CHAPTER 1

INTRODUCTION

1.1 COMPANY PROFILE

PROWIS Technologies is a leading provider of tailored it services & solutions to fit the
needs of our clients with innovations, transparency & effectiveness in every thread of our
products. We have successfully implemented business solutions using client server, object
oriented programming, database programming & web-based technologies. Most of the academics
provide enough theoretical knowledge .But nowadays – major industrial requirements is practical
knowledge rather than theoretical knowledge, so we are here to create a professional mind in
college life to bring the corporate and education institute together through project training

DEVELOPMENT
PROWIS Technologies plans to reduce complexity, standardize business processes and
systems. To make better services the educational needs of college students in nearly every
discipline, from software, hardware and electronics domains. Prowis delivers contents in latest
technology projects and professional courses.

SOFTWARE DEVELOPMENT

Our team of software developers has expertise in the front running software languages
and tools like XML/HTML, Core Java/J2EE, ASP/ Dot Net, VB.

 Business Solution
 Professional Services
 Total Outsourcing

PRODUCTS:-
PROWIS Technologies consider quality a global priority, an organizational imperative,
and a personal ethic. We consider providing quality products to our clients a first and foremost
objective. To achieve this we follow organized approaches in every aspects of our organization.

1
  Financial Support
 Application Development
 Resource & Utilities

PROWIS Technologies was set up with a view to bond businesses with changing
technologies. Over the years, PROWIS Technologies has successfully implemented business
solutions using Client-server, object oriented programming, database programming, web-based
technologies and has come up with eminent results. PROWIS Technologies expertise combined
with its inclusive understanding of business requirements has ensured a growing customer base
across various business environments

BENEFITS:-

Today, PROWIS Technologies is a boutique software development company focused on

providing solutions which implement the best built features fulfilling our client needs.

2
1.2 OBJECTIVES:

Mobile devices are increasingly being used to access the web. However, in spite of
significant advances in processor power and bandwidth, the browsing experience on mobile
devices is considerably different. These differences can largely be attributed to the dramatic
reduction of screen size, which impacts the content, functionality and layout of mobile
webpages. Content, functionality and layout have regularly been used to perform static analysis
to determine maliciousness in the desktop space [20], [37], [51]. Features such as the frequency
of iframes and the number of redirections have traditionally served as strong indicators of
malicious intent.

Due to the significant changes made to accommodate mobile devices, such assertions
may no longer be true. For example, whereas such behavior would be flagged as suspicious in
the desktop setting, many popular benign mobile webpages require multiple redirections before
users gain access to content. Previous techniques also fail to consider mobile specific webpage
elements such as calls to mobile APIs. For instance, links that spawn the phone’s dialer (and the
reputation of the number itself) can provide strong evidence of the intent of the page. New tools
are therefore necessary to identify malicious pages in the mobile web.

In this paper, we present kAYO1 , a fast and reliable static analysis technique to detect
malicious mobile web-pages. kAYO uses static features of mobile webpages derived from their
HTML and JavaScript content, URL and advanced mobile specific capabilities. We first
experimentally demonstrate that the distributions of identical static features when extracted from
desktop and mobile webpages vary dramatically. We then collect over 350,000 mobile benign
and malicious webpages over a period of three months.

We then use a binomial classification technique to develop a model for kAYO to provide
90% accuracy and 89% true positive rate. kAYO’s performance matches or exceeds that of
existing static techniques used in the desktop space. kAYO also detects a number of malicious
mobile webpages not precisely detected by existing techniques such as VirusTotal and Google
Safe Browsing. Finally, we discuss the limitations of existing tools to detect mobile malicious
webpages and build a browser extension based on kAYO that provides realtime feedback to
mobile browser users.

3
 CHAPTER 2

SYSTEM ANALYSIS

2.1 EXISTING SYSTEM

 A popular approach in detecting malicious activity on the web is by leveraging

distinguishing features between malicious and benign DNS usage.
 Both passive DNS monitoring and active DNS probing methods have been used to
identify malicious domains. While some of these efforts focused solely on detecting fast
flux service networks, another can also detect domains implementing phishing and drive-
by-downloads.
 The best-known non-proprietary content-based approach to detect phishing webpages is
Cantina

DRAWBACKS:

 Existing tools such as Google Safe Browsing are not enabled on the mobile versions of
browsers, thereby precluding mobile users.
 DNS based mechanisms do not provide deeper understanding of the specific activity
implemented by a webpage or domain.
 Downloading and executing each webpage impacts performance and hinders scalability
of dynamic approaches.
 URL-based techniques usually suffer from high false positive rates.
 Cantina suffers from performance problems due to the time lag involved in querying the
Google search engine. Moreover, Cantina does not work well on webpages written in
languages other than English.
 Finally, existing techniques do not account for new mobile threats such as known fraud
phone numbers that attempt to trigger the dialer on the phone.

4
2.2 PROPOSED SYSTEM:

 In this paper, we present kAYO, a fast and reliable static analysis technique to detect
malicious mobile web-pages. kAYO uses static features of mobile webpages derived
from their HTML and JavaScript content, URL and advanced mobile specific
capabilities.
 We first experimentally demonstrate that the distributions of identical static features
when extracted from desktop and mobile webpages vary dramatically
 We experimentally demonstrate that the distributions of static features used in existing
techniques (e.g., the number of redirections) are different when measured on mobile and
desktop webpages. Moreover, we illustrate that certain features are inversely correlated
or unrelated to or non-indicative to a webpage being malicious when extracted from each
space.

ADVANTAGES OF PROPOSED SYSTEM:

 kAYO also detects a number of malicious mobile webpages not precisely detected by
existing techniques such as VirusTotal and Google Safe Browsing.
 The results of our experiments demonstrate the need for mobile specific techniques for
detecting malicious webpages.
 To the best of our knowledge kAYO is the first technique that detects mobile specific
malicious webpages by static analysis.
 Moreover, the mobile specific design of Kayo enables detection of malicious mobile
webpages missed by existing techniques.
 Finally, our survey of existing extensions on Firefox desktop browser suggests that there
is a paucity of tools that help users identify mobile malicious webpages.

5
2.3 FEASIBILITY STUDY

The feasibility of the project is analyzed in this phase and business proposal is put forth
with a very general plan for the project and some cost estimates. During system analysis the
feasibility study of the proposed system is to be carried out. This is to ensure that the proposed
system is not a burden to the company. For feasibility analysis, some understanding of the major
requirements for the system is essential.

Three key considerations involved in the feasibility analysis are

 ECONOMICAL FEASIBILITY
 TECHNICAL FEASIBILITY
 SOCIAL FEASIBILITY

2.3.1 ECONOMICAL FEASIBILITY

This study is carried out to check the economic impact that the system will have on
the organization. The amount of fund that the company can pour into the research and
development of the system is limited. The expenditures must be justified. Thus the developed
system as well within the budget and this was achieved because most of the technologies used
are freely available. Only the customized products had to be purchased.

2.3.2 TECHNICAL FEASIBILITY

This study is carried out to check the technical feasibility, that is, the technical
requirements of the system. Any system developed must not have a high demand on the available
technical resources. This will lead to high demands on the available technical resources.

This will lead to high demands being placed on the client. The developed system must
have a modest requirement, as only minimal or null changes are required for implementing this
system.

6
2.3.3 SOCIAL FEASIBILITY

The aspect of study is to check the level of acceptance of the system by the user. This
includes the process of training the user to use the system efficiently. The user must not feel
threatened by the system, instead must accept it as a necessity. The level of acceptance by the
users solely depends on the methods that are employed to educate the user about the system and
to make him familiar with it. His level of confidence must be raised so that he is also able to
make some constructive criticism, which is welcomed, as he is the final user of the system.

7
 CHAPTER 3

SYSTEM SPECFICATION

3.1 HARDWARE REQUIREMENTS:

This section gives the details and specification of the hardware on which the system is
expected to work.

 System : Pentium IV 2.4 GHz.

 Hard Disk : 40 GB.
 Monitor : 15 VGA Colour.
 Mouse : Logitech.
 Ram : 1 GB.

3.2 SOFTWARE REQUIREMENTS:

This section gives the details of the software that are used for the development.

 Operating system : Windows XP/7/8.

 Coding Language : JAVA/J2EE
 IDE : Eclipse
 Database : MYSQL

8
 CHAPTER 4

SOFTWARE DESCRIPTION

4.1 FRONT END(JAVA)

Java Technology
Java technology is both a programming language and a platform.

The Java Programming Language

The Java programming language is a high-level language that can be characterized by all
of the following buzzwords:

 Simple
 Architecture neutral
 Object oriented
 Portable
 Distributed
 High performance
 Interpreted
 Multithreaded
 Robust
 Dynamic
 Secure

With most programming languages, you either compile or interpret a program so that you
can run it on your computer. The Java programming language is unusual in that a program is
both compiled and interpreted. With the compiler, first you translate a program into an
intermediate language called Java byte codes —the platform-independent codes interpreted by
the interpreter on the Java platform. The interpreter parses and runs each Java byte code
instruction on the computer. Compilation happens just once; interpretation occurs each time the
program is executed. The following figure illustrates how this works.

9
 You can think of Java byte codes as the machine code instructions for the Java Virtual
Machine (Java VM). Every Java interpreter, whether it’s a development tool or a Web browser
that can run applets, is an implementation of the Java VM. Java byte codes help make “write
once, run anywhere” possible. You can compile your program into byte codes on any platform
that has a Java compiler. The byte codes can then be run on any implementation of the Java VM.
That means that as long as a computer has a Java VM, the same program written in the Java
programming language can run on Windows 2000, a Solaris workstation, or on an iMac.

The Java Platform

A platform is the hardware or software environment in which a program runs.
We’ve already mentioned some of the most popular platforms like Windows 2000,
Linux, Solaris, and MacOS. Most platforms can be described as a combination of the
operating system and hardware. The Java platform differs from most other platforms in
that it’s a software-only platform that runs on top of other hardware-based platforms.

10
 The Java platform has two components:
 The Java Virtual Machine (Java VM)
 The Java Application Programming Interface (Java API)
You’ve already been introduced to the Java VM. It’s the base for the Java platform
and is ported onto various hardware-based platforms.

The Java API is a large collection of ready-made software components that provide
many useful capabilities, such as graphical user interface (GUI) widgets. The Java API is
grouped into libraries of related classes and interfaces; these libraries are known as
packages. The next section, What Can Java Technology Do? Highlights what
functionality some of the packages in the Java API provide.
The following figure depicts a program that’s running on the Java platform. As the
figure shows, the Java API and the virtual machine insulate the program from the
hardware.

Native code is code that after you compile it, the compiled code runs on a specific
hardware platform. As a platform-independent environment, the Java platform can be a
bit slower than native code. However, smart compilers, well-tuned interpreters, and just-
in-time byte code compilers can bring performance close to that of native code without
threatening portability.
What Can Java Technology Do?
The most common types of programs written in the Java programming language
are applets and applications. If you’ve surfed the Web, you’re probably already familiar
with applets. An applet is a program that adheres to certain conventions that allow it to
run within a Java-enabled browser.

However, the Java programming language is not just for writing cute, entertaining applets
for the Web. The general-purpose, high-level Java programming language is also a

11
powerful software platform. Using the generous API, you can write many types of
programs.
An application is a standalone program that runs directly on the Java platform. A special
kind of application known as a server serves and supports clients on a network. Examples
of servers are Web servers, proxy servers, mail servers, and print servers. Another
specialized program is a servlet. A servlet can almost be thought of as an applet that runs
on the server side. Java Servlets are a popular choice for building interactive web
applications, replacing the use of CGI scripts. Servlets are similar to applets in that they
are runtime extensions of applications. Instead of working in browsers, though, servlets
run within Java Web servers, configuring or tailoring the server.
How does the API support all these kinds of programs? It does so with packages of
software components that provides a wide range of functionality. Every full
implementation of the Java platform gives you the following features:
 The essentials: Objects, strings, threads, numbers, input and output, data
structures, system properties, date and time, and so on.
 Applets: The set of conventions used by applets.
 Networking: URLs, TCP (Transmission Control Protocol), UDP (User Data gram
Protocol) sockets, and IP (Internet Protocol) addresses.
 Internationalization: Help for writing programs that can be localized for users
worldwide. Programs can automatically adapt to specific locales and be displayed
in the appropriate language.
 Security: Both low level and high level, including electronic signatures, public
and private key management, access control, and certificates.
 Software components: Known as JavaBeansTM, can plug into existing
component architectures.
 Object serialization: Allows lightweight persistence and communication via
Remote Method Invocation (RMI).
 Java Database Connectivity (JDBC TM): Provides uniform access to a wide
range of relational databases.

12
 The Java platform also has APIs for 2D and 3D graphics, accessibility, servers,
collaboration, telephony, speech, animation, and more. The following figure depicts what
is included in the Java 2 SDK.

How Will Java Technology Change My Life?

We can’t promise you fame, fortune, or even a job if you learn the Java programming
language. Still, it is likely to make your programs better and requires less effort than
other languages. We believe that Java technology will help you do the following:
 Get started quickly: Although the Java programming language is a powerful
object-oriented language, it’s easy to learn, especially for programmers already
familiar with C or C++.
 Write less code: Comparisons of program metrics (class counts, method counts,
and so on) suggest that a program written in the Java programming language can
be four times smaller than the same program in C++.
 Write better code: The Java programming language encourages good coding
practices, and its garbage collection helps you avoid memory leaks. Its object
orientation, its JavaBeans component architecture, and its wide-ranging, easily
extendible API let you reuse other people’s tested code and introduce fewer bugs.
 Develop programs more quickly: Your development time may be as much as
twice as fast versus writing the same program in C++. Why? You write fewer
lines of code and it is a simpler programming language than C++.

13
 Avoid platform dependencies with 100% Pure Java: You can keep your
program portable by avoiding the use of libraries written in other languages. The
100% Pure JavaTM Product Certification Program has a repository of historical
process manuals, white papers, brochures, and similar materials online.
 Write once, run anywhere: Because 100% Pure Java programs are compiled into
machine-independent byte codes, they run consistently on any Java platform.
 Distribute software more easily: You can upgrade applets easily from a central
server. Applets take advantage of the feature of allowing new classes to be loaded
“on the fly,” without recompiling the entire program.

14
4.2 BACK END(MYSQL)

A database is a separate application that stores a collection of data. Each database has one or
more distinct APIs for creating, accessing, managing, searching and replicating the data it holds.

Other kinds of data stores can also be used, such as files on the file system or large hash tables in
memory but data fetching and writing would not be so fast and easy with those type of systems.

Nowadays, we use relational database management systems (RDBMS) to store and manage huge
volume of data. This is called relational database because all the data is stored into different
tables and relations are established using primary keys or other keys known as Foreign Keys.

A Relational DataBase Management System (RDBMS) is a software that −

 Enables you to implement a database with tables, columns and indexes.

 Guarantees the Referential Integrity between rows of various tables.
 Updates the indexes automatically.
 Interprets an SQL query and combines information from various tables.

RDBMS Terminology

Before we proceed to explain the MySQL database system, let us revise a few definitions related
to the database.

 Database − A database is a collection of tables, with related data.

 Table − A table is a matrix with data. A table in a database looks like a simple
spreadsheet.
 Column − One column (data element) contains data of one and the same kind, for
example the column postcode.
 Row − A row (= tuple, entry or record) is a group of related data, for example the data of
one subscription.
 Redundancy − Storing data twice, redundantly to make the system faster.
 Primary Key − A primary key is unique. A key value can not occur twice in one table.
With a key, you can only find one row.
15
  Foreign Key − A foreign key is the linking pin between two tables.
 Compound Key − A compound key (composite key) is a key that consists of multiple
columns, because one column is not sufficiently unique.
 Index − An index in a database resembles an index at the back of a book.
 Referential Integrity − Referential Integrity makes sure that a foreign key value always
points to an existing row.

MySQL Database

MySQL is a fast, easy-to-use RDBMS being used for many small and big businesses. MySQL is
developed, marketed and supported by MySQL AB, which is a Swedish company. MySQL is
becoming so popular because of many good reasons −

 MySQL is released under an open-source license. So you have nothing to pay to use it.
 MySQL is a very powerful program in its own right. It handles a large subset of the
functionality of the most expensive and powerful database packages.
 MySQL uses a standard form of the well-known SQL data language.
 MySQL works on many operating systems and with many languages including PHP,
PERL, C, C++, JAVA, etc.
 MySQL works very quickly and works well even with large data sets.
 MySQL is very friendly to PHP, the most appreciated language for web development.
 MySQL supports large databases, up to 50 million rows or more in a table. The default
file size limit for a table is 4GB, but you can increase this (if your operating system can
handle it) to a theoretical limit of 8 million terabytes (TB).
 MySQL is customizable. The open-source GPL license allows programmers to modify
the MySQL software to fit their own specific environments.

16
 CHAPTER 5

PROJECT DESCRIPTION

5.1 PROBLEM DEFINITION

A popular approach in detecting malicious activity on the web is by leveraging

distinguishing features between malicious and benign DNS usage. Both passive DNS monitoring
and active DNS probing methods have been used to identify malicious domains. While some of
these efforts focused solely on detecting fast flux service networks, another can also detect
domains implementing phishing and drive-by-downloads. Existing tools such as Google Safe
Browsing are not enabled on the mobile versions of browsers, thereby precluding mobile
users.DNS based mechanisms do not provide deeper understanding of the specific activity
implemented by a webpage or domain. Downloading and executing each webpage impacts
performance and hinders scalability of dynamic approaches. URL-based techniques usually
suffer from high false positive rates.

5.2 OVERVIEW OF PROJECT

Mobile specific webpages differ significantly from their desktop counterparts in

content, layout and functionality. Accordingly, existing techniques to detect malicious websites
are unlikely to work for such webpages. In this paper, we design and implement kAYO, a
mechanism that distinguishes between malicious and benign mobile webpages. kAYO makes
this determination based on static features of a webpage ranging from the number of iframes to
the presence of known fraudulent phone numbers. First, we experimentally demonstrate the need
for mobile specific techniques and then identify a range of new static features that highly
correlate with mobile malicious webpages. We then apply kAYO to a dataset of over 350,000
known benign and malicious mobile webpages and demonstrate 90% accuracy in classification.
Moreover, we discover, characterize and report a number of webpages missed by Google Safe
Browsing and VirusTotal, but detected by kAYO. Finally, we build a browser extension using
kAYO to protect users from malicious mobile websites in real-time. In doing so, we provide the
first static analysis technique to detect malicious mobile webpages.

17
 CHAPTER 6
SYSTEM DESIGN

6.1 SYSTEM DESIGN

The system of objectives outline during the feasibility study serve as the basic from
which the work of system design is initiated. Much of the activities is involved at the stage is
technical nature requiring a certain degree of systems sound knowledge of computer related
technology and through understanding of computer available in the market and the various
facilities provided by the vendors. Nevertheless, a system cannot be designed in isolation without
the active involvement of the user. The user has a vital role to play at the stage too. As we know
that data collected that during feasibility study wills we utilized systemically during the system
design. It should however be kept in mind that details study of the existing system is not
necessarily over with the completion of the feasibility study. Depending on the plan of feasibility
study, the level of details study will vary and the system design stage will also vary in the
amount of investigation that still needs to be done. This investigation is generally an urgent
activity during the system.

6.2 MODULE

1. Admin

2. User

3. Attacker

18
6.2.1 MODULE DESCRIPTION

ADMIN

This module is used to login into system. Admin need to type the username and password
correctly. Otherwise it will show the error message. After logged in successfully, Next admin
adding the new URL and then view the all the URL results. And then the admin going to check
the history and view the blocked URL(Malicious Site).And the Logout the screen.

1. Login

2. Add New URL

3. View All sites information

4. History

5. View Blocked URL (View Malicious Site)

6. Logout

USER

The user is search to the URL. User will click on the url while they searching. So if the
user clicks the malicious url accidently while searching for something, it will be blocked
automatically without making any issues. At the time of clicking malicious url, the pop-up alert
will be shown to user, it will make them know the url holds malicious thread. And, the history of
url can be checked by admin at anytime they want.

1. Search

2. View Result(View Keyboard Based Search).

3. If user click on malicious website that will block automatically.

3.Exit

19
ATTACKER

In this module the attacker is first login to the system. And then adding the Malicious
URL. Attackers also can use this system for uploading malicious threads. It means, they can add
the url of malicious thread by logging into this system which helps to get the information of
users.

1. Login

2. Add Malicious URL

3.View Information

20
 6.3 SYSTEM FLOW DIAGRAM

Operation

Admin User Attacker

Login Search Keywords Login

Add new URL View URL Add Malicious URL

View all sites information Exit View Information

History

Logout

21
6.4 DATA FLOW DIAGRAM

6.4.1 Level 0: Login

User
https://www.google.co.in
Admin Login
Add New URL

User Register

6.4.2 Level 1:

https://www.goog
Admin Login le.co.in View All URL
Add New URL Result

Attacker Login Add Malicious URL

22
6.4.3 Level 2:

View Blocked
Admin View all User URL (View Using kAYO
History Malicious Site) Server

Logout

No Result Not
Found
Yes

Search URL View Original kAYO Server

User
URL Working

Correct URL
Store in DB View

23
6.5 DATABASE DESIGN
The most important consideration in designing the database is how information will be
used. The main objectives of designing a database are:

Data Integration:

In a database, information from several files are coordinated, accessed and operated upon
as through it is in a single file. Logically, the information are centralized, physically, the data
may be located on different devices, connected through data communication facilities.

Data Integrity

Data integrity means storing all data in one place only and how each application to access
it. This approach results in more consistent information, one update being sufficient to achieve a
new record status for all applications, which use it. This leads to less data redundancy; data items
need not be duplicated; a reduction in the direct access storage requirement.

Data Independence:

Data independence is the insulation of application programs from changing aspects of

physical data organization. This objective seeks to allow changes in the content and organization
of physical data without reprogramming of applications and to allow modifications to application
programs without reorganizing the physical data.

The tables needed for each module were designed and the specification of each and every
column was given based on the records and details collected during record specification of the
system study.

24
6.6 TABLE STRUCTURE

6.6.1 Table Name: Attacker

COLUMN NAME DATA TYPE

Id int( 50)
url varchar (300)
Keyword varchar(500)
Status varchar(50)

6.6.2 Table Name: Data

COLUMN NAME DATA TYPE

Id int( 50)
Site varchar (300)

6.6.3 Table Name: Hacker

COLUMN NAME DATA TYPE

Id Int(50)
Urls varchar (100)
Keywords varchar(200)
Ips Varchar(100)

25
6.6.4 Table Name: Indexer

COLUMN NAME DATA TYPE

Id Int(50)
URL Varchar(100)
keyword text

6.6.5 Table Name: Search

COLUMN NAME DATA TYPE

Id Int(50)
words Varchar(100)
Ips Varchar(100)

26
6.5 INPUT DESIGN

The input design is the link between the information system and the user. It comprises the
developing specification and procedures for data preparation and those steps are necessary to put
transaction data into a usable form for processing can be achieved by inspecting the computer to
read data from a written or printed document or it can occur by having people keying the data
directly into the system. The design of input focuses on controlling the amount of input required,
controlling the errors, avoiding delay, avoiding extra steps and keeping the process simple.

The input is designed in such a way so that it provides security and ease of use with retaining
the privacy. The goal of input design is to input the data as accurate as possible. Hence inputs are
designed effectively so that the errors made by operations are minimized. The inputs to the
system have been designed in such a way that the same formats are used with related screen.
Since user expect to find the same data in same places Input Design considered the following
things:

 Data should be given as input.

 The data should be arranged or coded.
 The dialog to guide the operating personnel in providing input.
 Methods for preparing input validations and steps to follows when error occurs.

OBJECTIVES OF INPUT DESIGN

 Input design is the process of converting a user-oriented description of the input into a
computer based system. This design is important to avoid errors in the data input process
and show the correct direction to the management for getting correct information from
the computerized system.
 It is achieved by creating user-friendly screens for the data entry to handle large volume
of data. The goal of designing input is to make data entry easier and to be free from
errors. The data entry screen is designed in such a way that all the data manipulates can
be performed. It also provides record viewing facilities.

27
6.6 OUTPUT DESIGN

A quality out is one, which meets the requirements of the end user and presents the
information clearly. In any system results of processing are communicated to the users and to
other system through outputs. In output design it is determined how the information is to be
displaced for immediate need and also the hard copy output. It is the most important and direct
source information to the user. Efficient and intelligent output design improves the system’s
relationship to help user decision-making.
Designing computer output should proceed in an organized, well thought out manner,
the right output must be developed while ensuring that each output element is designed so that
people will find the system can use easily and effectively. When analysis design computer
output, they should identify the specify output that is needed to meet the requirements. Select
methods for presenting information. Create document, report, or other formats that contain
information produced by the system. The output from of an information system should
accomplish one or more of the following objectives.
 Convey information about past activities, current status or projections of the future.
 Signal important events, opportunities, problems, or warnings.
 Trigger an action
 Confirm an action.

28
 CHAPTER 7

SYSTEM TESTIING

The purpose of testing is to discover errors. Testing is the process of trying to discover
every conceivable fault or weakness in a work product.

It provides a way to check the functionality of components, sub-assemblies, assemblies

and/or a finished product It is the process of exercising software with the intent of ensuring that
the software system meets its requirements and user expectations and does not fail in an
unacceptable manner. There are various types of test. Each test type addresses a specific testing
requirement.

The Objective of Testing Is As Follows:

 Testing is the process of executing a program with the intent of finding an error.
 A successful test is that one of the cover of undiscovered error.

Testing Issues

 Client GUI considerations.

Target environment and platform diversity considerations

7.1 UNIT TESTING

Unit testing, also known as component testing refers to tests that verify the functionality
of a specific section of code, usually at the function level. In an object-oriented environment, this
is usually at the class level, and the minimal unit tests include the constructors and destructors

These types of tests are usually written by developers as they work on code (white-box
style), to ensure that the specific function is working as expected. One function might have
multiple tests, to catch corner cases or other branches in the code.

29
7.2 INTEGRATION TESTING

Integration testing is any type of software testing that seeks to verify the interfaces
between components against a software design. Software components may be integrated in an
iterative way or all together.

Normally the former is considered a better practice since it allows interface issues to be
localized more quickly and fixed. Integration testing works to expose defects in the interfaces
and interaction between integrated components (modules). Progressively larger groups of tested
software components corresponding to elements of the architectural design are integrated and
tested until the software works as a system.

7.3 VALIDATION TESTING

To uncover functional errors, that is, to check whether functional characteristics confirm
to specification or not, almost all the inputs are validated strictly and inform the user if there is
any wrong input. The modules are validated such that only after table selection the chart form
can be opened.

7.4 USER ACCEPTANCE TESTING

User Acceptance Testing is a critical phase of any project and requires significant
participation by the end user. It also ensures that the system meets the functional requirements.
This is to verify that all the system elements have been properly integrated and perform allocated
functions. Testing executes a program to test the logic changes made in it and with intention of
finding errors. Tests are also conducted to find discrepancies between system and its original
objective, current specification and documents.

30
 CHAPTER 8

SYSTEM IMPLEMENTATION

J2ME (Java 2 Micro edition):-

Sun Microsystems defines J2ME as "a highly optimized Java run-time environment
targeting a wide range of consumer products, including pagers, cellular phones, screen-phones,
digital set-top boxes and car navigation systems." Announced in June 1999 at the JavaOne
Developer Conference, J2ME brings the cross-platform functionality of the Java language to
smaller devices, allowing mobile wireless devices to share applications. With J2ME, Sun has
adapted the Java platform for consumer products that incorporate or are based on small
computing devices

1. General J2ME architecture

J2ME uses configurations and profiles to customize the Java Runtime Environment
(JRE). As a complete JRE, J2ME is comprised of a configuration, which determines the JVM
used, and a profile, which defines the application by adding domain-specific classes. The
configuration defines the basic run-time environment as a set of core classes and a specific JVM
that run on specific types of devices.

31
 We'll discuss configurations in detail in the The profile defines the application;
specifically, it adds domain-specific classes to the J2ME configuration to define certain uses for
devices. We'll cover profiles in depth in the The following graphic depicts the relationship
between the different virtual machines, configurations, and profiles. It also draws a parallel with
the J2SE API and its Java virtual machine. While the J2SE virtual machine is generally referred
to as a JVM, the J2ME virtual machines, KVM and CVM, are subsets of JVM. Both KVM and
CVM can be thought of as a kind of Java virtual machine -- it's just that they are shrunken
versions of the J2SE JVM and are specific to J2ME.

2.Developing J2ME applications

Introduction In this section, we will go over some considerations you need to keep in
mind when developing applications for smaller devices. We'll take a look at the way the
compiler is invoked when using J2SE to compile J2ME applications. Finally, we'll explore
packaging and deployment and the role preverification plays in this process.

3.Design considerations for small devices

Developing applications for small devices requires you to keep certain strategies in mind
during the design phase. It is best to strategically design an application for a small device before
you begin coding. Correcting the code because you failed to consider all of the "gotchas" before
developing the application can be a painful process. Here are some design strategies to consider:

* Keep it simple. Remove unnecessary features, possibly making those features a separate,
secondary application.

* Smaller is better. This consideration should be a "no brainer" for all developers. Smaller
applications use less memory on the device and require shorter installation times. Consider
packaging your Java applications as compressed Java Archive (jar) files.

Minimize run-time memory use. To minimize the amount of memory used at run time, use scalar
types in place of object types. Also, do not depend on the garbage collector. You should manage
the memory efficiently yourself by setting object references to null when you are finished with
them.

32
Another way to reduce run-time memory is to use lazy instantiation, only allocating objects on
an as-needed basis. Other ways of reducing overall and peak memory use on small devices are to
release resources quickly, reuse objects, and avoid exceptions.

4.Configurations overview

The configuration defines the basic run-time environment as a set of core classes and a specific
JVM that run on specific types of devices. Currently, two configurations exist for J2ME, though
others may be defined in the future:

* Connected Limited Device Configuration (CLDC) is used specifically with the KVM for
16-bit or 32-bit devices with limited amounts of memory. This is the configuration (and the
virtual machine) used for developing small J2ME applications. Its size limitations make CLDC
more interesting and challenging (from a development point of view) than CDC. CLDC is also
the configuration that we will use for developing our drawing tool application. An example of a
small wireless device running small applications is a Palm hand-held computer.

* Connected Device Configuration (CDC) is used with the C virtual machine (CVM) and is
used for 32-bit architectures requiring more than 2 MB of memory. An example of such a device
is a Net TV box.

5.J2ME profiles

What is a J2ME profile?

As we mentioned earlier in this tutorial, a profile defines the type of device supported. The
Mobile Information Device Profile (MIDP), for example, defines classes for cellular phones. It
adds domain-specific classes to the J2ME configuration to define uses for similar devices. Two
profiles have been defined for J2ME and are built upon CLDC: KJava and MIDP. Both KJava
and MIDP are associated with CLDC and smaller devices. Profiles are built on top of
configurations. Because profiles are specific to the size of the device (amount of memory) on
which an application runs, certain profiles are associated with certain configurations.

A skeleton profile upon which you can create your own profile, the Foundation Profile, is
available for CDC.

33
Profile 1: KJava

KJava is Sun's proprietary profile and contains the KJava API. The KJava profile is built on top
of the CLDC configuration. The KJava virtual machine, KVM, accepts the same byte codes and
class file format as the classic J2SE virtual machine. KJava contains a Sun-specific API that runs
on the Palm OS. The KJava API has a great deal in common with the J2SE Abstract Windowing
Toolkit (AWT). However, because it is not a standard J2ME package, its main package is
com.sun.kjava. We'll learn more about the KJava API later in this tutorial when we develop
some sample applications.

Profile 2: MIDP

MIDP is geared toward mobile devices such as cellular phones and pagers. The MIDP, like
KJava, is built upon CLDC and provides a standard run-time environment that allows new
applications and services to be deployed dynamically on end user devices. MIDP is a common,
industry-standard profile for mobile devices that is not dependent on a specific vendor. It is a
complete and supported foundation for mobile application

development. MIDP contains the following packages, the first three of which are core CLDC
packages, plus three MIDP-specific packages.

* java.lang

* java.io

* java.util

* javax.microedition.io

* javax.microedition.lcdui

* javax.microedition.midlet

* javax.microedition.rms

34
 CHAPTER 9

CONCLUSION AND FUTURE ENHANCEMENTS

9.1 CONCLUSION

In this way, we study the framework for detecting malicious mobile webpages in real
time. Mobile webpages are significantly different than their desktop counterparts in content,
functionality and layout. Therefore, existing techniques using static features of desktop
webpages to detect malicious behavior for mobile specific pages. We designed and developed a
fast and reliable static analysis technique that detects mobile malicious webpages and also detect
phishing sites. Our application provides greater accuracy in classification, and detects a number
of malicious mobile webpages in the wild that are not detected by existing techniques such as
Cantina. Finally, we build a browser extension that provides real-time feedback to users. We
proposed an application for mobile platforms. We identified the weaknesses of the heuristics-
based anti-phishing schemes that highly rely on the HTML source code of web pages. Our
application resolves this issue by using OCR, which can accurately extract text from the
screenshot of the login interface so that the claimed identity of phishing attacker can be verified.
We conclude that our application detects new mobile specific threats such as websites hosting
and takes the first step towards identifying new security challenges in the modern mobile web.

9.2 FUTURE ENHANCEMENTS

Every application has its own merits and demerits. The project has covered almost all the
requirements. Further enhancements can be made to the android application, so that the project
functions very attractive and useful manner than the present one.

 More security checks should be included.

 Efficiency improved.

35
 CHAPTER 10
APPENDIX
10.1 SOURE CODE

package jesus;

import java.io.File;

import java.io.FileInputStream;

import java.sql.Connection;

import java.sql.DriverManager;

import java.sql.PreparedStatement;

import org.apache.poi.hssf.usermodel.HSSFRow;

import org.apache.poi.hssf.usermodel.HSSFSheet;

import org.apache.poi.hssf.usermodel.HSSFWorkbook;

import org.apache.poi.poifs.filesystem.POIFSFileSystem;

public class Dataset

public static void main(String[] args)

File f =new File("D:\\Files\\aa.xls");

try

Class.forName("com.mysql.jdbc.Driver");

36
 Connection con = (Connection)
DriverManager.getConnection("jdbc:mysql://localhost/kayo","root","root");

PreparedStatement query=con.prepareStatement("truncate table data");

query.executeUpdate();

con.setAutoCommit(false);

PreparedStatement pstm = null ;

FileInputStream input = new FileInputStream(f.getAbsolutePath());

POIFSFileSystem fs = new POIFSFileSystem( input );

HSSFWorkbook wb = new HSSFWorkbook(fs);

HSSFSheet sheet = wb.getSheetAt(0);

HSSFRow row;

for(int i=1; i<=sheet.getLastRowNum(); i++)

row = sheet.getRow(i);

String author = row.getCell(0).getStringCellValue();

//String coa = row.getCell(1).getStringCellValue();

String sql = "INSERT INTO data(site) VALUES('"+author+"')";

pstm = (PreparedStatement) con.prepareStatement(sql);

pstm.execute();

System.out.println("Import rows "+i);

con.commit();

37
 pstm.close();

con.close();

input.close();

System.out.println("Success import excel to mysql table");

}catch(Exception e)

System.out.println(e);

package kAYO;

import java.io.IOException;

import java.io.PrintWriter;

import javax.servlet.RequestDispatcher;

import javax.servlet.ServletException;

import javax.servlet.annotation.WebServlet;

import javax.servlet.http.HttpServlet;

38
import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

/**

* Servlet implementation class Admin

*/

@WebServlet("/Admin")

public class Admin extends HttpServlet {

private static final long serialVersionUID = 1L;

/**

* @see HttpServlet#HttpServlet()

*/

public Admin() {

super();

// TODO Auto-generated constructor stub

/**

* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)

*/

protected void doGet(HttpServletRequest request, HttpServletResponse response) throws

ServletException, IOException {

// TODO Auto-generated method stub

39
 /**

* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)

*/

protected void doPost(HttpServletRequest request, HttpServletResponse response)

throws ServletException, IOException

PrintWriter out = response.getWriter();

String a = request.getParameter("name");

String b = request.getParameter("pass");

if(a.equals("admin")&&b.equals("admin"))

out.println("<script type=\"text/javascript\">");

out.println("alert(\"Login Successfully\")");

out.println("</script>");

RequestDispatcher rd = request.getRequestDispatcher("AHome.jsp");

rd.include(request, response);

else

out.println("<script type=\"text/javascript\">");

out.println("alert(\"Invalid Id and Password\")");

out.println("</script>");

40
 RequestDispatcher rd = request.getRequestDispatcher("ALogin.jsp");

rd.include(request, response);

import java.io.IOException;

import java.io.PrintWriter;

import java.sql.Connection;

import java.sql.DriverManager;

import java.sql.PreparedStatement;

import java.sql.SQLException;

import javax.servlet.RequestDispatcher;

import javax.servlet.ServletException;

import javax.servlet.annotation.WebServlet;

import javax.servlet.http.HttpServlet;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

/**

* Servlet implementation class Malicious

*/

@WebServlet("/Malicious")

public class Malicious extends HttpServlet {

41
 private static final long serialVersionUID = 1L;

/**

* @see HttpServlet#HttpServlet()

*/

public Malicious() {

super();

// TODO Auto-generated constructor stub

/**

* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)

*/

protected void doGet(HttpServletRequest request, HttpServletResponse response) throws

ServletException, IOException {

// TODO Auto-generated method stub

/**

* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)

*/

protected void doPost(HttpServletRequest request, HttpServletResponse response)

throws ServletException, IOException

String a = request.getParameter("url");

String b = request.getParameter("keyword");

42
 String c = request.getParameter("ipa");

PrintWriter out = response.getWriter();

try

Class.forName("com.mysql.jdbc.Driver");

Connection
con=DriverManager.getConnection("jdbc:mysql://localhost/kayo","root","root");

PreparedStatement ps = con.prepareStatement("insert into

hacker(url,keyword,ip)values('"+a+"','"+b+"','"+c+"')");

ps.executeUpdate();

out.println("<script type=\"text/javascript\">");

out.println("alert(\"This Is Malicious Web Page\")");

out.println("</script>");

RequestDispatcher rd=request.getRequestDispatcher("index.html");

rd.include(request,response);

catch (ClassNotFoundException e)

// TODO Auto-generated catch block

e.printStackTrace();

} catch (SQLException e)

43
 {

// TODO Auto-generated catch block

e.printStackTrace();

package kAYO;

import java.net.InetAddress;

import java.net.UnknownHostException;

public class Test {

public static void main(String[] args) {

InetAddress ip;

try {

ip = InetAddress.getLocalHost();

System.out.println("Current IP address : " + ip.getHostAddress());

44
 } catch (UnknownHostException e) {

e.printStackTrace();

import java.io.IOException;

import java.io.PrintWriter;

import java.sql.Connection;

import java.sql.DriverManager;

import java.sql.PreparedStatement;

import java.sql.SQLException;

import javax.servlet.RequestDispatcher;

import javax.servlet.ServletException;

import javax.servlet.annotation.WebServlet;

import javax.servlet.http.HttpServlet;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

/**

45
* Servlet implementation class Hack

*/

@WebServlet("/Hack")

public class Hack extends HttpServlet {

private static final long serialVersionUID = 1L;

/**

* @see HttpServlet#HttpServlet()

*/

public Hack() {

super();

// TODO Auto-generated constructor stub

/**

* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)

*/

protected void doGet(HttpServletRequest request, HttpServletResponse response) throws

ServletException, IOException {

// TODO Auto-generated method stub

/**

* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)

*/

46
 protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {

String a = request.getParameter("urls");

String b = request.getParameter("message");

PrintWriter out = response.getWriter();

try

Class.forName("com.mysql.jdbc.Driver");

Connection
con=DriverManager.getConnection("jdbc:mysql://localhost/kayo","root","root");

PreparedStatement ps = con.prepareStatement("insert into

attack(url,keyword)values('"+a+"','"+b+"')");

ps.executeUpdate();

out.println("<script type=\"text/javascript\">");

out.println("alert(\"Succesfully Added\")");

out.println("</script>");

RequestDispatcher rd=request.getRequestDispatcher("AtHome.jsp");

rd.include(request,response);

catch (ClassNotFoundException e)

47
 // TODO Auto-generated catch block

e.printStackTrace();

} catch (SQLException e)

// TODO Auto-generated catch block

e.printStackTrace();

48
10.2 SCREEN SHOTS

Home Page

49
Admin login

50
Admin Home Page

51
Add URL

52
View All URL

53
View Malware Page

54
View Malware Site

55
Attacker View Hack Site Information

56
User Search Page

57
User Search Result

58
Malicious Site Alert Box

59
Result

60
 CHAPTER 11

REFERENCES

Journal Reference:
1. Chaitrali Amrutkar, Young Seuk Kim, and Patrick Traynor, Senior Member, IEEE,
“Detecting Mobile Malicious Webpages in Real Time”,

2. J. Ma, L. K. Saul, S. Savage, G. M. Voelker, "Beyond blacklists: Learning to detect

malicious web sites from suspicious URLs", Proc. SIGKDD Conf., pp. 1245-1254, 2009.

3. L. Bilge, E. Kirda, C. Kruegel, M. Balduzzi, "EXPOSURE : Finding malicious domains

using passive DNS analysis", 18th Annu. Netw. Distrib. Syst. Security Symp., 2011.

4. Amrutkar, Y. S. Kim and P. Traynor, "Detecting Mobile Malicious Webpages in Real

Time," in IEEE Transactions on Mobile Computing, vol. 16, no. 8, pp. 2184-2197, 2017

5. D. Canali, M. Cova, G. Vigna, C. Kruegel, "Prophiler: A fast filter for the large-scale
detection of malicious web pages", Proc. 20th Int. Conf. World Wide Web, pp. 197-206,
2011

6. Ikinci, T. Holz, F. Freiling, "Monkey-spider: Detecting malicious websites with low-

interaction honeyclients", Proc. Sicherheit Schutz Zuverlassigkeit, 2008.

61