This thesis is the result of work done on extending the capabilities of SOCKS protocol. SOCKS is an application layer network security protocol deployed in firewalls, standardized in Request For Comments (RFC) 1928 by the Internet Engineering Task Force (IETF) as SOCKS Version 5.

There are two proposed extensions to the SOCKS protocol made and implemented in this thesis. The first extension is the addition of multicast capabilities to the SOCKS protocol. The current standard of the protocol does not support multicasting and is suitable only for securing unicast TCP and UDP based applications. Multicast sessions are typically blocked by network firewalls protecting enterprise networks because of the nature of IP multicast and the security threats associated with such sessions. In such networks, the goals for adding multicast capabilities in the SOCKS protocol are to stream multicast sessions through the network boundaries in a secure and controlled fashion, hiding internal multicast sessions from being visible outside the network and preventing unwanted multicast sessions from the internet from being relayed into the network.

The second proposed extension is UDP tunneling intended for networks where UDP datagrams are blocked by firewalls for security reasons. UDP tunneling can be used to establish a trusted channel for forwarding UDP datagrams via a TCP or TLS tunnel from application nodes on another network through an insecure network like the internet. Each network will have a firewall running the new SOCKS protocol. Socks clients on one network can request the SOCKS server to transport UDP datagrams to an application or end point on the other network. The SOCKS server at the originating end, upon receipt of this request, will act as a client to the SOCKS server on the destination network. After exchanging SOCKS protocol messages, the two SOCKS severs will open a tunnel for transporting UDP datagrams across the two networks.

The proposed extensions to the SOCKS protocol are prototyped in a reference implementation. Performance evaluation has been conducted in a simulated test environment in order to evaluate the new schemes using the throughput, response time and packet delay as performance metrics. The obtained results have shown that the new schemes perform well under heavy load and do not impact the overall performance of the SOCKS server. Moreover, the results are very close to the results that were obtained by running the same tests without the use of the SOCKS server in a non-firewall environment proving that the overhead added by the new schemes in the SOCKS server is minimal and acceptable.