“VIRTUAL PRIVATE NETWORK IN A NUTSHELL’’
Alsa Tibbit
??Cyber Security & AI Researcher ??? | Driving Innovation in APT Detection with eXplainable AI ?? | Engaged with Arm's MOJO & Soteria Projects
VPNs
What are they?
VPN stands for "Virtual Private Network" and encrypts user internet traffic and disguises user online identity. In simple words, VPN works like a filter that turns all the user data into "gibberish". The VPN also acts as a secure tunnel as is shown in Figure 1.
Figure 1 VPN mechanism source: https://www.avast.com/c-what-is-a-vpn
This first VPN was developed by Microsoft in 1996 as a way for remote employees to securely access the company’s internal network. Any device that connects to the internet can benefit from the privacy VPN programs offered, such as PC, Mac, Android, and iOS.
How do they work?
VPN describes as a service/program to establish a protected network connection when using public networks. A VPN hides the user’s IP address by letting the network redirect it through a specially configured remote server run by a VPN host. That way if a user surf online with a VPN, the VPN server becomes the source of user data. The user Internet Service Provider (ISP) and other third parties cannot see which websites the user visit or what data the user send and receive online like user online banking info.
What technology do they use?
Different VPNs will use different encryption processes. Encryption is a method of changing normal text into an unreadable jumble of code. A key, or decryptor, unscrambles the text and renders it back into readable information. With the usage of VPN, only the user device and the VPN provider contain the decryption key. Hence, anyone else trying to spy on the user would only see a mess of characters. The encryption takes place in real-time therefore if someone were to get their hands on the user data, it would be useless.
There are three main types of encryption: hashing, symmetric cryptography, and asymmetric cryptography. Each type has its own strengths and weaknesses, but they all succeed in scrambling the user data so that it is useless in anyone else’s hands.
Why are they used?
VPNs are utilized for a variety of reasons. They might be used by companies wanting to step up information security or by individuals and families protecting their privacy online. VPN makes it more difficult for third parties to track user activities online and steal data. With the help of a VPN, user online activities are hidden even on public networks.
VPN servers essentially act as the user proxies on the internet. Because the demographic location data comes from a server in another country, the user’s actual location cannot be determined. Moreover, most VPN services do not store logs of user activities. In contrast, some providers record the user behaviour but do not pass this information on to third parties. This means that any potential user behaviour remains permanently hidden.
Many streaming platforms are not available in every country like YouTube and Netflix. With VPN location spoofing the user can switch to a server in another country and effectively “change” her/his location. Otherwise, the user cannot access the content at home while traveling or access international content from home.
Another usage of VPN is to secure data transfer when the user works remotely by providing an additional layer of security on any network
In countries like Thailand, Indonesia, Russia, Iran, and China, where internet usage is restricted and censored, as many as one in five internet users utilize a VPN. Meanwhile, in the USA, UK, and Germany, the percentage of VPN users is lower but not insignificant, at around 5%.
Where are they used?
A VPN connection disguises the user data traffic online and protects it from external access. Unencrypted data can be viewed by anyone who has network access and wants to see it. With a VPN, hackers and cybercriminals can’t decipher this data.
领英推荐
Personal and private data can be compromised even though ISP may seem trustworthy. The police or government, other third parties, or hackers can use tools and check the network traffic. VPN prevents the user from leaving traces.
A good VPN can detect this sudden downtime and terminate preselected programs, reducing the likelihood that data is compromised.
Three popular VPNs are explained below:
Figure 2 Remote Access VPN source: https://www.purevpn.com/blog/types-of-vpn/
Figure 3 Site-to-Site VPN source: https://www.purevpn.com/blog/types-of-vpn/
Figure 4 Client-Based VPN source: https://www.purevpn.com/blog/types-of-vpn/
The three VPNs described above are based on an array of security protocols, each of which brings its own advantages and disadvantages. PPTP,L2TP, SSTP,OpenVPN,IKEv2,IPSec and WireGuard.
How good and secure are VPN providers?
VPN providers might have different types of services on offer based on the customer base they are targeting. There are several types of VPNs, and picking the right one comes down to the user’s expectations and needs. It is important to note that VPNs do not function like comprehensive anti-virus software to protect from Trojans, viruses, or other malware. If the user’s VPN provider is compromised, the user will be too. For this reason, it is essential the user choose a VPN provider carefully. Needless to say, it is challenging to find a service that works as well as it’s advertised.
References: