Full-Text Download    
Subscribe Now
Recommend the Paper
An Enhanced Port Tunneling and Device Tracking Authentication Mechanism  

1 * S. Yamini, 2Dr. D. Maheswari

1, School of Computer Studies - PG, RVS College of Arts & Science, Coimbatore, India

2 School of Computer Studies - PG, RVS College of Arts & Science, Coimbatore, India

Email: 1 yamini@rvsgroup.com, 2 maheswari@rvsgroup.com

Abstract .Port knocking is a technique by which only a single packet or special sequence will permit the firewall to open a port on a machine where all ports are closed by default. It is an unresisting authorization technique which offers firewall-level authentication to ensure authorized access to possibly unprotected network services. This method is liable to attacks when attackers detect the network. This paper suggests a new method which is called “Enhanced Port Tunneling & Device Tracking (EPT & DT)” to banish both DOS-Knocking and NAT- Knocking attacks. The source IP address where an annoyed activity had originated is of limited value because it does not specify a physical locality, besides an endpoint in a network for the exclusive conviction of routing. Furthermore, people and their devices move across the network, changing IP address as significance. It is proficient to have some hints about where a device was at the time the offending action was accomplished. Nevertheless, it would be prudent to connect different pieces of evidence to ascertain additional information, such as IP addresses worn by the corresponding device. Devices constantly accessing a private network, at different times, can be outlined by analyzing and associating Network and Port Address Translation (NAPT) logs, in order to acclaim recurring activity patterns. It is feasible to recognize some of the users from their traffic abnormalities without considering the exposed IP addresses. Experiments were conducted on NAPT logs accumulated in a campus network, with DHCP data providing control points for validation. The main purpose of using NAPT logs is for device tracking.
Keywords : Port knocking, Network Address Translation ; Tunneling, Port security, DOS knocking attacks ; Log analysis, Device tracking, tracing
 URL: http://dx.doi.org/10.7321/jscse.v4.n4.1  

Subscribe Now

Email :    
Subscribe to receive free TOC's JSCSE by email

Recommend To Friend

Email :     People