DOI: http://dx.doi.org/10.26483/ijarcs.v9i2.5873 Volume 9, No. 2, March-April 2018 International Journal of Advanced Research in Computer Science RESEARCH PAPER Available Online at www.ijarcs.info © 2015-19, IJARCS All Rights Reserved 646 ISSN No. 0976-5697 HYBRID SECURITY ARCHITECTURE FOR DATA COMMUNICATIONS (SADC) Tewhasom Aregay Head, Department of Computer Science Adigrat University Ethiopia Dr. M.Anand Kumar Professor, Department of Computer Science Adigrat University Ethiopia Abstract: Communication networks and Internet had a tremendous growth in the recent past years. Today most of the government sectors, financial institutions, corporations, military and others exchange huge amount of confidential information by using the Internet Application Layer security is a growing area of concern for developers, designers, quality assurance specialist and programmers. Application security is the prevention of flaws and vulnerability that occur in the design, development, and deployment of applications that run on application layer of TCP/IP Protocol Suite. Although IPv6 both simplifies and improves IPv4, it poses several significant security challenges. First, even though IPSec support is mandatory in IPv6, its use is not. Not using IPSec exposes a network to old IP-related attacks as well as attacks related to IPv6- specific features. A working IPSec infrastructure is also difficult to deploy and manage, further reducing IPSec’s use. Some problems that affect IPv4 networks such as application-layer attacks, rogue devices and packet flooding can also affect IPv6 networks. Finally, several other new, unanticipated security problems will arise as the hacking community starts actively targeting IPv6 networks. This paper proposes new security architecture for data communication. Keywords: Communication, Encryption, Decryption, Internet, IPv4, and IPv6. 1. INTRODUCTION Internet plays a vital role in exchange of information across the world. Today most of the government sectors, financial institutions, corporations, military and others exchange huge amount of confidential information using the Internet [1]. With the rapid growth in technology security became a crucial issue that is to be solved to protect the confidential information from the unauthorized users. The Internet today is being utilized by billions of clients for an extensive assortment of business and non business purposes. It is controlled by various elements [2]. It pointed out that Internet is mainly used as an efficient means for communication, entertainment and education. There is a need for protecting confidential data because of the rapid growth of Internet. The Internet was however originally designed for research and educational purpose and not for commercial applications. So Internet was not planned in view of security. As the Internet develops the current security structure was not satisfactory for the present application [3]. This was mostly because of the absence of security benefits in the TCP/IP Protocol Suite. The absence of confirmation instrument of TCP/IP Protocol Suite is fundamentally because of the poor security component of bundles and communicates nature of the lower layer conventions. Moreover there are no defense mechanisms for the application layer of the network model. IPSec do not provide any security for applications in application layer. Internet Control Message Protocol attacks is still possible which a major setback of IPv6 [4]. This research aims at designing, implementing and evaluating new security architecture as an alternate to the existing TCP/IP Protocol Suite with the objective of improving the security. The rest of the paper is presented as follows. In section II we describe the architecture of TCP/IP model followed by cryptographic algorithms in section III. We then describe the proposed architecture in section IV. In section V, we analyze the performance and finally conclude in section VI. 2. LITERATURE SURVEY The fast development of the present Internet, which works utilizing Internet Protocol adaptation 4(IPv4) has made various issues for the organization and operation of the worldwide systems. Parcel of research works was being finished by the examination groups to enhance the existing version of internet protocol. The work [5] called attention to the issues of the present rendition of Internet convention The author [6] displayed a few key upgrades offered by the Internet Protocol variant 6 (IPv6) over current Internet Protocol adaptation 4 (IPv4). For example, IPv6 tending to and directing ideas, changes to the base IPv6 parcel size, streams, and movement classes, the neighbor disclosure and hub auto design instruments. A few issues that influence IPv4 systems, for example, Reconnaissance, Unauthorized get to, Host introduction and related assaults, Routing assaults, DoS assault on DAD convention, Man-in-the-center assault, Multicast-based assaults and Spoofing assaults can likewise assault IPv6 systems. In addition a few other new unexpected security issues will probably develop as the hacking group begins effectively focusing on IPv6 systems. The paper [4] pointed out some of the security issues of IPv6. The work [7] proposed a security mechanism to enhance security for TCP/IP suite. The work adds three modules to TCP/IP model, for example, security arrangement, security control and information security layer. Not at all like IPsec, which