Journal of Computers, Vol 6, No 10 (2011), 2021-2028, Oct 2011
doi:10.4304/jcp.6.10.2021-2028

A Dynamic Security Mechanism for Web Services Based on NDIS Intermediate Drivers

Ye Du, Jiqiang Liu, Ruhui Zhang, Jieyuan Li

Abstract


Based on the analysis of several kinds of methods generally used to intercept network packets in different layers, a dynamic mechanism using NDIS intermediate drivers is proposed to protect web security, which can block malicious connection in real time. The mechanism is mainly composed of three components which include NDIS intermediate driver-based interception module, filter module and cooperation module. Characteristics of every component are also introduced. Then the system realization is discussed in detail. Finally, experiments results show that the system can detect attacks and intercept malicious packets effectively, and the time delay of the developed driver from intercepting to denying or passing data is small.


Keywords


network driver interface specification, security mechanism, packet interception, filter, web services

References


[1] Intrusion detection. http://en.wikipedia.org/wiki/Intrusion_ detection.

[2] Snort. http://www.snort.org

[3] Network Flight Recorder. http://www.nfr.com

[4] Microsoft. Microsoft Software Development Network. Microsoft Corporation,http://msdn.microsoft.com

[5] Microsoft. Windows 2003 Driver Development Kits Document. Microsoft Corporation. 2003

[6] Definition of NDIS. http://www.webopedia.com/TERM/N/NDIS.html

[7] Network Driver Interface Specification. http://en.wikipedia.org/wiki/Network_Driver_Interface_Specification

[8] Snort. http://www.snort.org/

[9] SNORT Users Manual. Sourcefire, Incorporation. October, 2009

[10] NDIS_PACKET Discussion. http://www.ndis.com/ndis-ndis5/ndispacket/ndispacket1.htm

[11] Snapp R S,Brentano James, et al. Dids (Distributed intrusion detection system) Motivation, Architecture, and An Early Prototype. Proceedings of Fourteenth National Computer Security Conference[C]. Washington, DC, 1991: 167-176P

[12] Mark Crosbie, Eugene Spafford. Defending a Computer System Using Autonomous Agents. Proceedings of the 18th National Information System Security Conference[C]. USA, 1995: 549-558P

[13] Yang, ZhiJun, Ma JunXiao, Tian Di, Zhou Bin. Research and implementation of IPSec protocol based on NDIS. Computer Engineering. Vol. 33, no. 22, pp. 166-168. 20 Nov. 2007

[14] F.M. Dong, J.F. Liu,R. Zhang. Double-layer intrusion detection method based on NDIS-HOOK and SPI. China-Ireland International Conference on Information and Communications Technologies (CIICT 2008). Beijing, China, 26-28 Sept. 2008
http://dx.doi.org/10.1049/cp:20080814

[15] James B. D. Joshi, Walid G. Aref, Arif Ghafoor, Eugene H. Spafford. Security models for web-based applications. Communications of the ACM, 2001, Vol. 44, No. 2, 38-44P

[16] He Chaokai. Design and implementation of a personal firewall Based on NDIS Intermediate Drivers. Proceedings of Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing, Qingdao, China, July 2007, 878-882P


Full Text: PDF


Journal of Computers (JCP, ISSN 1796-203X)

Copyright @ 2006-2013 by ACADEMY PUBLISHER – All rights reserved.