RED Algorithm Report

7/29/2019 RED Algorithm Report

1/62

Chapter 1

INTRODUCTION

1.1 INTRODUCTION TO PROJECT

The Internet is not a safe place. Unsecured hosts can expect to be compromised within

minutes of connecting to the Internet and even well-protected hosts may be crippled with

denial-of-service (DoS) attacks. However, while such threats to host systems are widely

understood, it is less well appreciated that the network infrastructure itself is subject to

constant attack as well. Indeed, through combinations of social engineering and weak

passwords, attackers have seized control over thousands of Internet routers . Even more

troubling is Mike Lynns controversial presentation at the 2005 Black Hat Briefings,

which demonstrated how Cisco routers can be compromised via simple software

vulnerabilities. Once a router has been compromised in such a fashion, an attacker may

interpose on the traffic stream and manipulate it maliciously to attack othersselectively

dropping, modifying, or rerouting packets.

Several researchers have developed distributed protocols to detect such traffic

manipulations, typically by validating that traffic transmitted by one router is received

unmodified by another . However, all of these schemesincluding our ownstruggle ininterpreting the absence of traffic. While a packet that has been modified in transit

represents clear evidence of tampering, a missing packet is inherently ambiguous: it may

have been explicitly blocked by a compromised router or it may have been dropped

benignly due to network congestion. In fact, modern routers routinely drop packets due to

bursts in traffic that exceed their buffering capacities, and the widely used Transmission

Control Protocol (TCP) is designed to cause such losses as part of its normal congestion

control behavior. Thus, existing traffic validation systems must inevitably produce false

positives for benign events and/or produce false negatives by failing to report real

malicious packet dropping.

In this project, we develop a compromised router detection protocol that dynamically

infers the precise number of congestive packet losses that will occur. Once the congestion

ambiguity is removed, subsequent packet losses can be safely attributed to malicious

actions. We believe our protocol is the first to automatically predict congestion in a

systematic manner and that it is necessary for making any such network fault detection

practical. In the remainder of this paper, we briefly survey the related background

material, evaluate options for inferring congestion, and then present the assumptions,

1


2/62

specification, and a formal description of a protocol that achieves these goals. We have

evaluated our protocol in a small experimental network and demonstrate that it is capable

of accurately resolving extremely small and fine-grained attacks.

1.2 PROJECT OVERVIEW

we consider the problem of detecting whether a compromised router is maliciously

manipulating its stream of packets. In particular, we are concerned with a simple yet

effective attack in which a router selectively drops packets destined for some victim.

Unfortunately, it is quite challenging to attribute a missing packet to a malicious action

because normal network congestion can produce the same effect. Modern networks

routinely drop packets when the load temporarily exceeds their buffering capacities.

Previous detection protocols have tried to address this problem with a user-defined

threshold: too many dropped packets imply malicious intent. However, this heuristic is

fundamentally unsound; setting this threshold is, at best, an art and will certainly create

unnecessary false positives or mask highly focused attacks. We have designed, developed,

and implemented a compromised router detection protocol that dynamically infers, based

on measured traffic rates and buffer sizes, the number of congestive packet losses that will

occur. Once the ambiguity from congestion is removed, subsequent packet losses can be

attributed to malicious actions. We have tested our protocol in Emulab and have studied its

effectiveness in differentiating attacks from legitimate network behavior.

2


3/62

Chapter 2

SYSTEM ANALYSIS

2.1 Existing System

The earliest work on fault-tolerant forwarding is due to Perlman who developed a robust

routing system based on source routing, digitally signed route-setup packets, and reserved

buffers. While groundbreaking, Perlmans work required significant commitments of

router resources and high levels of network participation to detect anomalies. Since then,

a variety of researchers have proposed lighter weight protocols for actively probing the

network to test whether packets are forwarded in a manner consistent with the advertised

global topology Conversely, the1997 WATCHERS system detects disruptive routers

passively via a distributed monitoring algorithm that detects deviations from a

conservation of flow invariant . However, work on WATCHERS was abandoned, in part

due to limitations in its distributed detection protocol, its overhead, and the problem of

ambiguity stemming from congestion To perform all these processes manually is a very

tedious process for a trained expert and, thus, an automated differential counting system

that helps in saving time and money is highly desirable.

2.2 Proposed System

We have designed, developed, and implemented a compromised router detection protocol

that dynamically infers, based on measured traffic rates and buffer sizes, the number of

congestive packet losses that will occur.

Once the ambiguity from congestion is removed, subsequent packet losses can be

attributed to malicious actions. We have tested our protocol in Emulab and have studied its

effectiveness in differentiating attacks from legitimate network behavior

2.3 OVERVIEW OF MODULES

Total project has divided into 5 Modules. They are

1. GUI Design

2. Protocol Utilization

3. Packet Transmission Details

4. CLP Calculation using Bayesian Theorem

5. Identifying Normal Packet using Threshold value.

3


4/62

Module 1: GUI Design

Using swing concepts in Java, we allocate area for the statistical characterization for the

transmitted packets. So that the design is consistent and efficient for the user to interact

with the software.

Module 2:Protocol Utilization

Packets are transmitted through the use of networking protocols. So that ports are

distinguished by different colors. I consider two types of protocols called TCP and UDP

protocols. Here I use the acknowleged TCP protocol to transmit the packets.

Module 3 :PTD (Packet Transmission Details)Packet scores are generated based on the protocol values, the size of the packet and the

destination.

Module 4: CLP Calculationusing Bayesian Theorem

The Scores of each packet is generated and the probability calculation is performed. The

attribute value of each packet is compared with the base line profile value and sorting of

packets occurred.

Module 5: Identifying NP using Threshold Value

In this module, the threshold value is calculated and is compared with the attribute value

of each packet. Discarding of packets takes place in comparison with the threshold value.

4


5/62

Chapter 3

ALGORITHM/TECHNIQUES USED

3.1 REDAlgorithm Description

RED monitors the average queue size, based on an exponential weighted moving average:

where the actual queue size and weight for a low-pass filter. RED uses three more

parameters in minimum threshold, Maximum, Maximum threshold. Using, RED

dynamically computes a dropping probability in two steps for each packet it receives.

First, it computes an interim probability, Further; the RED algorithm tracks the number of

packets, since the last dropped packet. The final dropping probability, p, is specified to

increase slowly as increases.

3.2 Methodology And Specifications

There are inherently two threats posed by a compromised router. The attacker may subvert

the network control plane (e.g., by manipulating the routing protocol into false route

updates) or may subvert the network data plane and forward individual packets

incorrectly. The first set of attacks have seen the widest interest and the most activity

largely due to their catastrophic potential. By violating the routing protocol itself, an

attacker may cause large portions of the network to become inoperable. Thus, there have

been a variety of efforts to impart authenticity and consistency guarantees on route update

messages with varying levels of cost and protection We do not consider this class of

attacks in this paper. Instead, we have focused on the less well-appreciated threat of an

attacker subverting the packet forwarding process on a compromised router. Such an

attack presents a wide set of opportunities including DoS, surveillance, man-in-the-middle

attacks, replay and insertion attacks, and so on. Moreover, most of these attacks can be

trivially implemented via the existing command shell languages in commodity routers.

The earliest work on fault-tolerant forwarding is due to Perlman who developed a robust

routing system based on source routing, digitally signed route-setup packets, and reserved

buffers.

While groundbreaking, Perlmans work required significant commitments of router

resources and high levels of network participation to detect anomalies. Since then, a

variety of researchers have proposed lighter weight protocols for actively probing the

network to test whether packets are forwarded in a manner consistent with the advertised

5


6/62

global topology Conversely, the 1997 WATCHERS system detects disruptive routers

passively via a distributed monitoring algorithm that detects deviations from a

conservation of flow invariant However, work on WATCHERS was abandoned, in part

due to limitations in its distributed detection protocol, its overhead, and the problem of

ambiguity stemming from congestion . Finally, our own work broke the problem into three

pieces: a traffic validation mechanism, a distributed detection protocol, and a rerouting

countermeasure. In we focused on the detection protocol, provided a formal framework

for evaluating the accuracy and precision of any such protocol, and described several

practical protocols that allow scalable implementations.

However, we also assumed that the problem of congestion ambiguity could be solved,

without providing a solution. This paper presents a protocol that removes this assumption.

INFERRING CONGESTIVE LOSS In building a traffic validation protocol, it isnecessary to explicitly resolve the ambiguity around packet losses. Should the absence of a

given packet be seen as malicious or benign? In practice,

There are three approaches for Addressing this issue:

3.2.1 Static Threshold.:

Low rates of packet loss are assumed to be congestive, while rates above some predefined

threshold are deemed malicious.

3.2.2 Traffic modeling.:

Packet loss rates are predicted as a function of traffic parameters and losses beyond the

prediction are deemed malicious.

3.2.3 Traffic measurement:

. Individual packet losses are predicted as a function of measured traffic load and router

buffer capacity. Deviations from these predictions are deemed malicious.

Most traffic validation protocols, including WATCHERS, Secure Traceroute, and our own

work described in analyze aggregate traffic over some period of time in order to amortize

monitoring overhead over many packets. For example, one validation protocol described

in maintains packet counters in each router to detect if traffic flow is not conserved from

source to destination. When a packet arrives at router r and is forwarded to a destination

that will traverse a path segment ending at router x, r increments an outbound counter

associated with router x. Conversely, when a packet arrives at router r, via a path segment

beginning with router x, it increments its inbound counter associated with router x.

6


7/62

Periodically, router x sends a copy of its outbound counters to the associated routers for

validation.Then, a given router r can compare the number of packets that x claims to have

sent to r with the number of packets it counts as being received from x, and it can detect

the number of packet losses. Thus, over some time window, a router simply knows that

out of m packets sent, n were successfully received. To address congestion ambiguity, all

of these systems employ a predefined threshold how does one choose the threshold?

In order to avoid false positives, the threshold must be large enough to include the

maximum number of possible congestive legitimate packet losses over a measurement

interval. Thus, any compromised router can drop that many packets without being

detected. Unfortunately, given the nature of the dominant TCP, even small numbers of

losses can have significant impacts. Subtle attackers can selectively target the traffic flows

of a single victim and within these flows only drop those packets that cause the most harm.For example, losing a TCP SYN packet used in connection establishment has a

disproportionate impact on a host because the retransmission time-out must necessarily be

very long (typically 3 seconds or more). Other seemingly minor attacks that cause TCP

time-outs can have similar effects

7


8/62

Chapter 4

SYSTEM MODEL

Our work proceeds from an informed, yet abstracted, model of how the network is

constructed, the capabilities of the attacker, and the complexities of the traffic validation

problem. In this section, we briefly describe the assumptions underlying our model. We

use the same system model as in our earlier work .

4.1 Network Model

We consider a network to consist of individual homogeneous routers interconnected via

directional point-topoint links. This model is an intentional simplification of real networks

(e.g., it does not include broadcast channels or independently failing network interfaces)

but is sufficiently general to encompass such details if necessary.Unlike our earlier work,

we assume that the bandwidth, the delay of each link, and the queue limit for each

interface are all known publicly. Within a network, we presume that packets are forwarded

in a hop-by-hop fashion, based on a local forwarding table. These forwarding tables are

updated via a distributed link-state routing protocol such as OSPF or IS-IS. This is critical,

as we depend on the routing protocol to provide each node with a global view of the

current network topology.

Finally, we assume the administrativeability to assign and distribute cryptographic keys to

sets of nearby routers. This overall model is consistent with the typical construction of

large enterprise IP networks or the internal structure of single ISP backbone networks but

is not well suited for networks that are composed of multiple administrative domains using

BGP. At this level of abstraction, we can assume a synchronous network model. We

define a path to be a finite sequence hr1; r2; . . . rni of adjacent routers. Operationally, a

path defines a sequence of routers a packet can follow. We call the first router of the paththe source and the last router its sink; together, these are called terminal routers. A path

might consist of only one router, in which case the source and sink are the same. Terminal

routers are leaf routers: they are never in the middle of any path. An x-path segment is a

consecutive sequence of x routers that is a subsequence of a path. A path segment is an x-

path segment for some value of x > 0. For example, if a network consists of the single pth

ha; b; c; di, then hc; di and hb; ci are both two-path segments, but ha; ci is not because a

and c are not adjacent.

8


9/62

4.2 Threat Model

This project focuses solely on data plane attacks Moreover, for simplicity, we examine

only attacks that involve packet dropping. However, our approach is easily extended to

address other attackssuch as packet modification or reorderingsimilar to our previous

work. Finally, as in TCP, the protocol we develop validates traffic whose source and sink

routers are uncompromised. A router can be traffic faulty by maliciously dropping packets

and protocol faulty by not following the rules of the detection protocol. drops or misroutes

packets that flow through _. A router can drop packets without being faulty, as long as the

packets are dropped because the corresponding output interface is congested. A

compromised router r can also behave in an arbitrarily malicious way in terms of

executing

4.3 Protocol Model

Protocol _ detects traffic faulty routers by validating the queue of each output interface for

each router. Given the buffer size and the rate at which traffic enters and exits a queue, the

behavior of the queue is deterministic. If the actual behavior deviates from the predicted

behavior, then a failure has occurred. We present the failure detection protocol in terms of

the solutions of the distinct sub problems: traffic validation, distributed detection, and

response.

9


10/62

Chapter 5

Traffic Validation

The first problem we address is traffic validation: what information is collected about

traffic and how it is used to determine that a router has been compromised.

5.1 Estimating Legitimate Traffic Distribution

The probability of a packets legitimacy can be calculated, by observing the probabilities

of the attribute values in legitimate traffic (Pn) and in total traffic (Pm). However, it is

practically impossible to know how many packets are legitimate during the attack period,

let alone the number of legitimate packets bearing a particular attribute value. For that

reason, utilize an estimate Pn in place of true Pn. The estimate Pn

is called a nominal

profile and is collected in advance during normal operations.

A nominal traffic profile consists of single and joint distributions of various packet

attributes that are considered unique for a site. Candidate packet attributes from IP headers

are: packet size, Time-to-Live(TTL) values, protocol-type values, source IP prefixes, TCP

flag patterns, server port numbers, etc., To increase the number of attributes, we can

employ joint distribution of the fraction of packets having various combinations, such as

, 1 packets dropped during the last time interval. For the packets in

L, let ps be the mean of the packet sizes, qpred be the mean of qpredts (the predictedqueue length), and qact be the mean of qactts (the actual queue length) over the times

the packets were dropped. We test the following hypothesis: The packets are lost

10


11/62

due to malicious attack: _ > qlimit _ qpred _ ps. The Z-test score is

z1 q limit _ qpred _ ps _ _

For the standard normal distribution Z, the probability of ProbZ < z1 gives the

confidence value ccombined for the hypothesis. A malicious router is detected if

combined is at least as large as a target significance level slevel combined. One can

question using a Z-test in this way because the set of dropped packets are not a simple

random sample. But, this test is used when there are packets being dropped and the first

test determined that they were consistent with congestion loss. Hence, the router is under

load during the short period the measurement was taken and most of the points, both for

dropped packets and for non dropped packets, should have a full Q.

11


12/62

Packet differentiation and overload control procedure architecture has shown below:-

5.4 PACKET COUNTING PROCEDURE

Step 1: Start the process

Step 2: Trace the incoming packets using Jpcap (Java Component used to

capture the packets)

Step 3: Assign scores to the packets based on the Log Conditional

Legitimate Probability (CLP)

Step 4 : Fix the threshold value which depends on the parameters like

protocol type, packet size etc.,

Step 5: Compare the Threshold value with the Packet Score

12


13/62

Step 6: If the Measured value is less than the Threshold value then the

packet is attacked packet Other wise, the packet is normal packet

Step 7: Update the cumulative distribution function score and continue with

the Step 3.

Step 8: Stop the process

Capturepackets

using jpcap

Assigning packetscore

Start

13

Fixing athreshold value

Is packetscore

thresholdvalue

Update packet score

Discard packets

Stop

No

Yes


14/62

Chapter 6

SYSTEM DESIGN

6.1 UNIFIED MODELING LANGUAGE

The Unified Modeling Language is a language for specifying, constructing,

visualizing and documenting the software system and its components. The UML is a

graphical language with a set of rules and semantics.Main advantages of this modeling are

Models make it easier to express complex ideas

The cost of modeling analysis is much lower than the cost of similar

experimentation conducting with the system

Manipulation of the models is much easier

Models reduces the complexity by separating those aspects is

unimportant from those that are important

Model: A model is an abstract representation of the system, constructed to

understand the system prior to building or modifying it.

Static Model: A static model can be viewed as a snapshot of a Systems parameter at rest

or at a specific point in time. Static models are needed to represent the structural or static

aspect of the system.

Dynamic Model: A dynamic model can be viewed as a collection of procedures or

behaviors that taken together reflect the behavior of the system over time. Dynamic

relationships show how the business objects interact to perform the task.

6.1.1 USE CASE DIAGRAM

Use case diagrams are central to modeling the behavior of a system, a subsystem, or class.

Each one shows a set of use cased and actors and their relationships.Use case diagrams are

important for visualizing, specifying, and documenting the behavior of an element. They

make systems, subsystems, and classes approachable and understandable by presenting on

outside view of how those elements may be used in context. Use case diagrams are also

important for testing executable systems through forward engineering and for

comprehending executable systems through reverse engineering.

14


15/62

Client P a cke t

Pac ket Transm ission Detai ls

protocol U ti l iz at ionCLP Calculat ion

Identi fy ing pac ket

Server

G UI

winpcap

Use Case diagram of Packet Losses

15


16/62

6.1.2 CLASS DIAGRAM

A class diagram show a set of classes, interfaces, and collaborations and their

relationships. Class diagrams are used to model the static design view of a system. It

involves modeling the vocabulary of the system, modeling collaborations, or modeling

schemas. Class diagrams are also the foundation for a couple of related diagrams:

component diagrams and deployment diagrams.

Class diagrams are important not only for visualizing, specifying and documenting

structural models, but also for constructing executable systems through forward and

reverse engineering.

16


17/62

Class diagram of Packet Losses

6.1.3 SEQUENCE DIAGRAM

A sequence diagram is an interaction diagram that emphasizes the time ordering of

messages. A sequence diagram shows a set of objects and the messages sent and received

by those objects. The objects are typically named or anonymous instances of classes, but

may also represent instances of other things, such as collaborations, components and

nodes.

W in P c a pW in P c a p G U IG U I P a c k e t T ra n s m i s s io n

D e t a i l s

P a c k e t T ra n s m i s s io n

D e t a i l s

P r o t o c o l

U t i l i z a t i o n

P r o t o c o l

U t i l i z a t i o n

C L P

C a l c u l a t i o n

C L P


I d e n t i f i c a t i o nI d e n t i f i c a t i o n

1 : S e n t P a c k e t s

2 : S e n t P a c k e t s

3 : S e n t S n i f fe d P a c k e t s

4 : S e n t t o S n i f fe d P r o t o c o l s u s e d


6 : S e n t P a c k e t s f o r C L P C a l u l a t io n

7 : S e n t P a c k e t S c o r e

8 : Id e n t i fy a s N o r m a l o r A t t a c k

Sequence diagram of Packet Losses

17


18/62

6.1.4 COLLABORATION DIAGRAM

A collaboration diagram is an interaction diagram that emphasized the structural

organization of the objects that send and receive messages. A collaboration diagram

shows a set of objects, links among those objects, and messages sent and received by those

objects. The objects are typically named or anonymous instances of classes, but may also

represent instances of other things, such as collaborations, components, and nodes.

Collaboration diagrams are used to illustrate the dynamic view of a system.

W in P c a

p

G U I P a c k e t T ra n s m i s s i o n

D e t a i l s

P r o t o c o lU t i l i z a t i o n

C L P


I d e n t i f i c a

t i o n

1 : S e n t P a c k e t s 2 : S e n t P a c k e t s

4 : S e n t t o S n i f fe d P r o t o c o ls u s e d

6 : S e n t P a c k e t s fo r C L P C a l u l a t io n

3 : S e n t S n i f fe d P a c


7 : S e n t P a c k e t S c o r e

8 : Id e n t i fy a s N o r m a l o r A t t a c k

Collaboration diagram of Packet Losses

18


19/62

6.2 SYSTEM REQUIREMENTS

HARDWARE REQUIREMENTS

MAIN PROCESSOR : Pentium IV

RAM : 512 MB SD-RAM

MOTHER BOARD : 845GVM Intel Chipset

LAN : On Board 10/100 Mbps SIS LAN

HARD DISK : 40GB HDD

MONITOR : 17 Color Monitor

KEYBOARD : 104 Keyboard

MOUSE : Logitech

SOFTWARE REQUIREMENTS

OPERATING SYSTEM : Windows/Linux

SOFTWARE : JDK1_5_0_5

19


20/62

Chapter 7

JAVA

As most current Java developers know, the Java Application Programming

Interface consists of pre developed code that you can use in your applications. This pre

developed code is organized into packages filled with useful classes and methods designed

to make it easy to program with Java. The core package for the Java programming

language is called java.lang. Although the java.lang package provides the core

functionality of the Java programming language, it is not the only package included in the

official Java Developer's Kit from JavaSoft. The official developer's kit includes eight

basic packages: java.applet, java.awt, java.awt.image, java.awt.peer, java.io, java.lang,

java.net, and java.util. The JDK also includes an add-on package called sun.tools.debug.

Together the basic and add-on packages provide everything you need to create and debug

advanced Java applications. The API in the developer's kit is only the beginning for Java

APIs. Currently, there are eight other APIs in development by JavaSoft.

The Java Enterprise API provides almost everything you need to create applications that

connect to databases. The Java Commerce API is the key to enabling electronic

commerce. The Java Management API is a comprehensive tool for building applications

that can manage networks. The Java Server API provides almost everything you need to

develop Java-powered servers for the Internet and intranets. The Java Media API is an

advanced toolkit for creating applications that use multi-media.

The Java Beans API helps you create plug-ins and software modules that interact

with existing architectures for object linking and embedding. The Java Embedded API

defines a minimal set of core functionality that can be used in embedded devices. The

great thing about standardized APIs is that all the packages they contain are thoroughly

tested before the API is officially released. What this means is that you have millions of

lines of code at your fingertips. You can use this code to develop Java applications without

having to re-invent the wheel.

The Internet helped catapult Java to the forefront of programming, and Java, in

turn, has had a profound effect on the Internet. The reason for this is quite simple: Java

expands the universe of objects that can move about freely in the cyberspace. In a

network, two very broad categories of objects are transmitted between the server and ourcomputer passive information and dynamic, active programs.

20


21/62

As desirable as dynamic, networked programs are, they also present serious

problems in the areas of security and portability. Java achieves this security or protection

by confining a Java program to the Java execution environment and not allowing it to

access to other parts of the computer. Many types of the computers and operating systems

are in use throughout the world and many are connected to the Internet. For programs to

be dynamically download to all the various types of platforms connected to the Internet,

some means of generating portable executable code is needed.

Java was designed to be easy for the professional programmers to learn and use

efficiently. The object model of Java is simple and easy to extend, while simple types,

such as integers are kept as high-performance non-objects.

BSNL System is implemented using the Java language so as to make the

programmers and different users at different levels can make use of this system veryaffectively.

The multiplatformed environment of the web places extraordinarily demands on a

program, because the program must execute reliably in a variety of systems. Thus, the

ability to create robust programs was given a high priority in the design of Java. At the

same time, Java frees us from having to worry about many of the most common cause of

programming errors. Because Java is strictly typed language, it checks our code at the

compile time and also at run-time.

Java was designed to meet the real world requirements of creating

interactive,Networked programs. Java supports multithreaded programming, which allows

us to write programs that do many things simultaneously. A central issue for the Java

designers was that of code longevity and portability. Their goal was write once; run

anywhere, any time , forever .

Java enables the creation of the cross-platform programs by compiling into

intermediate representation called Javabytecode. This code can be interpreted on any

system that provides a java virtual machine. Java is designed for the distributed

environment of the Internet, because it handles TCP/IP protocols. In fact, accessing a

resource using a URL is not much different from accessing a file. The original version of

Java (OAK) included features for intra-address-space messaging. Java programs carry

with them substantial amounts of the run-time type information that is used to verify and

resolve accesses to objects at run-time. This makes it possible to dynamically link code in

a safe and expedient manner.

21


22/62

ABOUT SERVLETS

Servlet is server side applet. It contains several advantages. They are:

Performance is significantly better. Servlets execute within the address space of the

web server. Creating a separate process to handle each client request isnt

necessary.

Servlets are platform-independent, because they are written in Java. Several web

servers, from vendors such as sun, Netscape, and Microsoft, offer the servlet API

Programs developed for this API can be moved to any of these environments

without recompilation.

The java security manager on the server enforces a set of restrictions to protect the

resources on a server machine.

The full functionality of the Java class libraries is available to a servlet. It can

communicate with applets, databases, or other software via the sockets and RMI

mechanisms.

The Lifecycle of a servlet:

Three methods are central to the lifecycle of a servlet: init (), service( ), and

destroy( ). First, assume that a user enters a Uniform Resource Locator (URL) to the

web browser. The web browser then generates an HTTP request for this URL and

sends it to the appropriate server. Second the web server receives this HTTP request.

The server maps this request to particular servlet. The servlet is dynamically retrieved

and loaded into the address space of the server. Third, the server invokes the init( )

method of the servlet. This method is invoked only when the servlet is first loaded into

the memory. Fourth, the server invokes the servlet service( ) method , which is called

to process the HTTP request. The service( ) method is called for each HTTP request.

Two packages are required to build the servlet they are javax.servlet and

javax.srevlet.http. They constitute of servlet API. ServletRequest interface is used to

read the data from a client0request and servletResponse is used to write data to the

client response. The javax.srevlet.http package include interfaces like

HttpServletRequest whish enables servlets to read data from HTTP request and

HttpServletResponse which enables servlets to write data from HTTP response.

CREATION OF JAVA

22


23/62

Java was conceived by James Gosling, Patrick Naughton, Chris Warth, Ed Frank and

Mike Sheridan at SUN Microsystems Incorporation in the year 1991.It took 18 months to

develop the 1st working version. This language was initially called OAK, but was

renamed JAVA in 1995, many more contributed to the design and evolution of the

language.

JAVA OVERVIEW

Java is a powerful but lean object-oriented programming language. It has generated

a lot of excitement because it makes it possible to program for Internet by creating

Applets. Programs that can be embedded in web page. The context of an applet can be an

animation with sound, an interactive game or a ticker tape. With constantly updated stockprices. Applets can be just little decorations to liven up web page, or they can be serious

applications like Word processor or Spreadsheet.

But Java is more than a programming language for writing Applets. It is being

used more and more for writing standalone applications as well. It is becoming so popular

that many people believe it will become standard language for both general purpose and

Internet programming.

There are many buzzwords associated with Java, but because of its spectacular

growth in popularity, a new buzzword has appeared ubiquitous. Indeed, all indications are

that it will soon be everywhere.

Java builds on the strength of C++. It has taken the best features of C++ and

discarded the more problematic and error prone parts. To this lean core, it has added

garbage collection (automatic memory management), multithreading (the capacity for one

program to do more than one thing at a time), security capabilities. This result is that Java

is simple, elegant, and powerful and easy-to-use.

Java is actually a platform consisting of 3 components:

1. Java Programming Language.

2. Java Library of Classes and Interfaces.

3. Java Virtual Machine

The following sections will say more about these components.

JAVA IS PORTABLE:

23


24/62

One of the biggest advantages Java offers is that it is portable. An application

written in Java will run on all the major platforms. Any computer with a Java-based

browser can run the applications or Applets written in the Java-Programming-Language. A

programmer no longer has to write one program to run on a Macintosh, another program

to run on a Windows-machine still another to run on a UNIX-machine and so on. In other

words, with Java developers write their programs only once.

The Virtual Machine is what gives Java is cross platform capabilities. Rather being

compiled into machine language, which is different for each OSs and computer

architecture, Java code is compiled into Byte codes.

With other languages, the program code is compiled into a language that the

computer can understand. The problem is that other computers with different machine

instruction set cannot understand that language. Java code on the other hand is compiled

into Byte-Code rather than a machine language. These byte codes go to the JVM, which

executes them directly or translates them into the language that is understood by the

machine running it.

In summary, these means that with the JDBC API extending Java, a programmer

writing Java code can access all the major RDBMS on any platform that supports the

JVM.

JAVA IS OBJECT-ORIENTED

The Java programming language is OBJECT-ORIENTED, which makes program

design focus on what you are dealing with, rather than on how your are going to do

something. This makes it more useful for programming in sophisticated projects, because

one can break the things into understandable components. A big benefit is that these

components can then be reused.

Object-Oriented Languages use the paradigm of classes. In simplest term, a class

includes both the data and the functions to operate on data. You can create an instance of a

class, also called an object, which will have all the data members and functionality of its

class. Because of this, you can think of a class as being like template, with each object

being a specific instance of a particular type of class.

The class paradigm allows one to encapsulate data so that specific data values are

those using the data cannot see the function implementation. Encapsulation makes it

possible to make the changes in code without breaking other programs that use that code.

24


25/62

If for example, the implementation of a function is changed, the change is invisible

to any programmer who invokes that function, and does not affect his/her program, except

hopefully to improve it.

Java includes inheritance, or the ability to derive new classes from existing classes.

The derived class, is also called as Sub-Class, inherits all the data in the functions of the

existing class.

JAVA DEVELOPMENT EVNIRONMENT

To code, edit, debug and test the java programs, one needs to have a java

development environment. At the minimum this will consists of a java compiler interpreter

and applet viewer where applets can be tested.

Suns java development kit (JDK) latest version is 2.2 can be freely downloaded

from the Internet.

Java compiler is available on DOS, Win95, WINNT, Solaris and MAC etc.

INTRODUCTION TO JDBC

JDBC (Java Database connectivity) is a front-end tool for connecting to a server to

ODBC in that respect, however JDBC can connect only java client and it uses ODBC for

the connectivity. JDBC is essentially a low-level API since any data manipulation, storage

and retrieval has to be done by the program itself. Some tools, which provide a higher-

level abstraction, are expected shortly.

The next question that needs to be answered is why we need JDBC, once we have

ODBC on hand. We can use the same ODBC to connect the entire database and ODBC is

a proven technology.

Problem for doing this is ODBC gives a c language API, which uses pointers

extensively. Since java does not have any pointes and is object-oriented sun

Microsystems, inventor of java developed to suit its needs.

Requirements to use JDBC:

To use JDBC you need a basic knowledge of databases and SQL.A part from this you

need the jdk1.1 (Java Development Kit1.1 available javasofts website) or a version of

Java since jdk1.1 and above come bundled with JDBC software.

After that you need to have a back-end database engine for which a JDBC driver is

available. When JDBC drivers are not available JDBC-ODBC bridge drivers are used to

access the database through ODBC. Back-end is not needed when JDBC driver is capable

25


26/62

of storing and retrieving the data itself, or if JDBC-ODBC Bridge and the ODBC driver

can be used to store and retrieve the information.

ABOUT JDBC (JAVA DATA BASE CONNECTION)

It is a java data base connectivity having database as a back-end of java as front

end. Database is a collectivity of related data. A data base management system (DBMS)

controls the storage or retrieval of data in the database. The main use of this JDBC is the

database connectivity.

Using drivers we can get connection to the back-end:

1.which drive we are going to connect back-end.

2.create a data source name (dsn).3.create a statement for connection.

The package we use here is import java. Sql. *

Interfaces of jdbc include driver, connection, and statement; prepare statement,

callable statement, Result Set, Result Set Meta data. Classes of JDBC are driver manages,

driver property information, date, time, and timestamp, type. The driver defined by the

classJdbc odbc driver in package sun.jdbc.odbc. Class sun.jdbc.odbc.jdbc odbc driver

represents the jdbc to odbc bridge driver.

JDBC Driver Types:

The JDBC drivers that we are aware of at this time fit into one of four categories:

1. JDBC-ODBC BRIDGE PLUS ODBC DRIVER

The java soft bridge product provides JDBC access via ODBC drivers. Note thatODBC binary code end in many cases database client code must be loaded on each client

machine that uses this driver. As a result, this kind of driver is most appropriate on a

corporate network where client installations are not major problem, or for application

server code written in java in a 3-tier architecture.

2. NATIVE API PARTLY-JAVA DRIVER

This kind of driver converts JDBC calls into calls on the client API for oracle

Sybase, Informix, DB2, or other DBMS. Note that, like the bridge driver, this style of

driver requires that some binary code be loaded on each client machine.

26


27/62

3. JDBC-NET ALL-JAVA DRIVER

This driver translates JDBC calls into a DBMS independent net protocol, which is then

translated, to a DBMS protocol by a server. This net server middle-ware is able to connect

its all java clients to many different databases. The Specific protocol used depends on the

vendor. In general, this most flexible JDBC alternative. It is likely that all vendors of this

solution will provide products suitable for intranet use. In order for these products to also

support Internet access, they must handle the additional requirements for security, access

through firewalls, etc that the web imposes. Several vendors are adding JDBC drivers to

their existing database middleware products.

4. NATIVE PROTOCOL ALL-JAVA DRIVER

This kind of driver converts JDBC calls into the network protocol used by DBMS

directory. This allows a direct call from the client machine to the DBMS server that is

practical solution for intranet access. Since many of these protocols are proprietary, the

database vendors themselves will be the primary source. Several database vendors have

these in progress. Eventually, we expect that driver categories 3 and 4 will be the preferred

way to access databases from JDBC. Driver categories one and two are interim solutions

where direct all java drivers are not yet available. Category 4 is in some sense the ideal;

however, there are many cases where category 3 may be preferable: eg: -where a thin

DBMS-independent client is desired, or if a DBMS independent protocol is standardized

and implemented directly by many DBMS vendors.

Configuring the Server:

The real beauty of the java server is that it is extensible. But, before you can use a

Servlet to add an extended functionality to the JavaServer.You have to use the Java Server

administration applet to install the Servlet and specify the default parameters and

arguments.

Display the Administration Applet by connecting to:

http://server_Host_Name:9090/index.html

Are secure-even when downloading across the network, the servlets security model and

the Servlet sandbox to protect your system from unfriendly behavior.

The advantage of the Servlet API

27


28/62

One of the great advantages of the Servlet API is protocol independence. It assumes

nothing about:

The protocol being used to transmit on the net.

How it is loaded.

The server environment it will be running in.

These qualities are important, because it allows the Servlet API to be embedded in many

different kinds of Servers. There are other advantages to the servlet API as well.

Servlet Features

The Java Server provides several important Servlet features. These include:

Loading & Invoking Servlets.Servlets can be loaded both locally and remotely.

Filters and Servlets change.

The Java Server uses MIME types to call Servlets sequentially.

Server size includes:

Servlets can be invoked from dynamic HTML documents using Server side include tags.

Replacing the CGI Scripts.

NETWORKING IN JAVA

The Java Networking API (java.net) provides the interfaces/classes for the

functions like Addressing, Making TCP connections, Sending/Receiving Datagram

Packets via UDP, Locating/Identifying Network Resources, Security, Authentication and

Permissions.

In TCP environment, for simple connections between a client and a server,

ServerSocket and Socket are all that you will probably need. ServerSocket represents the

socket on a server that waits and listens for requests for service from a client. Socket

represents the endpoints for communication between a server and a client. When a server

gets a request for service, it creates a Socket for communication with the client and

continues to listen for other requests on the ServerSocket. The client also creates a Socket

for communication with the server. Once the connection is established, getInputStream()

and getOutputSteam() may be used in communication between the sockets.

In UDP environment DatagramPacket represents a datagram packet. Datagram

packets are used for connectionless delivery and normally include destination address and

28


29/62

port information. DatagramSocket is a socket used for sending and receiving datagram

packets over a network via UDP. A DatagramPacket is sent from a DatagramSocket by

calling the send (...) method of DatagramSocket with DatagramPacket as the argument:

send(DatagramPacket dp). Receive (DatagramPacket dp) is use for receiving a

DatagramPacket. (The MulticastSocket class may be used for sending/receiving a

DatagramPacket to a multicast group. It is a subclass of DatagramSocket that adds

functionality for multicasting.)

29


30/62

Code:

import java.awt.*;

import javax.swing.*;

import javax.swing.table.*;

import javax.swing.border.*;

import java.util.Vector;

public class DestinationRouterUI extends JFrame

{

private JTable table = null;

private RouterTableModel tableModel = null;private JTable statTable = null;

private StatTableModel statTableModel = null;

private JTabbedPane tab = null;

private JList list = null;

private RouterListModel listModel = null;

private Object colHeader[] =

{

"SourceIP",

"TTL",

"Packet Data",

"Protocol Type",

"Packet Size"

};

private Object statHeader[] =

{

"PacketScore",

"ProtocolScore",

"Score",

"Thresold"

};

30


31/62

public DestinationRouterUI(String title) throws Exception

{

//container to add the components

Container con = getContentPane();

con.setLayout(new BorderLayout());

//instantiating the tabbed pane

tab = new JTabbedPane();

tab.addTab("Packet Staus",getTablePanel());

tab.addTab("Packet Log",getLogPanel());

// tab.addTab("Packet Statistics",getStatTablePanel());

//add components in the container

con.add("North",getLabelPanel());

con.add("Center",tab);

//set the parameters required for frame

setTitle(title);

setSize(800,400);

setLocation(100,100);

setVisible(true);

}

/*

This method is used to return the

Label to the frame

*/

public JPanel getLabelPanel() throws Exception

{

JPanel panel = new JPanel();

panel.setLayout(new GridLayout(1,1));

31


32/62

Font font = new Font("TimesRoman",Font.PLAIN,25);

JLabel label = new JLabel("Destination Router",

JLabel.CENTER);

Label.setForeground(Color.blue);

panel.add(label);

font = new Font("TimesRoman",Font.PLAIN,13);

Border etched = BorderFactory.createEtchedBorder();

Border border = BorderFactory.createTitledBorder(etched,"Title",

TitledBorder.LEFT,TitledBorder.DEFAULT_JUSTIFICATION,font,Color.red);

panel.setBorder(border);

return panel;

}

/*

This method is used to return the table

to the frame

*/

public JPanel getTablePanel() throws Exception

{



table = new JTable();

tableModel = new RouterTableModel();

tableModel.setColumnIdentifiers(colHeader);

table.setModel(tableModel);

JScrollPane scrollPane = new JScrollPane(table);

panel.add(scrollPane);

32


33/62


34/62

/*

This method is used to return the

log panel to the frame

*/

public JPanel getLogPanel()

{



list = new JList();

listModel = new RouterListModel();

list.setModel(listModel);



Border border = BorderFactory.createTitledBorder(etched,"Packet Log",

TitledBorder.LEFT,TitledBorder.DEFAULT_JUSTIFICATION,font,Color.red);

JScrollPane scrollPane = new JScrollPane(list);



return panel;

}

/*

This method is used to add data

to the table

*/

34


35/62

public void addData(Vector data)

{

// System.out.println("Arrived data:"+data.toString());

tableModel.addRow(data);

for(int i = 0; i < data.size(); i++){

listModel.addElement(data.elementAt(i));

}

}

public void addToLog(String data)

{listModel.addElement(data);

}

public void addStatData(Vector data)

{

statTableModel.addRow(data);

}

/*

Inner and overriden class for table model

*/

class RouterTableModel extends DefaultTableModel

{

RouterTableModel()

{

}

}

class StatTableModel extends DefaultTableModel

{

StatTableModel()

35


36/62

{

}

}

/*

Inner and overriden class for list model

*/

class RouterListModel extends DefaultListModel

{

RouterListModel()

{

}

}

}

36


37/62

public class PacketForwarder implements ReceiverConfigIF

{

private Socket socket = null;

private OutputStream outputStream = null;

private PrintStream printStream = null;

private String packet = null;

/*

Constructor

*/

public PacketForwarder(String packet) throws Exception

{

this.packet = packet;

//api call for connecting

connectToReceiver();

// api call to forward the packet

sendPacket(packet);

//api call to close the connection

closeConnection();

}

/*

This method is used to connect the Router

to the receiver

*/

public void connectToReceiver() throws Exception

{

37


38/62

//connecting the socket to the Receiver

socket = new Socket(RECEIVER_IP,RECEIVER_PORT);

//Initialize streams required for data transfer

outputStream = socket.getOutputStream();

printStream = new PrintStream(outputStream);

}

/*

This method is used to forward the packets

to the Recevier

*/

public void sendPacket(String packet) throws Exception

{

if ( packet != null)

{

printStream.println(packet.trim());

printStream.flush();

}

}

/*

This method is used to close the connection

with the Receiver

*/

public void closeConnection() throws Exception

{

printStream.close();

outputStream.close();

socket.close();

38


39/62

}

public class Sender implements ConfigIF, SourceConfigIF

{

// socket reference

Socket socket = null;

//OutputStream Reference

OutputStream os = null;

PrintStream ps = null;Vector packets = null;

/*

Constuctor for intialization

*/

public Sender() throws Exception

{

intializeSetup();

intializeStream();

/*

packets = getInput();

sendPackets(packets);

closeConnection();

*/

}

/*

This method is used to connect to server

and setup the client

*/

39


40/62

public void intializeSetup()throws Exception

{

//connects to server by providing

// ip address and port number

socket = new Socket(routerIP,routerPort);

}

/*

This method is used to obtain the

stream required for packets transfer

*/

public void intializeStream() throws Exception

{

//Obtain the output stream from the

//socket created

os = socket.getOutputStream();

//Wrap the output stream to the print stream

ps = new PrintStream(os);

}

/*

This Method is used to obtain the packets from

user

*/

public Vector getInput() throws Exception

{

//Obtain the input from the user

DataInputStream dis = new DataInputStream(System.in);

System.out.println("Enter No Of Packets:");

//read the input

String str = dis.readLine();

40


41/62

//Calculate the total number of packets to be sent

int packetCount = Integer.parseInt(str);

System.out.println("Enter the Packets");

//Intialize the vector to hold packets

packets = new Vector();

//Read the packets from the user

for(int i = 0; i < packetCount; i++)

{str = dis.readLine();

packets.addElement(str);

}

return packets;

}

/*

This method is used to send packets to the server

*/

public void sendPackets(Vector packets) throws Exception

{

//calculate the start time of transfer

long startTime = System.currentTimeMillis();

ps.println("START");

//send all packets to server

for(int i = 0; i < packets.size(); i++)

{

StringBuffer buffer = new StringBuffer();

String str = (String) packets.elementAt(i);

41


42/62

buffer.append(sourceIP);

buffer.append("&");

/*

buffer.append(destIP);

buffer.append("&");

*/

buffer.append(String.valueOf(2));

buffer.append("&");

buffer.append(str);

buffer.append("&");

buffer.append("TCP");

buffer.append("&");

buffer.append(buffer.length());

ps.println(buffer.toString());

// ps.println("END");

}

ps.println("END");

//calculate the end time

long endTime = System.currentTimeMillis();

//calculate the total time

long totalTime = endTime - startTime;

System.out.println("Start Time :"+ startTime);

System.out.println("End Time :"+ endTime);

System.out.println("Total Time :"+ totalTime);

}

/*

This method is used to close the connection

42


43/62

with the server

*/

public void closeConnection() throws Exception

{

ps.close();

socket.close();

System.out.println("Client Connection Closed");

}

public static void main(String[] args) throws Exception

{

Sender sender = new Sender();

}

}

43


44/62

import java.io.*;

import java.util.StringTokenizer;

public class PasswordValidator

{

private File file = null;

private FileInputStream fis = null;

private DataInputStream dis = null;

private boolean flag = false;

private final static String FILE_NAME = "pass.db";

public PasswordValidator(String uname,String passwd) throws Exception

{

initialize();

validate(uname,passwd);

closeFile();

}

public void initialize() throws Exception

{

file = new File(FILE_NAME);

fis = new FileInputStream(file);

dis = new DataInputStream(fis);

}

public void validate(String uname,String passwd) throws Exception

{

String str = dis.readLine();

44


45/62

while( str != null )

{

StringTokenizer st = new StringTokenizer(str,"/");

String userName = st.nextToken().trim();

String password = st.nextToken().trim();

if ( userName.equals(uname.trim()))

{

if ( password.equals(passwd.trim()))

{

flag = true;

}

}

if ( flag )

{

break;

}

}

}

public boolean isValid() throws Exception

{

if ( flag )

{

return true;

}

else {

return false;

}

}

45


46/62

public void closeFile() throws Exception

{

dis.close();

fis.close();

}

import java.awt.*;

import java.awt.event.*;

import javax.swing.*;import javax.swing.border.*;

import java.util.Vector;

public class SenderUI extends JFrame implements ActionListener,ConfigIF

{

private Container container = null;

private JButton closeButton = null;

private JButton sendButton = null;

private JList packetsList = null;

private Vector packetVector = null;

private Sender sender = null;

private JLabel routerIPLabel = null;

public SenderUI() throws Exception

{

container = getContentPane();

//setLayout to the containet

container.setLayout(new BorderLayout());

46


47/62

sender = new Sender();

Vector vector = getInput();

container.add("North",getLabelPanel());

container.add("Center",getListPanel(vector));

container.add("South",getButtonPanel());

setSize(350,400);

setLocation(150,150);

setVisible(true);

}

public Vector getInput() throws Exception

{

//Get the no of packets from the user

String input = JOptionPane.showInputDialog(

"Enter the Number Of Packets");

int totalPackets = Integer.parseInt(input);

packetVector = new Vector();

for(int i = 0; i < totalPackets; i++)

{

String packet = JOptionPane.showInputDialog(

"Enter the Packet-"+(i+1));

packetVector.addElement(packet.trim());

}

return packetVector;

}

public JPanel getLabelPanel() throws Exception

{

47


48/62




JLabel label = new JLabel(" SENDER");

label.setFont(font);

label.setForeground(Color.blue);

routerIPLabel = new JLabel(" Source Router IP :"+routerIP);

routerIPLabel.setForeground(Color.red);


font = new Font("TimesRoman",Font.PLAIN,13);

Border border = BorderFactory.createTitledBorder(etched,

"RSVP Sender",TitledBorder.LEFT,

TitledBorder.DEFAULT_JUSTIFICATION,font,Color.gray);


panel.add(label);

panel.add(routerIPLabel);

return panel;

}

public JPanel getListPanel(Vector vector) throws Exception

{

JPanel panel = new JPanel();panel.setLayout(new GridLayout(1,1));

packetsList = new JList(vector);

JScrollPane scrollPane = new JScrollPane(packetsList);




"Generated Packets",TitledBorder.CENTER,

48


49/62

TitledBorder.DEFAULT_JUSTIFICATION,font,Color.red);



return panel;

}

public JPanel getButtonPanel() throws Exception

{

JPanel panel = new JPanel();panel.setLayout(new FlowLayout(FlowLayout.CENTER));

sendButton = new JButton("Send");

closeButton = new JButton("Exit");




"",TitledBorder.LEFT,

TitledBorder.DEFAULT_JUSTIFICATION,font,Color.red);


panel.add(sendButton);

panel.add(closeButton);

sendButton.addActionListener(this);

closeButton.addActionListener(this);

return panel;

}

public void actionPerformed(ActionEvent event)

{

49


50/62

try

{

if(event.getSource() == sendButton)

{

routerIPLabel.setForeground(Color.green);

sender.sendPackets(packetVector);

sender.closeConnection();

}

else if(event.getSource() == closeButton)

{

System.exit(0);}

}catch(Exception exception) { exception.printStackTrace();}

}

public static void main(String[] args) throws Exception

{

SenderUI senderUI = new SenderUI();

senderUI.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);

}

}

50


51/62

Chapter 8

OUTPU

T SCREENS

51


52/62

52


53/62

53


54/62

54


55/62

55


56/62

56


57/62

Chapter 9

TESTING AND IMPLEMENTATION

TESTING:

Testing is a process of executing a program with a intent of finding an error.

Testing presents an interesting anomaly for the software engineering.

The goal of the software testing is to convince system developer and customers

that the software is good enough for operational use. Testing is a process intended to build

confidence in the software.

Testing is a set of activities that can be planned in advance and conducted

systematically. Testing is a set of activities that can be planned in advance and conducted

systematically.

Software testing is often referred to as verification & validation.

TYPES OF TESTING:

The various types of testing are

1)White Box Testing2)Black Box Testing

3)Alpha Testing

4)Beta Testing

5)Win Runner And Load Runner

6)Load Runner

7)System Testing

8)Unit Testing

9.1 WHITE BOX TESTING

It is also called as glass-box testing. It is a test case design method that uses the

control structure of the procedural design to derive test cases.Using white box

testing methods, the software engineer can derive test cases that Guarantees that

all independent parts within a module have been exercised at least once

andExercise all logical decisions on their true and false sides.

57


58/62

9.2 BLACK BOX TESTING

Its also called as behavioral testing . It focuses on the

functional requirements of the software.

It is complementary approach that is likely to uncover a .

different class of errors than white box errors.

A black box testing enables a software engineering to derive a

sets of input conditions that will fully exercise all functional

requirements for a program.

9.3 ALPHA TESTING

Alpha testing is the software prototype stage when the software is first able to run.

It will not have all the intended functionality, but it will have core functions and

will be able to accept inputs and generate outputs. An alpha test usually takes

place in the developer's offices on a separate system.

9.4 BETA TESTING

The beta test is a live application of the software in an environment that cannot

be controlled by the developer. The beta test is conducted at one or more customer sites

by the end user of the software.

9.5 WIN RUNNER & LOAD RUNNER

We use Win Runner as a load testing tool operating at the GUI layer as it allows us to

record and playback user actions from a vast variety of user applications as if a real

user had manually executed those actions.

9.6 LOAD RUNNER TESTING

With Load Runner , you can Obtain an accurate picture of end-to-end system

performance. Verify that new or upgraded applications meet specified performance

requirements.

9.7 SYSTEM TESTING

58


59/62

Testing of the debugging programs is one of the most critical aspects of the computer

programming triggers, without programs that works, the system would never produce the

output for which it was designed. Testing is best performed when user development are

asked to assist in identifying all errors and bugs. The sample data are used for testing . It is

not quantity but quality of the data used the matters of testing. Testing is aimed at

ensuring that the system was accurately an efficiently before live operation commands.

9.8 UNIT TESTING

In this testing we test each module individually and integrate with the

overall system. Unit testing focuses verification efforts on the smallest unit of software

design in the module. This is also known as module testing. The module of the system is

tested separately . This testing is carried out during programming stage itself . In this

testing step each module is found to working satisfactorily as regard to the expected output

from the module. There are some validation checks for fields also. It is very easy to find

error debut in the system.

59


60/62

Chapter 10

CONCLUSION & FUTURE SCOPE

To the best of our knowledge, this paper is the first serious attempt to distinguish between

a router dropping packets maliciously and a router dropping packets due to congestion.

Previous work has approached this issue using a static user-defined threshold, which is

fundamentally limiting. Using the same framework as our earlier work (which is based on

a static user-defined threshold) we developed a compromised router detection protocol _

that dynamically infers, based on measured traffic rates and buffer sizes, the number of

congestive packet losses that will occur.

Subsequent packet losses can be attributed to malicious actions. Because of non

determinism introduced by imperfectly synchronized clocks and scheduling delays,

protocol _ uses user-defined significance levels, but these levels are independent of the

properties of the traffic. Hence, protocol _ does not suffer from the limitations of static

thresholds. We evaluated the effectiveness of protocol _ through an implementation and

deployment in a small network. We show that even fine-grained attacks, such as stopping

a host from opening a connection by discarding the SYN packet, can be detected.

60


61/62

Chapter 11

BIBLIOGRAPHY

[1] X. Ao, Report on DIMACS Workshop on Large-Scale Internet Attacks,

http://dimacs.rutgers.edu/Workshops/Attacks/internet-attack-

9-03.pdf, Sept. 2003.

[2] R. Thomas, ISP Security BOF, NANOG 28, http://www.nanog.org/mtg-0306/pdf/thomas.pdf, June 2003.

[3] K.A. Bradley, S. Cheung, N. Puketza, B. Mukherjee, and

R.A. Olsson, Detecting Disruptive Routers: A Distributed

Network Monitoring Approach, Proc. IEEE Symp. Security

and Privacy (S&P 98), pp. 115-124, May 1998.

[4] A.T. Mizrak, Y.-C. Cheng, K. Marzullo, and S. Savage, Detecting

and Isolating Malicious Routers, IEEE Trans. Dependable and

Secure Computing, vol. 3, no. 3, pp. 230-244, July-Sept. 2006.

[5] L. Subramanian, V. Roth, I. Stoica, S. Shenker, and R. Katz, Listen

and Whisper: Security Mechanisms for BGP, Proc. First Symp.

Networked Systems Design and Implementation (NSDI 04), Mar. 2004.

[6] S. Kent, C. Lynn, J. Mikkelson, and K. Seo, Secure Border

Gateway Protocol (Secure-BGP), IEEE J. Selected Areas in Comm.,

vol. 18, no. 4, pp. 582-592, Apr. 2000.

[7] Y.-C. Hu, A. Perrig, and D.B. Johnson, Ariadne: A Secure On-

Demand Routing Protocol for Ad Hoc Networks, Proc. ACM

MobiCom 02, Sept. 2002.

[8] B.R. Smith and J. Garcia-Luna-Aceves, Securing the Border

Gateway Routing Protocol, Proc. IEEE Global Internet, Nov. 1996.

[9] S. Cheung, An Efficient Message Authentication Scheme for Link

State Routing, Proc. 13th Ann. Computer Security Applications Conf.

(ACSAC 97), pp. 90-98, 1997.

[10] M.T. Goodrich, Efficient and Secure Network Routing Algorithms,

provisional patent filing, Jan. 2001.

[11] R. Perlman, Network Layer Protocols with Byzantine Robustness,

PhD dissertation, MIT LCS TR-429, Oct. 1988.

61


62/62

[12] V.N. Padmanabhan and D. Simon, Secure Traceroute to Detect

Faulty or Malicious Routing, SIGCOMM Computer Comm. Rev.,

vol. 33, no. 1, pp. 77-82, 2003.

RED Algorithm Report

Documents

Transcript of RED Algorithm Report