Sheena Project First Review

7/29/2019 Sheena Project First Review

http://slidepdf.com/reader/full/sheena-project-first-review 1/33

WELCOME



A PROJECT ON

PRESENTED BY,

SHEENA S



CONTENTS SYNOPSIS

PROJECT DESCRIPTION

ORGANIZATION PROFILE

SYSTEM ANALYSIS

MODULE DESCRIPTION SYSTEM SPECIFICATION

SCREEN SHOTS



SYNOPSIS The Distributed Denial-of-Service (DDoS) attack is a

serious threat to the legitimate use of the Internet.Prevention mechanisms are thwarted by the ability of attackers to forge or spoof the source addresses in IP

packets. By employing IP spoofing, attackers can evadedetection and put a substantial burden on the destinationnetwork for policing attack packets.

In this project, I propose an inter-domain packet filter(IDPF) architecture that can mitigate the level of IPspoofing on the Internet. A key feature of our scheme isthat it does not require global routing information.



IDPFs are constructed from the information implicit inBorder Gateway Protocol (BGP) route updates and aredeployed in network border routers. I establish theconditions under which the IDPF framework correctly

works in that it does not discard packets with validsource addresses.

Based on extensive simulation studies, I show that, evenwith partial deployment on the Internet, IDPFs canproactively limit the spoofing capability of attackers. Inaddition, they can help localize the origin of an attackpacket to a small number of candidate networks.



PROJECT DESCRIPTION Finally, many popular attacks such as man-in-the-middle

attacks, reflector-based attacks, and attackers use IPspoofing and require the ability to forge source addresses.Although attackers can insert arbitrary source addresses

into IP packets, they cannot control the actual paths thatthe packets take to the destination.

The first and long-term recommendation is to adoptsource IP address verification, which confirms theimportance of the IP spoofing problem. IP spoofing will

remain popular for a number of reasons. First, IP spoofingmakes isolating attack traffic from legitimate trafficharder: packets with spoofed source addresses may appear to be from all around the Internet. Second, itpresents the attacker with an easy way to insert a level of indirection. As a consequence, substantial effort isrequired to localize the source of the attack traffic.



Based on this observation, I have proposed the route-based packet filters as a way of mitigating IP spoofing. The idea is that by assuming single-path routing, there isexactly one single path between the source node and the

destination node. Hence, any packet with the sourceaddress and the destination address that appear in arouter that is not in path source and destination addressshould be discarded.

The Internet consists of thousands of network domains orautonomous systems (ASs). Each AS communicates withits neighbors by using the Border Gateway Protocol (BGP),which is the de facto inter-domain routing protocol, toexchange information about its own networks and othersthat it can reach. BGP is a policy-based routing protocolin that both the selection and the propagation of the bestroute to a destination at an AS are guided by some locally defined routing policies.



ORGANIZATION PROFILE

About Us Search fox provides the full and better networking solutions that deliver

business continuity and visibility, through robust and reliable network security and connectivity. By doing this, we could help the customer tomake a better business transactions. We secure their enterpriseresources from hackers and viruses, and make them the best in industry.



It’s Time for a New Network At Searchfox Networks, we are leading the charge to architecting the new

network. At the heart of the new network is our promise to transform theeconomics and experience of networking for our customers. We offer a high-performance network infrastructure built on simplicity, security, openness, and

scale. We are innovating in ways that empower our customers, our partners, andultimately everyone in a connected world.Our products and technologies run the world’s largest and most

demanding networks today, enabling our customers to create value andaccelerate business success within the new, rapidly changing global marketplace.Our customers include the top 130 global service providers, 96 of the GlobalFortune 100, as well as hundreds of federal, state and local governmentagencies and higher education organizations throughout the world.

As a pure play, high-performance networking company, we offer a broadproduct portfolio that spans routing, switching, security, application acceleration,identity policy and control, and management designed to provide unmatchedperformance, greater choice, and true flexibility, while reducing overall total costof ownership. In addition, through strong industry partnerships, SearchfoxNetworks is fostering a broad ecosystem of innovation across the network.



Services

DSL Internet Access Companies in small and large are required high speed internet connection now a

days. Whether it's instant use of e-mail and the websites or the availability of sufficientbandwidth for the corporate Local Area Network,high speed internet access is becomingessential for corporate world.

Let’s have a look at myDSLSM. myDSLSM is very help ful for full-time connectivity,such as hosting a web server. My DSL fullfills the needs of applications that require highbandwidth in both directions,like file transfers. myDSL uses conventional telephone wiringalso.Satellite Access

Access ServicemyDISH.netSM Satellite Access Service (Internet and Private Access) Data connections between a

remote location and a hub to the Internet is possible through Intercom Access. Contact us

Searchfox Technologies #108, Nehru Street, Near Senthil Kumaran Theatre, Ramnagar, Coimbatore-641009. www.searchfoxtechnologies.com E-Mail:[email protected]: +91-9894141348

http://www.searchfoxtechnologies.com/








SYSTEM ANALYSIS EXISTING SYSTEM

Distributed Denial-of-Service (DDoS) attacks pose anincreasingly grave threat to the Internet, as evident in recentDDoS attacks mounted on both popular Internet sites and

the Internet infrastructure. Alarmingly, DDoS attacks areobserved on a daily basis on most of the large backbonenetworks.

One of the factors that complicate the mechanisms forpolicing such attacks is IP spoofing, which is the act of forging the source addresses in IP packets. By masqueradingas a different host, an attacker can hide its true identity andlocation, rendering source based packet filtering lesseffective. Thus,

Existing system uses Network Ingress Filtering.

Ingress filtering primarily prevents a specific networkfrom being used for attacking others.



PROPOSED SYSTEM Inspired by the route-based packet filters, I propose an

InterDomain Packet Filter (IDPF) architecture, a router basedpacket filter system that can be constructed solely based on the

locally exchanged BGP updates, assuming that all ASs employ a setof routing policies that are commonly used today. They showed that packet filters constructed based on the global

routing information can significantly limit IP spoofing whendeployed in just a small number of ASs.

In this work, I extend the idea and demonstrate that filters that arebuilt based on local BGP updates can also be effective.

First, I describe how I can practically construct IDPFs at an AS byonly using the information in the locally exchanged BGP updates.



Second, I establish the conditions under which the proposedIDPF framework works correctly in that it does not discardpackets with valid source addresses.

Third, to evaluate the effectiveness of the proposedarchitecture, we conduct extensive simulation studies basedon AS topologies and AS paths extracted from real BGP data. The results show that, even with partial deployment, the

architecture can proactively limit an attacker’s ability tospoof packets.

When a spoofed packet cannot be stopped, IDPFs canhelp localize the attacker to a small number of

candidates ASs, which can significantly improve the IPtrace back situation.

In addition, IDPF-enabled ASs (and their customers)provides better protection against IP spoofing attacksthan the ones that do not support IDPFs.

This should give network administrators incentives to deploy IDPFs



MODULE DESCRIPTION Check and lookup the local

network

Content Selection

Encryption

BGP

Hackers

Decryption



Check and lookup the local network

This is module, which executes at the loading time tocheck and lookup the local network. It gets all thesystems, which are connected, to that local network. This

helps to the gets current working nodes that means whichare active and ready for access in the network.

Content Selection

It uses a dialog box to open a required file format, butit mainly supports only for the text support files. The fileloaded to a file variable, Then it send to the next stage

Encryption area. Encryption

In this the original data is converted to some otherformat using chips algorithm so that incase some intrudermay hack the file at any reason or at any cost, but they won’t get the original data unless it decrypted in proper

format.



BGP

In this Modules BGP (Border Gateway Protocol) is aprotocol that communicates across the network and alsomonitoring the client present in the network. It has all

client details as a table. The connection is establishedwith the client and the Router. The Encrypted data istransmitted to the Router which can send or redirect tothe correct destination address.

The Router checks whether the sender and receiverare proper to the network. Incase the ender (hacker) is not

a proper member in the network then that node is said tothe attacker node, then the message will not sent to thedestination. Otherwise the message will send to thedestination address.



Hackers

The hacker will act as a client in the distributednetwork. The hacker may have false name in the networkand virtually seems to be present within the current

network. It selects the destination address which originalpresent in the network.

Decryption

At the destination the received encrypted data willunder go decryption to get the original data, which wassent by the sender. Decryption using chips algorithm for

the decryption of the received data to the original content.After decryption only the data will be meaningful. TheEncryption and Decryption gives the security to datawhile transferring.



SYSTEM SPECIFICATION

HARDWARE SPECIFICATION

PROCESSOR PENTIUM IV 2.6 GHzRAM 512 MB DD RAM

MONITOR 15” COLOR

HARD DISK 20 GBFLOPPY DRIVE 1.44 MB

CDDRIVE LG 52X

KEYBOARD STANDARD 102 KEYS



SOFTWARE SPECIFICATION

FRONT END Java swing and Networking

OPERATING

SYSTEM

Windows XP

BACK END SQL Server 2005



SCREEN SHOTS

Source Node S



NODE A



NODE B



NODE C



NODE D



File & Destination Node has been selected



Message present in the source file



Showing the possible path from Source Node S to Node A



Showing the possible path from Source Node S to Node B



Showing the possible path from Source Node S to Node C



Showing the possible path from Source Node S to Node D



Feasible path from Source Node S to Node D



Message sent to Destination Node D



THANK YOU

Sheena Project First Review

Documents

Transcript of Sheena Project First Review