ABSTRACT

In this Novel, to protect outsourced data in cloud storage against corruptions, adding fault
tolerance to cloud storage together with data integrity checking and failure reparation becomes
critical. Recently, regenerating codes have gained popularity due to their lower repair bandwidth
while providing fault tolerance. Existing remote checking methods for regenerating-coded data
only provide private auditing, requiring data owners to always stay online and handle auditing, as
well as repairing, which is sometimes impractical. A public auditing scheme for the
regenerating-code-based cloud storage. To solve the regeneration problem of failed
authenticators in the absence of data owners, we introduce a proxy, which is privileged to
regenerate the authenticators, into the traditional public auditing system model. Moreover, we
design a novel public verifiable authenticator, which is generated by a couple of keys and can be
regenerated using partial keys. Thus, our scheme can completely release data owners from online
burden. In addition, we randomize the encode coefficients with a pseudorandom function to
preserve data privacy. The proposed approach work in a generic, single-step,packet-filter
manner. These approaches associate each IP address with some parameter (e.g., a route to the
filter, a secret mark, etc.) via a parameter table. When a packet arrives, the chosen parameter’s
value is inferred from it, and compared to the value in the parameter table. Mismatching packets
are considered spoofed. Cloud is a new way to store large amount of data. In cloud computing,
data owners host their data on cloud servers and users can access the data from cloud servers. By
data outsourcing, users can be relieved from the burden of local data storage and maintenance.
But because of the large amount of data on the cloud it increases privacy challenges against data
loss and hacking. For earlier it uses regenerating code while providing fault tolerance against
data loss. But because of the fault tolerance the data owner need to always stay online to verify
the user data. But challenges are providing integrity of the data. Public audit ability for cloud
storage allows users to ask third party auditor (TPA) to check the integrity of the data. Here it
analyzes various issues and challenges regarding the data privacy when the data is stored on the
cloud. In the various papers it gives various techniques regarding privacy preserving public
auditing using the key signature process of secured cloud storage.
INTRODUCTION

MOTIVATION

A public auditing scheme for the regenerating-code-based cloud storage. To solve the
regeneration problem of failed authenticators in the absence of data owners, we introduce a
proxy, which is privileged to regenerate the authenticators, into the traditional public auditing
system model. Moreover, we design a novel public verifiable authenticator, which is generated
by a couple of keys and can be regenerated using partial keys. So we focus cloud computing,
data owners host their data on cloud servers and users can access the data from cloud servers. By
data outsourcing, users can be relieved from the burden of local data storage and maintenance.
But because of the large amount of data on the cloud it increases privacy challenges against data
loss and hacking. For earlier it uses regenerating code while providing fault tolerance against
data loss. Public audit ability for cloud storage allows users to ask third party auditor (TPA) to
check the integrity of the data. Here it analyzes various issues and challenges regarding the data
privacy when the data is stored on the cloud.

PROBLEM DEFINITION

The auditing schemes in existing imply the problem that users need to always stay online, which
may impede its adoption in practice, especially for long-term archival storage. From packet
losses, the authors infer the existence of ingress filtering in the volunteer’s networks, which
drops outgoing traffic carrying addresses not assigned to the deploying network. Spoofer
measurements show that around 80 percent of networks participating in the project deploy
ingress filtering. Because the total number of participating hosts is in the low thousands, these
results cannot be readily extrapolated to the entire Internet.

PROBLEM DESCRIPTION

onsidering the large size of the outsourced data and the user’s constrained resource capability,
the tasks of auditing and reparation in the cloud can be formidable and expensive for the users.
The overhead of using cloud storage should be minimized as much as possible such that a user
does not need to perform too many operations to their outsourced data (in additional to retrieving
it). In particular, users may not want to go through the complexity in verifying and reparation.
The auditing schemes imply the problem that users need to always stay online, which may
impede its adoption in practice, especially for long-term archival storage. a public auditing
scheme for the regenerating-code-based cloud storage, in which the integrity checking and
regeneration (of failed data blocks and authenticators) are implemented by a third-party auditor
and a semi-trusted proxy separately on behalf of the data owner. Instead of directly adapting the
existing public auditing scheme to the multi-server setting, we design a novel authenticator,
which is more appropriate for regenerating codes. Besides, we “encrypt”the coefficients to
protect data privacy against the auditor, which is more lightweight than applying the proof blind
technique and data blind method. Several challenges and threats spontaneously arise in our new
system model with a proxy , and security analysis shows that our scheme works well with these
problems. Specifically, our contribution can be summarized by the following aspects:

• We design a novel homomorphic authenticator based on BLS signature [17], which can be
generated by a couple of secret keys and verified publicly. Utilizing the linear subspace of the
regenerating codes, the authenticators can be computed efficiently. Besides, it can be adapted for
data owners equipped with low end computation devices (e.g. Tablet PC etc.) in which they only
need to sign the native blocks.

• To the best of our knowledge, our scheme is the first to allow privacy-preserving public
auditing for regeneratingcode-based cloud storage. The coefficients are masked by a PRF
(Pseudorandom Function) during the Setup phase to avoid leakage of the original data. This
method is lightweight and does not introduce any computational overhead to the cloud servers or
TPA.

• Our scheme completely releases data owners from online burden for the regeneration of blocks
and authenticators at faulty servers and it provides the privilege to a proxy for the reparation.

• Optimization measures are taken to improve the flexibility and efficiency of our auditing
scheme; thus, the storage overhead of servers, the computational overhead of the data owner and
communication overhead during the audit phase can be effectively reduced.
• Our scheme is provable secure under random oracle model against adversaries illustrated.
Moreover, we make a comparison with the state of the art and experimentally evaluate the
performance of our scheme.

INTRODUCTION TO INFORMATION SECURITY

Cloud computing is very important in case of information storage on the cloud. It allows data
owners to move data from their local computing system on the cloud. Cloud storage gain more
popularity due to their elasticity and low maintenance cost. Security problem arise when the data
outsource through the third party cloud storage. As more and more data owner start to store data
on the cloud this is because they introduce new security challenges. This is because data loss
could happen. IP spoofing has been used in distributed denial-of-service (DDoS) attacks and
intrusions. It is also necessary for reflector DDoS attacks, where servers reply to spoofed
requests and these replies overwhelm the victim whose address was misused. In the Spoofer
project distributed volunteers download software that spoofs packets to a monitoring machine.
From packet losses, the authors infer the existence of ingress filtering in the volunteer’s
networks, which drops outgoing traffic carrying addresses not assigned to the deploying network.
Spoofer measurements show that around 80 percent of networks participating in the project
deploy ingress filtering. Because the total number of participating hosts is in the low thousands,
these results cannot be readily extrapolated to the entire Internet. Further, even if only 20 percent
of all networks allowed spoofing, they could still generate unlimited spoofed and reflected traffic
toward any target.

Many approaches have been proposed to handle spoofing during specific attacks, or to trace back
sources of spoofed traffic. In this study, we focus only on approaches that work in a generic,
single-step, packet-filter manner, as we explain next. These approaches associate each IP address
with some parameter (e.g., a route to the filter, a secret mark, etc.) via a parameter table. When a
packet arrives, the chosen parameter’s value is inferred from it, and compared to the value in the
parameter table. Mismatching packets are considered spoofed.
Cloud storage

Cloud is a model of data storage where the digital data is stored. Cloud storage providers are
responsible for keeping the data available and accessible. There are three main cloud storage
models:

 Public cloud: Storage services, such as Amazon’s Simple Service, provide a multi-tenant
storage environment that’s most suitable for unstructured data.
 Private Cloud: Storage services provide a dedicated environment protected behind an
organization’s firewall. Private clouds are appropriate for users who need customization
and more control over their data.
 Hybrid cloud: Storage is a combination of the other two models that includes at least one
private cloud and one public cloud infrastructure. An organization might, for example,
store actively used and structured data in a private cloud and unstructured and archival
data in a public cloud.

Cloud computing has three service models. They are Software as a Service (SaaS), Platform as a
Service (PaaS) and Infrastructure as a Service (IaaS). Cloud computing has been envisioned as
the next generation information technology (IT) architecture for enterprises, due to its long list of
unprecedented advantages. Cloud computing is delivery of computing services over the internet.
Cloud services allow individuals and business to use software and hardware that are managed by
third parties at remote locations. Cloud computing provides a shared pool of resources, including
data storage space, network, computer processing power, and specialized corporate and user
applications.

LITERATURE SURVEY

Above the clouds: A Berkeley view of cloud computing

M. Armbrust was said the Cloud Computing, the long-held dream of computing as a utility, has
the potential to transform a large part of the IT industry, making software even more attractive as
a service and shaping the way IT hardware is designed and purchased. Developers with
innovative ideas for new Internet services no longer require the large capital outlays in hardware
to deploy their service or the human expense to operate it. They need not be concerned about
overprovisioning for a service whose popularity does not meet their predictions, thus wasting
costly resources, or under provisioning for one that becomes wildly popular, thus missing
potential customers and revenue. Moreover, companies with large batch-oriented tasks can get
results as quickly as their programs can scale, since using 1000 servers for one hour costs no
more than using one server for 1000 hours. This elasticity of resources, without paying a
premium for large scale, is unprecedented in the history of IT.

Cloud Computing refers to both the applications delivered as services over the Internet and the
hardware and systems software in the datacenters that provide those services. The services
themselves have long been referred to as Software as a Service (SaaS). The datacenter hardware
and software is what we will call a Cloud. When a Cloud is made available in a pay-as-you-go
manner to the general public, we call it a Public Cloud; the service being sold is Utility
Computing. We use the term Private Cloud to refer to internal datacenters of a business or other
organization, not made available to the general public. Thus, Cloud Computing is the sum of
SaaS and Utility Computing, but does not include Private Clouds. People can be users or
providers of SaaS, or users or providers of Utility Computing. We focus on SaaS Providers
(Cloud Users) and Cloud Providers, which have received less attention than SaaS Users.

PORs: Proofs of retrievability for large files

Juels and B. S. Kaliski, Jr. was says that, In this paper, we define and explore proofs of
retrievability (PORs). A POR scheme enables an archive or back-up service (prover) to produce
a concise proof that a user (verifier) can retrieve a target file F, that is, that the archive retains and
reliably transmits file data sufficient for the user to recover F in its entirety. A POR may be
viewed as a kind of cryptographic proof of knowledge (POK), but one specially designed to
handle a large file (or bitstring) F. We explore POR protocols here in which the communication
costs, number of memory accesses for the prover, and storage requirements of the user (verifier)
are small parameters essentially independent of the length of F. In addition to proposing new,
practical POR constructions, we explore implementation considerations and optimizations that
bear on previously explored, related schemes. In a POR, unlike a POK, neither the prover nor the
verifier need actually have knowledge of F. PORs give rise to a new and unusual security
definition whose formulation is another contribution of our work. We view PORs as an important
tool for semi-trusted online archives. Existing cryptographic techniques help users ensure the
privacy and integrity of files they retrieve. It is also natural, however, for users to want to verify
that archives do not delete or modify files prior to retrieval. The goal of a POR is to accomplish
these checks without users having to download the files themselves. A POR can also provide
quality-of-service guarantees, i.e., show that a file is retrievable within a certain time bound.

MR-PDP: Multiple-replica provable data possession

R. Curtmola, O. Khan, R. Burns, and G. Ateniese was said Many storage systems rely on
replication to increase the availability and durability of data on untrusted storage systems. At
present, such storage systems provide no strong evidence that multiple copies of the data are
actually stored. Storage servers can collude to make it look like they are storing many copies of
the data, whereas in reality they only store a single copy. We address this shortcoming through
multiple-replica provable data possession (MR-PDP): A provably-secure scheme that allows a
client that stores t replicas of a file in a storage system to verify through a challenge-response
protocol that (1) each unique replica can be produced at the time of the challenge and that (2) the
storage system uses t times the storage required to store a single replica. MR-PDP extends
previous work on data possession proofs for a single copy of a file in a client/server storage
system (Ateniese et al., 2007). Using MR-PDP to store t replicas is computationally much more
efficient than using a single-replica PDP scheme to store t separate, unrelated files (e.g., by
encrypting each file separately prior to storing it). Another advantage of MR-PDP is that it can
generate further replicas on demand, at little expense, when some of the existing replicas fail.

HAIL: A high-availability and integrity layer for cloud storage

K. D. Bowers, A. Juels, and A. Oprea was said We introduce HAIL (High-Availability and
Integrity Layer), a distributed cryptographic system that permits a set of servers to prove to a
client that a stored file is intact and retrievable. HAIL strengthens, formally unifies, and
streamlines distinct approaches from the cryptographic
and distributed-systems communities. Proofs in HAIL are efficiently computable by servers and
highly compact typically tens or hundreds of bytes, irrespective of file size. HAIL
cryptographically verifies and reactively reallocates file shares. It is robust against an active,
mobile adversary, i.e., one that may progressively corrupt the full set of servers. We propose a
strong, formal adversarial model for HAIL, and rigorous analysis and parameter choices. We
show how HAIL improves on the security and efficiency of existing tools, like Proofs of
Retrievability (PORs) deployed on individual servers. We also report on a prototype
implementation. In this paper, we explore a unification of the two approaches to remote file
integrity assurance in a system that we call HAIL (High-Availability and Integrity Layer). HAIL
manages file integrity and availability across a collection of servers or independent storage
services. It makes use of PORs as building blocks by which storage resources can be tested and
reallocated when failures are detected.

Remote data checking for network coding-based distributed storage systems

B. Chen, R. Curtmola, G. Ateniese, and R. Burns was says the Remote Data Checking (RDC) is
a technique by which clients can establish that data outsourced at untrusted servers remains intact
over time. RDC is useful as a prevention tool, allowing clients to periodically check if data has
been damaged, and as a repair tool whenever damage has been detected. Initially proposed in the
context of a single server, RDC was later extended to verify data integrity in distributed storage
systems that rely on replication and on erasure coding to store data redundantly at multiple
servers. Recently, a technique was proposed to add redundancy based on network coding, which
offers interesting tradeoffs because of its remarkably low communication overhead to repair
corrupt servers. Unlike previous work on RDC which focused on minimizing the costs of the
prevention phase, we take a holistic look and initiate the investigation of RDC schemes for
distributed systems that rely on network coding to minimize the combined costs of both the
prevention and repair phases. We propose RDC-NC, a novel secure and efficient RDC scheme
for network coding-based distributed storage systems. RDC-NC mitigates new attacks that stem
from the underlying principle of network coding. The scheme is able to preserve in an
adversarial setting the minimal communication overhead of the repair component achieved by
network coding in a benign setting. We implement our scheme and experimentally show that it is
computationally inexpensive for both clients and servers.
 SYSTEM ANALYSIS

EXSISTING SYSTEM

In this paper, to protect outsourced data in cloud storage against corruptions, adding fault
tolerance to cloud storage together with data integrity checking and failure reparation becomes
critical. Recently, regenerating codes have gained popularity due to their lower repair bandwidth
while providing fault tolerance. Existing remote checking methods for regenerating-coded data
only provide private auditing, requiring data owners to always stay online and handle auditing, as
well as repairing, which is sometimes impractical. A public auditing scheme for the
regenerating-code-based cloud storage. To solve the regeneration problem of failed
authenticators in the absence of data owners, we introduce a proxy, which is privileged to
regenerate the authenticators, into the traditional public auditing system model. Moreover, we
design a novel public verifiable authenticator, which is generated by a couple of keys and can be
regenerated using partial keys. Thus, our scheme can completely release data owners from online
burden. In addition, we randomize the encode coefficients with a pseudorandom function to
preserve data privacy.

DISADVANTAGES

 The auditing schemes in existing imply the problem that users need to always stay online,
which may impede its adoption in practice, especially for long-term archival storage.

 From packet losses, the authors infer the existence of ingress filtering in the volunteer’s
networks, which drops outgoing traffic carrying addresses not assigned to the deploying
network.
 Spoofer measurements show that around 80 percent of networks participating in the
project deploy ingress filtering. Because the total number of participating hosts is in the
low thousands, these results cannot be readily extrapolated to the entire Internet.
PROPOSED SYSTEM

The proposed approach work in a generic, single-step,packet-filter manner. These

approaches associate each IP address with some parameter (e.g., a route to the filter, a secret
mark, etc.) via a parameter table. When a packet arrives, the chosen parameter’s value is inferred
from it, and compared to the value in the parameter table. Mismatching packets are considered
spoofed. Cloud is a new way to store large amount of data. In cloud computing, data owners host
their data on cloud servers and users can access the data from cloud servers. By data outsourcing,
users can be relieved from the burden of local data storage and maintenance. But because of the
large amount of data on the cloud it increases privacy challenges against data loss and hacking.
For earlier it uses regenerating code while providing fault tolerance against data loss. Public
audit ability for cloud storage allows users to ask third party auditor (TPA) to check the integrity
of the data. Here it analyzes various issues and challenges regarding the data privacy when the
data is stored on the cloud. In the various papers it gives various techniques regarding privacy
preserving public auditing using the key signature process of secured cloud storage. Extensive
security analysis shows that our scheme is provable secure under random oracle model and
experimental evaluation indicates that our scheme is highly efficient and can be feasibly
integrated into the regenerating-code-based cloud storage.

Advantages

 The approaches are generic because their only goal is to filter spoofed packets, regardless
of the security threat that generated them.
 They are single-step because there is no interactive communication with an alleged
packet source when a suspicious packet is received.
 This method is lightweight and does not introduce any computational overhead to the
cloud servers or TPA.
 Optimization measures are taken to improve the flexibility and efficiency of our auditing
scheme
FEASIBILITY STUDY

INTRODUCTION
A feasibility analysis involves a detailed assessment of the need, value and
practicality of a p systems development... Feasibility analysis n forms the transparent decisions
at crucial points during the developmental process as we determine whether it is operationally,
economically and technically realistic to proceed with a particular course of action.

Feasibility analysis can be used in each of the steps to assess the financial,
technical and operational capacity to proceed with particular activities.

TYPES OF FEASIBILITY

A feasibility analysis usually involves a thorough assessment of the financial

(value), technical (practicality), and operational (need) aspects of a proposal. In systems
development projects, business managers are primarily responsible for assessing the
operational feasibility of the system, and information technology (IT) analysts are responsible for
assessing technical feasibility. Both then work together to prepare a cost–benefit analysis of the
proposed system to determine its economic feasibility.

Operational feasibility

A systems development project is likely to be operationally feasible if it meets

the 'needs' and expectations of the organisation. User acceptance is an important determinant
of operational feasibility. It requires careful consideration of:

corporate culture;

staff resistance or receptivity to change;

management support for the new system;

the nature and level of user involvement in the development and implementation of the system;
direct and indirect impacts of the new system on work practices;

anticipated performance and outcomes of the new system compared with the existing system;
training requirements and other change management strategies; and

‘pay back’ periods (ie trade-off between long-term organisational benefits and short-term
inefficiencies during system development and implementation).

Technical feasibility

A systems development project may be regarded as technically feasible or practical if

the organization has the necessary expertise and infrastructure to develop, install, operate and
maintain the proposed system. Organizations will need to make this assessment based on:

Knowledge of current and emerging technological solutions

Availability of technically qualified staff in-house for the duration of the project and subsequent
maintenance phase;

Availability of infrastructure in-house to support the development and maintenance of the

proposed system;

Where necessary, the financial and/or technical capacity to procure appropriate infrastructure
and expertise from outside;

Capacity of the proposed system to accommodate increasing levels of use over the medium
term;

The capacity of the proposed system to meet initial performance expectations and
accommodate new functionality over the medium term.

SYSTEM REQUIREMENTS
HARDWARE REQUIREMENTS:

 System : Pentium IV 2.4 GHz.

 Hard Disk : 40 GB.
 Floppy Drive : 1.44 Mb.
 Monitor : 15 VGA Colour.
 Mouse : Logitech.
 Ram : 512 Mb.

SOFTWARE REQUIREMENTS:

 Operating system : Windows XP/7.

 Coding Language : JAVA/J2EE
 IDE : Netbeans 7.4

SOFTWARE DESCRIPTION

TECHNOLOGY INFRASTRUCTURE:

CORE JAVA:
Java can be used to create two types of programs: application and applet. An
application is a program that runs on your computer, under the operating system of that
computer. That is, an application created by java is more or less like one created using C or C+
+. When used to create application, java is not much different from any other computer
language. Rather, it is java’s ability to create applets that makes it important. An applet is an
application designed to be transmitted over the internet and executed by a java-compatible Web
Browser. An applet is actually a tiny java program, dynamically downloaded across the network,
just like an image, sound file, or video clip. The important difference is that an applet is an
intelligent program, not just an animation or media file. In other words, an applet is a program
that can react to user input and dynamically change-not just run the same animation or sound
over and over.

Java having a major roll in internet and the intranet application. The reason for this
is quite simple: Java expends the universe pf objects that can move about freely in cyberspace.
In a network, two very broad categories ob objects are transmitted between the server and your
personal computer: passive information and dynamic, active programs.

SECURITY

As you are likely aware, every time that you download a “normal” program, you
are risking viral infection. Prior to java, most users did not download executable programs
frequently, and those who did scan them for viruses prior to execution. Even so, most users still
worried about the possibility of infecting their system with a virus. When you use a java-
compatible web browser, you can safely download java applets without fear of viral infection or
malicious intent. Java achieves this protection by confining a java program to the java execution
environment and not allowing it access to other parts of computer.

PORTABILITY:

Many types of computers and operating systems are in use throughout the world-
and many are connected to the internet. For program to be dynamically downloaded to all the
various type of platforms connected to the Internet, some means of generating portable
executable code is needed.

BYTECODE:

The key that allows java to solve both the security and the portability problems
just described is that output of a java compiler is not executable code. Rather, it is BYTECODE.
Byte code is a highly optimized set of instruction designed to be executed by the java run-time
system, which is called the Java Virtual Machine (JVM). That is, in its standard form, the JVM is
an interpreted code.

SIMPLE:
 Java was designed to be easy for the professional programmer to learn and use
effectively. Assuming that you have some programming experience, you will not find java hard
to master. If we know the basic concept of object-oriented programming, learning java will be
even easier.

OBJECT-ORIENTED:

Object-Oriented programming is the core of java. In fact, all java programs are
object-oriented-this isn’t an option the way that it is in C++, for example. OOP is so integral to
java that you must understand its basic principles before you can write even simple java
programs.

ABSTRACTION:

The essential element of object-oriented programming is abstraction. Humans

manage complexity through abstraction. For example, people do not think of a car as a set of
ten of individual parts. They think of it as a well-defined object with its own unique behavior. So
this ignore the details of how the engine, transmission, and braking systems work.

THE THREE-OOP PRINCIPLE:

A)ENCAPSULATION:

Encapsulation is the mechanism that binds together code and the data it
manipulates, and keeps both safe from outside interference and misuse. One way to think about
encapsulation is as a protective wrapper that prevents the code and data from begin arbitrarily
accessed by other code defined outside of the wrapper. Access to he code and data inside the
wrappers is tightly controlled through a well-defined interface. To relate this to the real world,
consider the automatic transmission on an automobile. It encapsulates hundreds of bits of
information about our engine, such as how much you are accelerating, the pitch of the surface
you are on, and the position of the shift lever.
B) INHERITANCE:

Inheritance is the process by which one object acquires the properties of

another object. This is important because it supports the concept of hierarchical
classification. As mentioned earlier, most knowledge is made manageable by hierarchical
classification. Inheritance interacts with encapsulation as well. If a given class encapsulates
some attributes, then subclass will have the same attributes plus any that it adds as part of
its specialization. Java supports two type of inheritance. They are,

1) SINGLE INHERITANCE:
The derived class is inherited from one super class.

BLOCK DIAGRAM:

BASE

DERIVED

2) MULTILEVEL INHERITANCE:

This contains the hierarchical of classes.

BLOCK DIAGRAM:

B
 C

POLYMORPHISM:

Polymorphism (from the Greek, meaning “many forms”) is a feature that allows one
interface to be used for a general class of actions. More generally, the concept of polymorphism
is often expressed by the phrase “one interface, multiple methods”. This means that is possible
to design a generic interface to a group or related activities. This helps reduce complexity by
allowing the same interface to be used to specify a general class of action. It is the compiler’s
job to select the specific action as it applies to each situation.

The Java Procedure

The essential steps to creating and running Java programs go as follows:

 Create a Java source code file

 Compile the source code
 Run the compiled code in a Java Virtual Machine.

The following figure illustrates these steps:

 Steps for creating and running a Java program.

You create the code with a text editor and save it to a file with the ".java" suffix. All Java source
code files must end with this type name. The first part of the name must match the class name
in the source code. In the figure the class name is Test so you must therefore save it to the file
name Test.java. We will discuss what class actually means in later chapters.

With the javac program, you compile this file as follows:

C:> javac Test.java

This creates a bytecode file (or files if the code file included more than one class) that ends with
the ".class" type appended. Here the output is Test.class.

The bytecode consists of the instructions for the Java Virtual Machine (JVM or just VM).

The JVM is an interpreter program that emulates a processor that executes the bytecode
instructions just as if it were a hardware processor executing native machine code instructions.
Note: There are now Java processors that directly execute the byte codes directly in hardware.

The platform independence of Java thus depends on the prior creation of JVMs for different
platforms.

The Java bytecode can then run on any platform in which the JVM is available and the program
should perform the same. This Write Once, Run Anywhere approach is a key goal of the Java
language.

Note: For applets the JVM runs inside the browser.

Swing
Swing was developed to provide a more sophisticated set of GUI components than the earlier
Abstract Window Toolkit. Swing provides a native look and feel that emulates the look and
feel of several platforms, and also supports a pluggable look and feel that allows applications
to have a look and feel unrelated to the underlying platform.

Swing introduced a mechanism that allowed the look and feel of every component in an
application to be altered without making substantial changes to the application code. The
introduction of support for a pluggable look and feel allows Swing components to emulate the
appearance of native components while still retaining the benefits of platform independence.
This feature also makes it easy to make an application written in Swing look very different from
native programs if desired.

Originally distributed as a separately downloadable library, Swing has been included as part of
the Java Standard Edition since release 1.2. The Swing classes and components are
contained in the javax.swing package hierarchy.

Architecture
Swing is a platform-independent, Model-View-Controller GUI framework for Java. It follows a
single-threaded programming model, and possesses the following traits:

Platform independence
Swing is platform independent both in terms of its expression (Java) and its implementation
(non-native universal rendering of widgets).

Extensibility

Swing is a highly partitioned architecture, which allows for the "plugging" of various custom
implementations of specified framework interfaces: Users can provide their own custom
implementation(s) of these components to override the default implementations. In general,
Swing users can extend the framework by extending existing (framework) classes and/or
providing alternative implementations of core components.

Component-oriented

Swing is a component-based framework. The distinction between objects and components is a

fairly subtle point: concisely, a component is a well-behaved object with a known/specified
characteristic pattern of behaviour. Swing objects asynchronously fire events, have "bound"
properties, and respond to a well-known set of commands (specific to the component.)
Specifically, Swing components are Java Beans components, compliant with the Java Beans
Component Architecture specifications.

Customizable

Given the programmatic rendering model of the Swing framework, fine control over the details of
rendering of a component is possible in Swing. As a general pattern, the visual representation of
a Swing component is a composition of a standard set of elements, such as a "border", "inset",
decorations, etc. Typically, users will programmatically customize a standard Swing component
(such as a JTable) by assigning specific Borders, Colors, Backgrounds, opacities, etc., as the
properties of that component. The core component will then use these property (settings) to
determine the appropriate renderers to use in painting its various aspects. However, it is also
completely possible to create unique GUI controls with highly customized visual representation.

Configurable

Swing's heavy reliance on runtime mechanisms and indirect composition patterns allows it to
respond at runtime to fundamental changes in its settings. For example, a Swing-based
application can change its look and feel at runtime. Further, users can provide their own look
and feel implementation, which allows for uniform changes in the look and feel of existing Swing
applications without any programmatic change to the application code.

Lightweight UI

Swing's configurability is a result of a choice not to use the native host OS's GUI controls for
displaying itself. Swing "paints" its controls programmatically through the use of Java 2D APIs,
rather than calling into a native user interface toolkit. Thus, a Swing component does not have a
corresponding native OS GUI component, and is free to render itself in any way that is possible
with the underlying graphics APIs.

Application Code

JFC
Java 2D
Swing

Drag & Drop

AWT

Accessibility

THE SWING COMPONENT CLASSES:

Class Description

Abstract Button Abstract super class for Swing Buttons

Button Group Encapsulates a mutually exclusive set of

Buttons

ImageIcon Encapsulates an Icon

JApplet The Swing version of Applet

JButton The Swing Push Button Class

JCheckBox The Swing CheckBox class

JComboBOx Encapsulates a combobox

JLabel The swing version of a Label

JRadioButton The Swing version of a RadioButton

JScrollPane Encapsulates a scrollabel window

JTabbedPane Encapsulates a Tabbed window

JTable Encapsulates a Table-based control

JTextField The swing version of a text-field

JTree Encapsulates a Tree-based control

ADVANTAGES OF SWINGS:

 Wide variety of Components

 Pluggable Look and Feel
 MVC Architecture
 Keystroke Handling
 Action Objects
 Nested containers
 Customized Dialogs
 Compound Borders
 Standard Dialog Classes
 Structured Table and Tree Components
 Powerful Text Manipulation
 Generic Undo Capabilities
 Accessibility Support.

DESIGN ENGINEERING
GENERAL

Design Engineering deals with the various UML [Unified Modeling language diagrams
for the implementation of project. Design is a meaningful engineering representation of a thing
that is to be built. Software design is a process through which the requirements are translated into
representation of the software. Design is the place where quality is rendered in software
engineering. Design is the means to accurately translate customer requirements into finished
product.

The next responsibility of many design engineers is prototyping. A model of the product
is created and reviewed. Prototypes are either functional or non-functional. Functional "alpha"
prototypes are used for testing and the non-functional are used for form and fit checking. Virtual
prototyping software like Ansys or Comsol may also be used. This stage is where design flaws
are found and corrected, and tooling, manufacturing fixtures, and packaging are developed.

Data Flow Diagram

Data-flow diagrams (DFDs) were introduced and popularized for structured analysis and
design. DFDs show the flow of data from external entities into the system, showed how the
data moved from one process to another, as well as its logical storage.

Sequence Diagram
 Sequence diagrams are easy and intuitive way of describing the behavior of a system by
viewing the interaction between the system and its environment. A sequence diagram shows an
interaction arranged in a time sequence.

Class Diagram
 In software engineering, a class diagram in the Unified Modeling Language (UML) is a
type of static structure diagram that describes the structure of a system by showing the system's
classes, their attributes, operations (or methods), and the relationships among the classes. It
explains which class contains information.

Topology

Serversocket()
Nodedetails()
Dual decomposition Database
Connect()
Clear_noderecord()
Clear_constructrecord()

Construct

Getnodes()

Node

Findpath
Socket()
Start()
Getpath() Run()
Findnode()

Use Case Diagram

 A use case diagram at its simplest is a representation of a user's interaction
with the system that shows the relationship between the user and the different use
cases in which the user is involved. A use case diagram can identify the different
types of users of a system and the different use cases and will often be
accompanied by other types of diagrams as well.

A use case is a methodology used in system analysis to identify, clarify, and

organize system requirements. The use case is made up of a set of possible
sequences of interactions between systems and users in a particular environment
and related to a particular goal.
SYSTEM ARCHITECTURE

Source

Hop Count
Marking
Route Based
Packet Attackers
Dependent
Target Marking
Direction
Marking Sniffing Attacks

Selfish Defense
Filtering
Multiple Filter
Defense

False Negative
Filter Measure False Positive
Result
Result

Drop Spoofed
Destination Packets
 PROJECT DESCRIPTION

Problem Statement
The auditing schemes in existing imply the problem that users need to always stay online, which
may impede its adoption in practice, especially for long-term archival storage. From packet
losses, the authors infer the existence of ingress filtering in the volunteer’s networks, which
drops outgoing traffic carrying addresses not assigned to the deploying network. In order to
avoid this problem, we get single-step,packet-filter manner. These approaches associate each IP
address with some parameter (e.g., a route to the filter, a secret mark, etc.) via a parameter table.
When a packet arrives, the chosen parameter’s value is inferred from it, and compared to the
value in the parameter table. Mismatching packets are considered spoofed. Cloud is a new way
to store large amount of data.

MODULES:
 Authentication and topology creation
 Setting Up parameter table (altruistic defense)
 Setting up self firewall rules (selfish defense)
 Target protection and reflector attack protection.

MODULES DESCRIPTION:
AUTHENTICATION AND TOPOLOGY CREATION:
This module deals with the authentication of the administrator and the creation of the
topology with multiple terminals. Here using this topology we can transfer files (be it multimedia
or a flat file). We use two methods: selfish defense and the altruistic defense, as proposed in
implementing this scenario.
 In this phase we are using hibernate for connecting database and java program and also
for representing tables as entities in java program. Here we are using thread concept in network
to multiple requests. Server socket technology is used in nodes for listening purpose.

A server socket used waits for requests to come in over the network. It performs some
operation based on that request, and then possibly returns a result to the requester.

The actual work of the server socket is performed by an instance of the SocketImpl class.
An application can change the socket factory that creates the socket implementation to configure
itself to create sockets appropriate to the local firewall.

SETTING UP PARAMETER TABLE (ALTRUISTIC DEFENSE)

This module deals with the setting up of the parameter table to use the topology created.
The deployment points are the main source of filter containing the fire wall rules to filter the
spoofed packets.

These approaches are generic because their only goal is to filter spoofed packets,
regardless of the security threat that generated them. They are single-step because there is no
interactive communication with an alleged packet source when a suspicious packet is received.
Finally, these approaches work in a packet-filter manner—the parameter table can be visualized
as a set of firewall rules that specify allowed traffic, and the default deny rule.
 Here deployment points works under the rules specified in the parameter tables. Here we
focus only on approaches that work in a generic, single-step, packet-filter manner. These
approaches associate each IP address with some parameter (e.g., a route to the filter, a secret
mark, etc.) via a parameter table. When a packet arrives, the chosen parameter’s value is inferred
from it, and compared to the value in the parameter table. Mismatching packets are considered
spoofed.

SETTING UP SELF FIREWALL RULES (SELFISH DEFENSE)

This module deals with the creation of firewall rules for each nodes associated in the
network. These nodes are the actual consumers of the content in the network.

Spoofer measurements show that around 80 percent of networks participating in the

project deploy ingress filtering. Because the total number of participating hosts is in the low
thousands, these results cannot be readily extrapolated to the entire Internet. Further, even if only
20 percent of all networks allowed spoofing, they could still generate unlimited spoofed and
reflected traffic toward any target.
TARGET PROTECTION AND REFLECTOR ATTACK PROTECTION:

The main goal of a spoofing defense is to provide protection to targets against spoofed
and reflected traffic. Since no one can exactly predict likely placement for future attackers, it is
fair to assume, as we do, that any network is equally likely to host them. Target Protection
measure for destination node defines the number of packets sent by source combinations that will
be filtered in route to destination node. It expresses protection of compromised node from
spoofed traffic, assuming random deployment of attacking machines and random spoofing.
Reflector attack protection measure for intermediate node defines the number of source to
destination paths on which packets spoofing will be filtered out. Reflector attack protection
measure expresses protection of node x from reflected traffic assuming random selection of
attack sources and destinations. This protection is not achieved directly by filtering reflected
traffic, but indirectly by filtering spoofed service requests and thus preventing reflected traffic.

System testing
Software Testing is an empirical investigation conducted to provide stakeholders with
information about the quality of the product or service under test, with respect to the context in
which it is intended to operate. This includes, but is not limited to, the process of executing a
program or application with the intent of finding software bugs.

Unit Testing

The testing done to show whether a unit (the smallest piece of software that can be
independently compiled or assembled, loaded, and tested) satisfies its functional specification
or its implemented structure matches the intended design structure.

The primary goal of unit testing is to take the smallest piece of testable software in the
application, isolate it from the remainder of the code, and determine whether it behaves exactly
as you expect. Each unit is tested separately before integrating them into modules to test the
interfaces between modules. Unit testing has proven its value in that a large percentage of
defects are identified during its use.

The most common approach to unit testing requires drivers and stubs to be written. The driver
simulates a calling unit and the stub simulates a called unit. The investment of developer time in
this activity sometimes results in demoting unit testing to a lower level of priority and that is
almost always a mistake. Even though the drivers and stubs cost time and money, unit testing
provides some undeniable advantages. It allows for automation of the testing process, reduces
difficulties of discovering errors contained in more complex pieces of the application, and test
coverage is often enhanced because attention is given to each unit.

Integration Testing

'Integration testing' (sometimes called Integration and Testing, abbreviated I&T) is the phase of
software testing in which individual software modules are combined and tested as a group. It
follows unit testing and precedes system testing.

Integration testing takes as its input modules that have been unit tested, groups them in larger
aggregates, applies tests defined in an integration test plan to those aggregates, and delivers as
its output the integrated system ready for system testing.
The purpose of integration testing is to verify functional, performance and reliability
requirements placed on major design items. These "design items", i.e. assemblages (or groups
of units), are exercised through their interfaces using Black box testing, success and error cases
being simulated via appropriate parameter and data inputs. Simulated usage of shared data
areas and inter-process communication is tested and individual subsystems are exercised
through their input interface. Test cases are constructed to test that all components within
assemblages interact correctly, for example across procedure calls or process activations, and
this is done after testing individual modules, i.e. unit testing.

The overall idea is a "building block" approach, in which verified assemblages are added to a
verified base which is then used to support the integration testing of further assemblages.

Some different types of integration testing are big bang, top-down, and bottom-up.

White-Block Testing
white box Testing the application with the knowledge of underline code of the application. it is
done by developers. but in some organizations it is done by testers. Eg: Unit testing.white box
testing we excercise the internal logic of the software, basically programmer do white box
testing.To do white box testing knowledge of internal logic code is required.Mostly done by
developers.

Block Box Testing

Black box testing , we should know the functionality of application,logic code is not required.
This testing is done by testers. testing the application without knowledge of underline code of
the application. it is done by the testers. BLOCK TESTING done by the testers to test the
functionality of the application,it is also called system testing.

System Implementation

Implementation is the stage of the project when the theoretical design is turned out into a
working system. Thus it can be considered to be the most critical stage in achieving a
successful new system and in giving the user, confidence that the new system will work and be
effective.

The implementation stage involves careful planning, investigation of the existing system
and it’s constraints on implementation, designing of methods to achieve changeover and
evaluation of changeover methods.

Implementation is the process of converting a new system design into operation. It is the
phase that focuses on user training, site preparation and file conversion for installing a
candidate system. The important factor that should be considered here is that the conversion
should not disrupt the functioning of the organization.

Conclusion
Our evaluation shows that edge network defenses, deployed either in isolated or collaborative
manner, cannot offer sufficient protection without core support. Only HCF offered significant
protection in selfish, isolated deployment, but only against spoofed traffic and not against
reflector attacks. The proposed approach work in a generic, single-step,packet-filter manner.
These approaches associate each IP address with some parameter (e.g., a route to the filter, a
secret mark, etc.) via a parameter table. When a packet arrives, the chosen parameter’s value is
inferred from it, and compared to the value in the parameter table. Mismatching packets are
considered spoofed. Cloud is a new way to store large amount of data. In cloud computing, data
owners host their data on cloud servers and users can access the data from cloud servers.

FUTURE WORK
APPENDIX

Source code

Server.java

import java.sql.*;

import java.io.*;

import java.net.*;

import java.util.*;

import java.awt.*;

import javax.swing.*;

//import ch.randelshofer.quaqua.*;

public class server extends JFrame

private dbase db;

ResultSet rs;

Connection cs;

int packets;

Statement st,stl,st5;

String dest;

Vector v,v1;

static ServerSocket sersoc;

static Socket soc;

ObjectInputStream dis;
 ObjectOutputStream dos;

InputStream is;

OutputStream os;

String n="",ip="",s,name,nodes;

static server ser;

int port=4003,na;

serverframe sf;

findpath find;

public server()throws Exception

super();

db = new dbase();

st=db.dbcon();

stl=db.dbcon();

s="delete from systemdetails";

db.delete(s);

s="delete from connection";

db.delete(s);

sf=new serverframe();

sf.jt.setText("Server Started \n");

public void listen()throws Exception

 {

dis=new ObjectInputStream(soc.getInputStream());

String nname=(String)dis.readObject();

System.out.println("recived:"+nname);

if(nname.equals("user"))

String output="";

dis=new ObjectInputStream(soc.getInputStream());

String nname2=(String)dis.readObject();

String array[]=nname2.split("&");

int q=Integer.parseInt(array[1]);

sf.jt.append("Enter User :"+array[0]+"\n");

s="select * from systemdetails where systemname='"+array[0]+"' and

ipaddress='"+array[2]+"'";

if(db.check(s))

output="exist";

s="delete from systemdetails where systemname=''";

db.delete(s);
 }

else

System.out.println("q:"+q);

s="update systemdetails set systemname='"+array[0]+"' where port='"+q+"'";

db.insert(s);

s="update systemdetails set password='"+array[3]+"' where port='"+q+"'";

db.insert(s);

output="ok";

dos=new ObjectOutputStream(soc.getOutputStream());

dos.writeObject(output);

else if(nname.equals("signout")){

String prevNode;

//dis=new ObjectInputStream(soc.getInputStream());

String nodeLeave=(String)dis.readObject();

s="delete from systemdetails where systemname='"+nodeLeave+"'";

db.insert(s);

s="delete from connection where nodename='"+nodeLeave+"'";

db.insert(s);
 s="select nodename from connection where neighbour='"+nodeLeave+"'";

ResultSet nodeNeigbour=db.selectResult(s);

if(nodeNeigbour.next()){

prevNode=nodeNeigbour.getString(1);

System.out.println("first node "+prevNode);

while(nodeNeigbour.next()){

String nextNode=nodeNeigbour.getString(1);

System.out.println("next node "+nextNode);

s="update connection set neighbour='"+nextNode+"' where

nodename='"+prevNode+"' and neighbour='"+nodeLeave+"'" ;

int i=db.update(s);

if(i>0){

s="delete from connection where

neighbour='"+nodeLeave+"' and nodename='"+nextNode+"'";

db.insert(s);

// s="update connection set neighbour='"+nextNode+"'

where neighbour='"+nodeLeave+"'" ;

//int j=db.update(s);

s="insert into connection

values('"+nextNode+"','"+prevNode+"','0','0','enable')";

db.insert(s);

/* if(i>0){

s="select nodename from connection where

neighbour='"+nodeLeave+"'";

nodeNeigbour=db.selectResult(s);

System.out.println("updated connected nodes");

 }*/

s="select nodename from connection where

neighbour='"+nodeLeave+"'";

nodeNeigbour=db.selectResult(s);

else if(nname.equals("path"))

sf.jt.append("path calculation:\n");

String nodes=(String)dis.readObject();

packets=Integer.parseInt(String.valueOf(dis.readObject()));

String array[]=nodes.split("&");

dest=array[1];

System.out.println("nodes:"+nodes);

v1=new Vector();

Vector lpathl=new Vector();

for(int a11=1;a11<array.length;a11++)

sf.jt.append("Source Node :"+array[0]+"\t and "+"Destination

Node :"+array[a11]+"\n");

System.out.println("array[a11]:"+array[a11]);
 find= new findpath(array[0],array[a11]);

rs=st.executeQuery("Select path from possiblepath where

destination='"+array[a11]+"' ");

int flagcheck=0;

int flagcheckl=0;

while(rs.next())

String pathstring=rs.getString(1);

System.out.println("patstring:"+pathstring);

String patharray[]=pathstring.split(">");

flagcheck=0;

for(int i=1;i<patharray.length-1;i++)

System.out.println("patharray[i]"+patharray[i]);

for(int j=0;j<v1.size();j++)

String alreadypath=String.valueOf(v1.elementAt(j));

System.out.println("alreadypath:"+alreadypath);

String alreadyarray[]=alreadypath.split(">");

for(int k=1;k<alreadyarray.length-1;k++)
 {

System.out.println("alreadyarray[k]:"+alreadyarray[k]);

if(alreadyarray[k].equals(patharray[i]))

flagcheck=5;

System.out.println(" flagcheck:"+flagcheck);

System.out.println(" flagcheckl:"+flagcheckl);

if(flagcheck==0 && flagcheckl==0)

v1.add(pathstring);

flagcheckl=5;

System.out.println(" flagcheckl:"+flagcheckl);

System.out.println(" v1"+v1);

System.out.println("send v1");
 }

dos=new ObjectOutputStream(soc.getOutputStream());

dos.writeObject(v1);

sf.jt.append("Paths :"+v1+"\n");

else if(nname.equals("reload"))

sf.jt.append("Reload Request \n");

String nname5=(String)dis.readObject();

Vector ls1=new Vector();

Vector ls5=new Vector();

Vector ls6=new Vector();

ls1.add("select");

rs=st.executeQuery("Select * from systemdetails where status='enable' ");

while(rs.next())

ls1.add(rs.getString(1));

}
 rs=st.executeQuery("Select * from connection where nodename='"+nname5+"'
and status='enable' ");

while(rs.next())

ls5.add(rs.getString(1));

ls6.add(rs.getString(2));

dos=new ObjectOutputStream(soc.getOutputStream());

dos.writeObject(ls1);

dos.writeObject(ls5);

dos.writeObject(ls6);

else if(nname.equals("port"))

String status="";

String nodes=(String)dis.readObject();

System.out.println("nodes:"+nodes);

rs=st.executeQuery("Select status from systemdetails where

systemname='"+nodes+"' ");

if(rs.next())

status=rs.getString(1);
 }

if(status.equals("enable"))

rs=st.executeQuery("Select port from systemdetails where

systemname='"+nodes+"' ");

if(rs.next())

//System.out.println("p:"+rs.getString(1));

port=Integer.parseInt(rs.getString(1));

rs=st.executeQuery("Select ipaddress from systemdetails where

systemname='"+nodes+"' ");

if(rs.next())

//System.out.println("ip:"+rs.getString(1));

ip=rs.getString(1);

dos=new ObjectOutputStream(soc.getOutputStream());

// port=port+1;

String p=String.valueOf(port);

System.out.println("p:"+p);

System.out.println("ip:"+ip);
dos.writeObject(p);

dos.writeObject(ip);

System.out.println("send 1");

else

dos=new ObjectOutputStream(soc.getOutputStream());

// port=port+1;

dos.writeObject(String.valueOf(0));

dos.writeObject(String.valueOf(0));

System.out.println("send 1");

else if(nname.equals("passport")){

String sourceDest=(String)dis.readObject();

String[] passInfo=sourceDest.split("@");

String source=passInfo[0];

String dest=passInfo[1];

Random z=new Random();

int zint=z.nextInt(60000000);

String key="";

while(key.length()<8){

zint=z.nextInt(60000000);
 key=String.valueOf(zint);

db = new dbase();

db.dbcon();

int i=db.passPortInsert(source,dest,key);

if(i>0){

dos=new ObjectOutputStream(soc.getOutputStream());

dos.writeObject(key);

else{

dos=new ObjectOutputStream(soc.getOutputStream());

dos.writeObject("NoKey");

else if(nname.contains("passkey")){

String[] passInfo=nname.split("@");

String dest=passInfo[1];

String source=passInfo[2];

db = new dbase();

db.dbcon();

String key=db.passPortSelect(dest,source);

if(key!=null&&key!=""){

dos=new ObjectOutputStream(soc.getOutputStream());

dos.writeObject(key);

}
 else{

dos=new ObjectOutputStream(soc.getOutputStream());

dos.writeObject("attacker");

else if(nname.equals("validuser"))

sf.jt.append("User Checking :\n");

String output1="",status1="";

dis=new ObjectInputStream(soc.getInputStream());

String nname12=(String)dis.readObject();

String array1[]=nname12.split("&");

int q1=Integer.parseInt(array1[1]);

Vector ls=new Vector();

s="select status from systemdetails where systemname='"+array1[0]+"'";

rs=st.executeQuery(s);

if(rs.next())

status1=rs.getString(1);

if(status1.equals("disable"))

s="select password from systemdetails where ipaddress='"+array1[2]+"' and

systemname='"+array1[0]+"'";
 String pword=db.select1(s);

s="select systemname from systemdetails where ipaddress='"+array1[2]+"' and

systemname='"+array1[0]+"'";

String user=db.select1(s);

if(pword.equals(array1[3]))

if(user.equals(array1[0]))

output1="ok";

s="update systemdetails set port='"+q1+"' where systemname='"+array1[0]+"'";

db.insert(s);

s="update systemdetails set status='enable' where systemname='"+array1[0]+"'";

db.insert(s);

ls=new Vector();

rs=st.executeQuery("Select * from systemdetails where status='enable' ");

while(rs.next())

ls.add(rs.getString(1));

else
 output1="ok1";

else

System.out.println("pword:"+pword);

output1="ok1";

else

output1="ok1";

dos=new ObjectOutputStream(soc.getOutputStream());

dos.writeObject(output1);

//dos.writeObject(ls);

else if(nname.equals("exit"))

dis=new ObjectInputStream(soc.getInputStream());

String nname1=(String)dis.readObject();

System.out.println("exit:"+nname1);
 v=new Vector();

s="update systemdetails set status='disable' where systemname='"+nname1+"' ";

db.delete(s);

s="update connection set status='disable' where nodename='"+nname1+"' and

neighbour='"+nname1+"' ";

db.delete(s);

sf.jt.append("Node :"+nname1+"Leave \n");

else if(nname.equals("system"))

int portno=0;

nodes=(String)dis.readObject();

System.out.println("nodes:"+nodes);

rs=st.executeQuery("Select port from systemdetails where

systemname='"+nodes+"' ");

if(rs.next())

portno=Integer.parseInt(rs.getString(1));

}
 rs=st.executeQuery("Select ipaddress from systemdetails where
systemname='"+nodes+"' ");

if(rs.next())

ip=rs.getString(1);

dos=new ObjectOutputStream(soc.getOutputStream());

String p=String.valueOf(portno);

System.out.println("p:"+p);

System.out.println("ip:"+ip);

dos.writeObject(ip);

dos.writeObject(p);

System.out.println("send 1");

else if(nname.equals("connection"))

String nodedetails=(String)dis.readObject();

String details[]=nodedetails.split("&");

sf.jt.append("Node :"+details[0]+"\t Connect "+"Node :"+details[1]);

s="Insert into connection values('"+details[0]+"','"+details[1]+"','0','0','enable')";

db.insert(s);

s="Insert into connection values('"+details[1]+"','"+details[0]+"','0','0','enable')";

db.insert(s);

System.out.println("nodedetails:"+nodedetails);

else if(nname.equals("nodedetails"))

Vector v1=new Vector();

s="select systemname from systemdetails";

rs=st.executeQuery(s);

v1.add("select");

while(rs.next())

String name1=rs.getString(1);

if(!name1.equals(""))

v1.add(name1);

dos=new ObjectOutputStream(soc.getOutputStream());

dos.writeObject(v1);

else if (nname.contains("AttackNode")){

String[] attackerNodes=nname.split("@");

for(int i=1;i<attackerNodes.length;i++){
 rs=st.executeQuery("Select port,ipaddress from systemdetails where
systemname='"+attackerNodes[i]+"' ");

if(rs.next())

port=Integer.parseInt(rs.getString(1));

ip=rs.getString(2);

soc=new Socket(ip,port);

dos=new ObjectOutputStream(soc.getOutputStream());

dos.writeObject("youAttacks");

else if(nname.contains("new"))

String[] newnode=nname.split("@");

String nodeip=newnode[1];

dos=new ObjectOutputStream(soc.getOutputStream());

port=port+1;

String p=String.valueOf(port);

System.out.println("p:"+p);

s="Insert into systemdetails values('','"+nodeip+"','"+port+"','disable','')";

db.insert(s);

dos.writeObject(p);

System.out.println("send");
 }

Firstpage.java

import java.awt.*;

import java.awt.event.*;

import javax.swing.*;

import java.net.*;

import java.util.*;

public class firstpage extends JFrame

private JLabel userlabel,userlabel5;

private JLabel nodelabel,nodelabel5;

private JLabel passwordlabel,passwordlabel5;

private JLabel jLabel5;

private JButton login;

private JButton clear;

private JButton connection;

private JLabel jLabel7;

private JLabel jLabel11;

private JTextField userfield,userfield5;

 private JTextField jPasswordField1,jPasswordField5;

private JComboBox nodes;

private JLabel loginl;

private JLabel nuser;

private JLabel cancel;

private JPanel contentPane;

public static ServerSocket ssoc1;

private JButton signin;

private JButton clear5;

public static Socket sousoc1,ss1;

static sender sf1;

public static String username="",pword="",nodename="";

static int portno;

Vector nodes1;

public firstpage(int portno) throws Exception

super();

sf1=new sender();

sf1.portnodetails(portno);

nodedetails();

initializeComponent();

this.setVisible(true);

public void nodedetails()throws Exception

 {

nodes1=new Vector();

nodes1=sf1.ndetails();

public void initializeComponent()

userlabel = new JLabel();

nodelabel = new JLabel();

passwordlabel = new JLabel();

jLabel5 = new JLabel();

userfield = new JTextField();

jPasswordField1 = new JTextField();

nodes=new JComboBox(nodes1);

login = new JButton();

clear = new JButton();

connection=new JButton();

contentPane = (JPanel)this.getContentPane();

nuser= new JLabel("Addin");

loginl = new JLabel("Signin");

cancel = new JLabel("Cancel");

signin = new JButton();

jLabel7 = new JLabel();

jLabel11 = new JLabel();

userlabel5 = new JLabel();

nodelabel5 = new JLabel();

passwordlabel5 = new JLabel();

userfield5 = new JTextField();

jPasswordField5 = new JTextField();

clear5 = new JButton();

login.setText("Add");

login.addActionListener(new ActionListener() {

public void actionPerformed(ActionEvent e)

login_actionPerformed(e);

});

clear.setText("Clear");

clear.addActionListener(new ActionListener() {

public void actionPerformed(ActionEvent e)

clear_actionPerformed(e);

});
 connection.setText("Joint");

connection.addActionListener(new ActionListener() {

public void actionPerformed(ActionEvent e)

try

sf1.connection(username,nodename);

catch (Exception e2)

e2.printStackTrace();

});

signin.setText("Sign");

signin.addActionListener(new ActionListener() {

public void actionPerformed(ActionEvent e)

try
 {

username=userfield5.getText();

pword=jPasswordField5.getText();

sf1.validuser(username,pword);

new sender(username);

dispose();

catch (Exception e1)

e1.printStackTrace();

});

nodes.setBackground(new Color(251, 250, 250));

nodes.addActionListener(new ActionListener() {

public void actionPerformed(ActionEvent e)

nodes_actionPerformed(e);

}
 });

clear5.setText("Clear");

clear5.addActionListener(new ActionListener() {

public void actionPerformed(ActionEvent e)

userfield.setText("");

jPasswordField1.setText("");

});

userlabel.setText("Node Name");

passwordlabel.setText("Port Number");

nodelabel.setText("Nodes");

userlabel5.setText("Node Name");

passwordlabel5.setText("Port Number");

nodelabel5.setText("Nodes");
 contentPane.setLayout(null);

contentPane.setBackground(new Color(255, 251, 251));

addComponent(contentPane, userlabel5, 15,150,96,28);

addComponent(contentPane, passwordlabel5,15,180,96,28);

addComponent(contentPane, userfield5, 120,150,96,25);

addComponent(contentPane,jPasswordField5, 120,180,96,25);

addComponent(contentPane, signin, 30,230,75,28);

addComponent(contentPane, clear, 120,230,75,28);

addComponent(contentPane, userlabel, 263,96,96,28);

addComponent(contentPane, nodelabel, 263,150,96,28);

addComponent(contentPane, passwordlabel,263,120,96,28);

addComponent(contentPane, userfield, 365,96,100,25);

addComponent(contentPane, nodes, 365,150,100,25);

addComponent(contentPane,jPasswordField1, 365,120,100,25);

addComponent(contentPane, login, 250,195,75,28);

addComponent(contentPane, clear5, 300,230,75,28);

addComponent(contentPane, connection, 365,195,75,28);

addComponent(contentPane, loginl, 50,120,70,18);

addComponent(contentPane, nuser, 255,70,70,18);

this.setTitle("First Page");
 this.setLocation(new Point(19, 37));

this.setSize(new Dimension(520, 350));

this.setDefaultCloseOperation(DO_NOTHING_ON_CLOSE);

this.setResizable(false);

private void addComponent(Container container,Component c,int x,int y,int width,int

height)

c.setBounds(x,y,width,height);

container.add(c);

private void login_actionPerformed(ActionEvent e)

try

username=userfield.getText();

pword=jPasswordField1.getText();

sf1.userlogin(username,pword);

catch (Exception e1)

 {

e1.printStackTrace();

System.out.println("\nlogin_actionPerformed(ActionEvent e) called.");

// TODO: Add any handling code here

private void clear_actionPerformed(ActionEvent e)

System.out.println("\nclear_actionPerformed(ActionEvent e) called.");

userfield5.setText("");

jPasswordField5.setText("");

private void nodes_actionPerformed(ActionEvent e)

System.out.println("\njComboBox1_actionPerformed(ActionEvent e) called.");

Object o = nodes.getSelectedItem();

System.out.println(">>" + ((o==null)? "null" : o.toString()) + " is selected.");

nodename=o.toString();
 }}

Received.java

import java.io.*;

import javax.swing.*;

import java.awt.event.*;

//import org.gui.JDirectoryDialog; // External Tool for Jfile Chooser

class receivedata extends JFrame implements ActionListener

JButton jButton1;

JButton jButton2;

JButton jButton3;

static String estring1="",f3="";

static int f2;

JPanel panel=new JPanel();

static JTextArea text=new JTextArea();

JScrollPane pane=new JScrollPane(text);

JLabel jl=new JLabel();

static byte b[];

static String nname1="";

String desdir="";

File f5;

public JDirectoryDialog directoryDialog;

public receivedata(int f,String path,byte b1[],String sourcename,String f1,String

nname)throws Exception

jButton1=new JButton();

jButton2=new JButton();

jButton3=new JButton();

jButton1.setText("Save");

jButton2.setText("Cancel");

panel.setLayout(null);

b=b1;

nname1=nname;

f2=f;

f3=f1;

if(f==1)

panel.add(pane);

panel.add(jButton1);

panel.add(jButton2);

pane.setBounds(5,5,390,350);

jButton1.setBounds(75,400,100,25);
 jButton2.setBounds(200,400,100,25);

text.setText(path);

text.setText(f1);

else

panel.add(jl);

panel.add(jButton1);

panel.add(jButton2);

jl.setBounds(5,5,390,25);

jButton1.setBounds(75,400,100,25);

jButton2.setBounds(200,400,100,25);

jButton3.setBounds(325,400,100,25);

jl.setText(f1);

add(panel);

jButton1.addActionListener(this);

jButton2.addActionListener(this);

setSize(500,500);

setVisible(true);

setTitle("Node : "+sourcename+"Received");

setDefaultCloseOperation(DO_NOTHING_ON_CLOSE);

public void actionPerformed(ActionEvent e)

 {

try

if(e.getSource()==jButton1)

if(directoryDialog == null)

directoryDialog = new JDirectoryDialog(receivedata.this);

if(directoryDialog.showDirectoryDialog())

File destFile = directoryDialog.getSelectedFolder();

desdir=destFile.getAbsolutePath();

f5=new File(desdir,nname1);

if(f5.exists())

JOptionPane.showMessageDialog(null,"File Already
Exist");
 else

FileOutputStream fo=new FileOutputStream(f5,true);

fo.write(b);

dispose();

if(e.getSource()==jButton2)

dispose();

catch (Exception e1)

e1.printStackTrace();

}}}
SCREEN SHOTS:
REFERENCES

[1] Advanced Network Architecture Group, ANA Spoofer Project, http://spoofer.csail.mit.edu/, 2009.

[2] P. Ferguson and D. Senie, “Network Ingress Filtering: Defeating Denial of Service Attacks Which
Employ IP Source Address

Spoofing,” IETF RFC 2267, 1998.

[3] D. Moore, C. Shannon, D.J. Brown, G.M. Voelker, and S. Savage, “Inferring Internet Denial-of-Service
Activity,” ACM Trans. Computer Systems, vol. 24, no. 2, pp. 115-139, May 2006.

[4] D. Kawamoto, “DNS Recursion Leads to Nastier DoS Attacks,”

ZDNet.co.uk, Mar. 2006.

[5] C. Jin, H. Wang, and K.G. Shin, “Hop-Count Filtering: An Effective Defense against Spoofed DDoS
Traffic,” Proc. 10th ACM Conf. Computer and Comm. Security, 2003.

[6] K. Park and H. Lee, “On the Effectiveness of Route-Based Packet Filtering for Distributed DoS Attack
Prevention in Power-Law Internets,” Proc. ACM SIGCOMM, 2001.

[7] Z. Duan, X. Yuan, and J. Chandrashekar, “Constructing Inter- Domain Packet Filters to Control IP
Spoofing Based on BGP Updates,” Proc. IEEE INFOCOM, 2006.

[8] A. Bremler-Barr and H. Levy, “Spoofing Prevention Method,”

Proc. IEEE INFOCOM, 2005.

[9] X. Liu, X. Yang, D. Wetherall, and T. Anderson, “Efficient and Secure Source Authentication with
Packet Passports,” Proc. Conf. Steps to Reducing Unwanted Traffic on the Internet (SRUTI), 2006.

[10] A. Perrig, D. Song, and A. Yaar, “StackPi: A New Defense Mechanism against IP Spoofing and DDoS
Attacks,” Technical Report CMU-CS-02-208, Feb. 2003.

[11] M. Collins, T.J. Shimeall, S. Faber, J. Janies, R. Weaver, and M. De

Shon, “Predicting Future Botnet Addresses with Uncleanliness,” Proc. Internet Measurement Conf.
(IMC), 2007. MIRKOVIC AND KISSEL: COMPARATIVE EVALUATION OF SPOOFING DEFENSES 231
[12] V. Yegneswaran, P. Barford, and S. Jha, “Global Intrusion Detection in the DOMINO Overlay
System,” Proc. Network and Distributed System Security Symp. (NDSS), 2004.

[13] Y. He, G. Siganos, M. Faloutsos, and S.V. Krishnamurthy, “A Systematic Framework for Unearthing
the Missing Links: Measurements and Impact,” Proc. Symp. Networked Systems Design Implementation
(NSDI ’07), Apr. 2007.

[14] RouteViews.org, BGP Core Routing Table Size, http://www. routeviews.org/dynamics/, 2009.

[15] F. Wang and L. Gao, “On Inferring and Characterizing Internet Routing Policies,” Proc. Internet
Measurement Conf., Oct. 2003.

[16] RouteViews Archive, Univ. of Oregon, http://www.routeviews. org, 2009.

[17] D. Moore, C. Shannon, G.M. Voelker, and S. Savage, “Internet Quarantine: Requirements for
Containing Self-Propagating Code,” Proc. IEEE INFOCOM, 2003.

[18] W. Muhlbauer, A. Feldmann, O. Maennel, M. Roughan, and S. Uhlig, “Building an AS-Topology

Model that Captures Route Diversity,” Proc. ACM SIGCOMM, 2006.

[19] Internet Routing Registries, http://www.irr.net, 2009.

[20] CAIDA, Skitter Data.

[21] The DIMES Project, DIMES Web Page, http://www.netdimes. org/, 2009.

[22] B. Zhang, R. Liu, D. Massey, and L. Zhang, “Collecting the Internet AS-Level Topology,” Proc. ACM
SIGCOMM Computer Comm. Review (CCR), Jan. 2005.

[23] G. Siganos and M. Faloutsos, “Analyzing BGP Policies: Methodology and Tool,” Proc. IEEE INFOCOM,
2004.

[24] R.V. Oliveira, D. Pei, W. Willinger, B. Zhang, and L. Zhang, “In Search of the Elusive Ground Truth:
The Internet’s AS-Level Connectivity Structure,” Proc. ACM SIGMETRICS, 2008.

[25] D.S. Hochbaum, Approximation Algorithms for NP-Hard Problems.

Course Technology, 1996.

[26] S.N. Dorogovtsev and J.F.F. Mendes, Evolution of Networks: From Biological Nets to the Internet
and WWW. Oxford Univ. Press, 2003.