TITLE OF PROJECT

Synopsis submitted
in
partial fulfillment of requirement for the award of
degree of


Master of Engineering
in
Wireless Communication and Computing


by
Ms. Priyanka M.Nandagawli



Guide
Prof.A.N.Jaiswal




Department of Computer Science & Engineering
G.H. Raisoni Institute of Engineering and Technology for Women,
Nagpur
( Rashtrasant Tukadoji Maharaj Nagpur University, Nagpur)



Session 2013-2014




Certificate


The synopsis titled ------XYZ--------------- submitted by Ms. Priyanka M.Nandagawli
student of 3
rd
Semester M.E. (Wireless Communication and Computing) as a part of
degree of Master of Engineering in Wireless Communication and Computing
Engineering, by Rashtrasant Tukadoji Maharaj Nagpur University, Nagpur, shall be
carried out under my/our supervision in the Department of Computer Science and
Engineering of G. H. Raisoni Institute of Engineering and Technology for Women,
during academic session 2013-2014. The proposed subject of research and the synopsis
enclosed here with have my/our approval.








Co-Guide Project
















Prof. P. S. Mohod
Head, Department of CSE,
G. H. Raisoni Institute of Engineering &
Technology for Women,
Nagpur
Dr. V. K. Chandrakar,
Principal,
G. H. Raisoni Institute of Engineering &
Technology for Women,
Nagpur
Project Guide
Ms. Snehal kathale
Lect. CSE Dept.
G. H. Raisoni Institute of Engineering &
Technology for Women,
Nagpur







Project Guide
Prof.A.N.Jaiswal
Lect. CSE Dept.
G. H. Raisoni Institute of Engineering &
Technology for Women,
Nagpur
1. Introduction:

The exponential growth in the development and acceptance of mobile communications in
recent years is especially observed in the fields of wireless local area networks, mobile systems,
and ubiquitous computing. This growth is mainly due to the mobility offered to users, providing
access to information anywhere, user friendliness, and easy deployment. Furthermore, the
scalability and flexibility of mobile communications increase users productivity and efficiency.
Spontaneous ad hoc networks are formed by a set of mobile terminals placed in a close location
that communicate with each other, sharing resources, services or computing time during a limited
period of time and in a limited space, following human interaction pattern .People are attached to
a group of people for a while, and then leave. Network management should be transparent to the
user. A spontaneous network is a special case of ad hoc networks. They usually have little or no
dependence on a centralized administration. Spontaneous networks can be wired or wireless. I am
consider only wireless spontaneous networks .
Their objective is the integration of services and devices in the same environment, enabling
the user to have instant service without any external infrastructure. Because these networks are
implemented in devices such as laptops, PDAs or mobile phones, with limited capacities, they
must use a lightweight protocol, and new methods to control, manage, and integrate them.
Configuration services in spontaneous networks depend significantly on network size, the nature
of the participating nodes and running applications .Spontaneous networks imitate human
relations while having adaptability to new conditions and fault tolerance (the failure of a device
or service should not damage the functionality). Methods based on imitating the behavior of
human relations facilitate secure integration of services in spontaneous networks .
Furthermore, cooperation among the nodes and quality of service for all shared network
services should be provided].Spontaneous ad hoc networks require well defined, efficient and
user-friendly security mechanisms. Tasks to be performed include: user identification, their
authorization, address assignment, name service, operation, and safety. Generally, wireless
networks with infrastructure use Certificate Authority (CA) servers to manage node
authentication and trust . Although these systems have been used in wireless ad hoc and sensor
networks, they are not practical because a CA node has to be online (or is an external node) all
the time. Moreover, CA node must have higher computing capacity. Security should be based on
the required confidentiality, node cooperation, anonymity, and privacy. Exchanging photos
between friends requires less security than exchanging confidential documents between enterprise
managers. Moreover, all nodes may not be able to execute routing and/or security protocols.
Energy constraints, node variability, error rate, and bandwidth limitations mandate the design and
use of adaptive routing and security mechanisms, for any type of devices and scenarios.
The Important features in spontaneous networks are mentioned below:-
1. Network boundaries are poorly defined.
2. The network is not planned.
3. Hosts are not preconfigured.
4. There are not any central servers.
5. Users are not experts.
In this type of network the configuration services requirements mainly depends on the size of the
network , then nature of Participation of Nodes and running applications. Generally wireless
networks with setup use Certificate Authority (CA) servers to manage node trust and
authentication. These systems usually have been used in wireless ad hoc and sensor networks,
Every time the networks cannot be practical as a CA node has to be online. Further, CA node
must have higher computing capacity. In such networks, the key share mechanisms for node
authorization and user authentication are needed to achieve a dependable communication and
node authorization in portable ad hoc networks.
Secured self-configured environment for data distribution and resources and services
sharing among users can be established by this network and protocol. Security is based on the
users service needs, and also to obtain a distributed certification authority it necessary to build
trust networks. The network allows users to join because it belongs to someone who knows it.
Hence, the new user is trusted by the certification authority. This allows the network to have a
distributed name service and also distribution of network management. We are used to apply
asymmetric cryptography, where each device has a
Public-private key pair for device identification and symmetric cryptography to share session
keys between nodes. There are unidentified users because validity and privacy are based on user
identification.











2.Objective:

Viruses and malwares can spread from computer networks into mobile networks
with the rapid growth of smart cellphone users. In a mobile network, viruses and malwares can
cause privacy data leakage, extra charges, and remote listening. Furthermore, they can jam
wireless servers by sending thousands of spam messages or track user positions through GPS.
Because of the potential damages of mobile viruses, it is important for us to gain a deep
understanding of the propagation mechanisms of mobile viruses. In this project, we propose a
network model for simulating virus propagation through both Bluetooth and SMS. Also the
malware and hybrid viruses that are propagating through sms as well as bluetooth . Different from
previous work, our work addresses the impacts of human behaviors, i.e., operational behavior and
mobile behavior, on virus propagation. Our simulation results will provide further insights into
the determining factors of virus propagation in mobile networks. Moreover, we examine two
strategies for restraining mobile virus propagation, i.e., pre-immunization and adaptive
dissemination strategies drawing on the methodology of autonomy-oriented computing (AOC).
The experimental results will show that our strategies can effectively protect large-scale and/or
highly dynamic mobile networks.














2. Literature survey:
Till now, many steps are applied for spontaneous wireless ad-hoc network for joining the
network securely. Let us see some of which we are using in the project.

a) Step 1: Joining Procedure:

This step enables devices to communicate, including the automatic configuration
of logical and physical parameters. The system is based on the use of an IDentity Card
(IDC) and a certificate. The IDC contains public and private components. The public
component contains a Logical IDentity(LID), which is unique for each user and allows
nodes to identify it. It may include information such as name, photograph or other type
of user identification. This idea has been used in other systems such as in vehicular ad
hoc networks [25]. It also contains the users public key (Ki), the creation and expiration
dates, an IP proposed by the user, and the user signature. The user signature is generated
using the Secure Hash Algorithm (SHA-1) on the previous data to obtain the data
summary. Then, the data summary is signed with the users private key. The private
component contains the private key (ki). The user introduces its personal data (LID) the
first time he/she uses the system because the security information is generated then.
Security data are stored persistently in the device for future use. Certificate Cij of the
user i consists of a validated IDC, signed by a user j that gives its validity. To obtain IDC
signature of user i, the summary function obtained by SHA-1 is signed with js private
key. No central certification authority is used to validate IDC. Validation of integrity
and authentication is done automatically in each node. The certification authority for a
node could be any of the trusted nodes.
This system enables us to build a distributed certification authority between
trusted nodes. When node A wants to communicate with another node B and it does not
have the certificate for B, it requests it from its trusted
nodes. After obtaining this certificate the system will validate the data; if correct then it
will sign this node as a valid node. All nodes can be both clients and servers, can request
or serve requests for information or authentication from other nodes. The first node
creates the spontaneous network and generates a random session key, which will be
exchanged with new nodes after the authentication phase. Fig. 1 shows phases of a node
joining the network: node authentication and authorization, agreement on session key,
transmission protocol and speed, and IP address and routing. When node B wants to join
an existing network, it must choose a node within communication range to authenticate
with (e.g., node A). A will send its public key. Then, B will send its IDC signed by As
public key. Next, A validates the received data and verifies the hash of the message in
order to check that the data has not been modified. In this step, A establishes the trust
level of B by looking physically at B (they are physically close), depending on whether A
knows B or not. Finally, A will send its IDC data to B (it may do so even if it decides not
to trust B). This data will be signed by Bs public key (which has been received on Bs
IDC). B will validate As IDC and will establish the trust and validity in A only by
integrity verification and authentication. If A does not reply to the joining request, B must
select another network node (if one exists). After the authentication, B can access data,
services, and other nodes certificates by a route involving other nodes in network.
Security management in the network is based on thePublic Key Infrastructure and the
symmetric key encryptionscheme. Symmetric key is used as a session key to cipher the
confidential messages between trust nodes. It has less energy requirements than the
asymmetric key. We have used the Advanced Encryption Standard (AES) algorithm for
the symmetric encryption scheme . It offers high security because its design structure
removes subkey symmetry. Moreover, execution times and energy consumption in
cryptography processes are adequate for low-power devices. The asymmetric key
encryption scheme is used for distribution of the session key and for the user
authentication process.
We used two types of asymmetric encryption schemes: Elliptic Curve
Cryptosystem (ECC),because of its high performance , and the Rivest, Shamir
& Adleman cryptographic algorithm (RSA) . After the mutual authentication, A will
encrypt the session key with Bs public key and will send it to B. Then, they will agree
the transmission protocols and the wireless connection speed. Finally, B will configure IP
address and routing information. Secure routing protocol is borrowed from. B generates
an IP address which has a fixed part in the first two bytes and the rest is formed by a
random number which depends on the users data. Then, B will send the data to process
the routing information to A. A will check whether the IP is duplicated in the network.
When B sends data to other network nodes, e.g., node C, these data will be validated by C
(using hashing and authentication methods).Afterwards, C will establish the trust level
with B, by looking physically. If no trust level is established, it will be done afterwards
by using trusted chains.







b) Step 2: Services Discovery
B asks for the available services. Services can be discovered using Web Services
Description Language (WSDL). Our model is based on , but in our spontaneous network
we dont use a central server. Moreover, other service discovery services can be
implemented in our system . A user can ask other devices in order to know the available
services. It has an agreement to allow access to its services and to access the services
offered by other nodes. Services have a large number of parameters which are not
transparent to the user and require manual configuration. One issue is to manage the
automatic integration tasks and use, for example, service agents. Other is to manage
secure access to the services offered by the nodes in the network.The fault tolerance of
the network is based on the routing protocol used to send information between users.
Services provided by B are available only if there is a path to B, and disappear when B
leaves the network.

c) Step 3: Establishing Trusted Chain and Changing
Trust Level
There are only two trust levels in the system. Node A either trusts or does not trust
another node B. The software application installed in the device asks B to trust A when it
receives the validated IDC from B. Trust relationship can be asymmetric. If node A did
not establish trust level with node B directly, it can be established through trusted chains,
e.g., if A trusts C and C trusts B, then A may trust B. Trust level can change over time
depending on the nodes behavior. Thus, node A may decide not to trust node B
although A still trusts C and C trusts B. It can also stop trusting if it discovers that
previous trust chain does not exist anymore.

According
to the communication channels of mobile viruses, mobile viruses fall into two categories: BT-
based viruses (e.g., Cabir, Lasco) and SMS-based viruses (e.g., TXSBBSpy, A BT-based virus is
a local-contact driven virus since it infects other phones only through Bluetooth and WiFi
devices within a short radio range. Similar to other contract-based diseases in humans (e.g.,
SARS and H1N1) , the propagation of a BT-based virus follows a spatially localized spreading
pattern. One of the most common approaches to studying such virus propagation is based on
epidemic modeling. It assumes that individuals are homogeneous
in a host population, each of which has an equal likelihood of contact with others . Some studies
have applied epidemic modeling to analyzing the propagation dynamics of a BT-based virus. For
example, studies reported in and have characterized the propagation process of a BT-based virus
based on the typical SI and SIR models, respectively. Because of the limited transmission range
of a Bluetooth device, human mobility plays an important role in BT-based virus propagation .
Statistics from mobile service providers that reveal the information about mobility patterns have
shown that users mobility possesses certain social network properties . However, most of the
models are, to a certain extent, simplified (e.g., using random walks in ) in characterizing human
mobility patterns, and do not consider the temporal patterns of human mobility (e.g., moving
probability at a given time and inter-contact times among phones (i.e., the time elapsed between
two consecutive contacts between two phones) . Although Wang et al. have improved the model
of a BT-based virus propagation, as reported in , by extracting and predicting the characteristics
of human mobility from real-world data traces, their model do not address the effects of
operational patterns (i.e., whether or not a user clicks on an infected message) on virus
propagation. On the other hand, SMS-based viruses can send copies of themselves to all phones
that are recorded in address books, by means of forwarding photos, videos, and short messages,
etc. The propagation of SMS-based viruses in mobile networks follows a long-range spreading
pattern that is similar to the spreading of computer viruses, especially worm propagation in e-mail
networks . When a user receives a suspicious message, the user normally has two options: either
open or delete it. Thus, the operational behavior of users play a key role in SMS-based virus
propagation. Users with certain awareness about the risk of viruses will not likely be infected
even if they receive an infected attachment from others. In order to quantitatively study SMS-
based virus propagation, we need to consider certain operational patterns, such as whether or not
users open a virus attachment. Although existing studies have constructed models of mobile
networks based on the call records or address books of phones , they do not take into account the
effects of human behaviors on virus propagation. In this work, we incorporate related research on
human mobility and operational behavior into our model in order to provide a computational
model for characterizing and simulating the propagation dynamics of mobile viruses.

a. Defense Strategies against Mobile Viruses


Some countermeasures such as anomaly detection technologies have been proposed
to protect users private information from being revealed to other users. For example, Bose et al.
have discriminated some malicious behaviors from normal operations by training a classifier
based on the method of support vector machines .Kim et al. have suggested a method of detecting
certain
malwares by monitoring battery-lifetime, which can find some unknown energy-depletion threats.
Cheng et al. have provided an approach to detecting both single-device and system-wide
abnormal behaviors by collecting and sending communization data to remote servers in order to
reduce the detection burden of phones .Although these abnormal detection technologies can
help directly protect phones from being affected by certain viruses, it is difficult for them to
detect new viruses. That is because the monitoring technologies must first be trained to recognize
normal and abnormal operational behaviors. If a new virus produces some unknown patterns ,
these monitoring technologies cannot detect such a virus. Therefore, it is challenging to detect a
worm outbreak at the early stage unless both users and security companies frequently update their
detection classifiers. Different from wired networks (e.g., computer networks), it is almost
impossible to send patches to all phones simultaneously and timely due to bandwidth constraints.
Thus, we need new strategies to efficiently disseminate security notifications or patches to as
many phones as possible with a relatively lower communication cost before a new virus spreads
to a large population. In order to reduce communication redundancy, some strategies send patches
based on Bluetooth. These strategies select some important phones that can divide a Bluetooth-
based network into different communities based on the contact time and frequency. Thereafter,
they send security signatures to all communities based on the local detection. However, this
method cannot ensure that users acquire patches in time . In order to enable the important
phones (that can amplify virus propagation scope as shown in to timely acquire patches, some
security notifications or patches can be directly sent from a center server to those phones through
pre-immunization strategies, as in e-mail networks [ For example, Zhu et al. have selected some
immunized phones based on clustered graph partitioning and balanced graph partitioning .This is
essentially a betweeness-based strategy as applied in email networks . However, this strategy
cannot readily be applied to a real-world mobile network due to the unknown and/or highly
dynamic topology of the network. In this paper, we examine the performance of an AOC-based
pre-immunization strategy that selects some highly-connected phones and prevents a virus from
turning into an epidemic. Furthermore, we design an AOC-based dissemination strategy that
distributes security notifications or patches to smart phones with a low communication
redundancy, in order to restrain virus propagation before it causes further infections.





















3. Proposed plan of work:

The project is divided into 3 modules and the expected time required to complete is as
follows.

Module 1 Design of output
scenario




























4. Research methodology to be employed:

In the EXISTING SYSTEM, Viruses and malwares can spread from computer networks into
mobile networks with the rapid growth of smart cell phone users. In a mobile network, viruses
and malwares can cause privacy data leakage, extra charges, and remote listening. In the
PROPOSED MODEL, we propose a two-layer network Process for Real time Model virus
propagation through both Bluetooth and SMS. We Model a Virus and sent as SMS as well as
Virus Data via Bluetooth to the other Users. As the users opens the SMS or the Data, Virus
Spreads into their Mobile. Using Android Application Patches are distributed to the Affected
Mobiles to clear the Virus in the Mobiles. The MODIFICATION we propose is that Automatic
SMs Alert is sent to the Server when Virus is affected in the Mobile, so that Patches is also
automatically delivered to clear the Virus in the affected Mobiles.


















The methodology used is based only on the detection of viruses in the network and
countermeasures to stop its propagation further.

5.1 SMS-Based Propagation Process

Social relationships are embodied in mobile networks based on the address books of smart
phones. If a phone is infected by an SMS-based virus, the virus automatically sends its copies to
other phones based on the address book of the infected phone. When users receive a suspicious
message from others, they may open or delete it based on their own security awareness and
knowledge about the risks of mobile viruses. Therefore, the security awareness of mobile
users is one of the dominant factors that determine SMS based virus propagation. In our model,
we simulate one type of operational behavior, i.e., whether or not a user opens a suspicious
message. The probability of clicking on a suspicious attachment can be used to reflect and
quantify the security awareness of a user. If users have higher security awareness, they would not
be infected even if they receive infected messages In order words, the lower the vi:pclick is, the
higher the security awareness will be.

. If a user opens an infected message, the phone of this user is infected and automatically
sends viruses to all phones based on its address book.
. If a user does not open an infected message, it is assumed that the user with higher
security awareness deletes this infected message.
. An infected phone sends out viruses to other phones only once, after which the infected
phone will not send out viruses any more.
. If a phone is patched (immunized), it will not send out viruses even if a user opens an
infected message.

5.2 BT-Based Propagation Process

Figure 1: architecture







Different from SMS-based viruses, if a phone is infected by a BT-based virus, it
automatically searches another phone through available Bluetooth services within a certain range,
and then replicates the BT-based virus to that phone. Therefore, users contact frequency and
mobility patterns play key roles in BT-based virus propagation. In our model, we integrate a
stochastic local infection dynamics among phones with the mobile behavior of each user in a
geographical network, taking into account prior research on human mobility.







5.3 COUNTERMEASURES AGAINST MOBILE VIRUSES

Based on our analysis, a smart phone can avoid a BT-based attack by turning off the Bluetooth
service. However, SMS based viruses often propagate through the trust relationships among
friends. Previous experiments also show that SMS-based viruses are more dangerous than BT-
Figure 2: Way of sending SMS/MMS or Bluetooth file
based viruses in terms of propagation speed and scope. In this project, we are using two
strategies to restrain SMS-based virus propagation.

1. Pre-immunization strategy
2. Patch dissemination strategy


Pre-immunization strategy
It is always beneficial technique to immunize the network beforehand, so that the mobile devices
will get patches before it is infected by the virus or malwares. Some strategies have been
proposed to restrain virus propagation by dividing a mobile network into small clusters. However,
it would be difficult for these strategies to deal with large-scale, decentralized and/or highly
dynamic networks. This strategy is based on the performance of the AOC-based pre-
immunization strategy , in restraining SMS-based virus propagation. In order to cut the epidemic
path and reduce the infection rate as low as possible, the AOC-based pre-immunization strategy
selects a group of phones, with the highest degrees and larger transmission capabilities in a
mobile network, for protection (e.g., patching). Furthermore, it evaluate the robustness and
scalability of the AOC-based pre-immunization strategy in and show how it works with large-
scale and/or highly dynamic mobile network.



Patch Dissemination Strategy
The pre-immunization to protect networks before virus propagation, However, in reality, we
detect certain viruses and then allocate patches or antivirus programs into networks only after
these viruses have already propagated (e.g., Melissa). Due to the network bandwidth constrains,
the security notifications or patches cannot be sent to all users simultaneously. Therefore, we
propose an adaptive dissemination strategy based on the methodology of AOC in order to
efficiently send security notifications or patches to most of phones with a relatively lower
communication cost.













Algorithms that are to be improved:

Algorithm 1. Mobile virus propagation
Input: GN_N_, TNt_, PNp_
Output: SMSnum[step][k] and BTnum[step][k] store the total
numbers of phones infected by SMS-based and BT-based
viruses, respectively, at the kth time
1. Propagation_initPhone( );
2. for k 1 to Runtime do//average results over Runtime
times
3. for step 1 to Endsimul do //simulation steps is 500
4. for i 1 to Np do //SMS-based propagation
5. if(vi:on-off True); //the phone is open
6. if vi:status Dangerous && vi:pclick > rand() then
7. vi is infected and send viruses to its friends;
8. sumI++;
9. SMSnum[step][k_ sumI ;
10. for each cell tower Ti do // BT-based propagation
11. vit vit+BT_SIR(Ti); // SIR model in each tower
12. BTnumstep_k_ vit;



Algorithm 2. Human_Mobility(step)
Input: The position of users in Grid
Output: A new position at the next time step
1. for each phone vi do
2. if rand()< MovingProbstep_ then
3. visited place int1=rand;
4. if vi.PosFrequencyvisited place_0_ > 0 then
5. vi returns to a visited place based on PLin [7];
6. vi. PosFrequency visited place_0_++;
7. else
8. vi goes to a new place;
9. vi.PosFrequency newplace_0_++;
10. else
11. vi stays at the current place;
12. vi. PosFrequency visited place_0_++;
13. Sort_PosFrequency(vi);


5. Expected outcome and Future work:


1. Using this Application Patches are distributed to the Affected Mobiles to clear the Virus
in the Mobiles.
2. SMS Alert is sent to the Server when Virus is affected in the Mobile
3. Considering the dynamic changes of users behavior in the course of mobile virus
propagation.
4. As the future work, this research can be extended to analyze more human behavior.

















All the titles should be Times New Roman 12pt Bold & subtitles Times New Roman 11pt Bold
Remaining matter should be Times New Roman 11pt with 1.5 line spacing

1. Introduction: - Giving purpose of research (in about 200 words)

2. Objective: - Justification and objective of carrying out the research work.

3. Literature review:- A brief review and comparison of the existing research work. Also
mention about noteworthy contributions in the field of proposed work

4. Proposed plan of work:- Plan and timeline for completing various phases of the work and
total time required to get the expected results.

5. Research methodology to be employed: Proposed methodology during the tenure of the
research work

6. Expected Outcome and Future Work:- Clearly state the final outcome as expected out of the
work. Also suggest future work that may be undertaken to extend the research work.

7. Conclusion:

8. References: References in standard format.




Signature of the student

Name of student:
Class/Semester:
Shift:
Branch:
Email id:
Mobile number:
Department:
Institute: G. H. Raisoni Institute of Engineering and Technology for Women, Nagpur
Academic session: 2013-2014