Académique Documents
Professionnel Documents
Culture Documents
INTRODUCTION
1.1Introduction
A social network is a social structure made up of individuals or organizations called "nodes", which are connected by one or more specific types of interdependency, such as friendship, kinship, common interest, financial exchange, dislike, relationships of beliefs, knowledge or prestige.
The Sybil attack in computer security is an attack wherein a reputation system is subverted by forging identities in social networks. It is named after the subject of the book Sybil, a case study of a woman with multiple personality disorder. A Sybil attack is one in which an attacker subverts the reputation system of a peer-to-peer network by creating a large number of pseudonymous entities, using them to gain a disproportionately large influence A faulty node or an adversary may present multiple identities to a peer-to-peer network in order to appear and function as distinct nodes. By becoming part of the peerto-peer network, the adversary may then overhear communications or act maliciously. For example some corporate networks to have internal systems trust each other, so that users can log in without a username or password provided they are connecting from another machine on the internal network (and so must already be logged in). By spoofing a connection from a trusted machine, an attacker may be able to access the target machine without an authentication.
Java is simple
Java is considered a much simpler and easy to use object-oriented programming language when compared to the popular programming language, C++. Java has replaced the complexity of multiple inheritance in C++ with a simple structure called interface, and also has eliminated the use of pointers. Java uses automatic memory allocation and garbage collection Object-oriented programming provides greater flexibility, modularity and reusability
Java is Distributed
Distributed computing involves several computers on a network working together. Java is designed to make distributed computing easy with the networking capability that is inherently integrated into it. Writing network programs in Java is like sending and receiving data to and from a file. One of the most compelling reasons to move to Java is its platform independence ie. Program once, Run anywhere (portability)
Java is Dynamic
The Java programming language was designed to adapt to an evolving environment. New methods and properties can be added freely in a class without affecting their clients. Also, Java is able to load classes as needed at runtime.
Java is interpreted
An interpreter is needed in order to run Java programs. The programs are compiled into Java Virtual Machine code called bytecode. The bytecode is machine independent and is able to run on any machine that has a java interpreter.
Security
Java is one of the first programming languages to consider security as part of its design. The Java language, compiler, interpreter, and runtime environment were each developed with security in mind. The compiler, interpreter, and Java-compatible browsers all contain several levels of security measures that are designed to reduce the risk of security compromise, loss of data and program integrity, and damage to system users.
Reliability
Security and reliability go hand in hand. Security measures cannot be implemented with any degree of assurance without a reliable framework for program execution. Java provides multiple levels of reliability measures.
Java is Robust
Robust means reliable and no programming language can really assure reliability. Java puts a lot of emphasis on early checking for possible errors, as Java compilers are able to detect many problems that would first show up during execution time in other languages. Java eliminates certain types of programming constructs in other languages that are prone to errors.
Java is Multithreaded
Multithreaded is the capability for a program to perform several tasks simultaneously within a program.
Connectionless protocol
Connectionless protocol describes communication between two network end points in which a message can be sent from one end point to another without prior arrangement
when the packet was sent, and retransmits a packet if the timer expires. The timer is needed in case a packet becomes lost or corrupt
Key Features
The key Features of TCP are Retransmission of loss of packets Discarding duplicate packets Error free data Transfer Flow control Congestion control order of datatransfer Operating system does not need to keep UDP connection information for every peer host, UDP/IP is more appropriate for large-scale distributed systems where each host communicates with many destinations simultaneously.
The creation of a Socket object implicitly establishes a connection between the client and server. There are no methods or constructors that explicitly expose the details of establishing that connection
JDBC
In an effort to set an independent database standard API for Java, Sun Microsystems developed Java Database Connectivity, or JDBC. JDBC offers a generic SQL database access mechanism that provides a consistent interface to a variety of RDBMS. This consistent interface is achieved through the use of plug-in database connectivity modules, or drivers. If a database vendor wishes to have JDBC support, he or she must provide the driver for each platform that the database and Java run on. To gain a wider acceptance of JDBC, Sun based JDBCs framework on ODBC. As you discovered earlier in this chapter, ODBC has widespread support on a variety of platforms. Basing JDBC on ODBC will allow vendors to bring JDBC drivers to market much faster than developing a completely new connectivity solution.
JDBC Goals
Few software packages are designed without goals in mind. JDBC is one that, because of its many goals, drove the development of the API. These goals, in conjunction with early reviewer feedback, have finalized the JDBC class library into a solid framework for building database applications in Java. The goals that were set for JDBC are important. They will give you some insight as to why certain classes and functionalities behave the way they do. The eight design goals for JDBC are as follows:
Database
A database is nothing more than an empty shell, like a vacant warehouse. It offers no real functionality what so ever, other than holding a name. Tables are the next tier of our tree offering a wide scope of functionality. If you follow our warehouse example, a SQL table would be the physical shelving inside our vacant warehouse. Each SQL table
10
is capable of housing 1024 columns(shelves). Depending on the situation, your goods may require reorganization, reserving, or removal. SQL tables can be manipulated in this same way or in any fashion the situation calls for.
SQL Server
Microsoft's SQL Server is steadily on the rise in the commercial world gaining popularity slowly. This platform has a GUI "Windows" type interface and is also rich with functionality. A free trial version can be downloaded at the Microsoft web site, however it is only available to Windows users.
SQL Queries
Queries are the backbone of SQL. Query is a loose term that refers to a widely available set of SQL commands called clauses. Each clause (command) performs some sort of function against the database. For instance, the create clause creates tables and databases and the select clause selects rows that have been inserted into your tables. We will dive deeper in detail as this tutorial continues but for now let's take a look at some query structure.
11
ELELMENTS OF DESIGN The elements to be designed are as follows. Data Flows: Movements of data into, around, out of the system. Data Stores: Temporary or permanent collection of data. Processes: Activities to accept manipulate and deliver data and information. Controls: Standards and guidelines for determination whether activities are occurring in the anticipated or accepted manner, that is, under control. Roles: The responsibilities of all persons involved with the new system.
12
Server
User
Server
Sybil guard
13
Sybil guard
14
5.3USECASE DIAGRAM
Check for the Sybil node for avoid hacking Network User Sybil found then inform to server
Server
Sybil Guard
15
16
User
Sybil Guard Send the Request for Data Download Forward the Request if Non-Sybil Provide the Requested data to the User
Server
Check the Connection and found the Sybil means disconnect from the Network
17
Server
18
Sybil guard
User
19
S.NO 1 2 3 4
Fig 5.6.2 NODE INFORMATION TABLE S.NO 1 2 3 4 FIELD NAME destination path cost delay FIELD TYPE Varchar(20) Varchar(20) Decimal(9) Decimal(9)
20
Nodes Constructions Route Calculation Sybil guard System: Spoofing Packet Filtering
Node Constructions:
In this module we design a network topology to register the nodes. In the network, nodes are interconnected and exchange data or services directly with each other. With this module, we can specify the number of nodes that should be connected in the network. We can also specify the neighbor node for each node in the network. Here the ip address of each nodes are noted and registered with server. The network server will automatically noted the ip address of each node. During execution of this module , each node information such as node name , its ip address , port number and its status will be stored into the database. This information will be used for further process in following modules
Route Calculation:
In this module, for data transfer from source to destination node, we calculate the route between the source nodes to destination node. Andfind out the shortest path .This details is append to the Packet header. It used for packet transmission. Packet forward to Sybil guard
In this module we extract the route details from packet header and compare those two routes. Each node has the different shortest path for communicate the destination. so our route based approach give the valuable solution for IP Spoofing. If routes not varied packet allowed or packet discards. If the data packets come from Sybil node ,then the data will be discarded
22
Integration testing
Integration tests are designed to test integrated software components to determine if they actually run as one program. Testing is event driven and is more concerned with the basic outcome of screens or fields. Integration tests demonstrate that although the components were individually satisfaction, as shown by successfully unit testing, the combination of components is correct and consistent. Integration testing is specifically aimed at exposing the problems that arise from the combination of components.
Functional test
Functional tests provide a systematic demonstrations that functions tested are available as specified by the business and technical requirements, system documentation , and user manuals. Organization and preparation of functional tests is focused on requirements, key functions, or special test cases. In addition, systematic coverage pertaining to identify Business process flows; data fields, predefined processes, and successive processes must be considered for testing. Before functional testing is complete, additional tests are identified and the effective value of current tests is determined. 23
System Test
System testing ensures that the entire integrated software system meets requirements. It tests a configuration to ensure known and predictable results. An example of system testing is the configuration oriented system integration test. System testing is based on process descriptions and flows, emphasizing pre-driven process links and integration points.
Unit Testing:
Unit testing is usually conducted as part of a combined code and unit test phase of the software lifecycle, although it is not uncommon for coding and unit testing to be conducted as two distinct phases.
24
We have to check all the packets being transferred are arrived in the correct order. Each and Every packet must be tested before transmission.
Acceptance Testing
User Acceptance Testing is a critical phase of any project and requires significant participation by the end user. It also ensures that the system meets the functional requirements.
25
CHAPTER 9 REFERENCES
[1].UNIX Network Programming By W. Richard Stevens [2].TCP/IP Study Guide By George P. Bulette [3].COMPUTER NETWORKS By A.S. Tanenbaum [4].JAVA2 PLATFORM UNLEASHED By Jamie Jaworski
26
[5].THE COMPLETE REFERENCE, JAVA2 By Herbert Schildt [6.]www.wikipedia.com [7]. SybilLimit: A Near-Optimal Social Network Defense Against Sybil Attacks Haifeng Yu, Phillip B. Gibbons, Member, IEEE, Michael Kaminsky, and Feng Xiao
27
11.APPENDIX 11.1CODINGS
sybilguard .java
import java.io.*; import java.awt.*; import javax.swing.*; import java.net.*; import javax.swing.table.*; import javax.swing.border.*; import java.util.*;
28
public class sybilguard extends JFrame { static ServerSocket sersoc; static Socket soc; private JPanel contentPane; private dataconnect z; ObjectInputStream dis; ObjectOutputStream dos; InputStream is; OutputStream os; JTable jta,jta1,jta2; RouterTable rt,rt1,rt2; Object header[]={"IPAddress","UserName","Portnumber"}; Object header1[]={"IPAddress","UserName","Portnumber"}; Object header2[]={"Source","Destination","Node Identity"}; Font font = new Font("TimesRoman",Font.PLAIN,20); JPanel jp1=new JPanel(); JPanel jp2=new JPanel(); JPanel jp3=new JPanel(); JPanel jp6=new JPanel(); JPanel jp5=new JPanel(); JScrollPane jsp,jsp1,jsp2; JSplitPane jtp,jgp; JLabel jp;
29
String z1[]; String z2[]; String z3[]; JTextArea infomarea=new JTextArea(); JScrollPane jsc=new JScrollPane(infomarea); JLabel jl=new JLabel("Log Information"); static sybilguard m; int number; public sybilguard()throws Exception { super(); sybilframe();} public void sybilframe()throws Exception{ jp1.setLayout(new FlowLayout()); jta=new JTable(); jta1=new JTable(); jta2=new JTable(); rt=new RouterTable(); rt.setColumnIdentifiers(header); jta.setModel(rt); rt1=new RouterTable(); rt1.setColumnIdentifiers(header1); jta1.setModel(rt1); rt2=new RouterTable();
30
rt2.setColumnIdentifiers(header2); jta2.setModel(rt2); jp2.setLayout(new BorderLayout()); jp5.setLayout(new BorderLayout()); jsp=new JScrollPane(jta); jsp1=new JScrollPane(jta1); jsp2=new JScrollPane(jta2); jp1.add(jsp,BorderLayout.CENTER); jp2.add(jsp1,BorderLayout.CENTER); jp5.add(jsp2,BorderLayout.NORTH); jp5.add(jsc,BorderLayout.CENTER); //jp5.add(jl,BorderLayout.CENTER);
jtp=new JSplitPane(JSplitPane.VERTICAL_SPLIT,jp1,jp2); jgp=new JSplitPane(JSplitPane.HORIZONTAL_SPLIT,jp3,jp5); jp3.add(jtp,BorderLayout.CENTER); jp6.add(jgp,BorderLayout.CENTER); add(jp6); setSize(1000,1000); setVisible(true); setTitle("Sybil Guard System"); Border etched1=BorderFactory.createEtchedBorder();Border border1=BorderFactory.createTitledBorder(etched1,"Packet Header Information",TitledBorder.LEFT,TitledBorder.DEFAULT_JUSTIFICATION,font,Color. red);
31
Border etched2=BorderFactory.createEtchedBorder();Border border2=BorderFactory.createTitledBorder(etched2,"Connection Based Information",TitledBorder.LEFT,TitledBorder.DEFAULT_JUSTIFICATION,font,Color. red);Border etched3=BorderFactory.createEtchedBorder(); Border border3=BorderFactory.createTitledBorder(etched3,"Sybil Limit Information",TitledBorder.LEFT,TitledBorder.DEFAULT_JUSTIFICATION,font,Color. red); setDefaultCloseOperation(EXIT_ON_CLOSE); jp1.setBorder(border1); jp2.setBorder(border2); jp5.setBorder(border3);} public void adddat1(Vector dat) { rt.addRow(dat); } public void adddat2(Vector dat1) { rt1.addRow(dat1); } public void adddat3(Vector dat2) { rt2.addRow(dat2); } class RouterTable extends DefaultTableModel { RouterTable() {
32
} } public void listen()throws Exception{ System.out.println("recived1"); dis=new ObjectInputStream(soc.getInputStream()); System.out.println("recived2"); String nname=(String)dis.readObject(); System.out.println("recived:"+nname); z1=nname.split("&"); dis=new ObjectInputStream(soc.getInputStream()); nname=(String)dis.readObject(); z2=nname.split("&"); dis=new ObjectInputStream(soc.getInputStream()); nname=(String)dis.readObject(); z3=nname.split("&"); String z1path=z1[1]; String z2path=z2[1]; Vector l=new Vector(); Vector ll=new Vector(); Vector lll=new Vector(); l.add(z1[2]); l.add(z1[0]); l.add(z1[1]); ll.add(z2[2]);
33
ll.add(z2[0]); ll.add(z2[1]); lll.add(z3[0]); lll.add(z3[1]); lll.add(z3[2]); adddat1(l); adddat2(ll); adddat3(lll); infomarea.append("---------------------------------------"); infomarea.append("User Name : "+z3[0]+"\n");
: "+z3[3]+"\n");
infomarea.append("--------------------------------------------------"); } public String IPMatching(String z1p,String z2p)throws Exception { String zp1=z1p; String zp2=z2p; String result=""; Vector v1=new Vector(); if(zp1.equals(zp2)) { result="yes";
34
v1.add(z2[1]); v1.add(z1[1]); v1.add("Normal User"); adddat2(v1); } else { result="no"; v1.add(z2[1]); v1.add(z1[1]); v1.add("Attacker"); adddat2(v1);}return result;}
Route.java
import java.sql.*; import java.sql.Connection.*; import java.net.*; class pda { public Connection cs; public Statement st; public ResultSet rs,rs1,rs2;
35
double val; double cel,flo; int i,count = 0,check = 0; double ceil[] = new double[10]; double floor[] = new double[10]; String path[] = new String[10]; public Statement connect() throws Exception { try { Class.forName("sun.jdbc.odbc.JdbcOdbcDriver"); cs = DriverManager.getConnection("jdbc:odbc:server"); st = cs.createStatement(); } catch (Exception e) { e.printStackTrace(); } return st; } public void getval() { try {
36
connect(); rs = st.executeQuery("select path,delay from possiblepath"); while(rs.next()) { val = Double.parseDouble(rs.getString(1)); System.out.println("\t"+val); cel = Math.ceil(val); flo = Math.floor(val); System.out.println("\t"+cel+"\t"+flo); ceil[i] = cel; floor[i] = flo;i++; } try{ rs2 = st.executeQuery("select count(*) from possiblepath"); while(rs2.next()) { count =Integer.parseInt(rs2.getString(1)); System.out.println("\t"+count); } } catch (Exception ex1) { ex1.printStackTrace(); } 37
for (i=0;i<count;i++ ) { try { rs2 = st.executeQuery("select count(*) from possiblepath"); while(rs2.next()) {check =Integer.parseInt(rs2.getString(1));System.out.println("\t"+check) } } catch (Exception ex1) { ex1.printStackTrace(); } System.out.println("insideforloop"+path[i]+"\t"+ceil[i]+"\t"+floor[i]); if (check%2 == 0) { st.executeUpdate("insert into pda values ('"+path[i]+"','"+ceil[i]+"')"); } els { st.executeUpdate("insert into pda values ('"+path[i]+"','"+floor[i]+"')"); } } }
38
39
40
41
42
43
44
45
Change the IP Address and Port Number in the next node and try to send the destination
46
47
48