FINAL

DETECTION AND TRACE BACK SYSTEM USING
MONITORING STUBS
A PROJECT REPORT
Submitted by
SANTHOSHKUMAR.A
SRIRAM .S
in partial fulfillment for the award of the degree
of
BACHELOR OF ENGINEERING
in
COMPUTER SCIENCE AND ENGINEERING
MAAMALLAN INSTITUTE OF TECHNOLOGY, SRIPERUMPUDUR
ANNA UNIVERSITY: CHENNAI 600 025
APRIL 2011
ANNA UNIVERSITY: CHENNAI 600 025
BONAFIDE CERTIFICATE
Certified that this project report “DETECTION AND TRACE BACK
SYSTEM USING MONITORING STUBS” is the bonafide work of
“S.SRIRAM & A.SANTHOSHKUMAR “who carried out the project work
under my supervision.
SIGNATURE SIGNATURE
HEAD OF THE DEPARTMENT INTERNAL GUIDE
Lecturer,
Computer Science and Engineering, Computer Science and Engineering,
Maamallan Institute Of Technology, Maamallan Institute Of Technology,
Sriperumpudur, Chennai-602 105. Sriperumpudur, Chennai-602 105

ANNA UNIVERSITY
This project report is submitted for viva voice examination to be held on ………………
SRIRAM .A (20607104055)
Internal Examiner External Examiner

MAAMALLAN INSTITUTE OF TECHNOLOGY,
SRIPERUMPUDUR , CHENNAI 600 025
ACKNOWLEDGEMENT
First we thank the Almighty God for the successful completion of the project. . Our
sincere thanks to our chairman Mr. S. Meganathan B.E, F.I.E for his sincere endeavor in
educating us in his premier institution.
We would like to express our deep gratitude to our beloved chairperson Dr.(Mrs).
Thangam Meganathan,Ph.D., for her enthusiastic motivation which inspired us a lot in
completing this project.
We also express our gratitude to our principal, Dr.S.Renganarayanan,Ph.D., who

helped us in providing the required facilities in completing the project.
We would like to thank Dr.R.Geetharamani,Ph.D., Head of Department of

Computer Science and Engineering for her invaluable guidance and encouragement for
completing the project.
We would like to thank our supervisor Mrs .Susmita Mishra, M.E., and our project
coordinator Mr.M.Prakash, M.E.,MBA, for their invaluable guidance, ideas, advice and
encouragement for the successful completion of this project.We express our gratitude to our
parents and friends for their encouragement and support.
ABSTRACT
The unbridled growth of the Internet and the network-based applications has
contributed to enormous security leaks. Even the cryptographic protocols, which are used to
provide secure communication, are often targeted by diverse attacks. Intrusion detection
systems (IDSs) are often employed to monitor network traffic and host activities that may
lead to unauthorized accesses and attacks against vulnerable services. Most of the
conventional misuse-based and anomaly-based IDSs are ineffective against attacks targeted
at encrypted protocols since they heavily rely on inspecting the payload contents. To combat
against attacks on encrypted protocols, we propose an anomaly-based detection system by
using strategically distributed monitoring stubs (MSs). We have categorized various attacks
against cryptographic protocols. The MSs, by sniffing the encrypted traffic, extract features
for detecting these attacks and construct normal usage behaviour profiles. Upon detecting
suspicious activities due to the deviations from these normal profiles, the MSs notify the
victim servers, which may then take necessary actions. In addition to detecting attacks, the
MSs can also trace back the originating network of the attack. We call our unique approach
DTRAB since it focuses on both Detection and Trace Back in the MS level. The
effectiveness of the proposed detection and traceback methods are verified through
extensive simulations and Internet data sets.

TABLE OF CONTENTS
CHAPTER NO TITLE PAGE NO.
ACKNOWLEDGEMENT
ABSTRACT i
LIST OF FIGURES ii
LIST OF ABBREVATIONS iii
1 INTRODUCTION
1.1 About the Project 8
2 SYSTEM ANALYSIS
2.1 Existing system 9
2.2 Proposed system 9
2.3 System Design 10
3 REQUIREMENTS SPECIFICATION
3.1 Introduction 12
3.2 Hardwar
e and Software specification 12
3.3 Technologies Used 13
3.3.1 Java 13
3.3.1.1 Introduction to java 13
3.3.1.2 Working of java 15
4 SYSTEM DESIGN
3.4 Block Diagram
5 SYSTEM DESIGN – DETAILED
5.1 Modules 26
5.2 Module explanation 26
6 CODING AND TESTING
6.1 Coding 31
6.2 Coding standards 31
6.3 Test procedure 34
6.4 Test data and output 35
APPENDICES
REFERENCES
LIST OF FIGURES
Fig.No TITLE PAGE NO
4.1.1 User Authentication 11
4.1.2 Element Identification 12
4.1.3 Unsupervised Duplicate Detection 13
4.1.4 Ontology 14
5.1 UML Diagrams 15
5.1.1 UseCase Diagram 15
5.1.2 Activity Diagram 16
5.1.3 Class Diagram 17
5.1.4 Sequence Diagram 18
5.2 Architecture Diagram 19
5.3 System Architecture 20
5.4 Flow Diagram 25

INTRODUCTION
CHAPTER 1
INTRODUCTION
Aim
The mainstay of this project is to detect suspicious activities due to the deviations
from these normal profiles and notify the victim servers and necessary actions are taken. In
addition to detecting attacks, it can also trace back the originating network of the attack.
Synopsis
extensive simulations and Internet datasets.
CHAPTER - 2
LITERATURE SURVEY
2.1 EXISTING SYSTEM
Detecting Attacks:
Intrusion detection systems can be broadly categorized in two ways, namely

signature-based and anomaly-based detection techniques. A signature- IDS uses previously
stored attack descriptions to compare if a portion of the monitored network packets is
malicious. The attack descriptions or attack signatures may be simply stored as patterns or
may use complex approaches based on state machines or neural networks to map multiple
features to abstract the overall attack manifestation. Since a given signature is associated
with a known attack abstraction, a signature-based detector can usually assign names to
attacks with ease. If a similar attack manifestation is found, signature-based IDSs can
identify previously unseen attacks, which are equivalent to Known patterns. Having said
this, the signature-based detection schemes are inherently incapable of detecting truly novel
attacks and suffer from high rates of false alarms when attack signatures match both
intrusive and no intrusive patterns. On the other hand, the primary strength of an anomaly-
based detection scheme is its ability to recognize novel attacks. At first, statistical models
and artificial intelligence (AI) tools such as neural networks are employed to characterize a
normal profile. At the advent of a malicious event, an anomaly-based technique senses a
significant deviation from the normal profile. The drawbacks of the anomaly-based IDS
include higher false alarm rates and the difficulty in classifying or naming attacks.
Tracing B Other traceback approaches require the routers to generate additional
packets for each packet that passes through the routers. The victim host
receives both the original packets and these extra packets, which provide
identification of the originating routing devices. The obvious disadvantage of
this approach is an increase in the network traffic. In order to deal with this,
proposes an extra “trace-packet” to be enerated on a probabilistic basis.
2.2 PROPOSED SYSTEM
In DTRAB is classify the attacks there are two types such as,
1. Highly interactive attacks.
2. Low interactive attacks
1. Highly interactive attacks.
The goal of a Directory Traversal attack is to execute commands that will access
files that are intended to be restricted. . The MSs, by sniffing the encrypted traffic, extract
features for detecting these attacks and construct normal usage behaviour profiles. Upon
detecting suspicious activities due to the deviations from these normal profiles, the MSs
notify the victim servers, which may then take necessary actions. In addition to detecting
attacks, the MSs can also trace back the originating network of the attack. The monitoring
stubs are used to trace the attacker path and give the alert to the web server. The web server
then sends the FIN packet to the client end. The FIN packet is nothing but is used for
connection closed information. The proposed traceback mechanism relies on the
collaboration of the MSs to correlate monitored abnormal operations of the protocols (e.g.,
failed session rates) over time. Every MS stores the information of failed sessions that it
observes for both incoming and outgoing traffic. A list of collaborating MSs, with which the
MS can contact in order to reconstruct the attack path. Once an attack is detected, the MS
closest to the victim encrypted server goes to the “Trace-back mode.”
CHAPTER 3
REQUIREMENT SPECIFICATIONS
3.1 INTRODUCTION
The requirements specification is a technical specification of requirements for the

software products. It is the first step in the requirements analysis process it lists the
requirements of a particular software system including functional, performance and security
requirements. The requirements also provide usage scenarios from a user, an operational and
an administrative perspective. The purpose of software requirements specification is to
provide a detailed overview of the software project, its parameters and goals. This describes
the project target audience and its user interface, hardware and software requirements. It
defines how the client, team and audience see the project and its functionality.
3.2 HARDWARE AND SOFTWARE SPECIFICATION
3.2.1 HARDWARE REQUIREMENTS
 Hard Disk : 20GB and Above
 RAM : 512MB and Above
 Processor : Pentium III and Above
3.2.2 SOFTWARE REQUIREMENTS
 Operating System : Windows 2000 & Above

 JDK : JDK 1.6.0, JavaFx 1.3
 Browser : Tomcat 6.0
 Tools : NetBeans 6.1 Beta
3.2.2.1 SOFTWARE DESCRIPTION

JAVA:
It is a Platform Independent. Java is an object-oriented programming language

developed initially by James Gosling and colleagues at Sun Microsystems. The language,
initially called Oak (named after the oak trees outside Gosling's office), was intended to
replace C++, although the feature set better resembles that of Objective C.
3.2.2.1 WORKING OF JAVA
For those who are new to object-oriented programming, the concept of a class will
be new to you. Simplistically, a class is the definition for a segment of code that can
contain both data (called attributes) and functions (called methods).
When the interpreter executes a class, it looks for a particular method by the name
of main, which will sound familiar to C programmers. The main method is passed as a
parameter an array of strings (similar to the argv[] of C), and is declared as a static
method.
To output text from the program, we execute the println method of System.out,
which is java’s output stream. UNIX users will appreciate the thoery behind such a
stream, as it is actually standard output. For those who are instead used to the Wintel
platform, it will write the string passed to it to the user’s program.
Java consists of two things :
 Programming language
 platform
The following diagram shows the Java 2 Platform Standard Edition Architecture
The following are some of the features which have made Java one of the most popular
among the various available programming languages.
• Simple
Java was developed by taking the best points from other programming languages,
primarily C and C++. Java therefore utilizes algorithms and methodologies that are already
proven. Error prone tasks such as pointers and memory management have either been
eliminated or are handled by the Java environment automatically rather than by the
programmer. Since Java is primarily a derivative of C++ which most programmers are
conversant with, it implies that Java has a familiar feel rendering it easy to use.
• Object Oriented
Even though Java has the look and feel of C++, it is a wholly independent language
which has been designed to be object-oriented from the ground up. In object-oriented
programming (OOP), data is treated as objects to which methods are applied. Java's basic
execution unit is the class. Advantages of OOP include: reusability of code, extensibility
and dynamic applications
• Distributed
Commonly used Internet protocols such as HTTP and FTP as well as calls for
network access are built into Java. Internet programmers can call on the functions through
the supplied libraries and be able to access files on the Internet as easily as writing to a local
file system.
• Interpreted
When Java code is compiled, the compiler outputs the Java Byte code which is an
executable for the Java Virtual Machine. The Java Virtual Machine does not exist physically
but is the specification for a hypothetical processor that can run Java code.
The byte code is then run through a Java interpreter on any given platform that has the
interpreter ported to it. The interpreter converts the code to the target hardware and executes
it.
• Robust
Java compels the programmer to be thorough. It carries out type checking at both
compile and run time making sure that every data structure has been clearly defined and
typed. Java manages memory automatically by using an automatic garbage collector. The
garbage collector runs as a low priority thread in the background keeping track of all objects
and references to those objects in a Java program. When an object has no more references,
the garbage collector tags it for removal and removes the object either when there is an
immediate need for more memory or when the demand on processor cycles by the program
is low.
• Secure
The Java language has built-in capabilities to ensure that violations of security do
not occur. Consider a Java program running on a workstation on a local area network which
in turn is connected to the Internet. Being a dynamic and distributed computing
environment, the Java program can, at run-time, dynamically bring in the classes it needs to
run either from the workstation's hard drive, other computers on the local area network or a
computer thousands of miles away somewhere on the Internet. This ability of classes or
applets to come from unknown locations and execute automatically on a local computer
sounds like every system administrator's nightmare considering that there could be lurking
out there on one of the millions of computers on the Internet, some viruses, Trojan horses or
worms which can invade the local computer system and wreak havoc on it. Java goes to
great lengths to address these security issues by putting in place a very rigorous multilevel
system of security.
First and foremost, at compile time, pointers and memory allocation are removed
thereby eliminating the tools that a system breaker could use to gain access to system
resources. Memory allocation is deferred until run time.
Even though the Java compiler produces only correct Java code, there is still the
possibility of the code being tampered with between compilation and run time. Java guards
against this by using the byte code verifier to check the byte code for language compliance
when the code first enters the interpreter, before it ever even gets the chance to run.
• Portable
By porting an interpreter for the Java Virtual Machine to any computer
hardware/operating system, one is assured that all code compiled for it will run on that
system. This forms the basis for Java's portability. Another feature which Java employs in
order to guarantee portability is by creating a single standard for data sizes irrespective of
processor or operating system platforms.
• High Performance
The Java language supports many high-performance features such as multithreading,

just-in-time compiling, and native code usage.
Java has employed multithreading to help overcome the performance problems

suffered by interpreted code as compared to native code. Since an executing program hardly
ever uses CPU cycles 100 % of the time, Java uses the idle time to perform the necessary
garbage cleanup and general system maintenance that renders traditional interpreters slow in
executing applications.For instance a word processor can be carrying out spell check in one
document and printing a second document at the same time.
Since the byte code produced by the Java compiler from the corresponding source
code is very close to machine code, it can be interpreted very efficiently on any platform. In
cases where even greater performance is necessary than the interpreter can provide, just-in-
time compilation can be employed whereby the code is compiled at run-time to native code
before execution.An alternative to just-in-time compilation is to link in native C code. This
yields even greater performance but is more burdensome on the programmer and reduces the
portability of the code.
• Dynamic
By connecting to the Internet, a user immediately has access to thousands of

programs and other computers. During the execution of a program, Java can dynamically
load classes that it requires either from the local hard drive, from another computer on the
local area network or from a computer somewhere on the Internet.
APACHE TOMCAT SERVER

Apache Tomcat (formerly under the Apache Jakarta Project; Tomcat is now a top
level project) is a web container developed at the Apache Software Foundation. Tomcat
implements the servlet and the JavaServer Pages (JSP) specifications from Sun
Microsystems, providing an environment for Java code to run in cooperation with a web
server. It adds tools for configuration and management but can also be configured by editing
configuration files that are normally XML-formatted. Because Tomcat includes its own
HTTP server internally, it is also considered a standalone web server.
Environment
Tomcat is a web server that supports servlets and JSPs. Tomcat comes with the Jasper
compiler that compiles JSPs into servlets.
The Tomcat servlet engine is often used in combination with an Apache web server or other
web servers. Tomcat can also function as an independent web server. Earlier in its
development, the perception existed that standalone Tomcat was only suitable for
development environments and other environments with minimal requirements for speed
and transaction handling. However, that perception no longer exists; Tomcat is increasingly
used as a standalone web server in high-traffic, high-availability environments.
Since its developers wrote Tomcat in Java, it runs on any operating system that has a JVM.
Product features
Tomcat 3.x (initial release)
• implements the Servlet 2.2 and JSP 1.1 specifications
• servlet reloading
• basic HTTP functionality Tomcat 4.x
• servlet container redesigned as Catalina
• JSP engine redesigned as Jasper

• Coyote connector
• Java Management Extensions (JMX), JSP and Struts-based administration
Tomcat 5.x
• reduced garbage collection, improved performance and scalability
• native Windows and Unix wrappers for platform integration
• faster JSP paring
History
Tomcat started off as a servlet specification implementation by James Duncan Davidson, a
software architect at Sun. He later helped make the project open source and played a key
role in its donation by Sun to the Apache Software Foundation.
Davidson had initially hoped that the project would become open-sourced and, since most
open-source projects had O'Reilly books associated with them featuring an animal on the
cover, he wanted to name the project after an animal. He came up with Tomcat since he
reasoned the animal represented something that could take care of and fend for itself. His
wish to see an animal cover eventually came true when O'Reilly published their Tomcat
book with a tomcat on the cover
1. Introduction
Purpose
This project is to detect suspicious activities due to the deviations from these
normal profiles and notify the victim servers and necessary actions are taken. In addition to
detecting attacks, it can also trace back the originating network of the attack.
Project Scope
extensive simulations and Internet datasets.
2. Overall Description
Product Perspective
The MSs, by sniffing the encrypted traffic, extract features for detecting these
attacks and construct normal usage behaviour profiles. Upon detecting suspicious activities
due to the deviations from these normal profiles, the MSs notify the victim servers, which
may then take necessary actions. In addition to detecting attacks, the MSs can also trace
back the originating network of the attack. The monitoring stubs are used to trace the
attacker path and give the alert to the web server. The web server then sends the FIN packet
to the client end. The FIN packet is nothing but is used for connection closed information.
The proposed trace back mechanism relies on the collaboration of the MSs to correlate
monitored abnormal operations of the protocols (e.g., failed session rates) over time. Every
MS stores the information of failed sessions that it observes for both incoming and outgoing
traffic. A list of collaborating MSs, with which the MS can contact in order to reconstruct
the attack path. Once an attack is detected, the MS closest to the victim encrypted server
goes to the “Trace-back mode.”
Product Features
The Ms are used to monitor the SYN packet and FIN packet .Actually the
SYN packet are used for connection establish from the client end as well as FIN packet are
used for connection termination from server or client end. If the FIN packet is sending by
server means that is consider as attacker is there. Otherwise the clients send the FIN packet
to the server for close the connection properly by the end user.
User Classes and Characteristics
Home-It can be used to login the administrator and update the details into web server.
Studentlogin-This class can be used to login the student and get the details from
satudentinfo class.
Routerconnect –This class can be used to connect the end-user and the web server.
Response Receive-This class can be used to connect the particular URL to the end user.
2.4 Design and Implementation Constraints
2.5.1 Constraints in Analysis

♦ Constraints as Informal Text
♦ Constraints as Operational Restrictions
♦ Constraints Integrated in Existing Model Concepts
♦ Constraints as a Separate Concept
♦ Constraints Implied by the Model Structure
2.5.2 Constraints in Design
♦ Determination of the Involved Classes

♦ Determination of the Involved Objects
♦ Determination of the Involved Actions
♦ Determination of the Require Clauses
♦ Global actions and Constraint Realization
2.5.3 Constraints in Implementation
A hierarchical structuring of relations may result in more classes and a more

complicated structure to implement. Therefore it is advisable to transform the
hierarchical relation structure to a simpler structure such as a classical flat one. It
is rather straightforward to transform the developed hierarchical model into a
bipartite, flat model, consisting of classes on the one hand and flat relations on the
other. Flat relations are preferred at the design level for reasons of simplicity and
implementation ease. There is no identity or functionality associated with a flat
relation. A flat relation corresponds with the relation concept of entity-
relationship modeling and many object oriented methods.
3. System Features
Prevention:
The scope the project is preserve the server from the attacker .So that we have
implemented the project with highly effective .If the client request to the server means it
will go for through router, the monitoring stubs is monitor the each and every action from
the client .If the monitoring stubs is find any irregular request from the client means It will
intimate to the server then the server is block the particular client ip.The system require
internet explore to run the project. The project is run through the proxy configuration. So
that internet explore is highly recommended to run this project.
4. External Interface Requirements

User Interfaces
1. All the contents in the project are implemented using Graphical User Interface (GUI) in
Java through JavaFX concepts.
2. Every conceptual part of the projects is reflected using the JavaFX.
3. System gets the input and delivers through the GUI based.
Hardware Interfaces
Ethernet
Ethernet on the AS/400 supports TCP/IP, Advanced Peer-to-Peer Networking
(APPN) and advanced program-to-program communications (APPC).
ISDN
You can connect your AS/400 to an Integrated Services Digital Network
(ISDN) for faster, more accurate data transmission. An ISDN is a public or private digital
communications network that can support data, fax, image, and other services over the
same physical interface. Also, you can use other protocols on ISDN, such as IDLC and
X.25.
Software Interfaces
This software is interacted with the TCP/IP protocol, Socket and listening on unused
ports. Server Socket and listening on unused ports and JDK 1.6
Communication Interfaces
1. TCP/IP protocol.
2. LAN settings.
5. Other Nonfunctional Requirements
Performance Requirements
The project is implemented for the purpose of provide the security to the
server. So that we have to consider the each and every activity with highly security based. If
the user need to login with the help of syn packet there after only the server response to the
client. The client need to provide correct user id and password then only the server precedes
to next navigational link, otherwise the client could not go in front. The server and
monitoring stubs is listening each and every request from the client end .If the normal
threshold is exceed means the server initially find the attacker and then monitoring stub is
block the request from the attacker ip.
Safety Requirements
1. The software may be safety-critical. If so, there are issues associated with
its integrity level
2. The software may not be safety-critical although it forms part of a safety-

critical system. For example, software may simply log transactions.
3. If a system must be of a high integrity level and if the software is shown to

be of that integrity level, then the hardware must be at least of the same
integrity level.
4. There is little point in producing 'perfect' code in some language if

hardware and system software (in widest sense) are not reliable.
5. If a computer system is to run software of a high integrity level then that
system should not at the same time accommodate software of a lower
integrity level.
6. Systems with different requirements for safety levels must be separated.
7. Otherwise, the highest level of integrity required must be applied to all

systems in the same environment.
Security Requirements
Do not block the some available ports through the windows firewall
5.4 Software Quality Attributes
Functionality: are the required functions available, including Interoperability

and security
Reliability: maturity, fault tolerance and recoverability
Usability: how easy it is to understand, learn, and operate the software System
Efficiency: performance and resource behavior.
Maintainability: Maintaining the software.
Portability: can the software easily be transferred to another environment,

Including install ability
CHAPTER - 4
SYSTEM ANALYSIS
4.1. MODULES DESCRIPTION:
The modules in our project are:
4.1.1 Authentication
4.1.2 Client Information Registration
4.1.3 Client Request
4.1.1 Authentication
In first module, we have implemented admin login form using jsp, servlet and oracle
database. While the admin enter the username and password after give the event the process
goes to the servlet with SYN packet. Then admin credentials compare to the database if the
admin provide correct information then redirect to the student form, otherwise forward the
error page to the admin.
User Login
Authenticated page
Authentication
Admin Login User Page Admin Page

4.1.2 Client Information Registration:
In the second module, we have developed the record details form; this form contains basic
information about the student like name, fathername, dateof birth, register number etc., if
the details successfully filled in this form then press the update button mean the details will
be stored into the database.
This form contains the examination fees details like student name, register number and
number of papers and number of practical papers. These details are entered by the
administrator and stored into the server.
Student
Admin Database
Details
server
4.1.3 Client Request:
 Normal Client:
The final module is the client is after successfully login the client request to the server, the
server response to the particular client. The normal client could not made a continues
request to the server .So that the normal client request could not exceed the threshold
concept.
User Router Server
Database
 Attacker Client:
The final module is the client is after successfully login the client request to the server, the
server response to the particular client. The attacker client made a continues request to the
server .So that the threshold request is exceed, if the value is exceed means the particular
request is blocked by the server.
Attacker Router Server
Error page
CHAPTER 5
SYSTEM DESIGN
5.1 UML DIAGRAM
5.1.1 USE CASE DIAGRAM
5.1.2 ACTIVITY DIAGRAM

5.1.3 CLASS DIAGRAM
5.1.4 SQUENCE DIAGRAM
5.2 ARCHITECTURE DIAGRAM
LEGITIMATE MS
USER ROU
TER
ATTACKER
WEB
SERVER
CHAPTER 6
CODING AND TESTING

6.1 CODING
Once the design aspect of the system is finalizes the system enters into the coding and
testing phase. The coding phase brings the actual system into action by converting the
design of the system into the code in a given programming language. Therefore, a good
coding style has to be taken whenever changes are required it easily screwed into the
system.
6.2 CODING STANDARDS
Coding standards are guidelines to programming that focuses on the physical structure
and appearance of the program. They make the code easier to read, understand and maintain.
This phase of the system actually implements the blueprint developed during the design
phase. The coding specification should be in such a way that any programmer must be able
to understand the code and can bring about changes whenever felt necessary. Some of the
standard needed to achieve the above-mentioned objectives are as follows:
Program should be simple, clear and easy to understand.
Naming conventions
Value conventions
Script and comment procedure
Message box format
Exception and error handling
6.2.1 NAMING CONVENTIONS
Naming conventions of classes, data member, member functions, procedures etc.,

should be self-descriptive. One should even get the meaning and scope of the variable by its
name. The conventions are adopted for easy understanding of the intended message by the
user. So it is customary to follow the conventions. These conventions are as follows:
Class names
Class names are problem domain equivalence and begin with capital letter and have mixed
cases.
Member Function and Data Member name
Member function and data member name begins with a lowercase

letter with each subsequent letters of the new words in uppercase and the rest of letters in
lowercase.
6.2.2 VALUE CONVENTIONS
Value conventions ensure values for variable at any point of time. This involves the
following:
 Proper default values for the variables.
 Proper validation of values in the field.
 Proper documentation of flag values.
6.2.3 SCRIPT WRITING AND COMMENTING STANDARD
Script writing is an art in which indentation is utmost important. Conditional and

looping statements are to be properly aligned to facilitate easy understanding. Comments are
included to minimize the number of surprises that could occur when going through the code.
6.2.4 MESSAGE BOX FORMAT
When something has to be prompted to the user, he must be able to understand it

properly. To achieve this, a specific format has been adopted in displaying messages to the
user. They are as follows:
 X – User has performed illegal operation.

 ! – Information to the user.
6.3 TEST PROCEDURE
SYSTEM TESTING
Testing is performed to identify errors. It is used for quality assurance.
Testing is an integral part of the entire development and maintenance process. The goal of
the testing during phase is to verify that the specification has been accurately and
completely incorporated into the design, as well as to ensure the correctness of the design
itself. For example the design must not have any logic faults in the design is detected before
coding commences, otherwise the cost of fixing the faults will be considerably higher as
reflected. Detection of design faults can be achieved by means of inspection as well as
walkthrough.
Testing is one of the important steps in the software development phase. Testing
checks for the errors, as a whole of the project testing involves the following test cases:
 Static analysis is used to investigate the structural properties of the Source code.
 Dynamic testing is used to investigate the behavior of the source code by executing
the program on the test data.
6.4 TEST DATA AND OUTPUT
6.4.1 UNIT TESTING
Unit testing is conducted to verify the functional performance of each modular

component of the software. Unit testing focuses on the smallest unit of the software design
(i.e.), the module. The white-box testing techniques were heavily employed for unit testing.
6.4.2 FUNCTIONAL TESTS

Functional test cases involved exercising the code with nominal input values
for which the expected results are known, as well as boundary values and special values,
such as logically related inputs, files of identical elements, and empty files.
Three types of tests in Functional test:
 Performance Test
 Stress Test
 Structure Test
6.4.3 PERFORMANCE TEST
It determines the amount of execution time spent in various parts of the unit, program
throughput, and response time and device utilization by the program unit.
6.4.4 STRESS TEST
Stress Test is those test designed to intentionally break the unit. A Great deal can
be learned about the strength and limitations of a program by examining the manner in
which a programmer in which a program unit breaks.
6.4.5 STRUCTURED TEST
Structure Tests are concerned with exercising the internal logic of a program and
traversing particular execution paths. The way in which White-Box test strategy was
employed to ensure that the test cases could Guarantee that all independent paths within a
module have been have been exercised at least once.
 Exercise all logical decisions on their true or false sides.

 Execute all loops at their boundaries and within their operational bounds.
 Exercise internal data structures to assure their validity.
 Checking attributes for their correctness.
 Handling end of file condition, I/O errors, buffer problems and textual errors
in output information
6.4.6 INTEGRATION TESTING
Integration testing is a systematic technique for construction the program

structure while at the same time conducting tests to uncover errors associated with
interfacing. i.e., integration testing is the complete testing of the set of modules which
makes up the product. The objective is to take untested modules and build a program
structure tester should identify critical modules. Critical modules should be tested as early as
possible. One approach is to wait until all the units have passed testing, and then combine
them and then tested. This approach is evolved from unstructured testing of small programs.
Another strategy is to construct the product in increments of tested units. A small set of
modules are integrated together and tested, to which another module is added and tested in
combination. And so on. The advantages of this approach are that, interface dispenses can
be easily found and corrected.
The major error that was faced during the project is linking error. When all the
modules are combined the link is not set properly with all support files. Then we checked
out for interconnection and the links. Errors are localized to the new module and its
intercommunications. The product development can be staged, and modules integrated in as
they complete unit testing. Testing is completed when the last module is integrated and
tested.
6.5 TESTING TECHNIQUES / TESTING STRATERGIES
6.5.1 TESTING
Testing is a process of executing a program with the intent of finding an error. A

good test case is one that has a high probability of finding an as-yet –undiscovered error. A
successful test is one that uncovers an as-yet- undiscovered error. System testing is the stage
of implementation, which is aimed at ensuring that the system works accurately and
efficiently as expected before live operation commences. It verifies that the whole set of
programs hang together. System testing requires a test consists of several key activities and
steps for run program, string, system and is important in adopting a successful new system.
This is the last chance to detect and correct errors before the system is installed for user
acceptance testing.
The software testing process commences once the program is created and the
documentation and related data structures are designed. Software testing is essential for
correcting errors. Otherwise the program or the project is not said to be complete. Software
testing is the critical element of software quality assurance and represents the ultimate the
review of specification design and coding. Testing is the process of executing the program
with the intent of finding the error. A good test case design is one that as a probability of
finding an yet undiscovered error. A successful test is one that uncovers an yet undiscovered
error. Any engineering product can be tested in one of the two ways:
6.5.1.1 WHITE BOX TESTING
This testing is also called as Glass box testing. In this testing, by knowing the
specific functions that a product has been design to perform test can be conducted that
demonstrate each function is fully operational at the same time searching for errors in each
function. It is a test case design method that uses the control structure of the procedural
design to derive test cases. Basis path testing is a white box testing.
Basis path testing:
 Flow graph notation

 Cyclometric complexity
 Deriving test cases
 Graph matrices Control
6.5.1.2 BLACK BOX TESTING
In this testing by knowing the internal operation of a product, test can be

conducted to ensure that “all gears mesh”, that is the internal operation performs according
to specification and all internal components have been adequately exercised. It
fundamentally focuses on the functional requirements of the software.
The steps involved in black box test case design are:
 Graph based testing methods

 Equivalence partitioning
 Boundary value analysis
 Comparison testing
6.5.2 SOFTWARE TESTING STRATEGIES:
A software testing strategy provides a road map for the software developer. Testing
is a set activity that can be planned in advance and conducted systematically. For this reason
a template for software testing a set of steps into which we can place specific test case
design methods should be strategy should have the following characteristics:
 Testing begins at the module level and works “outward” toward the
integration of the entire computer based system.
 Different testing techniques are appropriate at different points in time.
 The developer of the software and an independent test group conducts
testing.
 Testing and Debugging are different activities but debugging must be
accommodated in any testing strategy.
6.5.2.1 INTEGRATION TESTING:
Integration testing is a systematic technique for constructing the program

structure while at the same time conducting tests to uncover errors associated with.
Individual modules, which are highly prone to interface errors, should not be assumed to
work instantly when we put them together. The problem of course, is “putting them
together”- interfacing. There may be the chances of data lost across on another’s sub
functions, when combined may not produce the desired major function; individually
acceptable impression may be magnified to unacceptable levels; global data structures can
present problems.
6.5.2.2 PROGRAM TESTING:
The logical and syntax errors have been pointed out by program testing. A
syntax error is an error in a program statement that in violates one or more rules of the
language in which it is written. An improperly defined field dimension or omitted keywords
are common syntax error. These errors are shown through error messages generated by the
computer. A logic error on the other hand deals with the incorrect data fields, out-off-range
items and invalid combinations. Since the compiler s will not deduct logical error, the
programmer must examine the output. Condition testing exercises the logical conditions
contained in a module. The possible types of elements in a condition include a Boolean
operator, Boolean variable, a pair of Boolean parentheses A relational operator or on
arithmetic expression. Condition testing method focuses on testing each condition in the
program the purpose of condition test is to deduct not only errors in the condition of a
program but also other a errors in the program.
6.5.2.3 SECURITY TESTING:
Security testing attempts to verify the protection mechanisms built in to a system

well, in fact, protect it from improper penetration. The system security must be tested for
invulnerability from frontal attack must also be tested for invulnerability from rear attack.
During security, the tester places the role of individual who desires to penetrate system.
6.5.2.4 VALIDATION TESTING

At the culmination of integration testing, software is completely assembled as a
package. Interfacing errors have been uncovered and corrected and a final series of software
test-validation testing begins. Validation testing can be defined in many ways, but a simple
definition is that validation succeeds when the software functions in manner that is
reasonably expected by the customer. Software validation is achieved through a series of
black box tests that demonstrate conformity with requirement. After validation test has been
conducted, one of two conditions exists.
* The function or performance characteristics confirm to specifications and are accepted.

* A validation from specification is uncovered and a deficiency created.
Deviation or errors discovered at this step in this project is corrected prior to

completion of the project with the help of the user by negotiating to establish a method for
resolving deficiencies. Thus the proposed system under consideration has been tested by
using validation testing and found to be working satisfactorily. Though there were
deficiencies in the system they were not catastrophic
6.5.2.5 USER ACCEPTANCE TESTING
User acceptance of the system is key factor for the success of any system. The
system under consideration is tested for user acceptance by constantly keeping in touch with
prospective system and user at the time of developing and making changes whenever
required. This is done in regarding to the following points.
• Input screen design.

• Output screen design.
CHAPTER - 8
APPENDICES
8.1 SAMPLE CODING
<%@ page language="java" import="java.net.*;"%>

<html>
<head>
<link href="calendar.css" rel="stylesheet" type="text/css">
<script type="text/javascript" language="javascript">
function fun2()
{
if(document.loginvalid.loginname.value==null ||document.loginvalid.loginname.value=="")
{
alert("ENTER YOUR LOGIN ID");
return false;
}
if(document.loginvalid.Password.value==null ||document.loginvalid.Password.value=="")
{
alert("ENTER YOUR PASSWORD");
return false;
}
else
{
var n1=document.loginvalid.loginname.value;
var n2=document.loginvalid.Password.value;
var Request=document.loginvalid.Request.value;
var fin=document.loginvalid.SYN.value;
var add=document.loginvalid.add
var sys=document.loginvalid.sys.value;
var sys1=document.loginvalid.sys1.value;
document.loginvalid.action="admin?
loginname="+n1+"&Password="+n2+"&Request="+Request+"&fin="+fin+"&sys="+sys;
document.loginvalid.submit();
}
}
</script>
<script type="text/javascript">
var persistmenu="yes"
var persisttype="sitewide"
if (document.getElementById)
{
document.write('<style type="text/css">\n')
document.write('.submenu{display: none;}\n')
document.write('</style>\n')
}
function SwitchMenu(obj)
{
if(document.getElementById
)
{
var el = document.getElementById(obj);
var ar = document.getElementById("masterdiv").getElementsByTagName("span");
if(el.style.display != "block")
{
for (var i=0; i<ar.length; i++)
{
if (ar[i].className=="submenu")
ar[i].style.display = "none";
}
el.style.display = "block";
}
else
{
el.style.display = "none";
}
}
}
function get_cookie(Name)
{
var search = Name + "="
var returnvalue = "";
if (document.cookie.length > 0)
{
offset = document.cookie.indexOf(search)
if (offset != -1)
{
offset += search.length
end = document.cookie.indexOf(";", offset);
if (end == -1) end = document.cookie.length;
returnvalue=unescape(document.cookie.substring(offset, end))
}
}
return returnvalue;
}
function onloadfunction()
{
if (persistmenu=="yes")
{
var cookiename=(persisttype=="sitewide")? "switchmenu" : window.location.pathname
var cookievalue=get_cookie(cookiename)
if (cookievalue!="")
document.getElementById(cookievalue).style.display="block"
}
}
function savemenustate()
{
var inc=1, blockid=""
while (document.getElementById("sub"+inc))
{
if (document.getElementById("sub"+inc).style.display=="block")
{
blockid="sub"+inc
break
}
inc++
}
var cookiename=(persisttype=="sitewide")? "switchmenu" : window.location.pathname
var cookievalue=(persisttype=="sitewide")? blockid+";path=/" : blockid
document.cookie=cookiename+"="+cookievalue
}
if (window.addEventListener)
window.addEventListener("load", onloadfunction, false)
else if (window.attachEvent)
window.attachEvent("onload", onloadfunction)
else if (document.getElementById)
window.onload=onloadfunction
if (persistmenu=="yes" && document.getElementById)
window.onunload=savemenustate
</script>
</head>
<body bgcolor="#E3F6CE">
<div id="masterdiv">
<table align="center" width="1000px" height="198" background="IMAGE/header_1.jpg"
>
<tr><td><img src="IMAGE/header_2.jpg" align="left" height="198" width="300"></td>
<td class="heading" align="center" >DETECTION AND TRACEBACK AGAINST
ATTACKS</td>
</tr>
</table>
<table align="center" width="550px" height="130" >
<td onclick="SwitchMenu('sub1')" align="center" class="menu">

<a href="Home.jsp" class="menu">REGISTRATION</a>
<span class="submenu" id="sub1">
<a href="Student.jsp">STUDENT</a><br>
</span>
</td>
<td align="center" class="menu">
<a href="Contact.jsp" class="menu" id="menu">CONTACT US</a>
</td>
</tr>
</table>
<table width="500" border="0" align="left" >
<tr>
<td width="234"> </td> <td> </td></tr>
<td valign="bottom" width="234">
<p align="justify">
</p>
</td></tr>
</table>
<br>
<br>
<table width="259" border="0" align="left" height="262">
<tr valign="top">
<td align="center">
<big>
<div>
WELCOME TO OUR WEBSITE
</big>
</div>
</td>
</tr>
<tr>
<td>
<img src="IMAGE/students.jpg" height="207" width="305" align="left"
class="hovergallery">
</td>
</tr>
</table>
<form name="loginvalid" method="get">

<%
String sysname1=request.getRemoteHost();
String sysname=request.getRemoteAddr();
%>
<table width="200" border="0" bgcolor="#E3F6CE" align="right" height="220">
<tr>
<td width="4"> </td><td width="4"> </td>
<td width="4"> </td>
</tr>
<tr>
<td class="class4" width="166">ADMIN LOGIN FORM</td>
</tr>
<tr>
<td> </td> <td> </td></tr>
<tr>
<td class="class4">LOGINNAME</td>
<td width="136"><input type="text" name="loginname" size="25"
maxlength="20"/></td>
<td> </td>
</tr>
<td> </td> <td> </td></tr>
<tr>
<td class="class4">PASSWORD</td>
<td width="136"><input type="password" name="Password" size="25"
maxlength="10"/></td>
<td><input type="hidden" name=sys value=<%=sysname%>></td>
<td><input type="hidden" name=sys1 value=<%=sysname1%>></td>
</tr>
<td> </td> <td> </td></tr>
<tr>
<td width="96"><input type="image" src="IMAGE/login2.jpg"

onClick="fun2()"/> </td>

<td width="57">
</td>
<td width="57">
<select onChange="location.href= this.value;" >
<option value="" SELECTED>Choose One
<option value="Home.jsp">ADMIN
<option value="Studentlogin.jsp">STUDENT
</select>
</td>
</tr>
<tr>
<td height="2">
<input type="hidden" name="Request" value="REQUESTTO">
<input type="hidden" name="SYN" value="SYNPACKET">
</td>
</tr>
</table>
</form>
</body>
</html>
<html>
<head>
<link href="calendar.css" rel="stylesheet" type="text/css">
<script type="text/javascript" language="javascript">
function signout()
{
var request=document.Record_form.request.value;
document.Record_form.action="Logout?request="+request;
document.Record_form.submit();
}
function fun2()
{
if(document.Record_form.First_name.value=="")
{
alert("ENTER THE STUDENT NAME");
return false;
}
if(document.Record_form.Father_name.value=="")
{
alert("ENTER THE FATHER NAME");
return false;
}
if(document.Record_form.datum1.value=="")
{
alert("ENTER THE DATE OF BIRTH");
return false;
}
if(document.Record_form.Reg_no.value=="")
{
alert("ENTER THE REGISTRATION NUMBER");
return false;
}
if(document.Record_form.Degree.value=="")
{
alert("ENTER THE DEGREE");
return false;
}
if(document.Record_form.join_date.value=="")
{
alert("ENTER THE JOINING DATE ");
return false;
}
if(document.Record_form.EXPIRE_date.value=="")
{
alert("ENTER THE COURSE COMPLETION YEAR");
return false;
}
if(document.Record_form.email.value=="")
{
alert("ENTER THE EMAIL ID");
return false;
}
if(document.Record_form.phone.value=="")
{
alert("ENTER THE CONTACT NO");
return false;
}
if(document.Record_form.Address.value=="")
{
alert("ENTER THE ADDRESS");
return false;
}
else
{
var First_name=document.Record_form.First_name.value;
var Father_name=document.Record_form.Father_name.value;
var datum1=document.Record_form.datum1.value;
var Reg_no=document.Record_form.Reg_no.value;
var Degree=document.Record_form.Degree.value;
var join_date=document.Record_form.join_date.value;
var EXPIRE_date=document.Record_form.EXPIRE_date.value;
var email=document.Record_form.email.value;
var phone=document.Record_form.phone.value;
var Address=document.Record_form.Address.value;
document.Record_form.action="RecordRegister?
First_name"+First_name+"&Father_name="+Father_name+"&datum1="+datum1+"&Reg_
no="+Reg_no+"&Degree="+Degree+"&join_date="+join_date+"&EXPIRE_date="+EXPI
RE_date+"&email="+email+"&=phone"+phone+"&=Address"+Address;
document.Record_form.submit();
}
}
</script>
<script language="javaScript" type="text/javascript" src="calendar.js">
</script>
<style type="text/css">
/*Credits: Dynamic Drive CSS Library */

/*URL: http://www.dynamicdrive.com/style/ */
.arrowgreen{
width: 180px; /*width of menu*/
border-style: solid solid none solid;
border-color: #94AA74;
border-size: 1px;
border-width: 1px;
}
.arrowgreen ul{
list-style-type: none;
margin: 0;
padding: 0;
}
.arrowgreen li a{
display: block;
background: url('IMAGE/arrowgreen.gif') 100% 0;
height: 24px; /*Set to height of bg image- padding within link (ie: 32px - 4px - 4px)*/
line-height: 24px; /*Set line-height of bg image- padding within link (ie: 32px - 4px
- 4px)*/
text-decoration: none; font-style:normal; font-variant:normal; font-weight:bold; font-
size:12px; font-family:Verdana, Arial, Helvetica, sans-serif; padding-left:10px; padding-
right:0; padding-top:4px; padding-bottom:4px
}
.arrowgreen li a:link, .arrowgreen li a:visited {

color: #5E7830;
}
.arrowgreen li a:hover{
color: #26370A;
background-position: 100% -32px;
}
.arrowgreen li a.selected{
color: #26370A;
background-position: 100% -64px;
}
</style>
</head>
<body bgcolor="#CCFFCC">
<form name="Record_form">
<div id="container">
<div id="header">
<h3>WELCOME TO <span class="off">ADMIN</span></h3>
<h2><a onclick="signout; SignOut</a></h2>
</div>
<div class="arrowgreen">
<ul>
<li><a href="Record.jsp">RECORD</a></li>
<li><a href="Subject.jsp">SUBJECT</a></li>
<li><a href="TimeTable.jsp">TIME TABLE</a></li>
<li><a href="Fees.jsp">FEES</a></li>
<li><a href="ExamFee.jsp">EXAM FEES</a></li>
</ul>
</div>
<table border="0" align="center" cellpadding="0" cellspacing="0" width="389" >

<caption><font size="4">
RECORD REGISTRATION FORM
</font>
</caption>
<tr>
<td> </td><td> </td>
</tr>
<tr>
</tr>
<tr>
<td width="118"><label> NAME:</label></td>
<td width="267"><input type="text" name="First_name"
size="37"/></td><td> </td>
</tr>
<tr>
</tr>
<tr>
<td width="118"><label> FATHER NAME:</label></td>
<td width="267"><input type="text" name="Father_name"
size="37"/></td><td> </td>
</tr>
<tr>
</tr>
<tr>
<td width="118"><label> DATE OF BIRTH:</label></td><td width="267"><input
type="text" name="datum1" size="30">
<a href="#" onClick="setYears(1947, 2011); showCalender(this, 'datum1');"><img
src="IMAGE/calender.png"></a></td></tr>

<table id="calenderTable" align="center">

<tbody id="calenderTableHead">
<tr>
<td colspan="4" align="center">
<select
onChange="showCalenderBody(createCalender(document.getElementById('selectYear').val
ue,
this.selectedIndex, false));" id="selectMonth">
<option value="0">Jan</option>
<option value="1">Feb</option>
<option value="2">Mar</option>
<option value="3">Apr</option>
<option value="4">May</option>
<option value="5">Jun</option>
<option value="6">Jul</option>
<option value="7">Aug</option>
<option value="8">Sep</option>
<option value="9">Oct</option>
<option value="10">Nov</option>
<option value="11">Dec</option>
</select>
</td>
<td colspan="2" align="center">
<select onChange="showCalenderBody(createCalender(this.value,
document.getElementById('selectMonth').selectedIndex,
false));" id="selectYear">
</select>
</td>
<td align="center">
<a href="#" onClick="closeCalender();"><font color="#003333"
size="+1">X</font></a>
</td>
</tr>
</tbody>
<tbody id="calenderTableDays">
<tr style="">
<td>Sun</td><td>Mon</td><td>Tue</td><td>Wed</td><td>Thu</td><td>Fri</td>
<td>Sat</td>
</tr>
</tbody>
<tbody id="calender"></tbody>
</table>
<table border="0" align="center" cellpadding="0" cellspacing="0" width="397" >
<tr>
</tr>
<tr>
<td width="128"><label>REGISTER NO:</label></td>
<td width="269"><input type="text" name="Reg_no" size="37"/></td>
</tr>
<tr>
</tr>
<tr>
<td width="128"><label> DEGREE:</label></td>
<td width="269"><select name="Degree">
<option value="">CHOOSE TEH DEGREE </option>
<option value="B.E">B.E</option>
<option value="B.Tech">B.Tech</option>
<option value="M.E">M.E</option>
<option value="M.Tech">M.Tech</option>
<option value="MCA">MCA</option>
<option value="MBA">MBA</option>
</select>
</td>
</tr>
<tr>
<td height="31"> </td><td height="31"> </td>
</tr>
<tr>
<td width="128"><label> YEAR OF JOINING:</label></td>
<td width="269"><input type="text" name="join_date" size="35"/></td>
</tr>
<tr>
</tr>
<tr>
<td width="128"><label> COURSE EXPIRE ON:</label></td>
<td width="269"><input type="text" name="EXPIRE_date" size="35"/></td>
</tr>
<tr>
</tr>
<tr>
<td width="128"><label> EMAIL ID:</label></td>
<td width="269"><input type="text" name="email" size="35"/></td>
</tr>
<tr>
</tr>
<tr>
<td width="128"><label> CONTACT NO:</label></td>
<td width="269"><input type="text" name="phone" size="35"/></td>
</tr>
<tr>
</tr>
<tr>
<td width="128"><label> ADDRESS:</label></td>
<td valign="top"><textarea name="Address" rows="4" cols="27" id="Address"
class="textbox"></textarea></td>
</tr>
<tr>
</tr>
<tr>
<td> </td>
<td width="269"><input type="image" src="IMAGE/update.jpg"
onClick="fun2()"/> </td>
</tr>
</table>
<input type="hidden" name="request" value="FINPACKET">
</form>
</body>
</html>
REFERENCES
[1] C. E. Landwehr and D. M. Goldschlag, “Security issues in networks with internet

access,” Proc. IEEE, vol. 85, no. 12, pp. 2034–2051, Dec.1997.
[2] D. Bleichenbacher, “Chosen Ciphertext attacks against protocols based on the RSA
encryption standard PKCS #1,” in Proc. 18th Annu. Int.Cryptol. Conf., Santa Barbara, CA,
Aug. 1998, pp. 1–12.
[3] D. Brumley and D. Boneh, “Remote timing attacks are practical,” in Proc. 12th USENIX
Security Symp.,Washington, DC, Aug. 2003, p. 1.
[4] “OpenSSH PAM timing attacks,” 2006 [Online]. Available:

http://securityvulns.com/news2789.html
[5] S. P. Joglekar and S. R. Tate, “ProtoMon: Embedded monitors for cryptographic

protocol intrusion detection and prevention,” J. Universal Comput. Sci., vol. 11, no. 1, pp.
83–103, Jan. 2005.
[6] Z. M. Fadlullah, T. Taleb, N. Ansari, K. Hashimoto, Y. Miyake, Y.Nemoto, and N.

Kato, “Combating against attacks on encrypted protocols,”in Proc. IEEE ICC, Glasgow,
Scotland, Jun. 24–28, 2007, pp.1211–1216.
[7] H. Wang, D. Zhang, and G. Shin, “Change-point monitoring for thedetection of DoS
attacks,” IEEE Trans. Depend. Secure Comput., vol.1, no. 4, pp. 193–208, Oct.–Dec. 2004.
[8] J. P. Anderson, Computer Security Threat Monitoring and Surveillance.Fort

Washington, PA: Anderson, 1980.
[9] A. Bivens, C. Palagiri, R. Smith, B. Szymanski, and M. Embrechts,“Network-based

intrusion detection using neural networks,” in Proc.ANNIE, St. Louis, MO, Nov. 2002, pp.
10–13.
[10] “Smurf IP denial-of-service attacks,” CERT Advisory CA-1998-01,1998
[Online].Available: http://www.cert.org/advisories/CA-1998-01.html
[11] “Ping of death,” 1997 [Online]. Available: http://insecure.org/sploits/ping-o-death.html
[12] B. Canvel, A. Hiltgen, S. Vaudenay, and M. Vuagnoux, “Password interception in a

SSL/TLS channel,” in Proc. Crypto 2003, Santa Barbara,CA, Feb. 2003, vol. 2729, LNCS,
pp. 583–599.
[13] D. Wagner and B. Schneier, “Analysis of the SSL 3.0 protocol,” inProc. 2nd
USENIXWorkshop Electron. Commerce, Oakland, CA, Nov.1996, vol. 2, p. 4.
[14] “OpenSSL servers contain a buffer overflow during the SSL2 handshake process,”
CERT Vulnerability Note #102795, Jul. 2002.
[15] “OpenSSL servers contain a remotely exploitable buffer overflow vulnerability during
the SSL3 handshake process,” CERT Vulnerability Note #561275, Jul. 2002.

FINAL

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

FINAL

Uploaded by

Copyright:

Available Formats

DETECTION AND TRACE BACK SYSTEM USING

in partial fulfillment for the award of the degree

COMPUTER SCIENCE AND ENGINEERING

MAAMALLAN INSTITUTE OF TECHNOLOGY, SRIPERUMPUDUR

ANNA UNIVERSITY: CHENNAI 600 025

Certified that this project report “DETECTION AND TRACE BACK

SYSTEM USING MONITORING STUBS” is the bonafide work of

“S.SRIRAM & A.SANTHOSHKUMAR “who carried out the project work

HEAD OF THE DEPARTMENT INTERNAL GUIDE

Computer Science and Engineering, Computer Science and Engineering,

Maamallan Institute Of Technology, Maamallan Institute Of Technology,

Sriperumpudur, Chennai-602 105. Sriperumpudur, Chennai-602 105

Internal Examiner External Examiner

We also express our gratitude to our principal, Dr.S.Renganarayanan,Ph.D., who

We would like to thank Dr.R.Geetharamani,Ph.D., Head of Department of

against attacks on encrypted protocols, we propose an anomaly-based detection system by

extensive simulations and Internet data sets.

CHAPTER NO TITLE PAGE NO.

LIST OF ABBREVATIONS iii

1.1 About the Project 8

2.1 Existing system 9

2.2 Proposed system 9

2.3 System Design 10

3.3.1.1 Introduction to java 13

3.3.1.2 Working of java 15

3.4 Block Diagram

5 SYSTEM DESIGN – DETAILED

5.2 Module explanation 26

6 CODING AND TESTING

6.2 Coding standards 31

6.3 Test procedure 34

6.4 Test data and output 35

Fig.No TITLE PAGE NO

4.1.1 User Authentication 11

4.1.2 Element Identification 12

4.1.3 Unsupervised Duplicate Detection 13

5.1 UML Diagrams 15

5.1.1 UseCase Diagram 15

5.1.2 Activity Diagram 16

5.1.3 Class Diagram 17

5.1.4 Sequence Diagram 18

5.2 Architecture Diagram 19

5.3 System Architecture 20

5.4 Flow Diagram 25

2.1 EXISTING SYSTEM

Intrusion detection systems can be broadly categorized in two ways, namely

1. Highly interactive attacks.

2. Low interactive attacks

1. Highly interactive attacks.

The requirements specification is a technical specification of requirements for the

3.2 HARDWARE AND SOFTWARE SPECIFICATION

3.2.1 HARDWARE REQUIREMENTS

 Hard Disk : 20GB and Above

 RAM : 512MB and Above

 Processor : Pentium III and Above

3.2.2 SOFTWARE REQUIREMENTS

 Operating System : Windows 2000 & Above

3.2.2.1 SOFTWARE DESCRIPTION

It is a Platform Independent. Java is an object-oriented programming language

3.2.2.1 WORKING OF JAVA

Java consists of two things :

The Java language supports many high-performance features such as multithreading,