DEVELOPMENT OF AN IMPROVED APPLICATION SPECIFIC TUNELLING PROTOCOL SELECTION SCHEME FOR SITE TO SITE VIRTUAL PRIVATE NETWORKS

dc.contributor.authorLAWRENCE, ALICE OCHANYA
dc.date.accessioned2020-02-28T09:08:10Z
dc.date.available2020-02-28T09:08:10Z
dc.date.issued2019-03
dc.descriptionA DISSERTATION SUBMITTED TO THE SCHOOL OF POSTGRADUATE STUDIES, AHMADU BELLO UNIVERSITY, ZARIA IN PARTIAL FULFILMENT OF THE REQUIREMENTS FOR THE AWARD OF MASTER OF SCIENCE (M.Sc) DEGREE IN COMPUTER ENGINEERING DEPARTMENT OF COMPUTER ENGINEERING FACULTY OF ENGINEERING AHMADU BELLO UNIVERSITY, ZARIA NIGERIAen_US
dc.description.abstractThis dissertation presents the development of an improved application specific tunnelling protocol selection scheme (iASTPSS) for site-to-site virtual private network (VPN). The aim is to develop an improved tunnelling protocol selection scheme for site to site VPN that is application specific, requiring security, bandwidth, and time sensitivity as a service for applications. ASTPSS has been developed for security, bandwidth, and time sensitive applications, but in the Internet protocol security (IPsec) tunnel which is responsible for providing security as a service to applications, the security algorithms used such as triple data encryption standard (3DES) and message digest 5 (MD5) are vulnerable to a couple of attacks that exposed the network to such attacks. Therefore, iASTPSS was developed to address these attacks through configurations on the tunnel, security algorithms with longer block size and key length namely advanced encryption standard 256 (AES256) and secure hash algorithm 256 (SHA256) that were optimised against these attacks. All software, graphical network simulator3 (GNS3), windows7 operating system (OS), virtual personal computers (VPCs) and Cisco Internetworking operating system (iOS) necessary for the emulation were setup in a virtual network environment running on Ubuntu 14.04 long term space (LTS) as host. Considering security, bandwidth, and time sensitivity as application requirements in a site-to-site VPN testbed, two layer-3 tunnelling protocols that met these requirements, IPsec and generic routing encapsulation (GRE) were deployed on the network developed in GNS3. Network performance was measured using throughput, latency, and round-trip time (RTT) as metrics. In the first stage of development in the IPsec tunnel, using these metrics, a trade-off of network performance for security occurred in iASTPSS in comparison to ASTPSS due to the computational overhead involved in the encryption process of iASTPSS. A second instance of iASTPSS was yet developed for the IPsec tunnel by using open shortest path first (OSPF) routing protocol to improve route convergence time and scale up the network. The effect of using OSPF was seen in the improvement of the network performance in throughput by 1.62% with a corresponding reduction in latency and RTT by 12.58% and 9.25% respectively compared to the first instance of iASTPSS that was configured with RIPv2. Consequently, this made the second instance of iASTPSS also suitable for both bandwidth and time sensitive applications besides security. In the GRE tunnel, iASTPSS outperformed ASTPSS with an improvement in throughput by 10.90%, with a 17.08%, and 66.29% reduction in latency, and RTT respectively.en_US
dc.identifier.urihttp://hdl.handle.net/123456789/12255
dc.language.isoenen_US
dc.subjectDEVELOPMENT,en_US
dc.subjectIMPROVED APPLICATION,en_US
dc.subjectSPECIFIC TUNELLING PROTOCOL SELECTION SCHEME,en_US
dc.subjectSITE TO SITE,en_US
dc.subjectVIRTUAL PRIVATE NETWORKSen_US
dc.titleDEVELOPMENT OF AN IMPROVED APPLICATION SPECIFIC TUNELLING PROTOCOL SELECTION SCHEME FOR SITE TO SITE VIRTUAL PRIVATE NETWORKSen_US
dc.typeThesisen_US
Files
Original bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
DEVELOPMENT OF AN IMPROVED APPLICATION SPECIFIC TUNELLING.pdf
Size:
1.15 MB
Format:
Adobe Portable Document Format
Description:
License bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
1.62 KB
Format:
Item-specific license agreed upon to submission
Description:
Collections