S.Saraswathi and P.Yogesh, Anna University, India

Internet Protocol (IP) examines only the packet header to forward the packet but it does not examine the data in it. As internet is open to public, the seeking for sensitive data by the attacker has increased. It has become a necessity to protect data through the Internet. Virtual Private Network (VPN) is a popular service to logically construct private network using the existing public infrastructure. It helps in constructing a geographically dispersed LAN that can securely communicate data using the Internet as the backbone communication network. IP Security (IPSec) VPN provides confidentiality, integrity and availability through tunnelling and encryption. IPSec protocol provides various security features but it does not provide any protection against Denial of Service (DoS) attack. DoS attacks to VPN represent a serious threat to enterprises operating over the Internet. It also hinders the services provided by the service providers. Malicious traffic enters into the Internet only through the edge network. To provide an uninterrupted VPN service, a protection mechanism is to be added at the edge network. This paper discusses such protection mechanisms based on filtering and cryptographic technique.

VPN, DoS