Upload
kiran-sai
View
220
Download
0
Embed Size (px)
Citation preview
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
1/100
NeoApp-Index
1. Abstract
1.1 Introduction
1.2 Existing
1.3 Proposed
1.4 S/W
1.5 H/W
1.6 Modules
1.7 Process Diagram
2. Introduction
NeoApp-Profile
3. System Analysis
3.1 Existing
3.2 Proposed
3.3 Feasibility Study
3.3.1 Technical feasibility
3.3.2 Economical Feasibility
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
2/100
3.3.3 Operational Feasibility
4. System Requirement Specification
4.1 Introduction
4.2 Functional Requirements
4.3 Non-Functional
4.4 System Requirements
4.4.1 S/W
4.4.2 H/W
5. System Design
5.1 Introduction
5.2 High-level Design
5.3 Low-level Design
All Uml Diagrams
Usecase
Sequence
Class
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
3/100
Object
Statechart
Activity
Collobration
Component
Deployment
6. Coding
6.1 Softwares Description(Technology Description)
6.2 Coding
7. Testing
8. Screen Shots
9. Bibliography
10. Conclusion
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
4/100
1.ABSTRACTMobile Ad hoc Networks (MANET) have been highly vulnerable to attacks due to
the dynamic nature of its network infrastructure. Among these attacks, routing attacks have
received considerable attention since it could cause the most devastating damage to MANET.
Even though there exist several intrusion response techniques to mitigate such critical attacks,
existing solutions typically attempt to isolate malicious nodes based on binary or native fuzzy
response decisions. However, binary responses may result in the unexpected network partition,
causing additional damages to the network infrastructure, and native fuzzy responses could lead
to uncertainty in countering routing attacks in MANET. we propose a risk-aware responsemechanism to systematically cope with the identified routing attacks. Our risk-aware approach is
based on an extended Dempster-Shafer mathematical theory of evidence introducing a notion of
importance factors. In addition, our experiments demonstrate the effectiveness of our approach
with the consideration of several performance metrics.
1.1INTRODUCITON
MOBILE Ad hoc Networks (MANET) are utilized to set up wireless communication in
improvised environments without a predefined infrastructure or centralized administration.
Therefore, MANET has been normally deployed in adverse and hostile environments where
central authority point is not necessary. Another unique characteristic of MANET is the dynamic
nature of its network topology which would be frequently changed due to the unpredictable
mobility of nodes. Furthermore, each mobile node in MANET plays a router role while
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
5/100
transmitting data over the network. Hence, any compromised nodes under an adversarys control
could cause significant damage to the functionality and security of its network since the impact
would propagate in performing routing tasks. Several work addressed the intrusion response
actions in MANET by isolating uncooperative nodes based on the node reputation derived from
their behaviors. Such a simple response against malicious nodes often neglects possible negative
side effects involved with the response actions. In MANET scenario, improper countermeasures
may cause the unexpected network partition, bringing additional damages to the network
infrastructure. To address the above-mentioned critical issues, more flexible and adaptive
response should be investigated. The notion of risk can be adopted to support more adaptive
responses to routing attacks in MANET . However, risk assessment is still a nontrivial,
challenging problem due to its involvements of subjective knowledge, objective evidence, and
logical reasoning. Subjective knowledge could be retrieved from previous experience and
objective evidence could be obtained from observation while logical reasoning requires a formal
foundation. Wang et al. proposed a nave fuzzy cost-sensitive intrusion response solution for
MANET. Their cost model took subjective knowledge and objective evidence into account but
omitted a seamless combination of two properties with logical reasoning. In this paper, we seek a
way to bridge this gap by using Dempster-Shafer mathematical theory of evidence (D-S theory),
which offers an alternative to traditional probability theory for representing uncertainty. D-S
theory has been adopted as a valuable tool for evaluating reliability and security in information
systems and by other engineering fields, where precise measurement is impossible to obtain or
expert elicitation is required. D-S theory has several characteristics. First, it enables us to
represent both subjective and objective evidences with basic probability assignment and belief
function. Second, it supports Dempsters rule of combination (DRC) to combine several
evidences together with probable reasoning. Dempsters rule of combination has several
limitations, such as treating evidences equally without differentiating each evidence and
considering priorities among them. To address these limitations in MANET intrusion response
scenario, we introduce a new Dempsters rule of combination with a notion of importance factors
(IF) in D-S evidence model.
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
6/100
1.2EXISTING SYSTEM
Mobile Ad hoc Networks (MANET) are utilized to set up wireless
communication in improvised environments without a predefined infrastructure or
centralized administration. Therefore, MANET has been normally deployed in adverse
and hostile environments where central authority point is not necessary. Another unique
characteristic of MANET is the dynamic nature of its network topology which would be
frequently changed due to the unpredictable mobility of nodes. Furthermore, each mobile
node in MANET plays a router role while transmitting data over the network.
Hence, any compromised nodes under an adversarys control could cause significant
damage to the functionality and security of its network since the impact would propagate
in performing routing tasks.
1.3PROPOSED SYSTEM
We propose a risk-aware response mechanism to systematically cope with routing
attacks in MANET, proposing an adaptive time-wise isolation method. Our risk-aware approach
is based on the extended D-S evidence model. In order to evaluate our mechanism, we perform a
series of simulated experiments with a proactive MANET routing protocol, Optimized Link State
Routing Protocol (OLSR). In addition, we attempt to demonstrate the effectiveness of our
solution. The major contributions of this project are summarized as follows:
We formally propose an extended D-S evidence model with importance factors and
articulate expected properties for Dempsters rule of combination with importance factors(DRCIF). Our Dempsters rule of combination with importance factors is nonassociative and
weighted, which has not been addressed in the literature.
We propose an adaptive risk-aware response mechanism with the extended D-S evidence model,
considering damages caused by both attacks and countermeasures. The adaptiveness of our
mechanism allows us to systematically cope with MANET routing attacks.
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
7/100
We evaluate our response mechanism against representative attack scenarios and
experiments.Our results clearly demonstrate the effectiveness and scalability of our risk-aware
approach
1.4SOFTWARE REQUIREMENTSContent Description
OS Windows XP with SP3 or Earlier version
Database MS-Access
Language C#.NET
IDE Visual Studio .Net 2010
1.5HARDWARE REQUIREMENTSContent Description
Processor Pentium IV or Earlier version
HDD 20 GB Min
40 GB Recommended
RAM 1 GB Min
2 GB Recommended
1.6MODULES:
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
8/100
OLSR Protocol
RISK-AWARE RESPONSE MECHANISM
Response to Routing Attacks
Risk Assessment
Routing
OLSR Protocol:
OLSR, nodes obtain routes by periodic exchange of topology information with other nodes and
maintain route information all the time. OLSR protocol is a variation of the pure Link-state Routing
(LSR) protocol and is designed specifically for MANET. OLSR protocol achieves optimization over
LSR through the use of multipoint relay (MPR) to provide an
efficient flooding mechanism by reducing the number of transmissions required. Unlike LSR, where
every node declares its links and forward messages for their neighbors, only nodes selected as MPR
nodes are responsible for advertising, as well as forwarding an MPR selector list advertised by other
MPRs.
RISK-AWARE RESPONSE MECHANISM:
In this section, we articulate an adaptive risk-aware response mechanism based on quantitative risk
estimation and risk tolerance. Instead of applying simple binary isolation of malicious nodes, our
approach adopts an isolation mechanism in a temporal manner based on the risk value. We perform
risk assessment with the extended D-S evidence theory introduced in Section 3 for both attacks and
corresponding countermeasures to make more accurate response decisions illustrated Evidence
collection. In this step, Intrusion Detection System (IDS) gives an attack alert with a confidence
value, and then Routing Table Change Detector (RTCD) runs to figure out how many changes on
routing table are caused by the attack. Our risk aware response mechanism is divided into the
following four steps Risk assessment. Alert confidence from IDS and the routing table changing
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
9/100
information would be further considered as independent evidences for risk calculation and combined
with the extended D-S theory. Risk of countermeasures is calculated as well during a risk assessment
phase. Based on the risk of attacks and the risk of countermeasures, the entire risk of an attack could
be figured out. Decision making. The adaptive decision module provides a flexible response
decision-making mechanism, which takes risk estimation and risk tolerance into account. To adjust
temporary isolation level, a user can set different thresholds to fulfill her goal.
Response to Routing Attacks:
In our approach, we use two different responses to deal with different attack methods: routing table
recovery and node isolation. Routing table recovery includes local routing table recovery and global
routing recovery. Local routing
recovery is performed by victim nodes that detect the attack and automatically recover its own
routing table. Global routing recovery involves with sending recovered routing messages by victim
nodes and updating their routing table based on corrected routing information in real time by other
nodes in MANET. Routing table recovery is an indispensable response and should serve as the first
response method after successful detection of attacks. In proactive routing protocols like OLSR,
routing table recovery does not bring any additional overhead since it periodically goes with routing
control
messages. Also, as long as the detection of attack is positive, this response causes no negative
impacts on existing routing operations. Node isolation may be the most intuitive way to prevent
further attacks from being launched by malicious nodes in MANET. To perform a node isolation
response, the neighbors of the malicious node ignore the malicious node by neither forwarding
packets through it nor accepting any packets from it. On the other hand, a binary node isolation
response may result in negative impacts to the routing operations, even bringing more routing
damages than the attack itself.
Risk Assessment:
Since the attack response actions may cause more damages than attacks, the risks of both attack and
response should be estimated. We classify the security states of MANET into two categories:
{Secure, Insecure}. In other words, the frame of discernment would be
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
10/100
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
11/100
2.INTODUCTIONNeoApp Profile
NeoApp develops custom software solutions for companies in a variety of industries. Since its
beginning in August 2008, NeoApp has offered efficient, reliable and cost-effective solutions with good
quality by implementing CMMI practices from its development facility located at Hyderabad.
NeoApp has expertise in latest technologies and caters to your exacting requirements. NeoApp helps you
from concept to completion of a project with full range of service offerings.
Most importantly, NeoApp combines the right strategy with the right products and the right people,
ensuring technical superiority, high quality deliverables and timely implementations. NeoApp supports
different delivery and billing models to fit your requirements. By having NeoApp involved with your
software development projects, you benefit with reduced costs and faster development cycles. To reduce
the development costs NeoApp strictly adhere on reusable component model with plug and play
architecture.
Offshore outsourcing model became easily adoptable and has increased benefits beyond cost reductions.
The offshore outsourcing with NeoApp includes full spectrum services and multi fold benefits.
NeoApp, with its experience in executing offshore projects ranging from large enterprise solutions to
small plug-in applications, helps customers achieve the offshore outsourcing goals.
NeoApp establishes suitable project execution methodologies for each project and accomplishes offshore
execution on time and on budget. NeoApp pays high importance to quality of deliverables and has
mandatory quality doors in place for each project ensuring success of the overall project.
NeoApp works with you from conceptualization to completion and has the required expertise to pick up
the project at any stage in its life cycle.
1. Business concept and system study2. Requirement Study3. Design Architecture and develop specifications4. Design the framework of the solution5. Develop the solution
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
12/100
6. QA the solution against requirements7. Continuous support for the solution8. Develop prototypes for proof of concept9. Engineer the solution10.Release as per plan
The team and project approach of NeoApp has resulted in above expected deliveries of projects. NeoApp
works with you in refining the project at every stage and with its vast and experienced talent pool,
NeoApp brings value with innovation to the project.
NeoApp offers complete solutions to application maintenance requirements helping organizations to cut
costs and optimize resource utilization. NeoApp performs the following tasks on a variety of technology
platforms beginning with Legacy to Client Server to Browser based internet application.
1. Application Development2. Application Maintenance3. Application Support
NeoApp with its experience in wide range technologies and ability to learn quickly help you ensuring
availability of your systems to your customers. NeoApp performs systems monitoring and undertakes
evolutionary development of these applications as required and deemed fit.
3.SYSTEM ANALYSISBackground:
After analyzing the requirements of the task to be performed, the next step is to analyze the problem
and understand its context. The first activity in the phase is studying the existing system and other is to
understand the requirements and domain of the new system. Both the activities are equally important, but
the first activity serves as a basis of giving the functional specifications and then successful design of the
proposed system. Understanding the properties and requirements of a new system is more difficult and
requires creative thinking and understanding of existing running system is also difficult, improper
understanding of present system can lead diversion from solution.
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
13/100
System Details:
Introduction:
The first activity in the phase is studying the existing system and other is to understand the requirements
and domain of the new system. Both the activities are equally important, but the first activity serves as a
basis of giving the functional specifications and then successful design of the proposed system.
Understanding the properties and requirements of a new system is more difficult and requires creative
thinking and understanding of existing running system is also difficult, improper understanding of present
system can lead diversion from solution
In the flexibility of the user the interface has been developed a graphics concept in mind, associated
through a browses interface. The GUIS at the top level have been categorized as
1. Administrative user interface2. The operational or generic user interface
The administrative user interface concentrates on the consistent information that is practically,
part of the organizational activities and which needs proper authentication for the data collection.
The interfaces help the administrations with all the transactional states like Data insertion, Data
deletion and Date updating along with the extensive data search capabilities.
The operational or generic user interface helps the users upon the system in transactions through
the existing data and required services. The operational user interface also helps the ordinary
users in managing their own information helps the ordinary users in managing their own
information in a customized manner as per the assisted flexibilities.
3.1EXISTING SYSTEMMobile Ad hoc Networks (MANET) are utilized to set up wireless
communication in improvised environments without a predefined infrastructure or
centralized administration. Therefore, MANET has been normally deployed in adverse
and hostile environments where central authority point is not necessary.
Another unique characteristic of MANET is the dynamic nature of its network
topology which would be frequently changed due to the unpredictable mobility of nodes.
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
14/100
Furthermore, each mobile node in MANET plays a router role while transmitting data
over the network.
Hence, any compromised nodes under an adversarys control could cause
significant damage to the functionality and security of its network since the impact would
propagate in performing routing tasks.
3.2PROPOSED SYSTEM
We propose a risk-aware response mechanism to systematically cope with routing attacks
in MANET, proposing an adaptive time-wise isolation method. Our risk-aware approach is based
on the extended D-S evidence model. In order to evaluate our mechanism, we perform a series of
simulated experiments with a proactive MANET routing protocol, Optimized Link State Routing
Protocol (OLSR) . In addition, we attempt to demonstrate the effectiveness of our solution. The
major contributions of this project are summarized as follows:
. We formally propose an extended D-S evidence model with importance factors and articulate
expected properties for Dempsters rule of combination with importance factors (DRCIF). OurDempsters rule of combination with importance factors is nonassociative and weighted, which
has not been addressed in the literature.
. We propose an adaptive risk-aware response mechanism with the extended D-S evidence
model, considering damages caused by both attacks and countermeasures. The adaptiveness of
our mechanism allows us to systematically cope with MANET routing attacks.
. We evaluate our response mechanism against representative attack scenarios and experiments.
Our results clearly demonstrate the effectiveness and scalability of our risk-aware approach
3.3FEASIBILITY STUDEYFeasibility Study is a high level capsule version of the entire process intended to answer a number of
questions like: What is the problem? Is there any feasible solution to the given problem? Is the problem
even worth solving? Feasibility study is conducted once the problem clearly understood. Feasibility study
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
15/100
is necessary to determine that the proposed system is Feasible by considering the technical, Operational,
and Economical factors. By having a detailed feasibility study the management will have a clear-cut view
of the proposed system.
The following feasibilities are considered for the project in order to ensure that the
project is variable and it does not have any major obstructions. Feasibility study encompasses
the following things:
Technical Feasibility Economical Feasibility Operational Feasibility
In this phase, we study the feasibility of all proposed systems, and pick the best feasible solution for the
problem. The feasibility is studied based on three main factors as follows.
3.3.1 TECHNICAL FEASIBILITYIn this step, we verify whether the proposed systems are technically feasible or not. i.e., all the
technologies required to develop the system are available readily or not.
Technical Feasibility determines whether the organization has the technology and skills necessary
to carryout the project and how this should be obtained. The system can be feasible because of the
following grounds.
All necessary technology exists to develop the system. This system is too flexible and it can be expanded further. This system can give guarantees of accuracy, ease of use, reliability and the data security. This system can give instant response to inquire. Our project is technically feasible because, all the technology needed for our project is
readily available.
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
16/100
Front End : C#.NET
Back End : MS Access
Host : Windows-XP
3.3.1 ECONOMICAL FEASBILITYIn this step, we verify which proposal is more economical. We compare the financial benefits of
the new system with the investment. The new system is economically feasible only when the financial
benefits are more than the investments and expenditure. Economical Feasibility determines whether the
project goal can be within the resource limits allocated to it or not. It must determine whether it is
worthwhile to process with the entire project or whether the benefits obtained from the new system are
not worth the costs. Financial benefits must be equal or exceed the costs. In this issue, we should
consider:
The cost to conduct a full system investigation. The cost of h/w and s/w for the class of application being considered. The development tool. The cost of maintenance etc.,Our project is economically feasible because the cost of development is very minimal when
compared to financial benefits of the application.
3.3.1 OPERATIONAL FEASIBILITY
In this step, we verify different operational factors of the proposed systems like man-power, time
etc., whichever solution uses less operational resources, is the best operationally feasible solution. The
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
17/100
solution should also be operationally possible to implement. Operational Feasibility determines if the
proposed system satisfied user objectives could be fitted into the current system operation. The present
system Enterprise Resource Information System can be justified as Operationally Feasible based on the
following grounds.
The methods of processing and presentation are completely accepted by the clients since theycan meet all user requirements.
The clients have been involved in the planning and development of the system. The proposed system will not cause any problem under any circumstances.
Our project is operationally feasible because the time requirements and personnel requirements are
satisfied. We are a team of four members and we worked on this project for three working months.
ProjectInstructions:
Based on the solution requirements, conceptualize the Solution Architecture. Depict thevarious architectural components, show interactions and connectedness and show internal and
external elements. Discuss suitability of typical architectural types like Pipes, Filters, Event
Handlers, and Layers etc.
Identify the significant class entities and carry out class modeling. Carry out Detailed design of Classes, Database objects and other solution components. Distribute work specifications and carry out coding and testing.
3.4 Architecture Diagram"Tier" can be defined as "one of two or more rows, levels, or ranks
arranged one above another".
2-Tier Architectures supply a basic network between a client and a
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
18/100
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
19/100
Heavy load on server
Potential congestion on network
Presentation still tied to business logic
3.5SYSTEM ANALYSIS
ANALYSIS MODEL
The model that is basically being followed is the WATER FALL MODEL, which states that the
phases are organized in a linear order. First of all the feasibility study is done. Once that part is
over the requirement analysis and project planning begins. If system exists one and modification
and addition of new module is needed, analysis of present system can be used as basic model.
The design starts after the requirement analysis is complete and the coding begins after the
design is complete. Once the programming is completed, the testing is done. In this model the
sequence of activities performed in a software development project are: -
Requirement Analysis, Project Planning, System design, Detail design, Coding, Unit testing,
System integration & testing
Here the linear ordering of these activities is critical. End of the phase and the output of one
phase is the input of other phase. The output of each phase is to be consistent with the overall
requirement of the system. Some of the qualities of spiral model are also incorporated like after
the people concerned with the project review completion of each of the phase the work done.
WATER FALL MODEL was being chosen because all requirements were known beforehand
and the objective of our software development is the computerization/automation of an already
existing manual working system.
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
20/100
WATER FALL MODEL
.
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
21/100
4.SYSTEN REQYURENENTS SPECIFICATION4.1INTRODUCTION
Software Requirements Specification plays an important role in creating quality software
solutions. Specification is basically a representation process. Requirements are represented in a manner
that ultimately leads to successful software implementation.
Requirements may be specified in a variety of ways. However there are some guidelines worth
following: -
Representation format and content should be relevant to the problem
Information contained within the specification should be nested
Diagrams and other notational forms should be restricted in number and consistent in use.
Representations should be revisable.
The software requirements specification is produced at the culmination of the analysis task. The function
and performance allocated to the software as a part of system engineering are refined by establishing a
complete information description, a detailed functional and behavioral description, and indication of
performance requirements and
design constraints, appropriate validation criteria and other data pertinent to requirements.
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
22/100
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
23/100
at the receivers manets
MANET_R_08 System should provide a provision to sender details
at the route1 manets
MANET_R_09 System should provide a provision to view sender
address at server manets
MANET_R_10 System should provide a provision to reselect the
path at senders manet.
MANET_R_11 System Should Provide a Provision to automatically
Encrypt the message at the Intruder side.
MANET_R_12 System Should Provide a Provision to automatically
get the System names in the network
4.1NON FUNCTIONAL REQUIREMENTSPerformance Requi rements:
Good band width, less congestion on the network. Identifying the shortest route to reach the
destination will all improve performance.
Safety Requir ements:
No harm is expected from the use of the product either to the OS or any data.
Product Secur ity Requi rements:
The product is protected from un-authorized users from using it. The system allows only
authenticated users to work on the application. The users of this system are organization and ISP
administrator.
Software Qual ity Attr ibutes:
The product is user friendly and its accessibility is from the client. The application is
reliable and ensures its functioning maintaining the ISP web service is accessible to the various
organizations. As it is developed in .Net it is highly interoperable with OS that have provided support for
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
24/100
MSIL (Server side). The system requires less maintenance as it is not installed on the client but hosted on
the ISP. The firewall, antivirus protection etc is provided by the ISP.
Software Requirements:
Content Description
OS Windows XP with SP2
Database MSAccess
Technologies C#.NET
IDE Visual Studio .Net 2010
Browser IE
Hardware Requirements:
Content Description
Processor Pentium
HDD 20 GB Min
40 GB Recommended
RAM 1 GB Min
2 GB Recommended
5.SYSTEM DESIGN
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
25/100
5.1INTRODUCTIONSoftware design sits at the technical kernel of the software engineering process and is applied
regardless of the development paradigm and area of application. Design is the first step in the
development phase for any engineered product or system. The designers goal is to produce a model or
representation of an entity that will later be built. Beginning, once system requirement have been
specified and analyzed, system design is the first of the three technical activities -design, code and test
that is required to build and verify software.
The importance can be stated with a single word Quality. Design is the place where quality is
fostered in software development. Design provides us with representations of software that can assess for
quality. Design is the only way that we can accurately translate a customers view into a finished software
product or system. Software design serves as a foundation for all the software engineering steps that
follow. Without a strong design we risk building an unstable systemone that will be difficult to test, one
whose quality cannot be assessed until the last stage.
During design, progressive refinement of data structure, program structure, and procedural details
are developed reviewed and documented. System design can be viewed from either technical or project
management perspective. From the technical point of view, design is comprised of four activities
architectural design, data structure design, interface design and procedural design.
High Level Design:
System Design:
Understanding bigger application with its external interfaces is called
System Design.
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
26/100
Sub system design:
Understanding bigger system into smaller independent working systems is called
subsystem design.
Blocks Design
User Interface
Intruder identification
using risk aware response
mechanism
Database
Intruder
identification
using risk aware
Database
System
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
27/100
UI Manager
DB Storage
Route class
DB Manager
Collection Call
Error Handler
Log Manager
Business
Class
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
28/100
UNIFIED MODELING LANGUAGE
Unified Modeling Language
The unified modeling language allows the software engineer to express ananalysis model using the modeling notation that is governed by a set of
syntactic semantic and pragmatic rules.
A UML system is represented using five different views that describe thesystem from distinctly different perspective. Each view is defined by a set of
diagram, which is as follows.
User Model View
This view represents the system from the users perspective. The analysis representation describes a usage scenario from the end-users
perspective.
Structural model view
In this model the data and functionality are arrived from inside the system. This model view models the static structures.
Behavioral Model View
It represents the dynamic of behavioral as parts of the system, depicting theinteractions of collection between various structural elements described in the
user model and structural model view.
Implementation Model View
In this the structural and behavioral as parts of the system are represented asthey are to be built.
Environmental Model View
In this the structural and behavioral aspects of the environment in which thesystem is to be implemented are represented.
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
29/100
UML is specifically constructed through two different domains they are UML Analysis modeling, which focuses on the user model and structural
model views of the system
UML design modeling, which focuses on the behavioral modeling,implementation modeling and environmental model views.
INTRODUCTION TO THE UNIFIED MODIFIED LANGUAGE
Building a model for a software system prior to its construction is as essential as
having a blueprint for building a large building. Good models are essential for communication
among project teams. As the complexity of the systems increases, so does the importance of
good modeling techniques.
A modeling language must include:
Model elements- fundamentally modeling concepts and semantics. Notation-visual
rendering of model elements Guidelines-expression of usage within trade.
The use of visual notation to represent or model a problem can provide us several benefits relating to
clarity, familiarity, maintenance, and simplification. The main reason for modeling is the reduction of
complexity. The Unified Modeling Language (UML) is a set of notations and conventions used todescribe and model an application. The UML is intended to be a universal language for modeling
systems, meaning that it can express models of many different kinds and purposes, just as a
programming language or a natural language can be used in different ways. A model is an
abstract representation of a system , constructed to understand the system prior to building or
modifying it. The term system is used here in a broad sense to include any process or
structure. For example, the organizational structure of a corporation , health services, computer
software, instruction of any sort (including computers) , the national economy, and so forth all
would be termed systems. The unified modeling language is a language for specifying,constructing, visualizing, and documenting the software system and its components. The UML is a
graphical language with sets of rules and semantics. The rules and semantics of a model are
expressed in English, in a form known as object constraint language(OCL).OCL is a
specification language that uses simple logic for specifying the properties of a system.The UML
is not intended to be a visual programming language in the sense of having all the necessary
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
30/100
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
31/100
solution. This view is composed of use case diagrams. These diagrams describe
the functionality provided by a system to external integrators. These diagrams
contain actors, use cases, and their relationships.
Class diagrams describe the static structure of a system, or how it isdeclared rather than how it behaves. These diagrams contain classes and
associations. object diagramsdescribe the static structure of a system at a particular time
during its life. These diagrams contain objects and links. Sequence diagrams render the specification of behavior. These diagrams
describes the behavior provided by a system to interactions. These diagrams
contain classes that exchange messages with in an interaction arranged in time
sequence. In generic form, These diagrams describe a set of message exchange
sequences among a set of classes. In instance form(scenarios), these diagrams
describe one actual message exchange sequence among objects of those
classes.
Collaboration diagrams render how behavior is realized by componentswith in a system. These diagrams contain classes, associations, and their message
exchanges with in a collaboration to accomplish a purpose. In generic form,
these diagrams describe a set of classes and associations involved in message
exchange sequences. In instance form(scenarios), these diagrams describe a set
of objects of those classes links confirming to the associations, and one actual
message exchange sequence that inconsistent with the generic form and uses
those objects and links.
State chart diagrams render the states and responses of a class participatingin behavior, and the life cycle of an object. These diagrams describe the behavior
of a class in response to external stimuli.
Activity diagramsrender the activities of a class participating in behavior. Thesediagrams describe the behavior of a class in response to internal processing
rather than external events. Activity diagrams describe the processing activities with
in a class.
.
UML Diagrams
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
32/100
Every complex system is best approached through a small set of nearly independent
views of a model; no single viewer is sufficient. Every model may be expressed at different
levels of fidelity. The best models are connected to reality. The UML defines nine graphical
diagrams.
1. Class diagram2. Object diagram3. Use-case diagram4. Sequence diagram5. Collaboration diagram6. Activity diagram7. ER diagram8. State Chart diagram9. Component diagram10.Deployment diagram11.Dataflow diagrams
DATA FLOW DIAGRAMS:
A data flow diagram is graphical tool used to deMHribe and analyze movement of data through a
system. These are the central tool and the basis from which the other components are developed. The
transformation of data from input to output, through processed, may be deMHribed logically andindependently of physical components associated with the system. These are known as the logical data
flow diagrams. The physical data flow diagrams show the actual implements and movement of data
between people, departments and workstations. A full deMHription of a system actually consists of a set
of data flow diagrams. Using two familiar notations Yourdon, Gane and Sarson notation develops the
data flow diagrams. Each component in a DFD is labeled with a deMHriptive name. Process is further
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
33/100
identified with a number that will be used for identification purpose. The development of DFDs is done
in several levels. Each process in lower level diagrams can be broken down into a more detailed DFD in
the next level. The lop-level diagram is often called context diagram. It consists a single process bit,
which plays vital role in studying the current system. The process in the context level diagram is
exploded into other process at the first level DFD.
The idea behind the explosion of a process into more process is that understanding at one level of
detail is exploded into greater detail at the next level. This is done until further explosion is necessary and
an adequate amount of detail is deMHribed for analyst to understand the process.
Larry Constantine first developed the DFD as a way of expressing system requirements in a
graphical from, this lead to the modular design.
A DFD is also known as a bubble Chart has the purpose of clarifying system requirements and
identifying major transformations that will become programs in system design. So it is the starting point
of the design to the lowest level of detail. A DFD consists of a series of bubbles joined by data flows in
the system.
DFD SYMBOLS:
In the DFD, there are four symbols
1. A square defines a source(originator) or destination of system data2. An arrow identifies data flow. It is the pipeline through which the information flows3. A circle or a bubble represents a process that transforms incoming data flow into outgoing data flows.4. An open rectangle is a data store, data at rest or a temporary repository of data
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
34/100
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
35/100
draw long flow line back to a source. An alternative way is to repeat the source symbol as a
destination. Since it is used more than once in the DFD it is marked with a short diagonal.
3. When a process is exploded into lower level details, they are numbered.4. The names of data stores and destinations are written in capital letters. Process and dataflow names
have the first letter of each work capitalized
A DFD typically shows the minimum contents of data store. Each data store should contain all the
data elements that flow in and out.
Questionnaires should contain all the data elements that flow in and out. Missing interfaces
redundancies and like is then accounted for often through interviews.
SAILENT FEATURES OF DFDs:
1. The DFD shows flow of data, not of control loops and decision are controlled considerations donot appear on a DFD.
2. The DFD does not indicate the time factor involved in any process whether the dataflows takeplace daily, weekly, monthly or yearly.
3. The sequence of events is not brought out on the DFD.
TYPES OF DATA FLOW DIAGRAMS:
1. Current Physical2. Current Logical3. New Logical4. New Physical
CURRENT PHYSICAL:
In Current Physical DFD proecess label include the name of people or their positions or the
names of computer systems that might provide some of the overall system-processing label includes an
identification of the technology used to process the data. Similarly data flows and data stores are often
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
36/100
labels with the names of the actual physical media on which data are stored such as file folders, computer
files, business forms or computer tapes.
CURRENT LOGICAL:
The physical aspects at the system are removed as mush as possible so that the current system is
reduced to its essence to the data and the processors that transform them regardless of actual physical
form.
NEW LOGICAL:
This is exactly like a current logical model if the user were completely happy with he user were
completely happy with the functionality of the current system but had problems with how it was
implemented typically through the new logical model will differ from current logical model while having
additional functions, absolute function removal and inefficient flows recognized.
NEW PHYSICAL:
The new physical represents only the physical implementation of the new system.
RULES GOVERNING THE DFDS:
PROCESS:
1) No process can have only outputs.2) No process can have only inputs. If an object has only inputs than it must be a sink.3) A process has a verb phrase label.DATA STORE:
1) Data cannot move directly from one data store to another data store, a process must movedata.
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
37/100
2) Data cannot move directly from an outside source to a data store, a process, which receives,must move data from the source and place the data into data store
3) A data store has a noun phrase label.
SOURCE OR SINK:
The origin and /or destination of data.
1) Data cannot move direly from a source to sink it must be moved by a process2) A source and /or sink has a noun phrase land
DATA FLOW:
1) A Data Flow has only one direction of flow between symbol. It may flow in both directionsbetween a process and a data store to show a read before an update. The later is usually
indicated however by two separate arrows since these happen at different type.
2) A join in DFD means that exactly the same data comes from any of two or more differentprocesses data store or sink to a common location.
3) A data flow cannot go directly back to the same process it leads. There must be atleast oneother process that handles the data flow produce some other data flow returns the originaldata into the beginning process.
4) A Data flow to a data store means update ( delete or change).5) A data Flow from a data store means retrieve or use.A data flow has a noun phrase label more than one data flow noun phrase can appear on a single
arrow as long as all of the flows on the same arrow move together as one package.
LEVELS OF DFD:
The complexity of the business system means that it is a responsible to represent the operations of
any system of single data flow diagram. At the top level, an Overview of the different systems in an
organization is shown by the way of context analysis diagram. When exploded into DFD
They are represented by:
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
38/100
LEVEL-1:SUBSYSTEM LEVEL DATAFLOW FUNCTIONAL LEVEL-2 : FILE LEVEL DETAIL DATA FLOW.
The input and output data shown should be consistent from one level to the next.
LEVEL-1: SUBSYSTEM LEVEL DATA FLOW
A level-1 DFD deMHribes the next level of details within the system, detailing the data flows
between subsystems, which makeup the whole.
LEVEL-2: FILE LEVEL DETAIL DATA FLOW
All the projects are feasible given unlimited resources and infinite time. It is both necessary and
prudent to evaluate the feasibility of the project at the earliest possible time. Feasibility and the riskanalysis are pertained in many ways. If project risk is great.
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
39/100
USECASE
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
40/100
Sequence Diagram:
Select Destination:
View Messages:
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
41/100
Communication Diagrams
Select Destination:
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
42/100
View Messages:
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
43/100
Class Diagram:
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
44/100
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
45/100
Activity Diagram:
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
46/100
Data Base Tables:
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
47/100
Range Details:
Syslist:
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
48/100
Deployment Diagram:
COMPONENT:
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
49/100
6.CODING
6.1 SOFTWARE DESCRIPTION
Microsoft.NET Framework
The .NET Framework is a new computing platform that simplifies application
development in the highly distributed environment of the Internet. The .NET Framework is
designed to fulfill the following objectives:
To provide a consistent object-oriented programming environment whether object code is storedand executed locally, executed locally but Internet-distributed, or executed remotely.
To provide a code-execution environment that minimizes software deployment and versioningconflicts.
To provide a code-execution environment that guarantees safe execution of code, including codecreated by an unknown or semi-trusted third party.
To provide a code-execution environment that eliminates the performance problems of scripted orinterpreted environments.
To make the developer experience consistent across widely varying types of applications, such asWindows-based applications and Web-based applications.
To build all communication on industry standards to ensure that code based on the .NETFramework can integrate with any other code.
The .NET Framework has two main components: the common language runtime and the .NET
Framework class library. The common language runtime is the foundation of the .NET
Framework. You can think of the runtime as an agent that manages code at execution time,
providing core services such as memory management, thread management, and remoting, while
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
50/100
also enforcing strict type safety and other forms of code accuracy that ensure security and
robustness. In fact, the concept of code management is a fundamental principle of the runtime.
Code that targets the runtime is known as managed code, while code that does not target the
runtime is known as unmanaged code. The class library, the other main component of the .NET
Framework, is a comprehensive, object-oriented collection of reusable types that you can use to
develop applications ranging from traditional command-line or graphical user interface (GUI)
applications to applications based on the latest innovations provided by ASP.NET, such as Web
Forms and XML Web services.
The .NET Framework can be hosted by unmanaged components that load the common language
runtime into their processes and initiate the execution of managed code, thereby creating a
software environment that can exploit both managed and unmanaged features. The .NETFramework not only provides several runtime hosts, but also supports the development of third-
party runtime hosts.
For example, ASP.NET hosts the runtime to provide a scalable, server-side environment for
managed code. ASP.NET works directly with the runtime to enable Web Forms applications and
XML Web services, both of which are discussed later in this topic.
Internet Explorer is an example of an unmanaged application that hosts the runtime (in the formof a MIME type extension). Using Internet Explorer to host the runtime enables you to embed
managed components or Windows Forms controls in HTML documents. Hosting the runtime in
this way makes managed mobile code (similar to Microsoft ActiveX controls) possible, but
with significant improvements that only managed code can offer, such as semi-trusted execution
and secure isolated file storage.
The following illustration shows the relationship of the common language runtime and the class
library to your applications and to the overall system. The illustration also shows how managed
code operates within a larger architecture.
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
51/100
Features of the Common Language Runtime
The common language runtime manages memory, thread execution, code execution, code safety
verification, compilation, and other system services. These features are intrinsic to the managed
code that runs on the common language runtime.
With regards to security, managed components are awarded varying degrees of trust, depending
on a number of factors that include their origin (such as the Internet, enterprise network, or local
computer). This means that a managed component might or might not be able to perform file-
access operations, registry-access operations, or other sensitive functions, even if it is being used
in the same active application.
The runtime enforces code access security. For example, users can trust that an executable
embedded in a Web page can play an animation on screen or sing a song, but cannot access their
personal data, file system, or network. The security features of the runtime thus enable legitimate
Internet-deployed software to be exceptionally feature rich.
The runtime also enforces code robustness by implementing a strict type- and code-verification
infrastructure called the common type system (CTS). The CTS ensures that all managed code is self-
describing. The various Microsoft and third-party language compilers
Generate managed code that conforms to the CTS. This means that managed code can consume
other managed types and instances, while strictly enforcing type fidelity and type safety.
In addition, the managed environment of the runtime eliminates many common software issues.
For example, the runtime automatically handles object layout and manages references to objects,
releasing them when they are no longer being used. This automatic memory management
resolves the two most common application errors, memory leaks and invalid memory references.
The runtime also accelerates developer productivity. For example, programmers can write
applications in their development language of choice, yet take full advantage of the runtime, the
class library, and components written in other languages by other developers. Any compiler
vendor who chooses to target the runtime can do so. Language compilers that target the .NET
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
52/100
Framework make the features of the .NET Framework available to existing code written in that
language, greatly easing the migration process for existing applications.
While the runtime is designed for the software of the future, it also supports software of today
and yesterday. Interoperability between managed and unmanaged code enables developers to
continue to use necessary COM components and DLLs.
The runtime is designed to enhance performance. Although the common language runtime
provides many standard runtime services, managed code is never interpreted. A feature called
just-in-time (JIT) compiling enables all managed code to run in the native machine language of
the system on which it is executing. Meanwhile, the memory manager removes the possibilities
of fragmented memory and increases memory locality-of-reference to further increase
performance.
Finally, the runtime can be hosted by high-performance, server-side applications, such as
Microsoft SQL Server and Internet Information Services (IIS). This infrastructure enables
you to use managed code to write your business logic, while still enjoying the superior
performance of the industry's best enterprise servers that support runtime hosting.
.NET Framework Class Library
The .NET Framework class library is a collection of reusable types that tightly integrate with the
common language runtime. The class library is object oriented, providing types from which your own
managed code can derive functionality. This not only makes the .NET Framework types easy to use, but
also reduces the time associated with learning new
features of the .NET Framework. In addition, third-party components can integrate seamlessly
with classes in the .NET Framework.
For example, the .NET Framework collection classes implement a set of interfaces that you can
use to develop your own collection classes. Your collection classes will blend seamlessly with
the classes in the .NET Framework.
As you would expect from an object-oriented class library, the .NET Framework types enable
you to accomplish a range of common programming tasks, including tasks such as string
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
53/100
management, data collection, database connectivity, and file access. In addition to these common
tasks, the class library includes types that support a variety of specialized development scenarios.
For example, you can use the .NET Framework to develop the following types of applications
and services:
Console applications. Scripted or hosted applications. Windows GUI applications (Windows Forms). ASP.NET applications. XML Web services. Windows services.
For example, the Windows Forms classes are a comprehensive set of reusable types that vastly
simplify Windows GUI development. If you write an ASP.NET Web Form application, you can
use the Web Forms classes.
Client Application Development
Client applications are the closest to a traditional style of application in Windows-based
programming. These are the types of applications that display windows or forms on the desktop,
enabling a user to perform a task. Client applications include applications such as wordprocessors and spreadsheets, as well as custom business applications such as data-entry tools,
reporting tools, and so on. Client applications usually employ windows, menus, buttons, and
other GUI elements, and they likely access local resources such as the file system and peripherals
such as printers.
Another kind of client application is the traditional ActiveX control (now replaced by the
managed Windows Forms control) deployed over the Internet as a Web page. This application is
much like other client applications: it is executed natively, has access to local resources, and
includes graphical elements.
In the past, developers created such applications using C/C++ in conjunction with the Microsoft
Foundation Classes (MFC) or with a rapid application development (RAD) environment such as
Microsoft Visual Basic. The .NET Framework incorporates aspects of these existing products
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
54/100
into a single, consistent development environment that drastically simplifies the development of
client applications.
The Windows Forms classes contained in the .NET Framework are designed to be used for GUI
development. You can easily create command windows, buttons, menus, toolbars, and other
screen elements with the flexibility necessary to accommodate shifting business needs.
For example, the .NET Framework provides simple properties to adjust visual attributes
associated with forms. In some cases the underlying operating system does not support changing
these attributes directly, and in these cases the .NET Framework automatically recreates the
forms. This is one of many ways in which the .NET Framework integrates the developer
interface, making coding simpler and more consistent.
Unlike ActiveX controls, Windows Forms controls have semi-trusted access to a user's
computer. This means that binary or natively executing code can access some of the resources on
the user's system (such as GUI elements and limited file access) without being able to access or
compromise other resources. Because of code access security, many applications that once
needed to be installed on a user's system can now be safely deployed through the Web. Your
applications can implement the features of a local application while being deployed like a Web
page.
C#.NET
ACTIVE X DATA OBJECTS.NET
ADO.NET Overview
ADO.NET is an evolution of the ADO data access model that directly addresses user
requirements for developing scalable applications. It was designed specifically for the web with
scalability, statelessness, and XML in mind.
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
55/100
ADO.NET uses some ADO objects, such as the Connection and Commandobjects, and also
introduces new objects. Key new ADO.NET objects include the DataSet, DataReader, and
DataAdapter.
The important distinction between this evolved stage of ADO.NET and previous data
architectures is that there exists an object -- the DataSet-- that is separate and distinct from any
data stores. Because of that, the DataSetfunctions as a standalone entity. You can think of the
DataSet as an always disconnected recordset that knows nothing about the source or destination
of the data it contains. Inside a DataSet, much like in a database, there are tables, columns,
relationships, constraints, views, and so forth.
A DataAdapteris the object that connects to the database to fill the DataSet. Then, it connects
back to the database to update the data there, based on operations performed while the DataSet
held the data. In the past, data processing has been primarily connection-based. Now, in an effort
to make multi-tiered apps more efficient, data processing is turning to a message-based approach
that revolves around chunks of information. At the center of this approach is the DataAdapter,
which provides a bridge to retrieve and save data between a DataSetand its source data store. It
accomplishes this by means of requests to the appropriate SQL commands made against the data
store.
The XML-based DataSetobject provides a consistent programming model that works with all
models of data storage: flat, relational, and hierarchical. It does this by having no 'knowledge' of
the source of its data, and by representing the data that it holds as collections and data types. No
matter what the source of the data within the DataSetis, it is manipulated through the same set
of standard APIs exposed through the DataSetand its subordinate objects.
While the DataSethas no knowledge of the source of its data, the managed provider has detailed
and specific information. The role of the managed provider is to connect, fill, and persist the
DataSet to and from data stores. The OLE DB and SQL Server .NET Data Providers
(System.Data.OleDb and System.Data.SqlClient) that are part of the .Net Framework provide
four basic objects: the Command, Connection, DataReader and DataAdapter. In the
remaining sections of this document, we'll walk through each part of the DataSetand the OLE
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
56/100
DB/SQL Server .NET Data Providers explaining what they are, and how to program against
them.
The following sections will introduce you to some objects that have evolved, and some that are
new. These objects are:
Connections: For connection to and managing transactions against a database. Commands: For issuing SQL commands against a database. Data Readers: For reading a forward-only stream of data records from a SQL Server data
source.
Datasets: For storing, remoting and programming against flat data, XML data and relationaldata.
DataAdapters. For pushing data into a DataSet, and reconciling data against a database.When dealing with connections to a database, there are two different options: SQL Server .NET
Data Provider (System.Data.SqlClient) and OLE DB .NET Data Provider (System.Data.OleDb).
In these samples we will use the SQL Server .NET Data Provider. These are written to talk
directly to Microsoft SQL Server. The OLE DB .NET Data Provider is used to talk to any OLE
DB provider (as it uses OLE DB underneath).
Connections:
Connections are used to 'talk to' databases, and are respresented by provider-specific classes such
as SQLConnection. Commands travel over connections and resultsets are returned in the form
of streams which can be read by a DataReaderobject, or pushed into a DataSetobject.
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
57/100
Commands:
Commands contain the information that is submitted to a database, and are represented by
provider-specific classes such as SQLCommand. A command can be a stored procedure call, an
UPDATE statement, or a statement that returns results. You can also use input and output
parameters, and return values as part of your command syntax. The example below shows how
to issue an INSERT statement against the Northwinddatabase.
Data Readers:
The Data Readerobject is somewhat synonymous with a read-only/forward-only cursor over
data. The DataReaderAPI supports flat as well as hierarchical data. A DataReaderobject is
returned after executing a command against a database. The format of the returned DataReader
object is different from a recordset. For example, you might use the DataReader to show the
results of a search list in a web page.
DataSets and DataAdapters :
DataSets:
The DataSetobject is similar to the ADO Recordsetobject, but more powerful, and with one
other important distinction: the DataSetis always disconnected. The DataSetobject represents a
cache of data, with database-like structures such as tables, columns, relationships, and
constraints. However, though a DataSet can and does behave much like a database, it is
important to remember that DataSet objects do not interact directly with databases, or other
source data. This allows the developer to work with a programming model that is always
consistent, regardless of where the source data resides. Data coming from a database, an XML
file, from code, or user input can all be placed into DataSetobjects. Then, as changes are made
to the DataSet they can be tracked and verified before updating the source data. The
GetChangesmethod of the DataSetobject actually creates a second DatSetthat contains only
the changes to the data. This DataSetis then used by a DataAdapter(or other objects) to update
the original data source.
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
58/100
The DataSethas many XML characteristics, including the ability to produce and consume XML
data and XML schemas. XML schemas can be used to describe schemas interchanged via
WebServices. In fact, a DataSet with a schema can actually be compiled for type safety and
statement completion.
DataAdapters (OLEDB/SQL):
The DataAdapter object works as a bridge between the DataSet and the source data.
Using the provider-specific SqlDataAdapter (along with its associated SqlCommand and
SqlConnection) can increase overall performance when working with a Microsoft SQL Server
databases. For other OLE DB-supported databases, you would use the OleDbDataAdapter
object and its associated OleDbCommandand OleDbConnectionobjects.
The DataAdapter object uses commands to update the data source after changes have been
made to the DataSet. Using the Fillmethod of the DataAdaptercalls the SELECT command;
using the Updatemethod calls the INSERT, UPDATE or DELETE command for each changed
row. You can explicitly set these commands in order to control the statements used at runtime to
resolve changes, including the use of stored procedures. For ad-hoc scenarios, a
CommandBuilder object can generate these at run-time based upon a select statement.
However, this run-time generation requires an extra round-trip to the server in order to gather
required metadata, so explicitly providing the INSERT, UPDATE, and DELETE commands at
design time will result in better run-time performance.
1. ADO.NET is the next evolution of ADO for the .Net Framework.2. ADO.NET was created with n-Tier, statelessness and XML in the forefront. Two new objects,
the DataSetand DataAdapter, are provided for these scenarios.
3. ADO.NET can be used to get data from a stream, or to store data in a cache for updates.4. There is a lot more information about ADO.NET in the documentation.5. Remember, you can execute a command directly against the database in order to do inserts,
updates, and deletes. You don't need to first put data into a DataSetin order to insert, update,
or delete it.
7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
59/100
6. Also, you can use a DataSet to bind to the data, move through the data, and navigate datarelationships.
MS ACCESS
In addition to using its own database storage file, Microsoft Access may also be used as the 'front-end' with other
products as the 'back-end' tables, such asMicrosoft SQL Serverand non-Microsoft products such
asOracleandSybase.Multiple backend sources can be used by a Microsoft Access Jet Database (accdb and mdb
formats). Similarly, some applications will only use the Microsoft Access tables and use another product as a front-
end, such asVisual BasicorASP.NET.Microsoft Access may be only part of the solution in more complex
applications, where it may be integrated with other technologies such asMicrosoft Excel,Microsoft
OutlookorActiveX Data Objects.
Access tables support a variety ofstandard field types,indices,andreferential integrity.Access also includes
aqueryinterface,forms to display and enter data, and reports for printing. The underlying Jet database,which
contains these objects, ismultiuser-awareand handlesrecord-lockingand referential integrity
includingcascadingupdatesanddeletes.
Repetitive tasks can be automated through macros withpoint-and-clickoptions. It is also easy to place a database on
a network and have multiple users share and update data without overwriting each other's work. Data is lockedat
therecordlevel which is significantly different fromExcelwhichlocksthe entire spreadsheet.
There aretemplatedatabases within the program and for download from theirwebsite.These options are available
upon starting Access and allow users to enhance a database with predefined tables,queries,forms, reports, and
macros. Templates do not includeVBAcode.
Programmers can create solutions using theprogramming languageVisual Basic for Applications (VBA),which is
similar toVisual Basic 6.0 (VB6)and used throughout theMicrosoft Officeprograms such
asExcel,Word,OutlookandPowerPoint.Most VB6 code, including the use of WindowsAPIcalls, can be used in
VBA.Power usersand developers can extend basicend-usersolutions to a professional solution with advanced
automation,data validation,error trapping,andmulti-usersupport.
The number of simultaneous users that can be supported depends on the amount of data, thetasksbeing performed,
level of use, andapplication design.Generally accepted limits are solutions with 1 GB or less of data (Access
supports up to 2 GB) and performs quite well with 100 or fewer simultaneous connections (255 concurrent users are
supported). This capability is often a good fit fordepartment solutions.If using an Access database solution in a
multi-user scenario, the application should be "split". This means that the tables are in one file called the back
end(typically stored on a shared network folder) and the application components (forms, reports, queries, code,
http://en.wikipedia.org/wiki/Microsoft_SQL_Serverhttp://en.wikipedia.org/wiki/Microsoft_SQL_Serverhttp://en.wikipedia.org/wiki/Microsoft_SQL_Serverhttp://en.wikipedia.org/wiki/Oracle_databasehttp://en.wikipedia.org/wiki/Oracle_databasehttp://en.wikipedia.org/wiki/Oracle_databasehttp://en.wikipedia.org/wiki/Sybasehttp://en.wikipedia.org/wiki/Sybasehttp://en.wikipedia.org/wiki/Sybasehttp://en.wikipedia.org/wiki/Visual_Basichttp://en.wikipedia.org/wiki/Visual_Basichttp://en.wikipedia.org/wiki/Visual_Basichttp://en.wikipedia.org/wiki/ASP.NEThttp://en.wikipedia.org/wiki/ASP.NEThttp://en.wikipedia.org/wiki/ASP.NEThttp://en.wikipedia.org/wiki/Microsoft_Excelhttp://en.wikipedia.org/wiki/Microsoft_Excelhttp://en.wikipedia.org/wiki/Microsoft_Excelhttp://en.wikipedia.org/wiki/Microsoft_Outlookhttp://en.wikipedia.org/wiki/Microsoft_Outlookhttp://en.wikipedia.org/wiki/Microsoft_Outlookhttp://en.wikipedia.org/wiki/Microsoft_Outlookhttp://en.wikipedia.org/wiki/ActiveX_Data_Objectshttp://en.wikipedia.org/wiki/ActiveX_Data_Objectshttp://en.wikipedia.org/wiki/ActiveX_Data_Objectshttp://en.wikipedia.org/w/index.php?title=Standard_field_types&action=edit&redlink=1http://en.wikipedia.org/w/index.php?title=Standard_field_types&action=edit&redlink=1http://en.wikipedia.org/w/index.php?title=Standard_field_types&action=edit&redlink=1http://en.wikipedia.org/wiki/Index_(database)http://en.wikipedia.org/wiki/Index_(database)http://en.wikipedia.org/wiki/Index_(database)http://en.wikipedia.org/wiki/Referential_integrityhttp://en.wikipedia.org/wiki/Referential_integrityhttp://en.wikipedia.org/wiki/Referential_integrityhttp://en.wikipedia.org/wiki/Information_retrievalhttp://en.wikipedia.org/wiki/Information_retrievalhttp://en.wikipedia.org/wiki/Graphical_user_interfacehttp://en.wikipedia.org/wiki/Graphical_user_interfacehttp://en.wikipedia.org/wiki/Graphical_user_interfacehttp://en.wikipedia.org/wiki/Microsoft_Jet_Database_Enginehttp://en.wikipedia.org/wiki/Microsoft_Jet_Database_Enginehttp://en.wikipedia.org/wiki/Microsoft_Jet_Database_Enginehttp://en.wikipedia.org/w/index.php?title=Multiuser-aware&action=edit&redlink=1http://en.wikipedia.org/w/index.php?title=Multiuser-aware&action=edit&redlink=1http://en.wikipedia.org/w/index.php?title=Multiuser-aware&action=edit&redlink=1http://en.wikipedia.org/wiki/Lock_(database)http://en.wikipedia.org/wiki/Lock_(database)http://en.wikipedia.org/wiki/Lock_(database)http://en.wikipedia.org/wiki/Event_cascadehttp://en.wikipedia.org/wiki/Event_cascadehttp://en.wikipedia.org/wiki/Update_(SQL)http://en.wikipedia.org/wiki/Update_(SQL)http://en.wikipedia.org/wiki/Update_(SQL)http://en.wikipedia.org/wiki/Delete_(SQL)http://en.wikipedia.org/wiki/Delete_(SQL)http://en.wikipedia.org/wiki/Delete_(SQL)http://en.wikipedia.org/wiki/Point-and-clickhttp://en.wikipedia.org/wiki/Point-and-clickhttp://en.wikipedia.org/wiki/Point-and-clickhttp://en.wikipedia.org/wiki/Lock_(database)http://en.wikipedia.org/wiki/Lock_(database)http://en.wikipedia.org/wiki/Lock_(database)http://en.wikipedia.org/wiki/Row_(database)http://en.wikipedia.org/wiki/Row_(database)http://en.wikipedia.org/wiki/Row_(database)http://en.wikipedia.org/wiki/Microsoft_Excelhttp://en.wikipedia.org/wiki/Microsoft_Excelhttp://en.wikipedia.org/wiki/Microsoft_Excelhttp://en.wikipedia.org/wiki/Lock_(computer_science)http://en.wikipedia.org/wiki/Lock_(computer_science)http://en.wikipedia.org/wiki/Lock_(computer_science)http://en.wikipedia.org/wiki/Template_(file_format)http://en.wikipedia.org/wiki/Template_(file_format)http://en.wikipedia.org/wiki/Template_(file_format)http://office.microsoft.com/en-us/templates/default.aspxhttp://office.microsoft.com/en-us/templates/default.aspxhttp://office.microsoft.com/en-us/templates/default.aspxhttp://en.wikipedia.org/wiki/Query_languagehttp://en.wikipedia.org/wiki/Query_languagehttp://en.wikipedia.org/wiki/Query_languagehttp://en.wikipedia.org/wiki/Visual_Basic_for_Applicationshttp://en.wikipedia.org/wiki/Visual_Basic_for_Applicationshttp://en.wikipedia.org/wiki/Visual_Basic_for_Applicationshttp://en.wikipedia.org/wiki/Programming_languagehttp://en.wikipedia.org/wiki/Programming_languagehttp://en.wikipedia.org/wiki/Visual_Basic_for_Applicationshttp://en.wikipedia.org/wiki/Visual_Basic_for_Applicationshttp://en.wikipedia.org/wiki/Visual_Basic_for_Applicationshttp://en.wikipedia.org/wiki/Visual_Basichttp://en.wikipedia.org/wiki/Visual_Basichttp://en.wikipedia.org/wiki/Visual_Basichttp://en.wikipedia.org/wiki/Microsoft_Officehttp://en.wikipedia.org/wiki/Microsoft_Officehttp://en.wikipedia.org/wiki/Microsoft_Officehttp://en.wikipedia.org/wiki/Microsoft_Excelhttp://en.wikipedia.org/wiki/Microsoft_Excelhttp://en.wikipedia.org/wiki/Microsoft_Excelhttp://en.wikipedia.org/wiki/Microsoft_Wordhttp://en.wikipedia.org/wiki/Microsoft_Wordhttp://en.wikipedia.org/wiki/Microsoft_Wordhttp://en.wikipedia.org/wiki/Microsoft_Outlookhttp://en.wikipedia.org/wiki/Microsoft_Outlookhttp://en.wikipedia.org/wiki/Microsoft_Outlookhttp://en.wikipedia.org/wiki/Microsoft_PowerPointhttp://en.wikipedia.org/wiki/Microsoft_PowerPointhttp://en.wikipedia.org/wiki/Microsoft_PowerPointhttp://en.wikipedia.org/wiki/APIhttp://en.wikipedia.org/wiki/APIhttp://en.wikipedia.org/wiki/APIhttp://en.wikipedia.org/wiki/Power_usershttp://en.wikipedia.org/wiki/Power_usershttp://en.wikipedia.org/wiki/Power_usershttp://en.wikipedia.org/wiki/End-userhttp://en.wikipedia.org/wiki/End-userhttp://en.wikipedia.org/wiki/End-userhttp://en.wikipedia.org/wiki/Data_validationhttp://en.wikipedia.org/wiki/Data_validationhttp://en.wikipedia.org/wiki/Data_validationhttp://en.wikipedia.org/wiki/Exception_handlinghttp://en.wikipedia.org/wiki/Exception_handlinghttp://en.wikipedia.org/wiki/Exception_handlinghttp://en.wikipedia.org/wiki/Multi-userhttp://en.wikipedia.org/wiki/Multi-userhttp://en.wikipedia.org/wiki/Multi-userhttp://en.wikipedia.org/wiki/Task_(project_management)http://en.wikipedia.org/wiki/Task_(project_management)http://en.wikipedia.org/wiki/Task_(project_management)http://en.wikipedia.org/wiki/Software_designhttp://en.wikipedia.org/wiki/Software_designhttp://en.wikipedia.org/wiki/Software_designhttp://en.wikipedia.org/w/index.php?title=Department_solutions&action=edit&redlink=1http://en.wikipedia.org/w/index.php?title=Department_solutions&action=edit&redlink=1http://en.wikipedia.org/w/index.php?title=Department_solutions&action=edit&redlink=1http://en.wikipedia.org/wiki/Open_Back-Endhttp://en.wikipedia.org/wiki/Open_Back-Endhttp://en.wikipedia.org/wiki/Open_Back-Endhttp://en.wikipedia.org/wiki/Open_Back-Endhttp://en.wikipedia.org/wiki/Open_Back-Endhttp://en.wikipedia.org/wiki/Open_Back-Endhttp://en.wikipedia.org/w/index.php?title=Department_solutions&action=edit&redlink=1http://en.wikipedia.org/wiki/Software_designhttp://en.wikipedia.org/wiki/Task_(project_management)http://en.wikipedia.org/wiki/Multi-userhttp://en.wikipedia.org/wiki/Exception_handlinghttp://en.wikipedia.org/wiki/Data_validationhttp://en.wikipedia.org/wiki/End-userhttp://en.wikipedia.org/wiki/Power_usershttp://en.wikipedia.org/wiki/APIhttp://en.wikipedia.org/wiki/Microsoft_PowerPointhttp://en.wikipedia.org/wiki/Microsoft_Outlookhttp://en.wikipedia.org/wiki/Microsoft_Wordhttp://en.wikipedia.org/wiki/Microsoft_Excelhttp://en.wikipedia.org/wiki/Microsoft_Officehttp://en.wikipedia.org/wiki/Visual_Basichttp://en.wikipedia.org/wiki/Visual_Basic_for_Applicationshttp://en.wikipedia.org/wiki/Programming_languagehttp://en.wikipedia.org/wiki/Visual_Basic_for_Applicationshttp://en.wikipedia.org/wiki/Query_languagehttp://office.microsoft.com/en-us/templates/default.aspxhttp://en.wikipedia.org/wiki/Template_(file_format)http://en.wikipedia.org/wiki/Lock_(computer_science)http://en.wikipedia.org/wiki/Microsoft_Excelhttp://en.wikipedia.org/wiki/Row_(database)http://en.wikipedia.org/wiki/Lock_(database)http://en.wikipedia.org/wiki/Point-and-clickhttp://en.wikipedia.org/wiki/Delete_(SQL)http://en.wikipedia.org/wiki/Update_(SQL)http://en.wikipedia.org/wiki/Event_cascadehttp://en.wikipedia.org/wiki/Lock_(database)http://en.wikipedia.org/w/index.php?title=Multiuser-aware&action=edit&redlink=1http://en.wikipedia.org/wiki/Microsoft_Jet_Database_Enginehttp://en.wikipedia.org/wiki/Graphical_user_interfacehttp://en.wikipedia.org/wiki/Information_retrievalhttp://en.wikipedia.org/wiki/Referential_integrityhttp://en.wikipedia.org/wiki/Index_(database)http://en.wikipedia.org/w/index.php?title=Standard_field_types&action=edit&redlink=1http://en.wikipedia.org/wiki/ActiveX_Data_Objectshttp://en.wikipedia.org/wiki/Microsoft_Outlookhttp://en.wikipedia.org/wiki/Microsoft_Outlookhttp://en.wikipedia.org/wiki/Microsoft_Excelhttp://en.wikipedia.org/wiki/ASP.NEThttp://en.wikipedia.org/wiki/Visual_Basichttp://en.wikipedia.org/wiki/Sybasehttp://en.wikipedia.org/wiki/Oracle_databasehttp://en.wikipedia.org/wiki/Microsoft_SQL_Server7/22/2019 Risk-Aware Mitigation for Manet Routing Attack3.0
60/100
macros, linked tables) are in another file called thefront end.The linked tables in the front end point to the back end
file. Each user of the Access application would then receive his or her own copy of the front end file.
Applications that run complex queries or analysis across large datasets would naturally require
greaterbandwidthandmemory.Microsoft Access is designed toscaleto support more data and users by linking to
multiple Access databases or using aback-enddatabase like Microsoft SQL Server. With the latter design, the
amount of data and users can scale toenterprise-levelsolutions.
Microsoft Access's role inweb developmentprior to version 2010 is limited.User interfacefeatures of Access, such
as forms and reports, only work inWindows.In versions 2000 through 2003 an Access object type called Data
Access Pages created publishable web pages. Data Access Pages are no longer supported. TheMicrosoft Jet
Database Engine,core to Access, can be accessed through technologies such asODBCorOLE DB.The data (i.e.,
tables and queries) can be accessed byweb-based applicationsdeveloped inASP.NET,PHP,orJava.
Access 2010 allows databases to be published toSharePoint2010 web sites runningAccess Services.These web-
based forms and reports run in any modern web browser. The resulting web forms and reports, when accessed via aweb browser, don't require any add-ins or extensions (e.g. ActiveX,Silverlight).
A compiled version of an Access database (File extensions: .MDE /ACCDE or .ADE; ACCDE only works with
Access 2007 or later) can be created to prevent user from accessing the design surfaces to modify module code,
forms, and reports. An MDE/ACCDE file is a Microsoft Access database file with all modules compiled and all
editable source code removed. An ADE file is an Access project file with all modules compiled and all editable
source code removed. Both the .MDE/ACCDE and .ADE versions of an Access database are used when end-user
modifications are not allowed or when the applications source code should be kept confidential.
Microsoft offers aruntimeversion of Microsoft Access 2007 fordownload.This allows people to create Access
solutions and distribute it for use by non-Microsoft Access owners (similar to the way DLLsorEXEsare
distributed). Unlike the regular version of Access, the runtime version allows users to use the Access application but
they cannot use its design surfaces.
Microsoft also offersdeveloper extensionsfor download to help distribute Access applications, create database
templates, and integratesource codecontrol withMicrosoft Visual SourceSafe.
[edit]Features
Users can create tables, queries, forms and reports, and connect them together withmacros.Advanced users can
useVBAto write rich solutions with advanceddata manipulationand user control. Access also has report creation
features that can work with any data source that Access can "access".
The original concept of Access was for end users to be able to "access" data from any source. Other features include:
the import and export of data to many formats includingExcel,Outlook,ASCII,dBase,Paradox,FoxPro,SQL
Server,Oracle,ODBC,etc. It also has the ability to link to data in its existing location and use it for viewing,
querying, editing, and reporting. This allows the existing data to change while ensuring that Access uses the latest
http://en.wikipedia.org/wiki/Open_Back-Endhttp://en.wikipedia.org/wiki/Open_Back-Endhttp://en.wikipedia.org/wiki/Open_Back-Endhttp://en.wikipedia.org/wiki/Bandwidth_(computing)http://en.wikipedia.org/wiki/Bandwidth_(computing)http://en.wikipedia.org/wiki/Bandwidth_(computing)http://en.wikipedia.org/wiki/Memory_(computers)http://en.wikipedia.org/wiki/Memory_(computers)http://en.wikipedia.org/wiki/Memory_(computers)http://en.wiktionary.org/wiki/scalehttp://en.wiktionary.org/wiki/scalehttp://en.wiktionary.org/wiki/scalehttp://en.wikipedia.org/wiki/Back-endhttp://en.wikipedia.org/wiki/Back-endhttp://en.wikipedia.org/wiki/Back-endhttp://en.wikipedia.org/w/index.php?title=Enterprise-level&action=edit&redlink=1http://en.wikipedia.org/w/index.php?title=Enterprise-level&action=edit&redlink=1http://en.wikipedia.org/w/index.php?title=Enterprise-level&action=edit&redlink=1http://en.wikipedia.org/wiki/Web_developmenthttp://en.wikipedia.org/wiki/Web_developmenthttp://en.wikipedia.org/wiki/Web_developmenthttp://en.wikipedia.org/wiki/User_interfacehttp://en.wikipedia.org/wiki/User_interfacehttp://en.wikipedia.org/wiki/User_interfacehttp://en.wikipedia.org/wiki/Microsoft_Windowshttp://en.wikipedia.org/wiki/Microsoft_Windowshttp://en.wikipedia.org/wiki/Microsoft_Windowshttp://en.wikipedia.org/wiki/Microsoft_Jet_Database_Enginehttp://en.wikipedia.org/wiki/Microsoft_Jet_Database_Enginehttp://en.wikipedia.org/wiki/Microsoft_Jet_Database_Enginehttp://en.wikipedia.org/wiki/Microsoft_Jet_Database_Enginehttp://en.wikipedia.org/wiki/ODBChttp://en.wikipedia.org/wiki/ODBChttp://en.wikipedia.org/wiki/ODBChttp://en.wikipedia.org/wiki/OLE_DBhttp://en.wikipedia.org/wiki/OLE_DBhttp://en.wikipedia.org/wiki/OLE_DBhttp://en.wikipedia.org/wiki/Web_applicationhttp://en.wikipedia.org/wiki/Web_applicationhttp:/