ANNEXURE- I

SECURITY IN MAIL SYSTEM THROUGH CAPTCHA

Project Report submitted on partial fulfillment of the requirements for the award of the degree of

BACHELOR OF TECHNOLOGY IN

COMPUTER SCIENCE AND ENGINEERINGBY

SHRAVYA.S -07951A0586SRIANKA.N -07951A0591

SRUTHI SPANDANA.M -07951A0594

UNDER THE GUIDANCE OF

Mr.B.UMA SHANKAR

DEPARTMENT OF COMPUTER SCEINCE AND ENGINEERINGINSTITUTE OF AERONAUTICAL ENGINEERING

DUNDIGALHYDERABAD – 500043

( Affiliated to Jawaharlal Nehru Technological University)APRIL 2011

ANNEXURE -2

INSTITUTE OF AEARONAUTICAL ENGINEERINGDUNDIGAL

HYDERABAD – 500043

CERTIFICATE

This is to certify that the project entitled SECURITY IN MAIL SYSTEM THROUGH C.A.P.T.C.H.A. is a bonafide one being carried out at MYGO INFORMATICS by SHRAVYA.S(07951A0586) ,SRIANKA.N(07951A0591) ,SRUTHI SPANDANA.M(07951A0594) of B. Tech III Year II semester as a partial fulfilment of acedamic requirement for the award of B.Tech degree in Computer Science and Engineering discipline during May 2010 – July 2011

Internal Examiner External Examiner

(Head of Computer Science and Engineering Department)

INDEXS.No Page No.

1. Abstract2. Introduction3. System Analysis

Existing Proposed Feasibility Study Software Requirement Specification

4. System Design Maintenance

Functional Description Functions

UML Diagrams Class Diagram UseCase Diagram Interaction Diagram

Database Tables Input Form Formats Report Formats

5. Coding and Implementation Sample code

6. Test plans7. Output screens8. Future Enhancements9. Conclusion10. Bibliography

ABSTRACT

The design of an Electronic-Mail system that can operate in a personalcomputer (PC) environment and with complete security is presented. The underlying philosophy is based on a centralized mailbox approach, wherein a dedicated SERVER stores the mail submitted by an originating USER, and then delivers it to the recipient USER upon request. The software components for each of the USER and the SERVER are provided. And also security is for the mail system has been provided through CAPTCHA.

A CAPTCHA (an acronym for "completely automated public Turing test to tell computers and humans apart,” trademarked by Carnegie Mellon University) or a MAPTCHA (Mathematical) is a type of challenge-response test used in computing to determine whether or not the user is human. The term was coined in 2000 by Luis von Ahn , Manuel Blum, Nicholas J. Hopper of Carnegie Mellon University, and John Langford of IBM. A common type of CAPTCHA requires that the user type the letters of a distorted image, sometimes with the addition of an obscured sequence of letters or digits that appears on the screen. Because the test is administered by a computer, in contrast to the standard Turing test that is administered by a human, a CAPTCHA is sometimes described as a reverse Turing test. This term, however, is ambiguous because it could also mean a Turing test in which the participants are both attempting to prove they are the computer.

ORIGIN

Since the early days of the Internet, users have wanted to make text illegible to computers. The first such people were hackers, posting about sensitive topics to online forums they thought were being automatically monitored for keywords. To circumvent such filters, they would replace a word with look-alike characters. HELLO could become |-| 3 |_ |_ () or)-(3 £ £ 0, as well as numerous other variants, such that a filter could not possibly detect all of them. This later became known as leetspeak. The first discussion of automated tests which distinguish humans from computers for the purpose of controlling access to web services appears in a 1996 manuscript of Moni Naor from the Weizmann Institute of Science, entitled "Verification of a human in the loop, or Identification via the Turing Test.” Primitive CAPTCHAs seem to have been later developed in 1997 at AltaVista by Andrei Broder and his colleagues in order to prevent bots from adding URLs to their search engine.

Looking for a way to make their images resistant to OCR attack, the team looked at the manual to their Brother scanner, which had recommendations for improving OCR's results (similar

typefaces, plain backgrounds, etc.). The team created puzzles by attempting to simulate what the manual claimed would cause bad OCR. In 2000, von Ahn and Blum developed and publicized the notion of a CAPTCHA, which included any program that can distinguish humans from computers. They invented multiple examples of CAPTCHAs, including the first CAPTCHAs to be widely used (at Yahoo!).

APPLICATIONS

CAPTCHAs are used to prevent bots from using various types of computing services. Applications include preventing bots from taking part in online polls, registering for free email accounts (which may then be used to send spam), and, more recently, preventing bot-generated spam by requiring that the (unrecognized) sender pass a CAPTCHA test before the email message is delivered. They have also been used to prevent people from using bots to assist with massive downloading of content from multimedia websites. CAPTCHAs are used in online message boards and blog comments to prevent bots from posting spam links as a comment or message.

INTRODUCTION

VISION

The project Entitled SECURITY IN MAIL SYSTEM THROUGH C.A.P.T.C.H.A. is mainly

aimed at developing better CAPTCHAs. The best CAPTCHA would allow all human to pass

through, while rejecting all machines. We would like to test these CAPTCHAs and invite both

users and bots to attack them.

SCOPE

CAPTCHA can be deployed to protect systems vulnerable to e-mail spam, such as the webmail

services of Gmail, Hotmail, and Yahoo!. CAPTCHA have also found active use in stopping

automated posting to blogs or forums, whether as a result of commercial promotion, or

harassment and vandalism. CAPTCHA also serve an important function in rate limiting, as

automated usage of a service might be desirable until such usage is done in excess, and to the

detriment of human users. In such a case, a CAPTCHA can enforce automated usage policies as

set by the administrator when certain usage metrics exceed a given threshold. An example of a

system in which vulnerabilities exist, which could easily be prevented using CAPTCHA.

A CAPTCHA system is a means of automatically generating new challenges which:

Current computers are unable to accurately solve.

Most humans can solve.

Does not rely on the type of CAPTCHA being new to the attacker. Although a checkbox

"check here if you are not a bot" might serve to distinguish between humans and

computers, it is not a CAPTCHA because it relies on the fact that an attacker has not

spent effort to break that specific form.

Definition, Acronyms, Abbreviations

CAPTCHA - Completely Automated Public Turing test to tell Computers and Humans Apart

Bot – Internet bots, also known as web robots, WWW robots or simply bots, are software

applications that run automated tasks over the Internet

Overview

A way to tell apart a human from a computer by a test is known as a Turing Test. When a

computer program is able to generate such tests and evaluate the result, it is known as a

CAPTCHA (Completely Automated Public test to Tell Computers and Humans Apart). In the

past, Websites have often been attacked by malicious programs that register for service on

massive scale. Programs can be written to automatically consume large amount of Web resources

or bias results in on-line voting. This has driven researchers to the idea of CAPTCHA-based

security, to ensure that such attacks are not possible without human intervention, which in turn

makes them ineffective. CAPTCHA-based security protocols have also been proposed for related

issues, e.g., countering Distributed Denial-of-Service (DDoS) attacks on Web servers. A

CAPTCHA acts as a security mechanism by requiring a correct answer to a question which only

a human can answer any better than a random guess. Humans have speed limitation and hence

cannot replicate the impact of an automated program. Thus the basic requirement of a

CAPTCHA is that computer programs must be slower than humans in responding correctly. To

that purpose, the semantic gap between human understanding and the current level of machine

intelligence can be exploited. Most current CAPTCHAs are text-based.

Commercial text-based CAPTCHAs have been broken using object-recognition techniques, with

accuracies of up to 99% on EZ-Gimpy. This reduces the reliability of security protocols based on

text-based CAPTCHAs. There have been attempts to make these systems harder to break by

systematically adding noise and distortion, but that often makes them hard for humans to

decipher as well. Image-based CAPTCHAs have been proposed as alternatives to the text media.

More robust and user-friendly systems can be developed. State-of-theart content-based image

retrieval (CBIR) and annotation techniques have shown great promise at automatically finding

semantically similar images or naming them, both of which allow means of attacking image-

based CAPTCHAs. Generally CAPTCHAs are look like shown as below:

Modern CAPTCHA

CAPTCHA with crowded symbols

Shadow Filter

Applications of CAPTCHA’s:

CAPTCHA’s have several applications for practical security:

Preventing Comment Spam in Blogs. Most bloggers are familiar with programs that

submit bogus comments, usually for the purpose of raising search engine ranks of some

website (e.g., "buy penny stocks here"). This is called comment spam. By using a

CAPTCHA, only humans can enter comments on a blog. There is no need to make users

sign up before they enter a comment, and no legitimate comments are ever lost!

Protecting Website Registration. Several companies (Yahoo!, Microsoft, etc.) offer free

email services. Up until a few years ago, most of these services suffered from a specific

type of attack: "bots" that would sign up for thousands of email accounts every minute.

The solution to this problem was to use CAPTCHAs to ensure that only humans obtain

free accounts. In general, free services should be protected with a CAPTCHA in order to

prevent abuse by automated scripts.

Protecting Email Addresses From Scrapers. Spammers crawl the Web in search of

email addresses posted in clear text. CAPTCHAs provide an effective mechanism to hide

your email address from Web scrapers. The idea is to require users to solve a CAPTCHA

before showing your email address.

Online Polls. As is the case with most online polls, IP addresses of voters were recorded

in order to prevent single users from voting more than once. However, students at

Carnegie Mellon found a way to stuff the ballots using programs that voted for CMU

thousands of times. CMU's score started growing rapidly. The next day, students at MIT

wrote their own program and the poll became a contest between voting "bots." MIT

finished with 21,156 votes, Carnegie Mellon with 21,032 and every other school with less

than 1,000. Can the result of any online poll be trusted? Not unless the poll ensures that

only humans can vote.

Preventing Dictionary Attacks. CAPTCHAs can also be used to prevent dictionary

attacks in password systems. The idea is simple: prevent a computer from being able to

iterate through the entire space of passwords by requiring it to solve a CAPTCHA after a

certain number of unsuccessful logins. This is better than the classic approach of locking

an account after a sequence of unsuccessful logins, since doing so allows an attacker to

lock accounts at will.

Search Engine Bots. It is sometimes desirable to keep web pages unindexed to prevent

others from finding them easily. There is an html tag to prevent search engine bots from

reading web pages. The tag, however, doesn't guarantee that bots won't read a web page;

it only serves to say "no bots, please." Search engine bots, since they usually belong to

large companies, respect web pages that don't want to allow them in. However, in order

to truly guarantee that bots won't enter a web site, CAPTCHAs are needed.

SYSTEM ANALYSIS

Existing System

The existing system consists of the typing test given to help determine if the person typing is

really a human or some bot. It can be an anti-spam device. You must prove yourself a true

human posting some message or recommending URL rather than a computer program spamming

the universe. The test typically requires you to type in some warped series of letters.

Limitations in Existing System

There is no security in those anti-spam devices, because while transferring URL to that anti-

spam device there may be spammers to hack the data.

There is a very long process to type required test into the specified text box to prove user self as

human in the registration or form filling process in sites.

Proposed System

The proposed system consists of a CAPTCHA is a program that protects websites against bots by

generating and grading tests that humans can pass but current computer programs cannot.

Problem Definition

The main objective of the project is to generate the CAPTCHA images, provide a secure Form

filling interface for the internet based Applications. Provide environment for the user to handle

manually the form filling task. Provide the interface for the user to identify the image and fill the

specified text box.

It is sometimes rumored that spammers are using pornographic sites to solve CAPTCHAs: the

CAPTCHA images are sent to a porn site, and the porn site users are asked to solve the

CAPTCHA before being able to see a pornographic image. This is not a security concern for

CAPTCHAs. While it might be the case that some spammers use porn sites to attack

CAPTCHAs, the amount of damage this can inflict is tiny (so tiny that we haven't even noticed a

dent!). Whereas it is trivial to write a bot that abuses an unprotected site millions of times a day,

redirecting CAPTCHAs to be solved by humans viewing pornography would only allow

spammers to abuse systems a few thousand times per day. The economics of this attack just don't

add up: every time a porn site shows a CAPTCHA before a porn image, they risk losing a

customer to another site that doesn't do this.

Advantages over Existing System

background colors

background gradient fill colors

fonts (2 default and limited to the amount of font's on your system)

font color

random character generator (characters can be configured)

optional border around the CAPTCHA

border color (defaults to black)

border thinness (defaults to one)

Feasibility Study :

Economic Feasibility

Economic feasibility attempts 2 weigh the costs of developing and implementing a new system,

against the benefits that would accrue from having the new system in place. This feasibility study

gives the top management the economic justification for the new system.

A simple economic analysis which gives the actual comparison of costs and benefits are much

more meaningful in this case. In addition, this proves to be a useful point of reference to compare

actual costs as the project progresses. There could be various types of intangible benefits on

account of automation. These could include increased customer satisfaction, improvement in

product quality better decision making timeliness of information, expediting activities, improved

accuracy of operations, better documentation and record keeping, faster retrieval of information,

better employee morale.

Operational Feasibility

Proposed project is beneficial only if it can be turned into information systems that will meet the

organizations operating requirements. Simply stated, this test of feasibility asks if the system will

work when it is developed and installed. Are there major barriers to Implementation? Here are

questions that will help test the operational feasibility of a project:

Is there sufficient support for the project from management from users? If the current system is

well liked and used to the extent that persons will not be able to see reasons for change, there

may be resistance.

Are the current business methods acceptable to the user? If they are not, Users may welcome a

change that will bring about a more operational and useful systems.

Have the user been involved in the planning and development of the project?

Early involvement reduces the chances of resistance to the system and in general and increases

the likelihood of successful project.

Since the proposed system was to help reduce the hardships encountered. In the existing manual

system, the new system was considered to be operational feasible.

Technical Feasibility

Evaluating the technical feasibility is the trickiest part of a feasibility study. This is because, .at

this point in time, not too many detailed design of the system, making it difficult to access issues

like performance, costs on (on account of the kind of technology to be deployed) etc. A number

of issues have to be considered while doing a technical analysis.

Understand the different technologies involved in the proposed system before commencing the

project we have to be very clear about what are the technologies that are to be required for the

development of the new system. Find out whether the organization currently possesses the

required technologies. Is the required technology available with the organization?

SOFTWARE REQUIREMENT SPECIFICATION

Software Requirements

User Interface : HTML

Operating System : Windows XP/2003/2007

Programming Language : Java

Data Structures : Java2 SE API

Server Side Programming : JSP

IDE/Workbench : Edit plus

Hardware Requirements

Processor : Pentium IV

Hard Disk : 40GB

RAM : 256MB

SYSTEM DESIGN

Maintenance :

Functional Description

IMPLEMENTATION

The system would be implemented in a web based and collections environment.

The following guidelines are strongly recommended for any CAPTCHA code:

Accessibility. CAPTCHAs must be accessible. CAPTCHAs based solely on reading text

— or other visual-perception tasks — prevent visually impaired users from accessing the

protected resource. Such CAPTCHAs may make a site incompatible with Section 508 in

the United States. Any implementation of a CAPTCHA should allow blind users to get

around the barrier, for example, by permitting users to opt for an audio or sound

CAPTCHA.

Image Security. CAPTCHA images of text should be distorted randomly before being

presented to the user. Many implementations of CAPTCHAs use undistorted text, or text

with only minor distortions. These implementations are vulnerable to simple automated

attacks.

Script Security. Building a secure CAPTCHA code is not easy. In addition to making

the images unreadable by computers, the system should ensure that there are no easy

ways around it at the script level. Common examples of insecurities in this respect

include:

(1) Systems that pass the answer to the CAPTCHA in plain text as part of the web

form.

(2) Systems where a solution to the same CAPTCHA can be used multiple times (this

makes the CAPTCHA vulnerable to so-called "replay attacks").

Most CAPTCHA scripts found freely on the Web are vulnerable to these types of attacks.

Security Even After Wide-Spread Adoption. There are various "CAPTCHAs" that

would be insecure if a significant number of sites started using them. An example of such

a puzzle is asking text-based questions, such as a mathematical question ("what is 1+1").

Since a parser could easily be written that would allow bots to bypass this test, such

"CAPTCHAs" rely on the fact that few sites use them, and thus that a bot author has no

incentive to program their bot to solve that challenge. True CAPTCHAs should be secure

even after a significant number of websites adopt them.

The algorithm used to create the CAPTCHA does not need to be made public, though it may be

covered by a patent. Although publication can help demonstrate that breaking it requires the

solution to a difficult problem in the field of artificial intelligence, deliberate withholding of the

algorithm can increase the integrity of a limited set of systems, as in the practice of security

through obscurity. The most important factor in deciding whether an algorithm should be made

open or restricted is the size of the system.

Although an algorithm which survives scrutiny by security experts may be assumed to be more

conceptually secure than an unevaluated algorithm, an unevaluated algorithm specific to a very

limited set of systems is always of less interest to those engaging in automated abuse. Breaking a

CAPTCHA generally requires some effort specific to that particular CAPTCHA implementation,

and an abuser may decide that the benefit granted by automated bypass is negated by the effort

required to engage in abuse of that system in the first place.

Functions

Java graphics 2D Packages

Image Processing

CaptchaImage generation

UML Diagrams

The unified modeling language allows the software engineer to express an analysis model using

the modeling notation that is governed by a set of syntactic semantic and pragmatic rules.

A UML system is represented using five different views that describe the system from distinctly

different perspective. Each view is defined by a set of diagram, which is as follows.

User Model View

i. This view represents the system from the users perspective.

ii. The analysis representation describes a usage scenario from the end-users

perspective.

Structural model view

i. In this model the data and functionality are arrived from inside the system.

ii. This model view models the static structures.

Behavioral Model View

It represents the dynamic of behavioral as parts of the system, depicting the

interactions of collection between various structural elements described in the

user model and structural model view.

Implementation Model View

In this the structural and behavioral as parts of the system are represented as they

are to be built.

Environmental Model View

In this the structural and behavioral aspects of the environment in which the system is

to be implemented are represented.

UML is specifically constructed through two different domains they are: UML Analysis modeling, this focuses on the user model and structural model views of

the system.

UML design modeling, which focuses on the behavioral modeling, implementing

modeling and environmental model views.

Use case Diagrams represent the functionality of the system from a user’s point of view. Use

cases are used during requirements elicitation and analysis to represent the functionality of the

system. Use cases focus on the behavior of the system from external point of view.

Actors are external entities that interact with the system. Examples of actors include users like

administrator, bank customer …etc., or another system like central database.

Class Diagram:

Usecase Diagram:

BufferedImage

Iwidth : intiheight : intTYPE_INT_RGB : const

write()

Graphics2D

iX : intiY : intiRadius : intiWidth : intiHeight : int

setColor()drawString()setFont()fillRect()fillRoundRect()

CaptchaImage

iWidth : intiHeight : int

Verify CAPTCHA code

Register

Home

Read FeedBack

admin

Compose Mail

Login

check Inbox

Check Sent Items

Check Users

Give FeedBack

update profile

user

Logout

verify username andpassword

Sequence Diagram

Collaboration Diagram

User Login Captcha Server

login()

enter details

submit details

test user

test by its own

proceed only if authenticated user

Component Diagram:

User Login

Captcha Server

1: login()

2: enter details

3: submit details

4: test user

5: test by its own

6: proceed only if authenticated user

Deployment Diagram:

BufferedImage

captchaImage

Registration process

User

Verify CAPTCHA

Graphics2D

Database Tables

The Database design of our application/system is as follows :

SERVER

User Admin

1.registration

Attribute Data typeUname Varchar2(50)Pwd Varchar2(20)Age Varchar2(20)Gender Varchar2(20)City Varchar2(20)State Varchar2(20)Pin Varchar2(20)Country Varchar2(20)Capcode Varchar2(20)

2.usercomposebox

Attribute Data typeMailfrom Varchar2(20)mailto Varchar2(20)Subject Varchar2(20)Message Varchar2(100)Composedate Date

3.uploadphoto

Attribute Data type

Uname Varchar2(20)Photopath Long RawFilename Varchar2(20)

4.feedback

Attribute Data typeUname Varchar2(20)Feedback Varchar2(94)

5. adminlogin

Attribute Data typeadname Varchar2(20)adpwd Varchar2(20)

Input Form Formats

1.registration

Attribute Input1 Input2 Input3uname Shravya Srianka Spandana

pwd Shravz Sri sruzage 21 19 20gender Female Female Femalecity Pune Bangalore Cochinstate Maharshtra Karnataka Keralapin 400086 800091 320094country India India Indiacapcode FLKAJF MHJJKL SRLJLK

2.usercomposebox

Attribute Input1 Input2 Input3mailfrom Shravya Srianka Spandanamailto Srianka Spandana Shravyasubject Hi Hello Good morningmessage How are you? Iam fine Have a nice

daycomposedate 24/08/2010 09/11/2010 19/02/2010

3.uploadphoto

Attribute Input1 Input2 Input3uname Shravya Srianka Spandanaphotopath C:/Mypics/abc.jpg C:/Mypics/bcdf.jpg C:/Mypics/rrs.jpgfilename Abc bcdf rrs

4.feedback

Attribute Input1 Input2 Input3

uname Shravya Srianka Spandanafeedback Good Job Excellent Very poor

REPORT FORMATS

1.User Inbox(Srianka)

From To Subject DateShravya Srianka Hi 24/08/2010Sruthi Srianka Good Morning 19/02/2010

2.Read FeedBack (Admin)

From FeedbackShravya Good JobSpandana Very poorSrianka Excellent

CODING AND

IMPLEMENTATION

SAMPLE CODE

CAPTCHA image generation : captchaimage.jsp <%@ page import="java.util.*, java.io.*,java.awt.*,java.awt.image.*,javax.imageio.*,java.awt.geom.*"%><html><%

response.setContentType("image/jpg"); /* Define number characters contains the captcha image, declare global */ int iTotalChars= 6;

/* Size image iHeight and iWidth, declare globl */ int iHeight=40; int iWidth=170;

/* font style */ Font fntStyle1 = new Font("Arial", Font.BOLD, 30); Font fntStyle2 = new Font("Verdana", Font.BOLD, 20);

/* Possible random characters in the image */ Random randChars = new Random(); String sImageCode = (Long.toString(Math.abs(randChars.nextLong()), 36)).substring(0,iTotalChars);

/* BufferedImage is used to create a create new image*/ /* TYPE_INT_RGB - does not support transpatency, TYPE_INT_ARGB - support transpatency*/ BufferedImage biImage = new BufferedImage(iWidth, iHeight, BufferedImage.TYPE_INT_RGB); Graphics2D g2dImage = (Graphics2D) biImage.getGraphics();

// Draw background rectangle and noisey filled round rectangles int iCircle = 15; g2dImage.fillRect(0, 0, iWidth, iHeight); for ( int i = 0; i < iCircle; i++ ) { g2dImage.setColor(new Color(randChars.nextInt(255),randChars.nextInt(255),randChars.nextInt(255))); int iRadius = (int) (Math.random() * iHeight / 2.0); int iX = (int) (Math.random() * iWidth - iRadius); int iY = (int) (Math.random() * iHeight - iRadius); g2dImage.fillRoundRect(iX, iY, iRadius * 2, iRadius * 2,100,100); } g2dImage.setFont(fntStyle1); for ( int i = 0; i < iTotalChars; i++ ) {

g2dImage.setColor(new Color(randChars.nextInt(255),randChars.nextInt(255),randChars.nextInt(255))); if (i%2==0) g2dImage.drawString(sImageCode.substring(i,i+1),25*i,24); else g2dImage.drawString(sImageCode.substring(i,i+1),25*i,35); }

/* create jpeg image and display on the screen*/ OutputStream osImage = response.getOutputStream(); ImageIO.write(biImage, "jpeg", osImage); osImage.close();

/* Dispose function is used destory an image object */ g2dImage.dispose();

session.setAttribute("gen_capcode",sImageCode); %></html>

Registerpage with CAPTCHA embedded : registerpage.jsp

<html><title>Registration Page</title>

<body>

<form name="registrationprocess" action="registrationprocess.jsp" method="post">

<!--header--><table border="0" width=100% height=100% align="center" cellpadding="0" cellspacing="0" bgcolor="#837D7D">

<tr> <td align="center" valign="top" height=20%>

<table border="0" width=70% height=100% cellpadding="3" cellspacing="3" bgcolor="#6E0A0A">

<tr> <td align="center"><h1><font color="white">SECURITY IN

MAILING SYSTEM THROUGH CAPTCHA</font></h1></td> </tr>

</table> </td></tr>

<!--end of header-->

<!--Navigation Bar--><tr> <td align="center" valign="top" height=5%> <table border="0" width=70% height=100% cellpadding="3"

cellspacing="3" bgcolor="#403E3E"> <tr>

<td><b> <a href="index.html" style="text-decoration:none"><font

face="arial" color="white">Home&nbsp&nbsp&nbsp&nbsp</font></a> <a href="contacts.html" style="text-decoration:none"><font

face="arial" color="white">Contacts&nbsp&nbsp&nbsp&nbsp</font></a><a href="images.html" style="text-decoration:none"><font

face="arial" color="white">Captcha Images&nbsp&nbsp&nbsp&nbsp</font></a></b>

</td> <td align="right"> <a href="Login.jsp" style="text-decoration:none"><font

color="#FFFFFF" face="arial" size="4">LOGIN&nbsp&nbsp</font></a>

<a href="registerpage.jsp" style="text-decoration:none"> <font color="#FFFFFF" face="arial" size="4">SIGN UP</font></a>

</td> </tr>

</table> </td></tr>

<!--end of navigation bar-->

<!--page body--><tr> <td align="center" valign="top" height=75%> <table border="0" width=70% height=100% cellpadding="3"

cellspacing="3" bgcolor="#333232"> <tr>

<!--left side text--> <td width=20% height=30% bgcolor="#615858"

align="Center"><font color="#FFFFFF"><h1>REGISTRATION PAGE</h1></font></td> <!--right side text-->

<td align="center">

<table border="0" width=60% height= 80% cellpadding="3" cellspacing="3">

<tr> <td><font color="white" size="3"><b>USER

NAME</b></font></td> <td><input type="text" name="uname"></td>

</tr>

<tr> <td><font color="white"

size="3"><b>PASSWORD</b></font></td> <td><input type="password" name="pwd"></td>

</tr>

<tr> <td><font color="white" size="3"><b>AGE</b></font></td> <td><input type="text" name="age"></td>

</tr>

<tr> <td><font color="white"

size="3"><b>GENDER</b></font></td> <td><input type="text" name="gender"></td>

</tr>

<tr> <td><font color="white"

size="3"><b>CITY</b></font></td> <td><input type="text" name="city"></td>

</tr>

<tr> <td><font color="white"

size="3"><b>STATE</b></font></td> <td><input type="text" name="state"></td>

</tr>

<tr> <td><font color="white" size="3"><b>PIN</b></font></td> <td><input type="text" name="pin"></td>

</tr>

<tr> <td><font color="white"

size="3"><b>COUNTRY</b></font></td> <td><input type="text" name="country"></td>

</tr> <tr>

<td><font color="white" size="3"><b>Enter CAPTCHA code</b></font></td>

<td colspan="2" align="center"><img src="captchaimage.jsp" border="0"></td><br><br>

<td><input type="text" name="capcode"></td></tr>

<tr>

<td><input type="submit" value="submit" name="submit"></td>

<td><input type="reset" value="reset" name="reset"></td> </tr> </table>

</td> </tr>

</table> </td></tr>

<!--end of page body--></table></form></html>

TEST PLANS

SYSTEM TESTING : After the deployment of our project on the server(tomcat) , the first web page displayes id index.html , which is our home page.Through the index page , we can navigate to 1.home page2.contacts page3.Signup page4.Adminlogin page

User should get registered with his user details and the generated CAPTCHA code.If the entered CAPTCHA code matches with the generated CAPTCHA code , then the registration is successful;else the registration fails.

Any registered user can login with username and password and can access his account privileges such as compose mail,update profile,check inbox and sent items and give the feedback.

Admin can login and can view the registered users and also their feed backs.

If the CAPTCHA code entered doesn’t match with the entered code , then the execution of all the web pages fail.

MODULE TESTING :

The modules in the project are :

MODULES MODULE CONTENTS OUTPUT EXPECTED ERROR

USER MODULES

Registration Registration success Registration failed

Login Login success Login failed

Compose boxInboxSent items

Mail successfully sentDisplays messages received and sent

Sending failed----

Update profile Successfully updated Updation failed

CAPTCHA MODULES

Generation of CAPTCHA image

CAPTCHA image successfully displayed

Broken images

Validation of CAPTCHA Correct login Incorrect login

OUTPUT SCREENS

FUTURE ENHANCEMENTS : The future of CAPTCHA is also interesting. There’s no doubt that image processing software and computers themselves will become more powerful and eventually will be able to automatically decipher today’s CAPTCHA images. For now, CAPTCHAs usually operate on visual and auditory senses. In the future, when computers are undoubtedly more advanced, we can also operate on touch and taste. In the coming millennia, we may even operate on spatial senses.

CONCLUSION :

CAPTCHA’s are an effective way to counter bots and reduce spam .They serve dual purpose –help advance AI Knowledge . Applications of CAPTCHA vary from stopping bots to character recognition and pattern matching. Some issues with current implementations represent challenges for future improvements.

Bibliography

Core Java™ 2 Volume I – Fundamentals 7th Edition - Cay S. HortsmanPearson Education – Sun Microsystems Gary Cornell

Core Java™ 2 Volume II – Advanced - Cay S. HortsmanPearson Education – Sun Microsystems Gary Cornell

Head First Servlets & JSP - Eric FreemanO’Reilly – SPD Elisabeth Freeman

The Book of JavaScript 2nd Edition - thauSPD

Effective Java – Programming Language Guide - Joshua BlochPearson Education – Sun Microsystems

JBoss – A Developers Notebook - Norman RichardsO’Reilly – SPD Sam Griffith