VPN technology continues to struggle with intruders attacks that cripple their network performance and connectivity. This compels security threats on the remote network because its firewall does not know what transfer is flowing within VPN tunnel. This paper proposes a new framework called V-Safe which provides vibrant key authentication and entities based access rule to prevent intruders. The traditional access rule models are group based and it is not an effective mechanism since it uses common identity for access control. The entities based access rule provides access permission based on various entities like requestors, resources, actions and environment that will prevent against intruders and performs deep scans to detect and block most suspicious threats and attacks. The V-Safe framework is evaluated through simulation and it shows the proposed system is more secure and efficient than the existing intrusion prevention system.

[1]  Ioan Lita,et al.  VPN Platform for e-learning technologies focused on group of topics: Passive components and circuits, electronic materials, electronic technology , 2011, Proceedings of the 2011 34th International Spring Seminar on Electronics Technology (ISSE).

[2]  Drago Zagar,et al.  VPN network protection by IDS system implementation , 2011, 2011 Proceedings of the 34th International Convention MIPRO.

[3]  Svein J. Knapskog,et al.  Real-time intrusion prevention and security analysis of networks using HMMs , 2008, 2008 33rd IEEE Conference on Local Computer Networks (LCN).

[4]  Mustaque Ahamad,et al.  Generalized role-based access control , 2001, Proceedings 21st International Conference on Distributed Computing Systems.

[5]  M.N.O. Sadiku,et al.  Application of Wavelets and Self-similarity to Enterprise Network Intrusion Detection and Prevention Systems , 2007, 2007 IEEE International Symposium on Consumer Electronics.

[6]  Moti Yung,et al.  Fourth-factor authentication: somebody you know , 2006, CCS '06.

[7]  Eric Vyncke,et al.  IPsec Configuration Policy Information Model , 2003, RFC.

[8]  Deris Stiawan,et al.  The trends of Intrusion Prevention System network , 2010, 2010 2nd International Conference on Education Technology and Computer.

[9]  Sajjad Ahmad,et al.  Design of Algorithm for Environment based Dynamic Access Control Model for Database Systems , 2011 .

[10]  Zhiyi Fang,et al.  Domain-Based Access Control for Collaborative E- Commerce System , 2007, 2007 2nd International Conference on Pervasive Computing and Applications.

[11]  Songwu Lu,et al.  Design and Implementation of Cross-Domain Cooperative Firewall , 2007, 2007 IEEE International Conference on Network Protocols.

[12]  Xiaomei Bai,et al.  The application of VPN technology in the university's library , 2011, 2011 IEEE 3rd International Conference on Communication Software and Networks.

[13]  NIDS: A Network Based Approach to Intrusion Detection and Prevention , 2009, 2009 International Association of Computer Science and Information Technology - Spring Conference.