1. Network Security IEEE 2014 Projects
Web : www.kasanpro.com Email : sales@kasanpro.com
List Link : http://kasanpro.com/projects-list/network-security-ieee-2014-projects
Title :The Silence of the LANs: Efficient Leakage Resilience for IPsec VPNs
Language : C#
Project Link : http://kasanpro.com/p/c-sharp/efficient-leakage-resilience-ipsec-vpns
Abstract : Virtual Private Networks (VPNs) are increasingly used to build logically isolated networks. However,
existing VPN designs and deployments neglected the problem of traffic analysis and covert channels. Hence, there
are many ways to infer information from VPN traffic without decrypting it. Many proposals have been made to mitigate
network covert channels, but previous works remained largely theoretical or resulted in prohibitively high padding
overhead and performance penalties.
In this work, we (1) analyse the impact of covert channels in IPsec, (2) present several improved and novel
approaches for covert channel mitigation in IPsec, (3) propose and implement a system for dynamic performance
trade-o_s, and (4) implement our design in the Linux IPsec stack and evaluate its performance for different types of
traffic and mitigation policies. At only 24% overhead, our prototype enforces tight information-theoretic bounds on all
information leak- age. To encourage further research on practical systems, our prototype is available for public use.
Title :The Silence of the LANs: Efficient Leakage Resilience for IPsec VPNs
Language : NS2
Project Link : http://kasanpro.com/p/ns2/efficient-leakage-resilience-ipsec-vpns-code
Abstract : Virtual Private Networks (VPNs) are increasingly used to build logically isolated networks. However,
existing VPN designs and deployments neglected the problem of traffic analysis and covert channels. Hence, there
are many ways to infer information from VPN traffic without decrypting it. Many proposals have been made to mitigate
network covert channels, but previous works remained largely theoretical or resulted in prohibitively high padding
overhead and performance penalties.
In this work, we (1) analyse the impact of covert channels in IPsec, (2) present several improved and novel
approaches for covert channel mitigation in IPsec, (3) propose and implement a system for dynamic performance
trade-o_s, and (4) implement our design in the Linux IPsec stack and evaluate its performance for different types of
traffic and mitigation policies. At only 24% overhead, our prototype enforces tight information-theoretic bounds on all
information leak- age. To encourage further research on practical systems, our prototype is available for public use.