Secure Banking System

Visit the Repository

Project Overview

A client-server banking simulation developed in Java for COE817 (Network Security, W2025). It focuses on protecting financial transactions using encryption, message integrity checks, and secure session handling. Designed to reflect real-world ATM-server communication, the project features secure login, deposits, withdrawals, and balance inquiries through a Java Swing-based interface.

GUI Startup

Secure Registration

New users are registered through encrypted input and verified MACs, ensuring credentials aren't exposed in transit. Encryption is AES-based with secure session keys derived from a pre-shared key exchange.

Account Registration GUI

Transaction Handling

Users can securely deposit, withdraw, and check account balances. Every message is encrypted and MAC-verified, preventing tampering or replay attacks. Client-side encryption logic was integrated with GUI components to provide seamless secure functionality.

Deposit Screen

Balance and Withdrawals

Account balance queries and withdrawals go through encrypted request-response flows. MACs ensure integrity and prevent forged transactions. The server verifies and processes each transaction using thread-safe handlers.

Balance Inquiry GUI

Logs and Security Audits

Every transaction is recorded in both encrypted and plain-text (demo-only) logs. This ensures traceability while protecting sensitive data. Logging uses AES encryption, and supports internal audits or troubleshooting.

Unencrypted Log for Demo

Secure Logout

Sessions terminate cleanly on logout, clearing in-memory keys and confirming client disconnection. All commands from login to logout are secured end-to-end through cryptographic validation.

Logout Interface

Encrypted Logs and Database

After all transactions, encrypted logs are saved for secure auditing. The simulated database also reflects updates securely. These files demonstrate secure backend processing and how sensitive data is handled across sessions.

Encrypted Log File

Final Account State

The final database reflects successful deposits, withdrawals, and new registrations. Data integrity is preserved across client sessions and multithreaded server connections.

Final Database

Team Members

Hamid Javaheri

Simrat Gill

Mohammad Al-Shalabi

Syed Ammar Ali (Me)

My contributions included developing GUI components, integrating encryption into the ATM client, and collaborating on secure communication between the client and server.

← Back to Homepage