This document describes a proposed software framework called SmartX that aims to provide advanced network security for the Windows operating system. SmartX seeks to overcome drawbacks of virtual private networks (VPNs) by reducing buffer copies and protocol overhead during network packet transmission. It uses a mutual identity algorithm for authentication between endpoints and 128-bit AES encryption of packets. The framework would reside in the Network Driver Interface Specification (NDIS) and modify packets before transmission to provide secure and efficient communication with reduced processing overhead compared to standard VPNs.
Identity Based Secure Routing For Wireless Ad-Hoc NetworksIDES Editor
In this paper, we propose an Identity (ID)-
based Secure Routing Scheme for secure routing in
wireless ad-hoc networks. It make use of Identity based
Signature scheme and hash chains to secure the AODV
(Ad-hoc on demand distance vector routing) messages.
We have used ID based Signature scheme for the
immutable fields, that is the fields that remain same
throughout the journey of the routing packet and Hash
Chains for the mutable fields (fields which changes from
node to node) e.g. Hop Count. This system has the
following advantages as compared to the previous
solutions, most of which uses RSA based Public Key
Cryptographic solutions. Firstly, it makes use of Identity
based signature scheme which is certificateless thus saving
overhead costs of communication and storage. Secondly,
in ID based schemes we can use our identity, like our IP
address or email ID as our public key, which leads to
smaller key size as compared to other cryptographic
techniques. Also this system does not require
establishment of any third party like PKI (Public-key
Infrastructure) at the initial stages of network
establishment
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
Identity Based Secure Routing For Wireless Ad-Hoc NetworksIDES Editor
In this paper, we propose an Identity (ID)-
based Secure Routing Scheme for secure routing in
wireless ad-hoc networks. It make use of Identity based
Signature scheme and hash chains to secure the AODV
(Ad-hoc on demand distance vector routing) messages.
We have used ID based Signature scheme for the
immutable fields, that is the fields that remain same
throughout the journey of the routing packet and Hash
Chains for the mutable fields (fields which changes from
node to node) e.g. Hop Count. This system has the
following advantages as compared to the previous
solutions, most of which uses RSA based Public Key
Cryptographic solutions. Firstly, it makes use of Identity
based signature scheme which is certificateless thus saving
overhead costs of communication and storage. Secondly,
in ID based schemes we can use our identity, like our IP
address or email ID as our public key, which leads to
smaller key size as compared to other cryptographic
techniques. Also this system does not require
establishment of any third party like PKI (Public-key
Infrastructure) at the initial stages of network
establishment
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
Design & Implementation of Secure AODV In Multicast Routing To Detect DDOS At...IJNSA Journal
The wireless ad hoc network is particularly vulnerable to DOS attacks due to its features of open medium, dynamic changing topology, cooperative algorithms, decentralization of the protocols, and lack of a clear line of defense is a growing problem in networks today. In Mobile Ad hoc Networks (MANET), various types of Denial of Service Attacks (DOS) are possible because of the inherent limitations of its routing protocols. In this paper we will secure the MANET from the DDOS attack. DDOS attacks are similar to DOS attacks but there is a difference between them and that is DDOS attacks involve breaking in to hundreds or thousands of machines, so for this reason, this attack called Distributed. Very often, systems that use for attack is a part of the networks and users of these systems don’t know about that, their systems used for attack to another systems. This kind of attack, consume more bandwidth and uses more sources in network. . In this work, we study the effect of one of the important attacks that called DDOS in MANET on most vulnerability protocol that named AODV. The product of this study is detection of DDOS attack by
using AODV (adhoc on demand distance vector) protocol. Proposed scheme is distributed in nature it has the capability to prevent Distributed DOS (DDOS) as well..
Analyzing the Impact of Eaves on Energy Consumption of AODV Routing Protocol ...ijwmn
In this dynamic world, communication is a sine qua non for development. Communication represents sharing of information which can be local or remote. Though local communications may occur face to face between individuals remote communications take place among people over long distances. Mobile ad hoc networks (MANETs) are becoming an interesting part of research due to the increasing growth of wireless devices (laptops, tablets, mobiles etc.) and as well as wireless internet facilities like 4G/Wi-Fi. A MANET is any infrastructure-less network formed by independent and self-configuring nodes. Each node acts as router. In order to send data, the source node initiates a routing process by using a routing protocol. The nature of the wireless medium is always insecure. So, during routing many attacks can take place. The main objective of an eavesdropper is to grab the confidential information in the network. This secret information is used by a malicious node to perform further attacks. Here, the entire problem lies in identifying the eavesdropper because the eavesdropper acts a normal node in the network. In this paper, we analyzed the impact of eavesdropper while executing an Ad hoc On Demand routing (AODV) protocol in MANETs. All the simulations are done using QualNet 5.1 network simulator. From the results, it is found that the network performance degrades in presence of an eavesdropper.
https://www.ijmst.com/
IJMST Volume 1 Issue 1, Manuscript 4
As the popularity of mobile devices and wireless networks significantly increased over the
past years. The wireless adhoc network has now become one of the most vibrant and active
fields of communication and networking research. These networks are a new generation of
networks offering unrestricted mobility without any underlying infrastructure. As their
principle application is in disastrous environments, security is critical. Various challenges are
faced in the adhoc environment, mostly due to the resource poorness of these networks. One
man confront in the design of these networks is their vulnerability to security attacks. The
solutions for conventional networks are usually not sufficient to provide efficient adhoc
operations. Just because of its wireless nature of communication and lack of any security
infrastructure raise several security problems and threats.
In this paper, we briefly review the threats an adhoc network faces and the security goals to
be achieved. Moreover, it also presents existing security schemes used in wireless adhoc
networks in order to handle security threats.
To mitigate Black-hole attack with CBDS in MANETIJERA Editor
Mobile ad-hoc network is self configured network that consist of mobile nodes which communicate with each other. Distributed self-organized nature of this network makes it venerable to various attacks likes DOS attack, Black hole attack, wormhole attack and jamming attack etc. Blackhole attack is one of the serious attack in network in which information loss occur which degrades the performance of network. In this work black hole attack is detected with the help of CBDS (cooperative Bait Detection Algorithm) and MD5 is used for the security purpose. This work is implemented in Network simulator and performance is checked on the bases of network parameters.
Trabalho de Sistemas Paralelos e Distribuidos : "Parallel and Distributed Computing: BOINC Grid Implementation" por Rodrigo Neves, Nuno Mestre, Francisco Machado e João Lopes
A Protocol/Scheme to mitigate DDos attacks using AODV Protocolijsrd.com
MANET(Mobile Adhoc Network) is an emerging technology and have great strength to be applied in battlefields and commercial applications such as traffic surveillance, MANET is infrastructure less without any centralized controller. Each node contains routing capability. Each device in a MANET is independent and can move in any direction. One of the major challenges wireless mobile ad-hoc networks face today is security, because no central controller exists. MANETs are a kind of wireless ad hoc networks that usually has a routable networking environment on top of a link layer ad hoc network. There are many security attacks in MANET and DDoS (Distributed denial of service) is one of them. Our main objective is seeing the effect of DDoS in routing, Packet Drop Rate, End to End Delay, no. of Collisions due to attack on network. And with these parameters and many more also we build secure IDS to detect this kind of attack and block it. In this thesis main objective is to study and implement the security against the DDOS attack. DDoS (Distributed Denial of Service) attacks in the networks are required to be prevented, as early as possible before reaching the victim node. DDos attack causes depletion of the network resources such as network bandwidth, disk space, CPU time, data structures, and network connections. Dealing with DDoS attacks is difficult due to their properties such as dynamic attack rates, big scale of botnets. DDos attack become more difficult to handle if it occurs in wireless network because of the properties of ad hoc network such as dynamic topologies, low battery life, Unicast routing Multicast routing , Frequency of updates or network overhead , scalability , mobile agent based routing ,power aware routing etc. Thus it is better to prevent the distributed denial of service attack rather than allowing it to occur and then taking the necessary steps to handle it. The following quantitative metrics Packet Delivery Ratio (PDR), Number of Collisions are to be used to evaluate the performance of DDoS attacks and their prevention techniques under different combinations in the fixed mobile ad hoc network. In our simulation, the effect of DDoS attacks under different number of attackers is studied.
A virtual private network gives secure access to LAN resources over a shared network infrastructure such as the internet. It can be conceptualized as creating a tunnel from one location to another, with Encrypted data traveling through the tunnel before being decrypted at its destination.
Design & Implementation of Secure AODV In Multicast Routing To Detect DDOS At...IJNSA Journal
The wireless ad hoc network is particularly vulnerable to DOS attacks due to its features of open medium, dynamic changing topology, cooperative algorithms, decentralization of the protocols, and lack of a clear line of defense is a growing problem in networks today. In Mobile Ad hoc Networks (MANET), various types of Denial of Service Attacks (DOS) are possible because of the inherent limitations of its routing protocols. In this paper we will secure the MANET from the DDOS attack. DDOS attacks are similar to DOS attacks but there is a difference between them and that is DDOS attacks involve breaking in to hundreds or thousands of machines, so for this reason, this attack called Distributed. Very often, systems that use for attack is a part of the networks and users of these systems don’t know about that, their systems used for attack to another systems. This kind of attack, consume more bandwidth and uses more sources in network. . In this work, we study the effect of one of the important attacks that called DDOS in MANET on most vulnerability protocol that named AODV. The product of this study is detection of DDOS attack by
using AODV (adhoc on demand distance vector) protocol. Proposed scheme is distributed in nature it has the capability to prevent Distributed DOS (DDOS) as well..
Analyzing the Impact of Eaves on Energy Consumption of AODV Routing Protocol ...ijwmn
In this dynamic world, communication is a sine qua non for development. Communication represents sharing of information which can be local or remote. Though local communications may occur face to face between individuals remote communications take place among people over long distances. Mobile ad hoc networks (MANETs) are becoming an interesting part of research due to the increasing growth of wireless devices (laptops, tablets, mobiles etc.) and as well as wireless internet facilities like 4G/Wi-Fi. A MANET is any infrastructure-less network formed by independent and self-configuring nodes. Each node acts as router. In order to send data, the source node initiates a routing process by using a routing protocol. The nature of the wireless medium is always insecure. So, during routing many attacks can take place. The main objective of an eavesdropper is to grab the confidential information in the network. This secret information is used by a malicious node to perform further attacks. Here, the entire problem lies in identifying the eavesdropper because the eavesdropper acts a normal node in the network. In this paper, we analyzed the impact of eavesdropper while executing an Ad hoc On Demand routing (AODV) protocol in MANETs. All the simulations are done using QualNet 5.1 network simulator. From the results, it is found that the network performance degrades in presence of an eavesdropper.
https://www.ijmst.com/
IJMST Volume 1 Issue 1, Manuscript 4
As the popularity of mobile devices and wireless networks significantly increased over the
past years. The wireless adhoc network has now become one of the most vibrant and active
fields of communication and networking research. These networks are a new generation of
networks offering unrestricted mobility without any underlying infrastructure. As their
principle application is in disastrous environments, security is critical. Various challenges are
faced in the adhoc environment, mostly due to the resource poorness of these networks. One
man confront in the design of these networks is their vulnerability to security attacks. The
solutions for conventional networks are usually not sufficient to provide efficient adhoc
operations. Just because of its wireless nature of communication and lack of any security
infrastructure raise several security problems and threats.
In this paper, we briefly review the threats an adhoc network faces and the security goals to
be achieved. Moreover, it also presents existing security schemes used in wireless adhoc
networks in order to handle security threats.
To mitigate Black-hole attack with CBDS in MANETIJERA Editor
Mobile ad-hoc network is self configured network that consist of mobile nodes which communicate with each other. Distributed self-organized nature of this network makes it venerable to various attacks likes DOS attack, Black hole attack, wormhole attack and jamming attack etc. Blackhole attack is one of the serious attack in network in which information loss occur which degrades the performance of network. In this work black hole attack is detected with the help of CBDS (cooperative Bait Detection Algorithm) and MD5 is used for the security purpose. This work is implemented in Network simulator and performance is checked on the bases of network parameters.
Trabalho de Sistemas Paralelos e Distribuidos : "Parallel and Distributed Computing: BOINC Grid Implementation" por Rodrigo Neves, Nuno Mestre, Francisco Machado e João Lopes
A Protocol/Scheme to mitigate DDos attacks using AODV Protocolijsrd.com
MANET(Mobile Adhoc Network) is an emerging technology and have great strength to be applied in battlefields and commercial applications such as traffic surveillance, MANET is infrastructure less without any centralized controller. Each node contains routing capability. Each device in a MANET is independent and can move in any direction. One of the major challenges wireless mobile ad-hoc networks face today is security, because no central controller exists. MANETs are a kind of wireless ad hoc networks that usually has a routable networking environment on top of a link layer ad hoc network. There are many security attacks in MANET and DDoS (Distributed denial of service) is one of them. Our main objective is seeing the effect of DDoS in routing, Packet Drop Rate, End to End Delay, no. of Collisions due to attack on network. And with these parameters and many more also we build secure IDS to detect this kind of attack and block it. In this thesis main objective is to study and implement the security against the DDOS attack. DDoS (Distributed Denial of Service) attacks in the networks are required to be prevented, as early as possible before reaching the victim node. DDos attack causes depletion of the network resources such as network bandwidth, disk space, CPU time, data structures, and network connections. Dealing with DDoS attacks is difficult due to their properties such as dynamic attack rates, big scale of botnets. DDos attack become more difficult to handle if it occurs in wireless network because of the properties of ad hoc network such as dynamic topologies, low battery life, Unicast routing Multicast routing , Frequency of updates or network overhead , scalability , mobile agent based routing ,power aware routing etc. Thus it is better to prevent the distributed denial of service attack rather than allowing it to occur and then taking the necessary steps to handle it. The following quantitative metrics Packet Delivery Ratio (PDR), Number of Collisions are to be used to evaluate the performance of DDoS attacks and their prevention techniques under different combinations in the fixed mobile ad hoc network. In our simulation, the effect of DDoS attacks under different number of attackers is studied.
A virtual private network gives secure access to LAN resources over a shared network infrastructure such as the internet. It can be conceptualized as creating a tunnel from one location to another, with Encrypted data traveling through the tunnel before being decrypted at its destination.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
2. network is vulnerable to attacks.
• An off-site user has intricacy connecting to the
private network, due to corporate firewalls.
• IPSec can inflict high CPU overhead on VPN
gateways due to the processing obligatory for packet
encryption/decryption and authentication.
• There is packet loss in VPN networks [8].
II. DETAILS OF NDIS ARCHITECTURE
NDIS is an acronym for Network Driver Interface
Specification. It performs a set of functions for the
network adapter drivers’ for instance registering and
Fig. 3 Detailed NDIS
apprehending hardware interrupts or communicating with
underlying network adapters. There are two major types of NDIS drivers which are
It permits a range of transport protocols like IPX, described here:
TCP/IP and Native ATM to communicate with network
adapters and other hardware devices. Once the A. NDIS Intermediate Drivers
communication between the network adapter and the Intermediate drivers or IM drivers are situated between
transport protocols has been accomplished, then the the Internet Protocol Layers and the MAC. The entire
exchange of packets or data can take place over the network traffic that is being received by the NIC card can
network in-use [2]. An imperative aspect of NDIS is that be controlled and scrutinized by the NDIS IM drivers.
it allows the components of higher-level protocols to be
Two types of interfaces are implemented by the NDIS
independent of the network adapter by means of a
IM drivers: the protocol interface and the miniport
standard interface.
interface. The miniport driver and protocol driver both
reside in the IM driver, and they communicate with the
miniport interface and the protocol interface respectively.
There are two types of NDIS IM drivers:
• LAN Emulation IM Driver: It is accountable for
transmuting the connectionless Transport’s LAN
format to the connection oriented format. ATM is a
paradigm of such a connection oriented format. It
transforms the packets in a format that can be
dispatched over a separate and a diverse medium.
• Filter Driver: Their objective is to perform exclusive
operations and procedures on those packets that are
transferred using or through them. Exclusive
operations resembling packet tracing, encryption and
compression can be performed on the packets.
Fig. 2 Communication between NDIS’ of terminals
B. NDIS Protocol Drivers
The Windows library offers a fully standardized
interface to implement a customized network adapter The second type of NDIS driver is the NDIS Protocol
driver for the Windows Operating system. The network Driver designed for the purpose of exporting a complete
architecture of Windows 2000 supports NDIS. NDIS in set of functions to the lower edge of the transport protocol
Windows 2000 encompasses of a special code file by the stack. The Protocol driver communicates with the NDIS
name Ndis.sys, also known as the NDIS wrapper. The in order to receive or transmit the packets. It binds to an
NDIS drivers are completely bounded by the NDIS IM driver or an underlying miniport driver which then
wrapper. Its key functionality is to provide a consistent exports interface to the upper edge of the stack. An
interface between the NDIS device drivers and the imperative aspect of the NDIS Protocol Driver is that it
protocol drivers. Additionally, the NDIS wrapper also may also sustain the Transport Driver Interface or the TDI
encloses certain supporting routines that assist in at the Upper edge. Additionally, it can also export
developing the NDIS drivers and make the overall interface to a high-level KM (Kernel-Mode) driver [2]. It
development process easier [4] [5]. can be achieved through a transport stack of drivers,
681
679
3. which can include the stack that supports the Transport
Driver Interface.
NDIS protocol drivers continuously make use of the
functions provided by the NDIS in order to communicate
with the underlying NDIS drivers. For instance, there is a
protocol driver using a connectionless lower-edge (may
be using Token Ring or Ethernet) that wishes to transmit
packets to the underlying NDIS driver; in such a case, the
protocol driver has to make a call of NdisSendPackets or
NdisSend. In order to set the Object Identifiers (OIDs) of
the connectionless drivers, the protocol driver has to
summon NdisRequest. If a protocol driver makes use of a Fig. 4 Internals of SmartX
connection oriented lower edge (e.g. ATM) then the
protocol driver must call NdisCoSendPackets in order to Wireless networks are particularly prone to such
dispatch network packets to the lower-edge or lower level sniffing attacks and applications within an
NDIS driver. For setting those OIDs that are supported by organization customarily do not secure the data.
connection oriented drivers, the protocol driver has to call Hence, by securing the data at the network level it is
NdisCoRequest [4]. ensured that all the data flowing out of a particular
node is safeguarded. When an out-bound packet
Protocol Drivers are more portable and manageable arrives at the NDIS module, the module encrypts the
amongst Microsoft OS that makes use of NDIS versions entire packet (i.e. from the start of the Ethernet header
of such functions. For the operating system to support till the end of the data) and creates one or more UDP
these protocol drivers, it must also support the Win32 packets out of it. If the size of the encrypted packet
interface. exceeds the MTU then it is split into two UDP packets.
The UDP packets are then dispatched to the destination
III. PROPOSED SOLUTION nodes where they are reassembled, if required and then
decrypted [1]. The software to be developed would
SmartX is a framework which secures the data provide a more efficient and secure method of packet
flowing in a network. The framework employs an exchange over a network. Packets transmitted using
infrastructure, called Mutual-Identity, to authenticate VPN are prone to both active and passive attacks. The
two workstations in a network and create a secure authentication of the 2 workstations trying to exchange
tunnel between the two endpoints. It is obligatory for packets over the network is done using Mutual-
each endpoint to contain a SmartX enabled module Identity. After successful authentication a tunnel is
which performs a set of alterations on each network established between the 2 workstations. An entry point
packet which is about to hit the wire. would be programmed in the NDIS code by means of
For Windows based systems, the module is a NDIS which the packets would be captured. These packets
(Network Driver Interface Specification) module which would then be processed by a 128-bit Advanced
is installed just above the network driver module. When Encryption Standard (AES 128-bit) encryption scheme
a network packet originates from one of the applications and would then be passed on to the tunnel for
and is to be passed on to the NIC driver, the NDIS delivery.At the receiver’s end, the packet would be
module intercepts the packet, encrypts it and then seized and would undergo the decryption to obtain the
forwards it to the NIC. When a packet arrives at the original packet. The output packet obtained would
NIC and is about to be forwarded to the application, then be sent up to the OSI layers for processing.
the NDIS module decrypts the packet and forwards it
to the concerned application.
The keys used for the encryption/decryption are IV. APPLICATIONS
provided by the Mutual-Identity key management
infrastructure. Each participating node has a set of • Systems using SmartX will have better CPU
user-space applications which perform Mutual-Identity performance due to reduced context switches and
authentication with the other nodes before transacting memory copies and improved security aspects.
data. Once the Mutual-Identity authentication is over, • It will eliminate the drawbacks involved in VPN
each of the two sides arrive at a set of keys which systems by usage of Mutual-Identity, which is a more
they utilize for data protection. The data flowing in a secure way of performing online transactions.
given network can be sniffed unless the applications
transacting the data have taken adequate measures in
protecting the data.
682
680
4. • SmartX proves to be helpful particularly in resistant over the network. Applications like encryption of
applications such as e-banking, defense, e-life data, compression of packets, and increased transfer rate
insurance. can be easily added to this software. It will also provide
• Provides Cloud Security. security in Cloud and will be beneficial for various
applications such as e-banking, e-life Insurance.
V. RESULT
REFERENCES
When a packet arrives at NIC, the packet is encrypted
using a session key for mutual authentication which is [1]. Suk Lee, Jee Hun Park, Kyoung Nam Ha, Kyung Chang Lee
provided by patent mutual identity algorithm. When this “WirelessNetworked Control System Using NDIS-based
Four-Layer Architecture for IEEE 802.11b” – 2008
packet hits the wire for transmission it is highly secured
[2]. He chaokai “Design and implementation of a personal
and resistant to the attack on the network. The throughput firewall Based on NDIS Intermediate Drivers”, Eighth ACIS
of the system is increased to a large extent by avoiding International Conference on Software Engineering, Artificial
the creation of multiple copies of the same data and Intelligence, Networking, and Parallel/Distributed
reducing the number of context switches. The processing Computing, 2007.
overhead of the system is also reduced by [3]. Yunhe Zhang, Zhitang Li, Song Mei, Cai Fu “Session-based
encrypting/decrypting the packet within the system itself Tunnel Scheduling Model in Multi-link Aggregate IPSec
by eliminating the need of extra protocol overhead. VPN”, 2009 Third International Conference on Multimedia
and Ubiquitous Engineering.
VI. CONCLUSION [4]. Jee Hun Park, Kyoung Nam Ha, Suk Lee, Kyung Chang Lee
“Performance Evaluation of NDIS-based four-layer
architecture with virtual scheduling algorithm for IEEE
Currently, VPN systems are being utilized throughout
802.11b”, International Conference on Control, Automation
the world. SmartX will eliminate the drawbacks involved and Systems 2007 Oct. 17-20, 2007 in COEX, Seoul, Korea.
in the Virtual Private Networks. It will thus improve the [5]. Shuo Dai, Ye Du “Design and Implementation of Dynamic
processing time of CPU and allow CPU to perform other Web Security and Defense Mechanism based on NDIS
work simultaneously during context switching. SmartX is Intermediate Driver”, 2009 Asia-Pacific Conference on
for the Windows operating system and it can also be Information Processing.
implemented for the Linux based system. It improves the [6]. William Sax, Carleton Jillson, William Wollman, Harry
memory management scheme. The major contribution of Jegers, “Experience with Prefix Discovery Servers and IPSec
the paper is to demonstrate the drawbacks of the Virtual VPN Gateways”.
Private Network and show how the SmartX will eliminate [7]. Olalekan Adeyinka, “Analysis of IPSec VPNs Performance in
its drawback and make the communication more secure A Multimedia Environment”.
[8]. Olalekan Adeyinka, “Analysis of problems associated with
and efficient. The SmartX will provide the additional
IPSec VPN Technology”.
level of security to the current world of communication
system. It makes the packet more secure and attack
683
681