Adaptive RED: An Algorithm for Increasing the Robustness ...
RED Algorithm Report
-
Upload
joe-manley -
Category
Documents
-
view
216 -
download
0
Transcript of RED Algorithm Report
-
7/29/2019 RED Algorithm Report
1/62
Chapter 1
INTRODUCTION
1.1 INTRODUCTION TO PROJECT
The Internet is not a safe place. Unsecured hosts can expect to be compromised within
minutes of connecting to the Internet and even well-protected hosts may be crippled with
denial-of-service (DoS) attacks. However, while such threats to host systems are widely
understood, it is less well appreciated that the network infrastructure itself is subject to
constant attack as well. Indeed, through combinations of social engineering and weak
passwords, attackers have seized control over thousands of Internet routers . Even more
troubling is Mike Lynns controversial presentation at the 2005 Black Hat Briefings,
which demonstrated how Cisco routers can be compromised via simple software
vulnerabilities. Once a router has been compromised in such a fashion, an attacker may
interpose on the traffic stream and manipulate it maliciously to attack othersselectively
dropping, modifying, or rerouting packets.
Several researchers have developed distributed protocols to detect such traffic
manipulations, typically by validating that traffic transmitted by one router is received
unmodified by another . However, all of these schemesincluding our ownstruggle ininterpreting the absence of traffic. While a packet that has been modified in transit
represents clear evidence of tampering, a missing packet is inherently ambiguous: it may
have been explicitly blocked by a compromised router or it may have been dropped
benignly due to network congestion. In fact, modern routers routinely drop packets due to
bursts in traffic that exceed their buffering capacities, and the widely used Transmission
Control Protocol (TCP) is designed to cause such losses as part of its normal congestion
control behavior. Thus, existing traffic validation systems must inevitably produce false
positives for benign events and/or produce false negatives by failing to report real
malicious packet dropping.
In this project, we develop a compromised router detection protocol that dynamically
infers the precise number of congestive packet losses that will occur. Once the congestion
ambiguity is removed, subsequent packet losses can be safely attributed to malicious
actions. We believe our protocol is the first to automatically predict congestion in a
systematic manner and that it is necessary for making any such network fault detection
practical. In the remainder of this paper, we briefly survey the related background
material, evaluate options for inferring congestion, and then present the assumptions,
1
-
7/29/2019 RED Algorithm Report
2/62
specification, and a formal description of a protocol that achieves these goals. We have
evaluated our protocol in a small experimental network and demonstrate that it is capable
of accurately resolving extremely small and fine-grained attacks.
1.2 PROJECT OVERVIEW
we consider the problem of detecting whether a compromised router is maliciously
manipulating its stream of packets. In particular, we are concerned with a simple yet
effective attack in which a router selectively drops packets destined for some victim.
Unfortunately, it is quite challenging to attribute a missing packet to a malicious action
because normal network congestion can produce the same effect. Modern networks
routinely drop packets when the load temporarily exceeds their buffering capacities.
Previous detection protocols have tried to address this problem with a user-defined
threshold: too many dropped packets imply malicious intent. However, this heuristic is
fundamentally unsound; setting this threshold is, at best, an art and will certainly create
unnecessary false positives or mask highly focused attacks. We have designed, developed,
and implemented a compromised router detection protocol that dynamically infers, based
on measured traffic rates and buffer sizes, the number of congestive packet losses that will
occur. Once the ambiguity from congestion is removed, subsequent packet losses can be
attributed to malicious actions. We have tested our protocol in Emulab and have studied its
effectiveness in differentiating attacks from legitimate network behavior.
2
-
7/29/2019 RED Algorithm Report
3/62
Chapter 2
SYSTEM ANALYSIS
2.1 Existing System
The earliest work on fault-tolerant forwarding is due to Perlman who developed a robust
routing system based on source routing, digitally signed route-setup packets, and reserved
buffers. While groundbreaking, Perlmans work required significant commitments of
router resources and high levels of network participation to detect anomalies. Since then,
a variety of researchers have proposed lighter weight protocols for actively probing the
network to test whether packets are forwarded in a manner consistent with the advertised
global topology Conversely, the1997 WATCHERS system detects disruptive routers
passively via a distributed monitoring algorithm that detects deviations from a
conservation of flow invariant . However, work on WATCHERS was abandoned, in part
due to limitations in its distributed detection protocol, its overhead, and the problem of
ambiguity stemming from congestion To perform all these processes manually is a very
tedious process for a trained expert and, thus, an automated differential counting system
that helps in saving time and money is highly desirable.
2.2 Proposed System
We have designed, developed, and implemented a compromised router detection protocol
that dynamically infers, based on measured traffic rates and buffer sizes, the number of
congestive packet losses that will occur.
Once the ambiguity from congestion is removed, subsequent packet losses can be
attributed to malicious actions. We have tested our protocol in Emulab and have studied its
effectiveness in differentiating attacks from legitimate network behavior
2.3 OVERVIEW OF MODULES
Total project has divided into 5 Modules. They are
1. GUI Design
2. Protocol Utilization
3. Packet Transmission Details
4. CLP Calculation using Bayesian Theorem
5. Identifying Normal Packet using Threshold value.
3
-
7/29/2019 RED Algorithm Report
4/62
Module 1: GUI Design
Using swing concepts in Java, we allocate area for the statistical characterization for the
transmitted packets. So that the design is consistent and efficient for the user to interact
with the software.
Module 2:Protocol Utilization
Packets are transmitted through the use of networking protocols. So that ports are
distinguished by different colors. I consider two types of protocols called TCP and UDP
protocols. Here I use the acknowleged TCP protocol to transmit the packets.
Module 3 :PTD (Packet Transmission Details)Packet scores are generated based on the protocol values, the size of the packet and the
destination.
Module 4: CLP Calculationusing Bayesian Theorem
The Scores of each packet is generated and the probability calculation is performed. The
attribute value of each packet is compared with the base line profile value and sorting of
packets occurred.
Module 5: Identifying NP using Threshold Value
In this module, the threshold value is calculated and is compared with the attribute value
of each packet. Discarding of packets takes place in comparison with the threshold value.
4
-
7/29/2019 RED Algorithm Report
5/62
Chapter 3
ALGORITHM/TECHNIQUES USED
3.1 REDAlgorithm Description
RED monitors the average queue size, based on an exponential weighted moving average:
where the actual queue size and weight for a low-pass filter. RED uses three more
parameters in minimum threshold, Maximum, Maximum threshold. Using, RED
dynamically computes a dropping probability in two steps for each packet it receives.
First, it computes an interim probability, Further; the RED algorithm tracks the number of
packets, since the last dropped packet. The final dropping probability, p, is specified to
increase slowly as increases.
3.2 Methodology And Specifications
There are inherently two threats posed by a compromised router. The attacker may subvert
the network control plane (e.g., by manipulating the routing protocol into false route
updates) or may subvert the network data plane and forward individual packets
incorrectly. The first set of attacks have seen the widest interest and the most activity
largely due to their catastrophic potential. By violating the routing protocol itself, an
attacker may cause large portions of the network to become inoperable. Thus, there have
been a variety of efforts to impart authenticity and consistency guarantees on route update
messages with varying levels of cost and protection We do not consider this class of
attacks in this paper. Instead, we have focused on the less well-appreciated threat of an
attacker subverting the packet forwarding process on a compromised router. Such an
attack presents a wide set of opportunities including DoS, surveillance, man-in-the-middle
attacks, replay and insertion attacks, and so on. Moreover, most of these attacks can be
trivially implemented via the existing command shell languages in commodity routers.
The earliest work on fault-tolerant forwarding is due to Perlman who developed a robust
routing system based on source routing, digitally signed route-setup packets, and reserved
buffers.
While groundbreaking, Perlmans work required significant commitments of router
resources and high levels of network participation to detect anomalies. Since then, a
variety of researchers have proposed lighter weight protocols for actively probing the
network to test whether packets are forwarded in a manner consistent with the advertised
5
-
7/29/2019 RED Algorithm Report
6/62
global topology Conversely, the 1997 WATCHERS system detects disruptive routers
passively via a distributed monitoring algorithm that detects deviations from a
conservation of flow invariant However, work on WATCHERS was abandoned, in part
due to limitations in its distributed detection protocol, its overhead, and the problem of
ambiguity stemming from congestion . Finally, our own work broke the problem into three
pieces: a traffic validation mechanism, a distributed detection protocol, and a rerouting
countermeasure. In we focused on the detection protocol, provided a formal framework
for evaluating the accuracy and precision of any such protocol, and described several
practical protocols that allow scalable implementations.
However, we also assumed that the problem of congestion ambiguity could be solved,
without providing a solution. This paper presents a protocol that removes this assumption.
INFERRING CONGESTIVE LOSS In building a traffic validation protocol, it isnecessary to explicitly resolve the ambiguity around packet losses. Should the absence of a
given packet be seen as malicious or benign? In practice,
There are three approaches for Addressing this issue:
3.2.1 Static Threshold.:
Low rates of packet loss are assumed to be congestive, while rates above some predefined
threshold are deemed malicious.
3.2.2 Traffic modeling.:
Packet loss rates are predicted as a function of traffic parameters and losses beyond the
prediction are deemed malicious.
3.2.3 Traffic measurement:
. Individual packet losses are predicted as a function of measured traffic load and router
buffer capacity. Deviations from these predictions are deemed malicious.
Most traffic validation protocols, including WATCHERS, Secure Traceroute, and our own
work described in analyze aggregate traffic over some period of time in order to amortize
monitoring overhead over many packets. For example, one validation protocol described
in maintains packet counters in each router to detect if traffic flow is not conserved from
source to destination. When a packet arrives at router r and is forwarded to a destination
that will traverse a path segment ending at router x, r increments an outbound counter
associated with router x. Conversely, when a packet arrives at router r, via a path segment
beginning with router x, it increments its inbound counter associated with router x.
6
-
7/29/2019 RED Algorithm Report
7/62
Periodically, router x sends a copy of its outbound counters to the associated routers for
validation.Then, a given router r can compare the number of packets that x claims to have
sent to r with the number of packets it counts as being received from x, and it can detect
the number of packet losses. Thus, over some time window, a router simply knows that
out of m packets sent, n were successfully received. To address congestion ambiguity, all
of these systems employ a predefined threshold how does one choose the threshold?
In order to avoid false positives, the threshold must be large enough to include the
maximum number of possible congestive legitimate packet losses over a measurement
interval. Thus, any compromised router can drop that many packets without being
detected. Unfortunately, given the nature of the dominant TCP, even small numbers of
losses can have significant impacts. Subtle attackers can selectively target the traffic flows
of a single victim and within these flows only drop those packets that cause the most harm.For example, losing a TCP SYN packet used in connection establishment has a
disproportionate impact on a host because the retransmission time-out must necessarily be
very long (typically 3 seconds or more). Other seemingly minor attacks that cause TCP
time-outs can have similar effects
7
-
7/29/2019 RED Algorithm Report
8/62
Chapter 4
SYSTEM MODEL
Our work proceeds from an informed, yet abstracted, model of how the network is
constructed, the capabilities of the attacker, and the complexities of the traffic validation
problem. In this section, we briefly describe the assumptions underlying our model. We
use the same system model as in our earlier work .
4.1 Network Model
We consider a network to consist of individual homogeneous routers interconnected via
directional point-topoint links. This model is an intentional simplification of real networks
(e.g., it does not include broadcast channels or independently failing network interfaces)
but is sufficiently general to encompass such details if necessary.Unlike our earlier work,
we assume that the bandwidth, the delay of each link, and the queue limit for each
interface are all known publicly. Within a network, we presume that packets are forwarded
in a hop-by-hop fashion, based on a local forwarding table. These forwarding tables are
updated via a distributed link-state routing protocol such as OSPF or IS-IS. This is critical,
as we depend on the routing protocol to provide each node with a global view of the
current network topology.
Finally, we assume the administrativeability to assign and distribute cryptographic keys to
sets of nearby routers. This overall model is consistent with the typical construction of
large enterprise IP networks or the internal structure of single ISP backbone networks but
is not well suited for networks that are composed of multiple administrative domains using
BGP. At this level of abstraction, we can assume a synchronous network model. We
define a path to be a finite sequence hr1; r2; . . . rni of adjacent routers. Operationally, a
path defines a sequence of routers a packet can follow. We call the first router of the paththe source and the last router its sink; together, these are called terminal routers. A path
might consist of only one router, in which case the source and sink are the same. Terminal
routers are leaf routers: they are never in the middle of any path. An x-path segment is a
consecutive sequence of x routers that is a subsequence of a path. A path segment is an x-
path segment for some value of x > 0. For example, if a network consists of the single pth
ha; b; c; di, then hc; di and hb; ci are both two-path segments, but ha; ci is not because a
and c are not adjacent.
8
-
7/29/2019 RED Algorithm Report
9/62
4.2 Threat Model
This project focuses solely on data plane attacks Moreover, for simplicity, we examine
only attacks that involve packet dropping. However, our approach is easily extended to
address other attackssuch as packet modification or reorderingsimilar to our previous
work. Finally, as in TCP, the protocol we develop validates traffic whose source and sink
routers are uncompromised. A router can be traffic faulty by maliciously dropping packets
and protocol faulty by not following the rules of the detection protocol. drops or misroutes
packets that flow through _. A router can drop packets without being faulty, as long as the
packets are dropped because the corresponding output interface is congested. A
compromised router r can also behave in an arbitrarily malicious way in terms of
executing
4.3 Protocol Model
Protocol _ detects traffic faulty routers by validating the queue of each output interface for
each router. Given the buffer size and the rate at which traffic enters and exits a queue, the
behavior of the queue is deterministic. If the actual behavior deviates from the predicted
behavior, then a failure has occurred. We present the failure detection protocol in terms of
the solutions of the distinct sub problems: traffic validation, distributed detection, and
response.
9
-
7/29/2019 RED Algorithm Report
10/62
Chapter 5
Traffic Validation
The first problem we address is traffic validation: what information is collected about
traffic and how it is used to determine that a router has been compromised.
5.1 Estimating Legitimate Traffic Distribution
The probability of a packets legitimacy can be calculated, by observing the probabilities
of the attribute values in legitimate traffic (Pn) and in total traffic (Pm). However, it is
practically impossible to know how many packets are legitimate during the attack period,
let alone the number of legitimate packets bearing a particular attribute value. For that
reason, utilize an estimate Pn in place of true Pn. The estimate Pn
is called a nominal
profile and is collected in advance during normal operations.
A nominal traffic profile consists of single and joint distributions of various packet
attributes that are considered unique for a site. Candidate packet attributes from IP headers
are: packet size, Time-to-Live(TTL) values, protocol-type values, source IP prefixes, TCP
flag patterns, server port numbers, etc., To increase the number of attributes, we can
employ joint distribution of the fraction of packets having various combinations, such as
, 1 packets dropped during the last time interval. For the packets in
L, let ps be the mean of the packet sizes, qpred be the mean of qpredts (the predictedqueue length), and qact be the mean of qactts (the actual queue length) over the times
the packets were dropped. We test the following hypothesis: The packets are lost
10
-
7/29/2019 RED Algorithm Report
11/62
due to malicious attack: _ > qlimit _ qpred _ ps. The Z-test score is
z1 q limit _ qpred _ ps _ _
For the standard normal distribution Z, the probability of ProbZ < z1 gives the
confidence value ccombined for the hypothesis. A malicious router is detected if
combined is at least as large as a target significance level slevel combined. One can
question using a Z-test in this way because the set of dropped packets are not a simple
random sample. But, this test is used when there are packets being dropped and the first
test determined that they were consistent with congestion loss. Hence, the router is under
load during the short period the measurement was taken and most of the points, both for
dropped packets and for non dropped packets, should have a full Q.
11
-
7/29/2019 RED Algorithm Report
12/62
Packet differentiation and overload control procedure architecture has shown below:-
5.4 PACKET COUNTING PROCEDURE
Step 1: Start the process
Step 2: Trace the incoming packets using Jpcap (Java Component used to
capture the packets)
Step 3: Assign scores to the packets based on the Log Conditional
Legitimate Probability (CLP)
Step 4 : Fix the threshold value which depends on the parameters like
protocol type, packet size etc.,
Step 5: Compare the Threshold value with the Packet Score
12
-
7/29/2019 RED Algorithm Report
13/62
Step 6: If the Measured value is less than the Threshold value then the
packet is attacked packet Other wise, the packet is normal packet
Step 7: Update the cumulative distribution function score and continue with
the Step 3.
Step 8: Stop the process
Capturepackets
using jpcap
Assigning packetscore
Start
13
Fixing athreshold value
Is packetscore
thresholdvalue
Update packet score
Discard packets
Stop
No
Yes
-
7/29/2019 RED Algorithm Report
14/62
Chapter 6
SYSTEM DESIGN
6.1 UNIFIED MODELING LANGUAGE
The Unified Modeling Language is a language for specifying, constructing,
visualizing and documenting the software system and its components. The UML is a
graphical language with a set of rules and semantics.Main advantages of this modeling are
Models make it easier to express complex ideas
The cost of modeling analysis is much lower than the cost of similar
experimentation conducting with the system
Manipulation of the models is much easier
Models reduces the complexity by separating those aspects is
unimportant from those that are important
Model: A model is an abstract representation of the system, constructed to
understand the system prior to building or modifying it.
Static Model: A static model can be viewed as a snapshot of a Systems parameter at rest
or at a specific point in time. Static models are needed to represent the structural or static
aspect of the system.
Dynamic Model: A dynamic model can be viewed as a collection of procedures or
behaviors that taken together reflect the behavior of the system over time. Dynamic
relationships show how the business objects interact to perform the task.
6.1.1 USE CASE DIAGRAM
Use case diagrams are central to modeling the behavior of a system, a subsystem, or class.
Each one shows a set of use cased and actors and their relationships.Use case diagrams are
important for visualizing, specifying, and documenting the behavior of an element. They
make systems, subsystems, and classes approachable and understandable by presenting on
outside view of how those elements may be used in context. Use case diagrams are also
important for testing executable systems through forward engineering and for
comprehending executable systems through reverse engineering.
14
-
7/29/2019 RED Algorithm Report
15/62
Client P a cke t
Pac ket Transm ission Detai ls
protocol U ti l iz at ionCLP Calculat ion
Identi fy ing pac ket
Server
G UI
winpcap
Use Case diagram of Packet Losses
15
-
7/29/2019 RED Algorithm Report
16/62
6.1.2 CLASS DIAGRAM
A class diagram show a set of classes, interfaces, and collaborations and their
relationships. Class diagrams are used to model the static design view of a system. It
involves modeling the vocabulary of the system, modeling collaborations, or modeling
schemas. Class diagrams are also the foundation for a couple of related diagrams:
component diagrams and deployment diagrams.
Class diagrams are important not only for visualizing, specifying and documenting
structural models, but also for constructing executable systems through forward and
reverse engineering.
16
-
7/29/2019 RED Algorithm Report
17/62
Class diagram of Packet Losses
6.1.3 SEQUENCE DIAGRAM
A sequence diagram is an interaction diagram that emphasizes the time ordering of
messages. A sequence diagram shows a set of objects and the messages sent and received
by those objects. The objects are typically named or anonymous instances of classes, but
may also represent instances of other things, such as collaborations, components and
nodes.
W in P c a pW in P c a p G U IG U I P a c k e t T ra n s m i s s io n
D e t a i l s
P a c k e t T ra n s m i s s io n
D e t a i l s
P r o t o c o l
U t i l i z a t i o n
P r o t o c o l
U t i l i z a t i o n
C L P
C a l c u l a t i o n
C L P
C a l c u l a t i o n
I d e n t i f i c a t i o nI d e n t i f i c a t i o n
1 : S e n t P a c k e t s
2 : S e n t P a c k e t s
3 : S e n t S n i f fe d P a c k e t s
4 : S e n t t o S n i f fe d P r o t o c o l s u s e d
5 : S e n t S n i f fe d P a c k e t s
6 : S e n t P a c k e t s f o r C L P C a l u l a t io n
7 : S e n t P a c k e t S c o r e
8 : Id e n t i fy a s N o r m a l o r A t t a c k
Sequence diagram of Packet Losses
17
-
7/29/2019 RED Algorithm Report
18/62
6.1.4 COLLABORATION DIAGRAM
A collaboration diagram is an interaction diagram that emphasized the structural
organization of the objects that send and receive messages. A collaboration diagram
shows a set of objects, links among those objects, and messages sent and received by those
objects. The objects are typically named or anonymous instances of classes, but may also
represent instances of other things, such as collaborations, components, and nodes.
Collaboration diagrams are used to illustrate the dynamic view of a system.
W in P c a
p
G U I P a c k e t T ra n s m i s s i o n
D e t a i l s
P r o t o c o lU t i l i z a t i o n
C L P
C a l c u l a t i o n
I d e n t i f i c a
t i o n
1 : S e n t P a c k e t s 2 : S e n t P a c k e t s
4 : S e n t t o S n i f fe d P r o t o c o ls u s e d
6 : S e n t P a c k e t s fo r C L P C a l u l a t io n
3 : S e n t S n i f fe d P a c
5 : S e n t S n i f fe d P a c k e t s
7 : S e n t P a c k e t S c o r e
8 : Id e n t i fy a s N o r m a l o r A t t a c k
Collaboration diagram of Packet Losses
18
-
7/29/2019 RED Algorithm Report
19/62
6.2 SYSTEM REQUIREMENTS
HARDWARE REQUIREMENTS
MAIN PROCESSOR : Pentium IV
RAM : 512 MB SD-RAM
MOTHER BOARD : 845GVM Intel Chipset
LAN : On Board 10/100 Mbps SIS LAN
HARD DISK : 40GB HDD
MONITOR : 17 Color Monitor
KEYBOARD : 104 Keyboard
MOUSE : Logitech
SOFTWARE REQUIREMENTS
OPERATING SYSTEM : Windows/Linux
SOFTWARE : JDK1_5_0_5
19
-
7/29/2019 RED Algorithm Report
20/62
Chapter 7
JAVA
As most current Java developers know, the Java Application Programming
Interface consists of pre developed code that you can use in your applications. This pre
developed code is organized into packages filled with useful classes and methods designed
to make it easy to program with Java. The core package for the Java programming
language is called java.lang. Although the java.lang package provides the core
functionality of the Java programming language, it is not the only package included in the
official Java Developer's Kit from JavaSoft. The official developer's kit includes eight
basic packages: java.applet, java.awt, java.awt.image, java.awt.peer, java.io, java.lang,
java.net, and java.util. The JDK also includes an add-on package called sun.tools.debug.
Together the basic and add-on packages provide everything you need to create and debug
advanced Java applications. The API in the developer's kit is only the beginning for Java
APIs. Currently, there are eight other APIs in development by JavaSoft.
The Java Enterprise API provides almost everything you need to create applications that
connect to databases. The Java Commerce API is the key to enabling electronic
commerce. The Java Management API is a comprehensive tool for building applications
that can manage networks. The Java Server API provides almost everything you need to
develop Java-powered servers for the Internet and intranets. The Java Media API is an
advanced toolkit for creating applications that use multi-media.
The Java Beans API helps you create plug-ins and software modules that interact
with existing architectures for object linking and embedding. The Java Embedded API
defines a minimal set of core functionality that can be used in embedded devices. The
great thing about standardized APIs is that all the packages they contain are thoroughly
tested before the API is officially released. What this means is that you have millions of
lines of code at your fingertips. You can use this code to develop Java applications without
having to re-invent the wheel.
The Internet helped catapult Java to the forefront of programming, and Java, in
turn, has had a profound effect on the Internet. The reason for this is quite simple: Java
expands the universe of objects that can move about freely in the cyberspace. In a
network, two very broad categories of objects are transmitted between the server and ourcomputer passive information and dynamic, active programs.
20
-
7/29/2019 RED Algorithm Report
21/62
As desirable as dynamic, networked programs are, they also present serious
problems in the areas of security and portability. Java achieves this security or protection
by confining a Java program to the Java execution environment and not allowing it to
access to other parts of the computer. Many types of the computers and operating systems
are in use throughout the world and many are connected to the Internet. For programs to
be dynamically download to all the various types of platforms connected to the Internet,
some means of generating portable executable code is needed.
Java was designed to be easy for the professional programmers to learn and use
efficiently. The object model of Java is simple and easy to extend, while simple types,
such as integers are kept as high-performance non-objects.
BSNL System is implemented using the Java language so as to make the
programmers and different users at different levels can make use of this system veryaffectively.
The multiplatformed environment of the web places extraordinarily demands on a
program, because the program must execute reliably in a variety of systems. Thus, the
ability to create robust programs was given a high priority in the design of Java. At the
same time, Java frees us from having to worry about many of the most common cause of
programming errors. Because Java is strictly typed language, it checks our code at the
compile time and also at run-time.
Java was designed to meet the real world requirements of creating
interactive,Networked programs. Java supports multithreaded programming, which allows
us to write programs that do many things simultaneously. A central issue for the Java
designers was that of code longevity and portability. Their goal was write once; run
anywhere, any time , forever .
Java enables the creation of the cross-platform programs by compiling into
intermediate representation called Javabytecode. This code can be interpreted on any
system that provides a java virtual machine. Java is designed for the distributed
environment of the Internet, because it handles TCP/IP protocols. In fact, accessing a
resource using a URL is not much different from accessing a file. The original version of
Java (OAK) included features for intra-address-space messaging. Java programs carry
with them substantial amounts of the run-time type information that is used to verify and
resolve accesses to objects at run-time. This makes it possible to dynamically link code in
a safe and expedient manner.
21
-
7/29/2019 RED Algorithm Report
22/62
ABOUT SERVLETS
Servlet is server side applet. It contains several advantages. They are:
Performance is significantly better. Servlets execute within the address space of the
web server. Creating a separate process to handle each client request isnt
necessary.
Servlets are platform-independent, because they are written in Java. Several web
servers, from vendors such as sun, Netscape, and Microsoft, offer the servlet API
Programs developed for this API can be moved to any of these environments
without recompilation.
The java security manager on the server enforces a set of restrictions to protect the
resources on a server machine.
The full functionality of the Java class libraries is available to a servlet. It can
communicate with applets, databases, or other software via the sockets and RMI
mechanisms.
The Lifecycle of a servlet:
Three methods are central to the lifecycle of a servlet: init (), service( ), and
destroy( ). First, assume that a user enters a Uniform Resource Locator (URL) to the
web browser. The web browser then generates an HTTP request for this URL and
sends it to the appropriate server. Second the web server receives this HTTP request.
The server maps this request to particular servlet. The servlet is dynamically retrieved
and loaded into the address space of the server. Third, the server invokes the init( )
method of the servlet. This method is invoked only when the servlet is first loaded into
the memory. Fourth, the server invokes the servlet service( ) method , which is called
to process the HTTP request. The service( ) method is called for each HTTP request.
Two packages are required to build the servlet they are javax.servlet and
javax.srevlet.http. They constitute of servlet API. ServletRequest interface is used to
read the data from a client0request and servletResponse is used to write data to the
client response. The javax.srevlet.http package include interfaces like
HttpServletRequest whish enables servlets to read data from HTTP request and
HttpServletResponse which enables servlets to write data from HTTP response.
CREATION OF JAVA
22
-
7/29/2019 RED Algorithm Report
23/62
Java was conceived by James Gosling, Patrick Naughton, Chris Warth, Ed Frank and
Mike Sheridan at SUN Microsystems Incorporation in the year 1991.It took 18 months to
develop the 1st working version. This language was initially called OAK, but was
renamed JAVA in 1995, many more contributed to the design and evolution of the
language.
JAVA OVERVIEW
Java is a powerful but lean object-oriented programming language. It has generated
a lot of excitement because it makes it possible to program for Internet by creating
Applets. Programs that can be embedded in web page. The context of an applet can be an
animation with sound, an interactive game or a ticker tape. With constantly updated stockprices. Applets can be just little decorations to liven up web page, or they can be serious
applications like Word processor or Spreadsheet.
But Java is more than a programming language for writing Applets. It is being
used more and more for writing standalone applications as well. It is becoming so popular
that many people believe it will become standard language for both general purpose and
Internet programming.
There are many buzzwords associated with Java, but because of its spectacular
growth in popularity, a new buzzword has appeared ubiquitous. Indeed, all indications are
that it will soon be everywhere.
Java builds on the strength of C++. It has taken the best features of C++ and
discarded the more problematic and error prone parts. To this lean core, it has added
garbage collection (automatic memory management), multithreading (the capacity for one
program to do more than one thing at a time), security capabilities. This result is that Java
is simple, elegant, and powerful and easy-to-use.
Java is actually a platform consisting of 3 components:
1. Java Programming Language.
2. Java Library of Classes and Interfaces.
3. Java Virtual Machine
The following sections will say more about these components.
JAVA IS PORTABLE:
23
-
7/29/2019 RED Algorithm Report
24/62
One of the biggest advantages Java offers is that it is portable. An application
written in Java will run on all the major platforms. Any computer with a Java-based
browser can run the applications or Applets written in the Java-Programming-Language. A
programmer no longer has to write one program to run on a Macintosh, another program
to run on a Windows-machine still another to run on a UNIX-machine and so on. In other
words, with Java developers write their programs only once.
The Virtual Machine is what gives Java is cross platform capabilities. Rather being
compiled into machine language, which is different for each OSs and computer
architecture, Java code is compiled into Byte codes.
With other languages, the program code is compiled into a language that the
computer can understand. The problem is that other computers with different machine
instruction set cannot understand that language. Java code on the other hand is compiled
into Byte-Code rather than a machine language. These byte codes go to the JVM, which
executes them directly or translates them into the language that is understood by the
machine running it.
In summary, these means that with the JDBC API extending Java, a programmer
writing Java code can access all the major RDBMS on any platform that supports the
JVM.
JAVA IS OBJECT-ORIENTED
The Java programming language is OBJECT-ORIENTED, which makes program
design focus on what you are dealing with, rather than on how your are going to do
something. This makes it more useful for programming in sophisticated projects, because
one can break the things into understandable components. A big benefit is that these
components can then be reused.
Object-Oriented Languages use the paradigm of classes. In simplest term, a class
includes both the data and the functions to operate on data. You can create an instance of a
class, also called an object, which will have all the data members and functionality of its
class. Because of this, you can think of a class as being like template, with each object
being a specific instance of a particular type of class.
The class paradigm allows one to encapsulate data so that specific data values are
those using the data cannot see the function implementation. Encapsulation makes it
possible to make the changes in code without breaking other programs that use that code.
24
-
7/29/2019 RED Algorithm Report
25/62
If for example, the implementation of a function is changed, the change is invisible
to any programmer who invokes that function, and does not affect his/her program, except
hopefully to improve it.
Java includes inheritance, or the ability to derive new classes from existing classes.
The derived class, is also called as Sub-Class, inherits all the data in the functions of the
existing class.
JAVA DEVELOPMENT EVNIRONMENT
To code, edit, debug and test the java programs, one needs to have a java
development environment. At the minimum this will consists of a java compiler interpreter
and applet viewer where applets can be tested.
Suns java development kit (JDK) latest version is 2.2 can be freely downloaded
from the Internet.
Java compiler is available on DOS, Win95, WINNT, Solaris and MAC etc.
INTRODUCTION TO JDBC
JDBC (Java Database connectivity) is a front-end tool for connecting to a server to
ODBC in that respect, however JDBC can connect only java client and it uses ODBC for
the connectivity. JDBC is essentially a low-level API since any data manipulation, storage
and retrieval has to be done by the program itself. Some tools, which provide a higher-
level abstraction, are expected shortly.
The next question that needs to be answered is why we need JDBC, once we have
ODBC on hand. We can use the same ODBC to connect the entire database and ODBC is
a proven technology.
Problem for doing this is ODBC gives a c language API, which uses pointers
extensively. Since java does not have any pointes and is object-oriented sun
Microsystems, inventor of java developed to suit its needs.
Requirements to use JDBC:
To use JDBC you need a basic knowledge of databases and SQL.A part from this you
need the jdk1.1 (Java Development Kit1.1 available javasofts website) or a version of
Java since jdk1.1 and above come bundled with JDBC software.
After that you need to have a back-end database engine for which a JDBC driver is
available. When JDBC drivers are not available JDBC-ODBC bridge drivers are used to
access the database through ODBC. Back-end is not needed when JDBC driver is capable
25
-
7/29/2019 RED Algorithm Report
26/62
of storing and retrieving the data itself, or if JDBC-ODBC Bridge and the ODBC driver
can be used to store and retrieve the information.
ABOUT JDBC (JAVA DATA BASE CONNECTION)
It is a java data base connectivity having database as a back-end of java as front
end. Database is a collectivity of related data. A data base management system (DBMS)
controls the storage or retrieval of data in the database. The main use of this JDBC is the
database connectivity.
Using drivers we can get connection to the back-end:
1.which drive we are going to connect back-end.
2.create a data source name (dsn).3.create a statement for connection.
The package we use here is import java. Sql. *
Interfaces of jdbc include driver, connection, and statement; prepare statement,
callable statement, Result Set, Result Set Meta data. Classes of JDBC are driver manages,
driver property information, date, time, and timestamp, type. The driver defined by the
classJdbc odbc driver in package sun.jdbc.odbc. Class sun.jdbc.odbc.jdbc odbc driver
represents the jdbc to odbc bridge driver.
JDBC Driver Types:
The JDBC drivers that we are aware of at this time fit into one of four categories:
1. JDBC-ODBC BRIDGE PLUS ODBC DRIVER
The java soft bridge product provides JDBC access via ODBC drivers. Note thatODBC binary code end in many cases database client code must be loaded on each client
machine that uses this driver. As a result, this kind of driver is most appropriate on a
corporate network where client installations are not major problem, or for application
server code written in java in a 3-tier architecture.
2. NATIVE API PARTLY-JAVA DRIVER
This kind of driver converts JDBC calls into calls on the client API for oracle
Sybase, Informix, DB2, or other DBMS. Note that, like the bridge driver, this style of
driver requires that some binary code be loaded on each client machine.
26
-
7/29/2019 RED Algorithm Report
27/62
3. JDBC-NET ALL-JAVA DRIVER
This driver translates JDBC calls into a DBMS independent net protocol, which is then
translated, to a DBMS protocol by a server. This net server middle-ware is able to connect
its all java clients to many different databases. The Specific protocol used depends on the
vendor. In general, this most flexible JDBC alternative. It is likely that all vendors of this
solution will provide products suitable for intranet use. In order for these products to also
support Internet access, they must handle the additional requirements for security, access
through firewalls, etc that the web imposes. Several vendors are adding JDBC drivers to
their existing database middleware products.
4. NATIVE PROTOCOL ALL-JAVA DRIVER
This kind of driver converts JDBC calls into the network protocol used by DBMS
directory. This allows a direct call from the client machine to the DBMS server that is
practical solution for intranet access. Since many of these protocols are proprietary, the
database vendors themselves will be the primary source. Several database vendors have
these in progress. Eventually, we expect that driver categories 3 and 4 will be the preferred
way to access databases from JDBC. Driver categories one and two are interim solutions
where direct all java drivers are not yet available. Category 4 is in some sense the ideal;
however, there are many cases where category 3 may be preferable: eg: -where a thin
DBMS-independent client is desired, or if a DBMS independent protocol is standardized
and implemented directly by many DBMS vendors.
Configuring the Server:
The real beauty of the java server is that it is extensible. But, before you can use a
Servlet to add an extended functionality to the JavaServer.You have to use the Java Server
administration applet to install the Servlet and specify the default parameters and
arguments.
Display the Administration Applet by connecting to:
http://server_Host_Name:9090/index.html
Are secure-even when downloading across the network, the servlets security model and
the Servlet sandbox to protect your system from unfriendly behavior.
The advantage of the Servlet API
27
-
7/29/2019 RED Algorithm Report
28/62
One of the great advantages of the Servlet API is protocol independence. It assumes
nothing about:
The protocol being used to transmit on the net.
How it is loaded.
The server environment it will be running in.
These qualities are important, because it allows the Servlet API to be embedded in many
different kinds of Servers. There are other advantages to the servlet API as well.
Servlet Features
The Java Server provides several important Servlet features. These include:
Loading & Invoking Servlets.Servlets can be loaded both locally and remotely.
Filters and Servlets change.
The Java Server uses MIME types to call Servlets sequentially.
Server size includes:
Servlets can be invoked from dynamic HTML documents using Server side include tags.
Replacing the CGI Scripts.
NETWORKING IN JAVA
The Java Networking API (java.net) provides the interfaces/classes for the
functions like Addressing, Making TCP connections, Sending/Receiving Datagram
Packets via UDP, Locating/Identifying Network Resources, Security, Authentication and
Permissions.
In TCP environment, for simple connections between a client and a server,
ServerSocket and Socket are all that you will probably need. ServerSocket represents the
socket on a server that waits and listens for requests for service from a client. Socket
represents the endpoints for communication between a server and a client. When a server
gets a request for service, it creates a Socket for communication with the client and
continues to listen for other requests on the ServerSocket. The client also creates a Socket
for communication with the server. Once the connection is established, getInputStream()
and getOutputSteam() may be used in communication between the sockets.
In UDP environment DatagramPacket represents a datagram packet. Datagram
packets are used for connectionless delivery and normally include destination address and
28
-
7/29/2019 RED Algorithm Report
29/62
port information. DatagramSocket is a socket used for sending and receiving datagram
packets over a network via UDP. A DatagramPacket is sent from a DatagramSocket by
calling the send (...) method of DatagramSocket with DatagramPacket as the argument:
send(DatagramPacket dp). Receive (DatagramPacket dp) is use for receiving a
DatagramPacket. (The MulticastSocket class may be used for sending/receiving a
DatagramPacket to a multicast group. It is a subclass of DatagramSocket that adds
functionality for multicasting.)
29
-
7/29/2019 RED Algorithm Report
30/62
Code:
import java.awt.*;
import javax.swing.*;
import javax.swing.table.*;
import javax.swing.border.*;
import java.util.Vector;
public class DestinationRouterUI extends JFrame
{
private JTable table = null;
private RouterTableModel tableModel = null;private JTable statTable = null;
private StatTableModel statTableModel = null;
private JTabbedPane tab = null;
private JList list = null;
private RouterListModel listModel = null;
private Object colHeader[] =
{
"SourceIP",
"TTL",
"Packet Data",
"Protocol Type",
"Packet Size"
};
private Object statHeader[] =
{
"PacketScore",
"ProtocolScore",
"Score",
"Thresold"
};
30
-
7/29/2019 RED Algorithm Report
31/62
public DestinationRouterUI(String title) throws Exception
{
//container to add the components
Container con = getContentPane();
con.setLayout(new BorderLayout());
//instantiating the tabbed pane
tab = new JTabbedPane();
tab.addTab("Packet Staus",getTablePanel());
tab.addTab("Packet Log",getLogPanel());
// tab.addTab("Packet Statistics",getStatTablePanel());
//add components in the container
con.add("North",getLabelPanel());
con.add("Center",tab);
//set the parameters required for frame
setTitle(title);
setSize(800,400);
setLocation(100,100);
setVisible(true);
}
/*
This method is used to return the
Label to the frame
*/
public JPanel getLabelPanel() throws Exception
{
JPanel panel = new JPanel();
panel.setLayout(new GridLayout(1,1));
31
-
7/29/2019 RED Algorithm Report
32/62
Font font = new Font("TimesRoman",Font.PLAIN,25);
JLabel label = new JLabel("Destination Router",
JLabel.CENTER);
Label.setForeground(Color.blue);
panel.add(label);
font = new Font("TimesRoman",Font.PLAIN,13);
Border etched = BorderFactory.createEtchedBorder();
Border border = BorderFactory.createTitledBorder(etched,"Title",
TitledBorder.LEFT,TitledBorder.DEFAULT_JUSTIFICATION,font,Color.red);
panel.setBorder(border);
return panel;
}
/*
This method is used to return the table
to the frame
*/
public JPanel getTablePanel() throws Exception
{
JPanel panel = new JPanel();
panel.setLayout(new GridLayout(1,1));
table = new JTable();
tableModel = new RouterTableModel();
tableModel.setColumnIdentifiers(colHeader);
table.setModel(tableModel);
JScrollPane scrollPane = new JScrollPane(table);
panel.add(scrollPane);
32
-
7/29/2019 RED Algorithm Report
33/62
-
7/29/2019 RED Algorithm Report
34/62
/*
This method is used to return the
log panel to the frame
*/
public JPanel getLogPanel()
{
JPanel panel = new JPanel();
panel.setLayout(new GridLayout(1,1));
list = new JList();
listModel = new RouterListModel();
list.setModel(listModel);
Font font = new Font("TimesRoman",Font.PLAIN,13);
Border etched = BorderFactory.createEtchedBorder();
Border border = BorderFactory.createTitledBorder(etched,"Packet Log",
TitledBorder.LEFT,TitledBorder.DEFAULT_JUSTIFICATION,font,Color.red);
JScrollPane scrollPane = new JScrollPane(list);
panel.add(scrollPane);
panel.setBorder(border);
return panel;
}
/*
This method is used to add data
to the table
*/
34
-
7/29/2019 RED Algorithm Report
35/62
public void addData(Vector data)
{
// System.out.println("Arrived data:"+data.toString());
tableModel.addRow(data);
for(int i = 0; i < data.size(); i++){
listModel.addElement(data.elementAt(i));
}
}
public void addToLog(String data)
{listModel.addElement(data);
}
public void addStatData(Vector data)
{
statTableModel.addRow(data);
}
/*
Inner and overriden class for table model
*/
class RouterTableModel extends DefaultTableModel
{
RouterTableModel()
{
}
}
class StatTableModel extends DefaultTableModel
{
StatTableModel()
35
-
7/29/2019 RED Algorithm Report
36/62
{
}
}
/*
Inner and overriden class for list model
*/
class RouterListModel extends DefaultListModel
{
RouterListModel()
{
}
}
}
36
-
7/29/2019 RED Algorithm Report
37/62
public class PacketForwarder implements ReceiverConfigIF
{
private Socket socket = null;
private OutputStream outputStream = null;
private PrintStream printStream = null;
private String packet = null;
/*
Constructor
*/
public PacketForwarder(String packet) throws Exception
{
this.packet = packet;
//api call for connecting
connectToReceiver();
// api call to forward the packet
sendPacket(packet);
//api call to close the connection
closeConnection();
}
/*
This method is used to connect the Router
to the receiver
*/
public void connectToReceiver() throws Exception
{
37
-
7/29/2019 RED Algorithm Report
38/62
//connecting the socket to the Receiver
socket = new Socket(RECEIVER_IP,RECEIVER_PORT);
//Initialize streams required for data transfer
outputStream = socket.getOutputStream();
printStream = new PrintStream(outputStream);
}
/*
This method is used to forward the packets
to the Recevier
*/
public void sendPacket(String packet) throws Exception
{
if ( packet != null)
{
printStream.println(packet.trim());
printStream.flush();
}
}
/*
This method is used to close the connection
with the Receiver
*/
public void closeConnection() throws Exception
{
printStream.close();
outputStream.close();
socket.close();
38
-
7/29/2019 RED Algorithm Report
39/62
}
public class Sender implements ConfigIF, SourceConfigIF
{
// socket reference
Socket socket = null;
//OutputStream Reference
OutputStream os = null;
PrintStream ps = null;Vector packets = null;
/*
Constuctor for intialization
*/
public Sender() throws Exception
{
intializeSetup();
intializeStream();
/*
packets = getInput();
sendPackets(packets);
closeConnection();
*/
}
/*
This method is used to connect to server
and setup the client
*/
39
-
7/29/2019 RED Algorithm Report
40/62
public void intializeSetup()throws Exception
{
//connects to server by providing
// ip address and port number
socket = new Socket(routerIP,routerPort);
}
/*
This method is used to obtain the
stream required for packets transfer
*/
public void intializeStream() throws Exception
{
//Obtain the output stream from the
//socket created
os = socket.getOutputStream();
//Wrap the output stream to the print stream
ps = new PrintStream(os);
}
/*
This Method is used to obtain the packets from
user
*/
public Vector getInput() throws Exception
{
//Obtain the input from the user
DataInputStream dis = new DataInputStream(System.in);
System.out.println("Enter No Of Packets:");
//read the input
String str = dis.readLine();
40
-
7/29/2019 RED Algorithm Report
41/62
//Calculate the total number of packets to be sent
int packetCount = Integer.parseInt(str);
System.out.println("Enter the Packets");
//Intialize the vector to hold packets
packets = new Vector();
//Read the packets from the user
for(int i = 0; i < packetCount; i++)
{str = dis.readLine();
packets.addElement(str);
}
return packets;
}
/*
This method is used to send packets to the server
*/
public void sendPackets(Vector packets) throws Exception
{
//calculate the start time of transfer
long startTime = System.currentTimeMillis();
ps.println("START");
//send all packets to server
for(int i = 0; i < packets.size(); i++)
{
StringBuffer buffer = new StringBuffer();
String str = (String) packets.elementAt(i);
41
-
7/29/2019 RED Algorithm Report
42/62
buffer.append(sourceIP);
buffer.append("&");
/*
buffer.append(destIP);
buffer.append("&");
*/
buffer.append(String.valueOf(2));
buffer.append("&");
buffer.append(str);
buffer.append("&");
buffer.append("TCP");
buffer.append("&");
buffer.append(buffer.length());
ps.println(buffer.toString());
// ps.println("END");
}
ps.println("END");
//calculate the end time
long endTime = System.currentTimeMillis();
//calculate the total time
long totalTime = endTime - startTime;
System.out.println("Start Time :"+ startTime);
System.out.println("End Time :"+ endTime);
System.out.println("Total Time :"+ totalTime);
}
/*
This method is used to close the connection
42
-
7/29/2019 RED Algorithm Report
43/62
with the server
*/
public void closeConnection() throws Exception
{
ps.close();
socket.close();
System.out.println("Client Connection Closed");
}
public static void main(String[] args) throws Exception
{
Sender sender = new Sender();
}
}
43
-
7/29/2019 RED Algorithm Report
44/62
import java.io.*;
import java.util.StringTokenizer;
public class PasswordValidator
{
private File file = null;
private FileInputStream fis = null;
private DataInputStream dis = null;
private boolean flag = false;
private final static String FILE_NAME = "pass.db";
public PasswordValidator(String uname,String passwd) throws Exception
{
initialize();
validate(uname,passwd);
closeFile();
}
public void initialize() throws Exception
{
file = new File(FILE_NAME);
fis = new FileInputStream(file);
dis = new DataInputStream(fis);
}
public void validate(String uname,String passwd) throws Exception
{
String str = dis.readLine();
44
-
7/29/2019 RED Algorithm Report
45/62
while( str != null )
{
StringTokenizer st = new StringTokenizer(str,"/");
String userName = st.nextToken().trim();
String password = st.nextToken().trim();
if ( userName.equals(uname.trim()))
{
if ( password.equals(passwd.trim()))
{
flag = true;
}
}
if ( flag )
{
break;
}
}
}
public boolean isValid() throws Exception
{
if ( flag )
{
return true;
}
else {
return false;
}
}
45
-
7/29/2019 RED Algorithm Report
46/62
public void closeFile() throws Exception
{
dis.close();
fis.close();
}
import java.awt.*;
import java.awt.event.*;
import javax.swing.*;import javax.swing.border.*;
import java.util.Vector;
public class SenderUI extends JFrame implements ActionListener,ConfigIF
{
private Container container = null;
private JButton closeButton = null;
private JButton sendButton = null;
private JList packetsList = null;
private Vector packetVector = null;
private Sender sender = null;
private JLabel routerIPLabel = null;
public SenderUI() throws Exception
{
container = getContentPane();
//setLayout to the containet
container.setLayout(new BorderLayout());
46
-
7/29/2019 RED Algorithm Report
47/62
sender = new Sender();
Vector vector = getInput();
container.add("North",getLabelPanel());
container.add("Center",getListPanel(vector));
container.add("South",getButtonPanel());
setSize(350,400);
setLocation(150,150);
setVisible(true);
}
public Vector getInput() throws Exception
{
//Get the no of packets from the user
String input = JOptionPane.showInputDialog(
"Enter the Number Of Packets");
int totalPackets = Integer.parseInt(input);
packetVector = new Vector();
for(int i = 0; i < totalPackets; i++)
{
String packet = JOptionPane.showInputDialog(
"Enter the Packet-"+(i+1));
packetVector.addElement(packet.trim());
}
return packetVector;
}
public JPanel getLabelPanel() throws Exception
{
47
-
7/29/2019 RED Algorithm Report
48/62
JPanel panel = new JPanel();
panel.setLayout(new GridLayout(2,1));
Font font = new Font("TimesRoman",Font.PLAIN,20);
JLabel label = new JLabel(" SENDER");
label.setFont(font);
label.setForeground(Color.blue);
routerIPLabel = new JLabel(" Source Router IP :"+routerIP);
routerIPLabel.setForeground(Color.red);
Border etched = BorderFactory.createEtchedBorder();
font = new Font("TimesRoman",Font.PLAIN,13);
Border border = BorderFactory.createTitledBorder(etched,
"RSVP Sender",TitledBorder.LEFT,
TitledBorder.DEFAULT_JUSTIFICATION,font,Color.gray);
panel.setBorder(border);
panel.add(label);
panel.add(routerIPLabel);
return panel;
}
public JPanel getListPanel(Vector vector) throws Exception
{
JPanel panel = new JPanel();panel.setLayout(new GridLayout(1,1));
packetsList = new JList(vector);
JScrollPane scrollPane = new JScrollPane(packetsList);
Border etched = BorderFactory.createEtchedBorder();
Font font = new Font("TimesRoman",Font.PLAIN,13);
Border border = BorderFactory.createTitledBorder(etched,
"Generated Packets",TitledBorder.CENTER,
48
-
7/29/2019 RED Algorithm Report
49/62
TitledBorder.DEFAULT_JUSTIFICATION,font,Color.red);
panel.setBorder(border);
panel.add(scrollPane);
return panel;
}
public JPanel getButtonPanel() throws Exception
{
JPanel panel = new JPanel();panel.setLayout(new FlowLayout(FlowLayout.CENTER));
sendButton = new JButton("Send");
closeButton = new JButton("Exit");
Border etched = BorderFactory.createEtchedBorder();
Font font = new Font("TimesRoman",Font.PLAIN,13);
Border border = BorderFactory.createTitledBorder(etched,
"",TitledBorder.LEFT,
TitledBorder.DEFAULT_JUSTIFICATION,font,Color.red);
panel.setBorder(border);
panel.add(sendButton);
panel.add(closeButton);
sendButton.addActionListener(this);
closeButton.addActionListener(this);
return panel;
}
public void actionPerformed(ActionEvent event)
{
49
-
7/29/2019 RED Algorithm Report
50/62
try
{
if(event.getSource() == sendButton)
{
routerIPLabel.setForeground(Color.green);
sender.sendPackets(packetVector);
sender.closeConnection();
}
else if(event.getSource() == closeButton)
{
System.exit(0);}
}catch(Exception exception) { exception.printStackTrace();}
}
public static void main(String[] args) throws Exception
{
SenderUI senderUI = new SenderUI();
senderUI.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
}
}
50
-
7/29/2019 RED Algorithm Report
51/62
Chapter 8
OUTPU
T SCREENS
51
-
7/29/2019 RED Algorithm Report
52/62
52
-
7/29/2019 RED Algorithm Report
53/62
53
-
7/29/2019 RED Algorithm Report
54/62
54
-
7/29/2019 RED Algorithm Report
55/62
55
-
7/29/2019 RED Algorithm Report
56/62
56
-
7/29/2019 RED Algorithm Report
57/62
Chapter 9
TESTING AND IMPLEMENTATION
TESTING:
Testing is a process of executing a program with a intent of finding an error.
Testing presents an interesting anomaly for the software engineering.
The goal of the software testing is to convince system developer and customers
that the software is good enough for operational use. Testing is a process intended to build
confidence in the software.
Testing is a set of activities that can be planned in advance and conducted
systematically. Testing is a set of activities that can be planned in advance and conducted
systematically.
Software testing is often referred to as verification & validation.
TYPES OF TESTING:
The various types of testing are
1)White Box Testing2)Black Box Testing
3)Alpha Testing
4)Beta Testing
5)Win Runner And Load Runner
6)Load Runner
7)System Testing
8)Unit Testing
9.1 WHITE BOX TESTING
It is also called as glass-box testing. It is a test case design method that uses the
control structure of the procedural design to derive test cases.Using white box
testing methods, the software engineer can derive test cases that Guarantees that
all independent parts within a module have been exercised at least once
andExercise all logical decisions on their true and false sides.
57
-
7/29/2019 RED Algorithm Report
58/62
9.2 BLACK BOX TESTING
Its also called as behavioral testing . It focuses on the
functional requirements of the software.
It is complementary approach that is likely to uncover a .
different class of errors than white box errors.
A black box testing enables a software engineering to derive a
sets of input conditions that will fully exercise all functional
requirements for a program.
9.3 ALPHA TESTING
Alpha testing is the software prototype stage when the software is first able to run.
It will not have all the intended functionality, but it will have core functions and
will be able to accept inputs and generate outputs. An alpha test usually takes
place in the developer's offices on a separate system.
9.4 BETA TESTING
The beta test is a live application of the software in an environment that cannot
be controlled by the developer. The beta test is conducted at one or more customer sites
by the end user of the software.
9.5 WIN RUNNER & LOAD RUNNER
We use Win Runner as a load testing tool operating at the GUI layer as it allows us to
record and playback user actions from a vast variety of user applications as if a real
user had manually executed those actions.
9.6 LOAD RUNNER TESTING
With Load Runner , you can Obtain an accurate picture of end-to-end system
performance. Verify that new or upgraded applications meet specified performance
requirements.
9.7 SYSTEM TESTING
58
-
7/29/2019 RED Algorithm Report
59/62
Testing of the debugging programs is one of the most critical aspects of the computer
programming triggers, without programs that works, the system would never produce the
output for which it was designed. Testing is best performed when user development are
asked to assist in identifying all errors and bugs. The sample data are used for testing . It is
not quantity but quality of the data used the matters of testing. Testing is aimed at
ensuring that the system was accurately an efficiently before live operation commands.
9.8 UNIT TESTING
In this testing we test each module individually and integrate with the
overall system. Unit testing focuses verification efforts on the smallest unit of software
design in the module. This is also known as module testing. The module of the system is
tested separately . This testing is carried out during programming stage itself . In this
testing step each module is found to working satisfactorily as regard to the expected output
from the module. There are some validation checks for fields also. It is very easy to find
error debut in the system.
59
-
7/29/2019 RED Algorithm Report
60/62
Chapter 10
CONCLUSION & FUTURE SCOPE
To the best of our knowledge, this paper is the first serious attempt to distinguish between
a router dropping packets maliciously and a router dropping packets due to congestion.
Previous work has approached this issue using a static user-defined threshold, which is
fundamentally limiting. Using the same framework as our earlier work (which is based on
a static user-defined threshold) we developed a compromised router detection protocol _
that dynamically infers, based on measured traffic rates and buffer sizes, the number of
congestive packet losses that will occur.
Subsequent packet losses can be attributed to malicious actions. Because of non
determinism introduced by imperfectly synchronized clocks and scheduling delays,
protocol _ uses user-defined significance levels, but these levels are independent of the
properties of the traffic. Hence, protocol _ does not suffer from the limitations of static
thresholds. We evaluated the effectiveness of protocol _ through an implementation and
deployment in a small network. We show that even fine-grained attacks, such as stopping
a host from opening a connection by discarding the SYN packet, can be detected.
60
-
7/29/2019 RED Algorithm Report
61/62
Chapter 11
BIBLIOGRAPHY
[1] X. Ao, Report on DIMACS Workshop on Large-Scale Internet Attacks,
http://dimacs.rutgers.edu/Workshops/Attacks/internet-attack-
9-03.pdf, Sept. 2003.
[2] R. Thomas, ISP Security BOF, NANOG 28, http://www.nanog.org/mtg-0306/pdf/thomas.pdf, June 2003.
[3] K.A. Bradley, S. Cheung, N. Puketza, B. Mukherjee, and
R.A. Olsson, Detecting Disruptive Routers: A Distributed
Network Monitoring Approach, Proc. IEEE Symp. Security
and Privacy (S&P 98), pp. 115-124, May 1998.
[4] A.T. Mizrak, Y.-C. Cheng, K. Marzullo, and S. Savage, Detecting
and Isolating Malicious Routers, IEEE Trans. Dependable and
Secure Computing, vol. 3, no. 3, pp. 230-244, July-Sept. 2006.
[5] L. Subramanian, V. Roth, I. Stoica, S. Shenker, and R. Katz, Listen
and Whisper: Security Mechanisms for BGP, Proc. First Symp.
Networked Systems Design and Implementation (NSDI 04), Mar. 2004.
[6] S. Kent, C. Lynn, J. Mikkelson, and K. Seo, Secure Border
Gateway Protocol (Secure-BGP), IEEE J. Selected Areas in Comm.,
vol. 18, no. 4, pp. 582-592, Apr. 2000.
[7] Y.-C. Hu, A. Perrig, and D.B. Johnson, Ariadne: A Secure On-
Demand Routing Protocol for Ad Hoc Networks, Proc. ACM
MobiCom 02, Sept. 2002.
[8] B.R. Smith and J. Garcia-Luna-Aceves, Securing the Border
Gateway Routing Protocol, Proc. IEEE Global Internet, Nov. 1996.
[9] S. Cheung, An Efficient Message Authentication Scheme for Link
State Routing, Proc. 13th Ann. Computer Security Applications Conf.
(ACSAC 97), pp. 90-98, 1997.
[10] M.T. Goodrich, Efficient and Secure Network Routing Algorithms,
provisional patent filing, Jan. 2001.
[11] R. Perlman, Network Layer Protocols with Byzantine Robustness,
PhD dissertation, MIT LCS TR-429, Oct. 1988.
61
-
7/29/2019 RED Algorithm Report
62/62
[12] V.N. Padmanabhan and D. Simon, Secure Traceroute to Detect
Faulty or Malicious Routing, SIGCOMM Computer Comm. Rev.,
vol. 33, no. 1, pp. 77-82, 2003.