SlideShare a Scribd company logo

Smart x

Manjesh Mani
Manjesh Mani
Technology
1 of 4
Download to read offline
2012 Third International Conference on Intelligent Systems Modelling and Simulation SmartX – Advanced Network Security for Windows Opearating System Rushabh Luniya, Ankit Agarwal, Mayank Bhatnagar, Vishal Rathod, Delnaz Unwalla Department of Information Technology, Pune Institute of Computer Technology Pune, India rushabh.luniya@gmail.com Abstract—A software framework for secure and efficient communication between two nodes using the Windows II. CURRENT SCENARIO Operating system is proposed. The proposed system aims to Virtual Private Network is a private network which overcome the drawbacks of virtual private network, by makes use of the public network (mostly Internet) in order reducing the number of buffer copies and the protocol to associate remote sites or users together. Its fundamental overhead. It involves only a single copy of the data and a single context switch thus creating a tunnel between the two objective is to provide a secure and reliable private end points. It uses the patent mutual identity algorithm to connection. It allows a legitimate remote user to become secure the two end points of a tunnel. It uses a 128 bit an active component of a central network, using the advanced encryption standard algorithm for identical network scheme and addressing as the users on encryption/decryption. This framework resides on the NDIS the central network. VPN’s necessitate accurately (Network Driver Interface Specification). It performs a set authenticating the remote users, and often securing data of modifications on each network packet which is about to with encryption technologies to preclude disclosure of hit the wire. The system eliminates the drawback of VPN confidential information to unauthorized parties [3] [6]. A system by increasing the throughput and reducing the Secure VPN involves IPSec. processing overhead. Keywords- TCP protocol, NDIS, Windows Opearting System, Network security I. INTRODUCTION In the world of computers, security is the most imperative and foremost aspect. High data transfer rates and high throughput computers are of utmost importance. Therefore, various security aspects come into picture. Present system employs TCP/IP protocol for data exchange. Virtual Private Network allow any valid remote user to become part of a corporate central network, using the same network scheme and addressing as users on this central network. In the current Virtual Private Network Fig. 1 Virtual Private Network (VPN) scenario, there are certain drawbacks. Firstly, if a computer is connected to a VPN based network, all additional devices connected to it will also gain access A. Advantages to it. So, the network is vulnerable to attacks. Secondly, the number of copies created during context switching, • Extended connections across various geographic when a packet travels from one terminal to another, results locations without using a leased line. in inefficient memory management [8]. Hence, it • Enhanced security for exchanging data using consumes considerable amount of CPU time. To advanced encryption and authentication protocols. overcome this SmartX is being developed that would reside in Network Driver Interface Specification (NDIS). • Allows adding unlimited amount of capacity to the It deals to authenticate the end users using Mutual-Identity network without adding significant infrastructure [7]. which is a patent product and to encrypt and decrypt every packet of data that is being sent or received. The basic B. Disadvantages aim of the project is to eliminate the drawbacks of Virtual Private Networks and provide an additional level of • If a workstation is connected to an IPSec based security to the current communication system. network, all additional devices connected to it will also gain access to that workstation. Hence, the 978-0-7695-4668-1/12 $26.00 © 2012 IEEE 680 678 DOI 10.1109/ISMS.2012.43
network is vulnerable to attacks. • An off-site user has intricacy connecting to the private network, due to corporate firewalls. • IPSec can inflict high CPU overhead on VPN gateways due to the processing obligatory for packet encryption/decryption and authentication. • There is packet loss in VPN networks [8]. II. DETAILS OF NDIS ARCHITECTURE NDIS is an acronym for Network Driver Interface Specification. It performs a set of functions for the network adapter drivers’ for instance registering and Fig. 3 Detailed NDIS apprehending hardware interrupts or communicating with underlying network adapters. There are two major types of NDIS drivers which are It permits a range of transport protocols like IPX, described here: TCP/IP and Native ATM to communicate with network adapters and other hardware devices. Once the A. NDIS Intermediate Drivers communication between the network adapter and the Intermediate drivers or IM drivers are situated between transport protocols has been accomplished, then the the Internet Protocol Layers and the MAC. The entire exchange of packets or data can take place over the network traffic that is being received by the NIC card can network in-use [2]. An imperative aspect of NDIS is that be controlled and scrutinized by the NDIS IM drivers. it allows the components of higher-level protocols to be Two types of interfaces are implemented by the NDIS independent of the network adapter by means of a IM drivers: the protocol interface and the miniport standard interface. interface. The miniport driver and protocol driver both reside in the IM driver, and they communicate with the miniport interface and the protocol interface respectively. There are two types of NDIS IM drivers: • LAN Emulation IM Driver: It is accountable for transmuting the connectionless Transport’s LAN format to the connection oriented format. ATM is a paradigm of such a connection oriented format. It transforms the packets in a format that can be dispatched over a separate and a diverse medium. • Filter Driver: Their objective is to perform exclusive operations and procedures on those packets that are transferred using or through them. Exclusive operations resembling packet tracing, encryption and compression can be performed on the packets. Fig. 2 Communication between NDIS’ of terminals B. NDIS Protocol Drivers The Windows library offers a fully standardized interface to implement a customized network adapter The second type of NDIS driver is the NDIS Protocol driver for the Windows Operating system. The network Driver designed for the purpose of exporting a complete architecture of Windows 2000 supports NDIS. NDIS in set of functions to the lower edge of the transport protocol Windows 2000 encompasses of a special code file by the stack. The Protocol driver communicates with the NDIS name Ndis.sys, also known as the NDIS wrapper. The in order to receive or transmit the packets. It binds to an NDIS drivers are completely bounded by the NDIS IM driver or an underlying miniport driver which then wrapper. Its key functionality is to provide a consistent exports interface to the upper edge of the stack. An interface between the NDIS device drivers and the imperative aspect of the NDIS Protocol Driver is that it protocol drivers. Additionally, the NDIS wrapper also may also sustain the Transport Driver Interface or the TDI encloses certain supporting routines that assist in at the Upper edge. Additionally, it can also export developing the NDIS drivers and make the overall interface to a high-level KM (Kernel-Mode) driver [2]. It development process easier [4] [5]. can be achieved through a transport stack of drivers, 681 679
which can include the stack that supports the Transport Driver Interface. NDIS protocol drivers continuously make use of the functions provided by the NDIS in order to communicate with the underlying NDIS drivers. For instance, there is a protocol driver using a connectionless lower-edge (may be using Token Ring or Ethernet) that wishes to transmit packets to the underlying NDIS driver; in such a case, the protocol driver has to make a call of NdisSendPackets or NdisSend. In order to set the Object Identifiers (OIDs) of the connectionless drivers, the protocol driver has to summon NdisRequest. If a protocol driver makes use of a Fig. 4 Internals of SmartX connection oriented lower edge (e.g. ATM) then the protocol driver must call NdisCoSendPackets in order to Wireless networks are particularly prone to such dispatch network packets to the lower-edge or lower level sniffing attacks and applications within an NDIS driver. For setting those OIDs that are supported by organization customarily do not secure the data. connection oriented drivers, the protocol driver has to call Hence, by securing the data at the network level it is NdisCoRequest [4]. ensured that all the data flowing out of a particular node is safeguarded. When an out-bound packet Protocol Drivers are more portable and manageable arrives at the NDIS module, the module encrypts the amongst Microsoft OS that makes use of NDIS versions entire packet (i.e. from the start of the Ethernet header of such functions. For the operating system to support till the end of the data) and creates one or more UDP these protocol drivers, it must also support the Win32 packets out of it. If the size of the encrypted packet interface. exceeds the MTU then it is split into two UDP packets. The UDP packets are then dispatched to the destination III. PROPOSED SOLUTION nodes where they are reassembled, if required and then decrypted [1]. The software to be developed would SmartX is a framework which secures the data provide a more efficient and secure method of packet flowing in a network. The framework employs an exchange over a network. Packets transmitted using infrastructure, called Mutual-Identity, to authenticate VPN are prone to both active and passive attacks. The two workstations in a network and create a secure authentication of the 2 workstations trying to exchange tunnel between the two endpoints. It is obligatory for packets over the network is done using Mutual- each endpoint to contain a SmartX enabled module Identity. After successful authentication a tunnel is which performs a set of alterations on each network established between the 2 workstations. An entry point packet which is about to hit the wire. would be programmed in the NDIS code by means of For Windows based systems, the module is a NDIS which the packets would be captured. These packets (Network Driver Interface Specification) module which would then be processed by a 128-bit Advanced is installed just above the network driver module. When Encryption Standard (AES 128-bit) encryption scheme a network packet originates from one of the applications and would then be passed on to the tunnel for and is to be passed on to the NIC driver, the NDIS delivery.At the receiver’s end, the packet would be module intercepts the packet, encrypts it and then seized and would undergo the decryption to obtain the forwards it to the NIC. When a packet arrives at the original packet. The output packet obtained would NIC and is about to be forwarded to the application, then be sent up to the OSI layers for processing. the NDIS module decrypts the packet and forwards it to the concerned application. The keys used for the encryption/decryption are IV. APPLICATIONS provided by the Mutual-Identity key management infrastructure. Each participating node has a set of • Systems using SmartX will have better CPU user-space applications which perform Mutual-Identity performance due to reduced context switches and authentication with the other nodes before transacting memory copies and improved security aspects. data. Once the Mutual-Identity authentication is over, • It will eliminate the drawbacks involved in VPN each of the two sides arrive at a set of keys which systems by usage of Mutual-Identity, which is a more they utilize for data protection. The data flowing in a secure way of performing online transactions. given network can be sniffed unless the applications transacting the data have taken adequate measures in protecting the data. 682 680
• SmartX proves to be helpful particularly in resistant over the network. Applications like encryption of applications such as e-banking, defense, e-life data, compression of packets, and increased transfer rate insurance. can be easily added to this software. It will also provide • Provides Cloud Security. security in Cloud and will be beneficial for various applications such as e-banking, e-life Insurance. V. RESULT REFERENCES When a packet arrives at NIC, the packet is encrypted using a session key for mutual authentication which is [1]. Suk Lee, Jee Hun Park, Kyoung Nam Ha, Kyung Chang Lee provided by patent mutual identity algorithm. When this “WirelessNetworked Control System Using NDIS-based Four-Layer Architecture for IEEE 802.11b” – 2008 packet hits the wire for transmission it is highly secured [2]. He chaokai “Design and implementation of a personal and resistant to the attack on the network. The throughput firewall Based on NDIS Intermediate Drivers”, Eighth ACIS of the system is increased to a large extent by avoiding International Conference on Software Engineering, Artificial the creation of multiple copies of the same data and Intelligence, Networking, and Parallel/Distributed reducing the number of context switches. The processing Computing, 2007. overhead of the system is also reduced by [3]. Yunhe Zhang, Zhitang Li, Song Mei, Cai Fu “Session-based encrypting/decrypting the packet within the system itself Tunnel Scheduling Model in Multi-link Aggregate IPSec by eliminating the need of extra protocol overhead. VPN”, 2009 Third International Conference on Multimedia and Ubiquitous Engineering. VI. CONCLUSION [4]. Jee Hun Park, Kyoung Nam Ha, Suk Lee, Kyung Chang Lee “Performance Evaluation of NDIS-based four-layer architecture with virtual scheduling algorithm for IEEE Currently, VPN systems are being utilized throughout 802.11b”, International Conference on Control, Automation the world. SmartX will eliminate the drawbacks involved and Systems 2007 Oct. 17-20, 2007 in COEX, Seoul, Korea. in the Virtual Private Networks. It will thus improve the [5]. Shuo Dai, Ye Du “Design and Implementation of Dynamic processing time of CPU and allow CPU to perform other Web Security and Defense Mechanism based on NDIS work simultaneously during context switching. SmartX is Intermediate Driver”, 2009 Asia-Pacific Conference on for the Windows operating system and it can also be Information Processing. implemented for the Linux based system. It improves the [6]. William Sax, Carleton Jillson, William Wollman, Harry memory management scheme. The major contribution of Jegers, “Experience with Prefix Discovery Servers and IPSec the paper is to demonstrate the drawbacks of the Virtual VPN Gateways”. Private Network and show how the SmartX will eliminate [7]. Olalekan Adeyinka, “Analysis of IPSec VPNs Performance in its drawback and make the communication more secure A Multimedia Environment”. [8]. Olalekan Adeyinka, “Analysis of problems associated with and efficient. The SmartX will provide the additional IPSec VPN Technology”. level of security to the current world of communication system. It makes the packet more secure and attack 683 681

Recommended

Part06 infrastructure security
Part06 infrastructure securityPart06 infrastructure security
Part06 infrastructure securityLê Liêu
 
Identity Based Secure Routing For Wireless Ad-Hoc Networks
Identity Based Secure Routing For Wireless Ad-Hoc NetworksIdentity Based Secure Routing For Wireless Ad-Hoc Networks
Identity Based Secure Routing For Wireless Ad-Hoc NetworksIDES Editor
 
Module - Function Hardware
Module - Function HardwareModule - Function Hardware
Module - Function HardwareAzam Jumberi
 
Modul ict bi
Modul ict biModul ict bi
Modul ict biLina Eryna
 
Tivoli firewall magic redp0227
Tivoli firewall magic redp0227Tivoli firewall magic redp0227
Tivoli firewall magic redp0227Banking at Ho Chi Minh city
 
The latest development networks and communications (Microsoft Word)
The latest development networks and communications (Microsoft Word)The latest development networks and communications (Microsoft Word)
The latest development networks and communications (Microsoft Word)ainizbahari97
 
Routing security in ad hoc wireless network
Routing security in ad hoc wireless networkRouting security in ad hoc wireless network
Routing security in ad hoc wireless networkElanthendral Mariappan
 
Lt2520382043
Lt2520382043Lt2520382043
Lt2520382043IJERA Editor
 

Recommended

Part06 infrastructure security
Part06 infrastructure securityPart06 infrastructure security
Part06 infrastructure securityLê Liêu
 
Identity Based Secure Routing For Wireless Ad-Hoc Networks
Identity Based Secure Routing For Wireless Ad-Hoc NetworksIdentity Based Secure Routing For Wireless Ad-Hoc Networks
Identity Based Secure Routing For Wireless Ad-Hoc NetworksIDES Editor
 
Module - Function Hardware
Module - Function HardwareModule - Function Hardware
Module - Function HardwareAzam Jumberi
 
Modul ict bi
Modul ict biModul ict bi
Modul ict biLina Eryna
 
Tivoli firewall magic redp0227
Tivoli firewall magic redp0227Tivoli firewall magic redp0227
Tivoli firewall magic redp0227Banking at Ho Chi Minh city
 
The latest development networks and communications (Microsoft Word)
The latest development networks and communications (Microsoft Word)The latest development networks and communications (Microsoft Word)
The latest development networks and communications (Microsoft Word)ainizbahari97
 
Routing security in ad hoc wireless network
Routing security in ad hoc wireless networkRouting security in ad hoc wireless network
Routing security in ad hoc wireless networkElanthendral Mariappan
 
Lt2520382043
Lt2520382043Lt2520382043
Lt2520382043IJERA Editor
 
1ip Tunneling And Vpn Technologies 101220042129 Phpapp01
1ip Tunneling And Vpn Technologies 101220042129 Phpapp011ip Tunneling And Vpn Technologies 101220042129 Phpapp01
1ip Tunneling And Vpn Technologies 101220042129 Phpapp01Hussein Elmenshawy
 
Understanding senetas layer 2 encryption
Understanding senetas layer 2 encryptionUnderstanding senetas layer 2 encryption
Understanding senetas layer 2 encryptionSenetas
 
IRJET- A Survey of Working on Virtual Private Networks
IRJET- A Survey of Working on Virtual Private NetworksIRJET- A Survey of Working on Virtual Private Networks
IRJET- A Survey of Working on Virtual Private NetworksIRJET Journal
 
The latest development in network and communication
The latest development in network and communicationThe latest development in network and communication
The latest development in network and communicationMuhd Airil
 
Ensuring Privacy in opportunistic Network
Ensuring Privacy in opportunistic NetworkEnsuring Privacy in opportunistic Network
Ensuring Privacy in opportunistic NetworkIOSR Journals
 
Design & Implementation of Secure AODV In Multicast Routing To Detect DDOS At...
Design & Implementation of Secure AODV In Multicast Routing To Detect DDOS At...Design & Implementation of Secure AODV In Multicast Routing To Detect DDOS At...
Design & Implementation of Secure AODV In Multicast Routing To Detect DDOS At...IJNSA Journal
 
Signaling for multimedia conferencing in stand alone mobile ad hoc networks
Signaling for multimedia conferencing in stand alone mobile ad hoc networksSignaling for multimedia conferencing in stand alone mobile ad hoc networks
Signaling for multimedia conferencing in stand alone mobile ad hoc networksAlexander Decker
 
11.signaling for multimedia conferencing in stand alone mobile ad hoc networks
11.signaling for multimedia conferencing in stand alone mobile ad hoc networks11.signaling for multimedia conferencing in stand alone mobile ad hoc networks
11.signaling for multimedia conferencing in stand alone mobile ad hoc networksAlexander Decker
 
Analyzing the Impact of Eaves on Energy Consumption of AODV Routing Protocol ...
Analyzing the Impact of Eaves on Energy Consumption of AODV Routing Protocol ...Analyzing the Impact of Eaves on Energy Consumption of AODV Routing Protocol ...
Analyzing the Impact of Eaves on Energy Consumption of AODV Routing Protocol ...ijwmn
 
Lecture2 network attack
Lecture2 network attackLecture2 network attack
Lecture2 network attackrajakhurram
 
A Survey of Security Approaches for Wireless Adhoc Networks
A Survey of Security Approaches for Wireless Adhoc NetworksA Survey of Security Approaches for Wireless Adhoc Networks
A Survey of Security Approaches for Wireless Adhoc NetworksInternational Journal for management Science and Technology - https://www.ijmst.com/
 
341 345
341 345341 345
341 345Editor IJARCET
 
To mitigate Black-hole attack with CBDS in MANET
To mitigate Black-hole attack with CBDS in MANETTo mitigate Black-hole attack with CBDS in MANET
To mitigate Black-hole attack with CBDS in MANETIJERA Editor
 
Flooding attack manet
Flooding attack manetFlooding attack manet
Flooding attack manetMeena S Pandi
 
"Parallel and Distributed Computing: BOINC Grid Implementation" por Rodrigo N...
"Parallel and Distributed Computing: BOINC Grid Implementation" por Rodrigo N..."Parallel and Distributed Computing: BOINC Grid Implementation" por Rodrigo N...
"Parallel and Distributed Computing: BOINC Grid Implementation" por Rodrigo N...Núcleo de Electrónica e Informática da Universidade do Algarve
 
A Protocol/Scheme to mitigate DDos attacks using AODV Protocol
A Protocol/Scheme to mitigate DDos attacks using AODV ProtocolA Protocol/Scheme to mitigate DDos attacks using AODV Protocol
A Protocol/Scheme to mitigate DDos attacks using AODV Protocolijsrd.com
 
Ruckus BYOD whitepaper
Ruckus BYOD whitepaperRuckus BYOD whitepaper
Ruckus BYOD whitepaperMichal Jarski
 
IPS NAT and VPN.pptx
IPS NAT and VPN.pptxIPS NAT and VPN.pptx
IPS NAT and VPN.pptxkarthikvcyber
 
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICE
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICEA SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICE
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICEIRJET Journal
 
Virtual Private Network
Virtual Private NetworkVirtual Private Network
Virtual Private NetworkRicha Singh
 
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICE
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICEA SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICE
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICEKate Campbell
 
V P N
V P NV P N
V P Nbhathiji
 

More Related Content

What's hot

1ip Tunneling And Vpn Technologies 101220042129 Phpapp01
1ip Tunneling And Vpn Technologies 101220042129 Phpapp011ip Tunneling And Vpn Technologies 101220042129 Phpapp01
1ip Tunneling And Vpn Technologies 101220042129 Phpapp01Hussein Elmenshawy
 
Understanding senetas layer 2 encryption
Understanding senetas layer 2 encryptionUnderstanding senetas layer 2 encryption
Understanding senetas layer 2 encryptionSenetas
 
IRJET- A Survey of Working on Virtual Private Networks
IRJET- A Survey of Working on Virtual Private NetworksIRJET- A Survey of Working on Virtual Private Networks
IRJET- A Survey of Working on Virtual Private NetworksIRJET Journal
 
The latest development in network and communication
The latest development in network and communicationThe latest development in network and communication
The latest development in network and communicationMuhd Airil
 
Ensuring Privacy in opportunistic Network
Ensuring Privacy in opportunistic NetworkEnsuring Privacy in opportunistic Network
Ensuring Privacy in opportunistic NetworkIOSR Journals
 
Design & Implementation of Secure AODV In Multicast Routing To Detect DDOS At...
Design & Implementation of Secure AODV In Multicast Routing To Detect DDOS At...Design & Implementation of Secure AODV In Multicast Routing To Detect DDOS At...
Design & Implementation of Secure AODV In Multicast Routing To Detect DDOS At...IJNSA Journal
 
Signaling for multimedia conferencing in stand alone mobile ad hoc networks
Signaling for multimedia conferencing in stand alone mobile ad hoc networksSignaling for multimedia conferencing in stand alone mobile ad hoc networks
Signaling for multimedia conferencing in stand alone mobile ad hoc networksAlexander Decker
 
11.signaling for multimedia conferencing in stand alone mobile ad hoc networks
11.signaling for multimedia conferencing in stand alone mobile ad hoc networks11.signaling for multimedia conferencing in stand alone mobile ad hoc networks
11.signaling for multimedia conferencing in stand alone mobile ad hoc networksAlexander Decker
 
Analyzing the Impact of Eaves on Energy Consumption of AODV Routing Protocol ...
Analyzing the Impact of Eaves on Energy Consumption of AODV Routing Protocol ...Analyzing the Impact of Eaves on Energy Consumption of AODV Routing Protocol ...
Analyzing the Impact of Eaves on Energy Consumption of AODV Routing Protocol ...ijwmn
 
Lecture2 network attack
Lecture2 network attackLecture2 network attack
Lecture2 network attackrajakhurram
 
To mitigate Black-hole attack with CBDS in MANET
To mitigate Black-hole attack with CBDS in MANETTo mitigate Black-hole attack with CBDS in MANET
To mitigate Black-hole attack with CBDS in MANETIJERA Editor
 
Flooding attack manet
Flooding attack manetFlooding attack manet
Flooding attack manetMeena S Pandi
 
A Protocol/Scheme to mitigate DDos attacks using AODV Protocol
A Protocol/Scheme to mitigate DDos attacks using AODV ProtocolA Protocol/Scheme to mitigate DDos attacks using AODV Protocol
A Protocol/Scheme to mitigate DDos attacks using AODV Protocolijsrd.com
 
Ruckus BYOD whitepaper
Ruckus BYOD whitepaperRuckus BYOD whitepaper
Ruckus BYOD whitepaperMichal Jarski
 

What's hot (17)

1ip Tunneling And Vpn Technologies 101220042129 Phpapp01
1ip Tunneling And Vpn Technologies 101220042129 Phpapp011ip Tunneling And Vpn Technologies 101220042129 Phpapp01
1ip Tunneling And Vpn Technologies 101220042129 Phpapp01
 
Understanding senetas layer 2 encryption
Understanding senetas layer 2 encryptionUnderstanding senetas layer 2 encryption
Understanding senetas layer 2 encryption
 
IRJET- A Survey of Working on Virtual Private Networks
IRJET- A Survey of Working on Virtual Private NetworksIRJET- A Survey of Working on Virtual Private Networks
IRJET- A Survey of Working on Virtual Private Networks
 
The latest development in network and communication
The latest development in network and communicationThe latest development in network and communication
The latest development in network and communication
 
Ensuring Privacy in opportunistic Network
Ensuring Privacy in opportunistic NetworkEnsuring Privacy in opportunistic Network
Ensuring Privacy in opportunistic Network
 
Design & Implementation of Secure AODV In Multicast Routing To Detect DDOS At...
Design & Implementation of Secure AODV In Multicast Routing To Detect DDOS At...Design & Implementation of Secure AODV In Multicast Routing To Detect DDOS At...
Design & Implementation of Secure AODV In Multicast Routing To Detect DDOS At...
 
Signaling for multimedia conferencing in stand alone mobile ad hoc networks
Signaling for multimedia conferencing in stand alone mobile ad hoc networksSignaling for multimedia conferencing in stand alone mobile ad hoc networks
Signaling for multimedia conferencing in stand alone mobile ad hoc networks
 
11.signaling for multimedia conferencing in stand alone mobile ad hoc networks
11.signaling for multimedia conferencing in stand alone mobile ad hoc networks11.signaling for multimedia conferencing in stand alone mobile ad hoc networks
11.signaling for multimedia conferencing in stand alone mobile ad hoc networks
 
Analyzing the Impact of Eaves on Energy Consumption of AODV Routing Protocol ...
Analyzing the Impact of Eaves on Energy Consumption of AODV Routing Protocol ...Analyzing the Impact of Eaves on Energy Consumption of AODV Routing Protocol ...
Analyzing the Impact of Eaves on Energy Consumption of AODV Routing Protocol ...
 
Lecture2 network attack
Lecture2 network attackLecture2 network attack
Lecture2 network attack
 
A Survey of Security Approaches for Wireless Adhoc Networks
A Survey of Security Approaches for Wireless Adhoc NetworksA Survey of Security Approaches for Wireless Adhoc Networks
A Survey of Security Approaches for Wireless Adhoc Networks
 
341 345
341 345341 345
341 345
 
To mitigate Black-hole attack with CBDS in MANET
To mitigate Black-hole attack with CBDS in MANETTo mitigate Black-hole attack with CBDS in MANET
To mitigate Black-hole attack with CBDS in MANET
 
Flooding attack manet
Flooding attack manetFlooding attack manet
Flooding attack manet
 
"Parallel and Distributed Computing: BOINC Grid Implementation" por Rodrigo N...
"Parallel and Distributed Computing: BOINC Grid Implementation" por Rodrigo N..."Parallel and Distributed Computing: BOINC Grid Implementation" por Rodrigo N...
"Parallel and Distributed Computing: BOINC Grid Implementation" por Rodrigo N...
 
A Protocol/Scheme to mitigate DDos attacks using AODV Protocol
A Protocol/Scheme to mitigate DDos attacks using AODV ProtocolA Protocol/Scheme to mitigate DDos attacks using AODV Protocol
A Protocol/Scheme to mitigate DDos attacks using AODV Protocol
 
Ruckus BYOD whitepaper
Ruckus BYOD whitepaperRuckus BYOD whitepaper
Ruckus BYOD whitepaper
 

Similar to Smart x

IPS NAT and VPN.pptx
IPS NAT and VPN.pptxIPS NAT and VPN.pptx
IPS NAT and VPN.pptxkarthikvcyber
 
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICE
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICEA SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICE
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICEIRJET Journal
 
Virtual Private Network
Virtual Private NetworkVirtual Private Network
Virtual Private NetworkRicha Singh
 
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICE
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICEA SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICE
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICEKate Campbell
 
Computer networking xii
Computer networking xiiComputer networking xii
Computer networking xiisaltyp
 
Virtual Private Networks
Virtual Private NetworksVirtual Private Networks
Virtual Private NetworksDivam Goyal
 
Lan Virtual Networks
Lan Virtual NetworksLan Virtual Networks
Lan Virtual NetworksNicole Gomez
 
Virtual private network
Virtual private network Virtual private network
Virtual private network Parth Akbari
 
Computer Network Second Edition
Computer Network Second EditionComputer Network Second Edition
Computer Network Second EditionMd Saylab
 
A study-and-analysis-of-access-to-high-speed-connection-in-wireless-technology
A study-and-analysis-of-access-to-high-speed-connection-in-wireless-technologyA study-and-analysis-of-access-to-high-speed-connection-in-wireless-technology
A study-and-analysis-of-access-to-high-speed-connection-in-wireless-technologyaravindhawan
 
VPN & FIREWALL
VPN & FIREWALLVPN & FIREWALL
VPN & FIREWALLMoin Islam
 

Similar to Smart x (20)

IPS NAT and VPN.pptx
IPS NAT and VPN.pptxIPS NAT and VPN.pptx
IPS NAT and VPN.pptx
 
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICE
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICEA SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICE
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICE
 
Virtual Private Network
Virtual Private NetworkVirtual Private Network
Virtual Private Network
 
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICE
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICEA SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICE
A SURVEY OF COMPUTER NETWORKING THEORY AND PRACTICE
 
V P N
V P NV P N
V P N
 
Vpn
VpnVpn
Vpn
 
19 23
19 2319 23
19 23
 
Computer networking xii
Computer networking xiiComputer networking xii
Computer networking xii
 
Vpn rsvp
Vpn rsvpVpn rsvp
Vpn rsvp
 
Vpn networks kami
Vpn networks kamiVpn networks kami
Vpn networks kami
 
Virtual private networks
Virtual private networks Virtual private networks
Virtual private networks
 
Shradhamaheshwari vpn
Shradhamaheshwari vpnShradhamaheshwari vpn
Shradhamaheshwari vpn
 
Virtual Private Networks
Virtual Private NetworksVirtual Private Networks
Virtual Private Networks
 
Lt2520382043
Lt2520382043Lt2520382043
Lt2520382043
 
Lan Virtual Networks
Lan Virtual NetworksLan Virtual Networks
Lan Virtual Networks
 
Virtual private network
Virtual private network Virtual private network
Virtual private network
 
Computer Network Second Edition
Computer Network Second EditionComputer Network Second Edition
Computer Network Second Edition
 
Networking
NetworkingNetworking
Networking
 
A study-and-analysis-of-access-to-high-speed-connection-in-wireless-technology
A study-and-analysis-of-access-to-high-speed-connection-in-wireless-technologyA study-and-analysis-of-access-to-high-speed-connection-in-wireless-technology
A study-and-analysis-of-access-to-high-speed-connection-in-wireless-technology
 
VPN & FIREWALL
VPN & FIREWALLVPN & FIREWALL
VPN & FIREWALL
 

Recently uploaded

Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 

Recently uploaded (20)

Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 

Smart x

  • 1. 2012 Third International Conference on Intelligent Systems Modelling and Simulation SmartX – Advanced Network Security for Windows Opearating System Rushabh Luniya, Ankit Agarwal, Mayank Bhatnagar, Vishal Rathod, Delnaz Unwalla Department of Information Technology, Pune Institute of Computer Technology Pune, India rushabh.luniya@gmail.com Abstract—A software framework for secure and efficient communication between two nodes using the Windows II. CURRENT SCENARIO Operating system is proposed. The proposed system aims to Virtual Private Network is a private network which overcome the drawbacks of virtual private network, by makes use of the public network (mostly Internet) in order reducing the number of buffer copies and the protocol to associate remote sites or users together. Its fundamental overhead. It involves only a single copy of the data and a single context switch thus creating a tunnel between the two objective is to provide a secure and reliable private end points. It uses the patent mutual identity algorithm to connection. It allows a legitimate remote user to become secure the two end points of a tunnel. It uses a 128 bit an active component of a central network, using the advanced encryption standard algorithm for identical network scheme and addressing as the users on encryption/decryption. This framework resides on the NDIS the central network. VPN’s necessitate accurately (Network Driver Interface Specification). It performs a set authenticating the remote users, and often securing data of modifications on each network packet which is about to with encryption technologies to preclude disclosure of hit the wire. The system eliminates the drawback of VPN confidential information to unauthorized parties [3] [6]. A system by increasing the throughput and reducing the Secure VPN involves IPSec. processing overhead. Keywords- TCP protocol, NDIS, Windows Opearting System, Network security I. INTRODUCTION In the world of computers, security is the most imperative and foremost aspect. High data transfer rates and high throughput computers are of utmost importance. Therefore, various security aspects come into picture. Present system employs TCP/IP protocol for data exchange. Virtual Private Network allow any valid remote user to become part of a corporate central network, using the same network scheme and addressing as users on this central network. In the current Virtual Private Network Fig. 1 Virtual Private Network (VPN) scenario, there are certain drawbacks. Firstly, if a computer is connected to a VPN based network, all additional devices connected to it will also gain access A. Advantages to it. So, the network is vulnerable to attacks. Secondly, the number of copies created during context switching, • Extended connections across various geographic when a packet travels from one terminal to another, results locations without using a leased line. in inefficient memory management [8]. Hence, it • Enhanced security for exchanging data using consumes considerable amount of CPU time. To advanced encryption and authentication protocols. overcome this SmartX is being developed that would reside in Network Driver Interface Specification (NDIS). • Allows adding unlimited amount of capacity to the It deals to authenticate the end users using Mutual-Identity network without adding significant infrastructure [7]. which is a patent product and to encrypt and decrypt every packet of data that is being sent or received. The basic B. Disadvantages aim of the project is to eliminate the drawbacks of Virtual Private Networks and provide an additional level of • If a workstation is connected to an IPSec based security to the current communication system. network, all additional devices connected to it will also gain access to that workstation. Hence, the 978-0-7695-4668-1/12 $26.00 © 2012 IEEE 680 678 DOI 10.1109/ISMS.2012.43
  • 2. network is vulnerable to attacks. • An off-site user has intricacy connecting to the private network, due to corporate firewalls. • IPSec can inflict high CPU overhead on VPN gateways due to the processing obligatory for packet encryption/decryption and authentication. • There is packet loss in VPN networks [8]. II. DETAILS OF NDIS ARCHITECTURE NDIS is an acronym for Network Driver Interface Specification. It performs a set of functions for the network adapter drivers’ for instance registering and Fig. 3 Detailed NDIS apprehending hardware interrupts or communicating with underlying network adapters. There are two major types of NDIS drivers which are It permits a range of transport protocols like IPX, described here: TCP/IP and Native ATM to communicate with network adapters and other hardware devices. Once the A. NDIS Intermediate Drivers communication between the network adapter and the Intermediate drivers or IM drivers are situated between transport protocols has been accomplished, then the the Internet Protocol Layers and the MAC. The entire exchange of packets or data can take place over the network traffic that is being received by the NIC card can network in-use [2]. An imperative aspect of NDIS is that be controlled and scrutinized by the NDIS IM drivers. it allows the components of higher-level protocols to be Two types of interfaces are implemented by the NDIS independent of the network adapter by means of a IM drivers: the protocol interface and the miniport standard interface. interface. The miniport driver and protocol driver both reside in the IM driver, and they communicate with the miniport interface and the protocol interface respectively. There are two types of NDIS IM drivers: • LAN Emulation IM Driver: It is accountable for transmuting the connectionless Transport’s LAN format to the connection oriented format. ATM is a paradigm of such a connection oriented format. It transforms the packets in a format that can be dispatched over a separate and a diverse medium. • Filter Driver: Their objective is to perform exclusive operations and procedures on those packets that are transferred using or through them. Exclusive operations resembling packet tracing, encryption and compression can be performed on the packets. Fig. 2 Communication between NDIS’ of terminals B. NDIS Protocol Drivers The Windows library offers a fully standardized interface to implement a customized network adapter The second type of NDIS driver is the NDIS Protocol driver for the Windows Operating system. The network Driver designed for the purpose of exporting a complete architecture of Windows 2000 supports NDIS. NDIS in set of functions to the lower edge of the transport protocol Windows 2000 encompasses of a special code file by the stack. The Protocol driver communicates with the NDIS name Ndis.sys, also known as the NDIS wrapper. The in order to receive or transmit the packets. It binds to an NDIS drivers are completely bounded by the NDIS IM driver or an underlying miniport driver which then wrapper. Its key functionality is to provide a consistent exports interface to the upper edge of the stack. An interface between the NDIS device drivers and the imperative aspect of the NDIS Protocol Driver is that it protocol drivers. Additionally, the NDIS wrapper also may also sustain the Transport Driver Interface or the TDI encloses certain supporting routines that assist in at the Upper edge. Additionally, it can also export developing the NDIS drivers and make the overall interface to a high-level KM (Kernel-Mode) driver [2]. It development process easier [4] [5]. can be achieved through a transport stack of drivers, 681 679
  • 3. which can include the stack that supports the Transport Driver Interface. NDIS protocol drivers continuously make use of the functions provided by the NDIS in order to communicate with the underlying NDIS drivers. For instance, there is a protocol driver using a connectionless lower-edge (may be using Token Ring or Ethernet) that wishes to transmit packets to the underlying NDIS driver; in such a case, the protocol driver has to make a call of NdisSendPackets or NdisSend. In order to set the Object Identifiers (OIDs) of the connectionless drivers, the protocol driver has to summon NdisRequest. If a protocol driver makes use of a Fig. 4 Internals of SmartX connection oriented lower edge (e.g. ATM) then the protocol driver must call NdisCoSendPackets in order to Wireless networks are particularly prone to such dispatch network packets to the lower-edge or lower level sniffing attacks and applications within an NDIS driver. For setting those OIDs that are supported by organization customarily do not secure the data. connection oriented drivers, the protocol driver has to call Hence, by securing the data at the network level it is NdisCoRequest [4]. ensured that all the data flowing out of a particular node is safeguarded. When an out-bound packet Protocol Drivers are more portable and manageable arrives at the NDIS module, the module encrypts the amongst Microsoft OS that makes use of NDIS versions entire packet (i.e. from the start of the Ethernet header of such functions. For the operating system to support till the end of the data) and creates one or more UDP these protocol drivers, it must also support the Win32 packets out of it. If the size of the encrypted packet interface. exceeds the MTU then it is split into two UDP packets. The UDP packets are then dispatched to the destination III. PROPOSED SOLUTION nodes where they are reassembled, if required and then decrypted [1]. The software to be developed would SmartX is a framework which secures the data provide a more efficient and secure method of packet flowing in a network. The framework employs an exchange over a network. Packets transmitted using infrastructure, called Mutual-Identity, to authenticate VPN are prone to both active and passive attacks. The two workstations in a network and create a secure authentication of the 2 workstations trying to exchange tunnel between the two endpoints. It is obligatory for packets over the network is done using Mutual- each endpoint to contain a SmartX enabled module Identity. After successful authentication a tunnel is which performs a set of alterations on each network established between the 2 workstations. An entry point packet which is about to hit the wire. would be programmed in the NDIS code by means of For Windows based systems, the module is a NDIS which the packets would be captured. These packets (Network Driver Interface Specification) module which would then be processed by a 128-bit Advanced is installed just above the network driver module. When Encryption Standard (AES 128-bit) encryption scheme a network packet originates from one of the applications and would then be passed on to the tunnel for and is to be passed on to the NIC driver, the NDIS delivery.At the receiver’s end, the packet would be module intercepts the packet, encrypts it and then seized and would undergo the decryption to obtain the forwards it to the NIC. When a packet arrives at the original packet. The output packet obtained would NIC and is about to be forwarded to the application, then be sent up to the OSI layers for processing. the NDIS module decrypts the packet and forwards it to the concerned application. The keys used for the encryption/decryption are IV. APPLICATIONS provided by the Mutual-Identity key management infrastructure. Each participating node has a set of • Systems using SmartX will have better CPU user-space applications which perform Mutual-Identity performance due to reduced context switches and authentication with the other nodes before transacting memory copies and improved security aspects. data. Once the Mutual-Identity authentication is over, • It will eliminate the drawbacks involved in VPN each of the two sides arrive at a set of keys which systems by usage of Mutual-Identity, which is a more they utilize for data protection. The data flowing in a secure way of performing online transactions. given network can be sniffed unless the applications transacting the data have taken adequate measures in protecting the data. 682 680
  • 4. SmartX proves to be helpful particularly in resistant over the network. Applications like encryption of applications such as e-banking, defense, e-life data, compression of packets, and increased transfer rate insurance. can be easily added to this software. It will also provide • Provides Cloud Security. security in Cloud and will be beneficial for various applications such as e-banking, e-life Insurance. V. RESULT REFERENCES When a packet arrives at NIC, the packet is encrypted using a session key for mutual authentication which is [1]. Suk Lee, Jee Hun Park, Kyoung Nam Ha, Kyung Chang Lee provided by patent mutual identity algorithm. When this “WirelessNetworked Control System Using NDIS-based Four-Layer Architecture for IEEE 802.11b” – 2008 packet hits the wire for transmission it is highly secured [2]. He chaokai “Design and implementation of a personal and resistant to the attack on the network. The throughput firewall Based on NDIS Intermediate Drivers”, Eighth ACIS of the system is increased to a large extent by avoiding International Conference on Software Engineering, Artificial the creation of multiple copies of the same data and Intelligence, Networking, and Parallel/Distributed reducing the number of context switches. The processing Computing, 2007. overhead of the system is also reduced by [3]. Yunhe Zhang, Zhitang Li, Song Mei, Cai Fu “Session-based encrypting/decrypting the packet within the system itself Tunnel Scheduling Model in Multi-link Aggregate IPSec by eliminating the need of extra protocol overhead. VPN”, 2009 Third International Conference on Multimedia and Ubiquitous Engineering. VI. CONCLUSION [4]. Jee Hun Park, Kyoung Nam Ha, Suk Lee, Kyung Chang Lee “Performance Evaluation of NDIS-based four-layer architecture with virtual scheduling algorithm for IEEE Currently, VPN systems are being utilized throughout 802.11b”, International Conference on Control, Automation the world. SmartX will eliminate the drawbacks involved and Systems 2007 Oct. 17-20, 2007 in COEX, Seoul, Korea. in the Virtual Private Networks. It will thus improve the [5]. Shuo Dai, Ye Du “Design and Implementation of Dynamic processing time of CPU and allow CPU to perform other Web Security and Defense Mechanism based on NDIS work simultaneously during context switching. SmartX is Intermediate Driver”, 2009 Asia-Pacific Conference on for the Windows operating system and it can also be Information Processing. implemented for the Linux based system. It improves the [6]. William Sax, Carleton Jillson, William Wollman, Harry memory management scheme. The major contribution of Jegers, “Experience with Prefix Discovery Servers and IPSec the paper is to demonstrate the drawbacks of the Virtual VPN Gateways”. Private Network and show how the SmartX will eliminate [7]. Olalekan Adeyinka, “Analysis of IPSec VPNs Performance in its drawback and make the communication more secure A Multimedia Environment”. [8]. Olalekan Adeyinka, “Analysis of problems associated with and efficient. The SmartX will provide the additional IPSec VPN Technology”. level of security to the current world of communication system. It makes the packet more secure and attack 683 681