private void ForgotPassword3NextButton_Click(object sender, RoutedEventArgs e) { string selected_ForgotPasswordCode = UserModel.UserModel.twoFAcode; UserModel.UserModel cm = UserModel.UserModel._currentUserModel; string userID = cm.userID; Console.WriteLine(userID + "TEICJASMCA"); if (ForgotPasswordCodeTextBox.Text == selected_ForgotPasswordCode) { MessageBox.Show("Correct!"); string date = AlgorithmLibary.PredictionModel.getCurrentDate(); string loginTime = DateTime.Now.ToString("HH.mm"); string publicIP = PredictionModel.getCurrentPublicIP(); string publicMAC = PredictionModel.getCurrentMAC(); Console.WriteLine(publicMAC + "HELLO"); UserModel.UserModel.saveDateTimeOfUser(userID, connectionString, loginTime, date, publicIP, publicMAC); string exist = UserModel.UserModel.checkFollowUp(userID, connectionString); SqlConnection con; SqlCommand cmd; string riskLevelStatement = null; riskLevelStatement = "Low"; con = new SqlConnection(connectionString); try { string connectionString = conSettings.ConnectionString; con = new SqlConnection(connectionString); con.Open(); cmd = new SqlCommand("DELETE FROM [dbo].[FailedAttempt] where UserID = '" + userID + "'", con); cmd.ExecuteNonQuery(); } catch (Exception ex) { System.Windows.MessageBox.Show(ex.Message); } finally { con.Close(); } if (exist != null) { UserModel.UserModel.updateFollowUp(userID, connectionString, "False"); //Navigate to Chester page //Page cloud = new StartupPage(); //this.NavigationService.Navigate(cloud); } else { UserModel.UserModel.saveFollowUp(userID, connectionString, "False"); //Navigate To chester page //Page cloud = new StartupPage(); //this.NavigationService.Navigate(cloud); } PredictionModel.SessionRiskValue = riskLevelStatement; UserModel.UserModel.twoFASucceed = true; } else { MessageBox.Show("Invalid code! Please Try Again"); counter++; if (counter > 3) { MessageBox.Show("More than 3 Failed attempts! Account will be locked now!"); string exist = UserModel.UserModel.checkFollowUp(userID, connectionString); UserModel.UserModel.deleteDateTimeOfUser(userID, connectionString, loginTime, date); if (exist != null) { UserModel.UserModel.updateFollowUp(userID, connectionString, "True"); } else { UserModel.UserModel.saveFollowUp(userID, connectionString, "True"); } counter = 0; UserModel.UserModel.twoFASucceed = false; } } }
private void ButtonNext_Click(object sender, RoutedEventArgs e) { PasswordTextBox.Password = GetSha512FromString(PasswordTextBox.Password); //MessageBox.Show(PasswordTextBox.Password); try { con = new SqlConnection(connectionString); con.Open(); cmd = new SqlCommand("select * from [dbo].[test] where UserID = '" + UserIDTextBox.Text + "' and Password = '******'", con); reader = cmd.ExecuteReader(); int count = 0; while (reader.Read()) { count += 1; Console.WriteLine(" | UserID : " + reader.GetString(0) + " | Password : "******" | Name : " + reader.GetString(2) + " | Email : " + reader.GetString(3) + " | ContactNo : " + reader.GetString(4)); } if (count == 1) { string userID = UserIDTextBox.Text; string[][] userList = checkUserEligibility(userID, connectionString); UserModel.UserModel.currentUserID = userID; string currentUser = UserModel.UserModel.currentUserID; //MessageBox.Show(currentUser + "is thios"); UserModel.UserModel um = UserModel.UserModel.retrieveUserFromDatabase(currentUser); Console.WriteLine(um.userPassword); string checkForFollowUp = UserModel.UserModel.checkFollowUp(userID, connectionString); (App.Current as App).LoginUserID = UserIDTextBox.Text; try { con = new SqlConnection(connectionString); con.Open(); cmd = new SqlCommand("select count(*) from [dbo].[FailedAttempt] where UserID = '" + UserIDTextBox.Text + "'", con); Int32 noOfFailedLoginAttempt = (Int32)cmd.ExecuteScalar(); //MessageBox.Show(noOfFailedLoginAttempt.ToString() + " unsuccessful login attempt(s)"); if (noOfFailedLoginAttempt > 3) { MessageBox.Show("Account is locked , please complete TWO FA"); string subject = "Authentication Message"; string subjectBody = "Authentication Code is "; UserModel.UserModel cm = UserModel.UserModel.currentUserModel; string email = cm.userEmail; UserModel.UserModel.do2fa(subject, subjectBody, email); Page authentication1 = new Authentication1(); this.NavigationService.Navigate(authentication1); } else { if (checkForFollowUp == "True") { //MessageBox.Show("Account is locked , please complete TWO FA"); string subject = "Authentication Message"; string subjectBody = "Authentication Code is "; UserModel.UserModel cm = UserModel.UserModel.currentUserModel; string email = cm.userEmail; UserModel.UserModel.do2fa(subject, subjectBody, email); Page authentication = new Authentication(); this.NavigationService.Navigate(authentication); } else { //MessageBox.Show("Account not locked."); if (userList.Count() < 30) { string date = AlgorithmLibary.PredictionModel.getCurrentDate(); string loginTime = DateTime.Now.ToString("HH.mm"); string publicIP = PredictionModel.getCurrentPublicIP(); string publicMAC = PredictionModel.getCurrentMAC(); string userLogInPreference = getUserLogInPreference(userID, connectionString); string userComputerPreference = getUserComputerPreference(userID, connectionString); //The method below is supposed to read from the database all the entries of hostname for this specific user string[] currentHostnameSet = getUserHostNameSet(userID, connectionString); foreach (var element in currentHostnameSet) { Console.WriteLine(element + "JADSjc"); } //string[] currentHostnameSet = //{ // "JUSTINSOH-PC", // "JUSTINSOH-PC", // "JUSTINSOH-PC", // "JUSTINSOH-PCC", // "JUSTINSOH-PCC", // "JUSTINSOH-PCC", //}; double logInRisk = evaulateUserLogInString(userLogInPreference, loginTime); double userHostRisk = evaulateUserComputerPreference(userComputerPreference, currentHostnameSet); logInRisk = logInRisk * 0.3; userHostRisk = userHostRisk * 0.7; double totalRisk = logInRisk + userHostRisk; Console.WriteLine(userHostRisk + " HOSTNAME"); Console.WriteLine(logInRisk + "LOG IN RISK"); Console.WriteLine(totalRisk); string riskStatement = null; string riskStatementLevel = null; if (totalRisk <= 0.4) { riskStatementLevel = "Low"; riskStatement = "The risk level is low"; UserModel.UserModel.saveDateTimeOfUser(userID, connectionString, loginTime, date, publicIP, publicMAC); Page cloud = new StartupPage(); this.NavigationService.Navigate(cloud); } // Removing access control and giving access control else if (totalRisk <= 0.70) { riskStatementLevel = "Medium"; riskStatement = "The risk level is medium"; Page cloud = new StartupPage(); UserModel.UserModel.saveDateTimeOfUser(userID, connectionString, loginTime, date, publicIP, publicMAC); //MessageBox.Show("Entry Saved"); //UserModel.UserModel.deleteDateTimeOfUser(userID, connectionString, loginTime, date); //MessageBox.Show("Entry Deleted"); this.NavigationService.Navigate(cloud); //Remove Access Control } //Instantly Re authenticate else if (totalRisk > 0.70) { riskStatementLevel = "High"; riskStatement = "The risk level is high"; string subject = "Authentication Message"; string subjectBody = "Authentication Code is "; UserModel.UserModel cm = UserModel.UserModel.currentUserModel; Console.WriteLine(cm.userName + "Hellolols"); string email = cm.userEmail; UserModel.UserModel.do2fa(subject, subjectBody, email); Page authentication = new Authentication(); this.NavigationService.Navigate(authentication); MessageBox.Show("2FA has been sent to your email"); } PredictionModel.SessionRiskValue = riskStatementLevel; Console.WriteLine(riskStatement); MessageBox.Show(riskStatement); } else if (userList.Count() >= 30) { //Run the login prediction string date = AlgorithmLibary.PredictionModel.getCurrentDate(); string loginTime = DateTime.Now.ToString("HH.mm"); string publicIP = PredictionModel.getCurrentPublicIP(); string publicMAC = PredictionModel.getCurrentMAC(); string[][] logInCollection = getUserLogInData(userID, connectionString); double testTime = Convert.ToDouble(loginTime); double testDay = Convert.ToDouble(date); PredictionModel logInPredictionModel = new PredictionModel(testTime, testDay, logInCollection); string logInRiskLevel = logInPredictionModel.logInRisk; string logInOutput = logInPredictionModel.logInOutput; Console.WriteLine(logInOutput); Console.WriteLine("The risk level is " + logInRiskLevel); string[][] ipAddressCollection = getUserIPAddressCollection(userID, connectionString); Console.Write(ipAddressCollection.Count()); string[] query = new string[] { publicIP, publicMAC, date }; PredictionModel ipPredictionModel = new PredictionModel(ipAddressCollection, query); string ipRisk = ipPredictionModel.ipRisk; string ipOutput = ipPredictionModel.ipOutput; Console.WriteLine(ipOutput); double logInPercentage = Convert.ToDouble(logInRiskLevel) / 5.0; double ipPercentage = Convert.ToDouble(ipRisk); logInPercentage = (logInPercentage / 100) * 30; ipPercentage = (ipPercentage / 100) * 70; double riskLevel = logInPercentage + ipPercentage; Console.WriteLine(logInPercentage); Console.WriteLine(ipRisk); Console.WriteLine(riskLevel); string riskStatement = null; string riskStatementLevel = null; //Can do anything if (riskLevel <= 0.4) { riskStatementLevel = "Low"; riskStatement = "The risk level is low"; UserModel.UserModel.saveDateTimeOfUser(userID, connectionString, loginTime, date, publicIP, publicMAC); //Navigate To Chester Page cloud = new StartupPage(); this.NavigationService.Navigate(cloud); } // Removing access control and giving access control else if (riskLevel <= 0.70) { riskStatementLevel = "Medium"; riskStatement = "The risk level is medium"; Page cloud = new StartupPage(); UserModel.UserModel.saveDateTimeOfUser(userID, connectionString, loginTime, date, publicIP, publicMAC); //MessageBox.Show("Entry Saved"); //UserModel.UserModel.deleteDateTimeOfUser(userID, connectionString, loginTime, date); //MessageBox.Show("Entry Deleted"); this.NavigationService.Navigate(cloud); //Remove Access Control } //Instantly Re authenticate else if (riskLevel > 0.70) { riskStatementLevel = "High"; riskStatement = "The risk level is high"; //Do 2FA string subject = "Authentication Message"; string subjectBody = "Authentication Code is "; UserModel.UserModel cm = UserModel.UserModel.currentUserModel; string email = cm.userEmail; UserModel.UserModel.do2fa(subject, subjectBody, email); Page authentication = new Authentication(); this.NavigationService.Navigate(authentication); MessageBox.Show("2FA has been sent to your email"); } PredictionModel.SessionRiskValue = riskStatementLevel; Console.WriteLine("The current Risk Level is " + riskLevel); Console.WriteLine(riskStatement); MessageBox.Show(riskStatement); } } (App.Current as App).LoginUserID = UserIDTextBox.Text; //MessageBox.Show("Successful Login."); //this.NavigationService.Navigate(new Uri(@"EditUserInfo.xaml", UriKind.RelativeOrAbsolute)); } } catch (Exception ex) { System.Windows.MessageBox.Show(ex.Message); } finally { con.Close(); } } else { MessageBox.Show("Invalid user id or password."); try { con = new SqlConnection(connectionString); con.Open(); cmd = new SqlCommand("select * from [dbo].[test] where UserID = '" + UserIDTextBox.Text + "'", con); reader = cmd.ExecuteReader(); int countt = 0; while (reader.Read()) { countt += 1; } if (countt == 1) { try { con = new SqlConnection(connectionString); con.Open(); cmd = new SqlCommand("INSERT INTO[dbo].[FailedAttempt](UserID, Date) VALUES (@UserID, @Date)", con); cmd.Parameters.AddWithValue("@UserID", UserIDTextBox.Text); cmd.Parameters.AddWithValue("@Date", DateTime.Now.ToShortDateString()); cmd.ExecuteNonQuery(); try { con = new SqlConnection(connectionString); con.Open(); cmd = new SqlCommand("select count(*) from [dbo].[FailedAttempt] where UserID = '" + UserIDTextBox.Text + "'", con); Int32 noOfFailedLoginAttempt = (Int32)cmd.ExecuteScalar(); MessageBox.Show(noOfFailedLoginAttempt.ToString() + " unsuccessful login attempt(s)"); } catch (Exception ex) { System.Windows.MessageBox.Show(ex.Message); } finally { con.Close(); } } catch (Exception ex) { System.Windows.MessageBox.Show(ex.Message); } finally { con.Close(); } } } catch (Exception ex) { System.Windows.MessageBox.Show(ex.Message); } finally { con.Close(); } } UserIDTextBox.Clear(); PasswordTextBox.Clear(); } catch (Exception ex) { System.Windows.MessageBox.Show(ex.Message); } finally { con.Close(); } }
static void Main(string[] args) { String allText = System.IO.File.ReadAllText(@"../../TextFile1.txt"); string[][] logInCollection = PredictionModel.readFromFile(allText); double testTime = 24; double testDay = 3; PredictionModel logInPredictionModel = new PredictionModel(testTime, testDay, logInCollection); string logInRiskLevel = logInPredictionModel.logInRisk; string logInOutput = logInPredictionModel.logInOutput; Console.WriteLine(logInOutput); Console.WriteLine("The risk level is " + logInRiskLevel); string currentPublicIP = PredictionModel.getCurrentPublicIP(); string currentpubliclocation = PredictionModel.getCurrentPublicIPLocation(currentPublicIP); string macAddress = PredictionModel.getCurrentMAC(); string date = PredictionModel.getCurrentDate(); string[][] ipAddressCollection = { new string[] { "131.23.244.105", "C00008", "4" }, new string[] { "131.23.244.105", "C00008", "4" }, new string[] { "147.120.34.99", "C00008", "1" }, new string[] { "131.23.244.105", "D00008", "3" }, new string[] { currentPublicIP, "D8000", "4" }, new string[] { currentPublicIP, macAddress, date }, new string[] { currentPublicIP, macAddress, date }, new string[] { "151.23.244.105", "C000324", date } }; //string[] query = new string[] { "1311.23.244.105", "C0000008", date}; //string[] query = new string[] { currentPublicIP, macAddress, date }; string[] query = new string[] { "151.23.244.105", "C000324", date }; PredictionModel ipPredictionModel = new PredictionModel(ipAddressCollection, query); string ipRisk = ipPredictionModel.ipRisk; string ipOutput = ipPredictionModel.ipOutput; Console.WriteLine(ipOutput); double logInPercentage = Convert.ToDouble(logInRiskLevel) / 5.0; double ipPercentage = Convert.ToDouble(ipRisk); logInPercentage = (logInPercentage / 100) * 30; ipPercentage = (ipPercentage / 100) * 70; double riskLevel = logInPercentage + ipPercentage; Console.WriteLine(logInPercentage); Console.WriteLine(ipRisk); Console.WriteLine(riskLevel); string riskStatement = null; //Can do anything if (riskLevel <= 0.4) { riskStatement = "The risk level is low"; } // Removing access control and giving access control else if (riskLevel <= 0.70) { riskStatement = "The risk level is medium"; } //Instantly Re authenticate else if (riskLevel > 0.70) { riskStatement = "The risk level is high"; } Console.WriteLine(riskStatement); //string fileName = @"../../../../testing/IPPrediction.py"; //Process p = new Process(); //p.StartInfo = new ProcessStartInfo(@"../../../../../../../../Anaconda/python.exe", fileName) //{ // RedirectStandardOutput = true, // UseShellExecute = false, // CreateNoWindow = true //}; //p.Start(); //string output = p.StandardOutput.ReadToEnd(); //Console.WriteLine(output); //string currentPublicIP = PredictionModel.getCurrentPublicIP(); //string currentPublicLocation = PredictionModel.getCurrentPublicIPLocation(currentPublicIP); //Console.WriteLine(currentPublicIP + " is at " + currentPublicLocation); //string localIP = getCurrentPrivateIP(); //string macAddress = getCurrentMAC(localIP); //Console.WriteLine(macAddress); //string date = getCurrentDate(); //string[][] ipAddressCollection = //{ // new string [] {"131.23.244.105","C00008" , "4"} , // new string [] {"131.23.244.105", "C00008" , "4"} , // new string [] { "147.120.34.99", "C00008" , "1"} , // new string [] { "131.23.244.105", "D00008" , "3"}, // new string [] { localIP , "D8000" , "4"}, // new string [] { localIP , macAddress , date}, // new string [] { localIP , macAddress , date} //}; //string[] query = new string[] { localIP, macAddress , date}; //Dictionary<string, int> count = getCountNumber(ipAddressCollection); //string[][] keyData = getValueArray(ipAddressCollection); //string[] queryKey = checkQueryData(query, ipAddressCollection); //Console.WriteLine(queryKey[0]); //Console.WriteLine("Convert a certain IP and MAC and DAY to key form : " + queryKey[0] + queryKey[1] + queryKey[2] + queryKey[3]); //string[] retrieveValue = new string[] { queryKey[0], queryKey[1], queryKey[2] }; //string[] retrievedDataValue = getKeyInformation(queryKey, ipAddressCollection); //Console.WriteLine("Convert Key to Info " + retrievedDataValue[0] + " " + retrievedDataValue[1] + " " + retrievedDataValue[2] + " " + retrievedDataValue[3]); //foreach (var element in keyData) //{ // Console.WriteLine(element[0] + element[1] + element[2] + element[3]); //} //foreach (var element in count) //{ // Console.WriteLine(element.Key + " = " + element.Value); //} //int counter = 0; //string[][] testingList = new string[keyData.Count()][]; //string[][] passList = new string[keyData.Count()][]; //foreach (var element in keyData) //{ // passList[counter] = new string[] { element[0], element[1], element[2], Convert.ToString(count.ElementAt(counter).Value) }; // string[] question = new string[] { element[0], element[1], element[2] }; // string[] data = getKeyInformation(question, ipAddressCollection); // testingList[counter] = new string[] { data[0], data[1], data[2], Convert.ToString(count.ElementAt(counter).Value) }; // counter++; //} //Console.WriteLine("PASSING IN PARAMETER LIST"); //Console.WriteLine("IP " + " MAC " + " DAY " + " COUNT "); //foreach (var element in passList) //{ // Console.WriteLine(element[0] + " " + element[1] + " " + element[2] + " " + element[3]); //} //Console.WriteLine("CHECKING THE LIST"); //foreach (var element in testingList) //{ // Console.WriteLine("IP is " + element[0] + " MAC Address " + element[1] + " Day of the week " + element[2] + " with a count of " + element[3]); //} }
//private void saveDateTimeOfUser(string userID, string connectionString, string loginTime, string date, string publicIP, string publicMAC) //{ // SqlConnection con; // SqlCommand cmd; // con = new SqlConnection(connectionString); // string currentHostname = System.Environment.MachineName.ToString(); // con.Open(); // try // { // cmd = new SqlCommand("INSERT INTO [dbo].[LogAnalysis] (UserID, LoginTime, LoginDate, IpAddress , MacAddress , hostname) VALUES (@UserID, @LoginTime, @LoginDate , @IPAddress , @MACAddress , @HostName)", con); // cmd.Parameters.AddWithValue("@UserID", userID); // cmd.Parameters.AddWithValue("@LoginTime", loginTime); // cmd.Parameters.AddWithValue("@LoginDate", date.ToString()); // cmd.Parameters.AddWithValue("@IPAddress", publicIP); // cmd.Parameters.AddWithValue("@MACAddress", publicMAC); // cmd.Parameters.AddWithValue("@HostName", currentHostname); // cmd.ExecuteNonQuery(); // } // catch (Exception ex) // { // Console.WriteLine(ex.Message); // } // finally // { // con.Close(); // } //} private void ForgotPassword3NextButton_Click(object sender, RoutedEventArgs e) { string selected_ForgotPasswordCode = UserModel.UserModel.twoFAcode; UserModel.UserModel cm = UserModel.UserModel._currentUserModel; string userID = cm.userID; if (ForgotPasswordCodeTextBox.Text == selected_ForgotPasswordCode) { MessageBox.Show("Correct!"); string date = AlgorithmLibary.PredictionModel.getCurrentDate(); string loginTime = DateTime.Now.ToString("HH.mm"); string publicIP = PredictionModel.getCurrentPublicIP(); string publicMAC = PredictionModel.getCurrentMAC(); Console.WriteLine(publicMAC + "HELLO"); string riskLevelStatement = "Low"; //Use the same class for saveDateTime Method - Justin Changed at 1:20 am on 6/8/2017 UserModel.UserModel.saveDateTimeOfUser(userID, connectionString, loginTime, date, publicIP, publicMAC); string exist = UserModel.UserModel.checkFollowUp(userID, connectionString); string selected_UserID = (App.Current as App).LoginUserID; try { string connectionString = conSettings.ConnectionString; con = new SqlConnection(connectionString); con.Open(); cmd = new SqlCommand("DELETE FROM [dbo].[FailedAttempt] where UserID = '" + selected_UserID + "'", con); cmd.ExecuteNonQuery(); } catch (Exception ex) { System.Windows.MessageBox.Show(ex.Message); } finally { con.Close(); } if (exist != null) { UserModel.UserModel.updateFollowUp(userID, connectionString, "False"); } else { UserModel.UserModel.saveFollowUp(userID, connectionString, "False"); } Page cloud = new StartupPage(); PredictionModel.SessionRiskValue = riskLevelStatement; this.NavigationService.Navigate(cloud); } else { MessageBox.Show("Invalid code! Please Try Again"); //Remove the statement below because it will conflict with my fe counter++; if (counter > 3) { MessageBox.Show("More than 3 attempts! Account will be locked now!"); string exist = UserModel.UserModel.checkFollowUp(userID, connectionString); if (exist != null) { UserModel.UserModel.updateFollowUp(userID, connectionString, "True"); } else { UserModel.UserModel.saveFollowUp(userID, connectionString, "True"); } Page LoginPage = new LoginPage(); this.NavigationService.Navigate(LoginPage); } } }