Testing the Data Protection Through Implementation of Secure Communication

Kasapović, Suad; Skejić, Emir; Huremović, Tarik

doi:10.2478/bhee-2021-0014

Abstract

The security of using applications in cloud services and on the Internet is an important topic in the field of engineering. In this paper, two laboratory tests for data transmission protection, specifically designed for different security analysis techniques, are presented and explained. During lab tests on public Wi-Fi networks from the MIDM (“Man in the Middle”) attacks, various monitoring techniques were applied, using a special lab test scenario with Kali Linux penetration tools by creating an SSH tunnel on an Android mobile device. These test benches allow easy data capturing, and the captured data is processed using available software programs. Expected outcomes, practical improvement and security performance assessment are presented in detail, and considered in terms of their value in security engineering. The aim of this paper is to detect and overcome some of the weaknesses of the application of security protocols in a Wi-Fi network environment.

References

[1] W. Stallings: Network Security Essentials: Applications and Standards, 4th Edition, Prentice Hall Press, Upper Saddle River, NJ, USA, pp. 170-188, 2010
Search in Google Scholar Back to article
[2] Z. Golebiewski, M. Kutylowski, F. Zagorski: Stealing Secrets with SSL/TLS and SSH – Kleptographic Attacks. In: Pointcheval D., Mu Y., Chen K. (Eds) Cryptology and Network Security, CANS, 200610.1007/11935070_13
Search in Google Scholar Back to article
[3] Lecture Notes in Computer Science, vol 4301 Springer, Berlin, Heidelberg. https://doi.org/10.1007/11935070_1310.1007/11935070_13
Search in Google Scholar Back to article
[4] M. Stahnke: Pro OpenSSH, Apress, pp. 147-164, 2006
Search in Google Scholar Back to article
[5] N. Smyth: Android Studio Development Essentials, eB-ookFrenzy, pp. 107, 201, 2015
Search in Google Scholar Back to article
[6] R. Cameron, N. R. Wyler: Juniper(r) Networks Secure Access SSL VPN Configuration Guide, April 2011, Syngress, ISBN: 9780080556635
Search in Google Scholar Back to article
[7] D. J. Barrett, R. Silverman: SSH, The Secure Shell: The Definitive Guide, O’Reilly, 2nd Edition, pp. 39-49, 2005
Search in Google Scholar Back to article
[8] T. Ylonen: The Secure Shell (SSH) Transport Layer Protocol, Informational RFC 4253, IETF, Network Working Group, 200610.17487/rfc4253
Search in Google Scholar Back to article
[9] D. W. Dieterle: Basic Security Testing with Kali Linux, eBook, ISBN-13: 978-1494861278, pp. 185-190, 2013
Search in Google Scholar Back to article
[10] T. Anjali, S. Krishna, Z. Poonam: Comparison between SSL and SSH in Network and Transport Layer, International Journal of Computer Science and Information Technologies, Vol. 6 (6), pp. 5432-5434, 2015
Search in Google Scholar Back to article
[11] A. Garimella, D. R. Kumar: Secure Shell – Its Significance in Networking (SSH), International Journal of Application or Innovation in Engineering & Management, Volume 4, Issue 3, pp. 187-196, March 2015
Search in Google Scholar Back to article
[12] R. W. Beggs: Mastering Kali Linux for Advanced Penetration Testing, Packt Publishing Ltd., pp. 258-278, 2014
Search in Google Scholar Back to article
[13] T. Ylonen, C. Lonvick: The Secure Shell (SSH) Protocol Architecture, RFC 4251, January 200610.17487/rfc4251
Search in Google Scholar Back to article
[14] Secure Shell Configuration Guide, Cisco IOS Release 15S, Americas Headquarters Cisco Systems, Inc., USA, 2015
Search in Google Scholar Back to article
[15] M. Souppaya, K. Scarfone, L. Feldman: Securing Interactive and Automated Access Management Using Secure Shell (SSH), National Institute of Standards and Technology U.S. Department of Commerce, January 2016
Search in Google Scholar Back to article

Testing the Data Protection Through Implementation of Secure Communication

Abstract

Paradigm

My account