Professional Documents
Culture Documents
MONITORING STUBS
A PROJECT REPORT
Submitted by
SANTHOSHKUMAR.A
SRIRAM .S
of
BACHELOR OF ENGINEERING
in
APRIL 2011
ANNA UNIVERSITY: CHENNAI 600 025
BONAFIDE CERTIFICATE
under my supervision.
SIGNATURE SIGNATURE
Lecturer,
This project report is submitted for viva voice examination to be held on ………………
SRIRAM .A (20607104055)
ACKNOWLEDGEMENT
First we thank the Almighty God for the successful completion of the project. . Our
sincere thanks to our chairman Mr. S. Meganathan B.E, F.I.E for his sincere endeavor in
educating us in his premier institution.
We would like to express our deep gratitude to our beloved chairperson Dr.(Mrs).
Thangam Meganathan,Ph.D., for her enthusiastic motivation which inspired us a lot in
completing this project.
We would like to thank our supervisor Mrs .Susmita Mishra, M.E., and our project
coordinator Mr.M.Prakash, M.E.,MBA, for their invaluable guidance, ideas, advice and
encouragement for the successful completion of this project.We express our gratitude to our
parents and friends for their encouragement and support.
ABSTRACT
The unbridled growth of the Internet and the network-based applications has
contributed to enormous security leaks. Even the cryptographic protocols, which are used to
provide secure communication, are often targeted by diverse attacks. Intrusion detection
systems (IDSs) are often employed to monitor network traffic and host activities that may
lead to unauthorized accesses and attacks against vulnerable services. Most of the
conventional misuse-based and anomaly-based IDSs are ineffective against attacks targeted
at encrypted protocols since they heavily rely on inspecting the payload contents. To combat
using strategically distributed monitoring stubs (MSs). We have categorized various attacks
against cryptographic protocols. The MSs, by sniffing the encrypted traffic, extract features
for detecting these attacks and construct normal usage behaviour profiles. Upon detecting
suspicious activities due to the deviations from these normal profiles, the MSs notify the
victim servers, which may then take necessary actions. In addition to detecting attacks, the
MSs can also trace back the originating network of the attack. We call our unique approach
DTRAB since it focuses on both Detection and Trace Back in the MS level. The
effectiveness of the proposed detection and traceback methods are verified through
ACKNOWLEDGEMENT
ABSTRACT i
LIST OF FIGURES ii
1 INTRODUCTION
2 SYSTEM ANALYSIS
3 REQUIREMENTS SPECIFICATION
3.1 Introduction 12
3.2 Hardwar
e and Software specification 12
3.3 Technologies Used 13
3.3.1 Java 13
4 SYSTEM DESIGN
5.1 Modules 26
6.1 Coding 31
APPENDICES
REFERENCES
LIST OF FIGURES
4.1.4 Ontology 14
INTRODUCTION
Aim
The mainstay of this project is to detect suspicious activities due to the deviations
from these normal profiles and notify the victim servers and necessary actions are taken. In
addition to detecting attacks, it can also trace back the originating network of the attack.
Synopsis
The unbridled growth of the Internet and the network-based applications has
contributed to enormous security leaks. Even the cryptographic protocols, which are used to
provide secure communication, are often targeted by diverse attacks. Intrusion detection
systems (IDSs) are often employed to monitor network traffic and host activities that may
lead to unauthorized accesses and attacks against vulnerable services. Most of the
conventional misuse-based and anomaly-based IDSs are ineffective against attacks targeted
at encrypted protocols since they heavily rely on inspecting the payload contents. To combat
against attacks on encrypted protocols, we propose an anomaly-based detection system by
using strategically distributed monitoring stubs (MSs). We have categorized various attacks
against cryptographic protocols. The MSs, by sniffing the encrypted traffic, extract features
for detecting these attacks and construct normal usage behaviour profiles. Upon detecting
suspicious activities due to the deviations from these normal profiles, the MSs notify the
victim servers, which may then take necessary actions. In addition to detecting attacks, the
MSs can also trace back the originating network of the attack. We call our unique approach
DTRAB since it focuses on both Detection and Trace Back in the MS level. The
effectiveness of the proposed detection and traceback methods are verified through
extensive simulations and Internet datasets.
CHAPTER - 2
LITERATURE SURVEY
Detecting Attacks:
In DTRAB is classify the attacks there are two types such as,
The goal of a Directory Traversal attack is to execute commands that will access
files that are intended to be restricted. . The MSs, by sniffing the encrypted traffic, extract
features for detecting these attacks and construct normal usage behaviour profiles. Upon
detecting suspicious activities due to the deviations from these normal profiles, the MSs
notify the victim servers, which may then take necessary actions. In addition to detecting
attacks, the MSs can also trace back the originating network of the attack. The monitoring
stubs are used to trace the attacker path and give the alert to the web server. The web server
then sends the FIN packet to the client end. The FIN packet is nothing but is used for
connection closed information. The proposed traceback mechanism relies on the
collaboration of the MSs to correlate monitored abnormal operations of the protocols (e.g.,
failed session rates) over time. Every MS stores the information of failed sessions that it
observes for both incoming and outgoing traffic. A list of collaborating MSs, with which the
MS can contact in order to reconstruct the attack path. Once an attack is detected, the MS
closest to the victim encrypted server goes to the “Trace-back mode.”
CHAPTER 3
REQUIREMENT SPECIFICATIONS
3.1 INTRODUCTION
For those who are new to object-oriented programming, the concept of a class will
be new to you. Simplistically, a class is the definition for a segment of code that can
contain both data (called attributes) and functions (called methods).
When the interpreter executes a class, it looks for a particular method by the name
of main, which will sound familiar to C programmers. The main method is passed as a
parameter an array of strings (similar to the argv[] of C), and is declared as a static
method.
To output text from the program, we execute the println method of System.out,
which is java’s output stream. UNIX users will appreciate the thoery behind such a
stream, as it is actually standard output. For those who are instead used to the Wintel
platform, it will write the string passed to it to the user’s program.
Programming language
platform
The following diagram shows the Java 2 Platform Standard Edition Architecture
The following are some of the features which have made Java one of the most popular
among the various available programming languages.
• Simple
Java was developed by taking the best points from other programming languages,
primarily C and C++. Java therefore utilizes algorithms and methodologies that are already
proven. Error prone tasks such as pointers and memory management have either been
eliminated or are handled by the Java environment automatically rather than by the
programmer. Since Java is primarily a derivative of C++ which most programmers are
conversant with, it implies that Java has a familiar feel rendering it easy to use.
• Object Oriented
Even though Java has the look and feel of C++, it is a wholly independent language
which has been designed to be object-oriented from the ground up. In object-oriented
programming (OOP), data is treated as objects to which methods are applied. Java's basic
execution unit is the class. Advantages of OOP include: reusability of code, extensibility
and dynamic applications
• Distributed
Commonly used Internet protocols such as HTTP and FTP as well as calls for
network access are built into Java. Internet programmers can call on the functions through
the supplied libraries and be able to access files on the Internet as easily as writing to a local
file system.
• Interpreted
When Java code is compiled, the compiler outputs the Java Byte code which is an
executable for the Java Virtual Machine. The Java Virtual Machine does not exist physically
but is the specification for a hypothetical processor that can run Java code.
The byte code is then run through a Java interpreter on any given platform that has the
interpreter ported to it. The interpreter converts the code to the target hardware and executes
it.
• Robust
Java compels the programmer to be thorough. It carries out type checking at both
compile and run time making sure that every data structure has been clearly defined and
typed. Java manages memory automatically by using an automatic garbage collector. The
garbage collector runs as a low priority thread in the background keeping track of all objects
and references to those objects in a Java program. When an object has no more references,
the garbage collector tags it for removal and removes the object either when there is an
immediate need for more memory or when the demand on processor cycles by the program
is low.
• Secure
The Java language has built-in capabilities to ensure that violations of security do
not occur. Consider a Java program running on a workstation on a local area network which
in turn is connected to the Internet. Being a dynamic and distributed computing
environment, the Java program can, at run-time, dynamically bring in the classes it needs to
run either from the workstation's hard drive, other computers on the local area network or a
computer thousands of miles away somewhere on the Internet. This ability of classes or
applets to come from unknown locations and execute automatically on a local computer
sounds like every system administrator's nightmare considering that there could be lurking
out there on one of the millions of computers on the Internet, some viruses, Trojan horses or
worms which can invade the local computer system and wreak havoc on it. Java goes to
great lengths to address these security issues by putting in place a very rigorous multilevel
system of security.
First and foremost, at compile time, pointers and memory allocation are removed
thereby eliminating the tools that a system breaker could use to gain access to system
resources. Memory allocation is deferred until run time.
Even though the Java compiler produces only correct Java code, there is still the
possibility of the code being tampered with between compilation and run time. Java guards
against this by using the byte code verifier to check the byte code for language compliance
when the code first enters the interpreter, before it ever even gets the chance to run.
• Portable
By porting an interpreter for the Java Virtual Machine to any computer
hardware/operating system, one is assured that all code compiled for it will run on that
system. This forms the basis for Java's portability. Another feature which Java employs in
order to guarantee portability is by creating a single standard for data sizes irrespective of
processor or operating system platforms.
• High Performance
Since the byte code produced by the Java compiler from the corresponding source
code is very close to machine code, it can be interpreted very efficiently on any platform. In
cases where even greater performance is necessary than the interpreter can provide, just-in-
time compilation can be employed whereby the code is compiled at run-time to native code
before execution.An alternative to just-in-time compilation is to link in native C code. This
yields even greater performance but is more burdensome on the programmer and reduces the
portability of the code.
• Dynamic
Environment
Tomcat is a web server that supports servlets and JSPs. Tomcat comes with the Jasper
compiler that compiles JSPs into servlets.
The Tomcat servlet engine is often used in combination with an Apache web server or other
web servers. Tomcat can also function as an independent web server. Earlier in its
development, the perception existed that standalone Tomcat was only suitable for
development environments and other environments with minimal requirements for speed
and transaction handling. However, that perception no longer exists; Tomcat is increasingly
used as a standalone web server in high-traffic, high-availability environments.
Since its developers wrote Tomcat in Java, it runs on any operating system that has a JVM.
Product features
• servlet reloading
Tomcat 5.x
History
Tomcat started off as a servlet specification implementation by James Duncan Davidson, a
software architect at Sun. He later helped make the project open source and played a key
role in its donation by Sun to the Apache Software Foundation.
Davidson had initially hoped that the project would become open-sourced and, since most
open-source projects had O'Reilly books associated with them featuring an animal on the
cover, he wanted to name the project after an animal. He came up with Tomcat since he
reasoned the animal represented something that could take care of and fend for itself. His
wish to see an animal cover eventually came true when O'Reilly published their Tomcat
book with a tomcat on the cover
1. Introduction
Purpose
This project is to detect suspicious activities due to the deviations from these
normal profiles and notify the victim servers and necessary actions are taken. In addition to
detecting attacks, it can also trace back the originating network of the attack.
Project Scope
The unbridled growth of the Internet and the network-based applications has
contributed to enormous security leaks. Even the cryptographic protocols, which are used to
provide secure communication, are often targeted by diverse attacks. Intrusion detection
systems (IDSs) are often employed to monitor network traffic and host activities that may
lead to unauthorized accesses and attacks against vulnerable services. Most of the
conventional misuse-based and anomaly-based IDSs are ineffective against attacks targeted
at encrypted protocols since they heavily rely on inspecting the payload contents. To combat
against attacks on encrypted protocols, we propose an anomaly-based detection system by
using strategically distributed monitoring stubs (MSs). We have categorized various attacks
against cryptographic protocols. The MSs, by sniffing the encrypted traffic, extract features
for detecting these attacks and construct normal usage behaviour profiles. Upon detecting
suspicious activities due to the deviations from these normal profiles, the MSs notify the
victim servers, which may then take necessary actions. In addition to detecting attacks, the
MSs can also trace back the originating network of the attack. We call our unique approach
DTRAB since it focuses on both Detection and Trace Back in the MS level. The
effectiveness of the proposed detection and traceback methods are verified through
extensive simulations and Internet datasets.
2. Overall Description
Product Perspective
The MSs, by sniffing the encrypted traffic, extract features for detecting these
attacks and construct normal usage behaviour profiles. Upon detecting suspicious activities
due to the deviations from these normal profiles, the MSs notify the victim servers, which
may then take necessary actions. In addition to detecting attacks, the MSs can also trace
back the originating network of the attack. The monitoring stubs are used to trace the
attacker path and give the alert to the web server. The web server then sends the FIN packet
to the client end. The FIN packet is nothing but is used for connection closed information.
The proposed trace back mechanism relies on the collaboration of the MSs to correlate
monitored abnormal operations of the protocols (e.g., failed session rates) over time. Every
MS stores the information of failed sessions that it observes for both incoming and outgoing
traffic. A list of collaborating MSs, with which the MS can contact in order to reconstruct
the attack path. Once an attack is detected, the MS closest to the victim encrypted server
goes to the “Trace-back mode.”
Product Features
The Ms are used to monitor the SYN packet and FIN packet .Actually the
SYN packet are used for connection establish from the client end as well as FIN packet are
used for connection termination from server or client end. If the FIN packet is sending by
server means that is consider as attacker is there. Otherwise the clients send the FIN packet
to the server for close the connection properly by the end user.
Home-It can be used to login the administrator and update the details into web server.
Studentlogin-This class can be used to login the student and get the details from
satudentinfo class.
Routerconnect –This class can be used to connect the end-user and the web server.
Response Receive-This class can be used to connect the particular URL to the end user.
2.4 Design and Implementation Constraints
3. System Features
Prevention:
The scope the project is preserve the server from the attacker .So that we have
implemented the project with highly effective .If the client request to the server means it
will go for through router, the monitoring stubs is monitor the each and every action from
the client .If the monitoring stubs is find any irregular request from the client means It will
intimate to the server then the server is block the particular client ip.The system require
internet explore to run the project. The project is run through the proxy configuration. So
that internet explore is highly recommended to run this project.
1. All the contents in the project are implemented using Graphical User Interface (GUI) in
Java through JavaFX concepts.
2. Every conceptual part of the projects is reflected using the JavaFX.
3. System gets the input and delivers through the GUI based.
Hardware Interfaces
Ethernet
Ethernet on the AS/400 supports TCP/IP, Advanced Peer-to-Peer Networking
(APPN) and advanced program-to-program communications (APPC).
ISDN
You can connect your AS/400 to an Integrated Services Digital Network
(ISDN) for faster, more accurate data transmission. An ISDN is a public or private digital
communications network that can support data, fax, image, and other services over the
same physical interface. Also, you can use other protocols on ISDN, such as IDLC and
X.25.
Software Interfaces
This software is interacted with the TCP/IP protocol, Socket and listening on unused
ports. Server Socket and listening on unused ports and JDK 1.6
Communication Interfaces
1. TCP/IP protocol.
2. LAN settings.
5. Other Nonfunctional Requirements
Performance Requirements
The project is implemented for the purpose of provide the security to the
server. So that we have to consider the each and every activity with highly security based. If
the user need to login with the help of syn packet there after only the server response to the
client. The client need to provide correct user id and password then only the server precedes
to next navigational link, otherwise the client could not go in front. The server and
monitoring stubs is listening each and every request from the client end .If the normal
threshold is exceed means the server initially find the attacker and then monitoring stub is
block the request from the attacker ip.
Safety Requirements
1. The software may be safety-critical. If so, there are issues associated with
its integrity level
Security Requirements
Do not block the some available ports through the windows firewall
Usability: how easy it is to understand, learn, and operate the software System
4.1.1 Authentication
4.1.2 Client Information Registration
4.1.3 Client Request
4.1.1 Authentication
In first module, we have implemented admin login form using jsp, servlet and oracle
database. While the admin enter the username and password after give the event the process
goes to the servlet with SYN packet. Then admin credentials compare to the database if the
admin provide correct information then redirect to the student form, otherwise forward the
error page to the admin.
User Login
Authenticated page
Authentication
In the second module, we have developed the record details form; this form contains basic
information about the student like name, fathername, dateof birth, register number etc., if
the details successfully filled in this form then press the update button mean the details will
be stored into the database.
This form contains the examination fees details like student name, register number and
number of papers and number of practical papers. These details are entered by the
administrator and stored into the server.
Student
Admin Database
Details
server
Normal Client:
The final module is the client is after successfully login the client request to the server, the
server response to the particular client. The normal client could not made a continues
request to the server .So that the normal client request could not exceed the threshold
concept.
Database
Attacker Client:
The final module is the client is after successfully login the client request to the server, the
server response to the particular client. The attacker client made a continues request to the
server .So that the threshold request is exceed, if the value is exceed means the particular
request is blocked by the server.
Error page
CHAPTER 5
SYSTEM DESIGN
5.1 UML DIAGRAM
USER ROU
TER
ATTACKER
WEB
SERVER
CHAPTER 6
Once the design aspect of the system is finalizes the system enters into the coding and
testing phase. The coding phase brings the actual system into action by converting the
design of the system into the code in a given programming language. Therefore, a good
coding style has to be taken whenever changes are required it easily screwed into the
system.
Coding standards are guidelines to programming that focuses on the physical structure
and appearance of the program. They make the code easier to read, understand and maintain.
This phase of the system actually implements the blueprint developed during the design
phase. The coding specification should be in such a way that any programmer must be able
to understand the code and can bring about changes whenever felt necessary. Some of the
standard needed to achieve the above-mentioned objectives are as follows:
Naming conventions
Value conventions
Class names
Class names are problem domain equivalence and begin with capital letter and have mixed
cases.
Value conventions ensure values for variable at any point of time. This involves the
following:
SYSTEM TESTING
Testing is performed to identify errors. It is used for quality assurance.
Testing is an integral part of the entire development and maintenance process. The goal of
the testing during phase is to verify that the specification has been accurately and
completely incorporated into the design, as well as to ensure the correctness of the design
itself. For example the design must not have any logic faults in the design is detected before
coding commences, otherwise the cost of fixing the faults will be considerably higher as
reflected. Detection of design faults can be achieved by means of inspection as well as
walkthrough.
Testing is one of the important steps in the software development phase. Testing
checks for the errors, as a whole of the project testing involves the following test cases:
Static analysis is used to investigate the structural properties of the Source code.
Dynamic testing is used to investigate the behavior of the source code by executing
the program on the test data.
Performance Test
Stress Test
Structure Test
It determines the amount of execution time spent in various parts of the unit, program
throughput, and response time and device utilization by the program unit.
Stress Test is those test designed to intentionally break the unit. A Great deal can
be learned about the strength and limitations of a program by examining the manner in
which a programmer in which a program unit breaks.
Structure Tests are concerned with exercising the internal logic of a program and
traversing particular execution paths. The way in which White-Box test strategy was
employed to ensure that the test cases could Guarantee that all independent paths within a
module have been have been exercised at least once.
The major error that was faced during the project is linking error. When all the
modules are combined the link is not set properly with all support files. Then we checked
out for interconnection and the links. Errors are localized to the new module and its
intercommunications. The product development can be staged, and modules integrated in as
they complete unit testing. Testing is completed when the last module is integrated and
tested.
6.5.1 TESTING
The software testing process commences once the program is created and the
documentation and related data structures are designed. Software testing is essential for
correcting errors. Otherwise the program or the project is not said to be complete. Software
testing is the critical element of software quality assurance and represents the ultimate the
review of specification design and coding. Testing is the process of executing the program
with the intent of finding the error. A good test case design is one that as a probability of
finding an yet undiscovered error. A successful test is one that uncovers an yet undiscovered
error. Any engineering product can be tested in one of the two ways:
This testing is also called as Glass box testing. In this testing, by knowing the
specific functions that a product has been design to perform test can be conducted that
demonstrate each function is fully operational at the same time searching for errors in each
function. It is a test case design method that uses the control structure of the procedural
design to derive test cases. Basis path testing is a white box testing.
A software testing strategy provides a road map for the software developer. Testing
is a set activity that can be planned in advance and conducted systematically. For this reason
a template for software testing a set of steps into which we can place specific test case
design methods should be strategy should have the following characteristics:
Testing begins at the module level and works “outward” toward the
integration of the entire computer based system.
Different testing techniques are appropriate at different points in time.
The developer of the software and an independent test group conducts
testing.
Testing and Debugging are different activities but debugging must be
accommodated in any testing strategy.
The logical and syntax errors have been pointed out by program testing. A
syntax error is an error in a program statement that in violates one or more rules of the
language in which it is written. An improperly defined field dimension or omitted keywords
are common syntax error. These errors are shown through error messages generated by the
computer. A logic error on the other hand deals with the incorrect data fields, out-off-range
items and invalid combinations. Since the compiler s will not deduct logical error, the
programmer must examine the output. Condition testing exercises the logical conditions
contained in a module. The possible types of elements in a condition include a Boolean
operator, Boolean variable, a pair of Boolean parentheses A relational operator or on
arithmetic expression. Condition testing method focuses on testing each condition in the
program the purpose of condition test is to deduct not only errors in the condition of a
program but also other a errors in the program.
User acceptance of the system is key factor for the success of any system. The
system under consideration is tested for user acceptance by constantly keeping in touch with
prospective system and user at the time of developing and making changes whenever
required. This is done in regarding to the following points.
APPENDICES
</head>
<body bgcolor="#E3F6CE"><!--background="IMAGE/home.jpg"-->
<div id="masterdiv">
<table align="center" width="1000px" height="198" background="IMAGE/header_1.jpg"
>
<tr><td><img src="IMAGE/header_2.jpg" align="left" height="198" width="300"></td>
<td class="heading" align="center" >DETECTION AND TRACEBACK AGAINST
ATTACKS</td>
</tr>
</table>
<table align="center" width="550px" height="130" >
</tr>
<tr>
<td width="4"> </td><td width="4"> </td>
<td class="class4" width="166">ADMIN LOGIN FORM</td>
</tr>
<tr>
<td> </td> <td> </td></tr>
<tr>
<td width="4"> </td>
<td class="class4">LOGINNAME</td>
<td width="136"><input type="text" name="loginname" size="25"
maxlength="20"/></td>
<td> </td>
</tr>
<td> </td> <td> </td></tr>
<tr>
<td width="4"> </td>
<td class="class4">PASSWORD</td>
<td width="136"><input type="password" name="Password" size="25"
maxlength="10"/></td>
<td><input type="hidden" name=sys value=<%=sysname%>></td>
<td><input type="hidden" name=sys1 value=<%=sysname1%>></td>
</tr>
<td> </td> <td> </td></tr>
<tr>
<td width="4"> </td><td width="4"> </td>
</body>
</html>
<html>
<head>
<link href="calendar.css" rel="stylesheet" type="text/css">
<script type="text/javascript" language="javascript">
function signout()
{
var request=document.Record_form.request.value;
document.Record_form.action="Logout?request="+request;
document.Record_form.submit();
}
function fun2()
{
if(document.Record_form.First_name.value=="")
{
alert("ENTER THE STUDENT NAME");
return false;
}
if(document.Record_form.Father_name.value=="")
{
alert("ENTER THE FATHER NAME");
return false;
}
if(document.Record_form.datum1.value=="")
{
alert("ENTER THE DATE OF BIRTH");
return false;
}
if(document.Record_form.Reg_no.value=="")
{
alert("ENTER THE REGISTRATION NUMBER");
return false;
}
if(document.Record_form.Degree.value=="")
{
alert("ENTER THE DEGREE");
return false;
}
if(document.Record_form.join_date.value=="")
{
alert("ENTER THE JOINING DATE ");
return false;
}
if(document.Record_form.EXPIRE_date.value=="")
{
alert("ENTER THE COURSE COMPLETION YEAR");
return false;
}
if(document.Record_form.email.value=="")
{
alert("ENTER THE EMAIL ID");
return false;
}
if(document.Record_form.phone.value=="")
{
alert("ENTER THE CONTACT NO");
return false;
}
if(document.Record_form.Address.value=="")
{
alert("ENTER THE ADDRESS");
return false;
}
else
{
var First_name=document.Record_form.First_name.value;
var Father_name=document.Record_form.Father_name.value;
var datum1=document.Record_form.datum1.value;
var Reg_no=document.Record_form.Reg_no.value;
var Degree=document.Record_form.Degree.value;
var join_date=document.Record_form.join_date.value;
var EXPIRE_date=document.Record_form.EXPIRE_date.value;
var email=document.Record_form.email.value;
var phone=document.Record_form.phone.value;
var Address=document.Record_form.Address.value;
document.Record_form.action="RecordRegister?
First_name"+First_name+"&Father_name="+Father_name+"&datum1="+datum1+"&Reg_
no="+Reg_no+"&Degree="+Degree+"&join_date="+join_date+"&EXPIRE_date="+EXPI
RE_date+"&email="+email+"&=phone"+phone+"&=Address"+Address;
document.Record_form.submit();
}
}
</script>
<script language="javaScript" type="text/javascript" src="calendar.js">
</script>
<style type="text/css">
.arrowgreen{
width: 180px; /*width of menu*/
border-style: solid solid none solid;
border-color: #94AA74;
border-size: 1px;
border-width: 1px;
}
.arrowgreen ul{
list-style-type: none;
margin: 0;
padding: 0;
}
.arrowgreen li a{
display: block;
background: url('IMAGE/arrowgreen.gif') 100% 0;
height: 24px; /*Set to height of bg image- padding within link (ie: 32px - 4px - 4px)*/
line-height: 24px; /*Set line-height of bg image- padding within link (ie: 32px - 4px
- 4px)*/
text-decoration: none; font-style:normal; font-variant:normal; font-weight:bold; font-
size:12px; font-family:Verdana, Arial, Helvetica, sans-serif; padding-left:10px; padding-
right:0; padding-top:4px; padding-bottom:4px
}
.arrowgreen li a:hover{
color: #26370A;
background-position: 100% -32px;
}
.arrowgreen li a.selected{
color: #26370A;
background-position: 100% -64px;
}
</style>
</head>
<body bgcolor="#CCFFCC">
<form name="Record_form">
<div id="container">
<div id="header">
<h3>WELCOME TO <span class="off">ADMIN</span></h3>
<h2><a onclick="signout; SignOut</a></h2>
</div>
<div class="arrowgreen">
<ul>
<li><a href="Record.jsp">RECORD</a></li>
<li><a href="Subject.jsp">SUBJECT</a></li>
<li><a href="TimeTable.jsp">TIME TABLE</a></li>
<li><a href="Fees.jsp">FEES</a></li>
<li><a href="ExamFee.jsp">EXAM FEES</a></li>
</ul>
</div>
<tbody id="calenderTableDays">
<tr style="">
<td>Sun</td><td>Mon</td><td>Tue</td><td>Wed</td><td>Thu</td><td>Fri</td>
<td>Sat</td>
</tr>
</tbody>
<tbody id="calender"></tbody>
</table>
<table border="0" align="center" cellpadding="0" cellspacing="0" width="397" >
<tr>
<td> </td><td> </td>
</tr>
<tr>
<td width="128"><label>REGISTER NO:</label></td>
<td width="269"><input type="text" name="Reg_no" size="37"/></td>
</tr>
<tr>
<td> </td><td> </td>
</tr>
<tr>
<td width="128"><label> DEGREE:</label></td>
<td width="269"><select name="Degree">
<option value="">CHOOSE TEH DEGREE </option>
<option value="B.E">B.E</option>
<option value="B.Tech">B.Tech</option>
<option value="M.E">M.E</option>
<option value="M.Tech">M.Tech</option>
<option value="MCA">MCA</option>
<option value="MBA">MBA</option>
</select>
</td>
</tr>
<tr>
<td height="31"> </td><td height="31"> </td>
</tr>
<tr>
<td width="128"><label> YEAR OF JOINING:</label></td>
<td width="269"><input type="text" name="join_date" size="35"/></td>
</tr>
<tr>
<td> </td><td> </td>
</tr>
<tr>
<td width="128"><label> COURSE EXPIRE ON:</label></td>
<td width="269"><input type="text" name="EXPIRE_date" size="35"/></td>
</tr>
<tr>
<td> </td><td> </td>
</tr>
<tr>
<td width="128"><label> EMAIL ID:</label></td>
<td width="269"><input type="text" name="email" size="35"/></td>
</tr>
<tr>
<td> </td><td> </td>
</tr>
<tr>
<td width="128"><label> CONTACT NO:</label></td>
<td width="269"><input type="text" name="phone" size="35"/></td>
</tr>
<tr>
<td> </td><td> </td>
</tr>
<tr>
<td width="128"><label> ADDRESS:</label></td>
<td valign="top"><textarea name="Address" rows="4" cols="27" id="Address"
class="textbox"></textarea></td>
</tr>
<tr>
<td> </td><td> </td>
</tr>
<tr>
<td> </td>
<td width="269"><input type="image" src="IMAGE/update.jpg"
onClick="fun2()"/> </td>
</tr>
</table>
<input type="hidden" name="request" value="FINPACKET">
</form>
</body>
</html>
REFERENCES
[2] D. Bleichenbacher, “Chosen Ciphertext attacks against protocols based on the RSA
encryption standard PKCS #1,” in Proc. 18th Annu. Int.Cryptol. Conf., Santa Barbara, CA,
Aug. 1998, pp. 1–12.
[3] D. Brumley and D. Boneh, “Remote timing attacks are practical,” in Proc. 12th USENIX
Security Symp.,Washington, DC, Aug. 2003, p. 1.
[7] H. Wang, D. Zhang, and G. Shin, “Change-point monitoring for thedetection of DoS
attacks,” IEEE Trans. Depend. Secure Comput., vol.1, no. 4, pp. 193–208, Oct.–Dec. 2004.
[13] D. Wagner and B. Schneier, “Analysis of the SSL 3.0 protocol,” inProc. 2nd
USENIXWorkshop Electron. Commerce, Oakland, CA, Nov.1996, vol. 2, p. 4.
[14] “OpenSSL servers contain a buffer overflow during the SSL2 handshake process,”
CERT Vulnerability Note #102795, Jul. 2002.
[15] “OpenSSL servers contain a remotely exploitable buffer overflow vulnerability during
the SSL3 handshake process,” CERT Vulnerability Note #561275, Jul. 2002.