Ist Review

CORRELATION-BASED TRAFFIC ANALYSIS ATTACKS ON
ANONYMITY NETWORKS
SYNOPSIS
This project is entitled “CORRELATION-BASED TRAFFIC ANALYSIS ATTACKS

ON ANONYMITY NETWORKS” is designed using c#.net as the front end and MS-SQL 2005
as the back end which is developed under Visual studio .Net 2010.
The main goal this project, it focus on a particular class of traffic analysis attacks, flow
correlation attacks, by which an adversary attempts to analyze the network traffic and correlate the
traffic of a flow over an input link with that over an output link. Two classes of correlation
methods are considered, namely time-domain methods and frequency-domain methods. Based on
our threat model and known strategies in existing mix networks, it perform extensive experiments
to analyze the performance of mixes.
The main features of Quantitative analysis for identifying a web page despite the use of
encryption and anonym zing proxies.
1. INTRODUCTION
1.1 ABOUT THE PROJECT
The project titled “CORRELATION BASED TRAFFIC ANALYSIS ATTACKS ON

ANONYMITY NETWORKS” Microsoft visual studio.Net 2005.The coding language used is
VB.Net. The backend is used SQLServer 2005.
The Internet is increasingly used in all aspects of daily life, the realization has emerged
that privacy and confidentiality are important requirements for the success of many applications. It
has been shown that, in many situations, encryption alone cannot provide the level of
confidentiality required by users, since traffic analysis can easily uncover information about the
participants in a distributed application. User anonymity is one important confidentiality criterion
for many applications, ranging from peer-to-peer file sharing and anonymous web browsing or e-
mail, to various forms of electronic commerce, and finally to electronic voting. The nature of many
such applications requires that the identity of either one or more of the participants remains
confidential either from the other participant(s) or from third parties.
The anonymity of a system can be passively attacked by an observer in two ways, either
through inspection of payload or headers of the exchanged data packets, or, when encryption is
used, through traffic analysis. Sufficiently effective encryption can be used to prevent packet
content inspection, giving prevalence to the second form of attack. Traffic analysis is typically
countered by the use of intermediary nodes, whose role is to perturb the traffic flow and thus
confuse an external observer. Such intermediaries (often called mixes) delay and reroute
exchanged messages, reorder them, pad their size, or perform other operations. Chaum proposed
such a mix network to handle mail traffic.
The original Chaum mix network operates on entire mail messages at a time and therefore
does not need to pay particular attention to latency added by the mixes. Increasingly, the data
exchanged exceed by far the capacity of mixes, for example, in file-sharing applications. As a
result, current mixes operate on individual packets of a flow rather than on entire messages. In
conjunction with source routing at the sender, this allows for very efficient network-level
implementations of mix networks. Mixes are also being used in applications where low latency is
relevant, for example, voice-over-IP or video streaming. Many other applications, such as
traditional FTP or file-sharing applications rely on delay-sensitive protocols, such as TCP, and are
therefore in turn delay-sensitive as well. For such applications, it is well known that the level of
traffic perturbation caused by the mix network must be carefully chosen in order to not unduly
affect delay and throughput requirements of the applications. For the designer of the anonymity
system, these results in a tradeoff between the anonymity degree and quality of- service
(QoS).Although significant efforts have been put forth in researching anonymous communication.
Only recently systematic studies appeared to quantitatively capture the effect of traffic perturbation
on the anonymity in realistic settings. It is, therefore, difficult to assess the improvement of
anonymity that one attains for any given cost in form of added latency and perturbation to traffic
streams. Moreover, few quantitative guidelines exist on how different perturbation mechanisms
perform.
Objective
This project focuses on the quantitative evaluation of mix performance. It focus our
analysis on a particular type of attack, which it call the flow-correlation attack. In general, flow-
correlation attacks attempt to reduce the anonymity degree by estimating the path of flows through
the mix network. Flow correlation analyzes the traffic on a set of links (observation points) inside
the network and estimates the likelihood for each link to be on the path of the flow under
consideration. An adversary analyzes the network traffic with the intention of identifying which of
several output ports a flow at an input port of a mix is taking.
Our major contributions are summarized as follows:
1. It formally model the behavior of an adversary who launches flow-correlation attacks. In order
to successfully identify the path taken by a particular flow, the attacker measures the dependency
of traffic flows. Two classes of correlation methods are considered, namely time-domain methods
and frequency-domain methods. In the time domain, for example, statistical information about rate
distributions is collected and used to identify the traffic dependency. Similarly, in the frequency
domain, it identify traffic similarities by comparing the Fourier spectra of timing data.
2. It measure the effectiveness of a number of popular mix strategies in countering flow-correlation

attacks. Mixes with any tested batching strategy may fail under flow-correlation attacks in the
sense that, for a given flow over an input link, the adversary can effectively detect which output
link is used by the same flow. It use detection rate, the probability that the adversary correctly
correlates flows into and out of a mix, defined as the measure of success for the attack. It will show
that, given a sufficient amount of data, known mix strategies fail; that is, the attack achieves close
to 100 percent detection rate. This remains true even in batching strategies that sacrifice QoS (such
as a significant TCP good put reduction) in favor of security.
3. While many mix strategies rely on other mechanisms in addition to batching alone, it is
important to understand the vulnerabilities of batching. In fact, for a given accuracy of the
collected data, the effectiveness of such attacks depends primarily on the amount of collected data,
i.e., on the length of the observation interval. In our experiments, that are going to illustrate this
dependency between attack effectiveness for various batching strategies and the amount of data.
These results should guide designers of anonymous communication systems in the informed
choice of strategy parameters, such as for striping or for path rerouting.
2. SYSTEM ANALYSIS
System analysis is design and develop new systems, including hardware and software,
according to company specifications.
2.1. EXISTING SYSTEM
In existing system, encryption alone cannot provide the level of confidentiality required by
users, since traffic analysis can easily uncover information about the participants in a distributed
application. User anonymity is one important confidentiality criterion for many applications,
ranging from peer-to-peer file sharing and anonymous web browsing or e-mail, to various forms of
electronic commerce, and finally to electronic voting. The nature of many such applications
requires that the identity of either one or more of the participants remains confidential either from
the other participant(s) or from third parties. The anonymity of a system can be passively attacked
by an observer in two ways, either through inspection of payload or headers of the exchanged data
packets, or, when encryption is used, through traffic analysis. Sufficiently effective encryption can
be used to prevent packet content inspection, giving prevalence to the second form of attack.
Traffic analysis is typically countered by the use of intermediary nodes, whose role is to perturb
the traffic flow and thus confuse an external observer. Such intermediaries (often called mixes)
delay and reroute exchanged messages, reorder them, pad their size, or perform other operations.
2.1.1. Drawbacks of Existing System
 The anonymity of a system can be passively attacked by an observer.

 Difficult to assess the improvement of anonymity that one attains for any given cost in
form of added latency and perturbation to traffic streams.
2.2. PROPOSED SYSTEM

The proposed system is developed on the quantitative evaluation of mix performance. It
focus our analysis on a particular type of attack, which it call the flow-correlation attack. In
general, flow-correlation attacks attempt to reduce the anonymity degree by estimating the path of
flows through the mix network. Flow correlation analyzes the traffic on a set of links (observation
points) inside the network and estimates the likelihood for each link to be on the path of the flow
under consideration. An adversary analyzes the network traffic with the intention of identifying
which of several output ports a flow at an input port of a mix is taking. Obviously, flow correlation
helps the adversary identify the path of a flow and consequently reveal other critical information
related to the flow (e.g., sender and receiver).
2.2.1. Advantages of Proposed System
 To successfully identify the path taken by a particular flow, the attacker measures the
dependency of traffic flows.
 Detection rate, the probability that the adversary correctly correlates flows into and out of a
mix, defined as the measure of success for the attack.
 Introduces traffic analysis methodologies that may be deployed by an adversary.
2.3 FEASIBILTY STUDY

The feasibility of the project is analyzed in this phase and business proposal is put forth
with a very general plan for the project and some cost estimates. During system analysis the
feasibility study of the proposed system is to be carried out. This is to ensure that the proposed
system is not a burden to the company. For feasibility analysis, some understanding of the major
requirements for the system is essential.
Three Key considerations involved in the feasibility analysis are
 ECONOMICAL FEASIBILITY
 TECHNICAL FEASIBILITY
 SOCIAL FEASIBILITY
2.3.1 ECONOMICAL FEASIBILITY
This study is carried out to check the economic impact that the system will have on the
organization. The amount of fund that the company can pour into the research and development of
the system is limited. The expenditures must be justified. Thus the developed system as well
within the budget and this was achieved because most of the technologies used are freely available.
Only the customized products had to be purchased.
2.3.2 TECHNICAL FEASIBILITY

This study is carried out to check the technical feasibility, that is, the technical
requirements of the system. Any system developed must not have a high demand on the available
technical resources. This will lead to high demands being placed on the client.
2.3.3 SOCIAL FEASIBILITY

The aspect of study is to check the level of acceptance of the system by the user. This
includes the process of training the user to use the system efficiently. The user must not feel
threatened by the system, instead must accept it as a necessity. The level of acceptance by the users
solely depends on the methods that are employed to educate the user about the system and to make
him familiar with it.
3. SYSTEM SPECIFICATION
System specification includes the hardware and software specification of the project.
3.1 HARDWARE REQUIREMENTS
This section gives the details and specification of the hardware on which the system is
expected to work.
PROCESSOR : PENTIUM III 866 MHz

RAM : 128 MD SD RAM
MONITOR : 15” COLOR
HARD DISK : 20 GB
KEYBOARD : STANDARD 102 KEYS
MOUSE : 3 BUTTONS
3.2 SOFTWARE REQUIREMENTS
Software programs are designed to run on personal computers. The system specification is
an important part.
OPERATING SYSTEM : WINDOWS 2000 PROFESSIONAL

ENVIRONMENT : VISUAL STUDIO .NET 2005
.NET FRAMEWORK : VERSION 2.0
FRONT END : VB.NET
WEB TECHNOLOGY : ACTIVE SERVER PAGES.NET
BACK END : SQLSERVER 2005
3.3. MODULE DESCRIPTION
 ENHANCEMENT OF MIX NETWORK.

 BUILDING BATCHING STRATEGIES.
 TRAFFIC FLOW CORRELATION.
 DETECTION METRICS.
ENHANCEMENT OF MIX NETWORK
In this module the sender of a message attaches the receiver address to a packet and
encrypts it using the mix’s public key. Upon receiving a packet, a mix decodes the packet.
Different from an ordinary router, a mix usually will not relay the received packet immediately.
Rather, it collects several packets and then sends them out in a batch.
BUILDING BATCHING STRATEGIES
Building batching strategies are designed to prevent not only simple timing analysis
attacks, but also powerful trickle attacks. It will evaluate each of these strategies to send the
packets.
TRAFFIC FLOW CORRELATION
Traffic flow-correlation used to the adversary either to correlate senders and receivers
directly or to greatly reduce the searching time for such a correlation in a mix network. Objective
is to correlate an incoming flow to an output link at a Mix. Also find the Flow-correlation attack
DETECTION METRICS
This module used to analyze the detection rate of the traffic attacks. Use detection rate, the
probability that the adversary correctly correlates flows into and out of a mix, defined as the
measure of success for the attack. It will show that, given a sufficient amount of data, known mix
strategies fail; that is, the attack achieves close to 100 percent detection rate. This remains true
even in batching strategies that sacrifice QoS in favor of security.
3.4 SOFTWARE DESCRIPTION
FEATURES OF VISUAL BASIC.NET
The initial announcement of the .NET Framework, it's taken on many new and different
meanings to different people. To a developer, .NET means a great environment for creating robust
distributed applications. To an IT manager, .NET means simpler deployment of applications to end
users, tighter security, and simpler management. To a CTO or CIO, .NET means happier
developers using state-of-the-art development technologies and a smaller bottom line. To
understand why all these statements are true, you need to get a grip on what the .NET Framework
consists of, and how it's truly a revolutionary step forward for application architecture,
development, and deployment.
.NET Framework
Now that you are familiar with the major goals of the .NET Framework, let's briefly
examine its architecture. As you can see in Figure 1-2, the .NET Framework sits on top of the
operating system, which can be a few different flavors of Windows and consists of a number of
components .NET is essentially a system application that runs on Windows.
Conceptually, the CLR and the JVM are similar in that they are both runtime infrastructures
that abstract the underlying platform differences. However, while the JVM officially supports only
the Java language, the CLR supports any language that can be represented in its Common
Intermediate Language (CIL). The JVM executes bytecode, so it can, in principle, support many
languages, too.
Unlike Java's bytecode, though, CIL is never interpreted. Another conceptual difference
between the two infrastructures is that Java code runs on any platform with a JVM, whereas .NET
code runs only on platforms that support the CLR. In April, 2003, the International Organization
for Standardization and the International Electro technical Committee (ISO/IEC) recognized a
functional subset of the CLR, known as the Common Language Interface (CLI), as an international
standard.
The .NET Framework Class Library
The second most important piece of the .NET Framework is the .NET Framework class
library, as have seen, the common language runtime handles the dirty work of actually running the
code write. But to write the code, need a foundation of available classes to access the resources of
the operating system, database server, or file server. The FCL is made up of a hierarchy of
namespaces that expose classes, structures, interfaces, enumerations, and delegates that give you
access to these resources.
The namespaces are logically defined by functionality. For example, the System. Data
namespace contains all the functionality available to accessing databases. This namespace is
further broken down into System.Data.SqlClient, which exposes functionality specific to SQL
Server, and System.Data.OleDb, which exposes specific functionality for accessing OLEDB data
sources.
The bounds of a namespace aren't necessarily defined by specific assemblies within the
FCL; rather, they're focused on functionality and logical grouping. In total, there are more than
20,000 classes in the FCL, all logically grouped in a hierarchical manner.
To use an FCL class in your application, you use the Imports statement in Visual Basic
.NET or the using statement in C#. When you reference a namespace in Visual Basic .NET or C#,
you also get the convenience of auto-complete and auto-list members when you access the objects'
types using Visual Studio .NET. This makes it very easy to determine what types are available for
each class in the namespace you're using. As you'll see over the next several weeks, it's very easy
to start coding in Visual Studio .NET.
The Structure of a .NET Application
To understand how the common language runtime manages code execution, you must
examine the structure of a .NET application. The primary unit of a .NET application is the
assembly. An assembly is a self-describing collection of code, resources, and metadata. The
assembly manifest contains information about what is contained within the assembly. The
assembly manifest provides:
 Identity information, such as the assembly’s name and version number
 A list of all types exposed by the assembly
 A list of other assemblies required by the assembly
 A list of code access security instructions, including permissions required by the assembly
and permissions to be denied the assembly
Each assembly has one and only one assembly manifest, and it contains all the description
information for the assembly. However, the assembly manifest can be contained in its own file or
within one of the assembly’s modules.
Introduction to Object-Oriented Programming
Programming in the .NET Framework environment is done with objects. Objects are
programmatic constructs that represent packages of related data and functionality. Objects are self-
contained and expose specific functionality to the rest of the application environment without
detailing the inner workings of the object itself. Objects are created from a template called a class.
The .NET base class library provides a set of classes from which you can create objects in your
applications. This lesson introduces you to the concepts associated with object-oriented
programming.
Visual Basic .NET
When an instance of a class is created, a copy of the instance data defined by that class is
created in memory and assigned to the reference variable. Individual instances of a class are
independent of one another and represent separate programmatic constructs. There is generally no
limit to how many copies of a single class can be instantiated at any time. The plans can be used to
make any number of cars, and changes to a single car do not, for the most part, affect any other
cars.
Objects are composed of members. Members are properties, fields, methods, and events,
and they represent the data and functionality that comprise the object. Fields and properties
represent data members of an object. Methods are actions the object can perform, and events are
notifications an object receives from or sends to other objects when activity happens in the
application.
To continue with the real-world example of a car, consider that a Car object has fields and
properties, such as Color, Make, Model, Age, Gas Level, and so on. These are the data that
describe the state of the object. The methods represent behaviors the object can execute. And
events represent notifications. For example, a Car object might receive an Engine Overheating
event from its Engine object, or it might raise a Crash event when interacting with a Tree object.
Object Models
Simple objects might consist of only a few properties, methods, and perhaps an event or
two. More complex objects might require numerous properties and methods and possibly even
subordinate objects. Objects can contain and expose other objects as members. For example, the
Textbox control exposes a Font property,every instance of the Form class contains and exposes a
Controls collection that comprises all of the controls contained by the form. The object model
defines the hierarchy of contained objects that form the structure of an object.
An object model is a hierarchical organization of subordinate objects contained and

exposed within a main object. To illustrate, let’s revisit the example of a car as an object. A car is a
single object, but it also consists of subordinate objects. The composition of these subordinate
objects directly affects how the Car object functions as a whole.
Encapsulation
Encapsulation is the concept that implementation of an object is independent of its

interface. Put another way, an application interacts with an object through its interface, which
consists of its public properties and methods. As long as this interface remains constant, the
application can continue to interact with the component, even if implementation of the interface
was completely rewritten between versions.
Objects should only interact with other objects through their public methods and properties.
Thus, objects should contain all of the data they require, as well as all of the functionality that
works with that data. The internal data of an object should never be exposed in the interface; thus,
fields rarely should be Public (public).
Polymorphism
Polymorphism is the ability of different classes to provide different implementations of the

same public interfaces. In other words, polymorphism allows methods and properties of an object
to be called without regard for the particular implementation of those members. For example, a
Driver object can interact with a Car object through the Car public interface. If another object,
such as a Truck object or a Sports Car object, the Driver object can interact with them without
regard to the specific implementation of that interface. There are two principal ways through which
polymorphism can be provided: interface polymorphism and inheritance polymorphism
Features of SQL-Server
The OLAP Services feature available in SQL Server version 7.0 is now called SQL Server
2000 Analysis Services. The term OLAP Services has been replaced with the term Analysis
Services. Analysis Services also includes a new data mining component. The Repository
component available in SQL Server version 7.0 is now called Microsoft SQL Server 2000 Meta
Data Services. The term repository is used only in reference to the repository engine within Meta
Data Services. SQL-SERVER database consist of six type of objects,
Query
A query is a question that has to be asked the data. Access gathers data that answers the
question from one or more table. The data that make up the answer is either dynaset (if you edit it)
or a snapshot (it cannot be edited).Each time it run query, it get latest information in the dynast.
Access either displays the dynast or snapshot for us to view or perform an action on it, such as
deleting or updating.
Forms
A form is used to view and edit information in the database record by record .A form
displays only the information it want to see in the way want to see it. Forms use the familiar
controls such as textboxes and checkboxes. This makes viewing and entering data easy.
Views of Form:
We can work with forms in several primarily there are two views,
They are,
1. Design View
2. Form View
Design View
To build or modify the structure of a form, we work in forms design view. It can add
control to the form that are bound to fields in a table or query, includes textboxes, option buttons,
graphs and pictures.
Report
A report is used to vies and print information from the database. The report can ground
records into many levels and compute totals and average by checking values from many records at
once. Also the report is attractive and distinctive because we have control over the size and
appearance of it.
Macro
A macro is a set of actions. Each action in macros does something. Such as opening a form
or printing a report .We write macros to automate the common tasks the work easy and save the
time.
Module
Modules are units of code written in access basic language. It can write and use module to
automate and customize the database in very sophisticated ways.
4. SYSTEM DESIGN
Design is multi-step process that focuses on data structure software architecture, procedural
details, (algorithms etc.) and interface between modules. The design process also translates the
requirements into the presentation of software that can be accessed for quality before coding
begins.
Computer software design changes continuously as new methods; better analysis and broader
understanding evolved. Software Design is at relatively early stage in its revolution.
Therefore, Software Design methodology lacks the depth, flexibility and quantitative nature
that are normally associated with more classical engineering disciplines. However techniques for
software designs do exist, criteria for design qualities are available and design notation can be
applied.
41. INPUT DESIGN
Input design is the process of converting user-originated inputs to a computer-based format.

Input design is one of the most expensive phases of the operation of computerized system and is
often the major problem of a system.
In the project, the input design is made in various windows forms with various methods. For
examples, in the Admin and user form, the empty username and password is not allowed. The
username if exists in the database, the input is considered to be invalid and is not accepted.
4.2. OUTPUT DESIGN
Output design generally refers to the results and information that are generated by the system
for many end-users; output is the main reason for developing the system and the basis on which
they evaluate the usefulness of the application.
4.3. CODE DESIGN
Codes facilities easier identification, simplification in handling and retrieval if items by

consuming less storage space. The codes are designed in such a manner that it will be easily
understands by the user. The codes also generated automatically by the system
4.4. DATABASE DESIGN
The database design is a must for any application developed especially more for the data store
projects. Since the chatting method involves storing the message in the table and produced to the
sender and receiver, proper handling of the table is a must.
In the project, login table is designed to be unique in accepting the username and the length of
the username and password should be greater than zero.
The complete listing of the tables and their fields are provided in the annexure under the title
‘Table Structure’.
4.5. Dataflow Diagram
LEVEL 1
Server
Packet
Sending
Mix Network
Connect to Mix
LEVEL 2
Mix Network
Packet Received
Encryption Process
Send to receiver
5. SYSTEM TESTING
The procedure level testing is made first. By giving improper inputs, the errors occurred are
noted and eliminated. In computer programming, unit testing is a procedure used to validate that
individual units of source code are working properly. A unit is the smallest testable part of an
application. In procedural programming a unit may be an individual program, function, procedure,
etc., while in object-oriented programming, the smallest unit is a method; which may belong to a
base/super class, abstract class or derived/child class.
TESTING TYPES
5.1 BLACK BOX TESTING
Internal system design is not considered in this type of testing. Tests are based on
requirements and functionality.
5.2 WHITE BOX TESTING
This testing is based on knowledge of the internal logic of an application’s code. Also
known as Glass box Testing. Internal software and code working should be known for this type of
testing. Tests are based on coverage of code statements, branches, paths, conditions.
5.3 UNIT TESTING
Unit testing verification efforts on the smallest unit of software design, module. This is
known as “Module Testing”. The modules are tested separately. This testing is carried out during
programming stage itself. In these testing steps, each module is found to be working satisfactory.
5.4 INTEGRATION TESTING
Integration testing is a systematic technique for constructing tests to uncover error

associated within the interface. In the project, all the modules are combined and then the entire
programmer is tested as a whole. In the integration-testing step, all the error uncovered is corrected
for the next testing steps.
5.5 VALIDATION TESTING
Validation testing is where requirements established as a part of software requirement

analysis is validated against the software that has been constructed this test provides the final
assurance that the software meets all functional, behavioural and performance requirements. The
errors, which were not uncovered during integration testing, are found out and corrected during
this phase.
The purpose of integration testing is to verify functional, performance and reliability

requirements placed on major design items. These "design items", i.e. assemblages (or groups of
units), are exercised through their interfaces using black box testing, success and error cases being
simulated via appropriate parameter and data inputs. Simulated usage of shared data areas and
inter-process communication is tested and individual subsystems are exercised through their input
interface.
Test cases are constructed to test that all components within assemblages interact correctly,
for example across procedure calls or process activations, and this is done after testing individual
modules, i.e. unit testing.
The overall idea is a "building block" approach, in which verified assemblages are added to
a verified base which is then used to support the integration testing of further assemblages.
6. SYSTEM IMPLEMENTATION
Once the system has been developed the system has to be tested and if no bugs fund it is
implemented. Implementation is the stage of the project where the theoretical design is turned into
a working system or it is easy stage in achieving a successful new system.
Implementation is the process of converting a new system design into operation. It is the
phase that focuses on user training, site preparation and file conversion for installing a candidate
system. The important factor that should be considered here is that the conversion should not
disrupt the functioning of the organization.
The application is implemented in the Internet Information Services 5.0 web server under
the Windows 2000 Professional and accessed from various clients.
Implementation is the most crucial stage in achieving a successful system and giving the
user’s confidence that the new system is workable and effective. Implementation of a modified
application to replace an existing one. This type of conversation is relatively easy to handle,
provide there are no major changes in the system.
Each program is tested individually at the time of development using the data and has
verified that this program linked together in the way specified in the programs specification, the
computer system and its environment is tested to the satisfaction of the user. The system that has
been developed is accepted and proved to be satisfactory for the user. And so the system is going to
be implemented very soon. A simple operating procedure is included so that the user can
understand the different functions clearly and quickly.
7. SYSTEM MAINTEANANCE
System maintenance is an ongoing activity, which covers a wide variety of activities,

including removing program and design errors, updating documentation and test data and updating
user support. For the purpose of convenience, maintenance may be categorized into three classes,
namely:
i) Corrective
ii) Adaptive
iii) Perfective.
i) Corrective Maintenance This type of maintenance implies removing errors in a program, which
might have crept in the system due to faulty design or wrong assumptions. Thus, in corrective
maintenance, processing or performance failures are repaired.
ii) Adaptive Maintenance In adaptive maintenance, program functions are changed to enable the
information system to satisfy the information needs of the user. This type of maintenance may
become necessary because of organizational changes which may include:
a) Change in the organizational procedures
b) Change in forms.
c) Change in information needs of managers.
iii) Perfective Maintenance: - Perfective maintenance means adding new programs or modifying
the existing programs to enhance the performance of the information system. This type of
maintenance undertaken to respond to user’s additional needs which may be due to the changes
within or outside of the organization.
8. CONCLUSION
The analyzed mix networks in terms of their effectiveness in providing anonymity and
quality-of-service. Various methods used in mix networks were considered: seven different packet
batching strategies and two implementation schemes, namely the link-based batching scheme and
mix based batching scheme. Found that mix networks that use traditional batching strategies,
regardless of the implementation scheme, are vulnerable under flow-correlation attacks. By using
statistical analysis, an adversary can accurately determine the output link used by traffic that comes
to an input flow of a mix. The failure of traditional mix batching strategies directly leads us to the
formulation of anew packet control method for mixes in order to overcome their vulnerability to
flow correlation attacks. Appropriate output control can achieve a guaranteed low detection rate
while maintaining high throughput for normal payload traffic. Our claim is validated by extensive
performance data collected from experiments.
9. BIBLIOGRAPHY
Book References
1. Carsten Thomsen. Database programming with C#. Books for professionals by
professionals. Apress, Berkeley, CA, USA, 2002.
2. 2.Dino Esposito “ASP.Net and Ajax web Applications” Microsoft Press, ISBN 978-0-
7356-2621-8.
3. Matthew A. Telles. C# black book. Coriolis Group Books, Scottsdale, AZ, USA, 2002.
ISBN 1-58880-192-6
4. Ross Tate, Juan Chen, and Chris Hawblitzel. Inferable objectoriented typed assembly
language. ACM SIGPLAN Notices, 45(6): 424{435, June 2010. CODEN SINODQ. ISSN
0362-1340.
5. Stephen Walther “ASP.NET 3.5 Unleashed” SAMS Publishing, ISBN 0-672-33011-3.
Web Reference
1. http://www9.limewire.com/developer/gnutella_protocol_0.4.pdf
2. http://www.darkridge.com/~jpr5/doc/gnutella.html
3. http://people.cs.uchicago.edu
4. http://www.pcquest.com/content/p2p/102091205.asp
10. APPENDIX
10.1 SAMPLE CODING
SERVER
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Text;
using System.Windows.Forms;
using System.Data.SqlClient;
namespace MixServer
{
public partial class Login : Form
{
public Login()
{
InitializeComponent();
}
private void btnlogin_Click(object sender, EventArgs e)

{
if ( Username.Text=="Admin" && Password.Text=="Admin")
{
Home H = new Home();
H.Show();
this.Hide();
else
{
MessageBox.Show("Enter Valid Name And Password", "Login Faild",
MessageBoxButtons.OK, MessageBoxIcon.Error);
}
private void Login_Load(object sender, EventArgs e)

{
}
}
}
PACKED LOAD
using System;
using System.Data;
using System.Text;
using System.IO;
using System.Security.Cryptography;
using System.Net;
using System.Net.Sockets;
using System.Runtime.Serialization.Formatters.Binary;
namespace MixServer
{
public partial class PacketLoad : Form
{
const int limit = 4;

Socket mysock;
NetworkStream mynws;
FileStream fs;
string FilePath;
FileStream FSWrite;
byte[] buffer;
byte[] m_DataBuffer = new byte[10];
SqlConnection con = new

SqlConnection("server=.;database=DDRA;uid=sa;pwd=");
string[] packetnames = new string[6];

string path = @"C:\Temp Files\";
string destination = @"D:\temp\";
public PacketLoad()
{
}
private void btnbrowse_Click(object sender, EventArgs e)
{
openFileDialog1.ShowDialog();
txtfile.Text = openFileDialog1.FileName;
string Extensin = Path.GetExtension(txtfile.Text);
if (Extensin == ".doc" || Extensin == ".txt" || Extensin == ".pdf"
|| Extensin == ".xls" || Extensin == ".rtf")
{
txtrich.LoadFile(txtfile.Text.ToString(),
RichTextBoxStreamType.PlainText);
//txtrich.LoadFile(txtfile.Text.ToString());
txtrich.Visible = true;
OriginalPicture.Visible = false;
}
if (Extensin == ".JPEG" || Extensin == ".jpeg" || Extensin ==
".jpg" || Extensin == ".GIF" || Extensin == ".gif" || Extensin == ".bmp" ||
Extensin == ".BMP")
{
OriginalPicture.Visible = true;
txtrich.Visible = false;
OriginalPicture.ImageLocation = txtfile.Text;
}
FileStream fileStream = new FileStream(txtfile.Text, FileMode.Open,
FileAccess.Read);
int length = (int)fileStream.Length; // get file length
textBox1.Text = length.ToString();
fs = new FileStream(txtfile.Text, FileMode.Open, FileAccess.Read);
string name = Path.GetFileName(txtfile.Text);
DirectoryInfo TempPath = Directory.CreateDirectory(path);

int SizeofEachFile = Convert.ToInt32(fs.Length);
FilePath = TempPath.Root.ToString() + TempPath.Name.ToString() +
"\\";
string inputFile = txtfile.Text;
string BaseFileName = Path.GetFileName(inputFile);
FileStream fs1 = new FileStream(path + BaseFileName,
FileMode.CreateNew, FileAccess.Write);
int BytesRead = 0;
buffer = new byte[SizeofEachFile];
if ((BytesRead = fs.Read(buffer, 0, SizeofEachFile)) > 0)
{
fs1.Write(buffer, 0, BytesRead);
}
fs1.Close();
private void Fsend_Click(object sender, EventArgs e)

{
string inputFile = txtfile.Text;
string BaseFileName = Path.GetFileName(inputFile);
sendpacket(Desnode.Text, Mix.Text, BaseFileName, path);
public void sendpacket(string Destination, string mix, string

filename3, string path)
{
string buf;
buf = textBox1.Text + "*" + Desnode.Text + "#" + Mix.Text;
string path2 = @"C:\Temp Files\";
byte[] packet = File.ReadAllBytes(path2 + filename3);
string thisip = "";
thisip = System.Net.Dns.GetHostName();
IPHostEntry ipEntry = System.Net.Dns.GetHostEntry(thisip);
IPAddress[] addr = ipEntry.AddressList;
string thisIP = addr[addr.Length - 1].ToString();
TcpClient myclient = new TcpClient(mix , 8086);
NetworkStream myns = myclient.GetStream();
BinaryFormatter br = new BinaryFormatter();
//br.Serialize(myns, packet + filename3 + "," + thisIP + "," +
Destination);
br.Serialize(myns,filename3 +"^"+buf);
BinaryWriter mybw = new BinaryWriter(myns);
byte[] buffer1 = packet;
mybw.Write(buffer1);
mybw.Close();
myns.Close();
myclient.Close();
}
private void panel1_Paint(object sender, PaintEventArgs e)

{
}
}
}
MIX NETWORK
SEND PACKET
using System;
using System.Data;
using System.Text;
using System.Net;
using System.Threading;
using System.Runtime.Serialization.Formatters;
using System.IO;
using System.Runtime.Serialization;
using System.Xml.Serialization;
namespace Mix1
{
public partial class SendPacket : Form
{
public SendPacket()
{
}
NetworkStream NetWork;
TcpListener TCPL;
Socket mysock;
Thread myth;
string[] ReceivedItemsBuffer;
string[] Redata;
public string FilePath;
const int count = 3;
public string FileName;
public string Filesize;
public string SourceIP;
public string DesIP;
public string thisIP = "";
public string path3;
public string path;
public static int currentBitStrength = 0;
public delegate void FinishedProcessDelegate();
public delegate void UpdateBitStrengthDelegate(int bitStrength);
public delegate void UpdateTextDelegate(string inputText);
private void SendPacket_Load(object sender, EventArgs e)
{
try
{
string thisip = "";

thisIP = addr[addr.Length - 1].ToString();
path = @"C:\ReceivedMix\";
FilePath = TempPath.Root.ToString() + TempPath.Name.ToString()
+ "\\";
//txtdate.Text = DateTime.Now.ToShortDateString();
//txttime.Text = DateTime.Now.ToLongTimeString();
TCPL = new TcpListener(8086);

TCPL.Start();
for (int i = 0; i <= count; i++)

{
myth = new Thread(new

System.Threading.ThreadStart(Receving)); // Start Thread Session
myth.Start();
}
}
catch (Exception Ex)
{
MessageBox.Show(Ex.ToString(), "Error Message");
}
}
void Receving()
{
mysock = TCPL.AcceptSocket();
try
{
NetWork = new NetworkStream(mysock);
BinaryFormatter bf = new BinaryFormatter();
object op;
op = bf.Deserialize(NetWork);
BinaryReader br = new BinaryReader(NetWork);
byte[] buffer = br.ReadBytes(6000000);
string ReceivedItems;
ReceivedItems = op.ToString();
ReceivedItemsBuffer = ReceivedItems.Split('^','*', '#');
FileName = ReceivedItemsBuffer[0].ToString();
Filesize = ReceivedItemsBuffer[1].ToString();
SourceIP = ReceivedItemsBuffer[2].ToString();
DesIP = ReceivedItemsBuffer[3].ToString();
path3 = "C:\\ReceivedMix\\" + FileName;
this.BeginInvoke(new MethodInvoker(delegate()
{
this.textBox1.Text = Filesize;
this.textBox2.Text = SourceIP;
this.textBox3.Text = DesIP;
}));
int count = ReceivedItems.Length;
FileStream fss = new FileStream(FilePath + FileName,
FileMode.OpenOrCreate, FileAccess.ReadWrite);
fss.Write(buffer, 0, buffer.Length);
fss.Close();
buffer = null;
MessageBox.Show("Packet Received From " + SourceIP, "MIX1",
MessageBoxButtons.OK, MessageBoxIcon.Information);
this.BeginInvoke(new MethodInvoker(delegate()
{
this.richTextBox1.LoadFile(path3.ToString(),
}));
catch (Exception exc)

{
MessageBox.Show(exc.Message);
}
}
private void FinishedProcess()
{
Application.DoEvents();
}
public static void SetBitStrength(int bitStrength)
{ currentBitStrength = bitStrength; }
private void UpdateText(string inputText)
{ richTextBox1.Text = inputText; }
private void button1_Click(object sender, EventArgs e)

{
if (richTextBox1.Text.Length != 0)
{
openFileDialog1.FileName = "";
openFileDialog1.Title = "Open Public Key File";
openFileDialog1.Filter = "Public Key Document( *.pke )|*.pke";
string fileString = null;
if (openFileDialog1.ShowDialog() == DialogResult.OK)
{
if (File.Exists(openFileDialog1.FileName))
{
StreamReader streamReader = new
StreamReader(openFileDialog1.FileName, true);
fileString = streamReader.ReadToEnd();
streamReader.Close();
if (fileString.Length >= richTextBox1.MaxLength)
{ MessageBox.Show("ERROR: \nThe file you are trying to
open is too big for the text editor to display properly.\nPlease open a smaller
document!\nOperation Aborted!"); }
}
}
if (fileString != null)
{
FinishedProcessDelegate finishedProcessDelegate = new
FinishedProcessDelegate(FinishedProcess);
UpdateTextDelegate updateTextDelegate = new
UpdateTextDelegate(UpdateText);
string bitStrengthString = fileString.Substring(0,
fileString.IndexOf("</BitStrength>") + 14);
fileString = fileString.Replace(bitStrengthString, "");
int bitStrength =
Convert.ToInt32(bitStrengthString.Replace("<BitStrength>",
"").Replace("</BitStrength>", ""));
this.Refresh();
{
try
{
EncryptionThread encryptionThread = new
EncryptionThread();
Thread encryptThread = new
Thread(encryptionThread.Encrypt);
encryptThread.IsBackground = true;
encryptThread.Start(new Object[] { this,
finishedProcessDelegate, updateTextDelegate, richTextBox1.Text, bitStrength,
fileString });
}
catch (CryptographicException CEx)
{ MessageBox.Show("ERROR: \n One of the following has
occured.\nThe cryptographic service provider cannot be acquired.\nThe length of
the text being encrypted is greater than the maximum allowed length.\nThe OAEP
padding is not supported on this computer.\n" + "Exact error: " + CEx.Message);
}
{ MessageBox.Show("ERROR: \n" + Ex.Message); }
}
}
}
else
{ MessageBox.Show("ERROR: You Can Not Encrypt A NULL Value!!!"); }
richTextBox1.SaveFile("encfile.rtf");
}
private bool saveFile(string title, string filterString, string
outputString)
{
saveFileDialog1.Title = title;
saveFileDialog1.Filter = filterString;
saveFileDialog1.FileName = "";
saveFileDialog1.InitialDirectory = "C:\\ReceivedMix\\";
if (saveFileDialog1.ShowDialog() == DialogResult.OK)
{
try
{
StreamWriter streamWriter = new
StreamWriter(saveFileDialog1.FileName, false);
if (outputString != null)
{ streamWriter.Write(outputString); }
streamWriter.Close();
return true;
}
{
Console.WriteLine(Ex.Message);
return false;
}
}
return false;
}
{
KeyPairGeneratorForm generator = new KeyPairGeneratorForm();
if (generator.ShowDialog() == DialogResult.OK)
{
RSACryptoServiceProvider RSAProvider = new
RSACryptoServiceProvider(currentBitStrength);
string publicAndPrivateKeys = "<BitStrength>" +
currentBitStrength.ToString() + "</BitStrength>" +
RSAProvider.ToXmlString(true);
string justPublicKey = "<BitStrength>" +
currentBitStrength.ToString() + "</BitStrength>" +
RSAProvider.ToXmlString(false);
if (saveFile("Save Public/Private Keys As", "Public/Private
Keys Document( *.kez )|*.kez", publicAndPrivateKeys))
{ while (!saveFile("Save Public Key As", "Public Key
Document( *.pke )|*.pke", justPublicKey)) { ; } }
}
}
public void sendpacket(string Destination, string filename3, string
path)
{
string buf;
buf = textBox1.Text + "*" + DesIP;
string path2 = @"C:\ReceivedMix\";
byte[] packet = File.ReadAllBytes(path2 + filename3);
string thisip = "";
TcpClient myclient = new TcpClient(DesIP,9000);
//br.Serialize(myns, packet + filename3 + "," + thisIP + "," +
Destination);
br.Serialize(myns, filename3 + "^" + buf);
mybw.Close();
myns.Close();
myclient.Close();
}
public void sendpacket1(string Destination, string filename3, string
path)
{
string buf;
buf = textBox1.Text + "*" + DesIP;
string pa2 = @"C:\ReceivedMix\";
byte[] packet = File.ReadAllBytes(pa2+filename3);
string thisip = "";
TcpClient myclient = new TcpClient(DesIP, 8000);
br.Serialize(myns, filename3 + "^" + buf);
mybw.Close();
myns.Close();
myclient.Close();
}

{
string path4 = @"C:\ReceivedMix\";
string inputFile = path3;
string BaseFileName = "encfile.rtf";
string[] filepath = Directory.GetFiles(@"c:\ReceivedMix\",
"*.kez");
string fname = filepath[0].ToString();
string BaseFileName1 = Path.GetFileName(fname);
sendpacket(DesIP, BaseFileName, path);
sendpacket1(DesIP, BaseFileName1, path);
}
}
}
KEY GENERATION
using System;
using System.Collections;
namespace Mix1
{
public class KeyPairGeneratorForm: System.Windows.Forms.Form
{
private System.Windows.Forms.Button generateKeysButton;
private System.Windows.Forms.NumericUpDown numericUpDown;
private System.Windows.Forms.PictureBox keyPictureBox;
private System.ComponentModel.Container components = null;
public KeyPairGeneratorForm()
{ InitializeComponent(); }
protected override void Dispose( bool disposing )

{
if( disposing )
{
if( components != null )
{ components.Dispose(); }
}
base.Dispose( disposing );
}
private void InitializeComponent()

{
System.ComponentModel.ComponentResourceManager resources = new
System.ComponentModel.ComponentResourceManager(typeof(KeyPairGeneratorForm));
this.generateKeysButton = new System.Windows.Forms.Button();
this.numericUpDown = new System.Windows.Forms.NumericUpDown();
this.keyPictureBox = new System.Windows.Forms.PictureBox();
((System.ComponentModel.ISupportInitialize)
(this.numericUpDown)).BeginInit();
(this.keyPictureBox)).BeginInit();
this.SuspendLayout();
//
// generateKeysButton
//
this.generateKeysButton.BackColor = System.Drawing.Color.White;
this.generateKeysButton.FlatAppearance.MouseDownBackColor =
System.Drawing.Color.FromArgb(((int)(((byte)(128)))), ((int)(((byte)(255)))),
((int)(((byte)(255)))));
this.generateKeysButton.FlatAppearance.MouseOverBackColor =
System.Drawing.Color.DarkOrange;
this.generateKeysButton.FlatStyle =
System.Windows.Forms.FlatStyle.Flat;
this.generateKeysButton.Font = new System.Drawing.Font("Georgia",
8.25F, System.Drawing.FontStyle.Bold, System.Drawing.GraphicsUnit.Point,
((byte)(0)));
this.generateKeysButton.ForeColor = System.Drawing.Color.Black;
this.generateKeysButton.Location = new System.Drawing.Point(183,
108);
this.generateKeysButton.Name = "generateKeysButton";
this.generateKeysButton.Size = new System.Drawing.Size(149, 28);
this.generateKeysButton.TabIndex = 0;
this.generateKeysButton.Text = "Generate Keys";
this.generateKeysButton.UseVisualStyleBackColor = false;
this.generateKeysButton.Click += new
System.EventHandler(this.generateKeysButton_Click);
//
// numericUpDown
//
this.numericUpDown.BackColor = System.Drawing.Color.White;
this.numericUpDown.Font = new System.Drawing.Font("Georgia", 12F,
System.Drawing.FontStyle.Bold, System.Drawing.GraphicsUnit.Point, ((byte)(0)));
this.numericUpDown.ForeColor = System.Drawing.Color.Black;
this.numericUpDown.Increment = new decimal(new int[] {
8,
0,
0,
0});
this.numericUpDown.Location = new System.Drawing.Point(183, 52);
this.numericUpDown.Maximum = new decimal(new int[] {
16384,
0,
0,
0});
this.numericUpDown.Minimum = new decimal(new int[] {
384,
0,
0,
0});
this.numericUpDown.Name = "numericUpDown";
this.numericUpDown.ReadOnly = true;
this.numericUpDown.Size = new System.Drawing.Size(149, 26);
this.numericUpDown.TabIndex = 0;
this.numericUpDown.ThousandsSeparator = true;
this.numericUpDown.UpDownAlign =
System.Windows.Forms.LeftRightAlignment.Left;
this.numericUpDown.Value = new decimal(new int[] {
1024,
0,
0,
0});
//
// keyPictureBox
//
this.keyPictureBox.BackColor = System.Drawing.Color.Black;
this.keyPictureBox.BackgroundImage =
global::Mix1.Properties.Resources.key1;
this.keyPictureBox.BackgroundImageLayout =
System.Windows.Forms.ImageLayout.Stretch;
this.keyPictureBox.BorderStyle =
System.Windows.Forms.BorderStyle.Fixed3D;
this.keyPictureBox.Location = new System.Drawing.Point(55, 61);
this.keyPictureBox.Name = "keyPictureBox";
this.keyPictureBox.Size = new System.Drawing.Size(66, 75);
this.keyPictureBox.SizeMode =
System.Windows.Forms.PictureBoxSizeMode.AutoSize;
this.keyPictureBox.TabIndex = 1;
this.keyPictureBox.TabStop = false;
//
// KeyPairGeneratorForm
//
this.AutoScaleBaseSize = new System.Drawing.Size(8, 19);
this.BackColor = System.Drawing.Color.White;
this.ClientSize = new System.Drawing.Size(366, 205);
this.Controls.Add(this.numericUpDown);
this.Controls.Add(this.keyPictureBox);
this.Controls.Add(this.generateKeysButton);
this.Font = new System.Drawing.Font("Georgia", 12F,
System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)
(0)));
this.ForeColor = System.Drawing.Color.White;
this.FormBorderStyle =
System.Windows.Forms.FormBorderStyle.Fixed3D;
this.Icon = ((System.Drawing.Icon)
(resources.GetObject("$this.Icon")));
this.MaximizeBox = false;
this.MinimizeBox = false;
this.Name = "KeyPairGeneratorForm";
this.ShowInTaskbar = false;
this.SizeGripStyle = System.Windows.Forms.SizeGripStyle.Hide;
this.StartPosition =
System.Windows.Forms.FormStartPosition.CenterParent;
this.Text = "Generate Keys";
this.Load += new
System.EventHandler(this.KeyPairGeneratorForm_Load);
(this.numericUpDown)).EndInit();
(this.keyPictureBox)).EndInit();
this.ResumeLayout(false);
this.PerformLayout();
private void generateKeysButton_Click( object sender,

System.EventArgs e )
{
Mix1.SendPacket.SetBitStrength(Convert.ToInt32(numericUpDown.Value));
this.DialogResult = DialogResult.OK;
this.Dispose( true );
}
private void KeyPairGeneratorForm_Load( object sender, EventArgs
e )
{ Mix1.SendPacket.SetBitStrength(1024); }
}
}
ENCRYPTION
using System;
using System.Collections;
using System.Text;
namespace Mix1
{
public class EncryptionThread
{
private ContainerControl containerControl = null;
private Delegate finishedProcessDelegate = null;
private Delegate updateTextDelegate = null;
public void Encrypt( object inputObject )

{
object[] inputObjects = ( object[] )inputObject;
containerControl = ( Form ) inputObjects[ 0 ];
finishedProcessDelegate = ( Delegate ) inputObjects[ 1 ];
updateTextDelegate = ( Delegate )inputObjects[ 2 ];
string encryptedString = EncryptString( ( string )
inputObjects[ 3 ], ( int )inputObjects[ 4 ], ( string )inputObjects[ 5 ] );
containerControl.Invoke( updateTextDelegate, new object[]
{ encryptedString } );
containerControl.Invoke( finishedProcessDelegate );
}
public void Decrypt( object inputObject )

{
object[] inputObjects = ( object[] )inputObject;
containerControl = ( Form )inputObjects[ 0 ];
finishedProcessDelegate = ( Delegate )inputObjects[ 1 ];
updateTextDelegate = ( Delegate )inputObjects[ 2 ];
string decryptedString = DecryptString( ( string )
inputObjects[ 3 ], ( int )inputObjects[ 4 ], ( string )inputObjects[ 5 ] );
containerControl.Invoke( updateTextDelegate, new object[]
{ decryptedString } );
containerControl.Invoke( finishedProcessDelegate );
}
public string EncryptString( string inputString, int dwKeySize,

string xmlString )
{
// TODO: Add Proper Exception Handlers
RSACryptoServiceProvider rsaCryptoServiceProvider = new
RSACryptoServiceProvider( dwKeySize );
rsaCryptoServiceProvider.FromXmlString( xmlString );
int keySize = dwKeySize / 8;
byte[] bytes = Encoding.UTF32.GetBytes( inputString );
// The hash function in use by the .NET
RSACryptoServiceProvider here is SHA1
// int maxLength = ( keySize ) - 2 - ( 2 *
SHA1.Create().ComputeHash( rawBytes ).Length );
int maxLength = keySize - 42;
int dataLength = bytes.Length;
int iterations = dataLength / maxLength;
StringBuilder stringBuilder = new StringBuilder();
for( int i = 0; i <= iterations; i++ )
{
byte[] tempBytes = new byte[ ( dataLength - maxLength *
i > maxLength ) ? maxLength : dataLength - maxLength * i ];
Buffer.BlockCopy( bytes, maxLength * i, tempBytes, 0,
tempBytes.Length );
byte[] encryptedBytes =
rsaCryptoServiceProvider.Encrypt( tempBytes, true );
// Be aware the RSACryptoServiceProvider reverses the
order of encrypted bytes after encryption and before decryption.
// If you do not require compatibility with Microsoft
Cryptographic API (CAPI) and/or other vendors.
// Comment out the next line and the corresponding one
in the DecryptString function.
Array.Reverse( encryptedBytes );
// Why convert to base 64?
// Because it is the largest power-of-two base
printable using only ASCII characters
stringBuilder.Append(
Convert.ToBase64String( encryptedBytes ) );
}
return stringBuilder.ToString();
}
public string DecryptString( string inputString, int dwKeySize,

string xmlString )
{
// TODO: Add Proper Exception Handlers
RSACryptoServiceProvider rsaCryptoServiceProvider = new
RSACryptoServiceProvider( dwKeySize );
rsaCryptoServiceProvider.FromXmlString( xmlString );
int base64BlockSize = ( ( dwKeySize / 8 ) % 3 != 0 ) ?
( ( ( dwKeySize / 8 ) / 3 ) * 4 ) + 4 : ( ( dwKeySize / 8 ) / 3 ) * 4;
int iterations = inputString.Length / base64BlockSize;
ArrayList arrayList = new ArrayList();
for( int i = 0; i < iterations; i++ )
{
byte[] encryptedBytes =
Convert.FromBase64String( inputString.Substring( base64BlockSize * i,
base64BlockSize ) );
// Be aware the RSACryptoServiceProvider reverses the
order of encrypted bytes after encryption and before decryption.
// If you do not require compatibility with Microsoft
Cryptographic API (CAPI) and/or other vendors.
// Comment out the next line and the corresponding one
in the EncryptString function.
Array.Reverse( encryptedBytes );
arrayList.AddRange( rsaCryptoServiceProvider.Decrypt( encryptedBytes,

true ) );
}
return Encoding.UTF32.GetString( arrayList.ToArray(
Type.GetType( "System.Byte" ) ) as byte[] );
}
}
}
RECEIVER
RECEIVE PACKET
using System;
using System.Data;
using System.Text;
using System.Net;
using System.Runtime.Serialization.Formatters;
using System.IO;
using System.Runtime.Serialization;
using System.Xml.Serialization;
namespace Receiver
{
public partial class ReceivePacket : Form
{
public ReceivePacket()
{
}
NetworkStream NetWork;
TcpListener TCPL; TcpListener TCPL1;
Socket mysock;
Socket mysock1;
Thread myth;
Thread myth1;
string[] ReceivedItemsBuffer;
string[] Redata;
public string FilePath;
const int count = 3;
public string FileName;
public string Filesize;
public string SourceIP;
public string DesIP;
public string thisIP = "";
public string path3;
public string path;
public static int currentBitStrength = 0;
public delegate void FinishedProcessDelegate();
public delegate void UpdateBitStrengthDelegate(int bitStrength);
public delegate void UpdateTextDelegate(string inputText);
private void ReceivePacket_Load(object sender, EventArgs e)
{
try
{
string thisip = "";

thisIP = addr[addr.Length - 1].ToString();
path = @"C:\Receiver\";
FilePath = TempPath.Root.ToString() + TempPath.Name.ToString()
+ "\\";
TCPL = new TcpListener(9000);

TCPL.Start();

{
myth = new Thread(new

System.Threading.ThreadStart(Receving)); // Start Thread Session
myth.Start();
}
TCPL1 = new TcpListener(8000);
TCPL1.Start();

{
myth1 = new Thread(new

System.Threading.ThreadStart(Receving1)); // Start Thread Session
myth1.Start();
}
string path5;
richTextBox1.LoadFile(path3.ToString(),
}
{
MessageBox.Show(Ex.ToString(), "Error Message");
}
}
void Receving()
{
mysock= TCPL.AcceptSocket();
try
{
NetWork = new NetworkStream(mysock);
object op;
ReceivedItemsBuffer = ReceivedItems.Split('^', '*');
path3 = "C:\\Receiver\\" + FileName;
fss.Close();
buffer = null;
MessageBox.Show("Packet Received From " + SourceIP,
"RECEIVER", MessageBoxButtons.OK, MessageBoxIcon.Information);

{
void Receving1()
{
mysock1 = TCPL1.AcceptSocket();
try
{
NetWork = new NetworkStream(mysock1);
object op;
ReceivedItemsBuffer = ReceivedItems.Split('^', '*');
path3 = "C:\\Receiver\\" + FileName;
fss.Close();
buffer = null;
MessageBox.Show("Key Received From " + SourceIP, "RECEIVER",
MessageBoxButtons.OK, MessageBoxIcon.Information);

{
}
}
private void UpdateText(string inputText)
{ richTextBox1.Text = inputText; }
private void FinishedProcess()
{
Application.DoEvents();
}

{
if (richTextBox1.Text.Length != 0)
{
openFileDialog1.FileName = "";
openFileDialog1.Title = "Open Private Key File";
openFileDialog1.InitialDirectory = "C:\\Receiver\\";
openFileDialog1.Filter = "Private Key Document( *.kez )|*.kez";
string fileString = null;
if (openFileDialog1.ShowDialog() == DialogResult.OK)
{
{
StreamReader streamReader = new
StreamReader(openFileDialog1.FileName, true);
fileString = streamReader.ReadToEnd();
streamReader.Close();
if (fileString.Length >= richTextBox1.MaxLength)
{ MessageBox.Show("ERROR: \nThe file you are trying to
open is too big for the text editor to display properly.\nPlease open a smaller
document!\nOperation Aborted!"); }
}
}
{
string bitStrengthString = fileString.Substring(0,
fileString.IndexOf("</BitStrength>") + 14);
fileString = fileString.Replace(bitStrengthString, "");
int bitStrength =
Convert.ToInt32(bitStrengthString.Replace("<BitStrength>",
"").Replace("</BitStrength>", ""));
this.Refresh();
string tempStorage = richTextBox1.Text;

{
FinishedProcessDelegate finishedProcessDelegate = new
FinishedProcessDelegate(FinishedProcess);
UpdateTextDelegate updateTextDelegate = new
UpdateTextDelegate(UpdateText);
try
{
EncryptionThread decryptionThread = new
EncryptionThread();
Thread decryptThread = new
Thread(decryptionThread.Decrypt);
decryptThread.IsBackground = true;
decryptThread.Start(new Object[] { this,
finishedProcessDelegate, updateTextDelegate, richTextBox1.Text, bitStrength,
fileString });
}
catch (CryptographicException CEx)
{ MessageBox.Show("ERROR: \nOne of the following has
occured.\nThe cryptographic service provider cannot be acquired.\nThe length of
the text being encrypted is greater than the maximum allowed length.\nThe OAEP
padding is not supported on this computer.\n" + "Exact error: " + CEx.Message);
}
{
MessageBox.Show("ERROR:\n" + Ex.Message);
//SetText(tempStorage);
}
}
}
}
Else
{ MessageBox.Show("ERROR: You Can Not Decrypt A NULL
Value!!!"); }}}
10.2. SCREEN SHOTS
SERVER
HOME
PACKET SELECTION
MIX1 LOGIN
MIX2
LOGIN
.0

Ist Review

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Ist Review

Uploaded by

Copyright:

Available Formats

CORRELATION-BASED TRAFFIC ANALYSIS ATTACKS ON

This project is entitled “CORRELATION-BASED TRAFFIC ANALYSIS ATTACKS

1.1 ABOUT THE PROJECT

The project titled “CORRELATION BASED TRAFFIC ANALYSIS ATTACKS ON

Our major contributions are summarized as follows:

2. It measure the effectiveness of a number of popular mix strategies in countering flow-correlation

2.1. EXISTING SYSTEM

2.1.1. Drawbacks of Existing System

 The anonymity of a system can be passively attacked by an observer.

2.2. PROPOSED SYSTEM

2.2.1. Advantages of Proposed System

2.3 FEASIBILTY STUDY

Three Key considerations involved in the feasibility analysis are

2.3.1 ECONOMICAL FEASIBILITY

2.3.2 TECHNICAL FEASIBILITY

2.3.3 SOCIAL FEASIBILITY

3.1 HARDWARE REQUIREMENTS

PROCESSOR : PENTIUM III 866 MHz

3.2 SOFTWARE REQUIREMENTS

OPERATING SYSTEM : WINDOWS 2000 PROFESSIONAL

 ENHANCEMENT OF MIX NETWORK.

ENHANCEMENT OF MIX NETWORK

BUILDING BATCHING STRATEGIES

TRAFFIC FLOW CORRELATION

FEATURES OF VISUAL BASIC.NET

The Structure of a .NET Application

 A list of other assemblies required by the assembly

Introduction to Object-Oriented Programming

Visual Basic .NET

An object model is a hierarchical organization of subordinate objects contained and

Encapsulation is the concept that implementation of an object is independent of its

Polymorphism is the ability of different classes to provide different implementations of the

41. INPUT DESIGN

Input design is the process of converting user-originated inputs to a computer-based format.

4.2. OUTPUT DESIGN

Codes facilities easier identification, simplification in handling and retrieval if items by

4.4. DATABASE DESIGN

5.1 BLACK BOX TESTING

5.2 WHITE BOX TESTING

5.3 UNIT TESTING

5.4 INTEGRATION TESTING

Integration testing is a systematic technique for constructing tests to uncover error

Validation testing is where requirements established as a part of software requirement

The purpose of integration testing is to verify functional, performance and reliability

System maintenance is an ongoing activity, which covers a wide variety of activities,

10.1 SAMPLE CODING

private void btnlogin_Click(object sender, EventArgs e)

private void Login_Load(object sender, EventArgs e)

const int limit = 4;

SqlConnection con = new

string[] packetnames = new string[6];

DirectoryInfo TempPath = Directory.CreateDirectory(path);

private void Fsend_Click(object sender, EventArgs e)

public void sendpacket(string Destination, string mix, string

private void panel1_Paint(object sender, PaintEventArgs e)

string thisip = "";

TCPL = new TcpListener(8086);

for (int i = 0; i <= count; i++)

myth = new Thread(new

catch (Exception exc)

private void button1_Click(object sender, EventArgs e)

private void button3_Click(object sender, EventArgs e)

protected override void Dispose( bool disposing )

private void InitializeComponent()