MANET Full Document

A Novel Cross Layer Intrusion Detection System in
MANET
Introduction:
Synopsis
Intrusion detection System forms a vital component of internet security. To keep

pace with the growing trends, there is a critical need to replace single layer detection
technology with multi layer detection. Different types of Denial of Service (DoS)
attacks thwart authorized users from gaining access to the networks and we tried to
detect as well as alleviate some of those attacks. In this paper, we have proposed a
novel cross layer intrusion detection architecture to discover the malicious nodes and
different types of DoS attacks by exploiting the information available across different
layers of protocol stack in order to improve the accuracy of detection. We have used
cooperative anomaly intrusion detection with data mining technique to enhance the
proposed architecture. We have implemented fixed width clustering algorithm for
efficient detection of the anomalies in the MANET traffic and also generated different
types of attacks in the network. The simulation of the proposed architecture is
performed in OPNET simulator and we got the result as we expected.
System Analysis:
Feasibility Study:
During the feasibility study, the feasibility of the project – the likelihood of the
proposed system is analyzed. We have proposed a novel cross layer intrusion
detection architecture to discover the malicious nodes and different types of DoS
attacks by exploiting the information available across different layers of protocol
stack in order to improve the accuracy of detection. We have used cooperative
anomaly intrusion detection with data mining technique to enhance the proposed
architecture. We have implemented fixed width clustering algorithm for efficient
detection of the anomalies in the MANET traffic and also generated different types of
attacks in the network. Operational Feasibility.
In compared to wired networks, MANET has to face different challenges due to its
wireless features and ad-hoc structure. The very advantage of mobility in MANET
leads to its vulnerabilities. For efficient intrusion detection, we have used cross layer
techniques in IDS. The traditional way of layering network approach with the purpose
of separating routing, scheduling, rate and power control is not efficient for ad-hoc
wireless networks. A. Goldsmith discussed that rate control, power control; medium
access and routing are building block of wireless network design. Generally, routing
is considered in a routing layer and medium access in MAC layer whereas power
control and rate control are sometimes considered in a PHY and sometimes in a MAC
layer. If there is no cross layer inter action then the routing can select between
several routes and have no information about congestion or malicious nodes. As a
result, it selects a congested route or it selects a route that includes malicious nodes.
With the help of cross layer interaction, the routing forwards possible route choices
to MAC and MAC decides the possible routes using congestion and IDS information as
well as returns the result to the routing.
The selection of correct combination of layers in the design of cross layer IDS is very
critical to detect attacks targeted at or sourced from any layers rapidly. It is optimal
to incorporate MAC layer in the cross layer design for IDS as DoS attack is better
detected at this layer. The routing protocol layer and MAC layer is chosen for
detecting routing attacks in an efficient way. Data with behavioral information
consisting of layer specific information are collected from multiple layers and forward
it to data analysis module which is located in an optimal location . This cross layer
technique incorporating IDS leads to an escalating detection rate in the number of
malicious behavior of nodes increasing the true positive and reducing false positives
in the MANET. It also alleviates the congestion which can adapt to changing network
and traffic characteristics. In order to evade congestion and reroute traffic, MAC and
routing layers have to cooperate with each other with the IDS in order to avoid
insertion of malicious nodes in the new routes. The physical layer collects various
types of communication activities including remote access and logons, user activities,
data traffics and attack traces. MAC contains information regarding congestion and
interference. The detection mechanism for misbehaving nodes interacts with routing
layer for the detection process as MAC layers also help in detection of certain routing
attacks. MAC also interacts with
the physical layer to determine the quality of suggested path . By combining cross
layer features, attacks between the layers inconsistency can be detected.
Furthermore, these schemes provide a comprehensive detection mechanism for all
the layers i.e attacks originating from any layers can be detected with better
detection accuracy.
The main objective here is to find out whether

 The system will work once it is developed and installed.
 There is sufficient support for the project from the management.
 The current network methods are acceptable to the
users.
An investigation is conducted and as a result the following conclusions are

derived.
 There is sufficient support form the managerial level
 The current methods are done manually and take lot of time.
 The persons involved in the current working system are met and
discussions are held with them to evolve a system with which
they have good participations and interest.
Technical feasibility
Technological feasibility analyses the following areas.

 Technology and manpower is available are not.
 Capacity to hold the data that is required to use the new
system.
 Provision to respond to users regardless of their number and
location.
 Provision for further expansion.
 Guarantee of accuracy, reliability, ease of access and
data security.
An investigation is conducted and as a result the following conclusions are

derived.
 The necessary technology to implement the proposed system is
available in the organization.
 Main hardware equipment such as computers with the required
Capacities is also available.
Hence the system is technically feasible.
Economical Feasibility
Issues to be considered in the economical feasibility are

 Financial benefits must equal or exceed the costs.
 The solution should be cost effective.
 Must be worth to pursue the project.
ANOMALY DETECTION MECHANISM IN MANET

The anomaly detection system creates a normal base line profile of the normal
activities of the network traffic activity. Then, the activity that diverges from the
baseline is treated as a possible intrusion. The main objective is to collect set of
useful features from the traffic to make the decision whether the sampled traffic is
normal or abnormal. Some of the advantages of anomaly detection system are it can
detect new and unknown attacks, it can detect insider attacks; and it is very difficult
for the attacker to carry out the attacks without setting off an alarm . The process of
anomaly detection comprises of two phases: training and testing. We try to build the
basic framework for normal behavior by collecting the noticeable characteristic from
the audit data. We use the data mining technique for building Intrusion detection
system to describe the anomaly detection mechanism.
A. Construction of normal Dataset
The data obtained from the audit data sources mostly contains local routing
information, data and control information from MAC and routing layers along with
other traffic statistics. The training of data may entail modeling the allotment of a
given set of training points or characteristic network traffic samples. We have to
make few assumptions so that the traced traffic from the network contains no attack
traffic:
• The normal traffic occurs more frequently than the attack traffic.
• The attack traffic samples are statistically different from the normal connections.
Since, we have used two assumptions; the attacks will appear as outliers in the
feature space resulting in detection of the attacks by analyzing and identifying
anomalies in the data set.
B. Feature construction
For feature construction, we use an unsupervised method to construct the feature

set. We use clustering algorithm to construct features from the audit data. The
feature set is created by using the audit data and most common feature set are
selected as essential feature set which has weight not smaller than the minimum
threshold. A set of considerable features should be obtained from the incoming traffic
that differentiates the normal data from the intrusive data. Few and semantic
information is captured which results in better detection performance and saves
computation time. In case of feature construction, we collect the traffic related
features as well as non-traffic related features which represents routing conditions.
We use some of the features for detecting DoS attacks and attacks that manipulate
routing protocol. The number of data packets received is used to detect unusual level
of data traffic which may indicate a DoS attack based on a data traffic flood.
C. Training normal data using cluster mechanism
We have implemented fixed-width clustering algorithm as an approach to anomaly

detection. It calculates the number of points near each point in the feature space. In
fixed width clustering technique, set of clusters are formed in which each cluster has
fixed radius w also known as cluster width in the feature space. The cluster width w
is chosen as the maximum threshold radius of a cluster.
Existing System:
It is difficult for Intrusion Detection system (IDS) to fully detect routing attacks due
to MANET’s characteristics. So, the IDS needs a scalable architecture to collect
sufficient evidences to detect those attacks effectively. A malicious node may take
advantages of the MANET node to launch routing attacks as the node acts as router
to communicate with each other. The wireless links between the nodes along with
the mobility raises the challenges of IDS to detect the attacks. Hence, we are
motivated to design a new IDS architecture which involves cross layer design to
efficiently detect the abnormalities in the wireless networks. We have proposed a
new intrusion detection architecture which incorporates cross layer that interacts
between the layers. In addition to this we have used association module to link
between the OSI protocol stack and the IDS module which results in low overhead
during the data collection. We have implemented the fixed width clustering algorithm
in anomaly detection engine for efficient detection of intrusion in the adhoc
networks.
Proposed System:
Some general approach has been used in a distributed manner to insure the
authenticity and integrity of routing information such as key generation and
management on the prevention side. Authentication based approaches are used to
secure the integrity and the authenticity of routing messages such as . There are
some difficulties that have to be faced in realizing some of the schemes like
cryptography and they are relatively expensive on MANET because of computational
capacity. A number of intrusion detection schemes for intrusion detection system
have been presented for ad-hoc networks. In, the paper proposed architecture for a
distributed and cooperative intrusion detection system for ad-hoc networks based on
statistical anomaly detection techniques but they have not properly mentioned about
the simulation scenario and the type of mobility they have used. In, A. Mishra
emphasizes the challenge for intrusion detection in ad-hoc network and purpose the
use of anomaly implementation for the problem. In , Huang details an anomaly
detection technique that explores the correlations among the features of nodes and
discusses about the routing anomalies. Loo presents an intrusion detection method
using a clustering algorithm for routing attacks in sensor networks. It is able to
detect three important types of routing attacks. They are able to detect sink hole
attacks effectively which are intense form of attack. There are some flaws like there
is absence of simulation platform that can support a wider variety of attacks on
larger scale networks. Fixed width clustering algorithm has shown to be highly
effective for anomaly detection in network intrusion. It presents a geometric
framework for unsupervised anomaly detection. This paper needs more feature maps
over different kinds of data and needs to perform more extensive experiments
evaluating the methods presented.
Intrusion Detection Module:
A. Local Data Collection:

The local data collection module collects data streams of various information, traffic
patterns and attack traces from physical, MAC and network layers via association
module. The data streams can include system, user and mobile nodes’
communication activities within the radio range.
B. Local Detection:
The local detection module consists of anomaly detection engine. The local detection
module analyzes the local data traces gathered by the local data collection module
for evidence of anomalies. A normal profile is an aggregated rule set of multiple
training data segments. New and updated detection rules across ad-hoc networks
are obtained from normal profile. The normal profile consists of normal behavior
patterns that are computed using trace data from a training process where all
activities are normal. During testing process, normal and abnormal activities are
processed and any deviations from the normal profiles are recorded. The anomaly
detection distinguishes normalcy from anomalies as of the deviation data by
comparing with the test data profiles with the expected normal profiles. If any
detection rules deviate beyond a threshold interval and if it has a very high accuracy
rate it can determine independently that the network is under attack and initiates the
alert management.
C. Cooperative Detection:
When the support and confidence level is low or intrusion evidence is weak and
inconclusive in the detecting node then it can make collaborative decision by
gathering intelligence from its surrounding nodes via protected communication
channel. The decision of cooperative detection is based on the majority of the voting
of the received reports indicating an intrusion or anomaly.
D. Alert Management:
The alert management receives the alert from the local detection or co-operative
detection depending on the strength of intrusion evidence. It collects them in the
alert cache for t seconds. If there are more abnormal predictions than the normal
predictions then it is regarded as “abnormal” and with adequate information an
alarm is generated to inform that an intrusive activity is in the system.
Software Requirements:
Hardware Requirement:
 Minimum 1.1 GHz PROCESSOR should be on the computer.
 128 MB RAM.
 20 GB HDD.
 1.44 MB FDD.
 52x CD-ROM Drive.
 MONITORS at 800x600 minimum resolution at 256 colors minimum.
 I/O, One or two button mouse and standard 101-key keyboard.
Software Requirement:
 Operating System : Windows 95/98/2000/NT4.0.
 Technology : JAVA, RMI, JFC
 Database Connectivity : JDBC.
3.3 About the Software
JAVA:
Java is used as front-end tool for developing the project. To run Java
there is no need to have any particular operating system, as it is platform
independent. This must have certain hardware and software installed on your
computer. The key considerations were summed up by the Java team in the
following list of buzzwords:
 Simple
 Security
 Portability
 Object-oriented
 Robust
 Multithreaded
 Architecture-Neutral
 Interpreted
 High Performance
 Distributed
 Dynamic
THE JAVA 2 ENTERPRISE EDITION

The Java 2 Platform, Enterprise Edition (J2EE), has rapidly established
a new programming model for developing distributed applications. This model is
based on well-defined components that can automatically take advantage of
sophisticated platform services. These components can be developed according to
standard guidelines, combined into applications, deployed on a variety of compatible
server products, and reused for maximum programmer productivity. This model is
intended to both standardize and simplify the kind of distributed applications
required for today's networked information economy.
 J2EE Platform Benefits

With features designed to expedite the process of developing
distributed applications, the J2EE platform offers several benefits:
• Simplified architecture and development

• Freedom of choice in servers, tools, and components
• Integration with existing information systems
• Scalability to meet demand variations
• Flexible security model
HYPER TEXT MARKUP LANGUAGE

HTML was specifically developed to use along with the Hyper Text
Transfer Protocol (HTTP) to encode documents for display on the World Wide Web.
HTML is defined in the HTML Standard, currently Version 4.0x. HTML
standards are recommended by the World Wide Web Consortium, W3C. W3C also
oversees the standardization of technologies related to the World Wide Web and
publishes the HTTP (Hypertext Transfer Protocol) standards. HTML is initials for
Hyper Text Markup Language. HTML is pronounced one letter at a time as if you are
spelling the word HTML. It is not pronounced as "hit mill" and it is NOT a
programming language. HTML cannot be used to write programs and it cannot
control the precise layout of a web page.
Web browsers are used to view HTML documents. Two popular web
browsers are the Netscape Navigator 4.x and the Microsoft Internet Explorer 5.x.
Browsers control the layout of a web page
JavaScript:
JavaScript enables you to embed commands in an HTML page.

JavaScript is powerful and simple. HTML provides a good deal of flexibility to
page authors, but HTML by itself is static; after being written, HTML
documents can’t interact with the user other than by presenting hyperlinks.
Scripting languages act as the glue that binds every thing together.
JavaScript mainly provides a fairly complete set of built- in functions and
commands, enabling you to perform math calculations, manipulates strings,
play sounds, open new windows and new URLs, and access and verify input to
your web forms.
JavaScript can also set the attributes, or properties , of web page
elements and other objects present in the browser.
This way you can change the behavior of plugs–in or other objects
without having to rewrite them. JavaScript commands
Macromedia Dreamweaver
 Macromedia Dreamweaver2.0 is one of the HTML Editor
 It also includes DHTML effects
 It is used to connect the forms to Servlets

 It is used to Hyperlinks the web pages
 It is used to create Templates
It is used to attach Sound files and Animation files along with our
Source.
The JavaServer Pages(JSP):
JavaServer Pages ™ technology is the Java ™ platform
technology for building applications containing dynamic Web
content such as HTML, DHTML, XHTML and XML. The
JavaServer Pages technology enables the authoring of Web pages
that create dynamic content easily but with maximum power and
flexibility.
Advantages:
Write Once, Run Anywhere ™ properties

High quality tool support
Reuse of components and tag libraries
Separation of dynamic and static content
Support for scripting and actions
Web access layer for N-tier enterprise application architecture(s)
JSP page:
A JSP page is a text-based document that describes how to

process a request to create a response. The description intermixes
template data with some dynamic actions and leverages on the Java
Platform.The features in the JSP technology support a number of
different paradigms for authoring of dynamic content. JSP pages can be used in
combination with Servlets, HTTP, HTML, XML, Applets,JavaBeans
components and Enterprise JavaBeans components to implement a broad
variety of application architecture(s) or models.
 Maximum performance and scalability through its unique design with the
Windows’NT multi-threaded architecture.
 Central and easy-to-use the Graphical User Interface (GUI).
 Automatic authentication of users by the Operating System.
ENTERPRISE JAVABEAN (EJB):
EJB is a standard server side component model for component
transaction monitors.It automatically takes in to account many of the
requirements of business systems-security,resourse
pooling,persistence,concurrency and transasction integrity.
Overall goals
The Enterprise JavaBeans (EJB) architecture has the following goals:

• The Enterprise JavaBeans architecture will be the standard component
architecture for building distributed object-oriented business applications in the Java
programming language. The Enterprise JavaBeans architecture will make it possible
to build distributed applications by combining components developed using tools
from different vendors.
• The Enterprise JavaBeans architecture will make it easy to write

applications. Application developers will not have to understand low-level transaction
and state management details, multi-threading, connection pooling, and other
complex low-level APIs.
• Enterprise JavaBeans applications will follow the “Write Once, Run Anywhere”
philosophy of the Java programming language. An enterprise Bean can be developed
once, and then deployed on multiple platforms without recompilation or source code
modification.
• The Enterprise JavaBeans architecture will address the development,

deployment and runtime aspects of an enterprise application’s life cycle.
• The Enterprise JavaBeans architecture will define the contracts that

enable tools from multiple vendors to develop and deploy components that can inter
operate at runtime.
• The Enterprise JavaBeans architecture will be compatible with existing

server platforms. Vendors will be able to extend their existing products to support
Enterprise JavaBeans.
• The Enterprise JavaBeans architecture will be compatible with other Java

programming language APIs.
• The Enterprise JavaBeans architecture will provide interoperability between

enterprise Beans and Java 2 Platform Enterprise Edition (J2EE) components as well
as non-Java programming language applications.
• The Enterprise JavaBeans architecture will be compatible with the

CORBA protocols.
Enterprise Bean Provider
The Enterprise Bean Provider is the producer of enterprise beans. The

system output is an ejb-jar file that contains one or more enterprise beans. The Bean
Provider is responsible for the Java classes that implement the enterprise bean’s
business methods, the definition of the bean’s remote and home interfaces and the
bean’s deployment descriptor.
The deployment descriptor includes the structural information of the enterprise bean
and declares all the enterprise bean’s external dependencies.
Application Assembler
The Application Assembler combines enterprise beans into larger

deployable application units. The input to the Application Assembler is one or more
ejb-jar files produced by the Bean Provider(s). The Application Assembler outputs
one or more ejb-jar files that contain the enterprise beans along with their
application assembly instructions. The Application Assembler inserts the application
assembly instructions into the deployment descriptors.
The Application Assembler can also combine enterprise beans with other types
of application components (JSP) when composing an application. The EJB
specification describes the case in which the application assembly step occurs before
the deployment of the enterprise beans. However, the EJB architecture does not
preclude the case that application assembly is performed after the deployment of all
or some of the enterprise beans.
Deployer
The Deployer takes one or more ejb-jar files produced by a Bean Provider
or Application Assembler and deploys the enterprise beans contained in the ejb-jar
files in a specific operational environment. The operational environment includes a
specific EJB Server and Container. The Deployer is an expert at a specific operational
environment and is responsible for the deployment of enterprise Beans.The Deployer
uses tools supplied by the EJB Container Provider to perform the deployment tasks.
The deployment process is typically two-stage:
• The Deployer first generates the additional classes and interfaces that
enable the container to manage the enterprise beans at runtime. These classes
are container-specific.
• The Deployer performs the actual installation of the enterprise beans and
the additional classes and interfaces into the EJB Container.
EJB Server Provider
The EJB Server Provider is a specialist in the area of distributed
transaction management, distributed objects, and other lower-level system-level
services. A typical EJB Server Provider is an OS vendor, middleware vendor, or
database vendor. The current EJB architecture assumes that the EJB Server
Provider and the EJB Container Provider roles are the same vendor. Therefore,
it does not define any interface requirements for the EJB Server Provider.
EJB Container Provider:
The EJB Container Provider provides
• The deployment tools necessary for the deployment of enterprise beans.

• The runtime support for the deployed enterprise bean instances.
The focus of a Container Provider is on the development of a scalable, secure,

transaction-enabled container that is integrated with an EJB Server. The
Container Provider insulates the enterprise Bean from the specifics of an
underlying EJB Server by providing a simple, standard API between the
enterprise Bean and the container. This API is the Enterprise JavaBeans
component contract. The Container Provider typically provides support for
versioning the installed enterprise Bean components.The Container Provider
typically provides tools that allow the system administrator to monitor manage
the container and the Beans running in the container at runtime.
Persistence Manager Provider
The Persistence Manager interacts with the Container to receive

notifications related to the lifecycle of the managed beans. The current EJB
architecture, however, does not architect the full set of SPIs between the Container
and the Persistence Manager. These interfaces are currently left to the Container
Provider and Persistence Manager Provider.
System Administrator
The System Administrator is responsible for the configuration and

administration of the enterprise’s computing and networking infrastructure that
includes the EJB Server and Container. The System Administrator is also responsible
for overseeing the wellbeing of the deployed enterprise beans applications at
runtime.
4. System Design
4.1 DFD
A data flow diagram (DFD) is a graphical representation that depicts information
flow and the transforms that one applied as data moves from of a data flow diagram
is also known as data flow graph or bubble
4.2 UML SEQUENCE DIAGRAM
The sequence diagrams are an easy and intuitive way of describing the
system’s behavior, which focuses on the interaction between the system and
the environment. This notational diagram shows the interaction arranged in a
time sequence. The sequence diagram has two dimensions: the vertical
dimension represents the time; the horizontal dimension represents different
objects. The vertical line also called the object’s lifeline represents the object’s
existence during the interaction.

Sequence Diagram:
Fig UML Sequence Diagram

Class Diagram:
User Login Admin

Physical Layer - User Level Process
User Details
Activated
System Properties
MAC Layer - Trying to Match Password
System Memory
Routing Layer - Alert ProcessI,
Packet Loss
File Upload
Upper Layer -Intruder Detected
File Send
Alert Management - Kill all the Process
New User Entry Form

Admin Delete the all details()
Data Detection (Process)

Unauthorized Person
Intruder Detected
Network Busy
Packet Loss
User Level Process
Packet Level process
Trying to match password
Message send to Admin()

Component Diagram:
User
Process
Admin
Usecase Diagram:
Activity Diagram:
Start
User Login
Authorized Person(Yes) No(UnauthorizedPerson)

Check
If NetworkBusy message sendAdmin
Get System Properties

Tring to Match Password
Resource Busy
View YourProfile
UntimeLoginRequest You are a Intruder
Packet Losses
Upload your File Access Denied,You are a Intruder
Admin Kill the all Process
End
4.2 System Architecture

5. System Analysis
Some general approach has been used in a distributed manner to insure the
authenticity and integrity of routing information such as key generation and
management on the prevention side. Authentication based approaches are used to
secure the integrity and the authenticity of routing messages such as . There are
some difficulties that have to be faced in realizing some of the schemes like
cryptography and they are relatively expensive on MANET because of computational
capacity. A number of intrusion detection schemes for intrusion detection system
have been presented for ad-hoc networks. In, the paper proposed architecture for a
distributed and cooperative intrusion detection system for ad-hoc networks based on
statistical anomaly detection techniques but they have not properly mentioned about
the simulation scenario and the type of mobility they have used. In, A. Mishra
emphasizes the challenge for intrusion detection in ad-hoc network and purpose the
use of anomaly implementation for the problem.
Intrusion Detection Module:
A. Local Data Collection:
The local data collection module collects data streams of various information, traffic
patterns and attack traces from physical, MAC and network layers via association
module. The data streams can include system, user and mobile nodes’
communication activities within the radio range.
B. Local Detection:
The local detection module consists of anomaly detection engine. The local detection
module analyzes the local data traces gathered by the local data collection module
for evidence of anomalies. A normal profile is an aggregated rule set of multiple
training data segments. New and updated detection rules across ad-hoc networks
are obtained from normal profile. The normal profile consists of normal behavior
patterns that are computed using trace data from a training process where all
activities are normal. During testing process, normal and abnormal activities are
processed and any deviations from the normal profiles are recorded. The anomaly
detection distinguishes normalcy from anomalies as of the deviation data by
comparing with the test data profiles with the expected normal profiles. If any
detection rules deviate beyond a threshold interval and if it has a very high accuracy
rate it can determine independently that the network is under attack and initiates the
alert management.
C. Cooperative Detection:
When the support and confidence level is low or intrusion evidence is weak and
inconclusive in the detecting node then it can make collaborative decision by
gathering intelligence from its surrounding nodes via protected communication
channel. The decision of cooperative detection is based on the majority of the voting
of the received reports indicating an intrusion or anomaly.
D. Alert Management:
The alert management receives the alert from the local detection or co-operative
detection depending on the strength of intrusion evidence. It collects them in the
alert cache for t seconds. If there are more abnormal predictions than the normal
predictions then it is regarded as “abnormal” and with adequate information an
alarm is generated to inform that an intrusive activity is in the system.
System Testing and Implementation
System Testing:
The system once finished has to go through a series of testing in order to ensure
that it works the way it ought to. The various types of testing measures to be taken
are:
 Test to see if the requirements are taken care of.

 Test to see if all the inputs are handled effectively.
 Test the system by traversing all the paths and discover my surprises.
 Check if errors and the exceptions have been handled properly.
 See if validations of input data are taken care of.
Types of Tests:
There are six types of test a software product must satisfy:
1. Unit Test
2. Functional Test
3. Performance Test
4. Stress Test and
5. Structural Test
6. System Test
Functional Test, Performance Test and Stress Test are known as Black box
testing. Structural Test is referred as White box or Glass Box testing.
1.Unit Testing:
Unit testing focuses verification effort on the smallest unit of software design.
Unit Testing is considered as an equivalent to coding step. After the source level code has
been developed, reviewed and verified for correct syntax, unit test case design begins. In
most of the applications, a driver is nothing more than a main program that accepts test
case data, passes such data to the module to be tested and prints the relevant results.
2.Functional Testing:
Functional Testing involves testing the system under typical operating

condition, typical input values and for typical expected results. The functional
boundaries specifies boundary within which the system can function. three types of
functional tests are done
 Checking the documented functions.

 Checking with maximum values.
 Checking with valid input.
3.Performance Testing:
Performance Testing is conducted to identify the bottlenecks in the

system and to fine-tune the overall performance of the system.
4.Stress Testing:
Stress Testing involves overloading the system in various ways and

observing the behavior. The system is tested with high network traffic and more
number of clients. Stress test provides valuable insight about the strengths and
weakness of a system.
5.Structural Testing:
Structural Testing are concerned with examining the internal
processing logic of a program and traversing particular execution paths.
6.System Testing:
System Testing involves two kinds of activities
1.Integration Testing and

2. Acceptance Testing
1.Integration Testing:
Integrating all the functionalities since some functions work perfectly

when run alone tests the system.
Integration Testing is of two types

(a) Top down Integration Testing and
(b) Bottom-Up Integration testing.
(a) Top down Integration Testing:
In Top down Integration the top of the hierarchy is tested then one or
two immediately subordinate routines are tested.
(b)Bottom-Up Integration Testing:
First the modules at the very bottom, which have no subordinates, are
tested then these are combined with higher-level modules for testing.
2.Acceptance Testing:
Acceptance Testing involves planning and execution of functional tests,
performance tests and stress tests in order to demonstrate that the implemented
system satisfies its requirements.
QUALITY ASSURANCE
The aim of this step is to maintain or to ensure the quality of the system developed.
The quality assurance goals in the system life cycle involves
1.Quality factors specification: - This was done to determine the factors

that lead to high quality of a system.
a. Correctness- The extent to which a program meets

System specification.
b. Reliability – The degree to which a program meets system specification.
c. Efficiency - The amount of computer resources required by the entire

program to perform a function.
d. Usability – The effort required learning and operating the system.
e. Maintainability – The ease with which the program errors are located and
corrected.
f. Testability - The effort required to test a program to ensure its correct

performance.
g. Portability – The ease of transporting a program from one hardware

configuration to another.
h. Accuracy - The required precision in input editing, computation and output.
i. Error Tolerance – Error detection and correction versus error avoidance.

j. Expandability - Ease of adding or expanding existing databases.
k. Access Controls and Audit – Control of access to the system and the extent to
which that access can be audited.
l. Communication – How useful the input and output of the system are.
1.Software Requirements Specification: - This was done to generate the

required documents that provide the technical specification for the design and
development of the software.
2. Software Design Specification: - This was done in order to provide the

functions and features described in the previous stage.
3.Software Testing and Implementation: - This was done to provide necessary

software adjustment for the system to continue to comply with the original
specifications.
Quality Assurance is the review of software and related documentation for

correctness, accuracy, maintainability, reliability, and expendability. This also
includes assurances that the system meets the specifications and requirements for
its intended use performance.
Model Code
MyServerImpl.java
import java.awt.Component;
import java.awt.Frame;
import java.awt.event.ActionEvent;
import java.awt.event.ActionListener;
import java.io.*;
import java.net.InetAddress;
import java.rmi.Naming;
import java.rmi.RemoteException;
import java.rmi.server.UnicastRemoteObject;
import java.sql.*;
import java.util.StringTokenizer;
import java.util.Vector;
import java.util.Enumeration;
import java.util.Properties;
import javax.swing.*;
import java.util.Hashtable;
public class MyServerImpl extends UnicastRemoteObject implements
MyInterface, ActionListener
{
Timer t1;
Timer t2;
Timer t3;
static Boolean temp1;
static MinWin mw = null;
///////////
String userpro;
/////////////
MinWin mw1;
Hashtable pro;
public MyServerImpl()
throws RemoteException
{
pro=new Hashtable();
pro.put("admin","p2");
pro.put("admin","p1");
pro.put("eee","p2");
pro.put("eee","p1");
mw1 = null;
}
public static void main(String args[])

{
try
{
String s = "";
new emserver().start();
InetAddress inetaddress = InetAddress.getLocalHost();
MyServerImpl myserverimpl = new MyServerImpl();
s = inetaddress.getHostName();
System.out.println(s);
String s1 = "//localhost/MyServerImpl";
String s2 = s + " registered with RMI registry!";
Naming.rebind(s1, myserverimpl);
System.out.println(s2);
mw = new MinWin();
mw.setFont(new java.awt.Font("verdana", 1, 20));
mw.setForeground(new java.awt.Color(255, 255, 255));
mw.setTitle("A Novel Cross Layer Intrusion Detection System in
MANET");
mw.setDefaultCloseOperation(3);
mw.setSize(800, 600);
mw.setVisible(true);
mw.setResizable(false);
}
catch(Exception exception)
{
System.out.println("RMI Exception : " + exception + "\n");
}
}
//////////////////////////procsssss
public String getpro(String proid)throws RemoteException
{
String as[] = {"Process level Agent Activated" };
MinWin.status.setListData(as);
Vector sys=new Vector();
String ress="";
try{
if(pro.get(userpro).equals(proid))
{
if(proid.equals("p1"))
{
Properties p=System.getProperties();
Enumeration en=p.propertyNames();
ress="";
while(en.hasMoreElements())
{
String name=(String)en.nextElement();
ress=ress+name+"="+p.getProperty(name)+"\n;";
}
System.out.println("process ok"+ress);
}
if(proid.equals("p2"))
{
Runtime r=Runtime.getRuntime();
ress="TotalMemory="+r.totalMemory()
+"\n"+"FreeMemory="+r.freeMemory()+"\n";
}
}
else
{
////Mobile alert
emserver.msg="Process Level-Intruder Detected.";
System.out.println(emserver.msg+"Msg SENDED TO MOBILE");
String as1[] ={"//Process level warning//Process

level(unAuthorized Process) Request"};
MinWin.warning.setListData(as1);
String as4[] = {"Action//" +userpro + "//process access
Permission Denied"};
MinWin.message.setListData(as4);
int k =mw1.myoptionpane("Process Level Intruder
Detected.Destroy it", "Process Level Agent Warning");
if(k==0)
{
String as2[] = {"//Process level Permission Denied Killer
Agent Called"};
MinWin.action.setListData(as2);
ress="nak";
}
System.out.println("process notok"+k);
}
}catch(Exception sss){System.out.println(sss);}
return ress;
}
/////////////////////
public int sendPacket(Vector vector, int i, String s, int j, int k)

{
int l = 9;
int i1 = 0;
boolean aflag[] = new boolean[i + 1];
String s1 = "";
String as[] = {"Packet level Agent Activated" };
if((j <1500) & (k <500))
{
l = 4;
} else
{
for(int j1 = 1; j1 <= i; j1++)
{
aflag[j1] = false;
}
for(int k1 = 0; k1 < i; k1++)

{
try
{
int l1 = ((Integer)vector.elementAt(i1)).intValue();
i1++;
int j2 = ((Integer)vector.elementAt(i1)).intValue();
i1++;
String s2 = (String)vector.elementAt(i1);
i1++;
int k2 = s2.hashCode();
if(aflag[l1])
{
warningDisplay("System10", "Packet Level Error/packet " +
l1 + " duplicated");
l = mw1.myoptionpane("Packets duplicated.\nIntruder
Detected.\nDestroy it", "Packet Level Agent Warning");
break;
}
}
catch(Exception exception) { }
}
for(int i2 = 1; i2 <= i; i2++)

{
if(aflag[i2])
{
continue;
}
warningDisplay("System10", "Packet Level Error/packet " + i2 + "
Lost");
l = mw1.myoptionpane("Packets Lost.\nIntruder
Detected.\nDestroy it", "Packet Level Agent Warning");
break;
}
if(l != 0)
{
try
{
FileOutputStream fileoutputstream = new FileOutputStream(s);
BufferedReader bufferedreader = new BufferedReader(new
StringReader(s1));
int l2;
while((l2 = bufferedreader.read()) != -1)
{
fileoutputstream.write((char)l2);
}
fileoutputstream.close();
bufferedreader.close();
}
catch(Exception exception1) { }
}
}
return l;
}
public String getConnect(String s, String s1, int i, int j, String s2,String

os)
{
userpro=s;
String s3 = "";
try
{
System.out.println(os);
dbcon ob=new dbcon();
String ssss=ob.checkip(os);
if(ssss.equals("ok"))
{
if(s2.equals("36363"))
{
}
s3="sysint";
//////////////////
int l1=0;
ListModel listmodel1 = MinWin.warning.getModel();
String as1[] = new String[listmodel1.getSize() + 2];
for(l1 = 0; l1 < listmodel1.getSize(); l1++)
{
as1[l1] = listmodel1.getElementAt(l1).toString();
}
as1[l1] = s2 + "//System level warning//System

level(unsupported OS) Request";
ListModel listmodel2 = MinWin.action.getModel();
{
}
as2[l1] = s2 + "//System level Permission Denied Killer

Agent Called";
ListModel listmodel3 = MinWin.message.getModel();
{
}
as3[l1++] = "Warning//" + s2 + "//System level
warning//UnSupported System Login Request" + " Intruder";
as3[l1] = "Action//" + s2 + "//System level Permission
Denied Killer Agent Called";
// int i = 0;
ListModel listmodel = MinWin.warning.getModel();
String as[] = new String[listmodel.getSize() + 1];
for(i = 0; i < listmodel.getSize(); i++)
{
as[i] = listmodel.getElementAt(i).toString();
}
as[i] = "//System level Agent Activated";

///////////////////
}
else
{
mw1 = mw;
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
Connection connection =
DriverManager.getConnection("jdbc:odbc:networktraffic");
Statement statement = connection.createStatement();
ResultSet resultset = statement.executeQuery("select * from detail
where username='" + s + "' and password='" + s1 + "'");
if(resultset.next())
{
StringTokenizer stringtokenizer = new
StringTokenizer(resultset.getString(8), ",");
boolean flag = true;
while(stringtokenizer.hasMoreTokens())
{
int i1 = Integer.parseInt(stringtokenizer.nextToken());
int j1 = Integer.parseInt(stringtokenizer.nextToken());
int k1 = Integer.parseInt(stringtokenizer.nextToken());
System.out.println(i1 + j1 + k1);
if(i1 == j)
{
if(i > j1 && i < k1)
{
s3 = s3 + resultset.getString(3) + "," +
resultset.getString(4) + "," + resultset.getString(5) + "," +
resultset.getString(6) + "," + resultset.getString(7);
} else
{
s3 = "Denied";
int l1 = 0;
ListModel listmodel1 = MinWin.warning.getModel();
{
}
as1[l1] = s2 + "//user level warning//Untime Login

Request";
{
}
as2[l1] = s2 + "//Login Permission Denied";

{
}
as3[l1++] = "Warning//" + s2 + "//user level

warning//Untime Login Request" + " Intruder";
as3[l1] = "Action//" + s2 + "//Login Permission Denied";
}
}
}
} else
{
int k = mw1.myoptionpane("Intruder Detected.Destroy it", "User
Level Agent Warning");
if(k == 0)
{
s3 = "Exit";
warningDisplay(s2, s2 + "//User level Exception//Trying to
match password");
boolean flag1 = false;
ListModel listmodel = MinWin.hostname.getModel();
String as[] = new String[listmodel.getSize() - 1];
for(int l = 0; l < listmodel.getSize(); l++)
{
if(!listmodel.getElementAt(l).toString().equals(s2))
{
as[l] = listmodel.getElementAt(l).toString();
}
}
MinWin.hostname.setListData(as);
MinWin.hostname1.setListData(as);
} else
{
s3 = "null";
}
}
///////
}
//////
}
{
System.out.println(exception);
}
return s3;
}
public String getagent(String s)

{
String s1 = "";
File file;
if(s.equals("user"))
{
System.out.println("user level agent move..");
int i = 0;
{
}
as[i] = "//User level Agent Activated";

file = new File("user.class");
} else
{
System.out.println("packet level agent move..");
file = new File("packet.class");
}
try
{
FileInputStream fileinputstream = new FileInputStream(file);
boolean flag = false;
int j;
while((j = fileinputstream.read()) != -1)
{
String s2 = String.valueOf((char)j);
s1 = s1 + s2;
}
}
//System.out.println(s1);
System.out.println("agent end..");
return s1;
}
public void addHost(String s)

{
try
{
int i = 0;
{
}
as[i] = s;
}
{
}
}
public String getipaddress()

{
String s = "";
try
{
InetAddress inetaddress = InetAddress.getLocalHost();
s = inetaddress.getHostName();
}
return s;
}
public Action LoadAction1()

{
System.out.println("in l1");
return new AbstractAction("waiting") {
public void actionPerformed(ActionEvent actionevent)

{
t1.stop();
System.out.println("left l1");
MyServerImpl.temp1 = Boolean.FALSE;
}
};
}

{
System.out.println("l2");

{
t2.stop();
}
};
}

{
System.out.println("l3");

{
t3.stop();
}
};
}

{
}
public String getConnect(String s, String s1)

{
String s2 = "";
try
{
int i = 0;
ListModel listmodel = MinWin.status.getModel();
{
}
as[i++] = "User level Agent Activated";

as[i] = "User level Agent Started";
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
Connection connection =
DriverManager.getConnection("jdbc:odbc:networktraffic");
Statement statement = connection.createStatement();
ResultSet resultset = statement.executeQuery("select * from detail
where username='" + s + "' and password='" + s1 + "'");
if(resultset.next())
{
s2 = s2 + resultset.getString(3) + "," + resultset.getString(4) +
"," + resultset.getString(5) + "," + resultset.getString(6) + "," +
resultset.getString(7);
} else
{
s2 = "null";
}
}
{
}
return s2;
}
public String getConnection(String s, String s1, String s2)

{
System.out.println("temp1 :=" + temp1.toString());
if(temp1 == Boolean.FALSE)
{
System.out.println("in temp1");
temp1 = Boolean.TRUE;
t1 = new Timer(19999, LoadAction1());
t1.start();
String s3 = getConnect(s, s1);
return s3;
}
{
t2.start();
return s4;
}
{
t3.start();
return s5;
}
int i = 0;
{
}
as[i] = s2 + "//user level warning//Resource busy";

MinWin.warning.setListData(as);
for(i = 0; i < listmodel1.getSize(); i++)
{
as1[i] = listmodel1.getElementAt(i).toString();
}
as1[i] = s2 + "//Resource Request Denied";

{
}
as2[i++] = "Warning//" + s2 + "//user level warning//Resource busy"

+ " Intruder";
as2[i] = "Action//" + s2 + "//Resource Request Denied";
return "wait";
}
public void warningDisplay(String s, String s1)

{
try
{
int i = 0;
{
}
as[i] = s1;
MinWin.warning.setListData(as);
{
}
as1[i] = s + "//killed Process";

{
}
as2[i++] = "Warning//" + s1 + "Intruder";

as2[i] = "Action//" + s + "//killed Process";
}
{
}
}
public void delHost(String s)

{
try
{
MinWin.filesel = "";
boolean flag = false;
for(int i = 0; i < listmodel.getSize(); i++)
{
if(as[i].equals(s))
{
for(int j = i; j < listmodel.getSize(); j++)
{
as[j] = as[j + 1];
}
as[listmodel.getSize() - 1] = "";
}
}
}
{
}
}
static
{
temp1 = Boolean.FALSE;
}
}
Login.java
import java.io.*;
import javax.swing.*;
import java.awt.event.*;
import java.lang.*;
import java.awt.*;
import javax.swing.filechooser.FileSystemView;
import java.util.StringTokenizer;
import java.net.InetAddress;
import java.rmi.Naming;
import java.util.Date;
import java.util.Vector;
import java.util.Random;
public class login
{
public static void main(String aa[])
{
try
{
login1 log1=new login1();
log1.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
log1.setSize(800,600);
log1.setVisible(true);
log1.setResizable(false);
log1.setTitle("A Novel Cross Layer Intrusion Detection System in
MANET");
String host1="";
InetAddress a=InetAddress.getLocalHost();
host1=a.getHostName();
MyInterface
myin=(MyInterface)Naming.lookup("//localhost/MyServerImpl");
myin.addHost(host1);
}
catch(Exception e)
{
}
}
}
class login1 extends JFrame implements ActionListener,Runnable

{
//login
JLabel username,password,agenttext,agenttext1,
agenttext3,loginbanner,profile,name,name1,age,age1,sex,sex1,address,addr
ess1,phone,phone1;
JTextField usertext;
JPasswordField passtext;
JButton submit,reset,exit,back;
JOptionPane op;
JPanel jp=null;
JPanel jp1=null;
JPanel jp2=null;
/////////////
JTextField proid;
JButton probut;
JTextArea prores;
JScrollPane sp;
/////////////
int nooftry=0;
JMenuBar mbar;
JMenu file;
JMenuItem filepackets,fileexit,fileagent,fileback;
JLabel
pack,filesel,trastatus,noofpacks,noofpacks1,packsize,packsize1,status,status1
,notes;
JTextArea filepath;
JButton browse,send;
JFileChooser jfc;
String f2,s2;
MyInterface myin=null;
boolean flag=true;
static int stat=0;
static String agen="";
public login1()
{
Thread tt=new Thread(this);
tt.start();
jp=new JPanel();
jp.setLayout(null);
jp.setBackground(new Color(0, 116, 232));
// getContentPane().setLayout(null);
jp1=new JPanel();
jp1.setLayout(null);
jp1.setBackground(new Color(128, 128, 0));
jp2=new JPanel();
jp2.setLayout(null);
jp2.setBackground(new Color(128, 128, 0));
//loginform impl
op=new JOptionPane();
agenttext=new JLabel("");
agenttext.setBounds(100,50,600,40);
agenttext.setFont(new Font("alpha",Font.ITALIC,25));
agenttext.setForeground(new Color(64,0,0));
username=new JLabel("ID");
username.setForeground(new Color(155,244,244));
username.setBounds(250,150,100,25);
password=new JLabel("KEY");
password.setForeground(new Color(155,244,244));
password.setBounds(250,210,100,25);
loginbanner=new JLabel(new ImageIcon("login.jpg"));

jp.setBounds(0,0,800,600);
submit=new JButton("Submit");
submit.setBackground(new Color(255,204,204));
submit.setForeground(new Color(0,0,255));
submit.setBounds(200,270,75,25);
reset=new JButton("Reset");
reset.setBackground(new Color(255,204,204));
reset.setForeground(new Color(0,0,255));
reset.setBounds(300,270,75,25);
exit=new JButton("Exit");
exit.setBackground(new Color(255,204,204));
exit.setForeground(new Color(0,0,255));
exit.setBounds(400,270,100,25);
usertext=new JTextField();
usertext.setForeground(new Color(0,0,255));
usertext.setBounds(350,150,100,25);
passtext=new JPasswordField();
passtext.setForeground(new Color(0,0,255));
passtext.setBounds(350,210,100,25);
//getContentPane().add(jp);
jp.add(agenttext);
jp.add(username);
jp.add(password);
jp.add(submit);
jp.add(reset);
jp.add(exit);
jp.add(usertext);
jp.add(passtext);
submit.addActionListener(this);
reset.addActionListener(this);
exit.addActionListener(this);
//profile display
agenttext3=new JLabel("A Novel Cross Layer Intrusion

Detection System in MANET");
agenttext3.setBounds(50,50,600,40);
agenttext3.setFont(new Font("verdana",1,18));
agenttext3.setForeground(new Color(255,255,255));
////////////////
proid=new JTextField();
proid.setForeground(new Color(0,0,255));
proid.setBounds(500,100,100,25);
probut=new JButton("GetResult");
probut.setBackground(new Color(255,204,204));
probut.setForeground(new Color(0,0,255));
probut.setBounds(600,100,100,25);
probut.addActionListener(this);
prores=new JTextArea();
prores.setForeground(new Color(0,0,255));
sp = new JScrollPane();
sp.setViewportView(prores);
sp.setBounds(500,150,200,200);
//prores.setVisible(false);
//JScrollPane sp = new JScrollPane(prores);
////////////////
name=new JLabel("NAME");
name.setBounds(275,100,100,40);
name.setForeground(new Color(155,244,244));
age=new JLabel("AGE");
age.setBounds(275,150,100,40);
age.setForeground(new Color(155,244,244));
sex=new JLabel("SEX");
sex.setBounds(275,200,100,40);
sex.setForeground(new Color(155,244,244));
address=new JLabel("ADDRESS");
address.setBounds(275,250,100,40);
address.setForeground(new Color(155,244,244));
phone=new JLabel("PHONE");
phone.setBounds(275,300,100,40);
phone.setForeground(new Color(155,244,244));
name1=new JLabel();
name1.setBounds(425,100,200,40);
name1.setForeground(new Color(155,244,244));
age1=new JLabel();
age1.setBounds(425,150,200,40);
age1.setForeground(new Color(155,244,244));
sex1=new JLabel();
sex1.setBounds(425,200,200,40);
sex1.setForeground(new Color(155,244,244));
address1=new JLabel();
address1.setBounds(425,250,200,40);
address1.setForeground(new Color(155,244,244));
phone1=new JLabel();
phone1.setBounds(425,300,200,40);
phone1.setForeground(new Color(155,244,244));
///////////notess
notes=new JLabel("Notes:ProcessId p1:System properties, p2:memory");
notes.setBounds(450,450,300,20);
notes.setForeground(new Color(155,244,244));
//////////
back=new JButton("BACK");
back.setBounds(365,350,75,25);
getContentPane().add(jp1);
jp1.add(notes);
jp1.add(name);
jp1.add(name1);
jp1.add(age);
jp1.add(age1);
jp1.add(sex);
jp1.add(sex1);
jp1.add(address);
jp1.add(address1);
jp1.add(phone);
jp1.add(phone1);
jp1.add(back);
jp1.add(agenttext3);
jp1.add(proid);
jp1.add(probut);
jp1.add(sp);
jp1.setVisible(false);
back.addActionListener(this);
mbar=new JMenuBar();
file=new JMenu("File");
filepackets=new JMenuItem("Packets");
fileback=new JMenuItem("Back");
fileexit=new JMenuItem("Exit");
file.add(filepackets);
file.add(fileback);
file.add(fileexit);
mbar.add(file);
fileexit.addActionListener(this);
filepackets.addActionListener(this);
fileback.addActionListener(this);
//pack display
agenttext1=new JLabel("A Novel Cross Layer Intrusion
Detection System in MANET");
agenttext1.setBounds(100,50,600,40);
agenttext1.setFont(new Font("verdana",1,18));
agenttext1.setForeground(new Color(255,255,255));
pack=new JLabel(new ImageIcon("login1.gif"));

jp2.setBounds(0,0,800,600);
filesel=new JLabel("Select A File");

filesel.setBounds(100,100,100,40);
filesel.setFont(new Font("verdana",1,13));
filesel.setForeground(new Color(155,244,244));
filepath=new JTextArea();
filepath.setText(" ");
filepath.setBounds(100,150,400,25);
browse=new JButton("BROWSE");
browse.setBounds(550,150,100,25);
send=new JButton("SEND");
send.setBounds(350,180,100,25);
trastatus=new JLabel("Transmision Status");

trastatus.setBounds(325,210,150,40);
trastatus.setFont(new Font("verdana",1,13));
trastatus.setForeground(new Color(155,244,244));
noofpacks=new JLabel("No Of Packets");

noofpacks.setBounds(200,260,100,40);
noofpacks.setFont(new Font("verdana",1,13));
noofpacks.setForeground(new Color(155,244,244));
packsize=new JLabel("Packets Size");

packsize.setBounds(200,310,100,40);
packsize.setFont(new Font("verdana",1,13));
packsize.setForeground(new Color(155,244,244));
status=new JLabel("Process Status");

status.setBounds(200,360,150,40);
status.setFont(new Font("verdana",1,13));
status.setForeground(new Color(155,244,244));
noofpacks1=new JLabel();
noofpacks1.setBounds(500,260,100,40);
packsize1=new JLabel();
packsize1.setBounds(500,310,100,40);
status1=new JLabel();
status1.setBounds(500,360,100,40);
jp2.add(filesel);
jp2.add(trastatus);
jp2.add(noofpacks);
jp2.add(noofpacks1);
jp2.add(packsize);
jp2.add(packsize1);
jp2.add(status);
jp2.add(status1);
jp2.add(filepath);
jp2.add(browse);
jp2.add(send);
jp2.add(agenttext1);
browse.addActionListener(this);
send.addActionListener(this);
getContentPane().add(jp);
jp.setBounds(0, 0, 800, 580);
getContentPane().add(jp);
jp1.setBounds(0, 0, 800, 580);
jp2.setBounds(0, 0, 800, 580);
public void actionPerformed(ActionEvent e)

{
if(e.getSource()==submit)
{
try
{
MyInterface
myinu=(MyInterface)Naming.lookup("//localhost/MyServerImpl");
agen=myinu.getagent("user");
File f=new File("useragent.class");
FileOutputStream fos=new FileOutputStream(f);
byte[] b=agen.getBytes();
//System.out.println(new String(b));
fos.write(b);
fos.close();
}
catch(Exception er)
{
}
//System.out.println(agen);
try
{
if(usertext.getText().trim().equals(""))
{
op.showConfirmDialog(this,"Enter The
ID","Error",JOptionPane.DEFAULT_OPTION,JOptionPane.ERROR_MESSAGE);
usertext.grabFocus();
}
else
{
if(passtext.getText().trim().equals(""))
{
op.showConfirmDialog(this,"Enter The
KEY","Error",JOptionPane.DEFAULT_OPTION,JOptionPane.ERROR_MESSAGE);
passtext.grabFocus();
}
else
{
String host1="";
MyInterface
Date da=new Date();
int ti=da.getHours()*100+da.getMinutes();
int week=da.getDay();
System.out.println(ti+"\n");
System.out.println(week);
String
temp1=myin.getConnect(usertext.getText(),passtext.getText(),ti,week,host1
,System.getProperty("os.name"));
///////////////////////
//MyInterface
//myin.getpro("p1");
////////////////////////
if(temp1.equals("sysint"))
{
int rt=op.showConfirmDialog(this,"YOU ARE A
SYSTEM LEVEL
INTRUDER","Error",JOptionPane.DEFAULT_OPTION,JOptionPane.ERROR_MES
SAGE);
if(rt==0)
{
System.exit(0);
}
}
if(temp1.equals("Denied"))
{
int rt=op.showConfirmDialog(this,"YOU ARE
A
INTRUDER","Error",JOptionPane.DEFAULT_OPTION,JOptionPane.ERROR_MES
SAGE);
if(rt==0)
{
System.exit(0);
}
}
else
{
if(temp1.equals("Exit"))
{
System.exit(0);
}
else
{
if(temp1.equals("null"))
{
op.showConfirmDialog(this,"SORRY DON'T TRY AGAIN-YOU ARE A

INTRUDER
","Error",JOptionPane.DEFAULT_OPTION,JOptionPane.ERROR_MESSAGE);
nooftry++;
if(nooftry>5)
{
myin.warningDisplay(host1,host1+"//User level Exception//Trying

to match password");
myin.delHost(host1);
System.exit(1);
}
}
else
{
String
temp=myin.getConnection(usertext.getText(),passtext.getText(),host1);
if(temp.equals("wait"))
{
op.showConfirmDialog(this,"NETWORK IS
BUSY","Error",JOptionPane.DEFAULT_OPTION,JOptionPane.ERROR_MESSAGE
);
usertext.setText("");
passtext.setText("");
}
else
{
StringTokenizer
token=new StringTokenizer(temp,",");
int k=1;
while(token.hasMoreTokens())
{
String nextToken =
token.nextToken();
System.out.println(nextToken);
if(k==1)
{
name1.setText(nextToken);
}
if(k==2)
{
age1.setText(nextToken);
}
if(k==3)
{
sex1.setText(nextToken);
}
if(k==4)
{
address1.setText(nextToken);
}
if(k==5)
{
phone1.setText(nextToken);
}
k++;
}
jp.setVisible(false);
jp1.setVisible(true);
setJMenuBar(mbar);
submit.setEnabled(false);
reset.setEnabled(false);
exit.setEnabled(false);
usertext.setEnabled(false);
passtext.setEnabled(false);
}
}
}
}
}
}
}
catch(Exception e1)
{
System.out.println(e1);
}
}
if(e.getSource()==reset)
{
usertext.setText("");
passtext.setText("");
}
if(e.getSource()==exit)
{
System.exit(0);
}
if(e.getSource()==fileexit)
{
try
{
String host1="";
MyInterface
myin.delHost(host1);
System.exit(0);
}
catch(Exception e1)
{
}
/////////////////////////////procccccccccc
if(e.getSource()==probut)
{
try{
MyInterface
myine=(MyInterface)Naming.lookup("//localhost/MyServerImpl");
String result="myin.getpro";
result=myine.getpro(proid.getText());
if(result.equals("nak"))
{
op.showConfirmDialog(this,"Your are a Process Level
Intruder","Alert",JOptionPane.DEFAULT_OPTION,JOptionPane.ERROR_MESSA
GE);
System.exit(0);
}
StringTokenizer res=new StringTokenizer(result,";");
while(res.hasMoreTokens())
{
prores.append(res.nextToken());
}
}catch(Exception ew)
{op.showConfirmDialog(this,ew,"Error",JOptionPane.DEFAULT_OPTION,JOpti
onPane.ERROR_MESSAGE);}
}
//////////////////////////////
if(e.getSource()==filepackets)
{
setJMenuBar(mbar);
}
if(e.getSource()==fileback)
{
setJMenuBar(mbar);
}
if(e.getSource()==back)
{
jp.setVisible(true);
submit.setEnabled(true);
reset.setEnabled(true);
exit.setEnabled(true);
usertext.setEnabled(true);
passtext.setEnabled(true);
prores.setText("");
}
if(e.getSource()==browse)
{
FileDialog jfc=new
FileDialog(this,"SELECT",FileDialog.LOAD);
jfc.show();
f2=jfc.getDirectory();
s2=jfc.getFile();
filepath.setText(f2+s2);
}
if(e.getSource()==send)
{
try
{
MyInterface
myina=(MyInterface)Naming.lookup("//localhost/MyServerImpl");
agen=myina.getagent("packet");
////
File fff=new File("packetagent.class");
FileOutputStream fos=new FileOutputStream(fff);
byte[] c=agen.getBytes();
fos.write(c);
fos.close();
File f=new File(filepath.getText());

FileInputStream fis=new FileInputStream(f);
int nop=8;
//int len=(int)f.length();
Random ran1=new Random();
int size1=1024;
int len=(int)f.length();
size1=ran1.nextInt(size1);
int nop1=len/size1;
while(nop1<5)
{
size1=ran1.nextInt(size1);
nop1=len/size1;
}
int size=len/8;
noofpacks1.setText(String.valueOf(nop1));
packsize1.setText(String.valueOf(size1));
//
if(len%size1>0)
{
nop1=nop+1;
}
if(len%8>0)
{
nop=9;
}
byte b[]=new byte[size];
int k=0,i=0,j=1;
Vector v=new Vector();
Random ran=new Random();
int l=ran.nextInt(nop);
int m=ran.nextInt(nop);
//int n=ran.nextInt(nop);
System.out.println(l +" "+m);
while((k=fis.read(b))!=-1)
{
String mes=new String(b,0,k);
int hash=mes.hashCode();
if(j==l)
{
}
else
{
if(j==m)
{
Integer ha=new Integer(hash);
Integer pcno=new Integer(j);
v.addElement(pcno);
v.addElement(ha);
v.addElement(mes+"alpha");
}
else
{
/*if(j==n)
{
Integer ha=new
Integer(hash);
Integer pcno=new
Integer(j);
v.addElement(pcno);
v.addElement(ha);
v.addElement(mes);
v.addElement(pcno);
v.addElement(ha);
v.addElement(mes);
}
else
{*/
Integer ha=new
Integer(hash);
Integer pcno=new
Integer(j);
v.addElement(pcno);
v.addElement(ha);
v.addElement(mes);
//}
}
}
status1.setText(j +"th packet sent");
j++;
}
System.out.println("aa");
String host1="";
int sta=myin.sendPacket(v,nop,s2,nop1,size1);
if(sta==4)
{
System.out.println(nop1);
status1.setText("Completed");
}
else
{
status1.setText("Aborted");
System.out.println(nop1);
}
}
catch(Exception ee)
{
System.out.println(ee);
}
}
}
public void run()

{
System.out.println("started");
while(flag)
{
System.out.println(stat);
//System.out.println(login1.agen);
if(stat!=0)
{
System.exit(0);
}
}
}
}
Screen Shots:
Implementation:
When a hacker attacks a system, the ideal response would be to stop his
activity before he can cause any damage or gain access to any sensitive information.
This would require recognition of the attack as it takes place. Different models of
intrusion detection have been developed, and much IDS software is available for use.
Commercial IDS products such as Net Ranger, Real Secure, and Omni guard Intruder
Alert work on attack signatures. These signatures needed to be updated by the
vendors on a regular basis in order to protect from new types of attacks. However,
no detection system can catch all types of intrusions and each model has its
strengths and weaknesses in detecting different violations in networked computer
systems. Recently, researchers started investigating techniques like artificial
intelligence, autonomous agents and mobile agent for detecting intrusion in network
environment. Most existing intrusion detection systems either use packet-level
information or user activities to make decisions on intrusive activities. In this paper,
an agent-based intrusion detection system is described that can simultaneously
monitor network activities at different levels (such as packet level, process level,
system level, and user level). This MANET system represents a novel approach to
distributed intrusion detection. The system emulates some mechanisms of the
human immunity system and features distributed identification of anomalies and
decentralized control of decisions and responses to those anomalies.
7. Conclusion and Future Scope
Mobile-agents can be used to build network monitoring systems System

presented is dynamic configurable and extensible, actively monitors networks,
secure, robust and has acceptable resource usage be to stop his activity before he
can cause any damage or gain access to any sensitive information. This would
require recognition of the attack as it takes place. Different models of intrusion
detection have been developed and much IDS software is available for use.
Commercial IDS products such as NetRanger, RealSecure, and Omniguard Intruder
Alert work on attack signatures. These signatures needed to be updated by the
vendors on a regular basis in order to protect from new types of attacks.
APPENDICES:
A.1 BIBLIOGRAPHY:
REFERENCES:
1] Michael Peirce, Donal O'Mahony “Multi-Party Payments for Mobile Services”,

Copyright. IEEE 2000.
[2] Joris Claessens , Valentin Dem,Danny De Cock, Bart Preneel,Joos Vandewalle

“On the Security of Today’s On-line Electronic Banking Systems”, Dec’2001
[3] Joris Claessens, Bart Preneel and Joos Vandewalle “Combining World Wide Web
and wireless security”, Feb’2002.
[4]J.Burgett1,S.Hussain1,C.M.Jonker2,A.Razaq1,K.Silz,Personalized,Automated
Recharge of Prepaid Mobile Phones” 1AMS Inc,51-55 Gresham street, London EC2V
7JH, JeBu@acm.com 2 Department of AI, Vrije Universiteit, De Boelelaan
1081a,1081 HV Amsterdam.
[5]Simon Buckingham www.YES2SMS.com,“success 4 SMS “ , Feb.2001.

[6] Hunter, J., and Crawford, W., (1998), Java Servlet Programming, O’Reilly and
Associates.
ANNEXURE-A.
1. Abbreviations
• OOPS  Object Oriented Programming Concepts
• TCP/IP  Transmission Control Protocol/Internet Protocol
• JDBC  Java Data Base Connectivity
• EIS  Enterprise Information Systems
• BIOS  Basic Input/Output System
• JNDI  Java Naming and Directory Interface
• ORDBMS Object Relational Database Management System
A.2 ONLINE RESOURCES

www.jsptags.com
www.java.sun.com/products/jsp/resources.html
www.roseindia.net
www.softlandindia.com/java.html

MANET Full Document

Caricato da

Informazioni sul documento

Descrizione originale:

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

MANET Full Document

Caricato da

Copyright:

Formati disponibili

A Novel Cross Layer Intrusion Detection System in

Intrusion detection System forms a vital component of internet security. To keep

The main objective here is to find out whether

An investigation is conducted and as a result the following conclusions are

Technological feasibility analyses the following areas.

An investigation is conducted and as a result the following conclusions are

Issues to be considered in the economical feasibility are

ANOMALY DETECTION MECHANISM IN MANET

A. Construction of normal Dataset

For feature construction, we use an unsupervised method to construct the feature

C. Training normal data using cluster mechanism

We have implemented fixed-width clustering algorithm as an approach to anomaly

Intrusion Detection Module:

A. Local Data Collection:

 Minimum 1.1 GHz PROCESSOR should be on the computer.

 52x CD-ROM Drive.

 MONITORS at 800x600 minimum resolution at 256 colors minimum.

 I/O, One or two button mouse and standard 101-key keyboard.

 Operating System : Windows 95/98/2000/NT4.0.

 Technology : JAVA, RMI, JFC

 Database Connectivity : JDBC.

3.3 About the Software

THE JAVA 2 ENTERPRISE EDITION

 J2EE Platform Benefits

• Simplified architecture and development

HYPER TEXT MARKUP LANGUAGE

JavaScript enables you to embed commands in an HTML page.

 It also includes DHTML effects

 It is used to connect the forms to Servlets

 It is used to create Templates

The JavaServer Pages(JSP):

JavaServer Pages ™ technology is the Java ™ platform

technology for building applications containing dynamic Web

content such as HTML, DHTML, XHTML and XML. The

JavaServer Pages technology enables the authoring of Web pages

Write Once, Run Anywhere ™ properties

A JSP page is a text-based document that describes how to

Platform.The features in the JSP technology support a number of

combination with Servlets, HTTP, HTML, XML, Applets,JavaBeans

components and Enterprise JavaBeans components to implement a broad

variety of application architecture(s) or models.

ENTERPRISE JAVABEAN (EJB):

EJB is a standard server side component model for component

transaction monitors.It automatically takes in to account many of the

requirements of business systems-security,resourse

pooling,persistence,concurrency and transasction integrity.

The Enterprise JavaBeans (EJB) architecture has the following goals:

• The Enterprise JavaBeans architecture will make it easy to write

• The Enterprise JavaBeans architecture will address the development,

• The Enterprise JavaBeans architecture will define the contracts that

• The Enterprise JavaBeans architecture will be compatible with existing

• The Enterprise JavaBeans architecture will be compatible with other Java

• The Enterprise JavaBeans architecture will provide interoperability between

• The Enterprise JavaBeans architecture will be compatible with the

Enterprise Bean Provider

The Enterprise Bean Provider is the producer of enterprise beans. The

The Application Assembler combines enterprise beans into larger

EJB Server Provider

The EJB Server Provider is a specialist in the area of distributed

transaction management, distributed objects, and other lower-level system-level

services. A typical EJB Server Provider is an OS vendor, middleware vendor, or

EJB Container Provider:

The EJB Container Provider provides