The article is devoted to the actual problem of overcoming the restrictions imposed by the IP Protocol and network technologies used in conjunction with it, in particular, address translation, on the structure of computer networks and the availability of its individual nodes. It proposes a method of building virtual network tunnels based on the principles of steganography using service network protocols, briefly describes the shortcomings of existing technologies of tunneling. The paper describes in detail the proposed method of steganographic encapsulation of network packets, describes the principles of formation of packet headers, provides examples of protocols for encapsulation. The material of the article is presented consistently, competently and meets the generally accepted requirements for scientific works. The presented approach to solving the problem of building virtual tunnels has scientific novelty and has practical value.

Keywords: Encapsulation, Internet protocols, multilevel network models, steganography, steganographic packet encapsulation, tunneling

The article is devoted to the actual problem of increasing the complexity of user passwords in systems with remote access to increase their information security. It proposes a method based on the integrated application of the input characters of the password and the time intervals between them. In the article, using the inhibitor time network Petri, a model of a dynamic password setting process was constructed, on its basis the process of forming a reference image and user authentication is described. The above calculations of increasing the complexity of the password prove the effectiveness of the proposed approach.

Keywords: authentication, password, dynamic process, Petri net, complexity, password retrieval

The article is devoted to the problem of data protection from interception as a result of the "man in the middle" attacks. The proposed technique for detecting these attacks is based on the analysis of the headers of transit packets passing through the default gateway. Based on the data obtained, a table of correspondence between IP and MAC addresses is constructed, for which software provides up-to-date and reliable information. The addresses of packets passing through the gateway are compared with the records in this table and, in case of a mismatch and impossibility of confirming the correctness of addresses in the headers of the channel and network layers, it is concluded that there is an additional intermediate node in the network that appeared as a result of the default gateway substitution. The article presents approaches to software implementation of this technique, describes the packet analysis algorithm.

Keywords: local area network, man-in-the-middle, DHCP-spoofing, ARP-poisoning, traffic analysis, gateway, network address, packet, ARP-table