Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
MANET
Introduction:
Synopsis
System Analysis:
Feasibility Study:
During the feasibility study, the feasibility of the project – the likelihood of the
proposed system is analyzed. We have proposed a novel cross layer intrusion
detection architecture to discover the malicious nodes and different types of DoS
attacks by exploiting the information available across different layers of protocol
stack in order to improve the accuracy of detection. We have used cooperative
anomaly intrusion detection with data mining technique to enhance the proposed
architecture. We have implemented fixed width clustering algorithm for efficient
detection of the anomalies in the MANET traffic and also generated different types of
attacks in the network. Operational Feasibility.
In compared to wired networks, MANET has to face different challenges due to its
wireless features and ad-hoc structure. The very advantage of mobility in MANET
leads to its vulnerabilities. For efficient intrusion detection, we have used cross layer
techniques in IDS. The traditional way of layering network approach with the purpose
of separating routing, scheduling, rate and power control is not efficient for ad-hoc
wireless networks. A. Goldsmith discussed that rate control, power control; medium
access and routing are building block of wireless network design. Generally, routing
is considered in a routing layer and medium access in MAC layer whereas power
control and rate control are sometimes considered in a PHY and sometimes in a MAC
layer. If there is no cross layer inter action then the routing can select between
several routes and have no information about congestion or malicious nodes. As a
result, it selects a congested route or it selects a route that includes malicious nodes.
With the help of cross layer interaction, the routing forwards possible route choices
to MAC and MAC decides the possible routes using congestion and IDS information as
well as returns the result to the routing.
The selection of correct combination of layers in the design of cross layer IDS is very
critical to detect attacks targeted at or sourced from any layers rapidly. It is optimal
to incorporate MAC layer in the cross layer design for IDS as DoS attack is better
detected at this layer. The routing protocol layer and MAC layer is chosen for
detecting routing attacks in an efficient way. Data with behavioral information
consisting of layer specific information are collected from multiple layers and forward
it to data analysis module which is located in an optimal location . This cross layer
technique incorporating IDS leads to an escalating detection rate in the number of
malicious behavior of nodes increasing the true positive and reducing false positives
in the MANET. It also alleviates the congestion which can adapt to changing network
and traffic characteristics. In order to evade congestion and reroute traffic, MAC and
routing layers have to cooperate with each other with the IDS in order to avoid
insertion of malicious nodes in the new routes. The physical layer collects various
types of communication activities including remote access and logons, user activities,
data traffics and attack traces. MAC contains information regarding congestion and
interference. The detection mechanism for misbehaving nodes interacts with routing
layer for the detection process as MAC layers also help in detection of certain routing
attacks. MAC also interacts with
the physical layer to determine the quality of suggested path . By combining cross
layer features, attacks between the layers inconsistency can be detected.
Furthermore, these schemes provide a comprehensive detection mechanism for all
the layers i.e attacks originating from any layers can be detected with better
detection accuracy.
Technical feasibility
Economical Feasibility
The data obtained from the audit data sources mostly contains local routing
information, data and control information from MAC and routing layers along with
other traffic statistics. The training of data may entail modeling the allotment of a
given set of training points or characteristic network traffic samples. We have to
make few assumptions so that the traced traffic from the network contains no attack
traffic:
• The normal traffic occurs more frequently than the attack traffic.
• The attack traffic samples are statistically different from the normal connections.
Since, we have used two assumptions; the attacks will appear as outliers in the
feature space resulting in detection of the attacks by analyzing and identifying
anomalies in the data set.
B. Feature construction
Existing System:
It is difficult for Intrusion Detection system (IDS) to fully detect routing attacks due
to MANET’s characteristics. So, the IDS needs a scalable architecture to collect
sufficient evidences to detect those attacks effectively. A malicious node may take
advantages of the MANET node to launch routing attacks as the node acts as router
to communicate with each other. The wireless links between the nodes along with
the mobility raises the challenges of IDS to detect the attacks. Hence, we are
motivated to design a new IDS architecture which involves cross layer design to
efficiently detect the abnormalities in the wireless networks. We have proposed a
new intrusion detection architecture which incorporates cross layer that interacts
between the layers. In addition to this we have used association module to link
between the OSI protocol stack and the IDS module which results in low overhead
during the data collection. We have implemented the fixed width clustering algorithm
in anomaly detection engine for efficient detection of intrusion in the adhoc
networks.
Proposed System:
Some general approach has been used in a distributed manner to insure the
authenticity and integrity of routing information such as key generation and
management on the prevention side. Authentication based approaches are used to
secure the integrity and the authenticity of routing messages such as . There are
some difficulties that have to be faced in realizing some of the schemes like
cryptography and they are relatively expensive on MANET because of computational
capacity. A number of intrusion detection schemes for intrusion detection system
have been presented for ad-hoc networks. In, the paper proposed architecture for a
distributed and cooperative intrusion detection system for ad-hoc networks based on
statistical anomaly detection techniques but they have not properly mentioned about
the simulation scenario and the type of mobility they have used. In, A. Mishra
emphasizes the challenge for intrusion detection in ad-hoc network and purpose the
use of anomaly implementation for the problem. In , Huang details an anomaly
detection technique that explores the correlations among the features of nodes and
discusses about the routing anomalies. Loo presents an intrusion detection method
using a clustering algorithm for routing attacks in sensor networks. It is able to
detect three important types of routing attacks. They are able to detect sink hole
attacks effectively which are intense form of attack. There are some flaws like there
is absence of simulation platform that can support a wider variety of attacks on
larger scale networks. Fixed width clustering algorithm has shown to be highly
effective for anomaly detection in network intrusion. It presents a geometric
framework for unsupervised anomaly detection. This paper needs more feature maps
over different kinds of data and needs to perform more extensive experiments
evaluating the methods presented.
B. Local Detection:
The local detection module consists of anomaly detection engine. The local detection
module analyzes the local data traces gathered by the local data collection module
for evidence of anomalies. A normal profile is an aggregated rule set of multiple
training data segments. New and updated detection rules across ad-hoc networks
are obtained from normal profile. The normal profile consists of normal behavior
patterns that are computed using trace data from a training process where all
activities are normal. During testing process, normal and abnormal activities are
processed and any deviations from the normal profiles are recorded. The anomaly
detection distinguishes normalcy from anomalies as of the deviation data by
comparing with the test data profiles with the expected normal profiles. If any
detection rules deviate beyond a threshold interval and if it has a very high accuracy
rate it can determine independently that the network is under attack and initiates the
alert management.
C. Cooperative Detection:
When the support and confidence level is low or intrusion evidence is weak and
inconclusive in the detecting node then it can make collaborative decision by
gathering intelligence from its surrounding nodes via protected communication
channel. The decision of cooperative detection is based on the majority of the voting
of the received reports indicating an intrusion or anomaly.
D. Alert Management:
The alert management receives the alert from the local detection or co-operative
detection depending on the strength of intrusion evidence. It collects them in the
alert cache for t seconds. If there are more abnormal predictions than the normal
predictions then it is regarded as “abnormal” and with adequate information an
alarm is generated to inform that an intrusive activity is in the system.
Software Requirements:
Hardware Requirement:
128 MB RAM.
20 GB HDD.
1.44 MB FDD.
Software Requirement:
JAVA:
Java is used as front-end tool for developing the project. To run Java
there is no need to have any particular operating system, as it is platform
independent. This must have certain hardware and software installed on your
computer. The key considerations were summed up by the Java team in the
following list of buzzwords:
Simple
Security
Portability
Object-oriented
Robust
Multithreaded
Architecture-Neutral
Interpreted
High Performance
Distributed
Dynamic
JavaScript:
Macromedia Dreamweaver
Macromedia Dreamweaver2.0 is one of the HTML Editor
It is used to attach Sound files and Animation files along with our
Source.
that create dynamic content easily but with maximum power and
flexibility.
Advantages:
JSP page:
template data with some dynamic actions and leverages on the Java
different paradigms for authoring of dynamic content. JSP pages can be used in
Maximum performance and scalability through its unique design with the
Windows’NT multi-threaded architecture.
Central and easy-to-use the Graphical User Interface (GUI).
Automatic authentication of users by the Operating System.
Overall goals
• Enterprise JavaBeans applications will follow the “Write Once, Run Anywhere”
philosophy of the Java programming language. An enterprise Bean can be developed
once, and then deployed on multiple platforms without recompilation or source code
modification.
Application Assembler
The Application Assembler can also combine enterprise beans with other types
of application components (JSP) when composing an application. The EJB
specification describes the case in which the application assembly step occurs before
the deployment of the enterprise beans. However, the EJB architecture does not
preclude the case that application assembly is performed after the deployment of all
or some of the enterprise beans.
Deployer
The Deployer takes one or more ejb-jar files produced by a Bean Provider
or Application Assembler and deploys the enterprise beans contained in the ejb-jar
files in a specific operational environment. The operational environment includes a
specific EJB Server and Container. The Deployer is an expert at a specific operational
environment and is responsible for the deployment of enterprise Beans.The Deployer
uses tools supplied by the EJB Container Provider to perform the deployment tasks.
The deployment process is typically two-stage:
• The Deployer first generates the additional classes and interfaces that
enable the container to manage the enterprise beans at runtime. These classes
are container-specific.
• The Deployer performs the actual installation of the enterprise beans and
the additional classes and interfaces into the EJB Container.
database vendor. The current EJB architecture assumes that the EJB Server
Provider and the EJB Container Provider roles are the same vendor. Therefore,
it does not define any interface requirements for the EJB Server Provider.
enterprise Bean and the container. This API is the Enterprise JavaBeans
typically provides tools that allow the system administrator to monitor manage
System Administrator
4. System Design
4.1 DFD
A data flow diagram (DFD) is a graphical representation that depicts information
flow and the transforms that one applied as data moves from of a data flow diagram
is also known as data flow graph or bubble
The sequence diagrams are an easy and intuitive way of describing the
system’s behavior, which focuses on the interaction between the system and
the environment. This notational diagram shows the interaction arranged in a
time sequence. The sequence diagram has two dimensions: the vertical
dimension represents the time; the horizontal dimension represents different
objects. The vertical line also called the object’s lifeline represents the object’s
Intruder Detected
Network Busy
Packet Loss
User
Process
Admin
Usecase Diagram:
Activity Diagram:
Start
User Login
View YourProfile
UntimeLoginRequest You are a Intruder
Packet Losses
Upload your File Access Denied,You are a Intruder
End
Some general approach has been used in a distributed manner to insure the
authenticity and integrity of routing information such as key generation and
management on the prevention side. Authentication based approaches are used to
secure the integrity and the authenticity of routing messages such as . There are
some difficulties that have to be faced in realizing some of the schemes like
cryptography and they are relatively expensive on MANET because of computational
capacity. A number of intrusion detection schemes for intrusion detection system
have been presented for ad-hoc networks. In, the paper proposed architecture for a
distributed and cooperative intrusion detection system for ad-hoc networks based on
statistical anomaly detection techniques but they have not properly mentioned about
the simulation scenario and the type of mobility they have used. In, A. Mishra
emphasizes the challenge for intrusion detection in ad-hoc network and purpose the
use of anomaly implementation for the problem.
Intrusion Detection Module:
The local data collection module collects data streams of various information, traffic
patterns and attack traces from physical, MAC and network layers via association
module. The data streams can include system, user and mobile nodes’
communication activities within the radio range.
B. Local Detection:
The local detection module consists of anomaly detection engine. The local detection
module analyzes the local data traces gathered by the local data collection module
for evidence of anomalies. A normal profile is an aggregated rule set of multiple
training data segments. New and updated detection rules across ad-hoc networks
are obtained from normal profile. The normal profile consists of normal behavior
patterns that are computed using trace data from a training process where all
activities are normal. During testing process, normal and abnormal activities are
processed and any deviations from the normal profiles are recorded. The anomaly
detection distinguishes normalcy from anomalies as of the deviation data by
comparing with the test data profiles with the expected normal profiles. If any
detection rules deviate beyond a threshold interval and if it has a very high accuracy
rate it can determine independently that the network is under attack and initiates the
alert management.
C. Cooperative Detection:
When the support and confidence level is low or intrusion evidence is weak and
inconclusive in the detecting node then it can make collaborative decision by
gathering intelligence from its surrounding nodes via protected communication
channel. The decision of cooperative detection is based on the majority of the voting
of the received reports indicating an intrusion or anomaly.
D. Alert Management:
The alert management receives the alert from the local detection or co-operative
detection depending on the strength of intrusion evidence. It collects them in the
alert cache for t seconds. If there are more abnormal predictions than the normal
predictions then it is regarded as “abnormal” and with adequate information an
alarm is generated to inform that an intrusive activity is in the system.
System Testing:
The system once finished has to go through a series of testing in order to ensure
that it works the way it ought to. The various types of testing measures to be taken
are:
Types of Tests:
1. Unit Test
2. Functional Test
3. Performance Test
4. Stress Test and
5. Structural Test
6. System Test
Functional Test, Performance Test and Stress Test are known as Black box
testing. Structural Test is referred as White box or Glass Box testing.
1.Unit Testing:
Unit testing focuses verification effort on the smallest unit of software design.
Unit Testing is considered as an equivalent to coding step. After the source level code has
been developed, reviewed and verified for correct syntax, unit test case design begins. In
most of the applications, a driver is nothing more than a main program that accepts test
case data, passes such data to the module to be tested and prints the relevant results.
2.Functional Testing:
3.Performance Testing:
4.Stress Testing:
5.Structural Testing:
Structural Testing are concerned with examining the internal
processing logic of a program and traversing particular execution paths.
6.System Testing:
1.Integration Testing:
In Top down Integration the top of the hierarchy is tested then one or
two immediately subordinate routines are tested.
First the modules at the very bottom, which have no subordinates, are
tested then these are combined with higher-level modules for testing.
2.Acceptance Testing:
Acceptance Testing involves planning and execution of functional tests,
performance tests and stress tests in order to demonstrate that the implemented
system satisfies its requirements.
QUALITY ASSURANCE
The aim of this step is to maintain or to ensure the quality of the system developed.
The quality assurance goals in the system life cycle involves
e. Maintainability – The ease with which the program errors are located and
corrected.
k. Access Controls and Audit – Control of access to the system and the extent to
which that access can be audited.
l. Communication – How useful the input and output of the system are.
Model Code
MyServerImpl.java
import java.awt.Component;
import java.awt.Frame;
import java.awt.event.ActionEvent;
import java.awt.event.ActionListener;
import java.io.*;
import java.net.InetAddress;
import java.rmi.Naming;
import java.rmi.RemoteException;
import java.rmi.server.UnicastRemoteObject;
import java.sql.*;
import java.util.StringTokenizer;
import java.util.Vector;
import java.util.Enumeration;
import java.util.Properties;
import javax.swing.*;
import java.util.Hashtable;
public class MyServerImpl extends UnicastRemoteObject implements
MyInterface, ActionListener
{
Timer t1;
Timer t2;
Timer t3;
static Boolean temp1;
static Boolean temp2;
static Boolean temp3;
static MinWin mw = null;
///////////
String userpro;
/////////////
MinWin mw1;
Hashtable pro;
public MyServerImpl()
throws RemoteException
{
pro=new Hashtable();
pro.put("admin","p2");
pro.put("admin","p1");
pro.put("eee","p2");
pro.put("eee","p1");
mw1 = null;
}
Naming.rebind(s1, myserverimpl);
System.out.println(s2);
mw = new MinWin();
mw.setFont(new java.awt.Font("verdana", 1, 20));
mw.setForeground(new java.awt.Color(255, 255, 255));
mw.setTitle("A Novel Cross Layer Intrusion Detection System in
MANET");
mw.setDefaultCloseOperation(3);
mw.setSize(800, 600);
mw.setVisible(true);
mw.setResizable(false);
}
catch(Exception exception)
{
System.out.println("RMI Exception : " + exception + "\n");
}
}
//////////////////////////procsssss
public String getpro(String proid)throws RemoteException
{
String as[] = {"Process level Agent Activated" };
MinWin.status.setListData(as);
Vector sys=new Vector();
String ress="";
try{
if(pro.get(userpro).equals(proid))
{
if(proid.equals("p1"))
{
Properties p=System.getProperties();
Enumeration en=p.propertyNames();
ress="";
while(en.hasMoreElements())
{
String name=(String)en.nextElement();
ress=ress+name+"="+p.getProperty(name)+"\n;";
}
System.out.println("process ok"+ress);
}
if(proid.equals("p2"))
{
Runtime r=Runtime.getRuntime();
ress="TotalMemory="+r.totalMemory()
+"\n"+"FreeMemory="+r.freeMemory()+"\n";
}
}
else
{
////Mobile alert
emserver.msg="Process Level-Intruder Detected.";
System.out.println(emserver.msg+"Msg SENDED TO MOBILE");
if(l != 0)
{
try
{
FileOutputStream fileoutputstream = new FileOutputStream(s);
BufferedReader bufferedreader = new BufferedReader(new
StringReader(s1));
int l2;
while((l2 = bufferedreader.read()) != -1)
{
fileoutputstream.write((char)l2);
}
fileoutputstream.close();
bufferedreader.close();
}
catch(Exception exception1) { }
}
}
return l;
}
//////////////////
int l1=0;
ListModel listmodel1 = MinWin.warning.getModel();
String as1[] = new String[listmodel1.getSize() + 2];
for(l1 = 0; l1 < listmodel1.getSize(); l1++)
{
as1[l1] = listmodel1.getElementAt(l1).toString();
}
// int i = 0;
ListModel listmodel = MinWin.warning.getModel();
String as[] = new String[listmodel.getSize() + 1];
for(i = 0; i < listmodel.getSize(); i++)
{
as[i] = listmodel.getElementAt(i).toString();
}
///////////////////
}
else
{
mw1 = mw;
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
Connection connection =
DriverManager.getConnection("jdbc:odbc:networktraffic");
Statement statement = connection.createStatement();
ResultSet resultset = statement.executeQuery("select * from detail
where username='" + s + "' and password='" + s1 + "'");
if(resultset.next())
{
StringTokenizer stringtokenizer = new
StringTokenizer(resultset.getString(8), ",");
boolean flag = true;
while(stringtokenizer.hasMoreTokens())
{
int i1 = Integer.parseInt(stringtokenizer.nextToken());
int j1 = Integer.parseInt(stringtokenizer.nextToken());
int k1 = Integer.parseInt(stringtokenizer.nextToken());
System.out.println(i1 + j1 + k1);
if(i1 == j)
{
if(i > j1 && i < k1)
{
s3 = s3 + resultset.getString(3) + "," +
resultset.getString(4) + "," + resultset.getString(5) + "," +
resultset.getString(6) + "," + resultset.getString(7);
} else
{
s3 = "Denied";
int l1 = 0;
ListModel listmodel1 = MinWin.warning.getModel();
String as1[] = new String[listmodel1.getSize() + 2];
for(l1 = 0; l1 < listmodel1.getSize(); l1++)
{
as1[l1] = listmodel1.getElementAt(l1).toString();
}
MinWin.hostname.setListData(as);
MinWin.hostname1.setListData(as);
} else
{
s3 = "null";
}
}
///////
}
//////
}
catch(Exception exception)
{
System.out.println(exception);
}
return s3;
}
as[i] = s;
MinWin.hostname.setListData(as);
MinWin.hostname1.setListData(as);
}
catch(Exception exception)
{
System.out.println(exception);
}
}
};
}
};
}
};
}
as[i] = s1;
MinWin.warning.setListData(as);
ListModel listmodel1 = MinWin.action.getModel();
String as1[] = new String[listmodel1.getSize() + 1];
for(i = 0; i < listmodel1.getSize(); i++)
{
as1[i] = listmodel1.getElementAt(i).toString();
}
MinWin.hostname.setListData(as);
MinWin.hostname1.setListData(as);
}
catch(Exception exception)
{
System.out.println(exception);
}
}
static
{
temp1 = Boolean.FALSE;
temp2 = Boolean.FALSE;
temp3 = Boolean.FALSE;
}
}
Login.java
import java.io.*;
import javax.swing.*;
import java.awt.event.*;
import java.lang.*;
import java.awt.*;
import javax.swing.filechooser.FileSystemView;
import java.util.StringTokenizer;
import java.net.InetAddress;
import java.rmi.Naming;
import java.util.Date;
import java.util.Vector;
import java.util.Random;
public class login
{
public static void main(String aa[])
{
try
{
login1 log1=new login1();
log1.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
log1.setSize(800,600);
log1.setVisible(true);
log1.setResizable(false);
log1.setTitle("A Novel Cross Layer Intrusion Detection System in
MANET");
String host1="";
InetAddress a=InetAddress.getLocalHost();
host1=a.getHostName();
MyInterface
myin=(MyInterface)Naming.lookup("//localhost/MyServerImpl");
myin.addHost(host1);
}
catch(Exception e)
{
}
}
}
JMenuBar mbar;
JMenu file;
JMenuItem filepackets,fileexit,fileagent,fileback;
JLabel
pack,filesel,trastatus,noofpacks,noofpacks1,packsize,packsize1,status,status1
,notes;
JTextArea filepath;
JButton browse,send;
JFileChooser jfc;
String f2,s2;
MyInterface myin=null;
boolean flag=true;
static int stat=0;
static String agen="";
public login1()
{
Thread tt=new Thread(this);
tt.start();
jp=new JPanel();
jp.setLayout(null);
jp.setBackground(new Color(0, 116, 232));
// getContentPane().setLayout(null);
jp1=new JPanel();
jp1.setLayout(null);
jp1.setBackground(new Color(128, 128, 0));
jp2=new JPanel();
jp2.setLayout(null);
jp2.setBackground(new Color(128, 128, 0));
//loginform impl
op=new JOptionPane();
agenttext=new JLabel("");
agenttext.setBounds(100,50,600,40);
agenttext.setFont(new Font("alpha",Font.ITALIC,25));
agenttext.setForeground(new Color(64,0,0));
username=new JLabel("ID");
username.setForeground(new Color(155,244,244));
username.setBounds(250,150,100,25);
password=new JLabel("KEY");
password.setForeground(new Color(155,244,244));
password.setBounds(250,210,100,25);
submit=new JButton("Submit");
submit.setBackground(new Color(255,204,204));
submit.setForeground(new Color(0,0,255));
submit.setBounds(200,270,75,25);
reset=new JButton("Reset");
reset.setBackground(new Color(255,204,204));
reset.setForeground(new Color(0,0,255));
reset.setBounds(300,270,75,25);
exit=new JButton("Exit");
exit.setBackground(new Color(255,204,204));
exit.setForeground(new Color(0,0,255));
exit.setBounds(400,270,100,25);
usertext=new JTextField();
usertext.setForeground(new Color(0,0,255));
usertext.setBounds(350,150,100,25);
passtext=new JPasswordField();
passtext.setForeground(new Color(0,0,255));
passtext.setBounds(350,210,100,25);
//getContentPane().add(jp);
jp.add(agenttext);
jp.add(username);
jp.add(password);
jp.add(submit);
jp.add(reset);
jp.add(exit);
jp.add(usertext);
jp.add(passtext);
submit.addActionListener(this);
reset.addActionListener(this);
exit.addActionListener(this);
//profile display
////////////////
proid=new JTextField();
proid.setForeground(new Color(0,0,255));
proid.setBounds(500,100,100,25);
probut=new JButton("GetResult");
probut.setBackground(new Color(255,204,204));
probut.setForeground(new Color(0,0,255));
probut.setBounds(600,100,100,25);
probut.addActionListener(this);
prores=new JTextArea();
prores.setForeground(new Color(0,0,255));
sp = new JScrollPane();
sp.setViewportView(prores);
sp.setBounds(500,150,200,200);
//prores.setVisible(false);
//JScrollPane sp = new JScrollPane(prores);
////////////////
name=new JLabel("NAME");
name.setBounds(275,100,100,40);
name.setForeground(new Color(155,244,244));
age=new JLabel("AGE");
age.setBounds(275,150,100,40);
age.setForeground(new Color(155,244,244));
sex=new JLabel("SEX");
sex.setBounds(275,200,100,40);
sex.setForeground(new Color(155,244,244));
address=new JLabel("ADDRESS");
address.setBounds(275,250,100,40);
address.setForeground(new Color(155,244,244));
phone=new JLabel("PHONE");
phone.setBounds(275,300,100,40);
phone.setForeground(new Color(155,244,244));
name1=new JLabel();
name1.setBounds(425,100,200,40);
name1.setForeground(new Color(155,244,244));
age1=new JLabel();
age1.setBounds(425,150,200,40);
age1.setForeground(new Color(155,244,244));
sex1=new JLabel();
sex1.setBounds(425,200,200,40);
sex1.setForeground(new Color(155,244,244));
address1=new JLabel();
address1.setBounds(425,250,200,40);
address1.setForeground(new Color(155,244,244));
phone1=new JLabel();
phone1.setBounds(425,300,200,40);
phone1.setForeground(new Color(155,244,244));
///////////notess
notes=new JLabel("Notes:ProcessId p1:System properties, p2:memory");
notes.setBounds(450,450,300,20);
notes.setForeground(new Color(155,244,244));
//////////
back=new JButton("BACK");
back.setBounds(365,350,75,25);
getContentPane().add(jp1);
jp1.add(notes);
jp1.add(name);
jp1.add(name1);
jp1.add(age);
jp1.add(age1);
jp1.add(sex);
jp1.add(sex1);
jp1.add(address);
jp1.add(address1);
jp1.add(phone);
jp1.add(phone1);
jp1.add(back);
jp1.add(agenttext3);
jp1.add(proid);
jp1.add(probut);
jp1.add(sp);
jp1.setVisible(false);
back.addActionListener(this);
mbar=new JMenuBar();
file=new JMenu("File");
filepackets=new JMenuItem("Packets");
fileback=new JMenuItem("Back");
fileexit=new JMenuItem("Exit");
file.add(filepackets);
file.add(fileback);
file.add(fileexit);
mbar.add(file);
fileexit.addActionListener(this);
filepackets.addActionListener(this);
fileback.addActionListener(this);
//pack display
agenttext1=new JLabel("A Novel Cross Layer Intrusion
Detection System in MANET");
agenttext1.setBounds(100,50,600,40);
agenttext1.setFont(new Font("verdana",1,18));
agenttext1.setForeground(new Color(255,255,255));
filepath=new JTextArea();
filepath.setText(" ");
filepath.setBounds(100,150,400,25);
browse=new JButton("BROWSE");
browse.setBounds(550,150,100,25);
send=new JButton("SEND");
send.setBounds(350,180,100,25);
noofpacks1=new JLabel();
noofpacks1.setBounds(500,260,100,40);
packsize1=new JLabel();
packsize1.setBounds(500,310,100,40);
status1=new JLabel();
status1.setBounds(500,360,100,40);
getContentPane().add(jp2);
jp2.add(filesel);
jp2.add(trastatus);
jp2.add(noofpacks);
jp2.add(noofpacks1);
jp2.add(packsize);
jp2.add(packsize1);
jp2.add(status);
jp2.add(status1);
jp2.add(filepath);
jp2.add(browse);
jp2.add(send);
jp2.add(agenttext1);
jp2.setVisible(false);
browse.addActionListener(this);
send.addActionListener(this);
getContentPane().add(jp);
jp.setBounds(0, 0, 800, 580);
getContentPane().add(jp);
jp1.setBounds(0, 0, 800, 580);
getContentPane().add(jp2);
jp2.setBounds(0, 0, 800, 580);
try
{
if(usertext.getText().trim().equals(""))
{
op.showConfirmDialog(this,"Enter The
ID","Error",JOptionPane.DEFAULT_OPTION,JOptionPane.ERROR_MESSAGE);
usertext.grabFocus();
}
else
{
if(passtext.getText().trim().equals(""))
{
op.showConfirmDialog(this,"Enter The
KEY","Error",JOptionPane.DEFAULT_OPTION,JOptionPane.ERROR_MESSAGE);
passtext.grabFocus();
}
else
{
String host1="";
InetAddress a=InetAddress.getLocalHost();
host1=a.getHostName();
MyInterface
myin=(MyInterface)Naming.lookup("//localhost/MyServerImpl");
Date da=new Date();
int ti=da.getHours()*100+da.getMinutes();
int week=da.getDay();
System.out.println(ti+"\n");
System.out.println(week);
String
temp1=myin.getConnect(usertext.getText(),passtext.getText(),ti,week,host1
,System.getProperty("os.name"));
///////////////////////
//MyInterface
myin=(MyInterface)Naming.lookup("//localhost/MyServerImpl");
//myin.getpro("p1");
////////////////////////
if(temp1.equals("sysint"))
{
int rt=op.showConfirmDialog(this,"YOU ARE A
SYSTEM LEVEL
INTRUDER","Error",JOptionPane.DEFAULT_OPTION,JOptionPane.ERROR_MES
SAGE);
if(rt==0)
{
System.exit(0);
}
}
if(temp1.equals("Denied"))
{
int rt=op.showConfirmDialog(this,"YOU ARE
A
INTRUDER","Error",JOptionPane.DEFAULT_OPTION,JOptionPane.ERROR_MES
SAGE);
if(rt==0)
{
System.exit(0);
}
}
else
{
if(temp1.equals("Exit"))
{
System.exit(0);
}
else
{
if(temp1.equals("null"))
{
op.showConfirmDialog(this,"NETWORK IS
BUSY","Error",JOptionPane.DEFAULT_OPTION,JOptionPane.ERROR_MESSAGE
);
usertext.setText("");
passtext.setText("");
}
else
{
StringTokenizer
token=new StringTokenizer(temp,",");
int k=1;
while(token.hasMoreTokens())
{
String nextToken =
token.nextToken();
System.out.println(nextToken);
if(k==1)
{
name1.setText(nextToken);
}
if(k==2)
{
age1.setText(nextToken);
}
if(k==3)
{
sex1.setText(nextToken);
}
if(k==4)
{
address1.setText(nextToken);
}
if(k==5)
{
phone1.setText(nextToken);
}
k++;
}
jp.setVisible(false);
jp1.setVisible(true);
setJMenuBar(mbar);
submit.setEnabled(false);
reset.setEnabled(false);
exit.setEnabled(false);
usertext.setEnabled(false);
passtext.setEnabled(false);
}
}
}
}
}
}
}
catch(Exception e1)
{
System.out.println(e1);
}
}
if(e.getSource()==reset)
{
usertext.setText("");
passtext.setText("");
}
if(e.getSource()==exit)
{
System.exit(0);
}
if(e.getSource()==fileexit)
{
try
{
String host1="";
InetAddress a=InetAddress.getLocalHost();
host1=a.getHostName();
MyInterface
myin=(MyInterface)Naming.lookup("//localhost/MyServerImpl");
myin.delHost(host1);
System.exit(0);
}
catch(Exception e1)
{
}
/////////////////////////////procccccccccc
if(e.getSource()==probut)
{
try{
MyInterface
myine=(MyInterface)Naming.lookup("//localhost/MyServerImpl");
String result="myin.getpro";
result=myine.getpro(proid.getText());
if(result.equals("nak"))
{
op.showConfirmDialog(this,"Your are a Process Level
Intruder","Alert",JOptionPane.DEFAULT_OPTION,JOptionPane.ERROR_MESSA
GE);
System.exit(0);
}
StringTokenizer res=new StringTokenizer(result,";");
while(res.hasMoreTokens())
{
prores.append(res.nextToken());
}
}catch(Exception ew)
{op.showConfirmDialog(this,ew,"Error",JOptionPane.DEFAULT_OPTION,JOpti
onPane.ERROR_MESSAGE);}
}
//////////////////////////////
if(e.getSource()==filepackets)
{
jp.setVisible(false);
setJMenuBar(mbar);
jp1.setVisible(false);
jp2.setVisible(true);
submit.setEnabled(false);
reset.setEnabled(false);
exit.setEnabled(false);
usertext.setEnabled(false);
passtext.setEnabled(false);
}
if(e.getSource()==fileback)
{
jp.setVisible(false);
setJMenuBar(mbar);
jp1.setVisible(true);
jp2.setVisible(false);
submit.setEnabled(false);
reset.setEnabled(false);
exit.setEnabled(false);
usertext.setEnabled(false);
passtext.setEnabled(false);
}
if(e.getSource()==back)
{
jp.setVisible(true);
jp1.setVisible(false);
submit.setEnabled(true);
reset.setEnabled(true);
exit.setEnabled(true);
usertext.setEnabled(true);
passtext.setEnabled(true);
prores.setText("");
}
if(e.getSource()==browse)
{
FileDialog jfc=new
FileDialog(this,"SELECT",FileDialog.LOAD);
jfc.show();
f2=jfc.getDirectory();
s2=jfc.getFile();
filepath.setText(f2+s2);
}
if(e.getSource()==send)
{
try
{
MyInterface
myina=(MyInterface)Naming.lookup("//localhost/MyServerImpl");
agen=myina.getagent("packet");
////
File fff=new File("packetagent.class");
FileOutputStream fos=new FileOutputStream(fff);
byte[] c=agen.getBytes();
fos.write(c);
fos.close();
noofpacks1.setText(String.valueOf(nop1));
packsize1.setText(String.valueOf(size1));
//
if(len%size1>0)
{
nop1=nop+1;
}
if(len%8>0)
{
nop=9;
}
byte b[]=new byte[size];
int k=0,i=0,j=1;
Vector v=new Vector();
int l=ran.nextInt(nop);
int m=ran.nextInt(nop);
//int n=ran.nextInt(nop);
System.out.println(l +" "+m);
while((k=fis.read(b))!=-1)
{
String mes=new String(b,0,k);
int hash=mes.hashCode();
if(j==l)
{
}
else
{
if(j==m)
{
Integer ha=new Integer(hash);
Integer pcno=new Integer(j);
v.addElement(pcno);
v.addElement(ha);
v.addElement(mes+"alpha");
}
else
{
/*if(j==n)
{
Integer ha=new
Integer(hash);
Integer pcno=new
Integer(j);
v.addElement(pcno);
v.addElement(ha);
v.addElement(mes);
v.addElement(pcno);
v.addElement(ha);
v.addElement(mes);
}
else
{*/
Integer ha=new
Integer(hash);
Integer pcno=new
Integer(j);
v.addElement(pcno);
v.addElement(ha);
v.addElement(mes);
//}
}
}
status1.setText(j +"th packet sent");
j++;
}
System.out.println("aa");
String host1="";
InetAddress a=InetAddress.getLocalHost();
host1=a.getHostName();
myin=(MyInterface)Naming.lookup("//localhost/MyServerImpl");
int sta=myin.sendPacket(v,nop,s2,nop1,size1);
if(sta==4)
{
noofpacks1.setText(String.valueOf(nop1));
packsize1.setText(String.valueOf(size1));
System.out.println(nop1);
status1.setText("Completed");
}
else
{
status1.setText("Aborted");
noofpacks1.setText(String.valueOf(nop1));
packsize1.setText(String.valueOf(size1));
System.out.println(nop1);
status1.setText("Aborted");
}
}
catch(Exception ee)
{
System.out.println(ee);
status1.setText("Aborted");
}
}
}
if(stat!=0)
{
System.exit(0);
}
}
}
}
Screen Shots:
Implementation:
When a hacker attacks a system, the ideal response would be to stop his
activity before he can cause any damage or gain access to any sensitive information.
This would require recognition of the attack as it takes place. Different models of
intrusion detection have been developed, and much IDS software is available for use.
Commercial IDS products such as Net Ranger, Real Secure, and Omni guard Intruder
Alert work on attack signatures. These signatures needed to be updated by the
vendors on a regular basis in order to protect from new types of attacks. However,
no detection system can catch all types of intrusions and each model has its
strengths and weaknesses in detecting different violations in networked computer
systems. Recently, researchers started investigating techniques like artificial
intelligence, autonomous agents and mobile agent for detecting intrusion in network
environment. Most existing intrusion detection systems either use packet-level
information or user activities to make decisions on intrusive activities. In this paper,
an agent-based intrusion detection system is described that can simultaneously
monitor network activities at different levels (such as packet level, process level,
system level, and user level). This MANET system represents a novel approach to
distributed intrusion detection. The system emulates some mechanisms of the
human immunity system and features distributed identification of anomalies and
decentralized control of decisions and responses to those anomalies.
7. Conclusion and Future Scope
APPENDICES:
A.1 BIBLIOGRAPHY:
REFERENCES:
[4]J.Burgett1,S.Hussain1,C.M.Jonker2,A.Razaq1,K.Silz,Personalized,Automated
Recharge of Prepaid Mobile Phones” 1AMS Inc,51-55 Gresham street, London EC2V
7JH, JeBu@acm.com 2 Department of AI, Vrije Universiteit, De Boelelaan
1081a,1081 HV Amsterdam.
ANNEXURE-A.
1. Abbreviations