Efcient Homomorphic Encryption on Integer

Vectors and Its Applications

Abstract:
The firewall is one of the central technologies allowing high-level access
control to organization networks. Packet matching in firewalls involves matching
on many fields from the TCP and IP packet header. At least five fields (protocol
numer! source and destination IP addresses! and ports" are involved in the
decision which rule applies to a given packet. #ith availale andwidth increasing
rapidly! very efficient matching algorithms need to e deployed in modern
firewalls to ensure that the firewall does not ecome a ottleneck $ince firewalls
need to filter all the traffic crossing the network perimeter! they should e ale to
sustain a very high throughput! or risk ecoming a ottleneck. Thus! algorithms
from computational geometry can e applied. In this paper we consider a classical
algorithm that we adapted to the firewall domain. #e call the resulting algorithm
%&eometric 'fficient (atching) (&'(". The &'( algorithm en*oys a logarithmic
matching time performance. +owever! the algorithm,s theoretical worst-case space
comple-ity is . (n/" for a rule-ase with n rules. 0ecause of this perceived high
space comple-ity! &'(-like algorithms were re*ected as impractical y earlier
works. Contrary to this conclusion! this paper shows that &'( is actually an
GLOBALSOFT TECHNOLOGIES
IEEE PROJECTS & SOFTWARE DEVELOPMENTS
IEEE FINAL YEAR PROJECTS|IEEE ENGINEERING PROJECTS|IEEE STUDENTS PROJECTS|IEEE
BULK PROJECTS|BE/BTECH/ME/MTECH/MS/MCA PROJECTS|CSE/IT/ECE/EEE PROJECTS
CELL: +91 9!9" #9$"% +91 99&&' #"(% +91 9!9" "(9$% +91 9($1! !$!$1
V)*)+: ,,,-.)/012304546738+*-649 M0)1 +6:)333.)/01*3:546738+*;9:0)1-86:
GLOBALSOFT TECHNOLOGIES
IEEE PROJECTS & SOFTWARE DEVELOPMENTS
IEEE FINAL YEAR PROJECTS|IEEE ENGINEERING PROJECTS|IEEE STUDENTS PROJECTS|IEEE
BULK PROJECTS|BE/BTECH/ME/MTECH/MS/MCA PROJECTS|CSE/IT/ECE/EEE PROJECTS
CELL: +91 9!9" #9$"% +91 99&&' #"(% +91 9!9" "(9$% +91 9($1! !$!$1
V)*)+: ,,,-.)/012304546738+*-649 M0)1 +6:)333.)/01*3:546738+*;9:0)1-86:
e-cellent choice. 0ased on statistics from real firewall rule-ases! we created a
Perimeter rules model that generates random! ut non-uniform! rule ases. #e
evaluated &'( via e-tensive simulation using the Perimeter rules model.
Existing System:
'-isting algorithms implement the %longest prefi- match) semantics! using
several different approaches.
The IP1 algorithm! which is ased on results! divides the search space into
elementary intervals y different prefi-es for each dimension! and finds the
est (longest" match for each such interval.
2irewall statefulness is commonly implemented y two separate search
mechanisms3 (i" a slow algorithm that implements the %first match)
semantics and compares a packet to all the rules! and (ii" a fast state lookup
mechanism that checks whether a packet elongs to an e-isting open flow.
In many firewalls! the slow algorithm is a naive linear search of the rule-
ase! while the state lookup mechanism uses a hash-tale or a search-tree
Disadvantages of Existing System:

There is no secure when the packet sending.
2irewall not used efore
Time consuming is high
Proposed System:
In the field of computational geometry! proposed an algorithm which solves
the point location prolem for n non-overlapping d-dimensional hyper-
rectangles! with a linear space re4uirement and . ((log n" (d56"" search
time.
In our case! we have overlapping d-dimensional hyper-rectangles! since
firewall rules can! and often do! overlap each other making rules overlap
The method firewall administrators use to implement intersection and
difference operations on sets of IP addresses or port numers.
These overlapping hyper-rectangles can e decomposed into non-
overlapping hyper-rectangles
A moment,s reflection shows that the numer of resulting non-overlapping
hyper-rectangles .
Advantages of Proposed System:
Packet filter firewall supports high speed.
The thing ehind this is that packet filter firewall has the directly connection
within e-ternal hosts 7 internal users.
Packet filters take decisions on the asis of the each packets! it doesn8t take
decision on the asis of the traffic conte-t.
It used to implement and enforce a security policy for communication
etween networks
Hardare !e"#irements:
$ystem 3 Pentium I9 :./ &+z.
+ard ;isk 3 /< &0.
=am 3 >6: (.
Softare !e"#irements:
.perating system 3 - #indows ?P.
Coding 1anguage 3 C@.net
;ata 0ase 3 $A1 $erver :<<>