Thursday, December 5, 2019
Network Security Vulnerability & VPN Technology - Research Analysis
Question: Describe about the Research on Network Security Vulnerability and VPN Technology Protocols Application? Answer: Introduction This particular research paper emphasizes in identifying the network security vulnerabilities and with Virtual Private Network protocol identification. In order to conduct the research, the analysts first select the outline of the research to identify the several network security components, and examining the existing weaknesses. After that, the researchers recognize the several types of VPN; present the research findings on the data security, analyzing data packets with Wireshark usage. The final research report will determine the outcome as depicting any identified weaknesses in VPN (Yan et al. 2012). Finally, a set of recommendations will be provided on the further research on the agenda. The research methodologies will include the primary and secondary techniques in order to gain detailed responses from the respondent sample. The primary research as in quantitative research will be performed among the users of Virtual Private Network and the qualitative research will be continued for the Internet Service Provider vendors (Aloul et al. 2012). To conduct better analysis on the agenda, the hypotheses are to be identified and individual independent and dependent variables are selected for creating regression or t-test model. To support the primary research outcomes, the secondary or case study analysis will be performed as well. Aim and Objectives The research aim and objectives are illustrated in this section, for showing the primary responsibilities of any research paper in order to conduct detailed analysis (Hahn et al. 2013). This section shows how the aim is relevant in this study, with aspect of the research objectives, with selecting the research questions and hypotheses setting. The weaknesses identify the security vulnerabilities in the context of data security. The technologies as TCP/IP network include weaknesses in HTTP, FTP, ICMP protocols. According to Knapp and Langill (2014), the various network devices are not free from vulnerabilities as well, the devices lack from safe and secure password protection, routing protocols, firewall gaps, and other limitations. In case of configuration, the user accounts, systems accounts with guessable passwords, wrongly configured network, are the primary instances of network vulnerabilities. Again, as Viduto et al. (2012) claimed, in security policies, the weaknesses stay as in lack of continuation, access controls, hardware and software installation without policies, and disaster recovery planning. Research Aim: Research aim is primarily for identifying the research questions and objectives. The aim is to identify the VPN components and their importance analysis, to identify the security technologies and their vulnerabilities, and to analyze the data packet reliability, network security in VPN. Therefore, in short to be precise, the research is aimed at incorporating the VPN technology in order to minimize the existing weaknesses in security options. Research Objectives: After identifying the research aim in this study, the objectives are set as following. To identify the network security technologies and their existing vulnerabilities To identify the VPN components and their importance in context to the data protection To analyze the Data packet security, reliability in non-VPN network To analyze the level of network security required for VPN network with applying Wireshark To present the findings as a report in including recommendations on further research The research objectives are similar for the primary and secondary techniques in this context of VPN security and exiting vulnerabilities identification. In the objectives, the research aims are aligned as usual. Research Questions: After considering the research aim and objectives in this agenda, the researchers have derived the particular research questions. The research questions are noted as following. What are the existing weaknesses in the network security technology components? What are the important factors of VPN acting as a solution in data protection? Are the data packets reliable enough in non-Virtual Private Network? Are there any existing weaknesses present in Virtual Private Network? Research Hypotheses: The hypotheses are set for proving primary research questions with findings in the study. The set hypotheses are the following. Hypothesis 1: H0: The data packets are reliable enough in non-Virtual Private Network. H1: The data packets are not reliable enough in non-Virtual Private Network. Hypothesis 2: H0: There are several existing weaknesses present in Virtual Private Network. H1: No existing weaknesses are present in Virtual Private Network. The hypotheses are relevant for identifying the dependent and independent variable in this context for multiple regression analysis. Research Methodology This section addresses the most appropriate way in which the research will be conducted in order to achieve the complete and detailed results of the process. Vacca (2012) demonstrated that the theories and concepts in research methodology adoption makes the procedure understood to VPN vendors, users with security requirements in non-VPN and VPN architecture. Gonzalez et al. (2012) opined that the detail process of research will lead to common blunders as the limitations of the study and future scope as well. Aside the common errors, the researchers will be able to apply the entire research process for identifying the network security and existing vulnerabilities, VPN security, and other aspects. Method outline: The method outline includes the detailed research techniques, with security vulnerabilities identification and the important factors of VPN in data protection. The selected research approach is deductive with allowing the VPN components recognition, and the identification of vulnerabilities in the current network structure (Van Der Merwe et al. 2014). The descriptive design will help the researcher in order to define the study importance in this aspect. The primary and secondary data sources will increase the study quality and details. Forty-five users of the network will be identified and five ISP vendors will be included in this study. Research Approach: The research approach will set out the study format with showing the two basic types of study as deductive and inductive. The study may include the inductive approach in case of data required is not readily available and the researchers need to derive the data. Rosado (2013) included that the study may be setting new theories with incorporating the older concepts. On the contrary, deductive approach denies the theoretical approach rather than application of practices in the context, the deductive approach includes the data analysis and detailed specifications for new theory emerging (Hengeveld and Harris Corporation 2012). In some cases, the nature of the study should be according to the chosen approach in order to analyze with suitability in the topic. In this particular study, the security technologies and their vulnerabilities will be analyzed with security requirements identification. The inductive approach will fail in this scenario, whereas the deductive approach will be practical with the research agenda. Therefore, the deductive approach will be precise in this context. Research Design: Mullick et al. (2013) determined that the research design supports the explanation framework with the topic with data collection and analysis process. The data collection process will follow a particular design for analysis as identified as exploratory, explanatory and descriptive. Figure 1: Research design (Source: Gong, Liu and Zhou 2013, pp. 3263) Exploratory design is important for acknowledging the several types of ideas and thoughts for research paper completion. The explanatory research design will describe the certain scenarios and incidents occurrence and the derived effect in the study. The descriptive research design is suitable for overall cause-effect analysis with detailed visibility of data and security requirements (Lehmann Jr, and Dye 2013). The selected research design will be descriptive for depicting detailed study with individual results analysis. The explanatory design should not be applied in this context as the research required cross-sectional analysis. Again, the exploratory research design will fail to analyze the with respect to the secondary data sources. Data collection process and analysis techniques: The research will be performed with primary study and secondary sources of data with including the respondents and the secondary research papers. Bianzino et al. (2012) illustrated that the primary study will need to be performed with reliability and data clarifications. The secondary study will analyze the concepts with accessing sufficient literatures, articles, books, blogs and others. The primary data collection will be analyzed with qualitative and quantitative process. The network users and their responses will be analyzed with quantitative techniques and the responses from ISP vendors will be analyzed with qualitative techniques (Conti and Giordano 2014). The two types of data collection and analysis techniques will be able to provide in-depth identification of findings in this context. Sampling Techniques, Size, Population and Ethical Considerations: The sample is selected with identifying the 45 users and 5 individual vendors in UK. For quantitative research process, 45 users and for qualitative research process, 5 vendors are selected. The sampling technique is selected as random probability technique in this study and the respondents will be selected randomly. The sample size is taken as 50 in total and the population for the sample is identified as the United Kingdom VPN users and network vendors available. The ethical considerations are very important in this aspect with comprising the handling technique applicable for the respondents. The respondents should be controlled professionally with setting certain activities and events. Literature Review As per the researchers point of view, there may several types of security vulnerabilities may occur with technical, configuration and security policy perspective. Keromytis (2012) opined that the HTTP, FTP, ICMP and even the SMTP, SNMP protocols are vulnerable with technological insecurity over the design. Again, Yan et al. (2012) discussed that the operating system and platform may turn out to be primary concern for security threats and risks. Moreover, Aloul et al. (2012) claimed the technological threats may include the devices risks and weaknesses. The device weaknesses may include insecure password protection, authentication issues, improper routing protocol, and firewall gaps as well. Hahn et al. (2013) demonstrated that the technological risks and weaknesses as well as the configuration weaknesses may include exploit with insecure user accounts, easily guessable passwords as the common issues in this aspect. Knapp and Langill (2014) illustrated that the internet services may b e wrongly configured in certain scenarios with JavaScript, IIS, FTP problems. The default setting within the products may include several security issues with loopholes. Viduto et al. (2012) depicted that the security policies were in a turf war due to implementing the suitable process to support data reliability and protection. The logical access controlling process lacks from adequate monitoring and auditing process and as well as maintenance (Vacca 2012). The wrongful termination of policies may stand up with legal challenges in policy enforcing. The software and hardware installation and the unnecessary, unapproved changes in network may create security loopholes. Gonzalez et al. (2012) indentified that recovery plan may cause chaos, panic and pandemonium in organizations with chances of sabotage. Apart from the above mentioned reasons and security threats, there are certain issues and risks as malicious insiders, identity theft, and others. The VPN technologies have some other competitive advantages within the network architecture. According to Van Der Merwe et al. (2014), Virtual Private Network incorporates enhances security feature with encrypted facility of data protecting from attackers. Rosado (2013) opined the remote control facility is present in VPN and secure sharing process helps to circulate files among the friends. Again, Hengeveld (2012) mentioned that the bandwidth and network efficiency can be increased even after VPN is implemented. The VPN network reduces cost of maintenance and service providers do not consider the surveillance as a cost concern (Bianzino et al. 2012). Therefore, the VPN is cost-efficient and as well as effective network solution. Conclusion After discussing the research methodologies with literature review, and comparison with several sources, the researchers have concluded that the study will be deductive. The identified sampling method will be random probability sampling and the primary and secondary data collection will be considered. The study included only important part as the data collection and analysis, the entire research the outcome is dependent over the analysis conducted. The analysis provides specific amount of details and along with particular portion of in-depth and empirical view of the study. The study is better understood with the analysis results and findings and hence, the certain research is set up with proven hypotheses. The hypotheses show whether the particular section is proven along with suitable support of sources, articles, documents and others. The undertaken project will become a success with respect to the hypotheses setting, again, when the outcome is verified with the research design; t he outcome is aligned with the project objectives. The alignment is important for verifying the project validity with current study progress. After the project is completed, the project success factors are identified for viewing the project deliverables and whether they are achieved or not. To serve this purpose, sometimes, the project Key Performance Reviewing is utilized with high-value indicators. References Aloul, F., Al-Ali, A.R., Al-Dalky, R., Al-Mardini, M. and El-Hajj, W., 2012. Smart grid security: Threats, vulnerabilities and solutions.International Journal of Smart Grid and Clean Energy,1(1), pp.1-6. Bianzino, A.P., Chaudet, C., Rossi, D. and Rougier, J.L., 2012. A survey of green networking research.Communications Surveys Tutorials, IEEE,14(1), pp.3-20. Conti, M. and Giordano, S., 2014. Mobile ad hoc networking: milestones, challenges, and new research directions.Communications Magazine, IEEE,52(1), pp.85-96. Gong, L.H., Liu, Y. and Zhou, N.R., 2013. Novel quantum virtual private network scheme for PON via quantum secure direct communication.International Journal of Theoretical Physics,52(9), pp.3260-3268. Gonzalez, N., Miers, C., Redigolo, F., Simplicio, M., Carvalho, T., Nslund, M. and Pourzandi, M., 2012. A quantitative analysis of current security concerns and solutions for cloud computing.Journal of Cloud Computing,1(1), pp.1-18. Hahn, A., Ashok, A., Sridhar, S. and Govindarasu, M., 2013. Cyber-physical security testbeds: Architecture, application, and evaluation for smart grid.Smart Grid, IEEE Transactions on,4(2), pp.847-855. Hengeveld, T.A., Harris Corporation, 2012.Multi-tunnel virtual private network. U.S. Patent Application 13/477,185. Keromytis, A.D., 2012. A comprehensive survey of voice over IP security research.Communications Surveys Tutorials, IEEE,14(2), pp.514-537. Knapp, E.D. and Langill, J.T., 2014.Industrial Network Security: Securing critical infrastructure networks for smart grid, SCADA, and other Industrial Control Systems. Syngress. Lehmann Jr, L.C. and Dye, T.A., Meetrix Corporation, 2013.Applying multicast protocols and VPN tunneling techniques to achieve high quality of service for real time media transport across IP networks. U.S. Patent 8,477,778. Mullick, A., Nanjundaswamy, S. and Soni, A., Citrix Systems, Inc., 2013.Method and appliance for authenticating, by an appliance, a client to access a virtual private network connection, based on an attribute of a client-side certificate. U.S. Patent 8,413,229. Rosado, J.J.A., Telefonaktiebolaget LM Ericsson (Publ), 2013.Mobile virtual private networks. U.S. Patent 8,544,080. Vacca, J.R., 2012.Computer and information security handbook. Newnes. Van Der Merwe, J., Gerber, A. and Ramakrishnan, K., AtT Intellectual Property I, LP, 2014.Methods and apparatus to communicatively couple virtual private networks to virtual machines within distributive computing networks. U.S. Patent 8,705,513. Viduto, V., Maple, C., Huang, W. and Lpez-Perz, D., 2012. A novel risk assessment and optimisation model for a multi-objective network security countermeasure selection problem.Decision Support Systems,53(3), pp.599-610. Yan, Y., Qian, Y., Sharif, H. and Tipper, D., 2012. A survey on cyber security for smart grid communications.Communications Surveys Tutorials, IEEE,14(4), pp.998-1010.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.