Transcript Alert Management System - Networked Software Systems Laboratory

Alert Management System
By:
 Christopher Galinski
 Uri Soloveychik
Mentor:
 Zeev Schneider
For:
Software Systems Lab in the faculty of Electrical
Engineering, Technion-IIT.
 Project Presentation
AMS
In this presentation:
 The motivation for this project
 System architecture
 A bit about the code used
 Problems and solutions
 Demonstration
 What it took and what it gave
Common threats




Fire
Tsunami
Conventional attack
Non-conventional attack
Siren
o May not be heard
o Not informative
AMS
 Applicable anywhere, where
there are computers
 Delivers sound alerts
 Delivers text alerts and
instructions
 Hard to disable
 Uses existing infrastructure
AMS – Cont’d
AMS client:
 Win32 Service
 Performs WMI
queries using WQL
 Windows XP, 2000,
NT
 Installed on every
PC in a LAN
AMS manager:
 Java application
 Communicates with
clients over
TCP/UDP
 Multiple networks
 Java machine
required
 One per system
Architecture (high level)
Client 1
TCP/UDP
sockets
Alerting and gathering information
Win
serviuce
System configuration queries
Client i
JVM
Manager
Client N
WMI
Development setup and tools
 Local Area Network (LAN) of WinXP
machines.
 Eclipse Ganymede (Manager)
 MS Visual Studio 2008 (Client)
Technologies
Client
 C++
 WinAPI
 Win32 Service
 WMI\WQL
 MSI
Manager
 Java
 Socket API
 Multithreading
 GUI (Swing)
Problems and solutions
 Work coordination  Textual application protocol
 Changing IPs –
 UDP broadcast scan
 Win32 Service debugging –
 Using alternative data output methods:
beeps, extensive logging…
Design review results
 Proposed design:
 Using “built-in” NetSend windows
service
 Remote WMI based control
 Rejected for the sake of client based
design
 Flexibility, extensibility
 No need in authorization infrastructure
(but also a security potential hole…)
Client -modules
 C style modules
 Linked into
executable which
provides Windows
Service required
interface
cd Logical Model
WndServ ice
Serv iceActions
WmiQueriesMng
Socket
Logger
Manager -important classes
Message
MessageText
GUI classes
1
GroupMenu
1
«extends»
Display
Global
1
111
1
Grouping
*
1
TCPSession
GroupView
«uses»
Subscriber
«uses»
1
«uses»
WMISession
AboutDialog
«uses»
*
1
UDPBroadcast
AddGrou
*
1
*
1
UDPMonitor
Client installation
 Download the AmsSetup.msi file
 Double click on it
 Next and confirm until it finishes
Manager setup
 Download the AlertManager.jar file
 Double click on it
Let’s have a demonstration
Relevant courses
 Introduction to Computer Networks 236334
 Internet Networking-236341
 Managing Data on the WWW-236607
 Introduction to Software Systems
Design - 044101
Goals achieved
C++/Java application
Network application
Easy to install, transparent to user
Informative – free text message
Free WQL query, requires no client
update
 It really works





Benefits
 Improved our design/programming
skills
 Team working
 Technologies





Java/Swing
WinApi/WinService
TCP/IP
MSI
WMI/WQL
AMS v2.0





Security
Authentication
Challenge response protocol
Tests for robustness
Stress testing