MANET Full Document
-
Upload
vamsee-krishna -
Category
Documents
-
view
1.378 -
download
0
Transcript of MANET Full Document
A Novel Cross Layer Intrusion Detection System in MANET
Introduction:
1.1 Synopsis
Intrusion detection System forms a vital component of internet security. To keep
pace with the growing trends, there is a critical need to replace single layer detection
technology with multi layer detection. Different types of Denial of Service (DoS)
attacks thwart authorized users from gaining access to the networks and we tried to
detect as well as alleviate some of those attacks. In this paper, we have proposed a
novel cross layer intrusion detection architecture to discover the malicious nodes and
different types of DoS attacks by exploiting the information available across different
layers of protocol stack in order to improve the accuracy of detection. We have used
cooperative anomaly intrusion detection with data mining technique to enhance the
proposed architecture. We have implemented fixed width clustering algorithm for
efficient detection of the anomalies in the MANET traffic and also generated different
types of attacks in the network. The simulation of the proposed architecture is
performed in OPNET simulator and we got the result as we expected.
System Analysis:
Feasibility Study:
During the feasibility study, the feasibility of the project – the likelihood of the
proposed system is analyzed. We have proposed a novel cross layer intrusion
detection architecture to discover the malicious nodes and different types of DoS
attacks by exploiting the information available across different layers of protocol
stack in order to improve the accuracy of detection. We have used cooperative
anomaly intrusion detection with data mining technique to enhance the proposed
architecture. We have implemented fixed width clustering algorithm for efficient
detection of the anomalies in the MANET traffic and also generated different types of
attacks in the network. Operational Feasibility.
In compared to wired networks, MANET has to face different challenges due to its
wireless features and ad-hoc structure. The very advantage of mobility in MANET
leads to its vulnerabilities. For efficient intrusion detection, we have used cross layer
techniques in IDS. The traditional way of layering network approach with the purpose
of separating routing, scheduling, rate and power control is not efficient for ad-hoc
wireless networks. A. Goldsmith discussed that rate control, power control; medium
access and routing are building block of wireless network design. Generally, routing is
considered in a routing layer and medium access in MAC layer whereas power control
and rate control are sometimes considered in a PHY and sometimes in a MAC layer. If
there is no cross layer inter action then the routing can select between several routes
and have no information about congestion or malicious nodes. As a result, it selects a
congested route or it selects a route that includes malicious nodes. With the help of
cross layer interaction, the routing forwards possible route choices to MAC and MAC
decides the possible routes using congestion and IDS information as well as returns
the result to the routing.
The selection of correct combination of layers in the design of cross layer IDS is very
critical to detect attacks targeted at or sourced from any layers rapidly. It is optimal
to incorporate MAC layer in the cross layer design for IDS as DoS attack is better
detected at this layer. The routing protocol layer and MAC layer is chosen for
detecting routing attacks in an efficient way. Data with behavioral information
consisting of layer specific information are collected from multiple layers and forward
it to data analysis module which is located in an optimal location . This cross layer
technique incorporating IDS leads to an escalating detection rate in the number of
malicious behavior of nodes increasing the true positive and reducing false positives
in the MANET. It also alleviates the congestion which can adapt to changing network
and traffic characteristics. In order to evade congestion and reroute traffic, MAC and
routing layers have to cooperate with each other with the IDS in order to avoid
insertion of malicious nodes in the new routes. The physical layer collects various
types of communication activities including remote access and logons, user activities,
data traffics and attack traces. MAC contains information regarding congestion and
interference. The detection mechanism for misbehaving nodes interacts with routing
layer for the detection process as MAC layers also help in detection of certain routing
attacks. MAC also interacts with
the physical layer to determine the quality of suggested path . By combining cross
layer features, attacks between the layers inconsistency can be detected.
Furthermore, these schemes provide a comprehensive detection mechanism for all
the layers i.e attacks originating from any layers can be detected with better
detection accuracy.
The main objective here is to find out whether
The system will work once it is developed and installed.
There is sufficient support for the project from the management.
The current network methods are acceptable to the users.
An investigation is conducted and as a result the following conclusions are
derived.
There is sufficient support form the managerial level
The current methods are done manually and take lot of time.
The persons involved in the current working system are met and
discussions are held with them to evolve a system with which
they have good participations and interest.
Technical feasibility
Technological feasibility analyses the following areas.
Technology and manpower is available are not.
Capacity to hold the data that is required to use the new
system.
Provision to respond to users regardless of their number and
location.
Provision for further expansion.
Guarantee of accuracy, reliability, ease of access and data
security.
An investigation is conducted and as a result the following conclusions are
derived.
The necessary technology to implement the proposed system is
available in the organization.
Main hardware equipment such as computers with the required
Capacities is also available.
Hence the system is technically feasible.
Economical Feasibility
Issues to be considered in the economical feasibility are
Financial benefits must equal or exceed the costs.
The solution should be cost effective.
Must be worth to pursue the project.
ANOMALY DETECTION MECHANISM IN MANET
The anomaly detection system creates a normal base line profile of the normal
activities of the network traffic activity. Then, the activity that diverges from the
baseline is treated as a possible intrusion. The main objective is to collect set of
useful features from the traffic to make the decision whether the sampled traffic is
normal or abnormal. Some of the advantages of anomaly detection system are it can
detect new and unknown attacks, it can detect insider attacks; and it is very difficult
for the attacker to carry out the attacks without setting off an alarm . The process of
anomaly detection comprises of two phases: training and testing. We try to build the
basic framework for normal behavior by collecting the noticeable characteristic from
the audit data. We use the data mining technique for building Intrusion detection
system to describe the anomaly detection mechanism.
A. Construction of normal Dataset
The data obtained from the audit data sources mostly contains local routing
information, data and control information from MAC and routing layers along with
other traffic statistics. The training of data may entail modeling the allotment of a
given set of training points or characteristic network traffic samples. We have to
make few assumptions so that the traced traffic from the network contains no attack
traffic:
• The normal traffic occurs more frequently than the attack traffic.
• The attack traffic samples are statistically different from the normal connections.
Since, we have used two assumptions; the attacks will appear as outliers in the
feature space resulting in detection of the attacks by analyzing and identifying
anomalies in the data set.
B. Feature construction
For feature construction, we use an unsupervised method to construct the feature
set. We use clustering algorithm to construct features from the audit data. The
feature set is created by using the audit data and most common feature set are
selected as essential feature set which has weight not smaller than the minimum
threshold. A set of considerable features should be obtained from the incoming traffic
that differentiates the normal data from the intrusive data. Few and semantic
information is captured which results in better detection performance and saves
computation time. In case of feature construction, we collect the traffic related
features as well as non-traffic related features which represents routing conditions.
We use some of the features for detecting DoS attacks and attacks that manipulate
routing protocol. The number of data packets received is used to detect unusual level
of data traffic which may indicate a DoS attack based on a data traffic flood.
C. Training normal data using cluster mechanism
We have implemented fixed-width clustering algorithm as an approach to anomaly
detection. It calculates the number of points near each point in the feature space. In
fixed width clustering technique, set of clusters are formed in which each cluster has
fixed radius w also known as cluster width in the feature space. The cluster width w is
chosen as the maximum threshold radius of a cluster.
Existing System:
It is difficult for Intrusion Detection system (IDS) to fully detect routing attacks due to
MANET’s characteristics. So, the IDS needs a scalable architecture to collect sufficient
evidences to detect those attacks effectively. A malicious node may take advantages
of the MANET node to launch routing attacks as the node acts as router to
communicate with each other. The wireless links between the nodes along with the
mobility raises the challenges of IDS to detect the attacks. Hence, we are motivated
to design a new IDS architecture which involves cross layer design to efficiently
detect the abnormalities in the wireless networks. We have proposed a new intrusion
detection architecture which incorporates cross layer that interacts between the
layers. In addition to this we have used association module to link between the OSI
protocol stack and the IDS module which results in low overhead during the data
collection. We have implemented the fixed width clustering algorithm in anomaly
detection engine for efficient detection of intrusion in the adhoc networks.
Proposed System:
Some general approach has been used in a distributed manner to insure the
authenticity and integrity of routing information such as key generation and
management on the prevention side. Authentication based approaches are used to
secure the integrity and the authenticity of routing messages such as . There are
some difficulties that have to be faced in realizing some of the schemes like
cryptography and they are relatively expensive on MANET because of computational
capacity. A number of intrusion detection schemes for intrusion detection system
have been presented for ad-hoc networks. In, the paper proposed architecture for a
distributed and cooperative intrusion detection system for ad-hoc networks based on
statistical anomaly detection techniques but they have not properly mentioned about
the simulation scenario and the type of mobility they have used. In, A. Mishra
emphasizes the challenge for intrusion detection in ad-hoc network and purpose the
use of anomaly implementation for the problem. In , Huang details an anomaly
detection technique that explores the correlations among the features of nodes and
discusses about the routing anomalies. Loo presents an intrusion detection method
using a clustering algorithm for routing attacks in sensor networks. It is able to detect
three important types of routing attacks. They are able to detect sink hole attacks
effectively which are intense form of attack. There are some flaws like there is
absence of simulation platform that can support a wider variety of attacks on larger
scale networks. Fixed width clustering algorithm has shown to be highly effective for
anomaly detection in network intrusion. It presents a geometric framework for
unsupervised anomaly detection. This paper needs more feature maps over different
kinds of data and needs to perform more extensive experiments evaluating the
methods presented.
Intrusion Detection Module:
A. Local Data Collection:
The local data collection module collects data streams of various information, traffic
patterns and attack traces from physical, MAC and network layers via association
module. The data streams can include system, user and mobile nodes’
communication activities within the radio range.
B. Local Detection:
The local detection module consists of anomaly detection engine. The local detection
module analyzes the local data traces gathered by the local data collection module
for evidence of anomalies. A normal profile is an aggregated rule set of multiple
training data segments. New and updated detection rules across ad-hoc networks are
obtained from normal profile. The normal profile consists of normal behavior patterns
that are computed using trace data from a training process where all activities are
normal. During testing process, normal and abnormal activities are processed and
any deviations from the normal profiles are recorded. The anomaly detection
distinguishes normalcy from anomalies as of the deviation data by comparing with
the test data profiles with the expected normal profiles. If any detection rules deviate
beyond a threshold interval and if it has a very high accuracy rate it can determine
independently that the network is under attack and initiates the alert management.
C. Cooperative Detection:
When the support and confidence level is low or intrusion evidence is weak and
inconclusive in the detecting node then it can make collaborative decision by
gathering intelligence from its surrounding nodes via protected communication
channel. The decision of cooperative detection is based on the majority of the voting
of the received reports indicating an intrusion or anomaly.
D. Alert Management:
The alert management receives the alert from the local detection or co-operative
detection depending on the strength of intrusion evidence. It collects them in the
alert cache for t seconds. If there are more abnormal predictions than the normal
predictions then it is regarded as “abnormal” and with adequate information an
alarm is generated to inform that an intrusive activity is in the system.
Software Requirements:
Hardware Requirement:
Minimum 1.1 GHz PROCESSOR should be on the computer.
128 MB RAM.
20 GB HDD.
1.44 MB FDD.
52x CD-ROM Drive.
MONITORS at 800x600 minimum resolution at 256 colors minimum.
I/O, One or two button mouse and standard 101-key keyboard.
Software Requirement:
Operating System : Windows 95/98/2000/NT4.0.
Technology : JAVA, RMI, JFC
Database Connectivity : JDBC.
3.3 About the Software
JAVA:
Java is used as front-end tool for developing the project. To run Java
there is no need to have any particular operating system, as it is platform
independent. This must have certain hardware and software installed on your
computer. The key considerations were summed up by the Java team in the following
list of buzzwords:
Simple
Security
Portability
Object-oriented
Robust
Multithreaded
Architecture-Neutral
Interpreted
High Performance
Distributed
Dynamic
THE JAVA 2 ENTERPRISE EDITION
The Java 2 Platform, Enterprise Edition (J2EE), has rapidly established a
new programming model for developing distributed applications. This model is based
on well-defined components that can automatically take advantage of sophisticated
platform services. These components can be developed according to standard
guidelines, combined into applications, deployed on a variety of compatible server
products, and reused for maximum programmer productivity. This model is intended
to both standardize and simplify the kind of distributed applications required for
today's networked information economy.
J2EE Platform Benefits
With features designed to expedite the process of developing
distributed applications, the J2EE platform offers several benefits:
Simplified architecture and development
Freedom of choice in servers, tools, and components
Integration with existing information systems
Scalability to meet demand variations
Flexible security model
HYPER TEXT MARKUP LANGUAGE
HTML was specifically developed to use along with the Hyper Text
Transfer Protocol (HTTP) to encode documents for display on the World Wide Web.
HTML is defined in the HTML Standard, currently Version 4.0x. HTML
standards are recommended by the World Wide Web Consortium, W3C . W3C also
oversees the standardization of technologies related to the World Wide Web and
publishes the HTTP (Hypertext Transfer Protocol) standards. HTML is initials for Hyper
Text Markup Language. HTML is pronounced one letter at a time as if you are spelling
the word HTML. It is not pronounced as "hit mill" and it is NOT a programming
language. HTML cannot be used to write programs and it cannot control the precise
layout of a web page.
Web browsers are used to view HTML documents. Two popular web
browsers are the Netscape Navigator 4.x and the Microsoft Internet Explorer 5.x.
Browsers control the layout of a web page
JavaScript:
JavaScript enables you to embed commands in an HTML page.
JavaScript is powerful and simple. HTML provides a good deal of flexibility to
page authors, but HTML by itself is static; after being written, HTML
documents can’t interact with the user other than by presenting hyperlinks.
Scripting languages act as the glue that binds every thing together. JavaScript
mainly provides a fairly complete set of built- in functions and commands,
enabling you to perform math calculations, manipulates strings, play sounds,
open new windows and new URLs, and access and verify input to your web
forms.
JavaScript can also set the attributes, or properties , of web page
elements and other objects present in the browser.
This way you can change the behavior of plugs–in or other objects
without having to rewrite them. JavaScript commands
Macromedia Dreamweaver
Macromedia Dreamweaver2.0 is one of the HTML Editor
It also includes DHTML effects
It is used to connect the forms to Servlets
It is used to Hyperlinks the web pages
It is used to create Templates
It is used to attach Sound files and Animation files along with our
Source.
The JavaServer Pages(JSP):
JavaServer Pages ™ technology is the Java ™ platform
technology for building applications containing dynamic Web
content such as HTML, DHTML, XHTML and XML. The
JavaServer Pages technology enables the authoring of Web pages
that create dynamic content easily but with maximum power and
flexibility.
Advantages:
Write Once, Run Anywhere ™ properties
High quality tool support
Reuse of components and tag libraries
Separation of dynamic and static content
Support for scripting and actions
Web access layer for N-tier enterprise application architecture(s)
JSP page:
A JSP page is a text-based document that describes how to
process a request to create a response. The description intermixes
template data with some dynamic actions and leverages on the Java
Platform.The features in the JSP technology support a number of
different paradigms for authoring of dynamic content. JSP pages can be used in
combination with Servlets, HTTP, HTML, XML, Applets,JavaBeans
components and Enterprise JavaBeans components to implement a broad
variety of application architecture(s) or models.
Maximum performance and scalability through its unique design with the
Windows’NT multi-threaded architecture.
Central and easy-to-use the Graphical User Interface (GUI).
Automatic authentication of users by the Operating System.
ENTERPRISE JAVABEAN (EJB):
EJB is a standard server side component model for component
transaction monitors.It automatically takes in to account many of the
requirements of business systems-security,resourse
pooling,persistence,concurrency and transasction integrity.
Overall goals
The Enterprise JavaBeans (EJB) architecture has the following goals:
• The Enterprise JavaBeans architecture will be the standard component
architecture for building distributed object-oriented business applications in the Java
programming language. The Enterprise JavaBeans architecture will make it possible
to build distributed applications by combining components developed using tools
from different vendors.
• The Enterprise JavaBeans architecture will make it easy to write applications.
Application developers will not have to understand low-level transaction and state
management details, multi-threading, connection pooling, and other complex low-
level APIs.
• Enterprise JavaBeans applications will follow the “Write Once, Run Anywhere”
philosophy of the Java programming language. An enterprise Bean can be developed
once, and then deployed on multiple platforms without recompilation or source code
modification.
• The Enterprise JavaBeans architecture will address the development,
deployment and runtime aspects of an enterprise application’s life cycle.
• The Enterprise JavaBeans architecture will define the contracts that enable
tools from multiple vendors to develop and deploy components that can inter operate
at runtime.
• The Enterprise JavaBeans architecture will be compatible with existing
server platforms. Vendors will be able to extend their existing products to support
Enterprise JavaBeans.
• The Enterprise JavaBeans architecture will be compatible with other Java
programming language APIs.
• The Enterprise JavaBeans architecture will provide interoperability between
enterprise Beans and Java 2 Platform Enterprise Edition (J2EE) components as well as
non-Java programming language applications.
• The Enterprise JavaBeans architecture will be compatible with the
CORBA protocols.
Enterprise Bean Provider
The Enterprise Bean Provider is the producer of enterprise beans. The
system output is an ejb-jar file that contains one or more enterprise beans. The Bean
Provider is responsible for the Java classes that implement the enterprise bean’s
business methods, the definition of the bean’s remote and home interfaces and the
bean’s deployment descriptor.
The deployment descriptor includes the structural information of the enterprise bean
and declares all the enterprise bean’s external dependencies.
Application Assembler
The Application Assembler combines enterprise beans into larger
deployable application units. The input to the Application Assembler is one or more
ejb-jar files produced by the Bean Provider(s). The Application Assembler outputs one
or more ejb-jar files that contain the enterprise beans along with their application
assembly instructions. The Application Assembler inserts the application assembly
instructions into the deployment descriptors.
The Application Assembler can also combine enterprise beans with other types
of application components (JSP) when composing an application. The EJB specification
describes the case in which the application assembly step occurs before the
deployment of the enterprise beans. However, the EJB architecture does not preclude
the case that application assembly is performed after the deployment of all or some
of the enterprise beans.
Deployer
The Deployer takes one or more ejb-jar files produced by a Bean Provider or
Application Assembler and deploys the enterprise beans contained in the ejb-jar files
in a specific operational environment. The operational environment includes a
specific EJB Server and Container. The Deployer is an expert at a specific operational
environment and is responsible for the deployment of enterprise Beans.The Deployer
uses tools supplied by the EJB Container Provider to perform the deployment tasks.
The deployment process is typically two-stage:
• The Deployer first generates the additional classes and interfaces that
enable the container to manage the enterprise beans at runtime. These classes
are container-specific.
• The Deployer performs the actual installation of the enterprise beans and
the additional classes and interfaces into the EJB Container.
EJB Server Provider
The EJB Server Provider is a specialist in the area of distributed
transaction management, distributed objects, and other lower-level system-level
services. A typical EJB Server Provider is an OS vendor, middleware vendor, or
database vendor. The current EJB architecture assumes that the EJB Server
Provider and the EJB Container Provider roles are the same vendor. Therefore,
it does not define any interface requirements for the EJB Server Provider.
EJB Container Provider:
The EJB Container Provider provides
• The deployment tools necessary for the deployment of enterprise beans.
• The runtime support for the deployed enterprise bean instances.
The focus of a Container Provider is on the development of a scalable, secure,
transaction-enabled container that is integrated with an EJB Server. The
Container Provider insulates the enterprise Bean from the specifics of an
underlying EJB Server by providing a simple, standard API between the
enterprise Bean and the container. This API is the Enterprise JavaBeans
component contract. The Container Provider typically provides support for
versioning the installed enterprise Bean components.The Container Provider
typically provides tools that allow the system administrator to monitor manage
the container and the Beans running in the container at runtime.
Persistence Manager Provider
The Persistence Manager interacts with the Container to receive
notifications related to the lifecycle of the managed beans. The current EJB
architecture, however, does not architect the full set of SPIs between the Container
and the Persistence Manager. These interfaces are currently left to the Container
Provider and Persistence Manager Provider.
System Administrator
The System Administrator is responsible for the configuration and
administration of the enterprise’s computing and networking infrastructure that
includes the EJB Server and Container. The System Administrator is also responsible
for overseeing the wellbeing of the deployed enterprise beans applications at
runtime.
4. System Design
4.1 DFD
A data flow diagram (DFD) is a graphical representation that depicts information
flow and the transforms that one applied as data moves from of a data flow diagram
is also known as data flow graph or bubble
4.2 UML SEQUENCE DIAGRAM
The sequence diagrams are an easy and intuitive way of describing the
system’s behavior, which focuses on the interaction between the system and
the environment. This notational diagram shows the interaction arranged in a
time sequence. The sequence diagram has two dimensions: the vertical
dimension represents the time; the horizontal dimension represents different
objects. The vertical line also called the object’s lifeline represents the object’s
existence during the interaction.
Sequence Diagram:
Fig UML Sequence Diagram
Class Diagram:
Component Diagram:
Usecase Diagram:
Activity Diagram:
4.2 System Architecture
5. System Analysis
Some general approach has been used in a distributed manner to insure the
authenticity and integrity of routing information such as key generation and
management on the prevention side. Authentication based approaches are used to
secure the integrity and the authenticity of routing messages such as . There are
some difficulties that have to be faced in realizing some of the schemes like
cryptography and they are relatively expensive on MANET because of computational
capacity. A number of intrusion detection schemes for intrusion detection system
have been presented for ad-hoc networks. In, the paper proposed architecture for a
distributed and cooperative intrusion detection system for ad-hoc networks based on
statistical anomaly detection techniques but they have not properly mentioned about
the simulation scenario and the type of mobility they have used. In, A. Mishra
emphasizes the challenge for intrusion detection in ad-hoc network and purpose the
use of anomaly implementation for the problem.
Intrusion Detection Module:
A. Local Data Collection:
The local data collection module collects data streams of various information, traffic
patterns and attack traces from physical, MAC and network layers via association
module. The data streams can include system, user and mobile nodes’
communication activities within the radio range.
B. Local Detection:
The local detection module consists of anomaly detection engine. The local detection
module analyzes the local data traces gathered by the local data collection module
for evidence of anomalies. A normal profile is an aggregated rule set of multiple
training data segments. New and updated detection rules across ad-hoc networks are
obtained from normal profile. The normal profile consists of normal behavior patterns
that are computed using trace data from a training process where all activities are
normal. During testing process, normal and abnormal activities are processed and
any deviations from the normal profiles are recorded. The anomaly detection
distinguishes normalcy from anomalies as of the deviation data by comparing with
the test data profiles with the expected normal profiles. If any detection rules deviate
beyond a threshold interval and if it has a very high accuracy rate it can determine
independently that the network is under attack and initiates the alert management.
C. Cooperative Detection:
When the support and confidence level is low or intrusion evidence is weak and
inconclusive in the detecting node then it can make collaborative decision by
gathering intelligence from its surrounding nodes via protected communication
channel. The decision of cooperative detection is based on the majority of the voting
of the received reports indicating an intrusion or anomaly.
D. Alert Management:
The alert management receives the alert from the local detection or co-operative
detection depending on the strength of intrusion evidence. It collects them in the
alert cache for t seconds. If there are more abnormal predictions than the normal
predictions then it is regarded as “abnormal” and with adequate information an
alarm is generated to inform that an intrusive activity is in the system.
System Testing and Implementation
System Testing:
The system once finished has to go through a series of testing in order to ensure
that it works the way it ought to. The various types of testing measures to be taken
are:
Test to see if the requirements are taken care of.
Test to see if all the inputs are handled effectively.
Test the system by traversing all the paths and discover my surprises.
Check if errors and the exceptions have been handled properly.
See if validations of input data are taken care of.
Types of Tests:
There are six types of test a software product must satisfy:
1. Unit Test
2. Functional Test
3. Performance Test
4. Stress Test and
5. Structural Test
6. System Test
Functional Test, Performance Test and Stress Test are known as Black box testing.
Structural Test is referred as White box or Glass Box testing.
1.Unit Testing:
Unit testing focuses verification effort on the smallest unit of software design.
Unit Testing is considered as an equivalent to coding step. After the source level code has
been developed, reviewed and verified for correct syntax, unit test case design begins. In
most of the applications, a driver is nothing more than a main program that accepts test
case data, passes such data to the module to be tested and prints the relevant results.
2.Functional Testing:
Functional Testing involves testing the system under typical operating
condition, typical input values and for typical expected results. The functional
boundaries specifies boundary within which the system can function. three types of
functional tests are done
Checking the documented functions.
Checking with maximum values.
Checking with valid input.
3.Performance Testing:
Performance Testing is conducted to identify the bottlenecks in the
system and to fine-tune the overall performance of the system.
4.Stress Testing:
Stress Testing involves overloading the system in various ways and
observing the behavior. The system is tested with high network traffic and more
number of clients. Stress test provides valuable insight about the strengths and
weakness of a system.
5.Structural Testing:
Structural Testing are concerned with examining the internal
processing logic of a program and traversing particular execution paths.
6.System Testing:
System Testing involves two kinds of activities
1.Integration Testing and
2. Acceptance Testing
1.Integration Testing:
Integrating all the functionalities since some functions work perfectly
when run alone tests the system.
Integration Testing is of two types
(a) Top down Integration Testing and
(b) Bottom-Up Integration testing.
(a) Top down Integration Testing:
In Top down Integration the top of the hierarchy is tested then one or
two immediately subordinate routines are tested.
(b) Bottom-Up Integration Testing:
First the modules at the very bottom, which have no subordinates, are
tested then these are combined with higher-level modules for testing.
2.Acceptance Testing:
Acceptance Testing involves planning and execution of functional
tests, performance tests and stress tests in order to demonstrate that the
implemented system satisfies its requirements.
QUALITY ASSURANCE
The aim of this step is to maintain or to ensure the quality of the system developed.
The quality assurance goals in the system life cycle involves
1.Quality factors specification: - This was done to determine the factors
that lead to high quality of a system.
a. Correctness- The extent to which a program meets
System specification.
b. Reliability – The degree to which a program meets system specification.
c. Efficiency - The amount of computer resources required by the entire program
to perform a function.
d. Usability – The effort required learning and operating the system.
e. Maintainability – The ease with which the program errors are located and
corrected.
f. Testability - The effort required to test a program to ensure its correct
performance.
g. Portability – The ease of transporting a program from one hardware configuration
to another.
h. Accuracy - The required precision in input editing, computation and output.
i. Error Tolerance – Error detection and correction versus error avoidance.
j. Expandability - Ease of adding or expanding existing databases.
k. Access Controls and Audit – Control of access to the system and the extent to
which that access can be audited.
l. Communication – How useful the input and output of the system are.
1.Software Requirements Specification: - This was done to generate the required
documents that provide the technical specification for the design and development of
the software.
2. Software Design Specification: - This was done in order to provide the functions
and features described in the previous stage.
3.Software Testing and Implementation: - This was done to provide necessary
software adjustment for the system to continue to comply with the original
specifications.
Quality Assurance is the review of software and related documentation for
correctness, accuracy, maintainability, reliability, and expendability. This also
includes assurances that the system meets the specifications and requirements for
its intended use performance.
Model Code
MyServerImpl.java
import java.awt.Component;
import java.awt.Frame;
import java.awt.event.ActionEvent;
import java.awt.event.ActionListener;
import java.io.*;
import java.net.InetAddress;
import java.rmi.Naming;
import java.rmi.RemoteException;
import java.rmi.server.UnicastRemoteObject;
import java.sql.*;
import java.util.StringTokenizer;
import java.util.Vector;
import java.util.Enumeration;
import java.util.Properties;
import javax.swing.*;
import java.util.Hashtable;
public class MyServerImpl extends UnicastRemoteObject implements
MyInterface, ActionListener
{
Timer t1;
Timer t2;
Timer t3;
static Boolean temp1;
static Boolean temp2;
static Boolean temp3;
static MinWin mw = null;
///////////
String userpro;
/////////////
MinWin mw1;
Hashtable pro;
public MyServerImpl()
throws RemoteException
{
pro=new Hashtable();
pro.put("admin","p2");
pro.put("admin","p1");
pro.put("eee","p2");
pro.put("eee","p1");
mw1 = null;
}
public static void main(String args[])
{
try
{
String s = "";
new emserver().start();
InetAddress inetaddress = InetAddress.getLocalHost();
MyServerImpl myserverimpl = new MyServerImpl();
s = inetaddress.getHostName();
System.out.println(s);
String s1 = "//localhost/MyServerImpl";
String s2 = s + " registered with RMI registry!";
Naming.rebind(s1, myserverimpl);
System.out.println(s2);
mw = new MinWin();
mw.setFont(new java.awt.Font("verdana", 1, 20));
mw.setForeground(new java.awt.Color(255, 255, 255));
mw.setTitle("A Novel Cross Layer Intrusion Detection System in
MANET");
mw.setDefaultCloseOperation(3);
mw.setSize(800, 600);
mw.setVisible(true);
mw.setResizable(false);
}
catch(Exception exception)
{
System.out.println("RMI Exception : " + exception + "\n");
}
}
//////////////////////////procsssss
public String getpro(String proid)throws RemoteException
{
String as[] = {"Process level Agent Activated" };
MinWin.status.setListData(as);
Vector sys=new Vector();
String ress="";
try{
if(pro.get(userpro).equals(proid))
{
if(proid.equals("p1"))
{
Properties p=System.getProperties();
Enumeration en=p.propertyNames();
ress="";
while(en.hasMoreElements())
{
String name=(String)en.nextElement();
ress=ress+name+"="+p.getProperty(name)+"\n;";
}
System.out.println("process ok"+ress);
}
if(proid.equals("p2"))
{
Runtime r=Runtime.getRuntime();
ress="TotalMemory="+r.totalMemory()+"\
n"+"FreeMemory="+r.freeMemory()+"\n";
}
}
else
{
////Mobile alert
emserver.msg="Process Level-Intruder Detected.";
System.out.println(emserver.msg+"Msg SENDED TO MOBILE");
String as1[] ={"//Process level warning//Process
level(unAuthorized Process) Request"};
MinWin.warning.setListData(as1);
String as4[] = {"Action//" +userpro + "//process access
Permission Denied"};
MinWin.message.setListData(as4);
int k =mw1.myoptionpane("Process Level Intruder
Detected.Destroy it", "Process Level Agent Warning");
if(k==0)
{
String as2[] = {"//Process level Permission Denied Killer
Agent Called"};
MinWin.action.setListData(as2);
ress="nak";
}
System.out.println("process notok"+k);
}
}catch(Exception sss){System.out.println(sss);}
return ress;
}
/////////////////////
public int sendPacket(Vector vector, int i, String s, int j, int k)
throws RemoteException
{
int l = 9;
int i1 = 0;
boolean aflag[] = new boolean[i + 1];
String s1 = "";
String as[] = {"Packet level Agent Activated" };
MinWin.status.setListData(as);
if((j <1500) & (k <500))
{
l = 4;
} else
{
for(int j1 = 1; j1 <= i; j1++)
{
aflag[j1] = false;
}
for(int k1 = 0; k1 < i; k1++)
{
try
{
int l1 = ((Integer)vector.elementAt(i1)).intValue();
i1++;
int j2 = ((Integer)vector.elementAt(i1)).intValue();
i1++;
String s2 = (String)vector.elementAt(i1);
i1++;
int k2 = s2.hashCode();
if(aflag[l1])
{
warningDisplay("System10", "Packet Level Error/packet " + l1
+ " duplicated");
l = mw1.myoptionpane("Packets duplicated.\nIntruder
Detected.\nDestroy it", "Packet Level Agent Warning");
break;
}
System.out.println(s2);
}
catch(Exception exception) { }
}
for(int i2 = 1; i2 <= i; i2++)
{
if(aflag[i2])
{
continue;
}
warningDisplay("System10", "Packet Level Error/packet " + i2 + "
Lost");
l = mw1.myoptionpane("Packets Lost.\nIntruder Detected.\
nDestroy it", "Packet Level Agent Warning");
break;
}
if(l != 0)
{
try
{
FileOutputStream fileoutputstream = new FileOutputStream(s);
BufferedReader bufferedreader = new BufferedReader(new
StringReader(s1));
int l2;
while((l2 = bufferedreader.read()) != -1)
{
fileoutputstream.write((char)l2);
}
fileoutputstream.close();
bufferedreader.close();
}
catch(Exception exception1) { }
}
}
return l;
}
public String getConnect(String s, String s1, int i, int j, String s2,String os)
throws RemoteException
{
userpro=s;
String s3 = "";
try
{
System.out.println(os);
dbcon ob=new dbcon();
String ssss=ob.checkip(os);
if(ssss.equals("ok"))
{
if(s2.equals("36363"))
{
}
s3="sysint";
//////////////////
int l1=0;
ListModel listmodel1 = MinWin.warning.getModel();
String as1[] = new String[listmodel1.getSize() + 2];
for(l1 = 0; l1 < listmodel1.getSize(); l1++)
{
as1[l1] = listmodel1.getElementAt(l1).toString();
}
as1[l1] = s2 + "//System level warning//System
level(unsupported OS) Request";
MinWin.warning.setListData(as1);
ListModel listmodel2 = MinWin.action.getModel();
String as2[] = new String[listmodel2.getSize() + 1];
for(l1 = 0; l1 < listmodel2.getSize(); l1++)
{
as2[l1] = listmodel2.getElementAt(l1).toString();
}
as2[l1] = s2 + "//System level Permission Denied Killer
Agent Called";
MinWin.action.setListData(as2);
ListModel listmodel3 = MinWin.message.getModel();
String as3[] = new String[listmodel3.getSize() + 2];
for(l1 = 0; l1 < listmodel3.getSize(); l1++)
{
as3[l1] = listmodel3.getElementAt(l1).toString();
}
as3[l1++] = "Warning//" + s2 + "//System level
warning//UnSupported System Login Request" + " Intruder";
as3[l1] = "Action//" + s2 + "//System level Permission
Denied Killer Agent Called";
MinWin.message.setListData(as3);
// int i = 0;
ListModel listmodel = MinWin.warning.getModel();
String as[] = new String[listmodel.getSize() + 1];
for(i = 0; i < listmodel.getSize(); i++)
{
as[i] = listmodel.getElementAt(i).toString();
}
as[i] = "//System level Agent Activated";
MinWin.status.setListData(as);
///////////////////
}
else
{
mw1 = mw;
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
Connection connection =
DriverManager.getConnection("jdbc:odbc:networktraffic");
Statement statement = connection.createStatement();
ResultSet resultset = statement.executeQuery("select * from detail
where username='" + s + "' and password='" + s1 + "'");
if(resultset.next())
{
StringTokenizer stringtokenizer = new
StringTokenizer(resultset.getString(8), ",");
boolean flag = true;
while(stringtokenizer.hasMoreTokens())
{
int i1 = Integer.parseInt(stringtokenizer.nextToken());
int j1 = Integer.parseInt(stringtokenizer.nextToken());
int k1 = Integer.parseInt(stringtokenizer.nextToken());
System.out.println(i1 + j1 + k1);
if(i1 == j)
{
if(i > j1 && i < k1)
{
s3 = s3 + resultset.getString(3) + "," +
resultset.getString(4) + "," + resultset.getString(5) + "," +
resultset.getString(6) + "," + resultset.getString(7);
} else
{
s3 = "Denied";
int l1 = 0;
ListModel listmodel1 = MinWin.warning.getModel();
String as1[] = new String[listmodel1.getSize() + 2];
for(l1 = 0; l1 < listmodel1.getSize(); l1++)
{
as1[l1] = listmodel1.getElementAt(l1).toString();
}
as1[l1] = s2 + "//user level warning//Untime Login
Request";
MinWin.warning.setListData(as1);
ListModel listmodel2 = MinWin.action.getModel();
String as2[] = new String[listmodel2.getSize() + 1];
for(l1 = 0; l1 < listmodel2.getSize(); l1++)
{
as2[l1] = listmodel2.getElementAt(l1).toString();
}
as2[l1] = s2 + "//Login Permission Denied";
MinWin.action.setListData(as2);
ListModel listmodel3 = MinWin.message.getModel();
String as3[] = new String[listmodel3.getSize() + 2];
for(l1 = 0; l1 < listmodel3.getSize(); l1++)
{
as3[l1] = listmodel3.getElementAt(l1).toString();
}
as3[l1++] = "Warning//" + s2 + "//user level
warning//Untime Login Request" + " Intruder";
as3[l1] = "Action//" + s2 + "//Login Permission Denied";
MinWin.message.setListData(as3);
}
}
}
} else
{
int k = mw1.myoptionpane("Intruder Detected.Destroy it", "User
Level Agent Warning");
if(k == 0)
{
s3 = "Exit";
warningDisplay(s2, s2 + "//User level Exception//Trying to match
password");
boolean flag1 = false;
ListModel listmodel = MinWin.hostname.getModel();
String as[] = new String[listmodel.getSize() - 1];
for(int l = 0; l < listmodel.getSize(); l++)
{
if(!listmodel.getElementAt(l).toString().equals(s2))
{
as[l] = listmodel.getElementAt(l).toString();
}
}
MinWin.hostname.setListData(as);
MinWin.hostname1.setListData(as);
} else
{
s3 = "null";
}
}
///////
}
//////
}
catch(Exception exception)
{
System.out.println(exception);
}
return s3;
}
public String getagent(String s)
throws RemoteException
{
String s1 = "";
File file;
if(s.equals("user"))
{
System.out.println("user level agent move..");
int i = 0;
ListModel listmodel = MinWin.warning.getModel();
String as[] = new String[listmodel.getSize() + 1];
for(i = 0; i < listmodel.getSize(); i++)
{
as[i] = listmodel.getElementAt(i).toString();
}
as[i] = "//User level Agent Activated";
MinWin.status.setListData(as);
file = new File("user.class");
} else
{
System.out.println("packet level agent move..");
file = new File("packet.class");
}
try
{
FileInputStream fileinputstream = new FileInputStream(file);
boolean flag = false;
int j;
while((j = fileinputstream.read()) != -1)
{
String s2 = String.valueOf((char)j);
s1 = s1 + s2;
}
}
catch(Exception exception) { }
//System.out.println(s1);
System.out.println("agent end..");
return s1;
}
public void addHost(String s)
throws RemoteException
{
try
{
int i = 0;
ListModel listmodel = MinWin.hostname.getModel();
String as[] = new String[listmodel.getSize() + 1];
for(i = 0; i < listmodel.getSize(); i++)
{
as[i] = listmodel.getElementAt(i).toString();
}
as[i] = s;
MinWin.hostname.setListData(as);
MinWin.hostname1.setListData(as);
}
catch(Exception exception)
{
System.out.println(exception);
}
}
public String getipaddress()
throws RemoteException
{
String s = "";
try
{
InetAddress inetaddress = InetAddress.getLocalHost();
s = inetaddress.getHostName();
}
catch(Exception exception) { }
return s;
}
public Action LoadAction1()
{
System.out.println("in l1");
return new AbstractAction("waiting") {
public void actionPerformed(ActionEvent actionevent)
{
t1.stop();
System.out.println("left l1");
MyServerImpl.temp1 = Boolean.FALSE;
}
};
}
public Action LoadAction2()
{
System.out.println("l2");
return new AbstractAction("waiting") {
public void actionPerformed(ActionEvent actionevent)
{
t2.stop();
System.out.println("left l2");
MyServerImpl.temp2 = Boolean.FALSE;
}
};
}
public Action LoadAction3()
{
System.out.println("l3");
return new AbstractAction("waiting") {
public void actionPerformed(ActionEvent actionevent)
{
t3.stop();
System.out.println("left l3");
MyServerImpl.temp3 = Boolean.FALSE;
}
};
}
public void actionPerformed(ActionEvent actionevent)
{
}
public String getConnect(String s, String s1)
throws RemoteException
{
String s2 = "";
try
{
int i = 0;
ListModel listmodel = MinWin.status.getModel();
String as[] = new String[listmodel.getSize() + 2];
for(i = 0; i < listmodel.getSize(); i++)
{
as[i] = listmodel.getElementAt(i).toString();
}
as[i++] = "User level Agent Activated";
as[i] = "User level Agent Started";
MinWin.status.setListData(as);
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
Connection connection =
DriverManager.getConnection("jdbc:odbc:networktraffic");
Statement statement = connection.createStatement();
ResultSet resultset = statement.executeQuery("select * from detail
where username='" + s + "' and password='" + s1 + "'");
if(resultset.next())
{
s2 = s2 + resultset.getString(3) + "," + resultset.getString(4) + ","
+ resultset.getString(5) + "," + resultset.getString(6) + "," +
resultset.getString(7);
} else
{
s2 = "null";
}
System.out.println(s2);
}
catch(Exception exception)
{
System.out.println(exception);
}
return s2;
}
public String getConnection(String s, String s1, String s2)
throws RemoteException
{
System.out.println("temp1 :=" + temp1.toString());
System.out.println("temp2 :=" + temp2.toString());
System.out.println("temp3 :=" + temp3.toString());
if(temp1 == Boolean.FALSE)
{
System.out.println("in temp1");
temp1 = Boolean.TRUE;
t1 = new Timer(19999, LoadAction1());
t1.start();
String s3 = getConnect(s, s1);
return s3;
}
if(temp2 == Boolean.FALSE)
{
System.out.println("in temp2");
temp2 = Boolean.TRUE;
t2 = new Timer(19999, LoadAction2());
t2.start();
String s4 = getConnect(s, s1);
return s4;
}
if(temp3 == Boolean.FALSE)
{
System.out.println("in temp3");
temp3 = Boolean.TRUE;
t3 = new Timer(19999, LoadAction3());
t3.start();
String s5 = getConnect(s, s1);
return s5;
}
int i = 0;
ListModel listmodel = MinWin.warning.getModel();
String as[] = new String[listmodel.getSize() + 1];
for(i = 0; i < listmodel.getSize(); i++)
{
as[i] = listmodel.getElementAt(i).toString();
}
as[i] = s2 + "//user level warning//Resource busy";
MinWin.warning.setListData(as);
ListModel listmodel1 = MinWin.action.getModel();
String as1[] = new String[listmodel1.getSize() + 1];
for(i = 0; i < listmodel1.getSize(); i++)
{
as1[i] = listmodel1.getElementAt(i).toString();
}
as1[i] = s2 + "//Resource Request Denied";
MinWin.action.setListData(as1);
ListModel listmodel2 = MinWin.message.getModel();
String as2[] = new String[listmodel2.getSize() + 2];
for(i = 0; i < listmodel2.getSize(); i++)
{
as2[i] = listmodel2.getElementAt(i).toString();
}
as2[i++] = "Warning//" + s2 + "//user level warning//Resource busy" + "
Intruder";
as2[i] = "Action//" + s2 + "//Resource Request Denied";
MinWin.message.setListData(as2);
return "wait";
}
public void warningDisplay(String s, String s1)
throws RemoteException
{
try
{
int i = 0;
ListModel listmodel = MinWin.warning.getModel();
String as[] = new String[listmodel.getSize() + 1];
for(i = 0; i < listmodel.getSize(); i++)
{
as[i] = listmodel.getElementAt(i).toString();
}
as[i] = s1;
MinWin.warning.setListData(as);
ListModel listmodel1 = MinWin.action.getModel();
String as1[] = new String[listmodel1.getSize() + 1];
for(i = 0; i < listmodel1.getSize(); i++)
{
as1[i] = listmodel1.getElementAt(i).toString();
}
as1[i] = s + "//killed Process";
MinWin.action.setListData(as1);
ListModel listmodel2 = MinWin.message.getModel();
String as2[] = new String[listmodel2.getSize() + 2];
for(i = 0; i < listmodel2.getSize(); i++)
{
as2[i] = listmodel2.getElementAt(i).toString();
}
as2[i++] = "Warning//" + s1 + "Intruder";
as2[i] = "Action//" + s + "//killed Process";
MinWin.message.setListData(as2);
}
catch(Exception exception)
{
System.out.println(exception);
}
}
public void delHost(String s)
throws RemoteException
{
try
{
MinWin.filesel = "";
boolean flag = false;
ListModel listmodel = MinWin.hostname.getModel();
String as[] = new String[listmodel.getSize() + 1];
for(int i = 0; i < listmodel.getSize(); i++)
{
as[i] = listmodel.getElementAt(i).toString();
if(as[i].equals(s))
{
for(int j = i; j < listmodel.getSize(); j++)
{
as[j] = as[j + 1];
}
as[listmodel.getSize() - 1] = "";
}
}
MinWin.hostname.setListData(as);
MinWin.hostname1.setListData(as);
}
catch(Exception exception)
{
System.out.println(exception);
}
}
static
{
temp1 = Boolean.FALSE;
temp2 = Boolean.FALSE;
temp3 = Boolean.FALSE;
}
}
Login.java
import java.io.*;
import javax.swing.*;
import java.awt.event.*;
import java.lang.*;
import java.awt.*;
import javax.swing.filechooser.FileSystemView;
import java.util.StringTokenizer;
import java.net.InetAddress;
import java.rmi.Naming;
import java.util.Date;
import java.util.Vector;
import java.util.Random;
public class login
{
public static void main(String aa[])
{
try
{
login1 log1=new login1();
log1.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
log1.setSize(800,600);
log1.setVisible(true);
log1.setResizable(false);
log1.setTitle("A Novel Cross Layer Intrusion Detection System in
MANET");
String host1="";
InetAddress a=InetAddress.getLocalHost();
host1=a.getHostName();
MyInterface
myin=(MyInterface)Naming.lookup("//localhost/MyServerImpl");
myin.addHost(host1);
}
catch(Exception e)
{
}
}
}
class login1 extends JFrame implements ActionListener,Runnable
{
//login
JLabel username,password,agenttext,agenttext1,
agenttext3,loginbanner,profile,name,name1,age,age1,sex,sex1,address,addr
ess1,phone,phone1;
JTextField usertext;
JPasswordField passtext;
JButton submit,reset,exit,back;
JOptionPane op;
JPanel jp=null;
JPanel jp1=null;
JPanel jp2=null;
/////////////
JTextField proid;
JButton probut;
JTextArea prores;
JScrollPane sp;
/////////////
int nooftry=0;
JMenuBar mbar;
JMenu file;
JMenuItem filepackets,fileexit,fileagent,fileback;
JLabel
pack,filesel,trastatus,noofpacks,noofpacks1,packsize,packsize1,status,status1
,notes;
JTextArea filepath;
JButton browse,send;
JFileChooser jfc;
String f2,s2;
MyInterface myin=null;
boolean flag=true;
static int stat=0;
static String agen="";
public login1()
{
Thread tt=new Thread(this);
tt.start();
jp=new JPanel();
jp.setLayout(null);
jp.setBackground(new Color(0, 116, 232));
// getContentPane().setLayout(null);
jp1=new JPanel();
jp1.setLayout(null);
jp1.setBackground(new Color(128, 128, 0));
jp2=new JPanel();
jp2.setLayout(null);
jp2.setBackground(new Color(128, 128, 0));
//loginform impl
op=new JOptionPane();
agenttext=new JLabel("");
agenttext.setBounds(100,50,600,40);
agenttext.setFont(new Font("alpha",Font.ITALIC,25));
agenttext.setForeground(new Color(64,0,0));
username=new JLabel("ID");
username.setForeground(new Color(155,244,244));
username.setBounds(250,150,100,25);
password=new JLabel("KEY");
password.setForeground(new Color(155,244,244));
password.setBounds(250,210,100,25);
loginbanner=new JLabel(new ImageIcon("login.jpg"));
jp.setBounds(0,0,800,600);
submit=new JButton("Submit");
submit.setBackground(new Color(255,204,204));
submit.setForeground(new Color(0,0,255));
submit.setBounds(200,270,75,25);
reset=new JButton("Reset");
reset.setBackground(new Color(255,204,204));
reset.setForeground(new Color(0,0,255));
reset.setBounds(300,270,75,25);
exit=new JButton("Exit");
exit.setBackground(new Color(255,204,204));
exit.setForeground(new Color(0,0,255));
exit.setBounds(400,270,100,25);
usertext=new JTextField();
usertext.setForeground(new Color(0,0,255));
usertext.setBounds(350,150,100,25);
passtext=new JPasswordField();
passtext.setForeground(new Color(0,0,255));
passtext.setBounds(350,210,100,25);
//getContentPane().add(jp);
jp.add(agenttext);
jp.add(username);
jp.add(password);
jp.add(submit);
jp.add(reset);
jp.add(exit);
jp.add(usertext);
jp.add(passtext);
submit.addActionListener(this);
reset.addActionListener(this);
exit.addActionListener(this);
//profile display
agenttext3=new JLabel("A Novel Cross Layer Intrusion Detection
System in MANET");
agenttext3.setBounds(50,50,600,40);
agenttext3.setFont(new Font("verdana",1,18));
agenttext3.setForeground(new Color(255,255,255));
////////////////
proid=new JTextField();
proid.setForeground(new Color(0,0,255));
proid.setBounds(500,100,100,25);
probut=new JButton("GetResult");
probut.setBackground(new Color(255,204,204));
probut.setForeground(new Color(0,0,255));
probut.setBounds(600,100,100,25);
probut.addActionListener(this);
prores=new JTextArea();
prores.setForeground(new Color(0,0,255));
sp = new JScrollPane();
sp.setViewportView(prores);
sp.setBounds(500,150,200,200);
//prores.setVisible(false);
//JScrollPane sp = new JScrollPane(prores);
////////////////
name=new JLabel("NAME");
name.setBounds(275,100,100,40);
name.setForeground(new Color(155,244,244));
age=new JLabel("AGE");
age.setBounds(275,150,100,40);
age.setForeground(new Color(155,244,244));
sex=new JLabel("SEX");
sex.setBounds(275,200,100,40);
sex.setForeground(new Color(155,244,244));
address=new JLabel("ADDRESS");
address.setBounds(275,250,100,40);
address.setForeground(new Color(155,244,244));
phone=new JLabel("PHONE");
phone.setBounds(275,300,100,40);
phone.setForeground(new Color(155,244,244));
name1=new JLabel();
name1.setBounds(425,100,200,40);
name1.setForeground(new Color(155,244,244));
age1=new JLabel();
age1.setBounds(425,150,200,40);
age1.setForeground(new Color(155,244,244));
sex1=new JLabel();
sex1.setBounds(425,200,200,40);
sex1.setForeground(new Color(155,244,244));
address1=new JLabel();
address1.setBounds(425,250,200,40);
address1.setForeground(new Color(155,244,244));
phone1=new JLabel();
phone1.setBounds(425,300,200,40);
phone1.setForeground(new Color(155,244,244));
///////////notess
notes=new JLabel("Notes:ProcessId p1:System properties, p2:memory");
notes.setBounds(450,450,300,20);
notes.setForeground(new Color(155,244,244));
//////////
back=new JButton("BACK");
back.setBounds(365,350,75,25);
getContentPane().add(jp1);
jp1.add(notes);
jp1.add(name);
jp1.add(name1);
jp1.add(age);
jp1.add(age1);
jp1.add(sex);
jp1.add(sex1);
jp1.add(address);
jp1.add(address1);
jp1.add(phone);
jp1.add(phone1);
jp1.add(back);
jp1.add(agenttext3);
jp1.add(proid);
jp1.add(probut);
jp1.add(sp);
jp1.setVisible(false);
back.addActionListener(this);
mbar=new JMenuBar();
file=new JMenu("File");
filepackets=new JMenuItem("Packets");
fileback=new JMenuItem("Back");
fileexit=new JMenuItem("Exit");
file.add(filepackets);
file.add(fileback);
file.add(fileexit);
mbar.add(file);
fileexit.addActionListener(this);
filepackets.addActionListener(this);
fileback.addActionListener(this);
//pack display
agenttext1=new JLabel("A Novel Cross Layer Intrusion Detection
System in MANET");
agenttext1.setBounds(100,50,600,40);
agenttext1.setFont(new Font("verdana",1,18));
agenttext1.setForeground(new Color(255,255,255));
pack=new JLabel(new ImageIcon("login1.gif"));
jp2.setBounds(0,0,800,600);
filesel=new JLabel("Select A File");
filesel.setBounds(100,100,100,40);
filesel.setFont(new Font("verdana",1,13));
filesel.setForeground(new Color(155,244,244));
filepath=new JTextArea();
filepath.setText(" ");
filepath.setBounds(100,150,400,25);
browse=new JButton("BROWSE");
browse.setBounds(550,150,100,25);
send=new JButton("SEND");
send.setBounds(350,180,100,25);
trastatus=new JLabel("Transmision Status");
trastatus.setBounds(325,210,150,40);
trastatus.setFont(new Font("verdana",1,13));
trastatus.setForeground(new Color(155,244,244));
noofpacks=new JLabel("No Of Packets");
noofpacks.setBounds(200,260,100,40);
noofpacks.setFont(new Font("verdana",1,13));
noofpacks.setForeground(new Color(155,244,244));
packsize=new JLabel("Packets Size");
packsize.setBounds(200,310,100,40);
packsize.setFont(new Font("verdana",1,13));
packsize.setForeground(new Color(155,244,244));
status=new JLabel("Process Status");
status.setBounds(200,360,150,40);
status.setFont(new Font("verdana",1,13));
status.setForeground(new Color(155,244,244));
noofpacks1=new JLabel();
noofpacks1.setBounds(500,260,100,40);
packsize1=new JLabel();
packsize1.setBounds(500,310,100,40);
status1=new JLabel();
status1.setBounds(500,360,100,40);
getContentPane().add(jp2);
jp2.add(filesel);
jp2.add(trastatus);
jp2.add(noofpacks);
jp2.add(noofpacks1);
jp2.add(packsize);
jp2.add(packsize1);
jp2.add(status);
jp2.add(status1);
jp2.add(filepath);
jp2.add(browse);
jp2.add(send);
jp2.add(agenttext1);
jp2.setVisible(false);
browse.addActionListener(this);
send.addActionListener(this);
getContentPane().add(jp);
jp.setBounds(0, 0, 800, 580);
getContentPane().add(jp);
jp1.setBounds(0, 0, 800, 580);
getContentPane().add(jp2);
jp2.setBounds(0, 0, 800, 580);
}
public void actionPerformed(ActionEvent e)
{
if(e.getSource()==submit)
{
try
{
MyInterface
myinu=(MyInterface)Naming.lookup("//localhost/MyServerImpl");
agen=myinu.getagent("user");
File f=new File("useragent.class");
FileOutputStream fos=new FileOutputStream(f);
byte[] b=agen.getBytes();
//System.out.println(new String(b));
fos.write(b);
fos.close();
}
catch(Exception er)
{
}
//System.out.println(agen);
try
{
if(usertext.getText().trim().equals(""))
{
op.showConfirmDialog(this,"Enter The
ID","Error",JOptionPane.DEFAULT_OPTION,JOptionPane.ERROR_MESSAGE);
usertext.grabFocus();
}
else
{
if(passtext.getText().trim().equals(""))
{
op.showConfirmDialog(this,"Enter The
KEY","Error",JOptionPane.DEFAULT_OPTION,JOptionPane.ERROR_MESSAGE);
passtext.grabFocus();
}
else
{
String host1="";
InetAddress a=InetAddress.getLocalHost();
host1=a.getHostName();
MyInterface
myin=(MyInterface)Naming.lookup("//localhost/MyServerImpl");
Date da=new Date();
int ti=da.getHours()*100+da.getMinutes();
int week=da.getDay();
System.out.println(ti+"\n");
System.out.println(week);
String
temp1=myin.getConnect(usertext.getText(),passtext.getText(),ti,week,host1,
System.getProperty("os.name"));
///////////////////////
//MyInterface
myin=(MyInterface)Naming.lookup("//localhost/MyServerImpl");
//myin.getpro("p1");
////////////////////////
if(temp1.equals("sysint"))
{
int rt=op.showConfirmDialog(this,"YOU ARE A
SYSTEM LEVEL
INTRUDER","Error",JOptionPane.DEFAULT_OPTION,JOptionPane.ERROR_MESSA
GE);
if(rt==0)
{
System.exit(0);
}
}
if(temp1.equals("Denied"))
{
int rt=op.showConfirmDialog(this,"YOU ARE
A
INTRUDER","Error",JOptionPane.DEFAULT_OPTION,JOptionPane.ERROR_MESSA
GE);
if(rt==0)
{
System.exit(0);
}
}
else
{
if(temp1.equals("Exit"))
{
System.exit(0);
}
else
{
if(temp1.equals("null"))
{
op.showConfirmDialog(this,"SORRY DON'T TRY AGAIN-YOU ARE A
INTRUDER
","Error",JOptionPane.DEFAULT_OPTION,JOptionPane.ERROR_MESSAGE);
nooftry++;
if(nooftry>5)
{
myin.warningDisplay(host1,host1+"//User level Exception//Trying to
match password");
myin.delHost(host1);
System.exit(1);
}
}
else
{
String
temp=myin.getConnection(usertext.getText(),passtext.getText(),host1);
if(temp.equals("wait"))
{
op.showConfirmDialog(this,"NETWORK IS
BUSY","Error",JOptionPane.DEFAULT_OPTION,JOptionPane.ERROR_MESSAGE);
usertext.setText("");
passtext.setText("");
}
else
{
StringTokenizer
token=new StringTokenizer(temp,",");
int k=1;
while(token.hasMoreTokens())
{
String nextToken =
token.nextToken();
System.out.println(nextToken);
if(k==1)
{
name1.setText(nextToken);
}
if(k==2)
{
age1.setText(nextToken);
}
if(k==3)
{
sex1.setText(nextToken);
}
if(k==4)
{
address1.setText(nextToken);
}
if(k==5)
{
phone1.setText(nextToken);
}
k++;
}
jp.setVisible(false);
jp1.setVisible(true);
setJMenuBar(mbar);
submit.setEnabled(false);
reset.setEnabled(false);
exit.setEnabled(false);
usertext.setEnabled(false);
passtext.setEnabled(false);
}
}
}
}
}
}
}
catch(Exception e1)
{
System.out.println(e1);
}
}
if(e.getSource()==reset)
{
usertext.setText("");
passtext.setText("");
}
if(e.getSource()==exit)
{
System.exit(0);
}
if(e.getSource()==fileexit)
{
try
{
String host1="";
InetAddress a=InetAddress.getLocalHost();
host1=a.getHostName();
MyInterface
myin=(MyInterface)Naming.lookup("//localhost/MyServerImpl");
myin.delHost(host1);
System.exit(0);
}
catch(Exception e1)
{
}
}
/////////////////////////////procccccccccc
if(e.getSource()==probut)
{
try{
MyInterface
myine=(MyInterface)Naming.lookup("//localhost/MyServerImpl");
String result="myin.getpro";
result=myine.getpro(proid.getText());
if(result.equals("nak"))
{
op.showConfirmDialog(this,"Your are a Process Level
Intruder","Alert",JOptionPane.DEFAULT_OPTION,JOptionPane.ERROR_MESSAG
E);
System.exit(0);
}
StringTokenizer res=new StringTokenizer(result,";");
while(res.hasMoreTokens())
{
prores.append(res.nextToken());
}
}catch(Exception ew)
{op.showConfirmDialog(this,ew,"Error",JOptionPane.DEFAULT_OPTION,JOption
Pane.ERROR_MESSAGE);}
}
//////////////////////////////
if(e.getSource()==filepackets)
{
jp.setVisible(false);
setJMenuBar(mbar);
jp1.setVisible(false);
jp2.setVisible(true);
submit.setEnabled(false);
reset.setEnabled(false);
exit.setEnabled(false);
usertext.setEnabled(false);
passtext.setEnabled(false);
}
if(e.getSource()==fileback)
{
jp.setVisible(false);
setJMenuBar(mbar);
jp1.setVisible(true);
jp2.setVisible(false);
submit.setEnabled(false);
reset.setEnabled(false);
exit.setEnabled(false);
usertext.setEnabled(false);
passtext.setEnabled(false);
}
if(e.getSource()==back)
{
jp.setVisible(true);
jp1.setVisible(false);
submit.setEnabled(true);
reset.setEnabled(true);
exit.setEnabled(true);
usertext.setEnabled(true);
passtext.setEnabled(true);
prores.setText("");
}
if(e.getSource()==browse)
{
FileDialog jfc=new
FileDialog(this,"SELECT",FileDialog.LOAD);
jfc.show();
f2=jfc.getDirectory();
s2=jfc.getFile();
filepath.setText(f2+s2);
}
if(e.getSource()==send)
{
try
{
MyInterface
myina=(MyInterface)Naming.lookup("//localhost/MyServerImpl");
agen=myina.getagent("packet");
////
File fff=new File("packetagent.class");
FileOutputStream fos=new FileOutputStream(fff);
byte[] c=agen.getBytes();
fos.write(c);
fos.close();
File f=new File(filepath.getText());
FileInputStream fis=new FileInputStream(f);
int nop=8;
//int len=(int)f.length();
Random ran1=new Random();
int size1=1024;
int len=(int)f.length();
size1=ran1.nextInt(size1);
int nop1=len/size1;
while(nop1<5)
{
size1=ran1.nextInt(size1);
nop1=len/size1;
}
int size=len/8;
noofpacks1.setText(String.valueOf(nop1));
packsize1.setText(String.valueOf(size1));
//
if(len%size1>0)
{
nop1=nop+1;
}
if(len%8>0)
{
nop=9;
}
byte b[]=new byte[size];
int k=0,i=0,j=1;
Vector v=new Vector();
Random ran=new Random();
int l=ran.nextInt(nop);
int m=ran.nextInt(nop);
//int n=ran.nextInt(nop);
System.out.println(l +" "+m);
while((k=fis.read(b))!=-1)
{
String mes=new String(b,0,k);
int hash=mes.hashCode();
if(j==l)
{
}
else
{
if(j==m)
{
Integer ha=new Integer(hash);
Integer pcno=new Integer(j);
v.addElement(pcno);
v.addElement(ha);
v.addElement(mes+"alpha");
}
else
{
/*if(j==n)
{
Integer ha=new
Integer(hash);
Integer pcno=new
Integer(j);
v.addElement(pcno);
v.addElement(ha);
v.addElement(mes);
v.addElement(pcno);
v.addElement(ha);
v.addElement(mes);
}
else
{*/
Integer ha=new
Integer(hash);
Integer pcno=new
Integer(j);
v.addElement(pcno);
v.addElement(ha);
v.addElement(mes);
//}
}
}
status1.setText(j +"th packet sent");
j++;
}
System.out.println("aa");
String host1="";
InetAddress a=InetAddress.getLocalHost();
host1=a.getHostName();
myin=(MyInterface)Naming.lookup("//localhost/MyServerImpl");
int sta=myin.sendPacket(v,nop,s2,nop1,size1);
if(sta==4)
{
noofpacks1.setText(String.valueOf(nop1));
packsize1.setText(String.valueOf(size1));
System.out.println(nop1);
status1.setText("Completed");
}
else
{
status1.setText("Aborted");
noofpacks1.setText(String.valueOf(nop1));
packsize1.setText(String.valueOf(size1));
System.out.println(nop1);
status1.setText("Aborted");
}
}
catch(Exception ee)
{
System.out.println(ee);
status1.setText("Aborted");
}
}
}
public void run()
{
System.out.println("started");
while(flag)
{
System.out.println(stat);
//System.out.println(login1.agen);
if(stat!=0)
{
System.exit(0);
}
}
}
}
Screen Shots:
Implementation:
When a hacker attacks a system, the ideal response would be to stop his
activity before he can cause any damage or gain access to any sensitive information.
This would require recognition of the attack as it takes place. Different models of
intrusion detection have been developed, and much IDS software is available for use.
Commercial IDS products such as Net Ranger, Real Secure, and Omni guard Intruder
Alert work on attack signatures. These signatures needed to be updated by the
vendors on a regular basis in order to protect from new types of attacks. However, no
detection system can catch all types of intrusions and each model has its strengths
and weaknesses in detecting different violations in networked computer systems.
Recently, researchers started investigating techniques like artificial intelligence,
autonomous agents and mobile agent for detecting intrusion in network environment.
Most existing intrusion detection systems either use packet-level information or user
activities to make decisions on intrusive activities. In this paper, an agent-based
intrusion detection system is described that can simultaneously monitor network
activities at different levels (such as packet level, process level, system level, and
user level). This MANET system represents a novel approach to distributed intrusion
detection. The system emulates some mechanisms of the human immunity system
and features distributed identification of anomalies and decentralized control of
decisions and responses to those anomalies.
7. Conclusion and Future Scope
Mobile-agents can be used to build network monitoring systems System
presented is dynamic configurable and extensible, actively monitors networks,
secure, robust and has acceptable resource usage be to stop his activity before he
can cause any damage or gain access to any sensitive information. This would
require recognition of the attack as it takes place. Different models of intrusion
detection have been developed and much IDS software is available for use.
Commercial IDS products such as NetRanger, RealSecure, and Omniguard Intruder
Alert work on attack signatures. These signatures needed to be updated by the
vendors on a regular basis in order to protect from new types of attacks.
APPENDICES:
A.1 BIBLIOGRAPHY:
REFERENCES:
1] Michael Peirce, Donal O'Mahony “Multi-Party Payments for Mobile Services”,
Copyright. IEEE 2000.
[2] Joris Claessens , Valentin Dem,Danny De Cock, Bart Preneel,Joos Vandewalle “On
the Security of Today’s On-line Electronic Banking Systems”, Dec’2001
[3] Joris Claessens, Bart Preneel and Joos Vandewalle “Combining World Wide Web
and wireless security”, Feb’2002.
[4]J.Burgett1,S.Hussain1,C.M.Jonker2,A.Razaq1,K.Silz,Personalized,Automated
Recharge of Prepaid Mobile Phones” 1AMS Inc,51-55 Gresham street, London EC2V
7JH, [email protected] 2 Department of AI, Vrije Universiteit, De Boelelaan 1081a,1081
HV Amsterdam.
[5]Simon Buckingham www.YES2SMS.com,“success 4 SMS “ , Feb.2001.
[6] Hunter, J., and Crawford, W., (1998), Java Servlet Programming, O’Reilly and
Associates.
ANNEXURE-A.
1. Abbreviations
OOPS Object Oriented Programming Concepts
TCP/IP Transmission Control Protocol/Internet Protocol
JDBC Java Data Base Connectivity
EIS Enterprise Information Systems
BIOS Basic Input/Output System
JNDI Java Naming and Directory Interface
ORDBMS Object Relat ional Database Management System
A.2 ONLINE RESOURCES
www.jsptags.com
www.java.sun.com/products/jsp/resources.html
www.roseindia.net
www.softlandindia.com/java.html