MANET Full Document

A Novel Cross Layer Intrusion Detection System in MANET

Introduction:

1.1 Synopsis

Intrusion detection System forms a vital component of internet security. To keep

pace with the growing trends, there is a critical need to replace single layer detection

technology with multi layer detection. Different types of Denial of Service (DoS)

attacks thwart authorized users from gaining access to the networks and we tried to

detect as well as alleviate some of those attacks. In this paper, we have proposed a

novel cross layer intrusion detection architecture to discover the malicious nodes and

different types of DoS attacks by exploiting the information available across different

layers of protocol stack in order to improve the accuracy of detection. We have used

cooperative anomaly intrusion detection with data mining technique to enhance the

proposed architecture. We have implemented fixed width clustering algorithm for

efficient detection of the anomalies in the MANET traffic and also generated different

types of attacks in the network. The simulation of the proposed architecture is

performed in OPNET simulator and we got the result as we expected.

System Analysis:

Feasibility Study:

During the feasibility study, the feasibility of the project – the likelihood of the

proposed system is analyzed. We have proposed a novel cross layer intrusion

detection architecture to discover the malicious nodes and different types of DoS

attacks by exploiting the information available across different layers of protocol

stack in order to improve the accuracy of detection. We have used cooperative

anomaly intrusion detection with data mining technique to enhance the proposed

architecture. We have implemented fixed width clustering algorithm for efficient

detection of the anomalies in the MANET traffic and also generated different types of

attacks in the network. Operational Feasibility.

In compared to wired networks, MANET has to face different challenges due to its

wireless features and ad-hoc structure. The very advantage of mobility in MANET

leads to its vulnerabilities. For efficient intrusion detection, we have used cross layer

techniques in IDS. The traditional way of layering network approach with the purpose

of separating routing, scheduling, rate and power control is not efficient for ad-hoc

wireless networks. A. Goldsmith discussed that rate control, power control; medium

access and routing are building block of wireless network design. Generally, routing is

considered in a routing layer and medium access in MAC layer whereas power control

and rate control are sometimes considered in a PHY and sometimes in a MAC layer. If

there is no cross layer inter action then the routing can select between several routes

and have no information about congestion or malicious nodes. As a result, it selects a

congested route or it selects a route that includes malicious nodes. With the help of

cross layer interaction, the routing forwards possible route choices to MAC and MAC

decides the possible routes using congestion and IDS information as well as returns

the result to the routing.

The selection of correct combination of layers in the design of cross layer IDS is very

critical to detect attacks targeted at or sourced from any layers rapidly. It is optimal

to incorporate MAC layer in the cross layer design for IDS as DoS attack is better

detected at this layer. The routing protocol layer and MAC layer is chosen for

detecting routing attacks in an efficient way. Data with behavioral information

consisting of layer specific information are collected from multiple layers and forward

it to data analysis module which is located in an optimal location . This cross layer

technique incorporating IDS leads to an escalating detection rate in the number of

malicious behavior of nodes increasing the true positive and reducing false positives

in the MANET. It also alleviates the congestion which can adapt to changing network

and traffic characteristics. In order to evade congestion and reroute traffic, MAC and

routing layers have to cooperate with each other with the IDS in order to avoid

insertion of malicious nodes in the new routes. The physical layer collects various

types of communication activities including remote access and logons, user activities,

data traffics and attack traces. MAC contains information regarding congestion and

interference. The detection mechanism for misbehaving nodes interacts with routing

layer for the detection process as MAC layers also help in detection of certain routing

attacks. MAC also interacts with

the physical layer to determine the quality of suggested path . By combining cross

layer features, attacks between the layers inconsistency can be detected.

Furthermore, these schemes provide a comprehensive detection mechanism for all

the layers i.e attacks originating from any layers can be detected with better

detection accuracy.

The main objective here is to find out whether

The system will work once it is developed and installed.

There is sufficient support for the project from the management.

The current network methods are acceptable to the users.

An investigation is conducted and as a result the following conclusions are

derived.

There is sufficient support form the managerial level

The current methods are done manually and take lot of time.

The persons involved in the current working system are met and

discussions are held with them to evolve a system with which

they have good participations and interest.

Technical feasibility

Technological feasibility analyses the following areas.

Technology and manpower is available are not.

Capacity to hold the data that is required to use the new

system.

Provision to respond to users regardless of their number and

location.

Provision for further expansion.

Guarantee of accuracy, reliability, ease of access and data

security.

An investigation is conducted and as a result the following conclusions are

derived.

The necessary technology to implement the proposed system is

available in the organization.

Main hardware equipment such as computers with the required

Capacities is also available.

Hence the system is technically feasible.

Economical Feasibility

Issues to be considered in the economical feasibility are

Financial benefits must equal or exceed the costs.

The solution should be cost effective.

Must be worth to pursue the project.

ANOMALY DETECTION MECHANISM IN MANET

The anomaly detection system creates a normal base line profile of the normal

activities of the network traffic activity. Then, the activity that diverges from the

baseline is treated as a possible intrusion. The main objective is to collect set of

useful features from the traffic to make the decision whether the sampled traffic is

normal or abnormal. Some of the advantages of anomaly detection system are it can

detect new and unknown attacks, it can detect insider attacks; and it is very difficult

for the attacker to carry out the attacks without setting off an alarm . The process of

anomaly detection comprises of two phases: training and testing. We try to build the

basic framework for normal behavior by collecting the noticeable characteristic from

the audit data. We use the data mining technique for building Intrusion detection

system to describe the anomaly detection mechanism.

A. Construction of normal Dataset

The data obtained from the audit data sources mostly contains local routing

information, data and control information from MAC and routing layers along with

other traffic statistics. The training of data may entail modeling the allotment of a

given set of training points or characteristic network traffic samples. We have to

make few assumptions so that the traced traffic from the network contains no attack

traffic:

• The normal traffic occurs more frequently than the attack traffic.

• The attack traffic samples are statistically different from the normal connections.

Since, we have used two assumptions; the attacks will appear as outliers in the

feature space resulting in detection of the attacks by analyzing and identifying

anomalies in the data set.

B. Feature construction

For feature construction, we use an unsupervised method to construct the feature

set. We use clustering algorithm to construct features from the audit data. The

feature set is created by using the audit data and most common feature set are

selected as essential feature set which has weight not smaller than the minimum

threshold. A set of considerable features should be obtained from the incoming traffic

that differentiates the normal data from the intrusive data. Few and semantic

information is captured which results in better detection performance and saves

computation time. In case of feature construction, we collect the traffic related

features as well as non-traffic related features which represents routing conditions.

We use some of the features for detecting DoS attacks and attacks that manipulate

routing protocol. The number of data packets received is used to detect unusual level

of data traffic which may indicate a DoS attack based on a data traffic flood.

C. Training normal data using cluster mechanism

We have implemented fixed-width clustering algorithm as an approach to anomaly

detection. It calculates the number of points near each point in the feature space. In

fixed width clustering technique, set of clusters are formed in which each cluster has

fixed radius w also known as cluster width in the feature space. The cluster width w is

chosen as the maximum threshold radius of a cluster.

Existing System:

It is difficult for Intrusion Detection system (IDS) to fully detect routing attacks due to

MANET’s characteristics. So, the IDS needs a scalable architecture to collect sufficient

evidences to detect those attacks effectively. A malicious node may take advantages

of the MANET node to launch routing attacks as the node acts as router to

communicate with each other. The wireless links between the nodes along with the

mobility raises the challenges of IDS to detect the attacks. Hence, we are motivated

to design a new IDS architecture which involves cross layer design to efficiently

detect the abnormalities in the wireless networks. We have proposed a new intrusion

detection architecture which incorporates cross layer that interacts between the

layers. In addition to this we have used association module to link between the OSI

protocol stack and the IDS module which results in low overhead during the data

collection. We have implemented the fixed width clustering algorithm in anomaly

detection engine for efficient detection of intrusion in the adhoc networks.

Proposed System:

Some general approach has been used in a distributed manner to insure the

authenticity and integrity of routing information such as key generation and

management on the prevention side. Authentication based approaches are used to

secure the integrity and the authenticity of routing messages such as . There are

some difficulties that have to be faced in realizing some of the schemes like

cryptography and they are relatively expensive on MANET because of computational

capacity. A number of intrusion detection schemes for intrusion detection system

have been presented for ad-hoc networks. In, the paper proposed architecture for a

distributed and cooperative intrusion detection system for ad-hoc networks based on

statistical anomaly detection techniques but they have not properly mentioned about

the simulation scenario and the type of mobility they have used. In, A. Mishra

emphasizes the challenge for intrusion detection in ad-hoc network and purpose the

use of anomaly implementation for the problem. In , Huang details an anomaly

detection technique that explores the correlations among the features of nodes and

discusses about the routing anomalies. Loo presents an intrusion detection method

using a clustering algorithm for routing attacks in sensor networks. It is able to detect

three important types of routing attacks. They are able to detect sink hole attacks

effectively which are intense form of attack. There are some flaws like there is

absence of simulation platform that can support a wider variety of attacks on larger

scale networks. Fixed width clustering algorithm has shown to be highly effective for

anomaly detection in network intrusion. It presents a geometric framework for

unsupervised anomaly detection. This paper needs more feature maps over different

kinds of data and needs to perform more extensive experiments evaluating the

methods presented.

Intrusion Detection Module:

A. Local Data Collection:

The local data collection module collects data streams of various information, traffic

patterns and attack traces from physical, MAC and network layers via association

module. The data streams can include system, user and mobile nodes’

communication activities within the radio range.

B. Local Detection:

The local detection module consists of anomaly detection engine. The local detection

module analyzes the local data traces gathered by the local data collection module

for evidence of anomalies. A normal profile is an aggregated rule set of multiple

training data segments. New and updated detection rules across ad-hoc networks are

obtained from normal profile. The normal profile consists of normal behavior patterns

that are computed using trace data from a training process where all activities are

normal. During testing process, normal and abnormal activities are processed and

any deviations from the normal profiles are recorded. The anomaly detection

distinguishes normalcy from anomalies as of the deviation data by comparing with

the test data profiles with the expected normal profiles. If any detection rules deviate

beyond a threshold interval and if it has a very high accuracy rate it can determine

independently that the network is under attack and initiates the alert management.

C. Cooperative Detection:

When the support and confidence level is low or intrusion evidence is weak and

inconclusive in the detecting node then it can make collaborative decision by

gathering intelligence from its surrounding nodes via protected communication

channel. The decision of cooperative detection is based on the majority of the voting

of the received reports indicating an intrusion or anomaly.

D. Alert Management:

The alert management receives the alert from the local detection or co-operative

detection depending on the strength of intrusion evidence. It collects them in the

alert cache for t seconds. If there are more abnormal predictions than the normal

predictions then it is regarded as “abnormal” and with adequate information an

alarm is generated to inform that an intrusive activity is in the system.

Software Requirements:

Hardware Requirement:

Minimum 1.1 GHz PROCESSOR should be on the computer.

128 MB RAM.

20 GB HDD.

1.44 MB FDD.

52x CD-ROM Drive.

MONITORS at 800x600 minimum resolution at 256 colors minimum.

I/O, One or two button mouse and standard 101-key keyboard.

Software Requirement:

Operating System : Windows 95/98/2000/NT4.0.

Technology : JAVA, RMI, JFC

Database Connectivity : JDBC.

3.3 About the Software

JAVA:

Java is used as front-end tool for developing the project. To run Java

there is no need to have any particular operating system, as it is platform

independent. This must have certain hardware and software installed on your

computer. The key considerations were summed up by the Java team in the following

list of buzzwords:

Simple

Security

Portability

Object-oriented

Robust

Multithreaded

Architecture-Neutral

Interpreted

High Performance

Distributed

Dynamic

THE JAVA 2 ENTERPRISE EDITION

The Java 2 Platform, Enterprise Edition (J2EE), has rapidly established a

new programming model for developing distributed applications. This model is based

on well-defined components that can automatically take advantage of sophisticated

platform services. These components can be developed according to standard

guidelines, combined into applications, deployed on a variety of compatible server

products, and reused for maximum programmer productivity. This model is intended

to both standardize and simplify the kind of distributed applications required for

today's networked information economy.

J2EE Platform Benefits

With features designed to expedite the process of developing

distributed applications, the J2EE platform offers several benefits:

Simplified architecture and development

Freedom of choice in servers, tools, and components

Integration with existing information systems

Scalability to meet demand variations

Flexible security model

HYPER TEXT MARKUP LANGUAGE

HTML was specifically developed to use along with the Hyper Text

Transfer Protocol (HTTP) to encode documents for display on the World Wide Web.

HTML is defined in the HTML Standard, currently Version 4.0x. HTML

standards are recommended by the World Wide Web Consortium, W3C . W3C also

oversees the standardization of technologies related to the World Wide Web and

publishes the HTTP (Hypertext Transfer Protocol) standards. HTML is initials for Hyper

Text Markup Language. HTML is pronounced one letter at a time as if you are spelling

the word HTML. It is not pronounced as "hit mill" and it is NOT a programming

language. HTML cannot be used to write programs and it cannot control the precise

layout of a web page.

Web browsers are used to view HTML documents. Two popular web

browsers are the Netscape Navigator 4.x and the Microsoft Internet Explorer 5.x.

Browsers control the layout of a web page

JavaScript:

http://www.w3c.org/

http://www.w3.org/MarkUp/

JavaScript enables you to embed commands in an HTML page.

JavaScript is powerful and simple. HTML provides a good deal of flexibility to

page authors, but HTML by itself is static; after being written, HTML

documents can’t interact with the user other than by presenting hyperlinks.

Scripting languages act as the glue that binds every thing together. JavaScript

mainly provides a fairly complete set of built- in functions and commands,

enabling you to perform math calculations, manipulates strings, play sounds,

open new windows and new URLs, and access and verify input to your web

forms.

JavaScript can also set the attributes, or properties , of web page

elements and other objects present in the browser.

This way you can change the behavior of plugs–in or other objects

without having to rewrite them. JavaScript commands

Macromedia Dreamweaver

Macromedia Dreamweaver2.0 is one of the HTML Editor

It also includes DHTML effects

It is used to connect the forms to Servlets

It is used to Hyperlinks the web pages

It is used to create Templates

It is used to attach Sound files and Animation files along with our

Source.

The JavaServer Pages(JSP):

JavaServer Pages ™ technology is the Java ™ platform

technology for building applications containing dynamic Web

content such as HTML, DHTML, XHTML and XML. The

JavaServer Pages technology enables the authoring of Web pages

that create dynamic content easily but with maximum power and

flexibility.

Advantages:

Write Once, Run Anywhere ™ properties

High quality tool support

Reuse of components and tag libraries

Separation of dynamic and static content

Support for scripting and actions

Web access layer for N-tier enterprise application architecture(s)

JSP page:

A JSP page is a text-based document that describes how to

process a request to create a response. The description intermixes

template data with some dynamic actions and leverages on the Java

Platform.The features in the JSP technology support a number of

different paradigms for authoring of dynamic content. JSP pages can be used in

combination with Servlets, HTTP, HTML, XML, Applets,JavaBeans

components and Enterprise JavaBeans components to implement a broad

variety of application architecture(s) or models.

Maximum performance and scalability through its unique design with the

Windows’NT multi-threaded architecture.

Central and easy-to-use the Graphical User Interface (GUI).

Automatic authentication of users by the Operating System.

ENTERPRISE JAVABEAN (EJB):

EJB is a standard server side component model for component

transaction monitors.It automatically takes in to account many of the

requirements of business systems-security,resourse

pooling,persistence,concurrency and transasction integrity.

Overall goals

The Enterprise JavaBeans (EJB) architecture has the following goals:

• The Enterprise JavaBeans architecture will be the standard component

architecture for building distributed object-oriented business applications in the Java

programming language. The Enterprise JavaBeans architecture will make it possible

to build distributed applications by combining components developed using tools

from different vendors.

• The Enterprise JavaBeans architecture will make it easy to write applications.

Application developers will not have to understand low-level transaction and state

management details, multi-threading, connection pooling, and other complex low-

level APIs.

• Enterprise JavaBeans applications will follow the “Write Once, Run Anywhere”

philosophy of the Java programming language. An enterprise Bean can be developed

once, and then deployed on multiple platforms without recompilation or source code

modification.

• The Enterprise JavaBeans architecture will address the development,

deployment and runtime aspects of an enterprise application’s life cycle.

• The Enterprise JavaBeans architecture will define the contracts that enable

tools from multiple vendors to develop and deploy components that can inter operate

at runtime.

• The Enterprise JavaBeans architecture will be compatible with existing

server platforms. Vendors will be able to extend their existing products to support

Enterprise JavaBeans.

• The Enterprise JavaBeans architecture will be compatible with other Java

programming language APIs.

• The Enterprise JavaBeans architecture will provide interoperability between

enterprise Beans and Java 2 Platform Enterprise Edition (J2EE) components as well as

non-Java programming language applications.

• The Enterprise JavaBeans architecture will be compatible with the

CORBA protocols.

Enterprise Bean Provider

The Enterprise Bean Provider is the producer of enterprise beans. The

system output is an ejb-jar file that contains one or more enterprise beans. The Bean

Provider is responsible for the Java classes that implement the enterprise bean’s

business methods, the definition of the bean’s remote and home interfaces and the

bean’s deployment descriptor.

The deployment descriptor includes the structural information of the enterprise bean

and declares all the enterprise bean’s external dependencies.

Application Assembler

The Application Assembler combines enterprise beans into larger

deployable application units. The input to the Application Assembler is one or more

ejb-jar files produced by the Bean Provider(s). The Application Assembler outputs one

or more ejb-jar files that contain the enterprise beans along with their application

assembly instructions. The Application Assembler inserts the application assembly

instructions into the deployment descriptors.

The Application Assembler can also combine enterprise beans with other types

of application components (JSP) when composing an application. The EJB specification

describes the case in which the application assembly step occurs before the

deployment of the enterprise beans. However, the EJB architecture does not preclude

the case that application assembly is performed after the deployment of all or some

of the enterprise beans.

Deployer

The Deployer takes one or more ejb-jar files produced by a Bean Provider or

Application Assembler and deploys the enterprise beans contained in the ejb-jar files

in a specific operational environment. The operational environment includes a

specific EJB Server and Container. The Deployer is an expert at a specific operational

environment and is responsible for the deployment of enterprise Beans.The Deployer

uses tools supplied by the EJB Container Provider to perform the deployment tasks.

The deployment process is typically two-stage:

• The Deployer first generates the additional classes and interfaces that

enable the container to manage the enterprise beans at runtime. These classes

are container-specific.

• The Deployer performs the actual installation of the enterprise beans and

the additional classes and interfaces into the EJB Container.

EJB Server Provider

The EJB Server Provider is a specialist in the area of distributed

transaction management, distributed objects, and other lower-level system-level

services. A typical EJB Server Provider is an OS vendor, middleware vendor, or

database vendor. The current EJB architecture assumes that the EJB Server

Provider and the EJB Container Provider roles are the same vendor. Therefore,

it does not define any interface requirements for the EJB Server Provider.

EJB Container Provider:

The EJB Container Provider provides

• The deployment tools necessary for the deployment of enterprise beans.

• The runtime support for the deployed enterprise bean instances.

The focus of a Container Provider is on the development of a scalable, secure,

transaction-enabled container that is integrated with an EJB Server. The

Container Provider insulates the enterprise Bean from the specifics of an

underlying EJB Server by providing a simple, standard API between the

enterprise Bean and the container. This API is the Enterprise JavaBeans

component contract. The Container Provider typically provides support for

versioning the installed enterprise Bean components.The Container Provider

typically provides tools that allow the system administrator to monitor manage

the container and the Beans running in the container at runtime.

Persistence Manager Provider

The Persistence Manager interacts with the Container to receive

notifications related to the lifecycle of the managed beans. The current EJB

architecture, however, does not architect the full set of SPIs between the Container

and the Persistence Manager. These interfaces are currently left to the Container

Provider and Persistence Manager Provider.

System Administrator

The System Administrator is responsible for the configuration and

administration of the enterprise’s computing and networking infrastructure that

includes the EJB Server and Container. The System Administrator is also responsible

for overseeing the wellbeing of the deployed enterprise beans applications at

runtime.

4. System Design

4.1 DFD

A data flow diagram (DFD) is a graphical representation that depicts information

flow and the transforms that one applied as data moves from of a data flow diagram

is also known as data flow graph or bubble

4.2 UML SEQUENCE DIAGRAM

The sequence diagrams are an easy and intuitive way of describing the

system’s behavior, which focuses on the interaction between the system and

the environment. This notational diagram shows the interaction arranged in a

time sequence. The sequence diagram has two dimensions: the vertical

dimension represents the time; the horizontal dimension represents different

objects. The vertical line also called the object’s lifeline represents the object’s

existence during the interaction.

Sequence Diagram:

Fig UML Sequence Diagram

Class Diagram:

Component Diagram:

Usecase Diagram:

Activity Diagram:

4.2 System Architecture

5. System Analysis

Some general approach has been used in a distributed manner to insure the

authenticity and integrity of routing information such as key generation and

management on the prevention side. Authentication based approaches are used to

secure the integrity and the authenticity of routing messages such as . There are

some difficulties that have to be faced in realizing some of the schemes like

cryptography and they are relatively expensive on MANET because of computational

capacity. A number of intrusion detection schemes for intrusion detection system

have been presented for ad-hoc networks. In, the paper proposed architecture for a

distributed and cooperative intrusion detection system for ad-hoc networks based on

statistical anomaly detection techniques but they have not properly mentioned about

the simulation scenario and the type of mobility they have used. In, A. Mishra

emphasizes the challenge for intrusion detection in ad-hoc network and purpose the

use of anomaly implementation for the problem.

Intrusion Detection Module:

A. Local Data Collection:

The local data collection module collects data streams of various information, traffic

patterns and attack traces from physical, MAC and network layers via association

module. The data streams can include system, user and mobile nodes’

communication activities within the radio range.

B. Local Detection:

The local detection module consists of anomaly detection engine. The local detection

module analyzes the local data traces gathered by the local data collection module

for evidence of anomalies. A normal profile is an aggregated rule set of multiple

training data segments. New and updated detection rules across ad-hoc networks are

obtained from normal profile. The normal profile consists of normal behavior patterns

that are computed using trace data from a training process where all activities are

normal. During testing process, normal and abnormal activities are processed and

any deviations from the normal profiles are recorded. The anomaly detection

distinguishes normalcy from anomalies as of the deviation data by comparing with

the test data profiles with the expected normal profiles. If any detection rules deviate

beyond a threshold interval and if it has a very high accuracy rate it can determine

independently that the network is under attack and initiates the alert management.

C. Cooperative Detection:

When the support and confidence level is low or intrusion evidence is weak and

inconclusive in the detecting node then it can make collaborative decision by

gathering intelligence from its surrounding nodes via protected communication

channel. The decision of cooperative detection is based on the majority of the voting

of the received reports indicating an intrusion or anomaly.

D. Alert Management:

The alert management receives the alert from the local detection or co-operative

detection depending on the strength of intrusion evidence. It collects them in the

alert cache for t seconds. If there are more abnormal predictions than the normal

predictions then it is regarded as “abnormal” and with adequate information an

alarm is generated to inform that an intrusive activity is in the system.

System Testing and Implementation

System Testing:

The system once finished has to go through a series of testing in order to ensure

that it works the way it ought to. The various types of testing measures to be taken

are:

Test to see if the requirements are taken care of.

Test to see if all the inputs are handled effectively.

Test the system by traversing all the paths and discover my surprises.

Check if errors and the exceptions have been handled properly.

See if validations of input data are taken care of.

Types of Tests:

There are six types of test a software product must satisfy:

1. Unit Test

2. Functional Test

3. Performance Test

4. Stress Test and

5. Structural Test

6. System Test

Functional Test, Performance Test and Stress Test are known as Black box testing.

Structural Test is referred as White box or Glass Box testing.

1.Unit Testing:

Unit testing focuses verification effort on the smallest unit of software design.

Unit Testing is considered as an equivalent to coding step. After the source level code has

been developed, reviewed and verified for correct syntax, unit test case design begins. In

most of the applications, a driver is nothing more than a main program that accepts test

case data, passes such data to the module to be tested and prints the relevant results.

2.Functional Testing:

Functional Testing involves testing the system under typical operating

condition, typical input values and for typical expected results. The functional

boundaries specifies boundary within which the system can function. three types of

functional tests are done

Checking the documented functions.

Checking with maximum values.

Checking with valid input.

3.Performance Testing:

Performance Testing is conducted to identify the bottlenecks in the

system and to fine-tune the overall performance of the system.

4.Stress Testing:

Stress Testing involves overloading the system in various ways and

observing the behavior. The system is tested with high network traffic and more

number of clients. Stress test provides valuable insight about the strengths and

weakness of a system.

5.Structural Testing:

Structural Testing are concerned with examining the internal

processing logic of a program and traversing particular execution paths.

6.System Testing:

System Testing involves two kinds of activities

1.Integration Testing and

2. Acceptance Testing

1.Integration Testing:

Integrating all the functionalities since some functions work perfectly

when run alone tests the system.

Integration Testing is of two types

(a) Top down Integration Testing and

(b) Bottom-Up Integration testing.

(a) Top down Integration Testing:

In Top down Integration the top of the hierarchy is tested then one or

two immediately subordinate routines are tested.

(b) Bottom-Up Integration Testing:

First the modules at the very bottom, which have no subordinates, are

tested then these are combined with higher-level modules for testing.

2.Acceptance Testing:

Acceptance Testing involves planning and execution of functional

tests, performance tests and stress tests in order to demonstrate that the

implemented system satisfies its requirements.

QUALITY ASSURANCE

The aim of this step is to maintain or to ensure the quality of the system developed.

The quality assurance goals in the system life cycle involves

1.Quality factors specification: - This was done to determine the factors

that lead to high quality of a system.

a. Correctness- The extent to which a program meets

System specification.

b. Reliability – The degree to which a program meets system specification.

c. Efficiency - The amount of computer resources required by the entire program

to perform a function.

d. Usability – The effort required learning and operating the system.

e. Maintainability – The ease with which the program errors are located and

corrected.

f. Testability - The effort required to test a program to ensure its correct

performance.

g. Portability – The ease of transporting a program from one hardware configuration

to another.

h. Accuracy - The required precision in input editing, computation and output.

i. Error Tolerance – Error detection and correction versus error avoidance.

j. Expandability - Ease of adding or expanding existing databases.

k. Access Controls and Audit – Control of access to the system and the extent to

which that access can be audited.

l. Communication – How useful the input and output of the system are.

1.Software Requirements Specification: - This was done to generate the required

documents that provide the technical specification for the design and development of

the software.

2. Software Design Specification: - This was done in order to provide the functions

and features described in the previous stage.

3.Software Testing and Implementation: - This was done to provide necessary

software adjustment for the system to continue to comply with the original

specifications.

Quality Assurance is the review of software and related documentation for

correctness, accuracy, maintainability, reliability, and expendability. This also

includes assurances that the system meets the specifications and requirements for

its intended use performance.

Model Code

MyServerImpl.java

import java.awt.Component;

import java.awt.Frame;

import java.awt.event.ActionEvent;

import java.awt.event.ActionListener;

import java.io.*;

import java.net.InetAddress;

import java.rmi.Naming;

import java.rmi.RemoteException;

import java.rmi.server.UnicastRemoteObject;

import java.sql.*;

import java.util.StringTokenizer;

import java.util.Vector;

import java.util.Enumeration;

import java.util.Properties;

import javax.swing.*;

import java.util.Hashtable;

public class MyServerImpl extends UnicastRemoteObject implements

MyInterface, ActionListener

{

Timer t1;

Timer t2;

Timer t3;

static Boolean temp1;



static MinWin mw = null;

///////////

String userpro;

/////////////

MinWin mw1;

Hashtable pro;

public MyServerImpl()

throws RemoteException

{

pro=new Hashtable();

pro.put("admin","p2");

pro.put("admin","p1");

pro.put("eee","p2");

pro.put("eee","p1");

mw1 = null;

}

public static void main(String args[])

{

try

{

String s = "";

new emserver().start();

InetAddress inetaddress = InetAddress.getLocalHost();

MyServerImpl myserverimpl = new MyServerImpl();

s = inetaddress.getHostName();

System.out.println(s);

String s1 = "//localhost/MyServerImpl";

String s2 = s + " registered with RMI registry!";

Naming.rebind(s1, myserverimpl);

System.out.println(s2);

mw = new MinWin();

mw.setFont(new java.awt.Font("verdana", 1, 20));

mw.setForeground(new java.awt.Color(255, 255, 255));

mw.setTitle("A Novel Cross Layer Intrusion Detection System in

MANET");

mw.setDefaultCloseOperation(3);

mw.setSize(800, 600);

mw.setVisible(true);

mw.setResizable(false);

}

catch(Exception exception)

{

System.out.println("RMI Exception : " + exception + "\n");

}

}

//////////////////////////procsssss

public String getpro(String proid)throws RemoteException

{

String as[] = {"Process level Agent Activated" };

MinWin.status.setListData(as);

Vector sys=new Vector();

String ress="";

try{

if(pro.get(userpro).equals(proid))

{

if(proid.equals("p1"))

{

Properties p=System.getProperties();

Enumeration en=p.propertyNames();

ress="";

while(en.hasMoreElements())

{

String name=(String)en.nextElement();

ress=ress+name+"="+p.getProperty(name)+"\n;";

}

System.out.println("process ok"+ress);

}

if(proid.equals("p2"))

{

Runtime r=Runtime.getRuntime();

ress="TotalMemory="+r.totalMemory()+"\

n"+"FreeMemory="+r.freeMemory()+"\n";

}

}

else

{

////Mobile alert

emserver.msg="Process Level-Intruder Detected.";

System.out.println(emserver.msg+"Msg SENDED TO MOBILE");

String as1[] ={"//Process level warning//Process

level(unAuthorized Process) Request"};

MinWin.warning.setListData(as1);

String as4[] = {"Action//" +userpro + "//process access

Permission Denied"};

MinWin.message.setListData(as4);

int k =mw1.myoptionpane("Process Level Intruder

Detected.Destroy it", "Process Level Agent Warning");

if(k==0)

{

String as2[] = {"//Process level Permission Denied Killer

Agent Called"};

MinWin.action.setListData(as2);

ress="nak";

}

System.out.println("process notok"+k);

}

}catch(Exception sss){System.out.println(sss);}

return ress;

}

/////////////////////

public int sendPacket(Vector vector, int i, String s, int j, int k)


{

int l = 9;

int i1 = 0;

boolean aflag[] = new boolean[i + 1];

String s1 = "";

String as[] = {"Packet level Agent Activated" };


if((j <1500) & (k <500))

{

l = 4;

} else

{

for(int j1 = 1; j1 <= i; j1++)

{

aflag[j1] = false;

}

for(int k1 = 0; k1 < i; k1++)

{

try

{

int l1 = ((Integer)vector.elementAt(i1)).intValue();

i1++;

int j2 = ((Integer)vector.elementAt(i1)).intValue();

i1++;

String s2 = (String)vector.elementAt(i1);

i1++;

int k2 = s2.hashCode();

if(aflag[l1])

{

warningDisplay("System10", "Packet Level Error/packet " + l1

+ " duplicated");

l = mw1.myoptionpane("Packets duplicated.\nIntruder

Detected.\nDestroy it", "Packet Level Agent Warning");

break;

}


}

catch(Exception exception) { }

}

for(int i2 = 1; i2 <= i; i2++)

{

if(aflag[i2])

{

continue;

}

warningDisplay("System10", "Packet Level Error/packet " + i2 + "

Lost");

l = mw1.myoptionpane("Packets Lost.\nIntruder Detected.\

nDestroy it", "Packet Level Agent Warning");

break;

}

if(l != 0)

{

try

{

FileOutputStream fileoutputstream = new FileOutputStream(s);

BufferedReader bufferedreader = new BufferedReader(new

StringReader(s1));

int l2;

while((l2 = bufferedreader.read()) != -1)

{

fileoutputstream.write((char)l2);

}

fileoutputstream.close();

bufferedreader.close();

}

catch(Exception exception1) { }

}

}

return l;

}

public String getConnect(String s, String s1, int i, int j, String s2,String os)


{

userpro=s;

String s3 = "";

try

{

System.out.println(os);

dbcon ob=new dbcon();

String ssss=ob.checkip(os);

if(ssss.equals("ok"))

{

if(s2.equals("36363"))

{

}

s3="sysint";

//////////////////

int l1=0;

ListModel listmodel1 = MinWin.warning.getModel();

String as1[] = new String[listmodel1.getSize() + 2];

for(l1 = 0; l1 < listmodel1.getSize(); l1++)

{

as1[l1] = listmodel1.getElementAt(l1).toString();

}

as1[l1] = s2 + "//System level warning//System

level(unsupported OS) Request";


ListModel listmodel2 = MinWin.action.getModel();



{


}

as2[l1] = s2 + "//System level Permission Denied Killer

Agent Called";


ListModel listmodel3 = MinWin.message.getModel();



{


}

as3[l1++] = "Warning//" + s2 + "//System level

warning//UnSupported System Login Request" + " Intruder";

as3[l1] = "Action//" + s2 + "//System level Permission

Denied Killer Agent Called";


// int i = 0;

ListModel listmodel = MinWin.warning.getModel();

String as[] = new String[listmodel.getSize() + 1];

for(i = 0; i < listmodel.getSize(); i++)

{

as[i] = listmodel.getElementAt(i).toString();

}

as[i] = "//System level Agent Activated";


///////////////////

}

else

{

mw1 = mw;

Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");

Connection connection =

DriverManager.getConnection("jdbc:odbc:networktraffic");

Statement statement = connection.createStatement();

ResultSet resultset = statement.executeQuery("select * from detail

where username='" + s + "' and password='" + s1 + "'");

if(resultset.next())

{

StringTokenizer stringtokenizer = new

StringTokenizer(resultset.getString(8), ",");

boolean flag = true;

while(stringtokenizer.hasMoreTokens())

{

int i1 = Integer.parseInt(stringtokenizer.nextToken());

int j1 = Integer.parseInt(stringtokenizer.nextToken());

int k1 = Integer.parseInt(stringtokenizer.nextToken());

System.out.println(i1 + j1 + k1);

if(i1 == j)

{

if(i > j1 && i < k1)

{

s3 = s3 + resultset.getString(3) + "," +

resultset.getString(4) + "," + resultset.getString(5) + "," +

resultset.getString(6) + "," + resultset.getString(7);

} else

{

s3 = "Denied";

int l1 = 0;

ListModel listmodel1 = MinWin.warning.getModel();



{


}

as1[l1] = s2 + "//user level warning//Untime Login

Request";





{


}

as2[l1] = s2 + "//Login Permission Denied";





{


}

as3[l1++] = "Warning//" + s2 + "//user level

warning//Untime Login Request" + " Intruder";

as3[l1] = "Action//" + s2 + "//Login Permission Denied";


}

}

}

} else

{

int k = mw1.myoptionpane("Intruder Detected.Destroy it", "User

Level Agent Warning");

if(k == 0)

{

s3 = "Exit";

warningDisplay(s2, s2 + "//User level Exception//Trying to match

password");

boolean flag1 = false;

ListModel listmodel = MinWin.hostname.getModel();

String as[] = new String[listmodel.getSize() - 1];

for(int l = 0; l < listmodel.getSize(); l++)

{

if(!listmodel.getElementAt(l).toString().equals(s2))

{

as[l] = listmodel.getElementAt(l).toString();

}

}

MinWin.hostname.setListData(as);

MinWin.hostname1.setListData(as);

} else

{

s3 = "null";

}

}

///////

}

//////

}


{

System.out.println(exception);

}

return s3;

}

public String getagent(String s)


{

String s1 = "";

File file;

if(s.equals("user"))

{

System.out.println("user level agent move..");

int i = 0;




{


}

as[i] = "//User level Agent Activated";


file = new File("user.class");

} else

{

System.out.println("packet level agent move..");

file = new File("packet.class");

}

try

{

FileInputStream fileinputstream = new FileInputStream(file);

boolean flag = false;

int j;

while((j = fileinputstream.read()) != -1)

{

String s2 = String.valueOf((char)j);

s1 = s1 + s2;

}

}


//System.out.println(s1);

System.out.println("agent end..");

return s1;

}

public void addHost(String s)


{

try

{

int i = 0;




{


}

as[i] = s;



}


{


}

}

public String getipaddress()


{

String s = "";

try

{

InetAddress inetaddress = InetAddress.getLocalHost();

s = inetaddress.getHostName();

}


return s;

}

public Action LoadAction1()

{

System.out.println("in l1");

return new AbstractAction("waiting") {

public void actionPerformed(ActionEvent actionevent)

{

t1.stop();

System.out.println("left l1");

MyServerImpl.temp1 = Boolean.FALSE;

}

};

}


{

System.out.println("l2");



{

t2.stop();



}

};

}


{

System.out.println("l3");



{

t3.stop();



}

};

}


{

}

public String getConnect(String s, String s1)


{

String s2 = "";

try

{

int i = 0;

ListModel listmodel = MinWin.status.getModel();



{


}

as[i++] = "User level Agent Activated";

as[i] = "User level Agent Started";


Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");

Connection connection =

DriverManager.getConnection("jdbc:odbc:networktraffic");

Statement statement = connection.createStatement();

ResultSet resultset = statement.executeQuery("select * from detail

where username='" + s + "' and password='" + s1 + "'");

if(resultset.next())

{

s2 = s2 + resultset.getString(3) + "," + resultset.getString(4) + ","

+ resultset.getString(5) + "," + resultset.getString(6) + "," +

resultset.getString(7);

} else

{

s2 = "null";

}


}


{


}

return s2;

}

public String getConnection(String s, String s1, String s2)


{

System.out.println("temp1 :=" + temp1.toString());



if(temp1 == Boolean.FALSE)

{

System.out.println("in temp1");

temp1 = Boolean.TRUE;

t1 = new Timer(19999, LoadAction1());

t1.start();

String s3 = getConnect(s, s1);

return s3;

}


{




t2.start();


return s4;

}


{




t3.start();


return s5;

}

int i = 0;




{


}

as[i] = s2 + "//user level warning//Resource busy";

MinWin.warning.setListData(as);



for(i = 0; i < listmodel1.getSize(); i++)

{

as1[i] = listmodel1.getElementAt(i).toString();

}

as1[i] = s2 + "//Resource Request Denied";





{


}

as2[i++] = "Warning//" + s2 + "//user level warning//Resource busy" + "

Intruder";

as2[i] = "Action//" + s2 + "//Resource Request Denied";


return "wait";

}

public void warningDisplay(String s, String s1)


{

try

{

int i = 0;




{


}

as[i] = s1;

MinWin.warning.setListData(as);




{


}

as1[i] = s + "//killed Process";





{


}

as2[i++] = "Warning//" + s1 + "Intruder";

as2[i] = "Action//" + s + "//killed Process";


}


{


}

}

public void delHost(String s)


{

try

{

MinWin.filesel = "";

boolean flag = false;



for(int i = 0; i < listmodel.getSize(); i++)

{


if(as[i].equals(s))

{

for(int j = i; j < listmodel.getSize(); j++)

{

as[j] = as[j + 1];

}

as[listmodel.getSize() - 1] = "";

}

}



}


{


}

}

static

{

temp1 = Boolean.FALSE;



}

}

Login.java

import java.io.*;

import javax.swing.*;

import java.awt.event.*;

import java.lang.*;

import java.awt.*;

import javax.swing.filechooser.FileSystemView;

import java.util.StringTokenizer;

import java.net.InetAddress;

import java.rmi.Naming;

import java.util.Date;

import java.util.Vector;

import java.util.Random;

public class login

{

public static void main(String aa[])

{

try

{

login1 log1=new login1();

log1.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);

log1.setSize(800,600);

log1.setVisible(true);

log1.setResizable(false);

log1.setTitle("A Novel Cross Layer Intrusion Detection System in

MANET");

String host1="";

InetAddress a=InetAddress.getLocalHost();

host1=a.getHostName();

MyInterface

myin=(MyInterface)Naming.lookup("//localhost/MyServerImpl");

myin.addHost(host1);

}

catch(Exception e)

{

}

}

}

class login1 extends JFrame implements ActionListener,Runnable

{

//login

JLabel username,password,agenttext,agenttext1,

agenttext3,loginbanner,profile,name,name1,age,age1,sex,sex1,address,addr

ess1,phone,phone1;

JTextField usertext;

JPasswordField passtext;

JButton submit,reset,exit,back;

JOptionPane op;

JPanel jp=null;

JPanel jp1=null;

JPanel jp2=null;

/////////////

JTextField proid;

JButton probut;

JTextArea prores;

JScrollPane sp;

/////////////

int nooftry=0;

JMenuBar mbar;

JMenu file;

JMenuItem filepackets,fileexit,fileagent,fileback;

JLabel

pack,filesel,trastatus,noofpacks,noofpacks1,packsize,packsize1,status,status1

,notes;

JTextArea filepath;

JButton browse,send;

JFileChooser jfc;

String f2,s2;

MyInterface myin=null;

boolean flag=true;

static int stat=0;

static String agen="";

public login1()

{

Thread tt=new Thread(this);

tt.start();

jp=new JPanel();

jp.setLayout(null);

jp.setBackground(new Color(0, 116, 232));

// getContentPane().setLayout(null);

jp1=new JPanel();

jp1.setLayout(null);

jp1.setBackground(new Color(128, 128, 0));

jp2=new JPanel();

jp2.setLayout(null);

jp2.setBackground(new Color(128, 128, 0));

//loginform impl

op=new JOptionPane();

agenttext=new JLabel("");

agenttext.setBounds(100,50,600,40);

agenttext.setFont(new Font("alpha",Font.ITALIC,25));

agenttext.setForeground(new Color(64,0,0));

username=new JLabel("ID");

username.setForeground(new Color(155,244,244));

username.setBounds(250,150,100,25);

password=new JLabel("KEY");

password.setForeground(new Color(155,244,244));

password.setBounds(250,210,100,25);

loginbanner=new JLabel(new ImageIcon("login.jpg"));

jp.setBounds(0,0,800,600);

submit=new JButton("Submit");

submit.setBackground(new Color(255,204,204));

submit.setForeground(new Color(0,0,255));

submit.setBounds(200,270,75,25);

reset=new JButton("Reset");

reset.setBackground(new Color(255,204,204));

reset.setForeground(new Color(0,0,255));

reset.setBounds(300,270,75,25);

exit=new JButton("Exit");

exit.setBackground(new Color(255,204,204));

exit.setForeground(new Color(0,0,255));

exit.setBounds(400,270,100,25);

usertext=new JTextField();

usertext.setForeground(new Color(0,0,255));

usertext.setBounds(350,150,100,25);

passtext=new JPasswordField();

passtext.setForeground(new Color(0,0,255));

passtext.setBounds(350,210,100,25);

//getContentPane().add(jp);

jp.add(agenttext);

jp.add(username);

jp.add(password);

jp.add(submit);

jp.add(reset);

jp.add(exit);

jp.add(usertext);

jp.add(passtext);

submit.addActionListener(this);

reset.addActionListener(this);

exit.addActionListener(this);

//profile display

agenttext3=new JLabel("A Novel Cross Layer Intrusion Detection

System in MANET");

agenttext3.setBounds(50,50,600,40);

agenttext3.setFont(new Font("verdana",1,18));

agenttext3.setForeground(new Color(255,255,255));

////////////////

proid=new JTextField();

proid.setForeground(new Color(0,0,255));

proid.setBounds(500,100,100,25);

probut=new JButton("GetResult");

probut.setBackground(new Color(255,204,204));

probut.setForeground(new Color(0,0,255));

probut.setBounds(600,100,100,25);

probut.addActionListener(this);

prores=new JTextArea();

prores.setForeground(new Color(0,0,255));

sp = new JScrollPane();

sp.setViewportView(prores);

sp.setBounds(500,150,200,200);

//prores.setVisible(false);

//JScrollPane sp = new JScrollPane(prores);

////////////////

name=new JLabel("NAME");

name.setBounds(275,100,100,40);

name.setForeground(new Color(155,244,244));

age=new JLabel("AGE");

age.setBounds(275,150,100,40);

age.setForeground(new Color(155,244,244));

sex=new JLabel("SEX");

sex.setBounds(275,200,100,40);

sex.setForeground(new Color(155,244,244));

address=new JLabel("ADDRESS");

address.setBounds(275,250,100,40);

address.setForeground(new Color(155,244,244));

phone=new JLabel("PHONE");

phone.setBounds(275,300,100,40);

phone.setForeground(new Color(155,244,244));

name1=new JLabel();

name1.setBounds(425,100,200,40);

name1.setForeground(new Color(155,244,244));

age1=new JLabel();

age1.setBounds(425,150,200,40);

age1.setForeground(new Color(155,244,244));

sex1=new JLabel();

sex1.setBounds(425,200,200,40);

sex1.setForeground(new Color(155,244,244));

address1=new JLabel();

address1.setBounds(425,250,200,40);

address1.setForeground(new Color(155,244,244));

phone1=new JLabel();

phone1.setBounds(425,300,200,40);

phone1.setForeground(new Color(155,244,244));

///////////notess

notes=new JLabel("Notes:ProcessId p1:System properties, p2:memory");

notes.setBounds(450,450,300,20);

notes.setForeground(new Color(155,244,244));

//////////

back=new JButton("BACK");

back.setBounds(365,350,75,25);

getContentPane().add(jp1);

jp1.add(notes);

jp1.add(name);

jp1.add(name1);

jp1.add(age);

jp1.add(age1);

jp1.add(sex);

jp1.add(sex1);

jp1.add(address);

jp1.add(address1);

jp1.add(phone);

jp1.add(phone1);

jp1.add(back);

jp1.add(agenttext3);

jp1.add(proid);

jp1.add(probut);

jp1.add(sp);

jp1.setVisible(false);

back.addActionListener(this);

mbar=new JMenuBar();

file=new JMenu("File");

filepackets=new JMenuItem("Packets");

fileback=new JMenuItem("Back");

fileexit=new JMenuItem("Exit");

file.add(filepackets);

file.add(fileback);

file.add(fileexit);

mbar.add(file);

fileexit.addActionListener(this);

filepackets.addActionListener(this);

fileback.addActionListener(this);

//pack display

agenttext1=new JLabel("A Novel Cross Layer Intrusion Detection

System in MANET");

agenttext1.setBounds(100,50,600,40);

agenttext1.setFont(new Font("verdana",1,18));

agenttext1.setForeground(new Color(255,255,255));

pack=new JLabel(new ImageIcon("login1.gif"));

jp2.setBounds(0,0,800,600);

filesel=new JLabel("Select A File");

filesel.setBounds(100,100,100,40);

filesel.setFont(new Font("verdana",1,13));

filesel.setForeground(new Color(155,244,244));

filepath=new JTextArea();

filepath.setText(" ");

filepath.setBounds(100,150,400,25);

browse=new JButton("BROWSE");

browse.setBounds(550,150,100,25);

send=new JButton("SEND");

send.setBounds(350,180,100,25);

trastatus=new JLabel("Transmision Status");

trastatus.setBounds(325,210,150,40);

trastatus.setFont(new Font("verdana",1,13));

trastatus.setForeground(new Color(155,244,244));

noofpacks=new JLabel("No Of Packets");

noofpacks.setBounds(200,260,100,40);

noofpacks.setFont(new Font("verdana",1,13));

noofpacks.setForeground(new Color(155,244,244));

packsize=new JLabel("Packets Size");

packsize.setBounds(200,310,100,40);

packsize.setFont(new Font("verdana",1,13));

packsize.setForeground(new Color(155,244,244));

status=new JLabel("Process Status");

status.setBounds(200,360,150,40);

status.setFont(new Font("verdana",1,13));

status.setForeground(new Color(155,244,244));

noofpacks1=new JLabel();

noofpacks1.setBounds(500,260,100,40);

packsize1=new JLabel();

packsize1.setBounds(500,310,100,40);

status1=new JLabel();

status1.setBounds(500,360,100,40);


jp2.add(filesel);

jp2.add(trastatus);

jp2.add(noofpacks);

jp2.add(noofpacks1);

jp2.add(packsize);

jp2.add(packsize1);

jp2.add(status);

jp2.add(status1);

jp2.add(filepath);

jp2.add(browse);

jp2.add(send);

jp2.add(agenttext1);


browse.addActionListener(this);

send.addActionListener(this);

getContentPane().add(jp);

jp.setBounds(0, 0, 800, 580);

getContentPane().add(jp);

jp1.setBounds(0, 0, 800, 580);


jp2.setBounds(0, 0, 800, 580);

}

public void actionPerformed(ActionEvent e)

{

if(e.getSource()==submit)

{

try

{

MyInterface

myinu=(MyInterface)Naming.lookup("//localhost/MyServerImpl");

agen=myinu.getagent("user");

File f=new File("useragent.class");

FileOutputStream fos=new FileOutputStream(f);

byte[] b=agen.getBytes();

//System.out.println(new String(b));

fos.write(b);

fos.close();

}

catch(Exception er)

{

}

//System.out.println(agen);

try

{

if(usertext.getText().trim().equals(""))

{

op.showConfirmDialog(this,"Enter The

ID","Error",JOptionPane.DEFAULT_OPTION,JOptionPane.ERROR_MESSAGE);

usertext.grabFocus();

}

else

{

if(passtext.getText().trim().equals(""))

{

op.showConfirmDialog(this,"Enter The

KEY","Error",JOptionPane.DEFAULT_OPTION,JOptionPane.ERROR_MESSAGE);

passtext.grabFocus();

}

else

{

String host1="";



MyInterface


Date da=new Date();

int ti=da.getHours()*100+da.getMinutes();

int week=da.getDay();

System.out.println(ti+"\n");

System.out.println(week);

String

temp1=myin.getConnect(usertext.getText(),passtext.getText(),ti,week,host1,

System.getProperty("os.name"));

///////////////////////

//MyInterface


//myin.getpro("p1");

////////////////////////

if(temp1.equals("sysint"))

{

int rt=op.showConfirmDialog(this,"YOU ARE A

SYSTEM LEVEL

INTRUDER","Error",JOptionPane.DEFAULT_OPTION,JOptionPane.ERROR_MESSA

GE);

if(rt==0)

{

System.exit(0);

}

}

if(temp1.equals("Denied"))

{

int rt=op.showConfirmDialog(this,"YOU ARE

A

INTRUDER","Error",JOptionPane.DEFAULT_OPTION,JOptionPane.ERROR_MESSA

GE);

if(rt==0)

{

System.exit(0);

}

}

else

{

if(temp1.equals("Exit"))

{

System.exit(0);

}

else

{

if(temp1.equals("null"))

{

op.showConfirmDialog(this,"SORRY DON'T TRY AGAIN-YOU ARE A

INTRUDER

","Error",JOptionPane.DEFAULT_OPTION,JOptionPane.ERROR_MESSAGE);

nooftry++;

if(nooftry>5)

{

myin.warningDisplay(host1,host1+"//User level Exception//Trying to

match password");

myin.delHost(host1);

System.exit(1);

}

}

else

{

String

temp=myin.getConnection(usertext.getText(),passtext.getText(),host1);

if(temp.equals("wait"))

{

op.showConfirmDialog(this,"NETWORK IS

BUSY","Error",JOptionPane.DEFAULT_OPTION,JOptionPane.ERROR_MESSAGE);

usertext.setText("");

passtext.setText("");

}

else

{

StringTokenizer

token=new StringTokenizer(temp,",");

int k=1;

while(token.hasMoreTokens())

{

String nextToken =

token.nextToken();

System.out.println(nextToken);

if(k==1)

{

name1.setText(nextToken);

}

if(k==2)

{

age1.setText(nextToken);

}

if(k==3)

{

sex1.setText(nextToken);

}

if(k==4)

{

address1.setText(nextToken);

}

if(k==5)

{

phone1.setText(nextToken);

}

k++;

}

jp.setVisible(false);

jp1.setVisible(true);

setJMenuBar(mbar);

submit.setEnabled(false);

reset.setEnabled(false);

exit.setEnabled(false);

usertext.setEnabled(false);

passtext.setEnabled(false);

}

}

}

}

}

}

}

catch(Exception e1)

{

System.out.println(e1);

}

}

if(e.getSource()==reset)

{

usertext.setText("");

passtext.setText("");

}

if(e.getSource()==exit)

{

System.exit(0);

}

if(e.getSource()==fileexit)

{

try

{

String host1="";



MyInterface


myin.delHost(host1);

System.exit(0);

}

catch(Exception e1)

{

}

}

/////////////////////////////procccccccccc

if(e.getSource()==probut)

{

try{

MyInterface

myine=(MyInterface)Naming.lookup("//localhost/MyServerImpl");

String result="myin.getpro";

result=myine.getpro(proid.getText());

if(result.equals("nak"))

{

op.showConfirmDialog(this,"Your are a Process Level

Intruder","Alert",JOptionPane.DEFAULT_OPTION,JOptionPane.ERROR_MESSAG

E);

System.exit(0);

}

StringTokenizer res=new StringTokenizer(result,";");

while(res.hasMoreTokens())

{

prores.append(res.nextToken());

}

}catch(Exception ew)

{op.showConfirmDialog(this,ew,"Error",JOptionPane.DEFAULT_OPTION,JOption

Pane.ERROR_MESSAGE);}

}

//////////////////////////////

if(e.getSource()==filepackets)

{


setJMenuBar(mbar);








}

if(e.getSource()==fileback)

{


setJMenuBar(mbar);








}

if(e.getSource()==back)

{

jp.setVisible(true);


submit.setEnabled(true);

reset.setEnabled(true);

exit.setEnabled(true);

usertext.setEnabled(true);

passtext.setEnabled(true);

prores.setText("");

}

if(e.getSource()==browse)

{

FileDialog jfc=new

FileDialog(this,"SELECT",FileDialog.LOAD);

jfc.show();

f2=jfc.getDirectory();

s2=jfc.getFile();

filepath.setText(f2+s2);

}

if(e.getSource()==send)

{

try

{

MyInterface

myina=(MyInterface)Naming.lookup("//localhost/MyServerImpl");

agen=myina.getagent("packet");

////

File fff=new File("packetagent.class");

FileOutputStream fos=new FileOutputStream(fff);

byte[] c=agen.getBytes();

fos.write(c);

fos.close();

File f=new File(filepath.getText());

FileInputStream fis=new FileInputStream(f);

int nop=8;

//int len=(int)f.length();

Random ran1=new Random();

int size1=1024;

int len=(int)f.length();

size1=ran1.nextInt(size1);

int nop1=len/size1;

while(nop1<5)

{

size1=ran1.nextInt(size1);

nop1=len/size1;

}

int size=len/8;

noofpacks1.setText(String.valueOf(nop1));

packsize1.setText(String.valueOf(size1));

//

if(len%size1>0)

{

nop1=nop+1;

}

if(len%8>0)

{

nop=9;

}

byte b[]=new byte[size];

int k=0,i=0,j=1;

Vector v=new Vector();

Random ran=new Random();

int l=ran.nextInt(nop);

int m=ran.nextInt(nop);

//int n=ran.nextInt(nop);

System.out.println(l +" "+m);

while((k=fis.read(b))!=-1)

{

String mes=new String(b,0,k);

int hash=mes.hashCode();

if(j==l)

{

}

else

{

if(j==m)

{

Integer ha=new Integer(hash);

Integer pcno=new Integer(j);

v.addElement(pcno);

v.addElement(ha);

v.addElement(mes+"alpha");

}

else

{

/*if(j==n)

{

Integer ha=new

Integer(hash);

Integer pcno=new

Integer(j);

v.addElement(pcno);

v.addElement(ha);

v.addElement(mes);

v.addElement(pcno);

v.addElement(ha);

v.addElement(mes);

}

else

{*/

Integer ha=new

Integer(hash);

Integer pcno=new

Integer(j);

v.addElement(pcno);

v.addElement(ha);

v.addElement(mes);

//}

}

}

status1.setText(j +"th packet sent");

j++;

}

System.out.println("aa");

String host1="";




int sta=myin.sendPacket(v,nop,s2,nop1,size1);

if(sta==4)

{



System.out.println(nop1);

status1.setText("Completed");

}

else

{

status1.setText("Aborted");



System.out.println(nop1);


}

}

catch(Exception ee)

{

System.out.println(ee);


}

}

}

public void run()

{

System.out.println("started");

while(flag)

{

System.out.println(stat);

//System.out.println(login1.agen);

if(stat!=0)

{

System.exit(0);

}

}

}

}

Screen Shots:

Implementation:

When a hacker attacks a system, the ideal response would be to stop his

activity before he can cause any damage or gain access to any sensitive information.

This would require recognition of the attack as it takes place. Different models of

intrusion detection have been developed, and much IDS software is available for use.

Commercial IDS products such as Net Ranger, Real Secure, and Omni guard Intruder

Alert work on attack signatures. These signatures needed to be updated by the

vendors on a regular basis in order to protect from new types of attacks. However, no

detection system can catch all types of intrusions and each model has its strengths

and weaknesses in detecting different violations in networked computer systems.

Recently, researchers started investigating techniques like artificial intelligence,

autonomous agents and mobile agent for detecting intrusion in network environment.

Most existing intrusion detection systems either use packet-level information or user

activities to make decisions on intrusive activities. In this paper, an agent-based

intrusion detection system is described that can simultaneously monitor network

activities at different levels (such as packet level, process level, system level, and

user level). This MANET system represents a novel approach to distributed intrusion

detection. The system emulates some mechanisms of the human immunity system

and features distributed identification of anomalies and decentralized control of

decisions and responses to those anomalies.

7. Conclusion and Future Scope

Mobile-agents can be used to build network monitoring systems System

presented is dynamic configurable and extensible, actively monitors networks,

secure, robust and has acceptable resource usage be to stop his activity before he

can cause any damage or gain access to any sensitive information. This would

require recognition of the attack as it takes place. Different models of intrusion

detection have been developed and much IDS software is available for use.

Commercial IDS products such as NetRanger, RealSecure, and Omniguard Intruder

Alert work on attack signatures. These signatures needed to be updated by the

vendors on a regular basis in order to protect from new types of attacks.

APPENDICES:

A.1 BIBLIOGRAPHY:

REFERENCES:

1] Michael Peirce, Donal O'Mahony “Multi-Party Payments for Mobile Services”,

Copyright. IEEE 2000.

[2] Joris Claessens , Valentin Dem,Danny De Cock, Bart Preneel,Joos Vandewalle “On

the Security of Today’s On-line Electronic Banking Systems”, Dec’2001

[3] Joris Claessens, Bart Preneel and Joos Vandewalle “Combining World Wide Web

and wireless security”, Feb’2002.

[4]J.Burgett1,S.Hussain1,C.M.Jonker2,A.Razaq1,K.Silz,Personalized,Automated

Recharge of Prepaid Mobile Phones” 1AMS Inc,51-55 Gresham street, London EC2V

7JH, [email protected] 2 Department of AI, Vrije Universiteit, De Boelelaan 1081a,1081

HV Amsterdam.

[5]Simon Buckingham www.YES2SMS.com,“success 4 SMS “ , Feb.2001.

[6] Hunter, J., and Crawford, W., (1998), Java Servlet Programming, O’Reilly and

Associates.

ANNEXURE-A.

1. Abbreviations

OOPS Object Oriented Programming Concepts

TCP/IP Transmission Control Protocol/Internet Protocol

JDBC Java Data Base Connectivity

EIS Enterprise Information Systems

BIOS Basic Input/Output System

JNDI Java Naming and Directory Interface

ORDBMS Object Relat ional Database Management System

A.2 ONLINE RESOURCES

www.jsptags.com

www.java.sun.com/products/jsp/resources.html

www.roseindia.net

www.softlandindia.com/java.html

http://www.softlandindia.com/java.html

http://www.roseindia.net/

http://www.java.sun.com/products/jsp/resources.html

http://www.jsptags.com/

MANET Full Document

Documents

Transcript of MANET Full Document