Image Identification System

A mini project report submitted in partial fulfillment of the requirements for the award of

BACHELOR OF TECHNOLOGY IN INFORMATION TECHNOLOGY

By

M.NARESH J.NIKHIL K. RAJIV VARMA S. SAI RAM

09241A1219 09241A1221 09241A1232 09241A1235

Under the Esteemed Guidance of

MS.T. Anitha
Asst.Professor

DEPARTMENT OF INFORMATION TECHNOLOGY GOKARAJU RANGARAJU INSTITUTE OF ENGINEERING AND TECHNOLOGY

CERTIFICATE
This is to certify that it is a bonafide record of mini project work entitled Image Identification System done by M. NARESH (09241A1219), J. NIKHIL (09241A1221), K.RAJIV VARMA (09241A1232), S. SAI RAM (09241A1235) student of B.Tech(IT) in the Department of Information Technology, Gokaraju Rangaraju Institute of Engineering and Technology during the period 2011-2012 in the partial fulfillment of the requirements for the award of degree of B.Tech in information technology. The results presented in this work have been verified and are found to be satisfacatory. university for the award of any Degree/Diploma. This work is not submitted to any other

Internal Guide Ms.T. Anitha Asst.Professor Dept of IT GRIET

Head of the Department Dr. T.V.Rajini Kanth Professor & Head Dept of IT GRIET

External Examiner

ACKNOWLEDGEMENT
We wish to express our deep gratitude to our guide in the Department of Information Technology, for all the advice, encouragement and constant support he has given us throughout our project work. This work would not have been possible without his support and valuable suggestions.

We are grateful to the Members of Project Review Committee for their valuable suggestions.We are also grateful to Dr.Jandhyala N.Murthy, Principal and Prof P.S.Raju. Director of GRIET for giving us the necessary facilities to carry out our project work successfully.

We would like to thank all our friends for their help and constructive criticism during our project work

M.NARESH J.NIKHIL K. RAJIV VARMA S. SAI RAM

09241A1219 09241A1221 09241A1232 09241A1235

ABSTRACT
Authentication is the first line of defense against compromising confidentiality and integrity . Though traditional login/password based schemes are easy to implement, they have been subjected to several attacks. As alternative, token and biometric based authentication systems were introduced. However, they have not improved substantially to justify the investment. Thus, a variation to the login/password scheme, viz. graphical scheme was introduced. But it also suffered due to shoulder-surfing and screen dump attacks. In this paper, we introduce a framework of our proposed (IPAS) Implicit Password Authentication System, which is immune to the common attacks suffered by other authentication schemes.

CONTENTS
1. Introduction 2. Problem Definition 2.1 2.1.1 2.2 2.2.1
Existing System Disadvantages

1 3
3

3 4 4 5 5 5 6 6 6 6 6 9 9 9 9 10 10 10 11 12 13 13 14 14 14 14

Proposed System Advantages

3. Software and hardware requirement 3.1 3.2 Hardware Requirements Software Requirements

4. System Study 4.1 4.1.1 4.1.2 4.2 Modules Create User profile Vector Generate Random Question Study Case of IPAS (Mobile Banking)

5. Feasibility Study 5.1 5.2 5.3 Economical Feasibility Technical Feasibility Social Feasibility

6. Technical Study 6.1 6.1.1 6.1.2 6.1.3 6.2 6.2.1 7. Testing 7.1 7.2 7.2.1 Testing Objectives Test Case Design White box testing HTML Table Frames Form Java Script Java Script Method

7.2.2 7.2.3 7.2.4 7.2.5 7.2.6

black box testing Unit Testing Integration Testing Validation Testing System Testing

15 15 15 15 15 16 21 30 30 56 57

8. UML Diagrams 9. Screen Shots 10. Appendix 10.1 Source code 11. Conclusion 12. Bibliography

LIST OF FIGURES
Fig 8.1 Fig 8.2 Fig 8.3 Fig 8.4 Fig 8.5 Fig 8.6 Class Diagram Use case Diagram Sequence diagram for user Collaboration diagram for user Component diagram Deployment diagram 16 17 18 19 19 20

SCREEN SHOTS
Fig 9.1 Fig 9.2 Fig 9.3 Fig 9.4 Fig 9.5 Fig 9.6 Fig 9.7 Fig 9.8 Fig 9.9 Fig 9.10 Fig 9.11 Fig 9.12 Fig 9.13 Fig 9.14 Fig 9.15 Fig 9.16 Fig 9.17 Homepage Admin Login Admin home page View users Registration Account Details form Security Questions Account number confirmation User login screen Choose category Select a picture from mobile Wrong picture selected login fail User page after image authentication View balance Screen for transfer balance Amount transferred confirmation After transferring amount screen 21 21 22 22 23 23 24 24 25 25 26 26 27 27 28 28 29

1. INTRODUCTION Authentication is a process of determining whether a particular individual or a device should be allowed to access a system or an application or merely an object running in a device. This is an important process which assures the basic security goals, viz. confidentiality and integrity. Also, adequate authentication is the first line of defense for protecting any resource. It is important that the same authentication technique may not be used in every scenario. For example, a less sophisticated approach may be used for accessing a chat server compared to accessing a corporate database. Most of the existing authentication schemes require processing both at the client and the server end. Thus, the acceptability of any authentication scheme greatly depends on its robustness against attacks as well as its resource requirement both at the client and at the server end. The resource requirement has become a major factor due to the proliferation of mobile and hand-held devices. Nowadays with the use of mobile phones, users can access any information including banking and corporate database. In this paper, we specifically target the mobile banking domain and propose a new and intelligent authentication scheme. However, our proposal can also be used in other domains where confidentiality and integrity are the major security requirements. 1.1 Various authentication schemes There are several authentication schemes available in the literature. They can be broadly classified as follows. What you know What you have and What you are The traditional username/password or PIN based authentication scheme is an example of the what you know type. Smartcards or electronic tokens are examples of what you have type of authentication and finally biometric based authentication schemes are examples of the what you are type of authentication. Some authentication systems may use a combination of the above schemes.In this paper, we focus only on what you know types of authentication.

Although traditional alphanumeric passwords are used widely, they have problems such as being hard to remember, vulnerable to guessing, dictionary attack, key-logger, shoulder-surfing and social engineering . In addition to these types of attacks, a user may tend to choose a weak password or record his password. This may further weaken the authentication schemes. As an alternative to the traditional password based scheme, the biometric system was introduced. This relies upon unique features unchanged during the life time of a human, such as finger prints, iris etc. The major problem of biometric as an authentication scheme is the high cost of additional devices needed for identification process . The false-positive and false negative rate may also be high if the devices are not robust. Biometric systems are vulnerable to replay attack (by the use of sticky residue left by finger on the devices), which reduces the security and usability levels. Thus, recent developments have attempted to overcome biometric shortcomings by introducing token-based authentication schemes.

2. PROBLEM DEFNITION 2.1 Existing System: The traditional username/password or PIN based authentication scheme is an example of the what you know type. Smartcards. As an alternative to the traditional password based scheme, the biometric system was introduced. This relies upon unique features unchanged during the life time of a human, such as finger prints, iris etc. Token based systems rely on the use of a physical device such as smartcards or electronic-key for authentication purpose. Graphical-based password techniques have been proposed as a potential alternative to text-based techniques, supported partially by the fact that humans can remember images better than text. In general, the graphical password techniques can be classified into two categories: recognition-based and recall based graphical techniques. In recognition-based systems, a group of images are displayed to the user and an accepted authentication requires a correct image being clicked or touched in a particular order. In recall-based systems, the user is asked to reproduce something that he/she created or selected earlier during the registration phase. Recall based schemes can be broadly classified into two groups, pure recall-based technique and cued recall-based technique. 2.1.1 Disadvantages: 1. Alphanumeric passwords are used widely, they have problems such as being hard to remember, vulnerable to guessing, dictionary attack, key-logger, shouldersurfing and social engineering. 2. The major problem of biometric as an authentication scheme is the high cost of additional devices needed for identification process. 3. Although a recognition-based graphical password seems to be easy to remember, which increases the usability, it is not completely secure. It needs several rounds of image recognition for authentication to provide a reasonably large password space, which is tedious.

2.2Proposed System: In this paper, we focus only on what you know types of authentication. We propose our Implicit Password Authentication System. IPAS is similar to the Pass Point scheme with some finer differences. In every what you know type authentication scheme we are aware of, the server requests the user to reproduce the fact given to the server at the time of registration. This is also true in graphical passwords such as Pass Point. In IPAS, we consider the password as a piece of information known to the server at the time of registration and at the time of authentication, the user give this information in an implicit form that can be understood only by the server. 2.2.1 Advantages: The strength of IPAS depends greatly on how effectively the authentication information

is embedded implicitly in an image and it should be easy to decrypt for a legitimate user and highly fuzzy for a non-legitimate user. No password information is exchanged between the client and the server in IPAS, Since

the authentication information is conveyed implicit l

3. SOFTWARE AND HARDWARE REQUIREMENTS 3.1 Hardware Requirements: Processor Hard Disk : : Intel Duel Core. 60 GB. 1.44 Mb. LCD Colour. Optical Mouse. 512 Mb.

Floppy Drive : Monitor Mouse RAM : : :

3.2 Software Requirements: Operating system Coding Language Data Base : : : Windows XP. Java, jsp, Severlets MYSQL

4. SYSTEM STUDY 4.1 Modules: 4.1.1 Create User profile Vector: While registration of user information, the user id, security question and answer are getting for creating profile vector. Every user selects answer for security questions at the time of registration and provides their individual answer. For each question, the system then either creates an authentication space .Once the authentication space is created, the system is ready for authenticating a user. 4.1.2 Generate Random Question: For each question, the server may choose a random scenario from the authentication space that represents the correct answer. The chosen scenario will have one or more clickable points that represent the answer to the question provided by the particular user. 4.1.3 Compare User Profile/login Profile: Enters User name and answer as location points for the random security question will decide that the user is legitimate or an imposter. the authentication information is presented to the user in an implicit form that can be understood and decoded only by the legitimate end user. 4.1.4 Inbox Services: The Inbox maintains The Details of amount transferred from one account to another account. User can able to deposit the amount to another user; Admin can manage the account details of the users. If any update in the balance amount as both users can see in mobile. User sends money to another user, that messages can able to view the particular user and know the balance details. It refreshes the inbox details automatically. 4.2 Study Case of IPAS (Mobile Banking) In our case study, we consider mobile banking as our domain. However, our proposed (IPAS) may also be implemented in any client-server environment, where we need to authenticate a human as a client (IPAS will not work in machine-to-machine authentication).

We also assume thatthe server has enough hardware resources like RAM and CPU. This is not un-realistic as high-end servers are becoming cheaper day-by-day. The bank may have a

database of 100 to 200 standard questions. During the time of registration, a user should pick 1020 questions from the database (depending upon the level of security required) andprovide answers to the selected questions. For example: user may choose the following questions: The maker of your first car? The city you love to visit or visited? Date of birth? For each question, the server may create an intelligent authentication space using images, where the answers to the particular question for various users are implicitly embedded into the images. During the time of authentication, the server may pick one or more questions selected by the users at the time of registration randomly the number of questions depends on the level of service requested). For each chosen question, the server may choose an image randomly from the authentication space and present IT to the user as a challenge. Using the stylus or the mouse, the user needs to navigate the image and click the right answer. For example, the server may present the user with the picture of the Globe. The user should correlate to Question 2. If Sydney is the city the user loves to visit or has visited, he needs to click on to Australia (Fig 2.1). It will then enlarge Australia. Then in the map, the user needs to click Sydney as shown in this figure.

Fig 2.1 Australia city in the map

5. FEASABILITY STUDY 5 Feasibility Study: The feasibility of the project is analyzed in this phase and business proposal is put forth with a very general plan for the project and some cost estimates. During system analysis the feasibility study of the proposed system is to be carried out. This is to ensure that the proposed system is not a burden to the sever. For feasibility analysis, some understanding of the major requirements for the system is essential. Three key considerations involved in the feasibility analysis are---

1. Economical Feasibility 2. Technical Feasibility 3. Social Feasibility

5.1 Economical Feasibility: This study is carried out to check the economic impact that the system will have on the organization. The amount of fund that the company can pour into the research and development of the system is limited. The expenditures must be justified. Thus the developed system as well within the budget and this was achieved because most of the technologies used are freely available. Only the customized products had to be purchased. 5.2 Technical Feasibility: This study is carried out to check the technical feasibility, that is, the technical requirements of the system. Any system developed must not have a high demand on the available technical resources. This will lead to high demands on the available technical resources. This will lead to high demands being placed on the client. The developed system must have a modest requirement, as only minimal or null changes are required for implementing this system. 5.3 Social Feasibility: The aspect of study is to check the level of acceptance of the system by the user. This includes the process of training the user to use the system efficiently. The user must not feel threatened by the system, instead must accept it as a necessity. The level of acceptance by the users solely depends on the methods that are employed to educate the user about the system and to make him familiar with it. His level of confidence must be raised so that he is also able to make some constructive criticism, which is welcomed, as he is the final user of the system.

6. TECHNICAL STUDY Over view Of Software Development tools: 6.1 HTML Html is a language which is used to create web pages with html marking up a page to indicate its format, telling the web browser where you want a new line to begin or how you

want text or images aligned and more are possible. We used the following tags in our project. 6.1.1 Table: Tables are so popular with web page authors is that they let you arrange the elements of a web page in such a way that the browser wont rearrange them web page authors frequently use tables to structure web pages. <tr>: <TR> is used to create a row in a table encloses <TH> and

<TD> elements. <TR> contain many attributes. Some of them are, Align: specifies the horizontal alignment of the text in the table row. Bgcolor: Specifies the background color for the row. BorderColor: Sets the external border color for the row. valign: Sets the vertical alignment of the data in this row. <th>: <TH> is used to create table heading. Align: Sets the horizontal alignment of the content in the table cell. Sets LEFT, RIGHT, CENTER. BackGround: Species the back ground image for the table cell. Bgcolor: Specifies the background color of the table cell Valign: Sets the vertical alignment of the data. Sets to TOP, MIDDLE, BOTTOM or BASELINE. width: Specifies the width of the cell. Set to a pixel width or a percentage of the display area. <TD>: <TD> is used to create table data that appears in the cells of a table.

10

Align: Species the horizontal alignment of content in the table cell. Sets to LEFT, CENTER, RIGHT. Bgcolor: Specifies the background image for the table cell. bgcolor: sets the background color of the table cells. width: Species the width of the cell 6.1.2 FRAMES: Frames are used for either run off the page or display only small slices of what are supposed to be shown and to configure the frame we can use <FRAMESET> There are two important points to consider when working with <FRAMESET>. <FRAMESET> element actually takes the place of the <BODY> element in a document. Specifying actual pixel dimensions for frames . <FRAME> Elements are used to create actual frames. From the frameset point of view dividing the browser into tow vertical frames means creating two columns using the <FRAMESET> elements COLS attribute. The syntax for vertical fragmentation is, <FRAMESET COLS =50%, 50%> </FRAMESET> Similarly if we replace COLS with ROWS then we get horizontal fragmentation. The syntax for horizontal fragmentation is, <FRAMESET ROWS=50%, 50%>

</FRAMESET>

11

6.1.3 FORM: The purpose of FORM is to create an HTML form; used to enclose HTML controls, like buttons and text fields. ATTRIBUTES: action: Gives the URL that will handle the form data. name: Gives the name to the form so you can reference it in code set to an alphanumeric string. method: method or protocol is used to sending data to the target action URL. The GET method is the default, it is used to send all form name/value pair information in an URL. Using the POST method, the content of the form are encoded as with the GET method, but are sent in environment variables. CONTROLS IN HTML: <INPUT TYPE =BUTTON>: Creates an html button in a form. ATTRIBUTES: Name: gives the element a name. Set to alphanumeric characters. Size: sets the size. Value: sets the caption of the element. <INPUT TYPE = PASSWORD>: Attributes: Creates a password text field, which makes typed input. Name: gives the element a name, set to alphanumeric characters. Value: sets the default content of the element. <INPUT TYPE=RADIO>: Creates a radio button in a form. ATTRIBUTE: name: Gives the element a name. Set to alphanumeric character. value: Sets the default content of the element. <INPUT TYPE=SUBMIT>: Creates a submit button that the user can click to send data in the form back to the web server.

12

ATTRIBUTES: name: Gives the element a name. Set to alphanumeric characters. Value: Gives this button another label besides the default, Submit Query. Set to alphanumeric characters. <INPUT TYPE=TEXT>: Creates a text field that the user can enter or edit text in. ATTRIBUTES: name: Gives the element a name. Set to alphanumeric characters. Value: Holds the initial text in the text field. Set to alphanumeric character 6.2 JAVA SCRIPT: Java script originally supported by Netscape navigator is the most popular web scripting language today. Java script lets you embedded programs right in your web pages and run these programs using the web browser. You place these programs in a <SCRIPT> element, usually with in the <HEAD> element. If you want the script to write directly to the web page, place it in the <BODY> element. JAVA SCRIPT METHODS: Writeln: Document.writeln() is a method, which is used to write some text to the current web page. OnClick: Occurs when an element is clicked. OnLoad: Occurs when the page loads. onMouseDown: Occurs when a mouse button goes down. onMouseMove: Occurs when the mouse moves. onUnload: Occurs when a page is unloaded.

13

7. TESTING Testing Software testing is a critical element of software quality assurance and represents the ultimate review of specification, design and code generation. 7.1 Tesing Objectives: 1. To ensure that during operation the system will perform as per specification. 2. TO make sure that system meets the user requirements during operation 3. To make sure that during the operation, incorrect input, processing and output will be detected 4. To see that when correct inputs are fed to the system the outputs are correct 5. To verify that the controls incorporated in the same system as intended 6. Testing is a process of executing a program with the intent of finding an error 7. A good test case is one that has a high probability of finding an as yet undiscovered error The software developed has been tested successfully using the following testing strategies and any errors that are encountered are corrected and again the part of the program or the procedure or function is put to testing until all the errors are removed. A successful test is one that uncovers an as yet undiscovered error. Note that the result of the system testing will prove that the system is working correctly. It will give confidence to system designer, users of the system, prevent frustration during implementation process etc. 7.2 Test Case Design: 7.2.1 White box testing: White box testing is a testing case design method that uses the control structure of the procedure design to derive test cases. All independents path in a module are exercised at least once, all logical decisions are exercised at once, execute all loops at boundaries and within their operational bounds exercise internal data structure to ensure their validity. Here the customer is given three chances to enter a valid choice out of the given menu. After which the control exits the current menu.

14

7.2.2 Black Box Testing: Black Box Testing attempts to find errors in following areas or categories, incorrect or missing functions, interface error, errors in data structures, performance error and initialization and termination error. Here all the input data must match the data type to become a valid entry. 7.2.3 Unit Testing: Unit testing is essentially for the verification of the code produced during the coding phase and the goal is test the internal logic of the module/program. In the Generic code project, the unit testing is done during coding phase of data entry forms whether the functions are working properly or not. In this phase all the drivers are tested they are rightly connected or not. 7.2.4 Integration Testing: All the tested modules are combined into sub systems, which are then tested. The goal is to see if the modules are properly integrated, and the emphasis being on the testing interfaces between the modules. In the generic code integration testing is done mainly on table creation module and insertion module. 7.2.5 Validation Testing: This testing concentrates on confirming that the software is error-free in all respects. All the specified validations are verified and the software is subjected to hard-core testing. It also aims at determining the degree of deviation that exists in the software designed from the specification; they are listed out and are corrected. 7.2.6 System Testing: This testing is a series of different tests whose primary is to fully exercise the computerbased system. This involves: 1. Implementing the system in a simulated production environment and testing it. 2. Introducing errors and testing for error handling

15

8.UML DIAGRAMS
8.1 Class Diagram:

Fig 8.1 class diagram

16

8.2 Use case Diagram:

username

admin password

role

submit

Fig 8.2 Use case Diagram

17

8.3 Sequence diagram for user:

user

username

password

submit

database

eneter username

enter password

click on submit

values sent to database

verify

home page will be displayed if values are correct

Error page if values are not correct

Fig 8.3 Sequence diagram for user

18

8.4 Collaboration diagram for user:

1: eneter username usernam e 2: enter password passwor d

user

4: values sent to database 3: click on submit

6: home page will be displayed if values are correct 7: Error page if values are not correct submit databas e

5: verify

Fig 8.4 Collaboration diagram for user 8.5 Component diagram:

add the rando m question

view users admin

enter username and password

click on login

Fig 8.5 Component diagram

19

8.6 Deployment diagram:

userna me passwor d user

role

login

perform transact

Fig 8.6 Deployment diagram

20

9. SCREEN SHOTS

Homepage:

Fig 9.1 Homepage

Admin login:

Fig 9.2 Admin Login 21

Admin Home page:

Fig 9.3 Admin home page View users:

Fig 9.4 View users

22

Registration

Fig 9.5 Registration

Account Details form:

Fig 9.6 Account Details form

23

Security Questions:

Fig 9.7 Security Questions

Account number confirmation:

Fig 9.8 Account number confirmation

24

User login screen:

Fig 9.9 User login screen

Choose category:

Fig 9.10 Choose category

25

Select a picture from mobile:

Fig 9.11 Select a picture from mobile

Wrong picture selected login fail:

Fig 9.12 Wrong picture selected login fail

26

Userpage after image authentication:

Fig 9.13 User page after image authentication

View balance:

Fig 9.14 View balance

27

Screen for transfer balance:

Fig 9.15 Screen for transfer balance

Amount teansfered confirmation:

Fig 9.16 Amount transferred confirmation

28

After transferring amount screen:

Fig 9.17 After transferring amount screen

29

10. APPENDIX
10.1 Source code: Login.html <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"

"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Untitled Document</title> <link href="css.css" rel="stylesheet" type="text/css" /> </head> <body background="images/background.jpeg"> <table width="780" border="0" align="center" cellpadding="0" cellspacing="0"

bgcolor="#AD7934"> <tr> <td width="230" valign="top"><table width="226" border="0" align="center"

cellpadding="0" cellspacing="0"> <tr> <td style="text-align:center;"><img src="images/banking1.jpg" width="226" height="139" alt="" /></td> </tr> <tr> <td valign="top" style="padding-left:50px; padding-right:20px; padding-top:20px; paddingbottom:20px;"> <div class="menu"><a href="index.html">Home Page</a></div>

</td> </tr> <tr>

30

<td style="padding-left:20px; padding-right:10px;"> <div style="text-align:center;"></div> <div class="body1" style="padding-top:10px;"><span

style="color:#663300;"></span><br /> <br /><br />

</div>

</td> </tr> </table> </td> <td width="320" valign="top" bgcolor="goldenrod"> <div><img src="images/image3.jpg" width="320" height="333" alt="" /></div> <div></div> <div class="body1" style="padding-top:15px;"><br /> <br /> </div> <div class="body1" style="text-align:right; padding-top:6px;"><a

href="content.html"></a> </div>

</td> <td width="230" valign="top"> <div style="padding-top:20px; padding-right:12px; padding-bottom:50px; textalign:right;"> <table width="128" border="0" cellspacing="3" cellpadding="0"> <tr> <td align="center" valign="top"><img src="images/image7.jpg" width="70" height="60" alt="" /></td> 31

<td align="center" valign="top"><img src="images/image6.jpg" width="70" height="60" alt="" /></td> <td align="center" valign="top"></td> <td align="center" valign="top"></td> </tr> </table> </div> <div> <table cellspacing="0" "> <tr> <td> <div style="padding:15px;"></div> <div style="padding-bottom:8px;"> <form name="form1" action="login1.jsp" style="margin:auto;"> <table width="215" border="0" align="center" cellpadding="3" cellspacing="0"> <tr> <td width="59" class="field"><font color="red">Account Number</font></td> <td width="140"><label><input type="text" name="uname" style="width:90%;" /></label></td> </tr> <tr> <td class="field"><font color="red">Password</font></td> <td><label><input /></label></td> </tr> <tr> <td width="59" class="field"><font color="red">Role</font></td> <td width="140"><label> 32 type="password" name="password" style="width:90%;" width="224" border="0" align="center" cellpadding="4"

<select name="role"> <option value="admin">admin</option> <option value="user">user</option> </select></td> </tr> <tr> <td colspan="2" align="right" class="field" style="padding-right:12px;"> <label> <input type="image" name="imageField" src="images/submit.gif" /> </label></td> </tr> </table> </form> </div> </td> </tr> </table> </div> <div style="text-align:center; padding-top:12px; padding-bottom:12px;"><a

href="register1.jsp"><img src="images/r1.jpeg" alt="" width="198" height="107" border="0" /></a></div> <div style="padding-left:15px; padding-right:15px; text-align:center;"></div> <div class="body1" style="padding-left:22px; padding-right:22px; paddingtop:6px;"> <br /> <br /> <br /> <br /> <br /> <br />

33

</td> <!-- </tr> <tr> <td class="footer"><a href="index.html">Home Page</a> : </tr>--> </table> </body> </html>

Login1.jsp <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"

"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Untitled Document</title> <link href="css.css" rel="stylesheet" type="text/css" /> </head>

<body> <table width="780" border="0" align="center" cellpadding="0" cellspacing="0"

bgcolor="#AD7934"> <tr> <td width="230" valign="top"><table width="226" border="0" align="center"

cellpadding="0" cellspacing="0"> <tr> <td style="text-align:center;"><img src="images/index_02.gif" width="226" height="139" alt="" /></td> </tr> 34

<tr> <td valign="top" style="padding-left:50px; padding-right:20px; padding-top:20px; paddingbottom:20px;"> <div class="menu"><a href="index.html">Home Page</a></div>

</td> </tr> <tr> <td style="padding-left:20px; padding-right:10px;"> <div style="text-align:center;"><img src="images/index_47.gif" width="161"

height="28" alt="" /></div> <div class="body1" style="padding-top:10px;"><span

style="color:#663300;"></span><br /> Enter your personal information<br /><br /> <img src="images/index_57.gif" width="9" height="5" alt="" /><br /> </div>

</td> </tr> </table> </td>

<td width="320" valign="top" bgcolor="#7F4F20"> <div><img src="images/index_05.gif" width="320" height="333" alt="" /></div>

35

<%session.setMaxInactiveInterval(120); %>

<%@include file="conn.jsp"%> <% Statement stmt=null; ResultSet rs=null; session=request.getSession(true); String username,password,role,r; username=request.getParameter("uname"); System.out.println(username); session.setAttribute("accno",username); password=request.getParameter("password"); role=request.getParameter("role"); System.out.println("username="+username); System.out.println("password="+password); System.out.println(session.getAttribute("pwd")); System.out.println("role="+role);

stmt=con.createStatement(); rs=stmt.executeQuery("select role from login where accno='"+username+"' and password='"+password+"'"); if(rs.next()){ r=rs.getString(1); System.out.println("r="+r); if(r.equalsIgnoreCase("admin")){ response.sendRedirect("adminlogin.jsp"); }

36

else if(r.equalsIgnoreCase("user")){

response.sendRedirect("successcomplete.jsp?pwd="+password); }

} else{ response.sendRedirect("loginfail.jsp"); }

%>

</td>

<td width="230" valign="top"> <div style="padding-top:20px; padding-right:12px; padding-bottom:50px; textalign:right;"> <table width="128" border="0" cellspacing="3" cellpadding="0"> <tr> <td align="center" valign="top"><img src="images/index_08.gif" width="33" height="21" alt="" /></td> <td align="center" valign="top"><img src="images/index_10.gif" width="36" height="21" alt="" /></td>

37

<td align="center" valign="top"><img src="images/index_12.gif" width="33" height="21" alt="" /></td> <td align="center" valign="top"><img src="images/index_14.gif" width="26" height="21" alt="" /></td> </tr> </table> </div> <div> <table width="224" border="0" align="center" cellpadding="4"

cellspacing="0" style="background-image:url(images/index_21.gif);"> <tr> <td> <div style="padding:15px;"><img src="images/index_24.gif"

width="176" height="22" alt="" /></div> <div style="padding-bottom:8px;">

</div> </td> </tr> </table> </div> <div style="text-align:center; padding-top:12px; padding-bottom:12px;"></div> <div style="padding-left:15px; padding-right:15px; text-align:center;"><img src="images/index_43.gif" width="191" height="23" alt="" /></div> <div class="body1" style="padding-left:22px; padding-right:22px; paddingtop:6px;"> <img src="images/index_57.gif" width="9" height="5" alt="" /></div> <div style="text-align:center; padding-top:20px; padding-bottom:12px;"></div> </td> </tr>

38

</table> </body> </html>

Loginfail.jsp <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"

"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Untitled Document</title> <link href="css.css" rel="stylesheet" type="text/css" /> </head> <body background="background3.jpeg"> <table width="780" border="0" align="center" cellpadding="0" cellspacing="0"

bgcolor="images/background3.jpeg"> <tr> <td width="230" valign="top"><table width="226" border="0" align="center"

cellpadding="0" cellspacing="0"> <tr> <td style="text-align:center;"><img src="images/onlinebank.jpeg" width="226" height="120" alt="" /></td> </tr> <tr> <td valign="top" style="padding-left:50px; padding-right:20px; padding-top:20px; paddingbottom:20px;"> <div class="menu"><a href="index.html">Home Page</a></div>

39

</td> </tr> <tr> <td style="padding-left:20px; padding-right:10px;"> <div style="text-align:center;"><img src="images/newsupdate.jpeg" width="161"

height="28" alt="" /></div> <div class="body1" style="padding-top:10px;"><span></span><br /> <br /><br /> <img src="images/index_57.gif" width="9" height="5" alt="" /><br /> </div>

</td> </tr> </table> </td>

<td width="320" valign="top" background="images/background2.jpeg"> <div><img src="images/ebank.jpeg" width="320" height="140" alt="" /></div>

<font color="red">login fail.<font>

</td>

40

<td width="230" valign="top"> <div style="padding-top:20px; padding-right:12px; padding-bottom:50px; textalign:right;"> <table width="128" border="0" cellspacing="3" cellpadding="0"> <tr> <td align="center" valign="top"><img src="images/index_08.gif" width="33" height="21" alt="" /></td> <td align="center" valign="top"><img src="images/index_10.gif" width="36" height="21" alt="" /></td> <td align="center" valign="top"><img src="images/index_12.gif" width="33" height="21" alt="" /></td> <td align="center" valign="top"><img src="images/index_14.gif" width="26" height="21" alt="" /></td> </tr> </table> </div> <div> <table cellspacing="0" style=""> <tr> <td> <div style="padding:15px;"><img src="images/index_24.gif" width="224" border="0" align="center" cellpadding="4"

width="176" height="22" alt="" /></div> <div style="padding-bottom:8px;">

</div> </td> </tr> </table> </div> 41

<div style="text-align:center; padding-top:12px; padding-bottom:12px;"></div> <div style="padding-left:15px; padding-right:15px; text-align:center;"><img src="images/onlinebanking.jpeg" width="191" height="60" alt="" /></div> <div class="body1" style="padding-left:22px; padding-right:22px; paddingtop:6px;"> <img src=" width="9" height="5" alt="" /></div> <div style="text-align:center; padding-top:20px; padding-bottom:12px;"></div> </td> </tr> <%!int count;%> <%@include file="conn.jsp"%> <% if(count==2)

out.println("Ur Acount is Blocked Please contact with Admin"); } else { count++; PreparedStatement st=con.prepareStatement("insert into loginfail values(?)"); st.setInt(1,count); st.executeUpdate(); } %>

</body> </html>

42

Register1.jsp <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"

"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Untitled Document</title> <link href="css.css" rel="stylesheet" type="text/css" /> </head> <script language="javascript"> function checkEmail(email) { if(/^\w+([\.-]?\w+)*@\w+([\.-]?\w+)*(\.\w{2,3})+$/.test(email)){ return (true) } alert("Invalid E-mail Address! Please re-enter.") return (false); }

function validateForm(formObj){ if(formObj.fname.value.length==0){ alert("Please enter your first name"); formObj.fname.focus(); return false; } if(formObj.lname.value.length==0){ alert("Please enter your last name"); formObj.lname.focus(); return false; }

43

if(formObj.dob.value.length==0){ alert("Please enter your DOB"); formObj.dob.focus(); return false; } if(formObj.add.value.length==0){ alert("Please enter your address"); formObj.add.focus(); return false; } if(formObj.email.value.length==0){ alert("Please enter your E-mail"); formObj.email.focus(); return false; } if(!checkEmail(formObj.email.value)){ formObj.email.focus(); return false; } if(formObj.phno.value.length==0){ alert("Please enter your Phno"); formObj.phno.focus(); return false; } } </script> <body background="background3.jpeg"> <table width="780" border="0" align="center" cellpadding="0" cellspacing="0"

bgcolor="images/background3.jpeg"> <tr> 44

<td

width="230"

valign="top"><table

width="226"

border="0"

align="center"

cellpadding="0" cellspacing="0"> <tr> <td style="text-align:center;"><img src="images/onlinebank.jpeg" width="226" height="120" alt="" /></td> </tr> <tr> <td valign="top" style="padding-left:50px; padding-right:20px; padding-top:20px; paddingbottom:20px;"> <div class="menu"><a href="index.html">Home Page</a></div>

</td> </tr> <tr> <td style="padding-left:20px; padding-right:10px;"> <div style="text-align:center;"><img src="images/newsupdate.jpeg" width="161"

height="28" alt="" /></div> <div class="body1" style="padding-top:10px;"><span></span><br /> Enter your personal information<br /><br /> <img src="images/index_57.gif" width="9" height="5" alt="" /><br /> </div>

</td> </tr> </table> </td>

<td width="320" valign="top" background="images/background2.jpeg"> <div><img src="images/ebank.jpeg" width="320" height="140" alt="" /></div> 45

<table> <form method="post" action="register2.jsp" onsubmit="return color="green">Personal

validateForm(this);"><tr><center><h2><font Information</font></h2></center></tr> <tr><td><h3><font color="red">First

Name:</font></h3></td><td><input

type="text" name="fname"/></td></tr> <tr><td><h3><font color="red">Last Name:</font></h3></td><td><input

type="text" name="lname"/></td></tr> <tr><td><h3><font color="red">DOB:</font></h3></td><td><input type="text" name="dob"/><font color="red">(dd/mm/yy)</font></td></tr> <tr><td><h3><font color="red">Address:</font></h3></td><td><textarea

rows="5" cols="15" name="add"></textarea></td></tr> <tr><td><h3><font type="text" name="email"/></td></tr> <tr><td><h3><font type="text" name="phno"/></td></tr> <tr><td></td><td><input type="submit" name="submit" value="Proceed" color="red">PhNo:</font></h3></td><td><input color="red">Email:</font></h3></td><td><input

style="color:black;font-weight:bold"/></td></tr> </form> </table> </td>

<td width="230" valign="top"> <div style="padding-top:20px; padding-right:12px; padding-bottom:50px; textalign:right;"> <table width="128" border="0" cellspacing="3" cellpadding="0"> <tr> <td align="center" valign="top"><img src="images/index_08.gif" width="33" height="21" alt="" /></td>

46

<td

align="center"

valign="top"><img

src="images/index_10.gif"

width="36"

height="21" alt="" /></td> <td align="center" valign="top"><img src="images/index_12.gif" width="33" height="21" alt="" /></td> <td align="center" valign="top"><img src="images/index_14.gif" width="26" height="21" alt="" /></td> </tr> </table> </div> <div> <table cellspacing="0" style=""> <tr> <td> <div style="padding:15px;"><img src="images/index_24.gif" width="224" border="0" align="center" cellpadding="4"

width="176" height="22" alt="" /></div> <div style="padding-bottom:8px;">

</div> </td> </tr> </table> </div> <div style="text-align:center; padding-top:12px; padding-bottom:12px;"></div> <div style="padding-left:15px; padding-right:15px; text-align:center;"><img src="images/onlinebanking.jpeg" width="191" height="60" alt="" /></div> <div class="body1" style="padding-left:22px; padding-right:22px; paddingtop:6px;"> <img src=" width="9" height="5" alt="" /></div> <div style="text-align:center; padding-top:20px; padding-bottom:12px;"></div>

47

</td> </tr>

</table> </body> </html>

Process.jsp <%@ page language="java" import="java.util.*" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"

"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Untitled Document</title> <link href="css.css" rel="stylesheet" type="text/css" /> </head> <body> <table width="780" border="0" align="center" cellpadding="0" cellspacing="0"

bgcolor="#AD7934"> <tr> <td width="230" valign="top"><table width="226" border="0" align="center"

cellpadding="0" cellspacing="0"> <tr> <td style="text-align:center;"><img src="images/index_02.gif" width="226" height="139" alt="" /></td> </tr> <tr> <td valign="top" style="padding-left:50px; padding-right:20px; padding-top:20px; paddingbottom:20px;"> 48

<div class="menu"><a href="index.html">Home Page</a></div> </td> </tr> <tr> <td style="padding-left:20px; padding-right:10px;"> <div style="text-align:center;"><font face="Algerian" color="green" size=5> select correct picture</font></div> <div class="body1" style="padding-top:10px;"><span

style="color:#663300;"></span><br /> <br /><br />

</div>

</td> </tr> </table>

<%@ page language="java" import="java.util.*" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"

"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Untitled Document</title> <link href="css.css" rel="stylesheet" type="text/css" /> </head> <body> <table width="780" border="0" align="center" cellpadding="0" cellspacing="0"

bgcolor="#AD7934"> <tr> 49

<td

width="230"

valign="top"><table

width="226"

border="0"

align="center"

cellpadding="0" cellspacing="0"> <tr> <td style="text-align:center;"><img src="images/index_02.gif" width="226" height="139" alt="" /></td> </tr> <tr> <td valign="top" style="padding-left:50px; padding-right:20px; padding-top:20px; paddingbottom:20px;"> <div class="menu"><a href="index.html">Home Page</a></div>

</td> </tr> <tr> <td style="padding-left:20px; padding-right:10px;"> <div style="text-align:center;"><font face="Algerian" color="green" size=5> select correct picture</font></div> <div class="body1" style="padding-top:10px;"><span

style="color:#663300;"></span><br /> <br /><br />

</div>

</td> </tr> </table>

50

<BODY align="center"> <% String category = request.getParameter("category"); String loc="userimages/"; Random r=new Random(); int n[]=new int[5]; for(int i=0;i<5;i++) { n[i]=r.nextInt(5); System.out.println("random no: "+n[i]); }

if(category.equals("place")) { loc=loc+"place/"; System.out.println(loc+"aus/"+n[0]+".jpg"); out.println("<a src='"+loc+"aus/"+n[0]+".jpg' href='process2.jsp?category=place&p=Australia'> alt='' width='226' <img height='139' <img

border='0'/></a><a alt=''

href='process2.jsp?category=place&p=England'>

src='"+loc+"eng/"+n[1]+".jpg'

width='226' height='139' border='0'/></a><a href='process2.jsp?category=place&p=Hyderabad'> <img src='"+loc+"hyd/"+n[2]+".jpg' alt='' width='226' <img height='139' border='0'/></a><a alt=''

href='process2.jsp?category=place&p=USA'> width='226' height='139' border='0'/></a>");

src='"+loc+"usa/"+n[3]+".jpg'

} else if(category.equals("player")) { loc=loc+"player/"; out.println("<a href='process2.jsp?category=player&p=Dhoni'> <img

src='"+loc+"dhoni/"+n[0]+".jpg' alt='' width='226' height='139' border='0'/></a><a 51

href='process2.jsp?category=player&p=Gayle'> <img src='"+loc+"gayle/"+n[1]+".jpg' alt='' width='226' height='139' border='0'/></a><a href='process2.jsp?category=player&p=Ponting'> <img src='"+loc+"ponting/"+n[2]+".jpg' alt='' width='226' height='139' border='0'/></a><a href='process2.jsp?category=player&p=Afridi'> <img src='"+loc+"afridi/"+n[3]+".jpg' alt='' width='226' height='139' border='0'/></a>"); } else if(category.equals("car")) { loc=loc+"car/"; System.out.println(loc+"Maruthi/"+n[0]+".jpg"); out.println("<a src='"+loc+"Maruthi/"+n[0]+".jpg' href='process2.jsp?category=car&p=Maruthi'> alt='' width='226' <img height='139' <img

border='0'/></a><a alt=''

href='process2.jsp?category=car&p=Benz'>

src='"+loc+"Benz/"+n[1]+".jpg'

width='226' height='139' border='0'/></a><a href='process2.jsp?category=car&p=Hyundai'> <img src='"+loc+"hyundai/"+n[2]+".jpg' alt='' width='226' height='139' border='0'/></a><a href='process2.jsp?category=car&p=BMW'> width='226' height='139' border='0'/></a>"); } else if(category.equals("mobile")) { loc=loc+"mobile/"; System.out.println(loc+"sony/"+n[0]+".jpg"); out.println("<a src='"+loc+"sony/"+n[0]+".jpg' href='process2.jsp?category=mobile&p=Sony'> alt='' width='226' height='139' <img <img src='"+loc+"BMW/"+n[3]+".jpg' alt=''

border='0'/></a><a

href='process2.jsp?category=mobile&p=Motorola'> <img src='"+loc+"motorola/"+n[1]+".jpg' alt='' width='226' height='139' border='0'/></a><a

href='process2.jsp?category=mobile&p=Nokia'> <img src='"+loc+"nokia/"+n[2]+".jpg' alt='' width='226' height='139' border='0'/></a><a href='process2.jsp?category=mobile&p=Samsung'> <img src='"+loc+"samsung/"+n[3]+".jpg' alt='' width='226' height='139' border='0'/></a>");

52

} else if(category.equals("filmstar")) { loc=loc+"filmstar/"; System.out.println(loc+"akshay/"+n[0]+".jpg"); out.println("<a href='process2.jsp?category=filmstar&p=SharukhKhan'> alt='' width='226' height='139' <img

src='"+loc+"sharukh/"+n[0]+".jpg'

border='0'/></a><a <img

href='process2.jsp?category=filmstar&p=HrithikRoshan'> src='"+loc+"hruthik/"+n[1]+".jpg' alt='' width='226' <img height='139'

border='0'/></a><a

href='process2.jsp?category=filmstar&p=Amithab'> alt='' width='226'

src='"+loc+"amithab/"+n[2]+".jpg' border='0'/></a><a <img

height='139'

href='process2.jsp?category=filmstar&p=AkshayKumar'> src='"+loc+"akshay/"+n[3]+".jpg' alt='' width='226' height='139' border='0'/></a>"); }

%> </BODY>

</HTML>

else if(category.equals("player")) { loc=loc+"player/"; out.println("<a src='"+loc+"dhoni/"+n[0]+".jpg' href='process2.jsp?category=player&p=Dhoni'> alt='' width='226' height='139' <img

border='0'/></a><a

href='process2.jsp?category=player&p=Gayle'> <img src='"+loc+"gayle/"+n[1]+".jpg' alt='' width='226' height='139' border='0'/></a><a href='process2.jsp?category=player&p=Ponting'> <img src='"+loc+"ponting/"+n[2]+".jpg' alt='' width='226' height='139' border='0'/></a><a href='process2.jsp?category=player&p=Afridi'> <img src='"+loc+"afridi/"+n[3]+".jpg' alt='' width='226' height='139' border='0'/></a>"); 53

} else if(category.equals("car")) { loc=loc+"car/"; System.out.println(loc+"Maruthi/"+n[0]+".jpg"); out.println("<a src='"+loc+"Maruthi/"+n[0]+".jpg' href='process2.jsp?category=car&p=Maruthi'> alt='' width='226' <img height='139' <img

border='0'/></a><a alt=''

href='process2.jsp?category=car&p=Benz'>

src='"+loc+"Benz/"+n[1]+".jpg'

width='226' height='139' border='0'/></a><a href='process2.jsp?category=car&p=Hyundai'> <img src='"+loc+"hyundai/"+n[2]+".jpg' alt='' width='226' height='139' border='0'/></a><a href='process2.jsp?category=car&p=BMW'> width='226' height='139' border='0'/></a>"); } else if(category.equals("mobile")) { loc=loc+"mobile/"; System.out.println(loc+"sony/"+n[0]+".jpg"); out.println("<a src='"+loc+"sony/"+n[0]+".jpg' href='process2.jsp?category=mobile&p=Sony'> alt='' width='226' height='139' <img <img src='"+loc+"BMW/"+n[3]+".jpg' alt=''

border='0'/></a><a

href='process2.jsp?category=mobile&p=Motorola'> <img src='"+loc+"motorola/"+n[1]+".jpg' alt='' width='226' height='139' border='0'/></a><a

href='process2.jsp?category=mobile&p=Nokia'> <img src='"+loc+"nokia/"+n[2]+".jpg' alt='' width='226' height='139' border='0'/></a><a href='process2.jsp?category=mobile&p=Samsung'> <img src='"+loc+"samsung/"+n[3]+".jpg' alt='' width='226' height='139' border='0'/></a>");

} else if(category.equals("filmstar")) { loc=loc+"filmstar/"; System.out.println(loc+"akshay/"+n[0]+".jpg"); 54

out.println("<a

href='process2.jsp?category=filmstar&p=SharukhKhan'> alt='' width='226' height='139'

<img

src='"+loc+"sharukh/"+n[0]+".jpg'

border='0'/></a><a <img

href='process2.jsp?category=filmstar&p=HrithikRoshan'> src='"+loc+"hruthik/"+n[1]+".jpg' alt='' width='226' <img height='139'

border='0'/></a><a

href='process2.jsp?category=filmstar&p=Amithab'> alt='' width='226'

src='"+loc+"amithab/"+n[2]+".jpg' border='0'/></a><a <img

height='139'

href='process2.jsp?category=filmstar&p=AkshayKumar'> src='"+loc+"akshay/"+n[3]+".jpg' alt='' width='226' height='139' border='0'/></a>"); }

%> </BODY>

</HTML>

55

11.CONCLUSION

In this Project , we have proposed a new Implicit Password Authentication System where the authentication information is implicitly presented to the user. If the user clicks the same grid-of-interest compared with the server, the user is implicitly authenticated. No password information is exchanged between the client and the server in IPAS. Since the authentication information is conveyed implicitly, IPAS can tolerate shoulder-surfing and screen dump attack, which none of the existing schemes can tolerate. The strength of IPAS lies in creating a good authentication space with a sufficiently large collection of images to avoid short repeating cycles. Compared to other methods reviewed in our paper, IPAS may require human-interaction and careful selection of images and click regions. IPAS may also need user training. Once this is done, IPAS can be more robust. In our subsequent papers, we present various steps involved in creating a robust authentication space for every question.

56

12. BIBLIOGRAPHY

REFERENCES

1. Bahram Javidi, Smart Imaging Systems, SPIE Press, 01-Mar-2001

2.

Bahram Javidi , Image recognition and classification, Taylor & Francis

57