Evaluation of virtual private network employing secure on demand IP based connection (SeDIC) / Mohamed Sulaiman Sultan Suhaibuddeen

Sultan Suhaibuddeen, Mohamed Sulaiman (2010) Evaluation of virtual private network employing secure on demand IP based connection (SeDIC) / Mohamed Sulaiman Sultan Suhaibuddeen. PhD thesis, Universiti Teknologi MARA.


IP communication had gain increasing demand especially in the era where network convergences between various technologies involving peripherals and system architectures. While expanding the capability of the interconnect device, major works are being done in producing two biggest components which are interoperability and backward capability. Security vulnerabilities are still become major consideration towards this move. Diverse security measures had been put in place to improve security entropy including the introduction of secure port services, better tunneling protocols and complex encryptions cryptography. Most of these works does not address the fundamental of the security risk which is to avoid newly discovered exploits and protect credential from man-in-middle attack. In this research network communication framework is being reviewed in finding and addressing essential risk in each building block. A generally well accepted opinion urged in order to improve security aspects of any system or protocol; it shall negatively impact both flexibility and speed, also being studied. An experimental work involving three types of existing environment, which include insecure connection as basis, against pre-shared key and PKI, are being modeled. The testing computers are connected via local area network, and readings are taken while the security parameters are gathered while performing various testing tools. The test subject being evaluated by streaming 60 seconds video while monitoring the CPU and network overheads. The result shows plain insecure connection uses the lowest and having the smallest network overheads, but the security attributes are very low compared to pre-shared key and PKI. This research aims to find a new method which can give CPU and network reading relatively close to the plain environment as well as maintaining high security data transmissions. In examining the result gathered in the experiments, and understanding the issues raised.


[img] Text

Download (105kB)


Fulltext is available at:

ID Number


Actions (login required)

View Item View Item


Downloads per month over past year