1121

USB MASS STORAGE DEVICE SECURITY MANAGER
A Project report submitted to Yadavacollege (Autonomous) affiliated to Madurai Kamaraj university in partial fulfillment of the Requirement for the award of degree in BACHELOR OF SCIENCE IN INFORMATION TECHNOLOGY Submitted by G.KALYANA SUNDARAM (RegNo: 11027133)
Under the Guidance of Mr.A.VENKATESAN M.SC.,M.phil LECTURER DEPARTMENT OF INFORMATION TECHNOLOGY YADAVA COLLEGE (AUTONOMOUS)
(RE-ACCREDITED WITH A GRADE BY NAAC)
MADURAI-625 014.
1

MADURAI-625 014.

MADURAI-625 014.

MADURAI-625 014.

MADURAI-625 014.

MADURAI-625 014. 2012 2013

6
DEPARTMENT OF INFORMATION TECHNOLOGY YADAVA COLLEGE (AUTONOMOUS) (Re-Accredited with A Grade By NAAC) MADURAI-625 014.
GUIDE CERTIFICATE This is to certify that the project entitled USB MASS STORAGE DEVICE SECURITY MANAGER is a bonafied work done by G.KALYANA SUNARAM (Reg No.11027133), student of Department of Information Technology Yadava college, affiliated to Madurai Kamaraj University in partial fulfillment of the requirement for the award of the degree of B.Sc.(IT) program during the academic year 2012 2013 under my guidance. It has not been submitted by any other university for the award of any other degree. Project Guide
(Mr. A.VENKATESAN M.SC., Mphil)
DEPARTMENT OF INFORMATION TECHNOLOGY YADAVA COLLEGE (AUTONOMOUS) (Re-Accredited with A Grade By NAAC) MADURAI-625 014.
BONAFIDE CERTIFICATE This is to certify that the project entitled USB
MASS STORAGE DEVICE SECURITY MANAGER
submitted by G.KALYANA SUNDARAM of Bachelor of Science in Information Technology is a bonafide work carried out successfully under the guidance of Mr. A.VENKATESAN. During the period from November 2012 March 2013. HEAD OF THE DEPARTMENT
(Mr.K.AYYANARKARUPPIAH M.S (IT&M)., M.Phil.,)
INTERNAL GUIDE
(Mr. A.VENKATESAN M.SC.,Mphil)
Submitted for the Viva-voice examination held at Yadava College on Internal Examiner
8
External Examiner
DECLARATION
I hereby declare that the project work entitled
USB MASS STORAGE DEVICE SECURITY MANAGER is the project report of the original work done by G.KALYAN SUNDARAM during the project period Nov 2012Mar 2013. This project work is submitted to Yadava College, Madurai in partial fulfillment of the degree of Bachelor of Science in Information Technology is the record of original work done by me under the guidance of Mr. A.VENKATESAN M.SC., Mphil LECTURER, Department of IT ,Yadava College, Madurai. It has not been submitted to any other university for the award of any degree\diploma\associative ship\fellowship.
Place: Madurai Date:

9
Signature of the candidate (G.KALYANA SUNDARAM)
ACKNOWLEDGEMENT
10
ACKNOWLEDGEMENT
I very much indebted and thankful to the Management of Yadava College, Madurai for giving a valuable chance for giving me collegiate education in the best environment. My heartiest thanks to my beloved Principal-In-Charge,
Yadava college, affiliated to Madurai Kamaraj University for his encouragement that stimulated us to embrace this project. I extremely thankful Head to of Mr. the K.AYYANARKARUPPIAH Department of Information
M.S(IT&M).,M.Phil.,the
Technology,Yadava College, Madurai who has been the guiding force behind me in attaining the goal. I gratefully acknowledged the guidance and whole hearted participation of my honorable guide, Mr. A.VENKATESAN M.SC., M.Phil. Department of Information Technology, Yadava College, Madurai in completing the project successfully. I wish to express my deep sense of gratitude to all the staffs for their encouragement and best suggestion for the success of my project.
11
CONTENTS
12
CONTENT SNO
1.
TITLE
INTRODUCTION 1.1 Synopsis 1.2 Organization Profile SYSTEM ANYLISIS 2.1 Existing System 2.2 Proposed System 2.3 Feasibility study
2.
3.
4. 5. 6.
SYSTEM REQUIREMENTS 3.1 Hardware Requirements 3.2 Software Requirements 3.3 Software Characteristics DATA FLOW DIAGRAM PROJECT SPECIFICATION 5.1 Module Specification SYSTEM DESIGN 6.1 Input Design 6.2 Output Design SYSTEM TESTING 7.1 Unit Testing 7.2 Module Testing 7.3 Integration Testing SYSTEM IMPLEMENTATION CONCLUSION FUTURE ENHANCEMENT APPENDIX 11.1 sample screen BIBLIOGRAPHY
7.
8. 9. 10. 11.
12.
13
INTRODUCTION
14
1. INTRODUCTION
1.1 SYNOPSIS Everyone admits that a USB drive is the best choice for storing and transferring confidential data from one place to another. People use USB drives to store confidential information as well as for the purpose of storing personal stuff which may include music files, family photos, videos, letters and etc. Sometimes people need to transfer their data from one PC to another PC. Most often our system gets infected with virus soon after a USB pen drive has been plugged in. These days it is so easy to get infected by viruses by plugging in a pen drive to your system from unknown source (may be your friends one or your college desktops). The Antivirus softwares are detecting common virus from the pen drive but new virus introduced very day. So the antivirus softwares are not a best tool to prevent USB pen drive viruses. The users need compact method to prevent the virus enter into the system, because prevention is better than cure. This proposed system provides facilities to the user which is scan USB for threats, lock USB drives, write protection and auto run manipulations. USB drive scanning option which is scan the USB drive using innovative technology to block any threats via USB drive. If any USB drives inserted into computer, USB virus scan will automatically scan it and list out threats, and then the user select and remove threats.
15
The USB Write Protector allows only reading the data from the pen drive but it wont permit to write data into the pen drive. This is really useful if you take your pen drive to plug on to your friends or relatives pc, as most of the viruses enter the pen drive unknowingly. The user can Enable/Disable the Auto run features in the computer because the most effective method of preventing your system from getting infected is to disable auto run feature of USB devices. The proposed system is going to develop by using visual C#2.0 on windows xp platform.
16
1.2 ORGAZATIONAL PROFILE At 5-G Technology(P) Ltd, We go beyond providing software solutions. We work with our clients technologies and business changes that s hape their competitive advantages. Founded in 2001, 5-G Technology(P) Ltd. is a software and service provider that helps organizations deploy, manage, and support their business-critical software more effectively. Utilizing a combination of proprietary software, services and specialized expertise, 5-G Technology(P) Ltd. helps mid-to-large enterprises, software companies and IT service providers improve consistency, speed, and transparency with service delivery at lower costs. 5-G Technology(P) Ltd. helps companies avoid many of the delays, costs and risks associated with the distribution and support of software on desktops, servers and remote devices. Our automated solutions include rapid, touch-free deployments, ongoing software upgrades, fixes and security patches, technology asset inventory and tracking, software license optimization, application self-healing and policy management. At 5-G Technology(P) Ltd, we go beyond providing software solutions. We work with our clients technologies and business processes that shape there competitive advantages. About The People I have the prowess to have a clear vision and realize it too. As a statistical evaluation, the team has more than 40,000 hours of expertise in providing real-time solutions in the fields of Embedded Systems, Control systems, Micro-Controllers, C Based Interfacing, Programmable Logic Controller, VLSI Design And Implementation, Networking With C, ++, java, client Server Technologies in
17
Java,(J2EE\J2ME\EJB),VB & VC++, Oracle and operating system concepts with LINUX. Our Vision Dreaming a vision is possible and realizing it is our goal. Our Mission We have achieved this by creating and perfecting processes that are in par with the global standards and we deliver high quality, high value services, reliable and cost effective IT products to clients around the world.
18
SYSTEM ANALYSIS
19
2. SYSTEM ANALYSIS:
2.1 Existing system:
In the earlier system was difficult to maintain. Because using the registry editor for changing the key value of USB... Suppose the End user wants to change the Disable or Enable option its making too hard and also making the vulnerability. The chance was changing the other value or the attribute of registry by the user, also this system did not have the security against virus. There is no direct way of doing Enable/Disable (Other than disabling the drivers) in windows. There are third party softwares available for it. NEED FOR NEW SYSTEM To reduce expenses. Better quality time of training. Any time access to management information system. To provide a simple and user-friendly interface to its end-user Computer based testing not only provide secured format but also have a greater flexibility.
2.2 Proposed system:

The biggest problem faced with the USB Flash Drive is the security of data and the protection from infected viruses mad malware that corrupt the machines that are connected to it or when comes to data sharing.
20
The solution for this is now available with features like Enable or Disable the USB, Remove the auto run and the anti-virus. Now your flash drive can perform scans on the foreign system even if it doesn't have its own virus protection. This will help to ensure that your flash drive does not get infected. Even though you take this precaution, this will help catch anything that your portable virus scanner did not catch.
2.3 Feasibility Study:

The feasibility of the project is analyzed in this phase and business proposal is put forth with a very general plan for the project and some cost estimates. During system analysis the feasibility study of the proposed system is to be carried out. This is to ensure that the proposed system is not a burden to the company. For feasibility analysis, some understanding of the major requirements for the system is essential.
Three key considerations involved in the feasibility analysis are ECONOMICAL FEASIBILITY TECHNICAL FEASIBILITY SOCIAL FEASIBILITY
21
ECONOMICAL FEASIBILITY:
This study is carried out to check the economic impact that the system will have on the organization. The amount of fund that the company can pour into the research and development of the system is limited. The expenditures must be justified. Thus the developed system as well within the budget and this was achieved because most of the technologies used are freely available. Only the customized products had to be purchased.
TECHNICAL FEASIBILITY:
This study is carried out to check the technical feasibility, that is, the technical requirements of the system. Any system developed must not have a high demand on the available technical resources. This will lead to high demands on the available technical resources. This will lead to high demands being placed on the client. The developed system must have a modest requirement, as only minimal or null changes are required for implementing this system.
SOCIAL FEASIBILITY:
The aspect of study is to check the level of acceptance of the system by the user. This includes the process of training the user to use the system efficiently. The user must not feel threatened by the system, instead must accept it as a necessity. The level of acceptance by the users solely depends on the methods that are employed to educate the user about the system and to make him familiar with it. His level of confidence must be raised so that he is also able to make some constructive criticism, which is welcomed, as he is the final user of the system.
22
SYSTEM REQUIREMENTS
23
3. SYSTEM REQUIREMENTS
3.1 HARDWARE REQUIREMENTS:

System Hard Disk Monitor Mouse Ram : Pentium IV 2.4 GHz. : 320 GB. : 15 VGA Colour. : Logitech. : 1GB.
24
3.2 SOFTWARE REQUIREMENTS:
Operating system Front End Coding Language
: - Windows XP Professional. : - Visual Studio.Net 2005 : - Visual C# .Net
25
3.3 SOFTWARE CHARACTERISTICS The software requirement specification is produced at the culmination of the analysis task. The function and performance allocated to software as part of system engineering are refined by establishing a complete information description, a representation of system behavior, an indication of performance requirements and design constraints, appropriate validation criteria, and other information pertinent to requirements. The introduction of the software requirements specification states the goals and objectives of the software, describing it in the context of the computer-based system. Actually the introduction may be nothing more than the software scope of the planning document. The information description provides the detailed description of the problem that the software must solve. Information content, flow and structure are documented. Hardware, software and the human interfaces are described for the external system elements and internal software functions. A description of each function required to solve the problem is presented in the functional description. A processing narrative is provided for each function, design constraints are stated and justified, performance characteristics are stated and one or more diagrams are included to graphically represent the overall structure of the software and interplay among software functions and other system elements. The behavioral description section of the section of the specification examines the operations of the software. As a consequence of the external events and internally generated control characteristics. Validation criteria are probably the most important and, ironically the most often neglected section of the software requirement specification. Specification of
26
validation criteria acts as an implicit review of all other requirements, it is essential the time and attention be given to the section. In many cases the software requirements specification may be accompanied by an executable prototype, a Paper prototype or a preliminary users manual. The preliminary users manual presents the software as a black box. That is, heavy emphasis is placed on user input And the resultant output. The manual can serve as a valuable tool for uncovering problems at the human/machine interface. The software requirement specification is conducted by both the software developer and the customer. Because the specification forms the foundation of the development case, extreme care should be taken in conducting the review. The review is first conducted in the macroscopic level; that is, reviewers attempt to ensure that the specification is complete, consistent and accurate when the overall information, functional and behavioral domains are considered. However, to fully explore each of these domains, review becomes more detailed, examining not only broad descriptions but the way in which requirements are worded. The software requirement specification is developed as a consequence of analysis. Review is essential to ensure that the developer and the customer have the same perception of the system. Unfortunately, even with the best of methods, the problem is that the problem keeps changing.
.NET Framework The .NET Framework is the infrastructure for the new Microsoft .NET Platform.
27
The .NET Framework is a common environment for building, deploying, and running Web Services and Web Applications. The .NET Framework contains common class libraries - like ADO.NET, ASP.NET and Windows Forms - to provide advanced standard services that can be integrated into a variety of computer systems. The .NET Framework is language neutral. Currently it supports C++, C#, Visual Basic, JScript (The Microsoft version of JavaScript) and COBOL. Third-party languages - like Eiffel, Perl, Python, Smalltalk, and others - will also be available for building future .NET Framework applications. The new Visual Studio.NET is a common development environment for the new .NET Framework. It provides a feature-rich application execution environment, simplified development and easy integration between a number of different development languages.
.NET Framework Advantages

The .NET Framework offers a number of advantages to developers. The following paragraphs describe them in detail. Consistent Programming Model Different programming languages have different approaches for doing a task. For example, accessing data with a VB 6.0 application and a VC++ application is totally different. When using different programming languages to do
28
a task, a disparity exists among the approach developers use to perform the task. The difference in techniques comes from how different languages interact with the underlying system that applications rely on. With .NET, for example, accessing data with a VB .NET and a C# .NET looks very similar apart from slight syntactical differences. Both the programs Need to import the System.Data namespace, both the programs establish a connection with the database and both the programs run a query and display the data on a data grid. The VB 6.0 and VC++ example mentioned in the first paragraph explains that there is more than one way to do a particular task within the same language. The .NET example explains that there's a unified means of accomplishing the same task by using the .NET Class Library, a key component of the .NET Framework. The functionality that the .NET Class Library provides is available to all .NET languages resulting in a consistent object model regardless of the programming language the developer uses.
Direct Support for Security Developing an application that resides on a local machine and uses local resources is easy. In this scenario, security isn't an issue as all the resources are available and accessed locally. Consider an application that accesses data on a remote machine or has to perform a privileged task on behalf of a non privileged
29
user. In this scenario security is much more important as the application is accessing data from a remote machine. With .NET, the Framework enables the developer and the system administrator to specify method level security. It uses industry-standard protocols such as TCP/IP, XML, SOAP and HTTP to facilitate distributed application communications. This makes distributed computing more secure because .NET developers cooperate with network security devices instead of working around their security limitations. Another advantage of creating applications is debugging. Visual Studio .NET and other third party providers provide several debugging tools that simplify application development. The .NET Framework simplifies debugging with support for Runtime diagnostics. Runtime diagnostics helps you to track down bugs and also helps you to determine how well an application performs. The .NET Framework provides three types of Runtime diagnostics: Event Logging, Performance Counters and Tracing.
Easy Application Deployment and Maintenance The .NET Framework makes it easy to deploy applications. In the most common form, to install an application, all you need to do is copy the application along with the components it requires into a directory on the target computer. The .NET Framework handles the details of locating and loading the components an application needs, even if several versions of the same application exist on the target computer. The .NET Framework ensures that all the components the
30
application depends on are available on the computer before the application begins to execute.
JAVA SCRIPT
With a advent of internet and World Wide Web, interactive communication at an exigency has become a necessity for mankind. The World Wide Web is a cluster of pages of information, combining text, picture and sound. Each page has a hyperlink that refers to another page on the net. The linked page can have further links to other such pages. This system of interlinked documents is hypertext. Browsers help in manipulating pages of hypertext information to enhance interactivity between pages. One such browser the Netscape Navigator Gold. This browser was developed by Netscape communication, which incorporates java, a programming language from Sun micro systems and JavaScript, a scripting language used to enhance the functionality of the browser. Netscape offers hosts of tools to add value to their applications. These tools aid web page developers and developer and authors in adding dynamic interaction to the information provided on the internet. JavaScript is integrated with HTML and Navigator. JavaScript the developer with properties related to document windows, frames and forms, loaded documents and links. This Scripting Language also traps user and events so programs can be developed for such events. This is an interpreter based language and source code files and are directly executed at runtime. JavaScript included built-in objects related to the current windows and documents as well as objects such as Math, String and date that contain mathematical functions, string functions and date
31
function respectively. Since JavaScript is an object based language, it supports Instances, Methods, and Properties.
HYPER TEXT TRANSFER PROTOCOL (HTTP)
The hyper text transfer protocol is a protocol for handling hyper text markup language over the internet. Html is a language for creating a WebPages. HTTP supports the inclusion of hyper text links in documents and immediately switches to other sites when those links are engaged. HTTP controls the connection between web browser and web server and exchange information between two systems. HTTP uses the Universal Resource Locator (URL) addressing scheme to locate hosts on the internet and html documents on those hosts. Every document the web has a unique address that includes the name of the server.
WEB BROWSER
The web browser provides a graphical, text based terminal interface to the web server. This terminal approach provides an interface between the user and the web server. The web browser is responsible for translating HTML send by the web server into a graphical user interface within the browser. The choice of Web browser is often directly related to the needs of a targeted user. For example if one design goal of our web application to reach the largest user group, our application should relay only on HTML standards , since it can be used group is more define , we can design our web pages to take advantage of the special characteristics of the planned user community.
32
The web browser can also use client side scripting to perform tasks and operations within the browser. Scripting language such as JavaScript and VBScripts are used to reduce server processing and network bandwidth by performing actions such as field validations or calculations within the requesting browser. For example, we can create a mini-online help system by displaying a help system by displaying help message when the user moves over a hyperlink.
UNIFORM RESOURCE LOCATOR (URL)

URL is the name and path that appears with the address field when we hyperlink to a difference web site. We might need to be type the address if we can not directly link to it from a page. The syntax of a web page URL is: Syntax: Example: protocol://host/[:port]/path http://www.sniffermail.com/
The first component of a URL identifies the type of the resource. For the web, the resource identifier is http. The colon separates the protocol from the rest of the URL. Two slashes include that the name follows is a host name. The host name is the domain name for the site. The port number for http is 80, but it is optional. / indicates the root of the system
33
Path and HTML file name are optional. When we connect with a site, a default home page is displayed.
34
DATAFLOW DIAGRAM
35
5.1Data Flow Diagram: The data flow diagram is a way of expressing system requirements in a graphical form. This led to the modular design. A data flow diagram also known as a "Bubble Chart" has the purpose of clarifying system requirements and identifying major transformations that will become program in system design. A DATA FLOW DIAGRAM (DFD) or a BUBBLE CHART describes the flow of data and processes that change, or transform, data throughout the system. This network is constructed by using a set of symbols that do not imply a physical implementation .It is a graphical tool for structured analysis of the system requirements. DFD models a system by using external entities from which data flows to a process, which transforms the data and creates, output-data-flows which go to other processes or external entities or files. Data in files many also flow to processes as inputs. DFD's can be hierarchically organized, which help in partitioning and analyzing large systems. As a first step, one Data Flow Diagram can depict an entire system. Which gives the system overview? It is called Context Diagram of level 0 DFD. The Context Diagram can be further expanded. The successive expansion of a DFD from the context diagram to those giving more details is known as leveling of DFD. Thus a top down approach is used, starting with an overview and then working out the details.
36
The main merit of DFD is that it can provide an overview of system requirements, what data a system would process, what transformation of data is done, what files are used, and where the results flow. * BASIC DFD SYMBOLS:
-------- Data flow is a route, which enables data to travel from one point to another. Data may flow from a source to a data store or process. An arrow line depicts the flow, with arrowhead pointing in the direction of the flow.
A process represents transformation where incoming data flows are Changed into outgoing data flows. A data store is a repository of data that is to be stored for use by a one or more process may be as simple as buffer or queue or sophisticated as relational File, they should have clear names. If a process merely uses the content of store and does not alter it, the arrowhead goes only from the store to the process. If a process alters the details in the store then a double -headed arrow is used. A source or sink is a person or part of an organization, which enters or receives information from the system, considered to be outside the contest of data flow model.
37
STRUCTURE DIAGRAM
USER NODE
1.0
system security
NO
YES
ENABLE USB
DISABLE USB
2.0 DENIED COPY INFO USB AUTHENTICATION
ENABLE READ ONLY
38
REMOVE AUTORAN LEVEL 0
Drive antivirus
USB DRIVES PROCESS DRIVE AUTO RUN
39
Read write level 1

USB DRIVES VERITY ATTRIBUTES DENIED COPY
WRITE
READ ONLY
READ
40
Enable or Disable Level 2
VERITY
ADMINISTRATOR
USB STATUS
ACCESS BY
ENABLE USB
SECURITY WITH DISABLE USB PASSWORD
41
PROJECT SPECIFICATION
42
2. PROBLEM DESCRIPTION AND DEFINITION:

2.1 MODULE DESCRIPTION: MODULES Scan Disk Remove Auto Run Read/Write Enable / Disable USB
Scan Disk Scan Disk provides comprehensive protection against any virus, worm trying to attack via USB drive. When an USB device is inserted into your computer, USB Drive Antivirus will automatically scan it, block and delete USB virus, Trojans, and malicious code. Also it can detect and remove USB virus such as auto run virus in your computer. USB Drive Antivirus can also remove the autorun.inf virus due to which you cannot open your hard disk and USB drive (Pen drive, Memory card) by double clicking.
Remove Auto run

43
You have already run an anti-virus at least a couple of time, formatted the device more than that, but that stubborn Autorun.inf is still infected with malware. Infecting the Auto run file on removable devices is inevitable, especially if you're used to sharing them with the computer system at work, or with your friends. This utility will take care of any Auto run files that were missed by the antivirus programs, and it will do so automatically, even before you get to access the removable device. A warning message will always be displayed to you.
Read / Write If you enable this setting, write access will be denied on all USB flash drives used on current computer. All USB flash drives become read-only. There may be cases where we may want the users to connect their USB flash drives to our computer only for reading the data from them, but not let other people to copy informations from our computer, into their USB flash drives
Enable / Disable USB

44
The USB drives are disabled by Administrators at offices or colleges or schools for the security reasons. There is no direct way for doing it. If you check this setting, execute access will be denied for all executable files on all USB flash drives used on current computer, on all user profiles. This ensures a plus of security to your system against dangerous and malicious software, like worms, backdoors or password stealers. Assume that you want to prevent users from connecting to a USB storage device that is connected to your computer, just use this option and users won't be able anymore to install and use USB flash devices on your computer.
45
SYSTEM DESIGN
46
5.3 INPUT AND OUTPUT DESIGN INPUT DESIGN

Input design is the process of converting user-oriented input into computerbased format. The goal of designing input data is to make data entry as easy as possible and free from errors. Errors in the input are handled in the input design. The input data is the lifeblood of a system and have to be analyzed and designed with utmost case and consideration. The decisions made during the input design are:
To provide cost effective method of input To achieve the highest possible level of accuracy To ensure that input is understand by the user
OUTPUT DESIGN
Output design generally refers to the results and informations that are generated by the system for many end users. Output is the main reason for developing the system and the basis on which they evaluate the usefulness of the application. The basis requirements of output are that it should be accurate, timely and appropriate, in terms of content, medium and layout for its intended purpose. The important task of any system lies is the capability of producing high quality output and reports. Computer output is the most important and direct source of information to the user. A good output design contains all
47
required information and well formatted for the better visualization and avoids the complexity in displaying the data in this system was developed by keeping in mind and proper output is displayed for the users accurately.
48
SYSTEM TESTING
49
SYSTEM TESTING
Testing:
The purpose of testing is to discover errors. Testing is the process of trying to discover every conceivable fault or weakness in a work product. It provides a way to check the functionality of components, sub assemblies, assemblies and/or a finished product It is the process of exercising software with the intent of ensuring that the Software system meets its requirements and user expectations and does not fail in an unacceptable manner. There are various types of test. Each test type addresses a specific testing requirement.
TYPES OF TESTING: Unit testing

Unit testing involves the design of test cases that validate that the internal program logic is functioning properly, and that program inputs produce valid outputs. All decision branches and internal code flow should be validated. It is the testing of individual software units of the application .it is done after the completion of an individual unit before integration. This is a structural testing, that relies on knowledge of its construction and is invasive. Unit tests perform basic tests at component level and test a specific business process, application, and/or system configuration. Unit tests ensure that each unique path of a business process performs accurately to the documented specifications and contains clearly defined inputs and expected results.
50
Unit testing is usually conducted as part of a combined code and unit test phase of the software lifecycle, although it is not uncommon for coding and unit testing to be conducted as two distinct phases. Test strategy and approach Field testing will be performed manually and functional tests will be written in detail. Test objectives All field entries must work properly. Pages must be activated from the identified link. The entry screen, messages and responses must not be delayed. Features to be tested Verify that the entries are of the correct format No duplicate entries should be allowed All links should take the user to the correct page.
Integration testing
Integration tests are designed to test integrated software components to determine if they actually run as one program. Testing is event driven and is more concerned with the basic outcome of screens or fields. Integration tests
51
demonstrate that although the components were individually satisfaction, as shown by successfully unit testing, the combination of components is correct and Consistent. Integration testing is specifically aimed at exposing the problems that arise from the combination of components. Software integration testing is the incremental integration testing of two or more integrated software components on a single platform to produce failures caused by interface defects. The task of the integration test is to check that components or software applications, e.g. components in a software system or one step up software applications at the company level interact without error. Test Results: All the test cases mentioned above passed successfully. No defects encountered. Functional Test Functional tests provide systematic demonstrations that functions tested are available as specified by the business and technical requirements, system documentation, and user manuals.
52
Functional testing is centered on the following items: Valid Input Invalid Input Functions : identified classes of valid input must be accepted. : identified classes of invalid input must be rejected. : identified functions must be exercised.
Output
: identified classes of application outputs must be exercised.
Systems/Procedures: interfacing systems or procedures must be invoked. Organization and preparation of functional tests is focused on requirements, key functions, or special test cases. In addition, systematic coverage pertaining to identify Business process flows; data fields, predefined processes, and successive processes must be considered for testing. Before functional testing is complete, additional tests are identified and the effective value of current tests is determined.
System Test
System testing ensures that the entire integrated software system meets requirements. It tests a configuration to ensure known and predictable results. An example of system testing is the configuration oriented system integration test. System testing is based on process descriptions and flows, emphasizing pre-driven process links and integration points.
53
White Box Testing

White Box Testing is a testing in which in which the software tester has knowledge of the inner workings, structure and language of the software, or at least its purpose. It is purpose. It is used to test areas that cannot be reached from a black box level.
Black Box Testing

Black Box Testing is testing the software without any knowledge of the inner workings, structure or language of the module being tested. Black box tests, as most other kinds of tests, must be written from a definitive source document, such as specification or requirements document, such as specification or requirements document. It is a testing in which the software under test is treated, as a black box .you cannot see into it. The test provides inputs and responds to outputs without considering how the software works.
Acceptance Testing
User Acceptance Testing is a critical phase of any project and requires significant participation by the end user. It also ensures that the system meets the functional requirements. Test Results: All the test cases mentioned above passed successfully. No defects encountered.
54
55
SYSTEM IMPLEMENTATION
56
System Implementation:
Implementation is the stage of the project when the theoretical design is turned out into a working system. Thus it can be considered to be the most critical stage in achieving a successful new system and in giving the user, confidence that the new system will work and be effective. The implementation stage involves careful planning, investigation of the existing system and its constraints on implementation, designing of methods to achieve changeover and evaluation of changeover methods. Apart from planning, the major task of preparing the implementation is the user sends the packets through network it may be a same network or mixed network. The more complex system being implemented, the more involved will be the system analysis and the design effort required just for implementation. An implementation is used to detect the collation interrupt and data overflow. According to this plan, the activities are to be carried out, discussions made regarding the equipment and resources and the additional equipment has to be acquired to implement the new system. Implementation is the final and important phase. The most critical stage in achieving a successful new system and in giving the users confidence that the new system will work effectively. The system can be implemented only after through
Testing is done and if it found to be working according to the specification. This method also offers the greatest security since the old system can take over if the
57
errors are found or inability to handle certain type of transactions while using the new system. At the beginning of the development phase, a preliminary implementation plan is created to schedule and manage the many different activities that must be integrated into plan. The implementation plan is updated throughout the development phase, culminating in a changeover plan for the operation phase. The major elements of implementation plan are test plan, discussion plan, equipment installation plan and a conversion plan. There are three types of implementation system. Implementation of a new system to replace the existing one. Implementation of a modified application to replace an existing Implementation of a computer system to replace a manual
one using the same computer.
POST IMPLEMENTATION
Every system requires periodic evaluation after implementation. A post implementation review measures the systems performance against predefined requirements. Unlike system testing, which determines where the system fails so that the necessary adjustments can be made, a post implementation review
Determines how well the system continues to meet performance specifications. It also provides information to determine whether major redesign is necessary.
58
This system is implemented to connect a remote PC, it is not necessary to install Get by Mail on both local and remote computers. Mail supports command line interpreter for most commands sent to remote PC from any e-mail client or web mail application. With Mail you can stay at home and have access to your office computer and vice versa simply through your e-mail accounts. You can get remote directory listings and tree view, download/upload files and directories, perform change dir, make dir, rename and delete operations, capture remote computer desktop screens, run remote applications, shutdown, reboot and logoff remote computer.
59
CONCLUSION
60
CONCLUSION
This proposed system provides facilities to the user which is scan USB for threats, lock USB drives, write protection and auto run manipulations. USB drive scanning option which is scan the USB drive using innovative technology to block any threats via USB drive. If any USB drives inserted into computer, USB virus scan will automatically scan it and list out threats, and then the user select and remove threats.
61
FUTURE ENHANCEMENT
62
FUTURE ENHANCEMENT The main future enhancement is collaborative success that means If you are wondering what all the hype is about when it comes to online collaboration, you are able to get an insight in to the workings of the collaborative industry. Basically, online collaboration allows for two things: 1. People working with each other from a distance. 2. Massive efficiencies at work, in terms of time and money. Because online collaboration allows people to come together from anywhere in the world and work on one project or document at the same time, there is no longer a need for everyone to travel to the same location, and hence to have to meeting regarding a particular project. This can now be done solely online, where before it was impossible. For the future - there are many avenues that collaboration could take, however we feel that they are very limited to teams and groups of people working together.
63
APPENDIX
64
SAMPLE SCREEN SHOTS HOME PAGE
65
AUTORUN LOCK
66
AUTORUN DISABLE
67
USB LOCK DISABLE
68
USB ENABLE
69
SCAN DISK
70
READ AND WRITE
71
USB READ ONLY
72
Source Code
USB Security
Using System; Using System.Collections.Generic; Using System.ComponentModel; Using System.Data; Using System. Drawing; Using System. Text; Using System.Windows.Forms; Using System.IO; Using Microsoft.VisualBasic.FileIO; Using Microsoft.Win32; Using SPK_USBLib; Namespace USB_DiskSecurity { Public partial class Form1: Form 73
{ Public Form1 () { Initialize Component (); // Transparency Set Bitmap img = new Bitmap (@"..\\..\\USB.bmp"); img.MakeTransparent (img.GetPixel(1, 1)); this.BackgroundImage = img; this.TransparencyKey = img.GetPixel(1, 1); This. Height = img.Height; this.Width = img.Width;
// Create Events for USB Drive... Call from USB_Detect.cs file Drive Detector drive Detector = new Drive Detector (); driveDetector.DeviceArrived += new DriveDetectorEventHandler(OnDriveArrived); driveDetector.DeviceRemoved += new DriveDetectorEventHandler(OnDriveRemoved); driveDetector.QueryRemove += new DriveDetectorEventHandler (OnQueryRemove); } Public Int x0 = 0; // initial positions
74
Public Int y0 = 0; String strScanPath = ""; Private void OnDriveArrived (object sender, DriveDetectorEventArgs e) { StrScanPath = e.Drive; For each (Drive Info my drive in DriveInfo.GetDrives ()) { if (mydrive.DriveType == DriveType.Removable) { label1.Text = "USB Disk Detected: " + mydrive.VolumeLabel + " (" + mydrive.Name + ")"; txtEvent.AppendText ("USB Disk Detected.."); txtEvent.AppendText ("\r\n"); } } btnScan.Enabled = true; e.HookQueryRemove = true; } Private void OnDriveRemoved (object sender, DriveDetectorEventArgs e) {
75
label1.Text = "USB Disk Removed: "; listView1.Items.Clear (); StrScanPath = ""; btnScan.Enabled = false; txtEvent.AppendText ("USB Disk Ejected.."); txtEvent.AppendText ("\r\n"); } Private void OnQueryRemove (object sender, DriveDetectorEventArgs e) { If (MessageBox.Show ("Allow remove?", "kalyan USB Disk Security", MessageBoxButtons.YesNo, MessageBoxIcon.Question) == DialogResult.Yes) e.Cancel = false; Else e.Cancel = true; } Private void btnScan_Click (object sender, EventArgs e) { File Scan (strScanPath); txtEvent.AppendText ("USB Scan Completed.."); // Cancel the removal of the device // Allow removal
76
txtEvent.AppendText ("\r\n"); } Private void File Scan (string Scan Path) { Try { Int tot = 0; listView1.Items.Clear (); String [] strMalware = File.ReadAllLines(@"..\\..\\virus.txt"); For each (string my File in Directory.GetFiles (Scan Path, "*.*",
System.IO.SearchOption.AllDirectories)) { File Info info = new File Info(myFile); //label2.Text = info.FullName; If (info.Extension == ".inf" | info.Extension == ".dat" | info.Extension == ".bat") { listView1.Items.Add (info.FullName); Continue; } Tot += 1; 77
For each (string malware in strMalware) { If (string. Compare (info. Name, malware, true) == 0) { listView1.Items.Add (info.FullName); } }
} //label2.Text = "Scan Completed"; } Catch (Exception ex) { MessageBox.Show (ex. Message); } } Private void Delete Files (string path) { Try
78
{ FileSystem.DeleteFile (path, UIOption.OnlyErrorDialogs, RecycleOption.DeletePermanently, UICancelOption.ThrowException); MessageBox.Show ("Selected item erased"); //lstFile.Items.RemoveAt (lstFile.SelectedIndex); listView1.Items.RemoveAt (listView1.SelectedItems [0].Index); txtEvent.AppendText ("Selected file Deleted.."); txtEvent.AppendText ("\r\n"); } Catch (Exception ex) { MessageBox.Show (ex.Message); } } Private void Form1_Load (object sender, EventArgs e) { txtEvent.AppendText ("USB Security Started.."); txtEvent.AppendText ("\r\n"); listView1.View = View.Details; listView1.Columns.Add ("Suspecies Files in USB Disk", 310); 79
MyGetDrive (); } Private void myGetDrive () { cboDrive.Items.Clear (); For each (Drive Info my Drive in DriveInfo.GetDrives ()) { if (myDrive.DriveType == DriveType.Removable) { label1.Text = "USB Disk Detected: " + myDrive.VolumeLabel + " (" + myDrive.Name + ")"; StrScanPath = myDrive.Name; Continue; } cboDrive.Items.Add (myDrive.Name); } } Private void btnDelete_Click (object sender, EventArgs e) { Delete Files (listView1.SelectedItems [0].Text);
80
Private void btnUSBEnable_Click (object sender, EventArgs e) { Registry Key key = Registry.LocalMachine.OpenSubKey ("SYSTEM\\CurrentControlSet\\Services\\UsbStor", true); if (key != null) { key.SetValue ("Start", 3, RegistryValueKind.DWord); txtEvent.AppendText ("USB Storage Device Enabled.."); txtEvent.AppendText ("\r\n"); //MessageBox.Show ("USB Storage Device Enabled"); } Key. Close (); } Private void btnUSBDisable_Click (object sender, EventArgs e) { Registry Key key = Registry.LocalMachine.OpenSubKey ("SYSTEM\\CurrentControlSet\\Services\\UsbStor", true);
81
if (key != null) { key.SetValue ("Start", 4, RegistryValueKind.DWord); txtEvent.AppendText ("USB Storage Device Locked.."); txtEvent.AppendText ("\r\n"); //MessageBox.Show ("USB Storage Device Locked"); } Key. Close (); } Private void btnUSBReadOnly_Click (object sender, EventArgs e) { Registry Key key = Registry.LocalMachine.OpenSubKey ("SYSTEM\\CurrentControlSet\\Control\\StorageDevicePolicies", true); if (key == null) { Registry.LocalMachine.CreateSubKey ("SYSTEM\\CurrentControlSet\\Control\\StorageDevicePolicies", RegistryKeyPermissionCheck.ReadWriteSubTree); Key = Registry.LocalMachine.OpenSubKey ("SYSTEM\\CurrentControlSet\\Control\\StorageDevicePolicies", true); 82
key.SetValue ("Write Protect", 1, RegistryValueKind.DWord); txtEvent.AppendText ("USB Storage Device Write Protect Enabled.."); txtEvent.AppendText ("\r\n"); //MessageBox.Show ("USB Storage Device Write Protect Enabled", "Information", MessageBoxButtons.OK, MessageBoxIcon.Information); } Else if (key.GetValue ("Write Protect") != (object)(1)) { key.SetValue ("Write Protect", 1, RegistryValueKind.DWord); MessageBox.Show ("USB Storage Device Read Only Enabled", "Information",
MessageBoxButtons.OK, MessageBoxIcon.Information); } } Private void btnUSBReadWrite_Click (object sender, EventArgs e) { Registry Key key = Registry.LocalMachine.OpenSubKey ("SYSTEM\\CurrentControlSet\\Control\\StorageDevicePolicies", true); if (key != null) { key.SetValue ("Write Protect", 0, RegistryValueKind.DWord); 83
txtEvent.AppendText ("USB Storage Device Now Read and Write.."); txtEvent.AppendText ("\r\n"); MessageBox.Show ("USB Storage Device Now Read and Write", "Information",
MessageBoxButtons.OK, MessageBoxIcon.Information); } Key. Close (); } Private void btnScanDrive_Click (object sender, EventArgs e) { StrScanPath = @"E:\backup"; File Scan (strScanPath); } Private void button1_Click (object sender, EventArgs e) { //Delete Files (listView1.SelectedItem.ToString ()); //listView1.Items.RemoveAt (listView1.SelectedIndex); }
Private void btnUnlock_Autorun_Click (object sender, EventArgs e) { 84
Registry Key key; Key =
Registry.CurrentUser.OpenSubKey(@"Software\Microsoft\Windows\CurrentVersion\Policies\Explorer", true); key.SetValue ("NoDriveTypeAutoRun", 95); //disable txtEvent.AppendText ("Auto run Disabled.."); txtEvent.AppendText ("\r\n"); //MessageBox.Show ("Auto run Disabled");
} Private void btnLock_Autorun_Click (object sender, EventArgs e) { Registry Key key; Key =
Registry.CurrentUser.OpenSubKey(@"Software\Microsoft\Windows\CurrentVersion\Policies\Explorer", true); key.SetValue ("NoDriveTypeAutoRun", 145); //enable txtEvent.AppendText ("Auto run Enabled.."); txtEvent.AppendText("\r\n"); //MessageBox.Show ("Auto run Enabled"); 85
Private void Form1_MouseMove (object sender, MouseEventArgs e) { if (e.Button == MouseButtons.Left) { This. Top += e.Y - y0; This. Left += e.X - x0; }
Private void Form1_MouseDown (object sender, MouseEventArgs e) { x0 = e.X; y0 = e.Y;
86
Private void btnExit_Click(object sender, EventArgs e) { Environment. Exit (1); } } }
87
BIBLIOGRAPHY
88
BIBLIOGRAPHY
Good Teachers are worth more than thousand books, we have them in Our Department
Book Reference:
1. User Interfaces in C#: Windows Forms and Custom Controls by Matthew MacDonald. 2. Applied Microsoft .NET Framework Programming (Pro-Developer) by Jeffrey Richter. 3. Practical .Net2 and C#2: Harness the Platform, the Language, and the Framework by Patrick Smacchia. 4. Data Communications and Networking, by Behrouz A Forouzan. 5. Computer Networking: A Top-Down Approach, by James F. Kurose. 6. Operating System Concepts, by Abraham Silberschatz.
Web Reference:
www.sourcefordgde.com www.networkcomputing.com www.dotnet-tutorial.com www.mailserver.com
89

1121

Caricato da

Informazioni sul documento

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

1121

Caricato da

Copyright:

Formati disponibili

USB MASS STORAGE DEVICE SECURITY MANAGER

USB MASS STORAGE DEVICE SECURITY MANAGER

USB MASS STORAGE DEVICE SECURITY MANAGER

USB MASS STORAGE DEVICE SECURITY MANAGER

USB MASS STORAGE DEVICE SECURITY MANAGER

USB MASS STORAGE DEVICE SECURITY MANAGER

MADURAI-625 014. 2012 2013

(Mr. A.VENKATESAN M.SC., Mphil)

BONAFIDE CERTIFICATE This is to certify that the project entitled USB

MASS STORAGE DEVICE SECURITY MANAGER

Place: Madurai Date:

Signature of the candidate (G.KALYANA SUNDARAM)

2.2 Proposed system:

2.3 Feasibility Study:

3.1 HARDWARE REQUIREMENTS:

3.2 SOFTWARE REQUIREMENTS:

Operating system Front End Coding Language

: - Windows XP Professional. : - Visual Studio.Net 2005 : - Visual C# .Net

.NET Framework Advantages

UNIFORM RESOURCE LOCATOR (URL)

2.0 DENIED COPY INFO USB AUTHENTICATION

ENABLE READ ONLY

REMOVE AUTORAN LEVEL 0

Read write level 1

Enable or Disable Level 2

SECURITY WITH DISABLE USB PASSWORD

2. PROBLEM DESCRIPTION AND DEFINITION:

Remove Auto run

Enable / Disable USB

5.3 INPUT AND OUTPUT DESIGN INPUT DESIGN

TYPES OF TESTING: Unit testing

: identified classes of application outputs must be exercised.

White Box Testing

Black Box Testing

one using the same computer.

SAMPLE SCREEN SHOTS HOME PAGE

USB LOCK DISABLE

READ AND WRITE

USB READ ONLY

Private void btnUnlock_Autorun_Click (object sender, EventArgs e) { 84

Registry Key key; Key =

Private void Form1_MouseDown (object sender, MouseEventArgs e) { x0 = e.X; y0 = e.Y;

Private void btnExit_Click(object sender, EventArgs e) { Environment. Exit (1); } } }

Potrebbero piacerti anche