Publication

Abstract : VPNs are widely used among organizations for securing their internal networks. This research demonstrates implementing the VPN environment and possible attack vectors of HTTP traffic over VPN connections. We also acknowledged the importance of software-defined perimeter or SDP by implementing it at a very basic level and mitigating the attacks that could be performed in a VPN environment. This research also focuses on the vulnerable area found in between the VPN client to the web server, where implementation of the MITM attack and cryptojacking using CoinIMP API service was successful. The architecture of software-defined perimeter based on zero-trust security model was studied. The client, controller, and gateway operations which are the three main important modules inside the SDP architecture were implemented using python script into three different virtual machines, respectively. Also tried the same attack on SDP environment and proved that software-defined perimeter is resilient to such attacks. SDP is capable of hiding the servers containing sensitive information from unauthorized users. SDP helps to overcome the MITM attacks and cryptojacking. Theoretical and practical implications of the results are discussed.