A

MAJOR PROJECT REPORT ON

“ANALYZING AND DETECTING MONEY-LAUNDERING IN

ONLINE SOCIAL NETWORKS”
A project report submitted in partial fulfillment of the requirement for the
award of degree of

BACHELOR OF TECHNOLOGY
IN
COMPUTER SCIENCE & ENGINEERING
By
MUCHU MANISHA 20D01A0546

MYAKALA JYOTHI 20D01A0549

N.PRAKASH REDDY 20D01A0551

MD. ADNAN AHMED 20D01A0543

Under the guidance of

Mr. B. MANOHAR, M.Tech, Ph.D.

Assistant professor, CSE Department

DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING

ST.MARY’S GROUP OF INSTITUTIONS

(APPROVED BY A.I.C.T.E., NEW DELHI-AFFILIATED TO J.N.T.U,

HYDERABAD) Deshmukhi(V), Pochampally (M), Yadadri Bhuvanagiri
Dist.,Telangana.
Batch: 2020-2024
 ST.MARY’S GROUP OF INSTITUTIONS
(APPROVED BY A.I.C.T.E., NEW DELHI-AFFILIATED TO
J.N.T.U,HYDERABAD)

Deshmukhi(V), Pochampally (M), Yadadri Bhuvanagiri Dist., Telangana.

DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING

CERTIFICATE

This is certified that the project entitled, “Analyzing And Detecting Money-Laundering in
Online Social Networks ” is being submitted by MUCHU
MANISHA(20D01A0546), MYAKALA JYOTHI(20D01A0549), N.PRAKASH
REDDY(20D01A0551), MD.ADNAN AHMED(20D01A0543) in partial fulfillment of
the requirements for the award of Degree of BACHELOR OF TECHNOLOGY in
COMPUTER SCIENCE & ENGINEERING from St.MARY’S
GROUP OF INSTITUTIONS is a bonafide work carried out by them during the academic
year 2023-2024 under our guidance and supervision.

Guide Head of the Department

Mr. B. MANOHAR, M.Tech., Ph.D Dr. S. Joy Kumar, M.Tech., Ph.D

EXTERNAL EXAMINER
 DECLARATION

We declare that the work report in this titled, " ANALYZING AND DETECTING
MONEY-LAUNDERING IN SOCIAL NETWORKS” submitted to the Department of
Computer Science and Engineering, St. Mary's Group Of Institutions in fulfillment of
degree for the award of Bachelor of Technology, is a bonafide work done by us. No part
of the copied from books, journals or internet and wherever the portion is taken,the same has
been duly referred in the text. The reported results are based on the projects work entirely
done by us and not copied from any other sources. Also ,we declare that the matter embedded
in this has not been submitted by us in full or partially there for the award of any degree of
any other institution or university previously.

MUCHU MANISHA 20D01A0546

MYAKALA JYOTHI 20D01A0549

N.PRAKASH REDDY 20D01A0551

MD. ADNAN AHMED 20D01A0543

 ACKNOWLEDGEMENT

We wish to regard a deep sense of gratitude to my guide Mr.B.MANOHAR, M.Tech., Ph.D.,

Assistant Professor, Department of Computer Science and Engineering, ST.MARY’S
GROUP OF INSTITUTIONS who has guided and motivated with scholarly advice,
meticulous care and deep interest throughout the project duration. He has been a constant
source of encouragement and offered valuable guidance and suggestions from time to time
and helped us at various stages of the project work. His motivation has been a source of
inspiration and a model for us to follow. We wish to acknowledge our sincere gratitude to
Dr.S.Joy Kumar M.Tech., Ph.D, Assistant Professor, Head of the Department of CSE,
ST.MARY’S GROUP OF INSTITUTIONS, Deshmukhi, for permitting us to do the project
and giving all sorts of encouragement and scholarly guidance throughout the project work.

We express my sincere thanks and gratitude to Dr.K.Kamal.Has, Professor &

Principal, St.MARY’S GROUP OF INSTITUTIONS HYDERABAD, Deshmukhi, for
having provided with all the facilities of the department to complete this dissertation work
successfully.

We greatly indebted to Dr.K.V.K.Rao, Chairman of the college for giving us the

opportunity and moral support throughout the course.

Finally, We wish to express deep sense of gratitude to my family, friends and our
college staff members and laboratory staff of Computer Science Department who helped us
in completing this project work successfully.

MUCHU MANISHA 20D01A0546

MYAKALA JYOTHI 20D01A0549

N.PRAKASH REDDY 20D01A0551

MD.ADNAN AHMED 20D01A0543

 ABSTRACT
Virtual currency in online social networks (OSN) plays an increasingly important role in
supporting various financial activities such as currency exchange, online shopping, and paid
games. Users usually purchase virtual currency using real currency. This fact motivates
attackers to instrument an army of accounts to collect virtual currency unethically or illegally
with no or very low cost and then launder the collected virtual money for massive profit.
Such attacks not only introduce significant financial loss of victim users, but also harm the
viability of the ecosystem. It is therefore of central importance to detect malicious OSN
accounts that engage in laundering virtual currency. To this end, we extensively study the
behaviors of both malicious and benign accounts based on operation data collected from
Tencent QQ, one of the largest OSNs in the world. Then, we devise multi-faceted features
that characterize accounts from three aspects including account viability, transaction
sequences, and spatial correlation among accounts. Finally, we propose a detection method
by integrating these features using a statistical classifier, which can achieve a high detection
rate of 94.2% at a very low false positive rate of 0.97%.
 CONTENTS

CHAPTER TOPIC PAGE NO

1. INTRODUCTION 1

2. SYSTEM ANALYSIS 5

2.1 DEFINITION 3

2.2 EXISTING SYSTEM 3

2.3 PROPOSED SYSTEM 4

2.4 SYSTEM STUDY 5

3. SYSTEM DESIGN 12

3.1 DEFINITION 6

3.2 SYSTEM MODULES 7

3.2.1 USER REGISTRATION 6

3.2.2 VIEW AND AUTHORIZE USERS 6

3.2.3 FRIEND REQUEST AND RESPONSE 7

3.2.4 BUYERS 7

3.3 INPUT DESIGN 7

3.4 OUTPUT DESIGN 8

3.5 SYSTEM ARCHITECTURE 9

3.6 LOGICAL DESIGN 12

4. SYSTEM SPECIFICATIONS 13

4.1 HARDWARE REQUIREMENTS 13

4.2 SOFTWAREREQUREMENTS 13

5. SYSTEM ENVIRONMENT 14

6. SAMPLE CODE 31

7. SYSTEM TESTING 43

7.1 TYPES OF TESTS 42

7.2 TEST STRATEGY AND APPROACH 44

7.3 ACCEPTANCE TESTING 45

8. OUTPUT SCREENS 48

9. CONCLUSION 52

BIBLIOGRAPHY 53
 LIST OF FIGURES

S NO FIGURE NO TOPIC PAGE NO

1. FIGURE 3.1 SYSTEM ARCHITECTURE 9

2. FIGURE 3.2 USECASE DIAGRAM 10

3. FIGURE 3.3 CLASS DIAGRAM 11

4. FIGURE 3.4 SEQUENCE DIAGRAM 12

5. FIGURE 5.1 JAVA PROGRAMMING 18

6. FIGURE 5.2 JAVA EXECUTION 19

7. FIGURE 5.3 JAVA PLATFORM 25

8. FIGURE 5.3 JAVA APPLICATION 26

9. FIGURE 8.1 HOME PAGE 46

10. FIGURE 8.2 SOCIAL NETWORK LOGIN 46

11. FIGURE 8.3 SOCIAL NETWORK HOME 47

12. FIGURE 8.4 VIEW ALL BUYERS & AUTHORIZE 47

13. FIGURE 8.5 VIEW ALL ECOMMERCE USERS 48

14. FIGURE 8.6 VIEW ALL PRODUCTS 48

15. FIGURE 8.7 PRODUCT REVIEW DETAILS 49

16. FIGURE 8.8 VIEW ALL PURCHASED PRODUCTS 49

17. FIGURE 8.9 VIEW ALL MONEY LAUNDERING ACCOUNTS 50

18. FIGURE 8.10 USER REGISTRATION 50

19. FIGURE 8.11 ECOMMERCE USER LOGIN 51

 1.INTRODUCTION

Online social networks (OSNs) have started to leverage virtual currency as an effective means to
glue financial activities across various platforms such as online shopping, paid online games, and
paid online reading. Examples of virtual currency in such OSNs include but are not limited to
Tencent Q Coin, Facebook Credits1, and Amazon Coin. Usually, users purchase virtual money
using real currency at a regulated rate; a user can also transfer it to another via various ways such
as recharging her account and sending out gifts.

These facts enable attackers to gain potentially massive profits through the following steps. First,
an attacker can collect virtual currency with zero or low cost. For example, she can compromise
and subsequently control a legitimate account or register a huge number of accounts to win gifts
(in the form of virtual currency) in online promotion activities. Next, she can instrument accounts
under her control to transfer virtual currency to other accounts in return for real currency, with rates
that are usually much lower compared to the regulated rate. Attackers usually post advertisements
in popular e-commerce websites to attract potential buyers. We term OSN accounts that are used
by attackers for the collection and transfer of virtual currency as money-laundering accounts.
Money-laundering accounts have caused a tremendous financial loss for compromised accounts,
fundamentally undermined the effectiveness of online promotion activities, and possibly
introduced potential conflicts against currency regulations. Detecting money-laundering accounts
in OSNs therefore becomes of essential importance, which, however, is faced with new, significant
challenges. First, committing money-laundering activities does not require the usage of traditional
malicious content such as spam, malicious URLs, or malicious executables.

Although spamming might be used by attackers for advertisement, neither methods nor the
accounts used for spamming are necessarily associated with the moneylaundering accounts.
Second, money-laundering activities do not rely on social behaviors and structures (e.g.,
“following” or “friend” relationship in popular social networks) to operate.

These challenges make existing methods immediately ineffective, since they focus on detecting
OSN-based spamming, phishing, and scamming attacks, whose proper operation necessitates
malicious content , social structures , or social behaviors .

Detecting money laundering activities in traditional financial transactions has attracted significant
research efforts . For example, Dreżewski et al. designed a system to detect money laundering
1
activities from billings and bank account transactions. Paula et al. used the AutoEncoder to classify
exporters and detect money laundering activities in exports of goods and products in Brazil.
Colladon et al. presented predictive models to quantify risk factors of clients involved in the
factoring business and proposed a visual analysis method to detect the potential clusters of
criminals and prevent money laundering.

Different from traditional money laundering detection problems in bank-related activities, account
behaviors of laundering virtual currency in OSNs involve bank-related financial activities, online
social network, and virtual recharging and expenditure activities.

The goal of our work is to design an effective method capable of detecting moneylaundering
accounts. As a means towards this end, we perform an extensive study of behaviors of
moneylaundering accounts based on data collected from Tencent QQ, one of the largest OSNs in
the world with a giant body of reportedly 861 million active users. We have devised multi-faceted
features that characterize accounts from three aspects including account viability, transaction
sequences, and spatial correlation among accounts. Experimental results have demonstrated that
our method can achieve a high detection rate of 94.2% with a very low false positive rate of 0.97%.
To the best of our knowledge, this work represents the first effort to analyze and detect money-
laundering accounts in OSNs integrating virtual currency at this large scale.

2
 2. SYSTEM ANALYSIS

2.1 DEFINITION

Virtual currency in online social networks (OSN) plays an increasingly important role in supporting
various financial activities such as currency exchange, online shopping, and paid games. Users
usually purchase virtual currency using real currency. This fact motivates attackers to instrument
an army of accounts to collect virtual currency unethically or illegally with no or very low cost and
then launder the collected virtual money for massive
profit

2.2 EXISTING SYSTEM

• In the existing system, an approach to sort and map relational data and present predictive models –
based on network metrics – to assess risk profiles of clients involved in the factoring business. The
system finds that risk profiles can be predicted by using social network metrics.

• In the system dataset, the most dangerous social actors deal with bigger or more frequent financial
operations; they are more peripheral in the transactions network; they mediate transactions across
different economic sectors and operate in riskier countries or Italian regions.

• Finally, to spot potential clusters of criminals, we propose a visual analysis of the tacit links existing
among different companies who share the same owner or representative. The system findings show
the importance of using a network-based approach when looking for suspicious financial operations
and potential criminals.

3
 Disadvantages

o It is not based on Behavior Analysis and Feature Extraction. o There is no

Vitality Features to detect malicious attackers.

2.3 PROPOSED SYSTEM

The proposed system is designed which is an effective method capable of detecting moneylaundering
accounts. As a means towards this end, we perform an extensive study of behaviors of
moneylaundering accounts based on data collected from Tencent QQ, one of the largest OSNs in
the world with a giant body of reportedly 861 million active users.
The system has devised multi-faceted features that characterize accounts from three aspects including
account viability, transaction sequences, and spatial correlation among accounts.
Experimental results have demonstrated that our method can achieve a high detection rate of 94.2%
with a very low false positive rate of 0.97%. To the best of our knowledge, this work represents the
first effort to analyze and detect money-laundering accounts in OSNs integrating virtual currency
at this large scale.

Advantages

 Login activities, which include the account ID, the login date, the login IP address, and the account
level.
 The expenditure activities, which include the expenditure account ID, the expenditure date, the
expenditure amount, the purchased service, the payment way, and the account ID to receive the
service.
 The recharging activities, which include the recharging account ID, the recharging date, the
recharging amount, the payment way

2.4 SYSTEM STUDY

4
FEASIBILITY STUDY

An important outcome of preliminary investigation is the determination that the system request is
feasible. This is possible only if it is feasible within limited resource and time.
The different feasibilities that have to be analyzed are

• Operational Feasibility

• Economic Feasibility

• Technical Feasibility

OPERATIONAL FEASIBILITY
Operational Feasibility deals with the study of prospects of the system to be developed. This
system operationally eliminates all the tensions of the Admin and helps him in effectively tracking the
project progress. This kind of automation will surely reduce the time and energy, which previously
consumed in manual work. Based on the study, the system is proved to be operationally feasible.

ECONOMIC FEASIBILITY
Economic Feasibility or Cost-benefit is an assessment of the economic justification for a
computer based project. As hardware was installed from the beginning & for lots of purposes thus the
cost on project of hardware is low. Since the system is a network based, any number of employees
connected to the LAN within that organization can use this tool from at anytime. The Virtual Private
Network is to be developed using the existing resources of the organization. So the project is
economically feasible.

TECHNICAL FEASIBILITY
According to Roger S. Pressman, Technical Feasibility is the assessment of the technical
resources of the organization. The organization needs IBM compatible machines with a graphical web
browser connected to the Internet and Intranet. The system is developed for platform Independent
environment. Java Server Pages, JavaScript, HTML, SQL server and WebLogic Server are used to
develop the system. The technical feasibility has been carried out. The system is technically feasible
for development and can be developed with the existing facility

5
 3. SYSTEM DESIGN

3.1 DEFINITION
The most creative and challenging face of the system development is System Design. It
provides the understanding and procedural details necessary for the logical and physical stages of
development. In designing a new system, the system analyst must have a clear understanding of the
objectives, which the design is aiming to fulfil. The first step is to determine how the output is to be
produced and in what format. Second, input data and master files have to be designed to meet the
requirements of the proposed output. The operational phases are handled through program construction
and testing. Design of the system can be defined as a process of applying various techniques and
principles for the purpose of defining a device, a process or a system in sufficient detail to permit its
physical realization. Thus, system design is a solution to “how to” approach to the creation of a new
system. This important phase provides the understanding and the procedural details necessary for
implementing the system recommended in the feasibility study. The design step provides a data design,
architectural design, and a procedural design.

3.2 SYSTEM MODULES

3.2.1 USER REGISTRATION

In this module, the Social Network has to login by using valid user name and password. After login
successful he can do some operations such as View all Buyers and authorize,View all Ecommerce
Users and authorize,View all Products,View all Purchased Products Based On Ecommerce
Site,View all Money Laundering Account,View all
Phishing Attackers,View all Exploit Vulnerability

3.2.2 VIEW AND AUTHORIZE USERS

In this module, the admin can view the list of users who all registered. In this, the admin can view
the user’s details such as, user name, email, address and admin authorizes the users.
6
3.2.3 FRIEND REQUEST AND RESPONSE
In this module, there are n numbers of users are present. User should register before doing any
operations. Once user registers, their details will be stored to the database. After registration
successful, he has to login by using authorized user name and password. Once Login is successful
user will do some operations like View Profile, Add Category, Add Products, View All Products,
View All Products Purchase Request, View all Purchased Products with total bill, View all Money
Laundering Account, View all Phishing Attackers, View all Exploit Vulnerability.

3.2.4 BUYERS
In this module, there are n numbers of users are present. User should register before doing any
operations. Once user registers, their details will be stored to the database. After registration
successful, he has to login by using authorized user name and password. Once Login is successful
user will do some operations like Manage account,View Your Profile,Search Friends ,View Friend
Request and Response,View My Friends,Search Products ,View all Purchased Products with total
bill.

3.3 INPUT DESIGN

The input design is the link between the information system and the user. It comprises the
developing specification and procedures for data preparation and those steps are necessary to put
transaction data in to a usable form for processing can be achieved by inspecting the computer to
read data from a written or printed document or it can occur by having people keying the data
directly into the system. The design of input focuses on controlling the amount of input required,
controlling the errors, avoiding delay, avoiding extra steps and keeping the process simple. The
input is designed in such a way so that it provides security and ease of use with retaining the privacy.
Input Design considered the following things:

 What data should be given as input?

 How the data should be arranged or coded?

 The dialog to guide the operating personnel in providing input.

 Methods for preparing input validations and steps to follow when error occur.

7
 OBJECTIVES

1. Input Design is the process of converting a user-oriented description of the input into a
computer-based system. This design is important to avoid errors in the data input process and show
the correct direction to the management for getting correct information from the computerized
system.

2. It is achieved by creating user-friendly screens for the data entry to handle large volume of data.
The goal of designing input is to make data entry easier and to be free from errors. The data entry
screen is designed in such a way that all the data manipulates can be performed. It also provides
record viewing facilities.

3. When the data is entered it will check for its validity. Data can be entered with the help of
screens. Appropriate messages are provided as when needed so that the user will not be in maize
of instant. Thus the objective of input design is to create an input layout that is easy to follow

3.4 OUTPUT DESIGN

A quality output is one, which meets the requirements of the end user and presents the
information clearly. In any system results of processing are communicated to the users and
to other system through outputs. In output design it is determined how the information is to
be displaced for immediate need and also the hard copy output. It is the most important and
direct source information to the user. Efficient and intelligent output design improves the
system’s relationship to help user decision-making.

1. Designing computer output should proceed in an organized, well thought out manner; the
right output must be developed while ensuring that each output element is designed so that
people will find the system can use easily and effectively. When analysis design computer
output, they should Identify the specific output that is needed to meet the requirements.

8
3.5 SYSTEM ARCHITECTURE

Figure: 3.1 SYSTEM ARCHITECTURE

9
 3.6 LOGICAL DESIGN
Logical data design is about the logically implied data. Each and every data in the form can be
designed in such a manner to understand the meaning. Logical data designing should give a clear
understanding & idea about the related data used to construct a form.

10
 Figure:3.2
CLASS DIAGRAM

Methods

Ecommerce User

Methods

Members
Member

Login
Register
Methods
Methods
Members
Members

Buyers

Methods

Members

Figure:3.3 Class Diagram

11
SEQUENCE DIAGRAM

Figure:3.4 Sequence Daigram

12
 4.SYSTEM SPECFICATIONS

4.1 HARDWARE REQUIREMENTS

• System: Intel core i5

• Hard Disk: 40 GB.

• Floppy Drive: 1.44 Mb.

• Monitor: 15 VGA Colour.

• Mouse: Logitech.

• Ram: 512 Mb.

4.2 SOFTWARE REQUIREMENTS

• Operating system: Windows XP/7.

• Coding Language: JAVA

• IDE : Netbeans

• Database : MYSQL

• Front end : JavaScript Html, CSS

• Back end : JAVA with J2EE, jsp

• Server : Apache Tomcat

13
 5.SYSTEM ENVIRONMENT
Client Server

Over view:

With the varied topic in existence in the fields of computers, Client Server is one, which has
generated more heat than light, and also more hype than reality. This technology has acquired
a certain critical mass attention with its dedication conferences and magazines. Major
computer vendors such as IBM and DEC, have declared that Client Servers is their main
future market. A survey of DBMS magazine reveled that 76% of its readers were actively
looking at the client server solution. The growth in the client server development tools from
$200 million in 1992 to more than $1.2 billion in 1996.
Client server implementations are complex but the underlying concept is simple and
powerful. A client is an application running with local resources but able to request the
database and relate the services from separate remote server. The software mediating this
client server interaction is often referred to as MIDDLEWARE.
The typical client either a PC or a Work Station connected through a network to a more
powerful PC, Workstation, Midrange or Main Frames server usually capable of handling
request from more than one client. However, with some configuration server may also act as
client. A server may need to access other server in order to process the original client request.
The key client server idea is that client as user is essentially insulated from the physical
location and formats of the data needs for their application. With the proper middleware, a
client input from or report can transparently access and manipulate both local database on
the client machine and remote databases on one or more servers. An added bonus is the client
server opens the door to multi-vendor database access indulging heterogeneous table joins.

What is a Client Server

Two prominent systems in existence are client server and file server systems. It is essential
to distinguish between client servers and file server systems. Both provide shared network
access to data but the comparison dens there! The file server simply provides a remote disk
drive that can be accessed by LAN applications on a file by file basis. The client server offers
full relational database services such as SQL-Access, Record modifying, Insert, Delete with
14
full relational integrity backup/ restore performance for high volume of transactions, etc. the
client server middleware provides a flexible interface between client and server, who does
what, when and to whom. Why Client Server
Client server has evolved to solve a problem that has been around since the earliest days of
computing: how best to distribute your computing, data generation and data storage resources
in order to obtain efficient, cost effective departmental an enterprise wide data processing.
During mainframe era choices were quite limited. A central machine housed both the CPU
and DATA (cards, tapes, drums and later disks). Access to these resources was initially
confined to batched runs that produced departmental reports at the appropriate intervals. A
strong central information service department ruled the corporation. The role of the rest of
the corporation limited to requesting new or more frequent reports and to provide hand
written forms from which the central data banks were created and updated. The earliest client
server solutions therefore could best be characterized as “SLAVE-MASTER”.

Time-sharing changed the picture. Remote terminal could view and even change the central
data, subject to access permissions. And, as the central data banks evolved in to sophisticated
relational database with non-programmer query languages, online users could formulate
adhoc queries and produce local reports with out adding to the MIS applications software
backlog. However remote access was through dumb terminals, and the client server remained
subordinate to the Slave\Master.

Front end or User Interface Design

The entire user interface is planned to be developed in browser specific environment with a touch of
IntranetBased Architecture for achieving the Distributed Concept.

The browser specific components are designed by using the HTML standards, and the dynamism of the
designed by concentrating on the constructs of the Java Server Pages.

Communication or Database Connectivity Tier

The Communication architecture is designed by concentrating on the Standards of Servlets

and Enterprise Java Beans. The database connectivity is established by using the Java Data
Base Connectivity.

15
 The standards of three-tire architecture are given major concentration to keep the standards
of higher cohesion and limited coupling for effectiveness of the operations.

Features of The Language Used

In my project, I have chosen Java language for developing the code.

About Java

Initially the language was called as “oak” but it was renamed as “Java” in 1995. The primary
motivation of this language was the need for a platform-independent (i.e., architecture
neutral) language that could be used to create software to be embedded in various consumer
electronic devices.

 Java is a programmer’s language.

 Java is cohesive and consistent.

 Except for those constraints imposed by the Internet environment, Java gives the programmer,

full control.
Finally, Java is to Internet programming where C was to system programming. Importance
of Java to the Internet

Java has had a profound effect on the Internet. This is because; Java expands the Universe of
objects that can move about freely in Cyberspace. In a network, two categories of objects are
transmitted between the Server and the Personal computer. They are: Passive information and
Dynamic active programs. The Dynamic, Self-executing programs cause serious problems in
the areas of Security and probability. But, Java addresses those concerns and by doing so, has
opened the door to an exciting new form of program called the Applet. Java can be used to
create two types of programs

Applications and Applets: An application is a program that runs on our Computer under the
operating system of that computer. It is more or less like one creating using C or C++. Java’s
ability to create Applets makes it important. An Applet is an application designed to be
transmitted over the Internet and executed by a Java –compatible web browser. An applet is
actually a tiny Java program, dynamically downloaded across the network, just like an image.
16
But the difference is, it is an intelligent program, not just a media file. It can react to the user
input and dynamically change.

Features Of Java

Security

Every time you that you download a “normal” program, you are risking a viral infection.
Prior to Java, most users did not download executable programs frequently, and those who
did scanned them for viruses prior to execution. Most users still worried about the possibility
of infecting their systems with a virus. In addition, another type of malicious program exists
that must be guarded against. This type of program can gather private information, such as
credit card numbers, bank account balances, and passwords. Java answers both these
concerns by providing a “firewall” between a network application and your computer.

When you use a Java-compatible Web browser, you can safely download Java applets without
fear of virus infection or malicious intent.

Portability

For programs to be dynamically downloaded to all the various types of platforms connected
to the Internet, some means of generating portable executable code is needed .As you will
see, the same mechanism that helps ensure security also helps create portability. Indeed,
Java’s solution to these two problems is both elegant and efficient.

The Byte code

The key that allows the Java to solve the security and portability problems is that the output
of Java compiler is Byte code. Byte code is a highly optimized set of instructions designed
to be executed by the Java run-time system, which is called the Java Virtual Machine (JVM).
That is, in its standard form, the JVM is an interpreter for byte code.

Translating a Java program into byte code helps makes it much easier to run a program in a
wide variety of environments. The reason is, once the run-time package exists for a given
system, any Java program can run on it.
17
Although Java was designed for interpretation, there is technically nothing about Java that
prevents on-the-fly compilation of byte code into native code. Sun has just completed its Just
In Time (JIT) compiler for byte code. When the JIT compiler is a part of JVM, it compiles
byte code into executable code in real time, on a piece-by-piece, demand basis. It is not
possible to compile an entire Java program into executable code all at once, because Java
performs various run-time checks that can be done only at run time. The JIT compiles code,
as it is needed, during execution.

Java, Virtual Machine (JVM)

Beyond the language, there is the Java virtual machine. The Java virtual machine is an
important element of the Java technology. The virtual machine can be embedded within a
web browser or an operating system. Once a piece of Java code is loaded onto a machine, it
is verified. As part of the loading process, a class loader is invoked and does byte code
verification makes sure that the code that’s has been generated by the compiler will not
corrupt the machine that it’s loaded on. Byte code verification takes place at the end of the
compilation process to make sure that is all accurate and correct. So byte code verification is
integral to the compiling and executing of Java code.
Overall Description

Java byte code

Java .Class

Figure:5.1 JVM

18
 Picture showing the development process of JAVA Program

Java programming uses to produce byte codes and executes them. The first box indicates that
the Java source code is located in a. Java file that is processed with a Java compiler called
javac. The Java compiler produces a file called a. class file, which contains the byte code.

The. Class file is then loaded across the network or loaded locally on your machine into the
execution environment is the Java virtual machine, which interprets and executes the byte
code.

Java Architecture

Java architecture provides a portable, robust, high performing environment for development.
Java provides portability by compiling the byte codes for the Java Virtual Machine, which is
then interpreted on each platform by the run-time environment. Java is a dynamic system,
able to load code when needed from a machine in the same room or across the planet.

Compilation of code

When you compile the code, the Java compiler creates machine code (called byte code) for a
hypothetical machine called Java Virtual Machine (JVM). The JVM is supposed to execute
the byte code. The JVM is created for overcoming the issue of portability. The code is written
and compiled for one machine and interpreted on all machines. This machine is called Java
Virtual Machine.

Compiling and interpreting Java Source Code

Java
PC Compiler Java
Source Interpreter
Macintosh Java
Code
Byte code Interpreter
……….. SPARC Java

Interpreter

19
 Figure:5.2 java execution

During run-time the Java interpreter tricks the byte code file into thinking that it is running
on a Java Virtual Machine.

In reality this could be a Intel Pentium Windows 95 or Sun SARC station running Solaris or
Apple Macintosh running system and all could receive code from any computer through
Internet and run the Applets. Simple

Java was designed to be easy for the Professional programmer to learn and to use effectively.
If you are an experienced C++ programmer, learning Java will be even easier. Because Java
inherits the C/C++ syntax and many of the object oriented features of C++. Most of the
confusing concepts from C++ are either left out of Java or implemented in a cleaner, more
approachable manner. In Java there are a small number of clearly defined ways to accomplish
a given task.

Object-Oriented

Java was not designed to be source-code compatible with any other language. This allowed
the Java team the freedom to design with a blank slate. One outcome of this was a clean
usable, pragmatic approach to objects. The object model in Java is simple and easy to extend,
while simple types, such as integers, are kept as high-performance non-objects.

Robust

The multi-platform environment of the Web places extraordinary demands on a program,

because the program must execute reliably in a variety of systems. The ability to create robust
programs was given a high priority in the design of Java. Java is strictly typed language; it
checks your code at compile time and run time.

20
Java virtually eliminates the problems of memory management and deallocation, which is
completely automatic. In a well-written Java program, all run time errors can –and should –
be managed by your program. JAVASCRIPT

JavaScript is a script-based programming language that was developed by Netscape

Communication Corporation. JavaScript was originally called Live Script and renamed as
JavaScript to indicate its relationship with Java. JavaScript supports the development of both
client and server components of Web-based applications. On the client side, it can be used to
write programs that are executed by a Web browser within the context of a Web page.

Even though JavaScript supports both client and server Web programming, we prefer
JavaScript at Client side programming since most of the browsers supports it. JavaScript is
almost as easy to learn as HTML, and JavaScript statements can be included in HTML
documents by enclosing the statements between a pair of scripting tags

<SCRIPTS>..</SCRIPT>.

<SCRIPT LANGUAGE = “JavaScript”>

JavaScript statements

</SCRIPT>

Here are a few things we can do with JavaScript :

 Validate the contents of a form and make calculations.

 Add scrolling or changing messages to the Browser’s status line.

 Animate images or rotate images that change when we move the mouse over them.

 Detect the browser in use and display different content for different browsers.

 Detect installed plug-ins and notify the user if a plug-in is required.

We can do much more with JavaScript, including creating entire application.

21
JavaScript and Java are entirely different languages. A few of the most glaring differences
are:

 Java applets are generally displayed in a box within the web document; JavaScript can
affect any part of the Web document itself.
 While JavaScript is best suited to simple applications and adding interactive features to
Web pages; Java can be used for incredibly complex applications.
There are many other differences but the important thing to remember is that JavaScript and
Java are separate languages. They are both useful for different things; in fact they can be used
together to combine their advantages.

ADVANTAG E S

 JavaScript can be used for Sever-side and Client-side scripting.

 It is more flexible than VBScript.

 JavaScript is the default scripting languages at Client-side since all the browsers
supports it.

Hyper Text Markup Language

Hypertext Markup Language (HTML), the languages of the World Wide Web (WWW),
allows users to produces Web pages that include text, graphics and pointer to other Web pages
(Hyperlinks).

HTML is not a programming language but it is an application of ISO Standard 8879,

SGML (Standard Generalized Markup Language), but specialized to hypertext and adapted
to the Web. The idea behind Hypertext is that instead of reading text in rigid linear structure,
we can easily jump from one point to another point. We can navigate through the information
based on our interest and preference. A markup language is simply a series of elements, each
delimited with special characters that define how text or other items enclosed within the

22
 elements should be displayed. Hyperlinks are underlined or emphasized works that load to
other documents or some portions of the same document.

HTML provides tags (special codes) to make the document look attractive. HTML tags are
not case-sensitive. Using graphics, fonts, different sizes, color, etc., can enhance the
presentation of the document. Anything that is not a tag is part of the document itself.

Basic HTML Tags :

<!-- --> Specifies comments

<A>……….</A> Creates hypertext links

<B>……….</B> Formats text as bold

<BIG>……….</BIG> Formats text in large font.

…< /BODY> Contains all tags and text in the HTML document
<CENTER>...</CENTER> Creates text

<DD>…</DD> Definition of a term

<DL>...</DL> Creates definition list

<FONT>…</FONT> Formats text with a particular font

<FORM>...</FORM> Encloses a fill-out form

...</FRAME> Defines a particular frame in a set of frames

<H#>…</H#> Creates headings of different levels

<HTML>…</HTML> Contains all other HTML tags

<META>...< META> Provides meta-information about a document

<SCRIPT>…</SCRIPT> Contains client-side or server-side script

<TABLE>…</TABLE> Creates a table

<TD>…</TD> Indicates table data in a table

<TR>…</TR> Designates a table row

<TH>…</TH> Creates a heading in a table

23
Java Database Connectivity What

Is JDBC?

JDBC is a Java API for executing SQL statements. (As a point of interest, JDBC is a
trademarked name and is not an acronym; nevertheless, JDBC is often thought of as standing
for Java Database Connectivity. It consists of a set of classes and interfaces written in the
Java programming language. JDBC provides a standard API for tool/database developers and
makes it possible to write database applications using a pure Java API.

Using JDBC, it is easy to send SQL statements to virtually any relational database. One can
write a single program using the JDBC API, and the program will be able to send SQL
statements to the appropriate database. The combinations of Java and JDBC lets a
programmer write it once and run it anywhere.

What Does JDBC Do?

Simply put, JDBC makes it possible to do three things:

 Establish a connection with a database

 Send SQL statements Process the results.

JDBC versus ODBC and other APIs

At this point, Microsoft's ODBC (Open Database Connectivity) API is that probably the most
widely used programming interface for accessing relational databases
So why not just use ODBC from Java? The answer is that you can use ODBC from Java, but
this is best done with the help of JDBC in the form of the JDBC-ODBC Bridge, which we
will cover shortly. The question now becomes "Why do you need JDBC?" There are several
answers to this question:

1. ODBC is not appropriate for direct use from Java because it uses a C interface. Calls from
Java to native C code have a number of drawbacks in the security, implementation,
robustness, and automatic portability of applications.
2. A literal translation of the ODBC C API into a Java API would not be desirable. For

24
3. example, Java has no pointers, and ODBC makes copious use of them, including the
notoriously error-prone generic pointer "void *". You can think of JDBC as ODBC
translated into an object-oriented interface that is natural for Java programmers.

4. ODBC is hard to learn. It mixes simple and advanced features together, and it has complex
options even for simple queries. JDBC, on the other hand, was designed to keep simple
things simple while allowing more advanced capabilities where required.
5. A Java API like JDBC is needed in order to enable a "pure Java" solution. When ODBC
is used, the ODBC driver manager and drivers must be manually installed on every client
machine. When the JDBC driver is written completely in Java, however, JDBC code is
automatically installable, portable, and secure on all Java platforms from network
computers to mainframes. Two-tier and Three-tier Models

The JDBC API supports both two-tier and three-tier models for database access.

IN THE TWO-TIER MODEL, A JAVA APPLET OR APPLICATION TALKS DIRECTLY TO THE

DATABASE. THIS REQUIRES A JDBC DRIVER THAT CAN COMMUNICATE WITH THE

PARTICULAR DATABASE MANAGEMENT SYSTEM BEING ACCESSED. A USER'S SQL STATEMENTS

ARE DELIVERED TO THE DATABASE, AND THE RESULTS OF THOSE STATEMENTS ARE SENT BACK

TO THE USER. THE DATABASE MAY BE LOCATED ON ANOTHER MACHINE TO

WHICH THE USER IS CONNECTED VIA A NETWORK. THIS IS

REFERRED TO AS A CLIENT/SERVER CONFIGURATION, WITH THE USER'S MACHINE AS

25
 Client machine
JAVA

Application

DBMS-proprietary protocol
JDBC

Database server

DBMS

Figure:5.3

THE CLIENT, AND THE MACHINE HOUSING THE DATABASE AS THE SERVER . THE NETWORK CAN

BE AN INTRANET, WHICH, FOR EXAMPLE, CONNECTS EMPLOYEES WITHIN A CORPORATION, OR

IT CAN BE THE INTERNET.

IN THE THREE-TIER MODEL, COMMANDS ARE SENT TO A "MIDDLE TIER" OF SERVICES,

WHICH THEN SEND SQL STATEMENTS TO THE DATABASE. THE DATABASE PROCESSES THE

SQL STATEMENTS AND SENDS THE RESULTS BACK TO THE MIDDLE TIER, WHICH

THEN SENDS THEM TO THE USER. MIS DIRECTORS FIND THE THREE-TIER MODEL VERY

Java applet or Client machine (GUI)

Html browser

HTTP, RMI, or CORBA calls

Application
Server (Java) Server machine (business Logic)
JDBC

DBMS-proprietary protocol

Database server

DBMS

Figure:5.4

26
 ATTRACTIVE BECAUSE THE MIDDLE TIER MAKES IT POSSIBLE TO MAINTAIN CONTROL

OVER ACCESS and the kinds of updates that can be made to corporate data. Another advantage
is that when there is a middle tier, the user can employ an easy-to-use higher-level API which
is translated by the middle tier into the appropriate low-level calls. Finally, in many cases the
three-tier architecture can provide performance advantages.

Until now the middle tier has typically been written in languages such as C or C++, which

offer fast performance. However, with the introduction of optimizing compilers that translate

Java byte code into efficient machine-specific code, it is becoming practical to implement the

middle tier in Java. This is a big plus, making it possible to take advantage of Java's

robustness, multithreading, and security features. JDBC is important to allow

database access from a Java middle tier.

JDBC Driver Types

The JDBC drivers that we are aware of at this time fit into one of four categories:

 JDBC-ODBC bridge plus ODBC driver

 Native-API partly-Java driver

 JDBC-Net pure Java driver

 Native-protocol pure Java driver

JDBC-ODBC Bridge

If possible, use a Pure Java JDBC driver instead of the Bridge and an ODBC driver. This
completely eliminates the client configuration required by ODBC. It also eliminates the
potential that the Java VM could be corrupted by an error in the native code brought in by
the Bridge (that is, the Bridge native library, the ODBC driver manager library, the ODBC
driver library, and the database client library). What Is the JDBC- ODBC Bridge?

The JDBC-ODBC Bridge is a JDBC driver, which implements JDBC operations by

translating them into ODBC operations. To ODBC it appears as a normal application

27
program. The Bridge implements JDBC for any database for which an ODBC driver is
available. The Bridge is implemented as the

sun.jdbc.odbc Java package and contains a native library used to access ODBC. The Bridge
is a joint development of Intersolv and JavaSoft.

Java Server Pages (JSP)

Java server Pages is a simple, yet powerful technology for creating and maintaining
dynamiccontent web pages. Based on the Java programming language, Java Server Pages
offers proven portability, open standards, and a mature re-usable component model .The Java
Server Pages architecture enables the separation of content generation from content
presentation. This separation not eases maintenance headaches, it also allows web team
members to focus on their areas of expertise. Now, web page designer can concentrate on
layout, and web application designers on programming, with minimal concern about
impacting each other’s work.

Features of JSP Portability:

Java Server Pages files can be run on any web server or web-enabled application server that
provides support for them. Dubbed the JSP engine, this support involves recognition,
translation, and management of the Java Server Page lifecycle and its interaction components.
Components

It was mentioned earlier that the Java Server Pages architecture can include reusable Java
components. The architecture also allows for the embedding of a scripting language directly
into the Java Server Pages file. The components current supported include Java Beans, and
Servlets.

Processing

A Java Server Pages file is essentially an HTML document with JSP scripting or tags. The
Java Server Pages file has a JSP extension to the server as a Java Server Pages file. Before
the page is served, the Java Server Pages syntax is parsed and processed into a Servlet on the

28
 server side. The Servlet that is generated outputs real content in straight HTML for
responding to the client.

Access Models:

A Java Server Pages file may be accessed in at least two different ways. A client’s request
comes directly into a Java Server Page.

In this scenario, suppose the page accesses reusable Java Bean components that perform
particular well-defined computations like accessing a database. The result of the Beans
computations, called result sets is stored within the Bean as properties. The page uses such
Beans to generate dynamic content and present it back to the client.

In both of the above cases, the page could also contain any valid Java code. Java Server Pages
architecture encourages separation of content from presentation.

Steps in the execution of a JSP Application:

1. The client sends a request to the web server for a JSP file by giving the name of the JSP file
within the form tag of a HTML page.

2. This request is transferred to the JavaWebServer. At the server side JavaWebServer receives
the request and if it is a request for a jsp file server gives this request to the JSP engine.
3. JSP engine is program which can understands the tags of the jsp and then it converts those tags
into a Servlet program and it is stored at the server side. This Servlet is loaded in the memory
and then it is executed and the result is given back to the JavaWebServer and then it is
transferred back to the result is given back to the JavaWebServer and then it is transferred back
to the client. JDBC connectivity

The JDBC provides database-independent connectivity between the J2EE platform and a
wide range of tabular data sources. JDBC technology allows an Application Component
Provider to:

• Perform connection and authentication to a database server

• Manager transactions

29
• Move SQL statements to a database engine for preprocessing and execution

• Execute stored procedures

• Inspect and modify the results from Select statements.

Tomcat 6.0 web server

Tomcat is an open source web server developed by Apache Group. Apache Tomcat is the
servlet container that is used in the official Reference Implementation for the Java Servlet
and Java Server Pages technologies. The Java Servlet and Java Server Pages specifications
are developed by Sun under the Java Community Process. Web Servers like Apache Tomcat
support only web components while an application server supports web components as well
as business components (BEAs Weblogic, is one of the popular application server).To
develop a web application with jsp/servlet install any web server like JRun, Tomcat etc to run
your application.

30
 6.SAMPLE CODE

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"

"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<%@ include file="connect.jsp" %>

<%@ page import="java.util.Date" %>

<%@ page import="java.text.SimpleDateFormat" %>

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<title>Search Products Page</title>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

<link href="css/style.css" rel="stylesheet" type="text/css" />

<link rel="stylesheet" type="text/css" href="css/coin-slider.css" />

<script type="text/javascript" src="js/cufon-yui.js"></script>

<script type="text/javascript" src="js/cufon-aller.js"></script>

<script type="text/javascript" src="js/jquery-1.4.2.min.js"></script>

<script type="text/javascript" src="js/script.js"></script>

<script type="text/javascript" src="js/coin-slider.min.js"></script>

31
<style type="text/css">

.style3 {padding:0; margin:0; width:100%; line-height:0; clear: both;}

.style5 {color:#006633}

.style6 { font-
size: 18px; color:
#FF0000; }

.style7 {color: #fff}

.style8 {color: #FF3333}

.style9 {color: #333333}

.style10 {font-size: 24; color: #660000; }

.style12 {padding: 0; margin: 0; width: 100%; line-height: 0; clear: both; color: #FF3333; }

.style13 {font-weight: bold}

.style14 {padding: 0; margin: 0; width: 100%; line-height: 0; clear: both; color: #FF3333;
font-weight: bold; }

.style15 {color: #660000}

-->

</style>

</head>

<body>

32
<div class="main">

<div class="header">

<div class="header_resize">

<div class="menu_nav">

<ul>

<li><a href="BuyerLogin.jsp"><span>Buyers Login</span></a></li>

</ul>

</div>

<div class="logo">

<h1 class="style1"><span class="style2"><a href="index.html">Analyzing and Detecting

Money-Laundering Accounts in Online Social Networks</a></span></h1>

</div>

<div class="clr style2"></div>

<div class="slider style2">

<div id="coin-slider"> <a href="#"><img src="images/slide1.jpg" width="970"

height="305" alt="" /> </a> <a href="#"><img src="images/slide2.jpg" width="970"
height="305" alt="" /> </a> <a href="#"><img src="images/slide3.jpg" width="970"
height="305" alt="" /> </a> </div>

</div>

<div class="clr style2"></div>

</div>

33
 </div>

<div class="content style2">

<div class="content_resize">

<div class="mainbar">

<div class="article">

<h2>Search Products..</h2>

<div class="post_content">

<p>&nbsp;</p>

<form action="B_SearchProducts.jsp" method="post" id="leavereply">

<p>&nbsp;</p>

<td width="174"><div align="center" class="style3">

<div align="right" class="style12">

<div align="center" class="style82 style8"><b>Enter Keyword</b></div>

</div>

</div></td>

<td width="152"><div align="left">

<input type="text" name="keyword" />

34
 </div></td>

<td width="155"><input name="submit" type="submit" style="width:50px;

height:25px;" value="GO"/></td>

</tr>

<tr>

<td colspan="3"><div class="style2">

<div align="center" class="style13 style78 style9"> ( searching content

Based on Product Description)</div>

</div></td>

</tr>

</table>

<p class="style44">&nbsp;</p>

<p align="left"><a href="BuyerMain.jsp" class="style11">Back</a></p>

</form>

</div>

<div class="clr"></div>

</div>

<p>
<%

35
 String
input="",l_Input="",p_Name="",p_Desc="",p_Desc1="",p_Price="",p_Category="",site=""
;

int i=0,j=0,k=0,a1=0,rank=0;

try

String buyer = (String)application.getAttribute("bname");

input= request.getParameter("keyword");
if(!input.equals(""))
{

l_Input = input.toLowerCase();

SimpleDateFormat sdfDate = new SimpleDateFormat("dd/MM/yyyy");

SimpleDateFormat sdfTime = new SimpleDateFormat("HH:mm:ss");

Date now = new Date();

String strDate = sdfDate.format(now);

String strTime = sdfTime.format(now);

String dt = strDate + " " + strTime;

36
String str = "select * from products where p_np!="+0+"";

Statement st=connection.createStatement();

ResultSet rs = st.executeQuery(str); while(rs.next())

{ p_Name = rs.getString(3);
p_Price = rs.getString(9);
p_Category = rs.getString(2);
p_Desc = rs.getString(5); rank =
rs.getInt(13); site = rs.getString(14);
p_Desc1 = p_Desc.toLowerCase();
if
(p_Desc1.indexOf(l_Input)>=0)
{

String str4 = "insert into productsearch (buyer,p_name,category,keyword,dt)

values('"+buyer+"','"+p_Name+"','"+p_Category+"','"+input+"','"+dt+"')";
connection.createStatement().executeUpdate(str4); if(a1==0) {

%>

</p>

<p>&nbsp;</p>

<table width="506" border="1" align="center">

<tr>

<td colspan="4" align="center" class="style10">Results Found in Products</td>

</tr>

<tr>

37
<td width="130" height="28" align="center" valign="middle"><span
class="style14">Product Name </span></td>

<td width="192" align="center" valign="middle"><span class="style14">Product

Price</span></td>

</tr>

<%}a1=1;%>

<tr>

<td height="55" align="center" valign="middle"><div align="center"

class="style5"><b><%=p_Name%></b></div></td>

<td height="55" align="center" valign="middle"><div align="center"

class="style5"><b><%=p_Price%></b></div></td>

<td width="97" height="55"><div align="center">

<p class="style50"><a

href="B_SearchProductsDetails.jsp?p_Name=<%=p_Name%>&amp;keyword=<%=l_Inpu
t%>&amp;p_Category=<%=p_Category%>&amp;rank=<%=rank%>&amp;site=<%=site
%>" class="style56 style30 style15"><b>View Details</b></a></p>

</div></td>

</tr>

<% }

}%>

38
</table> <blockquote>

<p class="style72">

<%

} else{
%>

</p>

<h3 align="center" class="style66 style72 style48">&nbsp;</h3>

<h3 align="center" class="style66 style72 style48 style5 style6">Please Enter

Correct Keyword!!</h3>

<%

} } catch(Exception
e)
{

e.printStackTrace();

%>

</p></blockquote>

</div>

<div class="style3"></div>

</div>

39
 </div>

<div class="sidebar">

<div class="searchform">

<form id="formsearch" name="formsearch" method="post" action="#">

<input name="editbox_search" class="editbox_search" id="editbox_search"

maxlength="80" value="Search our ste:" type="text" />

<input name="button_search" src="images/search.gif" class="button_search"

type="image" />

</form>

</div>

<div class="style3"></div>

<div class="gadget">

<h2 class="star">Sidebar Menu</h2>

<div class="style3"></div>

<ul class="sb_menu">

<li><a href="BuyerMain.jsp">Home</a></li>

<li><a href="BuyerLogin.jsp">Logout</a></li>

</ul>

</div>

</div>

40
 <div class="style3"></div>

</div>

</div>

<div class="fbg style2"></div>

<div class="footer style2">

<div class="footer_resize">

<div style="clear:both;"></div>

<div align=center class="style2"></div>

</body>

</html>

41
 7. SYSTEM TESTING

The purpose of testing is to discover errors. Testing is the process of trying to discover
every conceivable fault or weakness in a work product. It provides a way to check the
functionality of components, sub assemblies, assemblies and/or a finished product It is the
process of exercising software with the intent of ensuring that the

Software system meets its requirements and user expectations and does not fail in an
unacceptable manner. There are various types of test. Each test type addresses a specific
testing requirement.

7.1 TYPES OF TESTS

Unit testing
Unit testing involves the design of test cases that validate that the internal program
logic is functioning properly, and that program inputs produce valid outputs. All decision
branches and internal code flow should be validated. It is the testing of individual software
units of the application .it is done after the completion of an individual unit before integration.
This is a structural testing, that relies on knowledge of its construction and is invasive. Unit
tests perform basic tests at component level and test a specific business process, application,
and/or system configuration. Unit tests ensure that each unique path of a business process
performs accurately to the documented specifications and contains clearly defined inputs and
expected results.

Integration testing
Integration tests are designed to test integrated software components to determine if they
actually run as one program. Testing is event driven and is more concerned with the basic
outcome of screens or fields. Integration tests demonstrate that although the components were
individually satisfaction, as shown by successfully unit testing, the combination of
components is correct and consistent. Integration testing is specifically aimed at exposing the
problems that arise from the combination of components.

42
Functional test
Functional tests provide systematic demonstrations that functions tested are available as
specified by the business and technical requirements, system documentation, and user manuals.

Functional testing is centered on the following items:

Valid Input : identified classes of valid input must be accepted.

Invalid Input : identified classes of invalid input must be rejected.

Functions : identified functions must be exercised.

Output : identified classes of application outputs must be exercised.

Systems/Procedures: interfacing systems or procedures must be invoked.

Organization and preparation of functional tests is focused on requirements, key functions,

or special test cases. In addition, systematic coverage pertaining to identify Business process
flows; data fields, predefined processes, and successive processes must be considered for
testing. Before functional testing is complete, additional tests are identified and the effective
value of current tests is determined.

System Test
System testing ensures that the entire integrated software system meets requirements. It
tests a configuration to ensure known and predictable results. An example of system testing
is the configuration oriented system integration test. System testing is based on process
descriptions and flows, emphasizing pre-driven process links and integration points.

White Box Testing

White Box Testing is a testing in which in which the software tester has knowledge of
the inner workings, structure and language of the software, or at least its purpose. It is
purpose. It is used to test areas that cannot be reached from a black box level.

Black Box Testing

Black Box Testing is testing the software without any knowledge of the inner workings,
structure or language of the module being tested. Black box tests, as most other kinds of tests,
must be written from a definitive source document, such as specification or requirements
document, such as specification or requirements document.
43
Unit Testing:

Unit testing is usually conducted as part of a combined code and unit test phase of the
software lifecycle, although it is not uncommon for coding and unit testing to be conducted
as two distinct phases.

7.2. TEST STRATEGY AND APPROACH

Field testing will be performed manually and functional tests will be written in detail.

Test objectives

• All field entries must work properly.

• Pages must be activated from the identified link.

• The entry screen, messages and responses must not be delayed.

Features to be tested

• Verify that the entries are of the correct format

• No duplicate entries should be allowed

• All links should take the user to the correct page.

Integration Testing
Software integration testing is the incremental integration testing of two or more
integrated software components on a single platform to produce failures caused by interface
defects.

The task of the integration test is to check that components or software applications,
e.g. components in a software system or – one step up – software applications at the company
level – interact without error.

Test Results: All the test cases mentioned above passed successfully.
No defects encountered.

44
7.3 ACCEPTANCE TESTING

User Acceptance Testing is a critical phase of any project and requires significant
participation by the end user. It also ensures that the system meets the functional
requirements.

45
 8. OUTPUT SCREENS
Home Page : Figure:8.1

Social Network Login Page : Figure:8.2

46
Social Network Home Page: Figure:8.3

View all Buyers & Authorize: Figure:8.4

47
View All Ecommerce Users & Authorize : Figure:8.5

View All Products : Figure:8.6

48
Product Review Details : Figure:8.7

View All Purchased Products : Figure 8.8

View All Money Laundering Accounts: Figure:8.9

49
User Registration : Figure:8.10

Ecommerce User Login Page : Figure:8.11

50
51
 9. CONCLUSION

This article presents the analysis and detection method of money-laundering accounts in
OSNs. We analyzed and compared the behaviors of both malicious and benign accounts from
three perspectives including 1) the account viability, 2) the transaction sequences, and 3)
spatial correlation among accounts. We designed a collection of 54 features to systematically
characterize the behaviors of benign accounts and malicious accounts. Experimental results
based on labeled data collected from Tencent QQ, a global leading OSN, demonstrated that
the proposed method achieved high detection rates and very low false positive rates.

52
 BIBLIOGRAPHY

[1] Y. Wang and S. D. Mainwaring, “Human-currency interaction: learning from virtual

currency use in China,” in Proceedings of the SIGCHI Conference on Human Factors
in Computing Systems. ACM, 2008, pp. 25–28.

[2] Y. Zhou, D. Kim, J. Zhang, et al., “ProGuard: Detecting Malicious Accounts in

SocialNetwork-Based Online Promotions,” IEEE Access, vol. 5, 2017, pp. 1990-
1999.

[3] F. Wu, J. Shu, Y. Huang, and Z. Yuan, “Social spammer and spam message
codetection in microblogging with social context regularization,” in Proceedings of
the 24th ACM International on Conference on Information and Knowledge
Management. ACM, 2015, pp. 1601–1610.

[4] L. Wu, X. Hu, F. Morstatter, et al., “Adaptive Spammer Detection with Sparse Group
Modeling,” in Proceedings of the 11th International AAAI Conference on Web and
Social Media. AAAI, 2017, pp. 319-326.

[5] S. Fakhraei, J. Foulds, M. Shashanka, and L. Getoor, “Collective spammer detection

in evolving multi-relational social networks,” in Proceedings of the 21th ACM
SIGKDD International Conference on Knowledge Discovery and Data Mining.
ACM, 2015, pp. 1769– 1778.

[6] F. Hao, X. Xing, R. Yong, et al., “Robust Spammer Detection in Microblogs:

Leveraging User Carefulness,” ACM Transactions on Intelligent Systems and
Technology, vol. 8, no. 6, 2017, pp. 83:1-83:31.

[7] G. K. Palshikar, “Detecting Frauds and Money Laundering: A Tutorial,” in

Proceedings of the International Conference on Big Data Analytics. Springer, 2014,
pp. 145160.

53
[8] R. Dreżewski, J. Sepielak and W. Filipkowski, “The application of social network
analysis algorithms in a system supporting money laundering detection,” Information
Sciences, vol. 295, 2015, pp. 18-32.

[9] E. L. Paula, M. Ladeira, R. N. Carvalho and T. Marzagão, “Deep Learning Anomaly

Detection as Support Fraud Investigation in Brazilian Exports and

Anti-Money Laundering,” 2016 15th IEEE International Conference on Machine Learning and
Applications (ICMLA), Anaheim, CA, 2016, pp. 954960.

10] A. F. Colladon and E. Remondi, “Using social network analysis to prevent money
laundering,” Expert Systems with Applications, vol. 67, 2017, pp. 4958.

[11] J. Pei, J. Han, B. Mortazavi-Asl, et al., “Mining sequential patterns by pattern-growth:

The prefixspan approach”, IEEE Transactions on knowledge and data engineering, vol. 16,
no. 11, 2004, pp. 1424-1440. [12] M. E. J. Newman, “Communities, modules and large-scale
structure in networks ,” Nature Physics , vol. 8, no. 1, 2012, pp. 25-31.

[13] R. Li, L. Qin, J. X. Yu, et al., “Finding influential communities in massive networks,” The
VLDB Journal, 2017.

[14] S. Rogers, M. Girolami, A first course in machine learning. CRC Press, 2016. [15] J.
Han, M. Kamber, and J. Pei, Data mining: concepts and techniques. Elsevier, 2011.

[15] J. Han, M. Kamber, and J. Pei, Data mining: concepts and techniques.

Elsevier, 2011.

54