Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
UNIVERSITY OF CALICUT
INTRODUCTION
CCSIT Thalikkulam
UNIVERSITY OF CALICUT
1. INTRODUCTION
1.1 PROJECT OVERVIEW
CCSIT Thalikkulam
UNIVERSITY OF CALICUT
CCSIT Thalikkulam
UNIVERSITY OF CALICUT
The computer science and Electronics programs at Dc info Tec offers an ISO
certified project certification that prepare you for the fastest growing job
sectors and highly valued academic sales .we drive you to new innovations
and opportunities in your specified technical milestones ,where finally every
aspect of your life .The primary objective of the course is to provide students
with instructions and practical experience in advanced methods and
techniques of the selected project framework .The Experience is gained in the
context of a short long term research project designed to produce specimens
applications which will support further lab analysis and eventual publication
of project result in hard copy and soft copy as well .computing your projects
utilizing hi-tech components ,skilled guides ,reference documents, online
study material and of course for a less fee structured around you campus
itself.
CCSIT Thalikkulam
UNIVERSITY OF CALICUT
SYSTEM ANALYSIS
CCSIT Thalikkulam
UNIVERSITY OF CALICUT
2. SYSTEM ANALYSIS
2.1. EXISTING SYSTEM AND DRAWBACKS
1) Detect and block the phishing Web sites in time: If we can detect the
phishing Web sites in time, we then can block the sites and prevent phishing
attacks. It's relatively easy to (manually) determine whether a site is a
phishing site or not, but it's difficult to find those phishing sites out in time.
Here we list two methods for phishing site detection.
A) The Web master of a legal Web site periodically scans the root DNS for
suspicious
sites
(e.g.www.1cbc.com.cnvs.www.icbc.com.cn).
B) Since the phisher must duplicate the content of the target site, he must
use tools to (automatically) download the Web pages from the target site.
It is therefore possible to detect this kind of download at the Web server and
trace back to the phisher. Both approaches have shortcomings. For DNS
scanning, it increases the overhead of the DNS systems and may cause
problem for normal DNS queries, and furthermore, many phishing attacks
simply do not require a DNS name. For phishing download detection, clever
phishers may easily write tools which can mimic the behavior of human
beings to defeat the detection.
2) Enhance the security of the web sites: The business Websites such as the
Web sites of banks can take new methods to guarantee the security of users'
personal information. One method to enhance the security is to use hardware
devices. For example, the Barclays bank provides a hand-held card reader to
the users. Before shopping in the net, users need to insert their credit card
CCSIT Thalikkulam
UNIVERSITY OF CALICUT
into the card reader, and input their (personal identification number) PIN
code, then the card reader will produce a onetime security password, users
can perform transactions only after the right password is input. Another
method is to use the biometrics characteristic (e.g. voice, fingerprint, iris,
etc.) for user authentication. For example, PayPal had tried to replace the
single password verification by voice recognition to enhance the security of
the Web site.
3) Block the phishing e-mails by various spam filters: Phishers generally
use e-mails as 'bait' to allure potential victims. SMTP (Simple Mail Transfer
Protocol) is the protocol to deliver e-mails in the Internet. It is a very simple
protocol which lacks necessary authentication mechanisms. Information
related to sender, such as the name and email address of the sender, route of
the message, etc., can be counterfeited in SMTP. Thus, the attackers can send
out large amounts of spoofed e-mails which are seemed from legitimate
organizations. The phishers hide their identities when sending the spoofed emails, therefore, if anti-spam systems can determine whether an e-mail is sent
by the announced sender (Am I Whom I Say I Am?), the phishing attacks
will be decreased dramatically.
4) Install online anti-phishing software in users computers: Despite all
the above efforts, it is still possible for the users to visit the spoofed Web
sites. As a last defense, users can install anti-phishing tools in their
computers.
The Anti-phishing tools in use today can be divided into two categories:
Blacklist/white list based
Rule-based
CCSIT Thalikkulam
UNIVERSITY OF CALICUT
Category I: When a user visits a Web site, the anti-phishing tool searches the
address of that site in a blacklist stored in the database. If the visited site is on
the list, the anti-phishing tool then warns the users. Tools in this category
include Scam Blocker from the EarthLink Company, Phish Guard, and Net
craft, etc. Though the developers of these tools all announced that they can
update the blacklist in time, they cannot prevent the attacks from the newly
emerged (unknown) phishing sites.
Category II: this category of tools uses certain rules in their software, and
checks the security of a Web site according to these rules. Examples of this
type of tools include Spoof Guard developed by Stanford, Trust Watch of the
Geo Trust, etc. Spoof Guard checks the domain name, URL (includes the port
number) of Web site, it also checks whether the browser is directed to the
current URL via the links in the contents of e-mails. If it finds that the
domain name of the visited Web site is similar to a well-known domain
name, or if they are not using the standard port, Spoof Guard will warn the
users. In Trust Watch, the security of a Web site is determined by whether it
has been reviewed by an independent trusted third party organization. Both
Spoof Guard and Trust Watch provide a toolbar in the browsers to notify
their users whether the Web site is verified and trusted. It is easy to observe
that all the above defense methods are useful and complementary to each
other,
But
none
CCSIT Thalikkulam
of
them
are
perfect
at
the
current
stage.
UNIVERSITY OF CALICUT
http://www.google.com
https://www.icbc.com.cn/login.html
ftp://61.112.1.90:2345.
'Anchor text' in general is used to display information related to the
URI to help the user to better understand the resources provided by the
hyperlink. In the following hyperlink, the URI links to the phishing archives
and its anchor text "Phishing Archive" informs the user what's the hyperlink
is
about.
<a
href
http://www.antiphishing.org/phishing-
CCSIT Thalikkulam
UNIVERSITY OF CALICUT
PROJECT MODULES:
Phishing can generally occur with Banking websites or
e-shopping websites. This project explains the implementation of the
oppaPhishing algorithm using a mail-box system.
There are three modules involved in this project:
CCSIT Thalikkulam
10
UNIVERSITY OF CALICUT
MODULE I
User list management
Admin module is the admin interface to manage the user details.
That is admin can view the details of registered users and can
delete if any unauthorized user is registered.
Black and white list management
Admin have the ability to made entries to black or white lists. That
is the site frequently report for phishing is added to blacklist and
authorized and good site added to white list. When a site is in white
list then user cannot add them to blacklist.The mails from blacklist
considered as phishing.
Feedback reply and Notification send
Admin can view the feedback and reply for them.If any
notifications send by admin can view in the inbox of user.
MODULE II
Creation of a mail system and database operations
This module deals with the user interface for the home page, sign-in,
sign-up and forgot your password pages. This module enables a new
user to Sing-Up. It also enables an existing user to Sign-In. The user
may use the Forget password link if he did forget his password. The
password is retrieved on the basis of security question and answer
given by the user. Database operation manages the users. Every time a
new user signs in his details are written in to the database.
CCSIT Thalikkulam
11
UNIVERSITY OF CALICUT
CCSIT Thalikkulam
12
UNIVERSITY OF CALICUT
of links increase the chance of the mail become a phishing mail. And most
of the phishing mail had the hyperlink as numerals. These checking ensure
that the mail is phishing or not. But the user frequently check the inbox as
well as the phishbox. If any wanted files in phishbox user can restore it into
inbox.
The next checkingis to check if the to address is valid or not.because the
phisher use the technique of spoof id that is actual address and the address
shown is not same. So find the phisher by checking the address is same as in
the registration.then the mail is send to the phishbox.
user can add url and domain name and categorize them black list
under settings. Admin also can manage blacklist and whitelist.This is the
main backborn of the oppa phishing algorithm. And some common features
of phishing mails also be checked for categorises the mails as Phishing or
Non-phishing.
CCSIT Thalikkulam
13
UNIVERSITY OF CALICUT
Economical Feasibility
Economic Feasibility concerns return from the investments in a project. It
determines whether it is worthwhile to do with in it. I have come to know that
creating this system will make the cost acceptable.
CCSIT Thalikkulam
14
UNIVERSITY OF CALICUT
Technical feasibility
The assessments of technical feasibility centers on the existing system and to
what extent it can support the proposed addition. This was based on an
outline design of system requirements. It involves financial considerations to
accommodate technical enhancement. This can be quantified in terms of
volumes of data, trends, frequency of updating, etc. in order to estimate
whether the new system will perform adequately or not. Technological
feasibility is carried out to determine whether the company has the capability,
in terms of software, hardware, personnel and expertise, to handle the
completion of the project.
Behavioral Feasibility
An estimate should be made of how strong a reaction the user staff is likely to
have towards the development of a computerized system.
It is common knowledge that computer installation have something to do
with Turnover, Transfers and changes in employee Job Status.
CCSIT Thalikkulam
15
UNIVERSITY OF CALICUT
Operational feasibility
Operational feasibility is a measure of how well a proposed system solves the
problems, and takes advantage of the opportunities identified during scope
definition and how it satisfies the requirements identified in the requirements
analysis phase of system development. In the operational feasibility study it
is found that the development of proposed system is operationally feasible.
Security feasibility
The security of the database from being tampered from an unauthorized
personnel different password fields were provided to different users. The
password are validated and given in the front-end keeping its flexibility and
user friendliness in view. it is very important that user should maintain their
own individuality and identity so as one cannot overlap or interfere or even
tamper the restricted fields. This application is made secure using proper
authentication mechanisms
CCSIT Thalikkulam
16
UNIVERSITY OF CALICUT
SYSTEM REQUIREMENTS
CCSIT Thalikkulam
17
UNIVERSITY OF CALICUT
3. SYSTEM REQUIREMENTS
3.1 HARDWARE REQUIREMENTS
Processor
Processor Speed
: 1.0GHZ
RAM
: 1GB
Hard Disk
: 80GB
Key Board
: 104keys
Monitor
Mouse
: Scroll Mouse
OS
Front-End
Back-End
: SQLSERVER
Programming language
: PHP
CCSIT Thalikkulam
18
UNIVERSITY OF CALICUT
SYSTEM DESIGN
CCSIT Thalikkulam
19
UNIVERSITY OF CALICUT
4. SYSTEM DESIGN
Conceptual system design is the process or art of defining the architecture,
components, modules, interfaces, and data for a system to satisfy specified
requirements. One could see it as the application of systems theory to
produce development. There is some overlap with the disciplines of
systems analysis, system architecture and systems engineering.
CCSIT Thalikkulam
20
UNIVERSITY OF CALICUT
viewpoint of data where it originates how they are used or hanged or where
they go, including the stops along the way from their destination. The
components of dataflow strategy span both requirements determination and
systems design. The first part is called dataflow analysis.
As the name suggests, we didnt use the dataflow analysis tools
exclusively for the analysis stage but also in the designing phase with
documentation.
Notations used in Dataflow Diagrams
The logic dataflow diagrams can be drawn using only four simple
notations i.e., special symbols or icons and the annotation that associates them
with a specific system. Since the choice of notation we follow, does not affect
impede or catalyze the system process; we used three symbols from
YOURDON notation and one from Gain and Sarson notation as specified
below.
Element References
Symbols
Data Flow
Process
Data Store
Source or Sink
CCSIT Thalikkulam
21
UNIVERSITY OF CALICUT
Process
Sink
Context Diagram:
The top-level diagram is often called a context diagram. It contains
a single process, but it plays a very important role in studying the current
system. The context diagram defines the system that will be studied in the
sense that it determines the boundaries. Anything that is not inside the process
identified in the context diagram will not be part of the system study.
It
represents the entire software element as a single bubble with input and output
data indicated by incoming and outgoing arrows respectively.
CCSIT Thalikkulam
22
UNIVERSITY OF CALICUT
1. Physical DFD
Structured analysis states that the current system should be first
understand correctly. The physical DFD is the model of the current system and
is used to ensure that the current system has been clearly understood. Physical
DFDs shows actual devices, departments, people etc., involved in the current
system
2. Logical DFD
Logical DFDs are the model of the proposed system. They clearly should
show the requirements on which the new system should be built. Later during
design activity this is taken as the basis for drawing the systems structure
charts
CCSIT Thalikkulam
23
UNIVERSITY OF CALICUT
Level 0
request
request
OPPA
MAIL
SERVICE
ADMIN
response
USER
response
Adminname ,pswd
admin
Id
Request to change pswd
Change
pswd
Request to
manage user
Manage
user
Request to
manage
phishing
Manage
phishing
admin
login
Request to
send
notification
s
Request to
view&reply
feedback
Request to
whitelist
CCSIT Thalikkulam
24
Send notfications
Reply
feedbac
k
Whitelis
t entry
UNIVERSITY OF CALICUT
CCSIT Thalikkulam
25
UNIVERSITY OF CALICUT
Current pswd
Chang
e
pswd
admin
new pswd
User details
Mana
-ge
user
Manag
e
phishin
g
ADMIN
registration
response
Applying oppaphishing
algm
phishing
response
LOGIN
Send
notifIcations
notifications
inbox
Reply
feedback
Reply
feedback
feedback
feedback
Whitelist view
White
list
entry
CCSIT Thalikkulam
26
whitebox
Whitelist entry
UNIVERSITY OF CALICUT
Registration details
registration
Reg details
Mana
ge
pswd
Pswd details
Pswd
details
Deleted mails
trash
USER
4.2.
logi
n
Mail details
Comp
ose
&sen
Send
&
view
View
phish
ing
sentbox
Response
details of draft mail
draft
Response
details of phishingmails
phishbox
url details of phishing
Mana
ge
blackli
Read
receiv
ed
Delet
e
mails
Send
feedback
phishing
Response
Mail details
inbox
Details of deleted
Details of deleted
trash
Response
Feedback details
feedback
Conversation userid
conversation
Chati
Cha-ng
ting
Messages send
saved
CCSIT Thalikkulam
27
Conversatio
n-rply
UNIVERSITY OF CALICUT
User Management
Blacklist Management
Reply feedback
Notification send
Compose,Send &Receive
mails
Phishing mail alerts
USER
Chating with other users
Send Feedback
Profile editing features
CCSIT Thalikkulam
28
UNIVERSITY OF CALICUT
4.3 ER DIAGRAM
e
nt
url
Aid
Userid
man
ages
usernam
e
usernam
e
aname
ema
whitebox
admin
useri
fid
name
Ca
n
se
mnt
Ca
n
vie
Sec_ques
year
apswd
wid
registration
birthda
y
day
pswd
userid
Ca
n
vie
Sec_ans
eid
fusernam
subject
inbox
feedbck
faddress
commen
Del
ete
d
an
aly
zes
faddre
ss
tid
conde
nt
url
date
pid
res
ulti
ng
did
ad
d
to
conten
phishbox
faddres
cid
userid
D
el
taddres
s
hyperli
Date
contacts
phishing
ppi
d
ad
d
to
trash
ddat
dnam
e
chatdat
ee
rdate
content
ad
d
to
si
sentbox
date
userna
draft
useri
taddress
userid
conten
t
taddress
conten
userid
CCSIT Thalikkulam
29
UNIVERSITY OF CALICUT
CCSIT Thalikkulam
30
UNIVERSITY OF CALICUT
2.
Stores the data in the most efficient manner possible to keep the database
from growing too large.
3.
4.
CCSIT Thalikkulam
31
UNIVERSITY OF CALICUT
redundancy to serve many users quickly and efficiently. The general objective
is to make information access easy, quick inexpensive and flexible for user.
The object covered in the database design is :
Controlled redundancy
Data independence
Accuracy and security
Performance
Tables used in this project are :
Admin
Contacts
Conversation
Conversation_reply
Draft
Feedback
Inbox
Phishbox
Phishing
Registration
Sentbox
Trash
Whitebox
CCSIT Thalikkulam
32
UNIVERSITY OF CALICUT
TABLE1: ADMIN
SL NO.
FIELD
TYPE
CONSTRINTS
DESCRIPTION
1
2
3
Aid
Adminname
apswd
Int(10)
Varchar(40)
Varchar(20)
Primary key
Not null
Not null
Admin id
Admin name
Admin pswd
TABLE2: CONTACTS
SL NO.
FIELD
TYPE
CONSTRINTS
DESCRIPTION
1
2
3
4
5
cid
Tusername
Taddress
userid
id
Int(10)
Varchar(30)
Varchar(40)
Int(10)
Int(10)
Primary key
Not null
Not null
Not Null
Foreign key
Contact id
To username
To address
User id
Selecteduserid
TABLE3: CONVERSATION
SL NO.
FIELD
TYPE
CONSTRINTS
DESCRIPTION
1
2
3
cnid
User1
User2
Int(10)
Int(11_
Int(11)
Primary key
Not null
Not null
Chat id
First user
Second user
TABL4: CONVERSATION_REPLY
SL NO.
FIELD
TYPE
CONSTRINTS
DESCRIPTION
1
2
3
4
5
rplyid
cnid
Taddress
userid
id
Int(10)
Int(10)
Varchar(40)
Int(10)
Int(10)
Primary key
Foreign Key
Not null
Not Null
Not Null
Reply id
Chat id
To address
User id
Selecteduserid
SL NO.
FIELD
TYPE
CONSTRINTS
DESCRIPTION
1
2
3
4
5
6
7
8
9
did
userid
tusername
taddress
Date_draft
Subject
Content
Important
d_attachment
Int(10)
Int(10)
Varchar(30)
Varchar(40)
Date
Varchar(20)
Varchar(100)
boolean
blob
Primary key
Foreign Key
Not null
Not null
Not null
Null
Null
Not null
Null
Draft id
User id
to username
to address
Date of draft
Subject
Content
Important
draft attachment
TABLE5: DRAFT
CCSIT Thalikkulam
33
UNIVERSITY OF CALICUT
TABLE6: FEEDBACK
SL NO.
FIELD
TYPE
CONSTRINTS
DESCRIPTION
1
2
3
Fid
userid
date
Int(10)
Int(10)
date
Primary key
Foreign Key
Not Null
4
5
6
Fusername
Faddress
comments
Varchar(30)
Varchar(40)
Varchar(100)
Not null
Not null
Not null
feedback id
User id
Date of
feedbavk
From username
From address
comments
SL NO.
FIELD
TYPE
CONSTRINTS
DESCRIPTION
eid
Int(10)
Primary key
Email id
2
3
4
5
6
7
8
9
userid
Fusername
Faddress
Date_receive
Subject
Content
Important
I_attachment
Int(10)
Varchar(30)
Varchar(40)
Date
Varchar(20)
Varchar(100)
boolean
blob
Foreign Key
Not null
Not null
Not null
Null
Null
Not null
Null
10
11
fg
cnt
Int(1)
Int(1)
Not null
Not null
User id
From username
From address
Date of receive
Subject
Content
Important
Inbox
attachment
flag
count
SL NO.
FIELD
TYPE
CONSTRINTS
DESCRIPTION
1
2
3
4
5
6
7
8
pid
userid
Faddress
Date_receive
Subject
Content
Fusername
F_attachment
Int(10)
Int(10)
Varchar(40)
Date
Varchar(20)
Varchar(100)
Varchar(40)
blob
Primary key
Foreign Key
Not null
Not null
Null
Null
Not null
Null
important
Int(1)
Not null
phish id
User id
From address
Date of receive
Subject
Content
From username
From
attachment
important
TABLE7: INBOX
TABLE8: PHISHBOX
CCSIT Thalikkulam
34
UNIVERSITY OF CALICUT
TABLE9: PHISHING
SL NO.
FIELD
TYPE
CONSTRINTS
DESCRIPTION
1
2
3
4
5
6
7
Ppid
userid
username
url
Hyperlink
Domain_name
Sel_person
Int(10)
Int(10)
Varchar(40)
Varchar(40)
Varchar(40)
boolean
Primary key
Foreign Key
Null
Not null
Null
Null
Not null
phishing id
User id
Username
Phishing url
Hyperlink
Domain name
Selected person
varchar(40
FIELD
TYPE
CONSTRINTS
DESCRIPTION
1
2
3
4
5
6
7
8
9
10
Userid
fname
Username
Password
Birthday
Gender
Mobile_no
Country
Curr_mail
Sec_que
Int(11)
Varchar(30)
Varchar(40)
Varchar(20)
Date
Varchar(3)
Int(13)
Varchar(20)
Varchar(40)
Varchar(50)
Primary key
Not null
Not null
Not null
Not null
Not null
Not null
Not null
Not null
Not null
11
12
13
Sec_ans
image
online
Varchar(10)
Blob
boolean
Not null
Null
Not null
User id
Full name
User name
Password
Birth date
Gender
Mobile number
Country
Current mail
Security
question
Security answer
Image
online
SL NO.
FIELD
TYPE
CONSTRINTS
DESCRIPTION
1
2
3
4
5
Sid
userid
Taddress
Date_sent
S_subject
Int(10)
Int(10)
Varchar(40)
Date
Varchar(20)
Primary key
Foreign Key
Not null
Not null
Null
6
7
8
S_content
S_important
S_attachment
Varchar(100)
Boolean
blob
Null
Not null
Null
Sentmail id
User id
To address
Date of send
Send mail
subject
Send content
Send important
Send
attachment
TABLE11: SENTBOX
CCSIT Thalikkulam
35
UNIVERSITY OF CALICUT
TABLE12: TRASH
SL NO.
FIELD
TYPE
CONSTRINTS
DESCRIPTION
1
2
3
4
5
6
7
Tid
userid
Taddress
Date_receive
Content
Date_del
T_attachment
Int(10)
Int(10)
Varchar(40)
Date
Varchar(100)
Date
blob
Primary key
Foreign Key
Not null
Not null
Null
Not null
Null
fwhere
Int(2)
Not null
Trash id
User id
To address
Date of receive
Content
Date of deletion
Trash
attachment
From Where
SL NO.
FIELD
TYPE
CONSTRINTS
DESCRIPTION
1
2
3
4
wid
userid
wusername
hyperlink
Int(10)
Int(10)
Varchar(40)
Varchar(20)
Primary key
Foreign Key
Not null
Not null
Admin id
User id
Whiteusername
hyperlink
TABLE13: WHITEBOX
CCSIT Thalikkulam
36
UNIVERSITY OF CALICUT
SYSTEM DEVELOPMENT
CCSIT Thalikkulam
37
UNIVERSITY OF CALICUT
5. SYSTEM DEVELOPMENT
5.1. CODING STRUCTURE
The code design should be such that with less amount of coding we can achieve
more results. The speed of the system will be more if the coding is less.
Whether the data in the system is usable and readable by the system is
depending on the coding.
In the project, the coding is being done such that proper validations are
made to get the perfect input. No error inputs are accepted. In addition care is
taken such that the data integrity and referential integrity is not violated in the
database. In addition, coding is designed such that concurrency avoidance of
accessing the database, limited user access to the table is made perfect.
Development Approach
Top-down approaches emphasize planning and a complete understanding
of the system. It is inherent that no coding can begin until a sufficient level of
detail has been reached in the design of at least some part of system.
Programming, actually writing software code is just one part of the process,
which is why people prefer to be called developers rather than merely
programmers. Top-down programming is a programming style, the mainstay of
traditional procedural languages, in which design begins by specifying complex
task and then dividing them into separate modules. Eventually, the components
are specific enough to be coded and the program is written. The waterfall model
is a sequential design process, often used in software development processes, in
which progress is seen as flowing steadily downwards (like a waterfall) through
CCSIT Thalikkulam
38
UNIVERSITY OF CALICUT
the
phases
of
Initiation,
Analysis,
Design,
Code,
Testing,
CCSIT Thalikkulam
39
UNIVERSITY OF CALICUT
CCSIT Thalikkulam
40
UNIVERSITY OF CALICUT
Alcatel-Lucent,
Google,
Nokia,
YouTube,
Wikipedia,
and
Booking.com.
The flagship MySQL offering is MySQL Enterprise, a comprehensive set
of production-tested software, proactive monitoring tools, and premium support
services available in an affordable annual subscription.
MySQL is a key part of LAMP (Linux, Apache, MySQL, PHP / Perl /
Python), the fast-growing open source enterprise software stack. More and more
companies are using LAMP as an alternative to expensive proprietary software
stacks because of its lower cost and freedom from platform lock-in.
Features of MySQL: Ease of useGo from download to complete installation in less than
15 minutes
Low TCODeploy MySQL for mission-critical applications with
significant cost savings over Microsoft SQL Server
Scalability and performanceMeet the scalability and performance
requirements of the most trafficked web sites and the most demanding
applications
Production supportOracle Premier Support helps lower the total
cost and risk of owning your MySQL solutions
CCSIT Thalikkulam
41
UNIVERSITY OF CALICUT
TESTING AND
IMPLEMENTATION
CCSIT Thalikkulam
42
UNIVERSITY OF CALICUT
CCSIT Thalikkulam
43
UNIVERSITY OF CALICUT
testing leads to errors that may appear few months later. This will create two
problems:
Time delay between the cause and appearance of the problem.
The effect of the system errors on files and records within the
system.
The purpose of the system testing is to consider all the likely variations to
which it will be suggested and push the system to its limits. The testing process
focuses on logical intervals of the software ensuring that all the statements have
been tested and on the function intervals (i.e.,) conducting tests to uncover
errors and ensure that defined inputs will produce actual results that agree with
the required results.
Testing has to be done using the two common steps
Unit testing
Integration testing.
In the project system testing is made as follows:
The procedure level testing is made first. By giving improper inputs, the
errors occurred are noted and eliminated.
This is the final step in system life cycle. Here we implement the tested
error-free system into real-life environment and make necessary changes, which
runs in an online fashion. Here system maintenance is done every months or
year based on company policies, and is checked for errors like runtime errors,
long run errors and other maintenances like table verification and reports.
CCSIT Thalikkulam
44
UNIVERSITY OF CALICUT
Introduction
The most important phase in system development life cycle is system
testing. The number and nature of errors in a newly designed system depends
on the system specifications and the time frame given for the design.
A newly designed system should have all the subsystems working
together, but in reality each
phase, all the subsystems are gathered into one pool and tested to determine
whether it meets the user requirements.
Testing is done at two level -Testing of individual modules and testing
the entire system. During the system testing, the system is used experimentally
to ensure that the software will run according to the specifications and in the
way the user expects. Each test case is designed with the intent of finding errors
in the way the system will process
TYPES OF TESTING
System testing is the process in which the system undergoes experimental
testing so as to check that the system does not fail i.e. to check whether the
required system is running according to specification and user expectation.
System testing also tests to find discrepancies between the system and its
original objective, current specification and systems documentation. Hence
most useful and practical approach is with the understanding that testing is the
process of executing a program with the explicit intention of finding errors that
is making the program fail.
CCSIT Thalikkulam
45
UNIVERSITY OF CALICUT
Testing
Is considered to be the least creative phase of the whole cycle of system
design. In the real sense it is the phase, which helps to bring out the creativity of
the other phases make it shine.
Types of testing
Testing forms a core part of any project. There are various types of testing are
there. In this system we are done following testing.
White Box Testing
Black Box Testing
Unit Testing
Integration Testing
User Interface Testing
CCSIT Thalikkulam
46
UNIVERSITY OF CALICUT
BlackBox Testing:
Black box testing focuses on the functional requirements of the software. That
is, black box testing enables the software engineer to derive sets of input
conditions that will fully exercise all functional requirements for a program.
Black Box testing is not an alternative to white box testing. Rather it is a
complementary approach that is likely to uncover a different class of errors than
white box method.
Black Box testing attempts to find errors in the following categories.
Incorrect or missing functions
Interface errors
Error in data structures on external datea base access
Performance errors
Initialization and termination errors.
Unlike white box testing, which is performed early on the testing process
black box testing tends to be applied during later stages of testing because black
box testing which is purposely disregards control structures attention is focused
on the information domain.
Unit Testing:
Unit testing focuses verification error on the smallest unit of software design the
module. Using the procedural design description as a guide, important control
paths are tested to uncover errors with the boundary of module. The relative
complexity of test and uncovered errors is limited by the constrained scope
established for unit testing. The unit test is normally white box oriented and the
step can be conducted in parallel for multiple modules. The module interface is
tested to ensure that information properly flows into and out of the program unit
CCSIT Thalikkulam
47
UNIVERSITY OF CALICUT
under test. The local data structure is examined to ensure that data stored
temporarily maintains its integrity during all steps in an algorithms execution.
Boundary conditions are tested to ensure that the module operates properly at
boundaries established to limit or restrict processing. All independent paths
through the control structure are exercised to ensure that all statements in a
module have been executed at least once. And finally, all handling paths are
tested.
CCSIT Thalikkulam
48
UNIVERSITY OF CALICUT
CCSIT Thalikkulam
49
UNIVERSITY OF CALICUT
6.2. IMPLEMENTATION
CCSIT Thalikkulam
50
UNIVERSITY OF CALICUT
preparing a plan for the implementation of the system. According to this plan,
the activities are to be carried out, discussions made regarding the equipment
and resources and the additional equipment has to be acquired to implement the
new system.Implementation is the final and important phase. The system can
be implemented only after through testing is done and if it found to be working
according to the specification. This method also offers the greatest security
since the old system can take over if the errors are found or inability to handle
certain type of transactions while using the new system.
CCSIT Thalikkulam
51
UNIVERSITY OF CALICUT
Adequate training was given to the staff at the main office, regarding the use of
the system, and a one-day technical meet was held at the main office for all
technical heads of al franchisees. The methods to be followed were taught to
them for the client side. The students who are the end users of the software need
not be trained because the software is very user friendly and anyone can easily
handle it, by reading the instructions given, and follow it correctly.
User Training
After the system is implemented successfully, training of the user is one of the
most important sub tasks of the developer. For this purpose user manuals are
prepared and handled over to the user to operate the developed system. Thus
the users are trained to operate the developed system. Both the hardware and
software securities are made to run the developed systems successfully in
future. In order to put new application system into use, the following activities
were taken care of
User manuals
describing the procedures for using the functions are circulated to all the users.
It is confirmed that the system is implemented up to users need and expectations
CCSIT Thalikkulam
52
UNIVERSITY OF CALICUT
Direct Conversion
Under direct conversion method the old system is discontinued altogether and
the new system becomes operational immediately. A greater risk is associated
with direct conversion is no backup in the case of system fails.
CCSIT Thalikkulam
53
UNIVERSITY OF CALICUT
MAINTENANCE
CCSIT Thalikkulam
54
UNIVERSITY OF CALICUT
7. SYSTEM MAINTANENCE
The objectives of this maintenance work are to make sure that the system gets
into work all time without any bug. Provision must be for environmental
changes which may affect the computer or software system. This is called the
maintenance of the system. Nowadays there is the rapid change in the software
world. Due to this rapid change, the system should be capable of adapting these
changes. In our project the process can be added without affecting other parts of
the system.
Maintenance plays a vital role. The system liable to accept any
modification after its implementation. This system has been designed to favor
all new changes. Doing this will not affect the systems performance or its
accuracy.
The objectives of this maintenance work are to make sure that the system gets
into work all time without any bug. Provision must be for environmental
changes which may affect the computer or software system. This is called the
maintenance of the system. Nowadays there is the rapid change in the software
world. Due to this rapid change, the system should be capable of adapting these
changes.
In our project the process can be added without affecting other parts of
the system. Maintenance plays a vital role. The system is liable to accept any
modification after its implementation. This system has been designed to favor
all new changes. Doing this will not affect the systems performance or its
accuracy.
CCSIT Thalikkulam
55
UNIVERSITY OF CALICUT
56
UNIVERSITY OF CALICUT
CCSIT Thalikkulam
57
UNIVERSITY OF CALICUT
8. FUTURE ENHANCEMENT
Our future work includes further extending the oppa Phishing algorithm,
so that it can handle Cross Site Scripting (CSS) attacks. Cross-site scripting
(CSS) is a type of computer security vulnerability typically found in web
applications which allow code injection by malicious web users into the web
pages viewed by other users. Examples of such code include HTML code and
client-side scripts. An exploited cross-site scripting vulnerability can be used by
attackers to bypass access controls such as the same origin policy.
Vulnerabilities of this kind have been exploited to craft powerful phishing
attacks and browser exploits. Cross-site scripting was originally referred to as
CSS, although this usage has been largely discontinued due to the confusion
with cascading style sheets.
CCSIT Thalikkulam
58
UNIVERSITY OF CALICUT
CONCLUSION
CCSIT Thalikkulam
59
UNIVERSITY OF CALICUT
9. CONCLUSION
CCSIT Thalikkulam
60
UNIVERSITY OF CALICUT
SCREEN LAYOUT
CCSIT Thalikkulam
61
UNIVERSITY OF CALICUT
Login page
CCSIT Thalikkulam
62
UNIVERSITY OF CALICUT
About
Inbox
CCSIT Thalikkulam
63
UNIVERSITY OF CALICUT
Compose Mail
Blacklist view
CCSIT Thalikkulam
64
UNIVERSITY OF CALICUT
Feedback
ADMIN PAGES
Admin login
CCSIT Thalikkulam
65
UNIVERSITY OF CALICUT
Userlist View
Change Details
CCSIT Thalikkulam
66
UNIVERSITY OF CALICUT
Notification send
CCSIT Thalikkulam
67
UNIVERSITY OF CALICUT
CCSIT Thalikkulam
68
UNIVERSITY OF CALICUT
BIBLIOGRAPHY
CCSIT Thalikkulam
69
UNIVERSITY OF CALICUT
11. BIBLIOGRAPHY
Website
www.google.com
www.wikipedia.com
www.sourcecode.com
books.rediff.coms
CCSIT Thalikkulam
70