ducumentation captcha
TRANSCRIPT
ANNEXURE- I
SECURITY IN MAIL SYSTEM THROUGH CAPTCHA
Project Report submitted on partial fulfillment of the requirements for the award of the degree of
BACHELOR OF TECHNOLOGY IN
COMPUTER SCIENCE AND ENGINEERINGBY
SHRAVYA.S -07951A0586SRIANKA.N -07951A0591
SRUTHI SPANDANA.M -07951A0594
UNDER THE GUIDANCE OF
Mr.B.UMA SHANKAR
DEPARTMENT OF COMPUTER SCEINCE AND ENGINEERINGINSTITUTE OF AERONAUTICAL ENGINEERING
DUNDIGALHYDERABAD – 500043
( Affiliated to Jawaharlal Nehru Technological University)APRIL 2011
ANNEXURE -2
INSTITUTE OF AEARONAUTICAL ENGINEERINGDUNDIGAL
HYDERABAD – 500043
CERTIFICATE
This is to certify that the project entitled SECURITY IN MAIL SYSTEM THROUGH C.A.P.T.C.H.A. is a bonafide one being carried out at MYGO INFORMATICS by SHRAVYA.S(07951A0586) ,SRIANKA.N(07951A0591) ,SRUTHI SPANDANA.M(07951A0594) of B. Tech III Year II semester as a partial fulfilment of acedamic requirement for the award of B.Tech degree in Computer Science and Engineering discipline during May 2010 – July 2011
Internal Examiner External Examiner
(Head of Computer Science and Engineering Department)
INDEXS.No Page No.
1. Abstract2. Introduction3. System Analysis
Existing Proposed Feasibility Study Software Requirement Specification
4. System Design Maintenance
Functional Description Functions
UML Diagrams Class Diagram UseCase Diagram Interaction Diagram
Database Tables Input Form Formats Report Formats
5. Coding and Implementation Sample code
6. Test plans7. Output screens8. Future Enhancements9. Conclusion10. Bibliography
ABSTRACT
The design of an Electronic-Mail system that can operate in a personalcomputer (PC) environment and with complete security is presented. The underlying philosophy is based on a centralized mailbox approach, wherein a dedicated SERVER stores the mail submitted by an originating USER, and then delivers it to the recipient USER upon request. The software components for each of the USER and the SERVER are provided. And also security is for the mail system has been provided through CAPTCHA.
A CAPTCHA (an acronym for "completely automated public Turing test to tell computers and humans apart,” trademarked by Carnegie Mellon University) or a MAPTCHA (Mathematical) is a type of challenge-response test used in computing to determine whether or not the user is human. The term was coined in 2000 by Luis von Ahn , Manuel Blum, Nicholas J. Hopper of Carnegie Mellon University, and John Langford of IBM. A common type of CAPTCHA requires that the user type the letters of a distorted image, sometimes with the addition of an obscured sequence of letters or digits that appears on the screen. Because the test is administered by a computer, in contrast to the standard Turing test that is administered by a human, a CAPTCHA is sometimes described as a reverse Turing test. This term, however, is ambiguous because it could also mean a Turing test in which the participants are both attempting to prove they are the computer.
ORIGIN
Since the early days of the Internet, users have wanted to make text illegible to computers. The first such people were hackers, posting about sensitive topics to online forums they thought were being automatically monitored for keywords. To circumvent such filters, they would replace a word with look-alike characters. HELLO could become |-| 3 |_ |_ () or)-(3 £ £ 0, as well as numerous other variants, such that a filter could not possibly detect all of them. This later became known as leetspeak. The first discussion of automated tests which distinguish humans from computers for the purpose of controlling access to web services appears in a 1996 manuscript of Moni Naor from the Weizmann Institute of Science, entitled "Verification of a human in the loop, or Identification via the Turing Test.” Primitive CAPTCHAs seem to have been later developed in 1997 at AltaVista by Andrei Broder and his colleagues in order to prevent bots from adding URLs to their search engine.
Looking for a way to make their images resistant to OCR attack, the team looked at the manual to their Brother scanner, which had recommendations for improving OCR's results (similar
typefaces, plain backgrounds, etc.). The team created puzzles by attempting to simulate what the manual claimed would cause bad OCR. In 2000, von Ahn and Blum developed and publicized the notion of a CAPTCHA, which included any program that can distinguish humans from computers. They invented multiple examples of CAPTCHAs, including the first CAPTCHAs to be widely used (at Yahoo!).
APPLICATIONS
CAPTCHAs are used to prevent bots from using various types of computing services. Applications include preventing bots from taking part in online polls, registering for free email accounts (which may then be used to send spam), and, more recently, preventing bot-generated spam by requiring that the (unrecognized) sender pass a CAPTCHA test before the email message is delivered. They have also been used to prevent people from using bots to assist with massive downloading of content from multimedia websites. CAPTCHAs are used in online message boards and blog comments to prevent bots from posting spam links as a comment or message.
INTRODUCTION
VISION
The project Entitled SECURITY IN MAIL SYSTEM THROUGH C.A.P.T.C.H.A. is mainly
aimed at developing better CAPTCHAs. The best CAPTCHA would allow all human to pass
through, while rejecting all machines. We would like to test these CAPTCHAs and invite both
users and bots to attack them.
SCOPE
CAPTCHA can be deployed to protect systems vulnerable to e-mail spam, such as the webmail
services of Gmail, Hotmail, and Yahoo!. CAPTCHA have also found active use in stopping
automated posting to blogs or forums, whether as a result of commercial promotion, or
harassment and vandalism. CAPTCHA also serve an important function in rate limiting, as
automated usage of a service might be desirable until such usage is done in excess, and to the
detriment of human users. In such a case, a CAPTCHA can enforce automated usage policies as
set by the administrator when certain usage metrics exceed a given threshold. An example of a
system in which vulnerabilities exist, which could easily be prevented using CAPTCHA.
A CAPTCHA system is a means of automatically generating new challenges which:
Current computers are unable to accurately solve.
Most humans can solve.
Does not rely on the type of CAPTCHA being new to the attacker. Although a checkbox
"check here if you are not a bot" might serve to distinguish between humans and
computers, it is not a CAPTCHA because it relies on the fact that an attacker has not
spent effort to break that specific form.
Definition, Acronyms, Abbreviations
CAPTCHA - Completely Automated Public Turing test to tell Computers and Humans Apart
Bot – Internet bots, also known as web robots, WWW robots or simply bots, are software
applications that run automated tasks over the Internet
Overview
A way to tell apart a human from a computer by a test is known as a Turing Test. When a
computer program is able to generate such tests and evaluate the result, it is known as a
CAPTCHA (Completely Automated Public test to Tell Computers and Humans Apart). In the
past, Websites have often been attacked by malicious programs that register for service on
massive scale. Programs can be written to automatically consume large amount of Web resources
or bias results in on-line voting. This has driven researchers to the idea of CAPTCHA-based
security, to ensure that such attacks are not possible without human intervention, which in turn
makes them ineffective. CAPTCHA-based security protocols have also been proposed for related
issues, e.g., countering Distributed Denial-of-Service (DDoS) attacks on Web servers. A
CAPTCHA acts as a security mechanism by requiring a correct answer to a question which only
a human can answer any better than a random guess. Humans have speed limitation and hence
cannot replicate the impact of an automated program. Thus the basic requirement of a
CAPTCHA is that computer programs must be slower than humans in responding correctly. To
that purpose, the semantic gap between human understanding and the current level of machine
intelligence can be exploited. Most current CAPTCHAs are text-based.
Commercial text-based CAPTCHAs have been broken using object-recognition techniques, with
accuracies of up to 99% on EZ-Gimpy. This reduces the reliability of security protocols based on
text-based CAPTCHAs. There have been attempts to make these systems harder to break by
systematically adding noise and distortion, but that often makes them hard for humans to
decipher as well. Image-based CAPTCHAs have been proposed as alternatives to the text media.
More robust and user-friendly systems can be developed. State-of-theart content-based image
retrieval (CBIR) and annotation techniques have shown great promise at automatically finding
semantically similar images or naming them, both of which allow means of attacking image-
based CAPTCHAs. Generally CAPTCHAs are look like shown as below:
Modern CAPTCHA
CAPTCHA with crowded symbols
Shadow Filter
Applications of CAPTCHA’s:
CAPTCHA’s have several applications for practical security:
Preventing Comment Spam in Blogs. Most bloggers are familiar with programs that
submit bogus comments, usually for the purpose of raising search engine ranks of some
website (e.g., "buy penny stocks here"). This is called comment spam. By using a
CAPTCHA, only humans can enter comments on a blog. There is no need to make users
sign up before they enter a comment, and no legitimate comments are ever lost!
Protecting Website Registration. Several companies (Yahoo!, Microsoft, etc.) offer free
email services. Up until a few years ago, most of these services suffered from a specific
type of attack: "bots" that would sign up for thousands of email accounts every minute.
The solution to this problem was to use CAPTCHAs to ensure that only humans obtain
free accounts. In general, free services should be protected with a CAPTCHA in order to
prevent abuse by automated scripts.
Protecting Email Addresses From Scrapers. Spammers crawl the Web in search of
email addresses posted in clear text. CAPTCHAs provide an effective mechanism to hide
your email address from Web scrapers. The idea is to require users to solve a CAPTCHA
before showing your email address.
Online Polls. As is the case with most online polls, IP addresses of voters were recorded
in order to prevent single users from voting more than once. However, students at
Carnegie Mellon found a way to stuff the ballots using programs that voted for CMU
thousands of times. CMU's score started growing rapidly. The next day, students at MIT
wrote their own program and the poll became a contest between voting "bots." MIT
finished with 21,156 votes, Carnegie Mellon with 21,032 and every other school with less
than 1,000. Can the result of any online poll be trusted? Not unless the poll ensures that
only humans can vote.
Preventing Dictionary Attacks. CAPTCHAs can also be used to prevent dictionary
attacks in password systems. The idea is simple: prevent a computer from being able to
iterate through the entire space of passwords by requiring it to solve a CAPTCHA after a
certain number of unsuccessful logins. This is better than the classic approach of locking
an account after a sequence of unsuccessful logins, since doing so allows an attacker to
lock accounts at will.
Search Engine Bots. It is sometimes desirable to keep web pages unindexed to prevent
others from finding them easily. There is an html tag to prevent search engine bots from
reading web pages. The tag, however, doesn't guarantee that bots won't read a web page;
it only serves to say "no bots, please." Search engine bots, since they usually belong to
large companies, respect web pages that don't want to allow them in. However, in order
to truly guarantee that bots won't enter a web site, CAPTCHAs are needed.
SYSTEM ANALYSIS
Existing System
The existing system consists of the typing test given to help determine if the person typing is
really a human or some bot. It can be an anti-spam device. You must prove yourself a true
human posting some message or recommending URL rather than a computer program spamming
the universe. The test typically requires you to type in some warped series of letters.
Limitations in Existing System
There is no security in those anti-spam devices, because while transferring URL to that anti-
spam device there may be spammers to hack the data.
There is a very long process to type required test into the specified text box to prove user self as
human in the registration or form filling process in sites.
Proposed System
The proposed system consists of a CAPTCHA is a program that protects websites against bots by
generating and grading tests that humans can pass but current computer programs cannot.
Problem Definition
The main objective of the project is to generate the CAPTCHA images, provide a secure Form
filling interface for the internet based Applications. Provide environment for the user to handle
manually the form filling task. Provide the interface for the user to identify the image and fill the
specified text box.
It is sometimes rumored that spammers are using pornographic sites to solve CAPTCHAs: the
CAPTCHA images are sent to a porn site, and the porn site users are asked to solve the
CAPTCHA before being able to see a pornographic image. This is not a security concern for
CAPTCHAs. While it might be the case that some spammers use porn sites to attack
CAPTCHAs, the amount of damage this can inflict is tiny (so tiny that we haven't even noticed a
dent!). Whereas it is trivial to write a bot that abuses an unprotected site millions of times a day,
redirecting CAPTCHAs to be solved by humans viewing pornography would only allow
spammers to abuse systems a few thousand times per day. The economics of this attack just don't
add up: every time a porn site shows a CAPTCHA before a porn image, they risk losing a
customer to another site that doesn't do this.
Advantages over Existing System
background colors
background gradient fill colors
fonts (2 default and limited to the amount of font's on your system)
font color
random character generator (characters can be configured)
optional border around the CAPTCHA
border color (defaults to black)
border thinness (defaults to one)
Feasibility Study :
Economic Feasibility
Economic feasibility attempts 2 weigh the costs of developing and implementing a new system,
against the benefits that would accrue from having the new system in place. This feasibility study
gives the top management the economic justification for the new system.
A simple economic analysis which gives the actual comparison of costs and benefits are much
more meaningful in this case. In addition, this proves to be a useful point of reference to compare
actual costs as the project progresses. There could be various types of intangible benefits on
account of automation. These could include increased customer satisfaction, improvement in
product quality better decision making timeliness of information, expediting activities, improved
accuracy of operations, better documentation and record keeping, faster retrieval of information,
better employee morale.
Operational Feasibility
Proposed project is beneficial only if it can be turned into information systems that will meet the
organizations operating requirements. Simply stated, this test of feasibility asks if the system will
work when it is developed and installed. Are there major barriers to Implementation? Here are
questions that will help test the operational feasibility of a project:
Is there sufficient support for the project from management from users? If the current system is
well liked and used to the extent that persons will not be able to see reasons for change, there
may be resistance.
Are the current business methods acceptable to the user? If they are not, Users may welcome a
change that will bring about a more operational and useful systems.
Have the user been involved in the planning and development of the project?
Early involvement reduces the chances of resistance to the system and in general and increases
the likelihood of successful project.
Since the proposed system was to help reduce the hardships encountered. In the existing manual
system, the new system was considered to be operational feasible.
Technical Feasibility
Evaluating the technical feasibility is the trickiest part of a feasibility study. This is because, .at
this point in time, not too many detailed design of the system, making it difficult to access issues
like performance, costs on (on account of the kind of technology to be deployed) etc. A number
of issues have to be considered while doing a technical analysis.
Understand the different technologies involved in the proposed system before commencing the
project we have to be very clear about what are the technologies that are to be required for the
development of the new system. Find out whether the organization currently possesses the
required technologies. Is the required technology available with the organization?
SOFTWARE REQUIREMENT SPECIFICATION
Software Requirements
User Interface : HTML
Operating System : Windows XP/2003/2007
Programming Language : Java
Data Structures : Java2 SE API
Server Side Programming : JSP
IDE/Workbench : Edit plus
Hardware Requirements
Processor : Pentium IV
Hard Disk : 40GB
RAM : 256MB
SYSTEM DESIGN
Maintenance :
Functional Description
IMPLEMENTATION
The system would be implemented in a web based and collections environment.
The following guidelines are strongly recommended for any CAPTCHA code:
Accessibility. CAPTCHAs must be accessible. CAPTCHAs based solely on reading text
— or other visual-perception tasks — prevent visually impaired users from accessing the
protected resource. Such CAPTCHAs may make a site incompatible with Section 508 in
the United States. Any implementation of a CAPTCHA should allow blind users to get
around the barrier, for example, by permitting users to opt for an audio or sound
CAPTCHA.
Image Security. CAPTCHA images of text should be distorted randomly before being
presented to the user. Many implementations of CAPTCHAs use undistorted text, or text
with only minor distortions. These implementations are vulnerable to simple automated
attacks.
Script Security. Building a secure CAPTCHA code is not easy. In addition to making
the images unreadable by computers, the system should ensure that there are no easy
ways around it at the script level. Common examples of insecurities in this respect
include:
(1) Systems that pass the answer to the CAPTCHA in plain text as part of the web
form.
(2) Systems where a solution to the same CAPTCHA can be used multiple times (this
makes the CAPTCHA vulnerable to so-called "replay attacks").
Most CAPTCHA scripts found freely on the Web are vulnerable to these types of attacks.
Security Even After Wide-Spread Adoption. There are various "CAPTCHAs" that
would be insecure if a significant number of sites started using them. An example of such
a puzzle is asking text-based questions, such as a mathematical question ("what is 1+1").
Since a parser could easily be written that would allow bots to bypass this test, such
"CAPTCHAs" rely on the fact that few sites use them, and thus that a bot author has no
incentive to program their bot to solve that challenge. True CAPTCHAs should be secure
even after a significant number of websites adopt them.
The algorithm used to create the CAPTCHA does not need to be made public, though it may be
covered by a patent. Although publication can help demonstrate that breaking it requires the
solution to a difficult problem in the field of artificial intelligence, deliberate withholding of the
algorithm can increase the integrity of a limited set of systems, as in the practice of security
through obscurity. The most important factor in deciding whether an algorithm should be made
open or restricted is the size of the system.
Although an algorithm which survives scrutiny by security experts may be assumed to be more
conceptually secure than an unevaluated algorithm, an unevaluated algorithm specific to a very
limited set of systems is always of less interest to those engaging in automated abuse. Breaking a
CAPTCHA generally requires some effort specific to that particular CAPTCHA implementation,
and an abuser may decide that the benefit granted by automated bypass is negated by the effort
required to engage in abuse of that system in the first place.
Functions
Java graphics 2D Packages
Image Processing
CaptchaImage generation
UML Diagrams
The unified modeling language allows the software engineer to express an analysis model using
the modeling notation that is governed by a set of syntactic semantic and pragmatic rules.
A UML system is represented using five different views that describe the system from distinctly
different perspective. Each view is defined by a set of diagram, which is as follows.
User Model View
i. This view represents the system from the users perspective.
ii. The analysis representation describes a usage scenario from the end-users
perspective.
Structural model view
i. In this model the data and functionality are arrived from inside the system.
ii. This model view models the static structures.
Behavioral Model View
It represents the dynamic of behavioral as parts of the system, depicting the
interactions of collection between various structural elements described in the
user model and structural model view.
Implementation Model View
In this the structural and behavioral as parts of the system are represented as they
are to be built.
Environmental Model View
In this the structural and behavioral aspects of the environment in which the system is
to be implemented are represented.
UML is specifically constructed through two different domains they are: UML Analysis modeling, this focuses on the user model and structural model views of
the system.
UML design modeling, which focuses on the behavioral modeling, implementing
modeling and environmental model views.
Use case Diagrams represent the functionality of the system from a user’s point of view. Use
cases are used during requirements elicitation and analysis to represent the functionality of the
system. Use cases focus on the behavior of the system from external point of view.
Actors are external entities that interact with the system. Examples of actors include users like
administrator, bank customer …etc., or another system like central database.
Class Diagram:
Usecase Diagram:
BufferedImage
Iwidth : intiheight : intTYPE_INT_RGB : const
write()
Graphics2D
iX : intiY : intiRadius : intiWidth : intiHeight : int
setColor()drawString()setFont()fillRect()fillRoundRect()
CaptchaImage
iWidth : intiHeight : int
Verify CAPTCHA code
Register
Home
Read FeedBack
admin
Compose Mail
Login
check Inbox
Check Sent Items
Check Users
Give FeedBack
update profile
user
Logout
verify username andpassword
Sequence Diagram
Collaboration Diagram
User Login Captcha Server
login()
enter details
submit details
test user
test by its own
proceed only if authenticated user
Component Diagram:
User Login
Captcha Server
1: login()
2: enter details
3: submit details
4: test user
5: test by its own
6: proceed only if authenticated user
Deployment Diagram:
BufferedImage
captchaImage
Registration process
User
Verify CAPTCHA
Graphics2D
Database Tables
The Database design of our application/system is as follows :
SERVER
User Admin
1.registration
Attribute Data typeUname Varchar2(50)Pwd Varchar2(20)Age Varchar2(20)Gender Varchar2(20)City Varchar2(20)State Varchar2(20)Pin Varchar2(20)Country Varchar2(20)Capcode Varchar2(20)
2.usercomposebox
Attribute Data typeMailfrom Varchar2(20)mailto Varchar2(20)Subject Varchar2(20)Message Varchar2(100)Composedate Date
3.uploadphoto
Attribute Data type
Uname Varchar2(20)Photopath Long RawFilename Varchar2(20)
4.feedback
Attribute Data typeUname Varchar2(20)Feedback Varchar2(94)
5. adminlogin
Attribute Data typeadname Varchar2(20)adpwd Varchar2(20)
Input Form Formats
1.registration
Attribute Input1 Input2 Input3uname Shravya Srianka Spandana
pwd Shravz Sri sruzage 21 19 20gender Female Female Femalecity Pune Bangalore Cochinstate Maharshtra Karnataka Keralapin 400086 800091 320094country India India Indiacapcode FLKAJF MHJJKL SRLJLK
2.usercomposebox
Attribute Input1 Input2 Input3mailfrom Shravya Srianka Spandanamailto Srianka Spandana Shravyasubject Hi Hello Good morningmessage How are you? Iam fine Have a nice
daycomposedate 24/08/2010 09/11/2010 19/02/2010
3.uploadphoto
Attribute Input1 Input2 Input3uname Shravya Srianka Spandanaphotopath C:/Mypics/abc.jpg C:/Mypics/bcdf.jpg C:/Mypics/rrs.jpgfilename Abc bcdf rrs
4.feedback
Attribute Input1 Input2 Input3
uname Shravya Srianka Spandanafeedback Good Job Excellent Very poor
REPORT FORMATS
1.User Inbox(Srianka)
From To Subject DateShravya Srianka Hi 24/08/2010Sruthi Srianka Good Morning 19/02/2010
2.Read FeedBack (Admin)
From FeedbackShravya Good JobSpandana Very poorSrianka Excellent
CODING AND
IMPLEMENTATION
SAMPLE CODE
CAPTCHA image generation : captchaimage.jsp <%@ page import="java.util.*, java.io.*,java.awt.*,java.awt.image.*,javax.imageio.*,java.awt.geom.*"%><html><%
response.setContentType("image/jpg"); /* Define number characters contains the captcha image, declare global */ int iTotalChars= 6;
/* Size image iHeight and iWidth, declare globl */ int iHeight=40; int iWidth=170;
/* font style */ Font fntStyle1 = new Font("Arial", Font.BOLD, 30); Font fntStyle2 = new Font("Verdana", Font.BOLD, 20);
/* Possible random characters in the image */ Random randChars = new Random(); String sImageCode = (Long.toString(Math.abs(randChars.nextLong()), 36)).substring(0,iTotalChars);
/* BufferedImage is used to create a create new image*/ /* TYPE_INT_RGB - does not support transpatency, TYPE_INT_ARGB - support transpatency*/ BufferedImage biImage = new BufferedImage(iWidth, iHeight, BufferedImage.TYPE_INT_RGB); Graphics2D g2dImage = (Graphics2D) biImage.getGraphics();
// Draw background rectangle and noisey filled round rectangles int iCircle = 15; g2dImage.fillRect(0, 0, iWidth, iHeight); for ( int i = 0; i < iCircle; i++ ) { g2dImage.setColor(new Color(randChars.nextInt(255),randChars.nextInt(255),randChars.nextInt(255))); int iRadius = (int) (Math.random() * iHeight / 2.0); int iX = (int) (Math.random() * iWidth - iRadius); int iY = (int) (Math.random() * iHeight - iRadius); g2dImage.fillRoundRect(iX, iY, iRadius * 2, iRadius * 2,100,100); } g2dImage.setFont(fntStyle1); for ( int i = 0; i < iTotalChars; i++ ) {
g2dImage.setColor(new Color(randChars.nextInt(255),randChars.nextInt(255),randChars.nextInt(255))); if (i%2==0) g2dImage.drawString(sImageCode.substring(i,i+1),25*i,24); else g2dImage.drawString(sImageCode.substring(i,i+1),25*i,35); }
/* create jpeg image and display on the screen*/ OutputStream osImage = response.getOutputStream(); ImageIO.write(biImage, "jpeg", osImage); osImage.close();
/* Dispose function is used destory an image object */ g2dImage.dispose();
session.setAttribute("gen_capcode",sImageCode); %></html>
Registerpage with CAPTCHA embedded : registerpage.jsp
<html><title>Registration Page</title>
<body>
<form name="registrationprocess" action="registrationprocess.jsp" method="post">
<!--header--><table border="0" width=100% height=100% align="center" cellpadding="0" cellspacing="0" bgcolor="#837D7D">
<tr> <td align="center" valign="top" height=20%>
<table border="0" width=70% height=100% cellpadding="3" cellspacing="3" bgcolor="#6E0A0A">
<tr> <td align="center"><h1><font color="white">SECURITY IN
MAILING SYSTEM THROUGH CAPTCHA</font></h1></td> </tr>
</table> </td></tr>
<!--end of header-->
<!--Navigation Bar--><tr> <td align="center" valign="top" height=5%> <table border="0" width=70% height=100% cellpadding="3"
cellspacing="3" bgcolor="#403E3E"> <tr>
<td><b> <a href="index.html" style="text-decoration:none"><font
face="arial" color="white">Home    </font></a> <a href="contacts.html" style="text-decoration:none"><font
face="arial" color="white">Contacts    </font></a><a href="images.html" style="text-decoration:none"><font
face="arial" color="white">Captcha Images    </font></a></b>
</td> <td align="right"> <a href="Login.jsp" style="text-decoration:none"><font
color="#FFFFFF" face="arial" size="4">LOGIN  </font></a>
<a href="registerpage.jsp" style="text-decoration:none"> <font color="#FFFFFF" face="arial" size="4">SIGN UP</font></a>
</td> </tr>
</table> </td></tr>
<!--end of navigation bar-->
<!--page body--><tr> <td align="center" valign="top" height=75%> <table border="0" width=70% height=100% cellpadding="3"
cellspacing="3" bgcolor="#333232"> <tr>
<!--left side text--> <td width=20% height=30% bgcolor="#615858"
align="Center"><font color="#FFFFFF"><h1>REGISTRATION PAGE</h1></font></td> <!--right side text-->
<td align="center">
<table border="0" width=60% height= 80% cellpadding="3" cellspacing="3">
<tr> <td><font color="white" size="3"><b>USER
NAME</b></font></td> <td><input type="text" name="uname"></td>
</tr>
<tr> <td><font color="white"
size="3"><b>PASSWORD</b></font></td> <td><input type="password" name="pwd"></td>
</tr>
<tr> <td><font color="white" size="3"><b>AGE</b></font></td> <td><input type="text" name="age"></td>
</tr>
<tr> <td><font color="white"
size="3"><b>GENDER</b></font></td> <td><input type="text" name="gender"></td>
</tr>
<tr> <td><font color="white"
size="3"><b>CITY</b></font></td> <td><input type="text" name="city"></td>
</tr>
<tr> <td><font color="white"
size="3"><b>STATE</b></font></td> <td><input type="text" name="state"></td>
</tr>
<tr> <td><font color="white" size="3"><b>PIN</b></font></td> <td><input type="text" name="pin"></td>
</tr>
<tr> <td><font color="white"
size="3"><b>COUNTRY</b></font></td> <td><input type="text" name="country"></td>
</tr> <tr>
<td><font color="white" size="3"><b>Enter CAPTCHA code</b></font></td>
<td colspan="2" align="center"><img src="captchaimage.jsp" border="0"></td><br><br>
<td><input type="text" name="capcode"></td></tr>
<tr>
<td><input type="submit" value="submit" name="submit"></td>
<td><input type="reset" value="reset" name="reset"></td> </tr> </table>
</td> </tr>
</table> </td></tr>
<!--end of page body--></table></form></html>
TEST PLANS
SYSTEM TESTING : After the deployment of our project on the server(tomcat) , the first web page displayes id index.html , which is our home page.Through the index page , we can navigate to 1.home page2.contacts page3.Signup page4.Adminlogin page
User should get registered with his user details and the generated CAPTCHA code.If the entered CAPTCHA code matches with the generated CAPTCHA code , then the registration is successful;else the registration fails.
Any registered user can login with username and password and can access his account privileges such as compose mail,update profile,check inbox and sent items and give the feedback.
Admin can login and can view the registered users and also their feed backs.
If the CAPTCHA code entered doesn’t match with the entered code , then the execution of all the web pages fail.
MODULE TESTING :
The modules in the project are :
MODULES MODULE CONTENTS OUTPUT EXPECTED ERROR
USER MODULES
Registration Registration success Registration failed
Login Login success Login failed
Compose boxInboxSent items
Mail successfully sentDisplays messages received and sent
Sending failed----
Update profile Successfully updated Updation failed
CAPTCHA MODULES
Generation of CAPTCHA image
CAPTCHA image successfully displayed
Broken images
Validation of CAPTCHA Correct login Incorrect login
OUTPUT SCREENS
FUTURE ENHANCEMENTS : The future of CAPTCHA is also interesting. There’s no doubt that image processing software and computers themselves will become more powerful and eventually will be able to automatically decipher today’s CAPTCHA images. For now, CAPTCHAs usually operate on visual and auditory senses. In the future, when computers are undoubtedly more advanced, we can also operate on touch and taste. In the coming millennia, we may even operate on spatial senses.
CONCLUSION :
CAPTCHA’s are an effective way to counter bots and reduce spam .They serve dual purpose –help advance AI Knowledge . Applications of CAPTCHA vary from stopping bots to character recognition and pattern matching. Some issues with current implementations represent challenges for future improvements.
Bibliography
Core Java™ 2 Volume I – Fundamentals 7th Edition - Cay S. HortsmanPearson Education – Sun Microsystems Gary Cornell
Core Java™ 2 Volume II – Advanced - Cay S. HortsmanPearson Education – Sun Microsystems Gary Cornell
Head First Servlets & JSP - Eric FreemanO’Reilly – SPD Elisabeth Freeman
The Book of JavaScript 2nd Edition - thauSPD
Effective Java – Programming Language Guide - Joshua BlochPearson Education – Sun Microsystems
JBoss – A Developers Notebook - Norman RichardsO’Reilly – SPD Sam Griffith