Securing Socials Networks by preventing unauthorized access

8/17/2019 Securing Socials Networks by preventing unauthorized access

1/56

Prevention of unauthorized access of social accounts through web and mobile devices

CHAPTER 1

INTRODUCTION

1.1 Introduction to the technology:The technology basically extracts the IP address of the machine from which a

breach is being made into a user’s social account and sends the IP address as a text

message to the user. It also refines internet searches by making alias identification

possible.

1.2 Stte!ent o" #ro$le!:Prevention of unauthorized access of social accounts through web and mobile

devices and enabling the authorized users to find their friends by even giving the

alias/nick names in the uery.

1.% O$&ecti'e o" the #ro&ect:Preventing cyber crimes and theft! making social accounts safe and alias

identification.

1.( )ethodology:

"e make prevention of unauthorized access possible by extracting the IP

address of the machine from which the breach is being made and then delivering this

IP address along with a warning message to the user.

1.* +i!ittion, o" the #ro&ect:

• If the user himself enters a wrong password multiple number of times he/she

would get a warning message.

• #ocation of the machine from which the breach is being made is hard to

extract only its IP address can be obtained.

CHAPTER 2

ISE DEPT, SDMCET, DHARWAD Page 1


2/56


+ITERATURE SUR-E

2.1 )ethod, nd Theorie,:

In our application the user is supposed to register and then he/she can login by

giving the appropriate username and password. $fter this the user can edit his friend

list and other profile information. $t the time of incorrect login the user will get a

message intimating about the suspicious activity going on in his account. %ser can

search his friends by giving their possible known popular nick names by which search

results are minimized and exact results are obtained.

2.2 E/i,ting nd Pro#o,ed Technology:

2.2.1 E/i,ting Sy,te!:

In the existing system of tracking the suspicious activity if intruder knows the

username and he/she starts guessing the password and these activities will not be

known by the legal user.

In the social networking sites if a person is searching a friend with a particular

known name and if that user is registered by some other say alias name then he/she

won’t be traceable.

These are the some of the problems that are faced in present existing system.

2.2.2 Pro#o,ed Sy,te!:

In our problem statement we are trying to solve the said above problem. $t

first about the suspect tracking! we will be sending a text message to the authenticated

users mobile about the suspicious activity. %pon which he/she can take the protective

measures.

In the second problem said above! as the user will be registering to our social

networking site he/she must provide there’s popular nick/alias names so that they can

be even found when searched by their nick names.

2.% Ide, o" De,ign nd I!#le!enttion:



3/56


&ecause of freuent reports of account breaches being made in social

networking accounts we came up with this idea to eradicate this problem to the

maximum extent possible. 'ur exhaustive work on this concept will surely help in

reducing the number of such security breaches.

(ue to the suspicious activity and threats spread over """ the continues

call for prevention of the security breaches. )ere we have referred from many

previous inventions that have been done in order to prevent this insecurity.

CHAPTER %



4/56


TECHNO+O0 USED

%.2.1 Ph#:

• P)P is a scripting language originally designed for producing dynamic web

pages. It has evolved to include a command line interface capability and can

be used in standalone graphical applications.

• It is a widely*used general*purpose scripting language that is especially suited

for web development and can be embedded into )T+#.

• P)P generally runs on a web server! taking P)P code as its input and creating

web pages as output. It can also be used for command*line scripting and

client*side ,%I applications.

• -rom P)P ! the P)P parser compiles input to produce byte code for

processing by the end 0ngine! giving improved performance over its

interpreter predecessor.

%.2.2 )y Sl:

• +y1l is a multithreaded!multi*user 12# database management system

3(&+14. The basic program runs as a server providing multi*user access to a

number of databases.• The data in +y1l is stored in database ob5ects called tables. $ table is a

collection of related data entries and it consists of columns and rows.

(atabases are useful when storing information categorically.

• "ith +y1l! we can uery a database for specific information and have a

record set returned.

• &efore you can access data in a database! you must create a connection to the

database. In P)P! this is done with the mysl6connect34 function.

CHAPTER (



5/56


SOT3ARE RE4UIRE)ENT

SPECIICATION

(.1 Introduction:

The purpose of this document is to present detailed description of the pro5ect

titled preventing unauthorized access of social accounts through mobile devices. The

intended users can get the messages if any unauthorized access is made to their mail

or social accounts. 171 is intended for the users! developers and Pro5ect review

committee. This application is known as preventing unauthorized access for social

accounts or mail accounts. It is a web based application.

This application provides users to create account and if any suspicious

activities in their account will be intimated to them by a message using their mobile

numbers. The main point of the pro5ect is to search their friends with any nick name

known and still the user will be able to get the intended search.

(.2 The O'erll De,cri#tion:

(.2.1 Product #er,#ecti'e:

ig %.1 Product Per,#ecti'e

'ur product makes uses of normal mining and database concepts in order to

maintain the data. It makes use of pattern searching technology to give the intended



6/56


result even when the nick names are given for searching. There are no such products

available that provides proper result even on giving nick names. If unauthorized

access is done to any other users account message are sent to the legal user. )ere it

makes use of networking protocol in order to send the messages.

(.2.2 Sy,te! Inter"ce:

The application is going to be developed using wamp server and its packages.

The application will be developed in php language by making use of different

packages.

(.2.% Inter"ce,:

There is a ,%I and no command line interface. The ,%I is reuired for accepting the user’s username and password. "hen there are some exceptions raising

error like entering invalid username and password! then error messages will be

displayed prompting the users to re*enter the details.

(.2.( Hrd5re Inter"ce,:

The application can be built on any machine which supports 89 bit or : bit

operating system. $s the suspect user’s details are sent as messages! it can work on

any cell phones even on a recent technology android but we are not implementing on

android phones.

(.2.* So"t5re Inter"ce,:

The application makes use of wamp server ;.9. It is going to be built on

php3hypertext pre processor4. In order to store the data! the application uses +y12#

mb of memory can be used to run the application. The mobiles having any operating

systems with minimum memory is sufficient to deploy the services.

(.2.7 O#ertion,:

U,er? )e/1he is responsible for logging in.



7/56


Ad!ini,trtor? )e will be responsible for authentication of user. $lso responsible for

extracting the proper intended search result given the uery using nick names. $lso

responsible for sending messages to the authorized user if any suspicious activities are

done in their account.

(.2.8 Site Ad#ttion Reuire!ent,:

The user must have social site account. "e are not modifying any details of

the user in his account! but only extracting the reuired details from it.

(.2.9 Product unction,:

• 7egister to the site.

• @alidate the user through his username and password.

• Issue a uery with known possible nick names.

• The interface will interact with database and provide the appropriate result.

• 1end the result back to the user.

• If unauthorized access made to any of the user’s account! detect the particular

system.

• 1end the message to the authorized user about the suspicious activity.

(.2.1 U,er Chrcteri,tic,:

Intended users must have basic knowledge of getting registered to the

networking site. The user must have his account in the social site created.

(.2.11 Con,trint:

• %ser must have an account in the social networking site created.

• In order to get the information of hacking his account! user must possess a

mobile device.

• The user must provide his nick name during registration! so that given uery

for searching a friend with nick name will be easy.• In case of unauthorized access! it is not possible to detect the person who is

doing such activity.

•

(.2.12 A,,u!#tion, nd De#endencie,:

In this application! it is assumed that a person in the social networking site

keeps his details updated such as his name and location etc.

(.2.1% A##ortioning o" Reuire!ent,:



8/56


4ulity Reuire!ent,:

Correctne,,? The system should work correctly until the intended results are

obtained. -or example until the user gets the specified person it must work correctly.

Reli$ility? The database must be updated and must work all the time unless in case

of extreme circumstances.

E""iciency? This depends on internet speed. The higher the speed better is the

efficiency.

Integrity? The application uses the user’s username and password hence they need to

be secured.

U,$ility? The application must be usable by most of the users who are familiar with

social sites.

le/i$ility? It is most important as the application must run on any browser provided.

The application has admin supervision and also user’s activities that can run on any

platform.

Port$ility? since the suspicious activities are informed through message on cell

phone! it will support any cell phones and the social networking site is also capable of

working in any platform.

Reu,$ility? The system source code can be extended to provide many more features

that are specific to a particular situation.

S"ety Reuire!ent,: 1ince the users getting registered to the social networking site

their username and passwords are stored with high security measures.

Reli$ility Reuire!ent,: 7eliability is the ability of the system to deliver services

as specified. The application is >A reliable if the user’s friends maintain updated

profiles.

)intin$ility Reuire!ent,: The system source code should be updated as and

when there are changes made in the technology used.

(.% S#eci"ic Reuire!ent,:

(.%.1 E/ternl Inter"ce,:



9/56


The system will display login page. 0nd user provides login name and

password to the system. Take the login details from the user to authenticate

the user

-or invalid username and password appropriate error message will bedisplayed.

The output of the system will be the friends list to the end user.

(.%.2 unction,:

ig %.2 U,e C,e digr! "or u,er getting regi,tered

The user has to get registered for our application.

=ame of the use case* 7egister.

(escription* %ser gets registered.

=ormal -low of 0vents?

• 1ign up for the site.

• #ogin using username and password

$lternate -low of 0vents? If user enters wrong user name or password! error

messages are displayed



10/56


ig %.% lo5 Chrt "or login #roce,,



11/56


Ad!ini,trtor:

ig %.( U,e C,e digr! "or d!ini,trtor

N!e o" u,e c,e: $dministrator

De,cri#tion: It works in five stages.

Authentiction: The user is authenticated.

4uery 5ith nic; n!e,: The user issues uery to admin giving nick name.

Serch #o,,i$le detil,: The admin will analyze the data and search for possible appropriate outcomes.

Send the "inl li,t: The final lists of suggested friend are sent to the user.

Unuthori


12/56


(.%.% Per"or!nce Reuire!ent,:

)ave hours of operation that are 9 x B C this is a web based application. The

system will work as long as the installed server is up. 1o the availability is 9 D B.

The application must provide the list of friends if they have same nick namesthen all possible answers must be given. If unauthorized access is detected from two

or more places then all those must be detected. If same suspected intruder is

performing two suspicious things then even that are must be detected.

(.%.( +ogicl Dt$,e reuire!ent, :

The login details and all the nick names are held in the database during the

time of registration by the user to the social networking site.

ig %.* +ogicl dt$,e digr!

(.%.* De,ign Con,trint,:

(.%.*.1 Stndrd, Co!#lince:

=ot applicable. There are no such constraints imposed by regulating bodies

that will develop constraints for our application.

(.%.6 So"t5re Sy,te! Attri$ute,:

These are non*functional reuirements that the system must have. These are

not directly concerned with the specific functions delivered by the system. These

relate to the emergent system properties. If the system fails to meet the non*functional

reuirements then it’s the failure of the whole system. These can relate to three things



13/56


C Product reuirements! 'rganizational reuirements and 0xternal reuirements.

1ome of these related to our pro5ect are mentioned below*

(.%.6.1 Reli$ility:

7eliability is the ability of the system to deliver services as specified. The

application is >A reliable if the user’s friends maintain updated profiles.

(.%.6.2 A'il$ility:

$vailability is the ability of the system to deliver services when reuested.

1ince the messages are sent to the cell phones about unauthorized access it must work

any time to the user.

(.%.6.% Security:

1ecurity is the ability of the system to protect itself against accidental or

deliberate intrusion. 1ince we are maintaining login details the information are kept

secured.

(.%.6.( )intin$ility:

+aintainability deals with the ability of the system which allows changes in

the system without affecting the existing components. "orld today has become

competitive in everything. $s new reuirements arrive from customer! we need to

make changes in the system and add functionalities. 1ince our system is built on

ob5ect*oriented technology it supports the maintainability to the great extent.

(.%.6.* Port$ility:

Portability deals with the ability of the system being machine independent.

The application works on any computer that supports the installed servers. )ence it is

portable application.



14/56


Table no? .< 7ating of software system attributes

ID Chrcteri,tic H=)=+ 1 2 % ( * 6 7 8 9 1 11 12

< Eorrectness )

9 0fficiency )

8 -lexibility #

Integrity/1ecurity +

; Interoperability #

: +aintainability +

B Portability +

F 7eliability )

G 7eusability +

Testability #


15/56


There is only one mode of operation. The user needs to get registered to our

social site.

(.%.7.2 U,er Cl,,:

"e have only one class. The user uses the application to fetch the friend’s list.

(.%.7.% O$&ect,:

The classes of ob5ects in our system are %ser! $dministrator! $pplication! our

social "ebsite! (atabase! and 1erver. These Elasses each have a single ob5ect and will

be represented along with their attributes and functions in a %+# diagram in the

design document.

(.%.7.( eture,:

In order to obtain friend’s list the user need to input his username and

password that he has provided at the time of registration.

(.%.7.* Sti!ulu,:

If a user inputs proper username and password of his account his friend’s list

will be displayed else a proper error message will be displayed.

(.( Chnge )nge!ent Proce,,:

The change management process is as follows?

• Eustomer forwards us a formal email specifying the change in the

reuirement needed.

• The email is received by the customer support cell and a developer

meeting is held.

• The feasibility! financial effects! change in pro5ect schedule etc is taken

into account and a poll is taken by the developer team to decide

whether to make the change or not.

• (epending on the decision taken by the poll! the schedule is re*

organized or work is continued as per normal schedule.

CHAPTER *



16/56


DESI0N PHASE

*.1 Architecturl De,ign:

*.1.1 E.R Digr!:

In software engineering! an entity*relationship model 307 model for short4 is

an abstract and conceptual representation of data. 0ntity*relationship modeling is

a database modeling method! used to produce a type of conceptual

schema or semantic data model of a system! often a relational database! and its

reuirements in a top*down fashion. (iagrams created by this process are

called entity*relationship diagram.

ig *.1 E>R Digr!

*.2 Sy,te! De,ign:



17/56

Internet

Databae

M!"#

A$%&n 'r (er Web )r'*er+

Wa% Ser-er


+ost components described in the System design section will reuire a more

detailed discussion. 'ther lower*level components and subcomponents may need to

be described as well. 0ach subsection of this section will refer to or contain a detailed

description of a system software component. The design process for identifying the

subsystems making up a system and the framework for sub*system control and

communication is architectural design. The output of this design process is a

description of the software architecture.

ig *.2 Sy,te! de,ign o" the ##liction



18/56


*.2.1 Su$ Sy,te! De,ign:

)ere the sub system of the main application has been designed and the

working of the application has been described.

ig *.% Su$,y,te! de,ign "or d!in

ig *.( Su$,y,te! de,ign "or u,er



19/56


*.% Dt lo5 Digr!:

$ data flow diagram 3(-(4 is a graphical representation of the HflowH of datathrough an information system! modeling its process aspects. 'ften they are a

preliminary step used to create an overview of the system which can later be

elaborated. (-(s can also be used for the visualization of data processing 3structured

design4.

$ (-( shows what kinds of data will be input to and output from the system!

where the data will come from and go to! and where the data will be stored. It does

not show information about the timing of processes! or information about whether

processes will operate in seuence or in parallel.

ig *.* Dt "lo5 digr! "or ##liction



20/56


*.( Inter"ce Digr!:

*.(.1 Client Ser'er )odel:

ig *.6 Client ,er'er !odel

*.* U)+ Digr!,:

%nified +odeling #anguage 3%+#4 is a standardized general*

purpose modeling language in the field of ob5ect*oriented software engineering. The

%nified +odeling #anguage 3%+#4 is used to specify! visualize! modify! construct

and document the artifacts of an ob5ect*oriented software*intensive system under

development. %+# combines techniues from data modeling 3entity relationship

diagrams4! business modeling 3work flows4! ob5ect modeling! and component

modeling. It can be used with all processes! throughout the software development life

cycle! and across different implementation technologies.



21/56


*.*.1 Cl,, !odel:

In software engineering! a class diagram in the %nified +odeling

#anguage 3%+#4 is a type of static structure diagram that describes the structure of a

system by showing the systems classes! their attributes! operations 3or methods4! and

the relationships among the classes. The class diagram is the main building block

of ob5ect oriented modeling. It is used both for general conceptual modeling of the

systematic of the application! and for detailed modeling translating the models

into programming code. Elass diagrams can also be used for data modeling.

DBconnect

./'nne/t&'n

.$atabae

.'en

./#'e

Application

.rtna%e

.#atna%e

./'nta/tn%ber

.e$&tr'#e

.e$&tgr'

.e$&tr&en$

Connects database to application1 *

ig *.7 Cl,, digr! "or o'er'ie5 o" ##liction

profle

.rtna%e

.#atna%e

./'nta/tn%ber

.e$&tr&en$#&t

.e$&tgr'

photos

.'t'&$

.'t'$e/r&t&'n

.a$$&/

.e$&tA#b%

.genera#&n'r%at&'n

* *

Ma&nta&n

ig *.8 Cl,, digr! "or #ro"ile



22/56


*.*.2 Ad'nced Cl,, Digr!:

DBconnect

./'nne/t&'n

.$atabae

.$b/'nne/t01

.',en01

./#'e01

Registered user

.2rtna%e

.#atna%e

.a$$re

.e%a&$

.a$$35r&en$01

.re%'-e37r&en$01

.e$&t3,r'2#e01

.e$&t3gr'4,01

Admin

.4erna%e

.,a*'r$

.-&e*35ee$ba/801

.b#'/834er01

.4nb#'/834er01

Profle

.2rt na%e

.e%,#'!%ent &n5'r%at&'n

.genera# &n5'

application

.,r'2#e

.gr'4,

Alert message

.en$3%eage01

.en$3e%a

riend_list

.2n$35r&en$01

.re%'-e35r&en$01photos

.,6't'3&$

.a#b4%3na%e

.a$$3,6't'01

.a$$3a#b4%01

.re%'-e3,6't'01

ig *.9 Ad'nced cl,, !odeling



23/56


*.*.% U,e C,e )odel,:

In software and systems engineering! a use case is a list of steps! typically

defining interactions between a role 3known in %+# as an actor4 and a system! to

achieve a goal. The actor can be a human or an external system. In systems

engineering! use cases are used at a higher level than within software engineering!

often representing missions or stakeholder goals+

S!te%

user

viewedit profle

edit photos

edit groups

edit riend list

sendrecieve messages

login

ig *.1 U,e c,e digr! "or d!ini,trtion



24/56


*.*.%.1 Ad'nced u,e c,e !odel:

user

login

viewedit profle

edit photo

edit groups

edit riend

recieve messageemail

Admin

send messageemail

99e:ten$;;

99&n/#4$e;;

database confmation

99&n/#4$e;;

bloc!unbloc! user

ig *.11 Ad'nced u,e c,e "or entire ##liction



25/56


*.*.( Seuence !odel:

er #'g&n-er&!reg&ter '%e,age $atabae ,r'#e %eage a$$reb'' gr', ,&/ r&en$

1 < &te

2 < t're &n'3 < reg&ter

4

5 < #'g&n

6 < -er&!

7 < g't' '%e,age

8 < e$&t

9

10 < en$=re/&e-e %g

11

12 < e$&t an$ -&e* /'nta/t

13

14 < /reate an$ e$&t gr',

1516 < ,#'a$ an$ -&e* ,&/

17

18 < a$$ an$ ear/ r&en$ *&t n&/ na%e

19

20

21

22

23

24

ig *.12 Seuence digr! "or entire ##liction



26/56


er #'g&n-er&!reg&ter '%e,age $atabae ,r'#e %eage a$$reb'' gr', ,&/ r&en$

1 < &te

2 < t're &n'3 < reg&ter

4

5 < #'g&n

6 < -er&!

7 < g't' '%e,age

8 < e$&t

9

10 < en$=re/&e-e %g

11

12 < e$&t an$ -&e* /'nta/t

13

14 < /reate an$ e$&t gr',

1516 < ,#'a$ an$ -&e* ,&/

17

18 < a$$ an$ ear/ r&en$ *&t n&/ na%e

19

20

21

22

23

24

ig *.1% Seuence !odel "or u#dting #ro"ile in"or!tion



27/56

LOGIN

Verify

User Home Page

rue

PROFILE MESSAGES PICS ADDRESSBOO

FRIENDS COMMUNI!"

fa#se

EDI!

PROFILE

SEND

MSG

RECEIVE

MSG ADD a$%

VIE& PICS

ADD a$% Vie'

Co$ta(tsINVI!E a$%

ACCEP!

SEARCH a$%

)OIN

Create !o*i(

a$% *ost Re*#y

LOGOU!


*.*.* Stte )odel:

$ state diagram is a type of diagram used in computer science and related

fields to describe the behavior of systems. 1tate diagrams reuire that the system

described is composed of a finite number of states sometimesJ this is indeed the case!while at other times this is a reasonable abstraction. +any forms of state diagrams

exist! which differ slightly and have different semantics.

ig *.1( Stte digr! "or ##liction

*.*.6 Concurrency )odel:



28/56


Eoncurrency is widely used in many new applications because of the

usefulness of parallel processing. 0xamples of concurrency can be found in

preemptive multitasking systems! multiple processor computers! and special networks

of computers that work together to run a single program+

ig *.1* Concurrency !odel

*.*.7 Acti'ity )odel:



29/56


$ctivity diagrams are graphical representations of workflows of stepwise

activities and actions with support for choice! iteration and concurrency. In

the %nified +odeling #anguage! activity diagrams can be used to describe the

business and operational step*by*step workflows of components in a system. $n

activity diagram shows the overall flow of control+

Logi$

Profi#e Messages Pi(s A%%ress

+oo,

Frie$%s a$%

Commu$ity

E%it Profi#e Se$%

MessageRe(ei-e

Message

A%% Pi(s Vie' Pi(s A%%

Co$ta(t

Vie'

Co$ta(tSear(. a$%

a%% Frie$%

Logout

ig *.16 Acti'ity digr! "or ##liction

*.*.8 S5i!lne Digr!:



30/56


$ swim lane 3or swimlane4 is a visual element used in process flow diagrams!

or flowcharts that visually distinguishes responsibilities for sub*processes of

a business process. 1wim lanes may be arranged either horizontally or vertically. In

the accompanying example! the swimlanes are named Eustomer! 1ales! Eontracts!

#egal! and -ulfillment! and are arranged vertically+

LOGIN HOME PAGE

PROFILE EDI!

PROFILE

MESSAGES

SEND

MESSAGE

RECIEVE

MESSAGE

PICS

ADD PICS

VIE&

PICS

COMMIUNI!"

CREA!E

COMMUNI!"

)OIN

COMMUNI!"

FRIENDS SEARCH AND

ADD FRIENDS

Logout

END SESSIONActivitiesHOME PAGEAuthentication

ig *.17 S5i!lne digr! "or ##liction

Ch#ter 6



31/56


I)P+E)ENTATION PHASE

6.1 I!#le!enttion Detil,:

The coding has been done in P)P language making use of "$+P server and

+y12# is used for back end i.e database design.

The modules used are?

• #ogin/sign up

• IP tracking

• 1ending sms

• Ehanging of password

• 0diting -riends

• 0diting photos

The detailed description of above said modules are explained below.

6.2 Algorith!:

6.2.1 Algorith! "or login nd ,ignu#:

This module gives the description for users who need to sign up for our social

networking site. $fter registering he/she will login by the given nick name or

username. $fter logging in they can edit their profiles.

Algorith!:

1tep


32/56


nic;n!eBPOSTnic;n!eFG

#5dBPOST#5dFG

,lB,elect "ro! login 5here un!eBnic;n!e nd #5dB#5dG

re,B!y,lueryJ,lKG

LLLLL.

,lB,elect "ro! #ro"ile 5here un!eBnic;n!eG

re,B!y,lueryJ,lKG

ro5B!y,l"etchrryJre,KG

SESSIONun!eFBnic;n!eG

SESSION#ro"ileidFBro5#ro"ileidFG

hederJloction: ho!e.#h#KG

M

el,e

,lB,elect countJK , cnt "ro! logchec; 5here un!eB.nic;n!e. G

re,B!y,lueryJ,lKG

ro5 B!y,l"etchrryJre,KG

M

@

Out#ut:

This code enables user to login.

Sign u#:

?@#h# reuireJd$Connect.#h#KG @

?@#h#

include Ju#lodcl,,.#h#KG ==cl,,e, i, the !# 5here the cl,, "ile i, ,tored Jone $o'e the

rootK

"n!eBPOST"n!eFG

ln!eBPOSTln!eFG

genderBPOSTgenderFG



33/56


do$BPOSTdo$FG

geBPOSTgeFG

#ddre,,BPOST#ddre,,FG

cddre,,BPOSTcddre,,FG

#honenoBPOST#honenoFG

r,ttu,BPOSTr,ttu,FG

!o$ilenoBPOST!o$ilenoFG

LLLLLLLLL..

!/,i


34/56


dtBSo!eoneQ2i,Q2u,ingQ2urQ2id.Q2ro!Q2theQ2IPQ2ddre,,:Q2.

ci#.Q2ndQ25ithQ2"ollo5ingQ2#5d,:G

,l B in,ert into logchec; 'lue,J .nic;n!e..#5d.KG

!y,lueryJ,lKG

,lB,elect "ro! logchec; 5here un!eB.nic;n!e.G

re,B!y,lueryJ,lKG

5hileJro5B!y,l"etchrryJre,KK

dt.Bro5#5dF.G

M

Out#ut:

The particular Ip will be tracked

6.2.% Algorith! "or Sending S)S:

$fter tracking the IP address a message will be sent to user’s mobile

intimating them about the suspicious activity going on in their account.

Algorith!:

1tep


35/56


M

@

?@#h# includeJ,!,.#h#KG @

?@#h#

,l B in,ert into logchec; 'lue,J .nic;n!e..#5d.KG

!y,lueryJ,lKG

,end,!,J!o$ilenu!$er dtKG

@

Out#ut:

$n message in format*

1omeone is using your id from IP address .>< and with following passwords

BB!wer!;;;. Qour password has changed to G8>.

6.2.( Algorith! to chnge the #,,5ord t ti!e o" ,ending S)S:

"hen the message is being sent for reporting the suspicious activity along

with that the changed new password will be sent.

Algorith!:

1tep


36/56


1omeone is using your id from IP address .>< and with following passwords

BB!wer!;;;. our #,,5ord h, chnged to 9(%.

6.2.* Algorith! "or editing "riend li,t:

)ere user can edit his friend list by adding or removing friends.

Code "or ,erching "riend,:


?@#h# ,e,,ion,trtJKG @

?@#h#

nic;n!eBPOSTnic;n!eFG

,lB,elect "ro! #ro"ile #generl#ro"ile g#eductionl#ro"ile e# 5here

#.#ro"ileidBg#.#ro"ileid nd #.#ro"ileidBe#.#ro"ileid nd #.#ro"ileid?.

SESSION#ro"ileidF. ndJ un!eB.nic;n!e. or "n!eB.nic;n!e. or

ln!eB.nic;n!e.KG

re,B!y,lueryJ,lKG

@

?@#h# includeJheder.#h#KG @

?@#h# includeJto#!enu.#h#KG @

?=di'

?di' idB,itecontent

?di' idB#nel?i!g ,rcB,tyle=#nel.g ltBtree to#, =?=di'

?@#h# includeJl,idelin;,.#h#KG @

?di' idB+yer2

?t$le 5idthB6(2 $orderB lignBcenter

?@#h#

5hileJro5B!y,l"etchrryJre,KK

@

?tr

?td 5idthB261?#N!e: ?@#h# echo ro5"n!eF. .ro5ln!eFGG @?=#

?#Nic; N!e: ?@#h# echo ro5un!eFG @?=#

?#0ender: ?@#h# echo ro5genderFG @?=#



37/56


?#Age: ?@#h# echo ro5geFG @?=#?=td

?@#h#

,l2B,elect "ro! "riendreue,t 5here reue,teridB.SESSION#ro"ileidF. nd

#ro"ileidB.ro5#ro"ileidF.G

re,2B!y,lueryJ,l2KG

i"Jro52B!y,l"etchrryJre,2KK

@

?td 5idthB166?#riend Reue,t Pending?=#

?@#h#

M

el,e

@

?td 5idthB166?#? hre"Bddreue,t.#h#@reue,ttoB?@#h# echo

ro5#ro"ileidFG @);e riend ?=?=#

LL.

Out#ut:

Particular person is searched and result is obtained.

Code "or dding "riend:


?@#h# ,e,,ion,trtJKG @

?@#h#

reue,ttoBRE4UESTreue,ttoFG

@

?@#h#

ridBRE4UESTreue,tidFG

re,B!y,lueryJ,elect "ro! "riendreue,t 5here "riendreue,tidBridKG

ro5B!y,l"etchrryJre,KG

"riendidBro5reue,teridFG

grou#Bro5"riendty#eFG



38/56


#ro"ileidBSESSION#ro"ileidFG

!y,lueryJu#dte "riendreue,t ,et ,ttu,BA##ro'ed 5here "riendreue,tidBridKG

,lBin,ert into !y"riend 'lue,Jnull#ro"ileid"riendidgrou#KG

!y,lueryJ,lKG

,lBin,ert into !y"riend 'lue,Jnull"riendid#ro"ileidgrou#KG

!y,lueryJ,lKG

@

?,cri#t

lertJriend AddedKG

hi,tory.$c;JKG

?=,cri#t

6.2.6 Algorith!=code "or editing #hoto,:

!/,i


39/56


e/tr!,g%F B Select t le,t on "ile.G

e/tr!,g(F B Select the "ileJ,K "or u#lod.G

e/tr!,g*F B ou h'e tried to u#lod ?$.thi,>$d"ilen!e,. "ile,?=$ 5ith in'lid

chrcter, in,ide the "ilen!e.G

M

return e/tr!,g!,gnu!FG

M

== thi, !ethod chec;e, the nu!$er o" "ile, "or u#lod

== thi, e/!#le 5or;, 5ith one or !ore "ile,

"unction count"ile,JK

"orech Jthi,>n!e,rry , te,tK

i" Jte,t B K

thi,>nu!$ero""ile,G

M

M

i" Jthi,>nu!$ero""ile, K

return trueG

M el,e

return "l,eG

M

M

Out#ut:

The picture will be uploaded to his profile.

6.% Detiled Anly,i, o" )in Ph,e, in Algorith!:



40/56


6.%.1 Anly,i, o" ,ending S)S nd E!il:

The main phase is to send the message while any suspicious activity is going

on in any users profile. The message facility is provided by using a sms server which

receives the data i.e the particular IP address that has been tracked and the guessing passwords along with these the new password that has been reset by the administrator

to the 1+1 server and that delivers the message contents to the intended user’s

mobile. The mobile number will be provided by the user during the time of

registration.

$part from sending 1+1 an email will also be sent at the same time. -or this

P)P 0mail function is used which helps to send emails and notifications about the

suspicious activity in the user’s account.

6.%.2 Anly,i, o" editing Pro"ile In"or!tion:

%ser after getting registered can login by giving his username and password.

$fter logging in the user can edit his/her profile information. %ser is also provided

with adding of friends facility. )ere he can search friends by giving their most

popular nick names. This reduces the search result and he will get intended resulteasily. %ser can upload the picture albums with the security. %ser is also provided

with removing friend option. )e/she can block the unwanted people who are creating

unnecessary mess in their profile. The detail algorithm and code has benn mentioned

in above part.

Ch#ter 7

TESTIN0 PHASE



41/56


7.1 Te,t Pln,:

This document explains testing methodology for RPreventing unauthorized

access of social accounts using web and mobile devicesS.

It lists out all the testing items and the testing procedures to be conducted on

those items.

The document describes the testing approaches followed and all the test case

specifications for the application.

It is to be used as a guide for the testing activity. The intended audience for

this document is the developer and the tester.

7.2 Ty#e, o" te,t, crried out:

7.2.1Unit Te,ting:

%nit testing focuses verification efforts on the smallest unit of software design!

the module .This is also known as Rmodule testingS. The modules are tested separatel

y. This testing is carried out during programming stage itself. In these testing steps! ea

ch module is found to working satisfactorily as regard to the expected output from the

module.

1. )odule N!e: RE0ISTRATION

U,e C,e ID: UC1

1. 1 )odule O'er'ie5:

In this module the user get registers to the system by providing his personnel!

professional and other details! and these details are stored in the database and assign

him a voter Id! password through which he can login into the system.

1.2 In#ut, to )odule:


42/56


9. Password8. -irst name! #ast name and +iddle name. $ge;. (ate of &irth:. $ddress

B. Eontact detailsF. 0ducational and Professional details

1.% Out#ut, "ro! )odule:

$ new voter for a particular constituency is created.

Table B.< Test cases and result for register user

U,e C,e

No.

Te,t c,e n!e Condition to $e

te,ted

Pre condition In#ut E/#ected re,ult

%E


43/56


lengthS

%E


44/56


. Ereate/(elete $ddress &ook;. 1end Invitation to -riend:. 1end/$ccept/7e5ect -riend 7euestB. Post Photos/+usic

2.2 In#ut, to )odule:


45/56


%E9*9 $dd friends 1pecify the

person whom

you want to add.

1erver should be

running and

website is

opened.

Persons

name

7euest is sent t

that person

%E9*8 (elete friends 1pecify the

person whom

you want to

delete.

1erver should be

running and

website is

opened.

Persons

name

Person is delete

from the list

%E9* 1end

1craps/+essages

1pecify person

name to who

scrap has to besent.

1erver should be

running and

website isopened.

Persons

name

+essage is sent

successfully.

%E9*; %pload photos $dd the photos

that has to be

uploaded

1erver should be

running and

website is

opened.

1pecify

Photo

number

Photos uploaded

successfully.

%E9*: 0dit profile &asic

information to be

edited

1erver should be

running andwebsite is

opened.

1pecify

details

Profile updated

%. )odule N!e: +ogin

U,e C,e ID: UC%

%.1 )odule O'er'ie5:

)ere the user provides username and password.

%.2 In#ut, to )odule:


46/56


U,e C,e

No.


te,ted

Pre condition in#ut E/#ected

re,ult

%E8*< #ogin details

validation

%ser should fill

all the fields

1erver should be

running and

website is opened.

The fields are

left empty

0rror message

R-ields cannot

be emptyS is

displayed

%E8*9 #ogin details

validation

%sername exists 1erver should be

running and

website is opened.

0nter

username

which does

not exist

0rror message

R%sername

does not existS

is displayed

%E8*8 #ogin details

validation

If the user has

entered valid

username

1erver should be

running and

website is opened.

0nter invalid

user name

and then click

sign in.

0rror message

RInvalid

usernameS is

displayed

%E8* #ogin details

validation

If user has

entered his

username.

1erver should be

running and

website is opened.

0nter only

username and

no password

0rror message

RPassword

field emptyS is

displayed

%E8*; #ogin details

validation

%ser has entered

username and

corresponding

password

1erver should be

running and

website is opened.

%ser enters

username and

password

which does

not match

0rror message

R%ser name

and password

does not

matchS is

displayed

%E8*: #ogin details

validation

%ser has entered

username and

corresponding

password

1erver should be

running and

website is opened.

%ser name

and password

are valid and

matching.

'pens the

authentication

page.

(. )odule n!e: )e,,ge 'lidtion

U,e C,e ID: UC(

(.1 )odule O'er'ie5:



47/56


)ere whether the same user will receive the text message simultaneously from

different IP address or not will be checked.

(.2 In#ut, to )odule:

#ogin with wrong password

(.% Out#ut "ro! !odule:

$fter increasing the count a text message will be sent to user’s mobile.

Table B. Test Eases for +essage validation

U,e C,e

No.


te,ted

Pre condition In#ut E/#ected

re,ult

%E*< +essage

validation

%ser must

receive an

message

1erver should be

running and

website is

opened.

Incorrect

password is

given more than

8 times

0rror messa

Rincorrect

passwordS a

message is

sent.

%E*9 +essage

validation

%ser must

receive anmessage from

different IP

address

1erver should be

running and

website is

opened.

Incorrect

password is

given at same

time from

different terminal

0rror messa

Rincorrect

passwordS a

message is s

%E*8 +essage

validation

(ifferent user

must receive

message from

same IP address

1erver should be

running and

website is

opened.

Incorrect

password is

given more than

8 times for

different users

account

0rror messa

Rincorrect

passwordS a

message is s

=ext we carried out an integrted 5hite $o/ test which involved the working

of the application as a whole. In this the user registered by giving his all basic

information. $fter that user logged in by giving specific nickname /username and

password. =ext the edit friend list module was integrated in which add friend and



48/56


delete friend modules worked appropriately and perfect result were obtained. $fter

this the next module edit photos were included which also gave perfect results. Then

the most important aspect i.e the tracking of IP address was done and successfully

messages were being sent to the intended users. %sers were able to get messages from

different IP address and also different users getting messages from same location i.e

IP address regarding their accounts suspicious activity.

CHAPTER 8

RESU+TS AND DISCUSSIONS

8.1 Screen ,n#,hot,:



49/56


ig 8.1 ront #ge o" ##liction

In#ut:* %ser runs the application.

Out#ut:* The application takes user’s login information to get started.

ig 8.2 Regi,ter=,ign u# "or!

In#ut: %ser will give his all basic information and particular uniue nick name and

password.

Out#ut: $n account will be created by taking their basic information



50/56


ig 8.% Ho!e #ge "ter logged in

ig 8.( -ie5ing "riend li,t



51/56


ig 8.* Te/t !e,,ge rece#tion during $rech

CHAPTER 9

APP+ICATIONS

1ince our main concentration is to identify suspect tracking! the applied

technology can be used in various fields to track the suspicious activity.

• It is used in defense mechanism! for tracking of suspicious activities and false

aliases in networking and authorized sites.

• The same idea can even be extended in any type of suspect tracking which

involves huge network of people.



52/56


• It can be used in social networking sites to identify the suspect user profiles.

• It ensures data security between the users.

&y using the nickname searching method user will be able to get his friend

easily without lots of searching overhead.

If user’s profiles are hacked then the economic cost involved in recovering the

data is costly. &y using this application where in tracking is implemented and

prevention measures are also undertaken.

CHAPTER 1

CONC+USION

Independent developers are now capable of delivering applications that would

be impossible without large team of resources. -or example! developers have

combined ,oogle maps with numerous other sources of information to develop new

and useful applications. &y making data available the idea of how to apply it is what

becomes important. The developer is no longer concerned with basic plumbing and is

freed up to think in broader terms in terms of overall application features.



53/56


In this! we have proposed a light*weight web system to identify aliases of a

person on the "eb. &y using the presented technology! we will be able to detect

persons with alias names. )ere we are presenting the methodology to prevent the

suspicious activities. &y this application the user will get to know the information

about the IP address from which the suspicious activity is going on. 1ince the users

will receive the message containing the new password! they can later log in with this

new password and change their password accordingly.

This pro5ect gives the idea as how to use the advanced P)P functions and

integrate different parts of the application. +any social networking sites do give the

security aspects but here our application ensures that the user’s data are more secure

and safe.

CHAPTER 11

UTURE SCOPE

The work described above and included in this special theme section

contributes to an on*going dialogue about the importance of social network sites! both

for practitioners and researchers. @ast! uncharted waters still remain to be explored.

+ethodologically! 1=131ocial =etworking "ebsites4 researchers ability to make

causal claims is limited by a lack of experimental or longitudinal studies.



54/56


The technologies used can be further extended to provide great levels of

security in other fields. -rom our iPhone! we’ll be able to get movie recommendations

from those in our network. "e’ll also be able to read reviews that our friends found

helpful and find show times for the theatres in our vicinity! and then we’ll be able to

check the location of our friends to determine how uickly they can meet us. )ackers

accessing using iphones can also be tracked and suspicious activity can be stopped.

REERENCE

OOVS:

• &eginning Php ; +ysl ; by ason ,ilmore.

1ince we are using php as front end and +ysl as backend this books helps in

learning many concepts.

• 1ome parts of data communications and networking by &ehrouz -oruzan.



55/56


1ince we are dealing with the tracking of IP address! this helped us to know

the concepts of IP.

3ESITES:

www.cse.msu.edu.com

www.processimpact.com

http?//www.techwr*l.com

www.w8schools.com

www.wikipedia!org

http?//www.plus9net.com/php6tutorial/php6ip.php

http?//www.wallpaperama.com/forums/how*to*display*ip*address*php*script*

code*function*from*visitor*user*t8GG.html

http?//www.daniweb.com/web*development/php/threads//;>>*>6*

;! 9>>;! pp. ;:G*;B>.

• (. &ollegala! T. )onma! Q. +atsuo! and +. Ishizuka! HIdentification of

personal name aliases on the web!H in Proceedings of F! $pr. 9>>F.



56/56


• E. "hitelaw! $. Vehlenbeck! =. Petrovic! and #. %ngar! H"eb*scale

named entity recognition!H in Proceedings of >F4! 9>>F.

• ,. (. +. 7ennie and T. aakkola! H%sing term informativeness for named

entity detection!H in Proceedings of $E+ 1I,I7 9>>;! 9>>;.

• $. &agga and &. &aldwin! H0ntity*based cross document coreferencing

using vector space model!H in E'#l=,GF! :4! 9>>:! pp.

Securing Socials Networks by preventing unauthorized access

Documents

Transcript of Securing Socials Networks by preventing unauthorized access