Advances in Computing and Communications, Part IV - ACC 2011

Communications in Computer and Information Science

193

Ajith Abraham Jaime Lloret Mauri John F. Buford Junichi Suzuki Sabu M. Thampi (Eds.)

Advances in Computing and Communications First International Conference, ACC 2011 Kochi, India, July 22-24, 2011 Proceedings, Part IV

13

Volume Editors Ajith Abraham Machine Intelligence Research Labs (MIR Labs) Auburn, WA, USA E-mail: [email protected] Jaime Lloret Mauri Polytechnic University of Valencia Valencia, Spain E-mail: [email protected] John F. Buford Avaya Labs Research Basking Ridge, NJ, USA E-mail: [email protected] Junichi Suzuki University of Massachusetts Boston, MA, USA E-mail: [email protected] Sabu M. Thampi Rajagiri School of Engineering and Technology Kochi, India E-mail: [email protected]

ISSN 1865-0929 e-ISSN 1865-0937 e-ISBN 978-3-642-22726-4 ISBN 978-3-642-22725-7 DOI 10.1007/978-3-642-22726-4 Springer Heidelberg Dordrecht London New York Library of Congress Control Number: Applied for CR Subject Classification (1998): C.2, H.4, I.2, H.3, D.2, J.1, K.6.5

© Springer-Verlag Berlin Heidelberg 2011 This work is subject to copyright. All rights are reserved, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, re-use of illustrations, recitation, broadcasting, reproduction on microfilms or in any other way, and storage in data banks. Duplication of this publication or parts thereof is permitted only under the provisions of the German Copyright Law of September 9, 1965, in its current version, and permission for use must always be obtained from Springer. Violations are liable to prosecution under the German Copyright Law. The use of general descriptive names, registered names, trademarks, etc. in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective laws and regulations and therefore free for general use. Typesetting: Camera-ready by author, data conversion by Scientific Publishing Services, Chennai, India Printed on acid-free paper Springer is part of Springer Science+Business Media (www.springer.com)

Preface

The First International Conference on Advances in Computing and Communications (ACC 2011) was held in Kochi during July 22–24, 2011. ACC 2011 was organized by Rajagiri School of Engineering & Technology (RSET) in association with the Association of Computing Machinery (ACM)- SIGWEB, Machine Intelligence Research Labs (MIR Labs), International Society for Computers and Their Applications, Inc. (ISCA), All India Council for Technical Education (AICTE), Indira Gandhi National Open University (IGNOU), Kerala State Council for Science, Technology and Environment (KSCSTE), Computer Society of India (CSI)- Div IV and Cochin Chapter, The Institution of Electronics and Telecommunication Engineers (IETE), The Institution of Engineers (India) and Project Management Institute (PMI),Trivandrum, Kerala Chapter. Established in 2001, RSET is a premier professional institution striving for holistic excellence in education to mould young, vibrant engineers. ACC 2011 was a three-day conference which provided an opportunity to bring together students, researchers and practitioners from both academia and industry. ACC 2011 was focused on advances in computing and communications and it attracted many local and international delegates, presenting a balanced mixture of intellects from the East and from the West. ACC 2011 received 592 research papers from 38 countries including Albania, Algeria, Bangladesh, Brazil, Canada, Colombia, Cyprus, Czech Republic, Denmark, Ecuador, Egypt, France, Germany, India, Indonesia, Iran, Ireland, Italy, Korea, Kuwait, Malaysia, Morocco, New Zealand, P.R. China, Pakistan, Rwanda, Saudi Arabia, Singapore, South Africa, Spain, Sri Lanka, Sweden, Taiwan, The Netherlands, Tunisia, UK, and USA. This clearly reflects the truly international stature of ACC 2011. All papers were rigorously reviewed internationally by an expert technical review committee comprising more than 300 members. The conference had a peerreviewed program of technical sessions, workshops, tutorials, and demonstration sessions. There were several people that deserve appreciation and gratitude for helping in the realization of this conference. We would like to thank the Program Committee members and additional reviewers for their hard work in reviewing papers carefully and rigorously. After careful discussions, the Program Committee selected 234 papers (acceptance rate: 39.53%) for presentation at the conference. We would also like to thank the authors for having revised their papers to address the comments and suggestions by the referees. The conference program was enriched by the outstanding invited talks by Ajith Abraham, Subir Saha, Narayan C. Debnath, Abhijit Mitra, K. Chandra Sekaran, K. Subramanian, Sudip Misra, K.R. Srivathsan, Jaydip Sen, Joyati Debnath and Junichi Suzuki. We believe that ACC 2011 delivered a high-quality, stimulating and enlightening technical program. The tutorials covered topics of

VI

Preface

great interest to the cyber forensics and cloud computing communities. The tutorial by Avinash Srinivasan provided an overview of the forensically important artifacts left behind on a MAC computer. In his tutorial on “Network Forensics,” Bhadran provided an introduction to network forensics, packet capture and analysis techniques, and a discussion on various RNA tools. The tutorial on Next-Generation Cloud Computing by Pethuru Raj focused on enabling technologies in cloud computing. The ACC 2011 conference program also included five workshops: International Workshop on Multimedia Streaming (MultiStreams 2011), Second International Workshop on Trust Management in P2P Systems (IWTMP2PS 2011), International Workshop on Cloud Computing: Architecture, Algorithms and Applications (CloudComp 2011), International Workshop on Identity: Security, Management and Applications (ID2011) and International Workshop on Applications of Signal Processing (I-WASP 2011). We thank all the workshop organizers as well as the Workshop Chair, El-Sayed El-Alfy, for their accomplishment to bring out prosperous workshops. We would like to express our gratitude to the Tutorial Chairs Patrick Seeling, Jaydeep Sen, K.S. Mathew, and Roksana Boreli and Demo Chairs Amitava Mukherjee, Bhadran V.K., and Janardhanan P.S. for their timely expertise in reviewing the proposals. Moreover, we thank Publication Chairs Pruet Boonma, Sajid Hussain and Hiroshi Wada for their kind help in editing the proceedings. The large participation in ACC2011 would not have been possible without the Publicity Co-chairs Victor Govindaswamy, Arun Saha and Biju Paul. The proceedings of ACC 2011 are organized into four volumes. We hope that you will find these proceedings to be a valuable resource in your professional, research, and educational activities whether you are a student, academic, researcher, or a practicing professional. July 2011

Ajith Abraham Jaime Lloret Mauri John F. Buford Junichi Suzuki Sabu M. Thampi

Organization

ACC 2011 was jointly organized by the Department of Computer Science and Engineering and Department of Information Technology, Rajagiri School of Engineering and Technology (RSET), Kochi, India, in cooperation with ACM/SIGWEB.

Organizing Committee Chief Patrons Fr. Jose Alex CMI Fr. Antony Kariyil CMI

Manager, RSET Director, RSET

Patron J. Isaac, Principal

RSET

Advisory Committee A. Krishna Menon A.C. Mathai Fr. Varghese Panthalookaran Karthikeyan Chittayil Vinod Kumar, P.B. Biju Abraham Narayamparambil Kuttyamma A.J. Asha Panicker K. Rajendra Varmah P.R. Madhava Panicker Liza Annie Joseph Varkey Philip Fr. Joel George Pullolil R. Ajayakumar Varma K. Poulose Jacob H.R. Mohan, Chairman Soman S.P., Chairman S. Radhakrishnan, Chairman

RSET RSET RSET RSET RSET RSET RSET RSET RSET RSET RSET RSET RSET KSCSTE Cochin University of Science & Technology Div IV, Computer Society of India (CSI) Computer Society of India (CSI), Cochin Chapter Kerala State Centre, The Institution of Engineers (India)

VIII

Organization

Steering Committee John F. Buford Rajkumar Buyya Mukesh Singhai John Strassner Junichi Suzuki Ramakrishna Kappagantu Achuthsankar S. Nair

Avaya Labs Research, USA University of Melbourne, Australia University of Kentucky, USA Pohang University of Science and Technology, Republic of Korea University of Massachusetts, Boston, USA IEEE India Council Centre for Bioinformatics, Trivandrum, India

Conference Chair Sabu M. Thampi

Rajagiri School of Engineering and Technology, India

ACC 2011 Program Committee Chairs General Co-chairs Ajith Abraham Chandra Sekaran K. Waleed W. Smari

Machine Intelligence Research Labs, Europe National Institute of Technology Karnataka, India University of Dayton, Ohio, USA

Program Co-chairs Jaime Lloret Mauri Thorsten Strufe Gregorio Martinez

Polytechnic University of Valencia, Spain Darmstadt University of Technology, Germany University of Murcia, Spain

Special Sessions and Workshops Co-chairs El-Sayed El-Alfy Silvio Bortoleto Tutorial Co-chairs Patrick Seeling Jaydeep Sen K.S. Mathew Roksana Boreli

King Fahd University of Petroleum and Minerals, Saudi Arabia Positivo University, Brazil

University of Wisconsin - Stevens Point, USA Tata Consultancy Services, Calcutta, India Rajagiri School of Engineering and Technology, India National ICT Australia Ltd., Australia

Organization

Demo Co-chairs Amitava Mukherjee Bhadran V.K. Janardhanan P.S.

IX

IBM Global Business Services, India Centre for Development of Advanced Computing, Trivandrum, India Rajagiri School of Engineering and Technology, India

Publicity Co-chairs Victor Govindaswamy Arun Saha Biju Paul

Publication Co-chairs Pruet Boonma Sajid Hussain Hiroshi Wada

Texas A&M University, USA Fujitsu Network Communications, USA Rajagiri School of Engineering and Technology, India

Chiang Mai University, Thailand Fisk University, USA University of New South Wales, Australia

ACC 2011 Technical Program Committee A. Hafid Abdallah Shami Abdelhafid Abouaissa Abdelmalik Bachir Abdelouahid Derhab Abhijit Mitra Ad˜ ao Silva Adel Ali Ahmed Mehaoua Ai-Chun Pang Ajay Gupta Alberto Dainotti Alessandro Leonardi Alex Galis Alexey Vinel Ali Abedi Alicia Trivi˜ no Cabrera Alireza Behbahani Alois Ferscha Al-Sakib Khan Pathan Amar Prakash Azad Amirhossein Alimohammad Amit Agarwal

Network Research Lab, University of Montreal, Canada The University of Western Ontario, Canada University of Haute Alsace, France Imperial College London, UK CERIST, Algeria Indian Institute of Technology Guwahati, India University of Aveiro, Portugal University Technology Malaysia University of Paris Descartes, France National Taiwan University, Taiwan Western Michigan University, USA University of Naples “Federico II”, Italy University of Catania, Italy University College London, UK Saint Petersburg Institute, Russia University of Maine, USA Universidad de M´ alaga, Spain University of California, Irvine, USA University of Linz, Austria International Islamic University, Malaysia INRIA, France University of Alberta, Canada Indian Institute of Technology, Roorkee, India

X

Organization

Amitava Mukherjee Anand Prasad Andreas Maeder Ankur Gupta Antonio Coronato Antonio Pescap´e Ant´ onio Rodrigues Anura P. Jayasumana Arnab Bhattacharya Arun Saha Arvind Swaminathan Ashley Thomas Ashraf Elnagar Ashraf Mahmoud Ashwani Singh Athanasios Vasilakos Atilio Gameiro Aydin Sezgin Ayman Assra Aytac Azgin B. Sundar Rajan Babu A.V. Babu B.V. Babu Raj E. Balagangadhar G. Bathula Borhanuddin Mohd. Ali Brijendra Kumar Joshi Bruno Crispo C.-F. Cheng Chang Wu Yu Charalampos Tsimenidis Chih-Cheng Tseng Chi-Hsiang Yeh Chitra Babu Chittaranjan Hota Chonho Lee Christian Callegari Christos Chrysoulas Chuan-Ching Sue Chung Shue Chen

IBM Global Business Services, India NEC Corporation, Japan NEC Laboratories Europe, Germany Model Institute of Engineering and Technology, India ICAR-CNR, Naples, Italy University of Naples Federico II, Italy IT / Instituto Superior T´ecnico, Portugal Colorado State University, USA Indian Institute of Technology, Kanpur, India Fujitsu Network Communications, USA Qualcomm, USA Secureworks Inc., USA Sharjah University, UAE KFUPM, Saudi Arabia Navtel Systems, France University of Western Macedonia, Greece Telecommunications Institute/Aveiro University, Portugal Ulm University, Germany McGill University, Canada Georgia Institute of Technology, USA Indian Institute of Science, India National Institute of Technology, Calicut, India BITS-Pilani, Rajasthan, India Sun College of Engineering and Technology, India Columbia University, USA Universiti Putra Malaysia Military College, Indore, India Universit` a di Trento, Italy National Chiao Tung University, Taiwan Chung Hua University, Taiwan Newcastle University, UK National Ilan University, Taiwan Queen’s University, Canada SSN College of Engineering, Chennai, India BITS Hyderabad Campus, India Nanyang Technological University, Singapore University of Pisa, Italy Technological Educational Institute, Greece National Cheng Kung University, Taiwan TREC, INRIA, France

Organization

Chun-I. Fan Chutima Prommak Dali Wei Danda B. Rawat Daniele Tarchi Davide Adami Deepak Garg Demin Wang Dennis Pfisterer Deyun Gao Dharma Agrawal Dhiman Barman Di Jin Dimitrios Katsaros Dimitrios Vergados Dirk Pesch Djamel Sadok Eduardo Cerqueira Eduardo Souto Edward Au Egemen Cetinkaya Elizabeth Sherly El-Sayed El-Alfy Emad A. Felemban Eric Renault Errol Lloyd Ertan Onur Faouzi Bader Faouzi Kamoun Fernando Velez Filipe Cardoso Florian Doetzer Francesco Quaglia Francine Krief Frank Yeong-Sung Lin Gianluigi Ferrari Giuseppe Ruggeri Grzegorz Danilewicz Guang-Hua Yang Guo Bin

XI

National Sun Yat-sen University, Taiwan Suranaree University of Technology, Thailand Jiangsu Tianze Infoindustry Company Ltd, P.R. China Old Dominion University, USA University of Bologna, Italy CNIT Pisa Research Unit, University of Pisa, Italy Thapar University, India Microsoft Inc., USA University of L¨ ubeck, Germany Beijing Jiaotong University, P.R. China University of Cincinnati, USA Juniper Networks, USA General Motors, USA University of Thessaly, Greece National Technical University of Athens, Greece Cork Institute of Technology, Ireland Federal University of Pernambuco, Brazil Federal University of Para (UFPA), Brazil Federal University of Amazonas, Brazil Huawei Technologies, P.R. China University of Kansas, USA IIITM-Kerala, India King Fahd University, Saudi Arabia Umm Al Qura University, Saudi Arabia TELECOM & Management SudParis, France University of Delaware, USA Delft University of Technology, The Netherlands CTTC, Spain WTS, UAE University of Beira Interior, Portugal ESTSetubal/Polytechnic Institute of Setubal, Portugal ASKON ConsultingGroup, Germany Sapienza Universit` a di Roma, Italy University of Bordeaux, France National Taiwan University, Taiwan University of Parma, Italy University “Mediterranea” of Reggio Calabria, Italy Poznan University of Technology, Poland The University of Hong Kong, Hong Kong Institut Telecom SudParis, France

XII

Organization

Hadi Otrok Hamid Mcheick Harry Skianis Hicham Khalife Himal Suraweera Hiroshi Wada Hong-Hsu Yen Hongli Xu Houcine Hassan Hsuan-Jung Su Huaiyu Dai Huey-Ing Liu Hung-Keng Pung Hung-Yu Wei Ian Glover Ian Wells Ibrahim Develi Ibrahim El rube Ibrahim Habib Ibrahim Korpeoglu Ilja Radusch Ilka Miloucheva Imad Elhajj Ivan Ganchev Iwan Adhicandra Jalel Ben-othman Jane-Hwa Huang Jaydeep Sen Jiankun Hu Jie Yang Jiping Xiong Jos´e de Souza Jose Moreira Ju Wang Juan-Carlos Cano Judith Kelner Julien Laganier Jussi Haapola K. Komathy Ka Lok Hung Ka Lok Man Kaddar Lamia Kainam Thomas

Khalifa University, UAE Universit´e du Qu´ebec `a Chicoutimi, Canada University of the Aegean, Greece ENSEIRB-LaBRI, France Singapore University of Technology and Design, Singapore University of New South Wales, Australia Shih-Hsin University, Taiwan University of Science and Technology of China, P.R. China Technical University of Valencia, Spain National Taiwan University, Taiwan NC State University, USA Fu-Jen Catholic University, Taiwan National University of Singapore NTU, Taiwan University of Strathclyde, UK Swansea Metropolitan University, UK Erciyes University, Turkey AAST, Egypt City University of New York, USA Bilkent University, Turkey Technische Universit¨at Berlin, Germany Media Technology Research, Germany American University of Beirut, Lebanon University of Limerick, Ireland The University of Pisa, Italy University of Versailles, France National Chi Nan University, Taiwan Tata Consultancy Services, Calcutta, India RMIT University, Australia Cisco Systems, USA Zhejiang Normal University of China Federal University of Cear´ a, Brazil IBM T.J. Watson Research Center, USA Virginia State University, USA Technical University of Valencia, Spain Federal University of Pernambuco, Brazil Juniper Networks Inc., USA University of Oulu, Finland Easwari Engineering College, Chennai, India The Hong Kong University, Hong Kong Xi’an Jiaotong-Liverpool University, China University of Versailles Saint Quentin, France Hong Kong Polytechnic University

Organization

Kais Mnif Kang Yong Lee Katia Bortoleto Kejie Lu Kemal Tepe Khalifa Hettak Khushboo Shah Kotecha K. Kpatcha Bayarou Kumar Padmanabh Kyriakos Manousakis Kyung Sup Kwak Li Zhao Li-Chun Wang Lin Du Liza A. Latiff Luca Scalia M Ayoub Khan Maaruf Ali Madhu Kumar S.D. Madhu Nair Madhumita Chatterjee Mahamod Ismail Mahmoud Al-Qutayri Manimaran Govindarasu Marcelo Segatto Maria Ganzha Marilia Curado Mario Fanelli Mariofanna Milanova Mariusz Glabowski Mariusz Zal Masato Saito Massimiliano Comisso Massimiliano Laddomada Matthias R. Brust Mehrzad Biguesh Michael Alexander Michael Hempel Michael Lauer Ming Xia Ming Xiao Mohamed Ali Kaafar

XIII

High Institute of Electronics and Communications of Sfax, Tunisia ETRI, Korea Positivo University, Brazil University of Puerto Rico at Mayaguez, USA University of Windsor, Canada Communications Research Centre (CRC), Canada Altusystems Corp, USA Institute of Technology, Nirma University, India Fraunhofer Institute, Germany General Motors, India Telcordia Technologies, USA Inha University, Korea Microsoft Corporation, USA National Chiao Tung University, Taiwan Technicolor Research and Innovation Beijing, P.R. China University Technology Malaysia University of Palermo, Italy C-DAC, Noida, India Oxford Brookes University, UK National Institute of Technology, Calicut, India University of Kerala, India Indian Institute of Technology Bombay, India Universiti Kebangsaan Malaysia Khalifa University, UAE Iowa State University, USA Federal University of Esp´ırito Santo, France University of Gdansk, Poland University of Coimbra, Portugal DEIS, University of Bologna,Italy University of Arkansas at Little Rock, USA Poznan University of Technology, Poland Poznan University of Technology, Poland University of the Ryukyus, Japan University of Trieste, Italy Texas A&M University-Texarkana, USA University of Central Florida, USA Queen’s University, Canada Scaledinfra Technologies GmbH, Austria University of Nebraska - Lincoln, USA Vanille-Media, Germany NICT, Japan Royal Institute of Technology, Sweden INRIA, France

XIV

Organization

Mohamed Cheriet Mohamed Eltoweissy Mohamed Hamdi Mohamed Moustafa Mohammad Banat Mohammad Hayajneh Mohammed Misbahuddin Mustafa Badaroglu Naceur Malouch Nakjung Choi, Alcatel-Lucent Namje Park Natarajan Meghanathan Neeli Prasad Nen-Fu Huang Nikola Zogovic Nikolaos Pantazis Nilanjan Banerjee Niloy Ganguly Pablo Corral Gonz´alez Patrick Seeling Paulo R.L. Gondim Peter Bertok Phan Cong-Vinh Pingyi Fan Piotr Zwierzykowski Pascal Lorenz Pruet Boonma Punam Bedi Qinghai Gao Rahul Khanna Rajendra Akerkar Raul Santos Ravishankar Iyer Regina Araujo Renjie Huang Ricardo Lent Rio G. L. D’Souza Roberto Pagliari Roberto Verdone Roksana Boreli

Ecole de Technologie Superieure, Canada Pacific Northwest National Laboratory, USA Carthage University, Tunisia Akhbar El Yom Academy, Egypt Jordan University of Science and Technology, Jordan UAEU, UAE C-DAC, India IMEC, Belgium Universit´e Pierre et Marie Curie, France Bell-Labs, Seoul, Korea Jeju University, South Korea Jackson State University, USA Center for TeleInFrastructure (CTIF), Denmark National Tsing Hua University, Taiwan University of Belgrade, Serbia Technological Educational Institution of Athens, Greece IBM Research, India Indian Institute of Technology, Kharagpur, India University Miguel Hern´ andez, Spain University of Wisconsin - Stevens Point, USA University of Bras´ılia, Brazil Royal Melbourne Institute of Technology (RMIT), Australia London South Bank University, UK Tsinghua University, P.R. China Poznan University of Technology, Poland University of Haute Alsace, France Chiang Mai University, Thailand University of Delhi, India Atheros Communications Inc., USA Intel, USA Western Norway Research Institute, Norway University of Colima, Mexico Intel Corp, USA Federal University of Sao Carlos, Brazil Washington State University, USA Imperial College London, UK St. Joseph Engineering College, Mangalore, India University of California, Irvine, USA WiLab, University of Bologna, Italy National ICT Australia Ltd., Australia

Organization

Ronny Yongho Kim Ruay-Shiung Chang Ruidong Li S. Ali Ghorashi Sahar Ghazal Said Soulhi Sajid Hussain Salah Bourennane Salman Abdul Moiz Sameh Elnikety Sanjay H.A. Sathish Rajasekhar Sergey Andreev Seshan Srirangarajan Seyed (Reza) Zekavat Sghaier Guizani Shancang Li Shi Xiao Siby Abraham Silvio Bortoleto Simon Pietro Romano Somayajulu D. V. L. N. Song Guo Song Lin Soumya Sen Stefano Ferretti Stefano Giordano Stefano Pesic Stefano Tomasin Stefanos Gritzalis Steven Gordon Suat Ozdemir Subir Saha Subramanian K. Sudarshan T.S.B. Sugam Sharma Surekha Mariam Varghese T. Aaron Gulliver Tao Jiang Tarek Bejaoui Tarun Joshi Theodore Stergiou

XV

Kyungil University, Korea National Dong Hwa University, Taiwan NICT, Japan Shahid Beheshti University, Iran University of Versailles, France Ericsson, Swedan Fisk University, USA Ecole Centrale Marseille, France CDAC, Bangalore, India Microsoft Research, USA Nitte Meenakshi Institute, Bangalore, India RMIT University, Australia Tampere University of Technology, Finland Nanyang Technological University, Singapore Michigan Technological University, USA UAE University, UAE School of Engineering, Swansea University, UK Nanyang Technological University, Singapore University of Mumbai, India Positivo University, Brazil University of Naples Federico II, Italy National Institute of Technology Warangal, India The University of British Columbia, Canada University of California, Riverside, USA University of Pennsylvania, USA University of Bologna, Italy University of Pisa, Italy Cisco Systems, Italy University of Padova, Italy University of the Aegean, Greece Thammasat University, Thailand Gazi University, Turkey Nokia Siemens Networks, India Advanced Center for Informatics and Innovative Learning, IGNOU, India Amrita Vishwa Vidyapeetham, Bangalore, India Iowa State University, USA M.A. College of Engineering, India University of Victoria, Canada Huazhong University of Science and Technology, P.R. China Mediatron Lab., Carthage University, Tunisia University of Cincinnati, USA Intracom Telecom, UK

XVI

Organization

Thienne Johnson Thomas Chen Tsern-Huei Lee Usman Javaid Vamsi Paruchuri Vana Kalogeraki Vehbi Cagri Gungor Velmurugan Ayyadurai Vicent Cholvi Victor Govindaswamy Vijaya Kumar B.P. Viji E Chenthamarakshan Vino D.S. Kingston Vinod Chandra S.S. Vivek Jain Vivek Singh Vladimir Kropotov Wael M El-Medany Waslon Lopes Wei Yu Wei-Chieh Ke Wendong Xiao Xiang-Gen Xia Xiaodong Wang Xiaoguang Niu Xiaoqi Jia Xinbing Wang Xu Shao Xueping Wang Yacine Atif Yali Liu Yang Li Yassine Bouslimani Ye Zhu Yi Zhou Yifan Yu Yong Wang Youngseok Lee Youssef SAID Yuan-Cheng Lai Yuh-Ren Tsai

University of Arizona, USA Swansea University, UK National Chiao Tung University, Taiwan Vodafone Group, UK University of Central Arkansas, USA University of California, Riverside, USA Bahcesehir University, Turkey University of Surrey, UK Universitat Jaume I, Spain Texas A&M University, USA Reva Institute of Technology and Management, Bangalore, India IBM T.J. Watson Research Center in New York, USA Hewlett-Packard, USA College of Engineering Thiruvananthapuram, India Robert Bosch LLC, USA Banaras Hindu University, India D-Link Russia, Russia University of Bahrain, Kingdom of Bahrain UFCG - Federal University of Campina Grande, Brazil Towson University, USA National Tsing Hua University, Taiwan Institute for Infocomm Research, Singapore University of Delaware, USA Qualcomm, USA Wuhan University, P.R. China Institute of Software, Chinese Academy of Sciences, P.R. China Shanghai Jiaotong University, P.R. China Institute for Infocomm Research, Singapore Fudan University, P.R. China UAE University, UAE University of California, Davis, USA Chinese Academy of Sciences, P.R. China University of Moncton, Canada Cleveland State University, USA Texas A&M University, USA France Telecom R&D Beijing, P.R. China University of Nebraska-Lincoln, USA Chungnam National University, Korea Tunisie Telecom/Sys’Com Lab,ENIT, Tunisia Information Management, NTUST, Taiwan National Tsing Hua University, Taiwan

Organization

Yu-Kai Huang Yusuf Ozturk Zaher Aghbari Zbigniew Dziong Zhang Jin Zhenghao Zhang Zhenzhen Ye Zhihua Cui Zhili Sun Zhong Zhou Zia Saquib

XVII

Quanta Research Institute, Taiwan San Diego State University, USA University of Sharjah, UAE University of Quebec, Canada Beijing Normal University, P.R. China Florida State University, USA iBasis, Inc., USA Taiyuan University of Science and Technology, China University of Surrey, UK University of Connecticut, USA C-DAC, Mumbai, India

ACC 2011 Additional Reviewers Akshay Vashist Alessandro Testa Amitava Ammar Rashid Anand Bjoern W. Schuller Chi-Ming Wong Danish Faizan Fatos Xhafa Hooman Tahayori John Jose Jyoti Singh Koushik Long Zheng Manpreet Singh Maria Striki Mohamad Zoinol Abidin Mohamed Dahmane Mohd Helmy Abd Wahab Mohd Riduan Bin Ahmad Mohd Sadiq Mudhakar Srivatsa Nan Yang Nurulnadwan Aziz Aziz

Telcordia Telchnologies, USA University of Naples Federico II, Italy Academy of Technology, India Auckland University of Technology, New Zealand MITS, India Technical University, Germany Jinwen University of Science and Technology, Taiwan NIC-INDIA, India UPC, Barcelona Tech, Spain Ryerson University, Canada IIT Madras, India Academy of Technology, India West Bengal University of Technology, India University of Aizu, Japan M.M. Engineering College, India Telcordia Technologies, Piscataway, USA Universiti Teknikal Malaysia Melaka, Malaysia University of Montreal,Canada Universiti Tun Hussein Onn Malaysia, Malaysia Universiti Teknikal Malaysia Melaka, Malaysia Jamia Millia Islamia, India IBM T.J. Watson Research Center, USA CSIRO, Australia Universiti Teknologi MARA, Malaysia

XVIII

Organization

Pooya Taheri R.C. Wang Roman Yampolskiy Shuang Tian Syed Abbas Ali Velayutham Yeong-Luh Ueng

University of Alberta, Canada NTTU, Taiwan University of Louisville, USA The University of Sydney, Australia Ajman University of Science & Technology, UAE Adhiparasakthi Engineering College, Melmaruvathur, India National Tsing Hua University, Taiwan

International Workshop on Identity: Security, Management and Applications (ID 2011)

General Chairs Paul Rodrigues (CTO, WSS, India) H.R. Vishwakarma (Secretary, Computer Society of India)

Hindustan University, India

VIT University, India

Program Chairs P. Krishna Reddy Sundar K.S. Srinivasa Ragavan S. Venkatachalam

IIIT, Hyderabad, India Education & Research, Infosys Technologies Limited, India Intel Inc, USA Jawaharlal Nehru Technological University, India

Organizing Chair Madhan Kumar Srinivasan

Education & Research, Infosys Technologies Limited, India

Organizing Co-chairs Abhi Saran Anireddy Niranjan Reddy Revathy Madhan Kumar

London South Bank University, UK University of Glamorgan, UK Education & Research, Infosys Technologies Limited, India

Technical Program Committee Arjan Durresi Arun Sivanandham Avinash Srinivasan Bezawada Bruhadeshwar Bhaskara Reddy AV Bipin Indurkhya

Indiana University Purdue University Indianapolis, USA Infosys Technologies Limited, India Bloomsburg University, USA IIIT, Hyderabad, India Infosys Technologies Limited, India IIIT, Hyderabad, India

XX

ID 2011

C. Sunil Kumar Chandrabali Karmakar Farooq Anjum Gudipati Kalyan Kumar Hamid Sharif Hui Chen Jie Li Kalaiselvam Lau Lung Lukas Ruf Manik Lal Das

Manimaran Govindarasu Narendra Ahuja Omar Pradeep Kumar T.S. Pradeepa Rajiv Tripathi Rakesh Chithuluri Sanjay Chaudhary

Santosh Pasuladi Satheesh Kumar Varma Saurabh Barjatiya Sreekumar Vobugari Suthershan Vairavel Tarun Rao Thomas Little Tim Strayer V. Balamurugan Vasudeva Varma Vinod Babu Yonghe Liu

Jawaharlal Nehru Technological University, India Infosys Technologies Limited, India On-Ramp Wireless, USA Excellence India, India University of Nebraska-Lincoln, USA Virginia State University, USA University of Tsukuba, Japan Infineon Technologies, Germany UFSC, Brazil Consecom AG, Switzerland Dhirubhai Ambani Institute of Information and Communication Technology (DA-IICT), India Iowa State University, USA University of Illinois, USA University of Jordan, Jordan Infosys Technologies Limited, India Wipro Technologies, India NIT, Allahabad, India Oracle, India Dhirubhai Ambani Institute of Information and Communication Technology (DA-IICT), India Jawaharlal Nehru Technological University, India IIIT, Pune, India IIIT, Hyderabad, India Education & Research, Infosys Technologies Limited, India CTS, India Infosys Technologies Limited, India Boston University, USA BBN Technologies, USA IBM, India IIIT, Hyderabad, India Giesecke & Devrient, Germany UT Arlington, USA

International Workshop on Applications of Signal Processing (I-WASP 2011)

Workshop Organizers Jaison Jacob Sreeraj K.P. Rithu James

Rajagiri School of Engineering and Technology, India Rajagiri School of Engineering and Technology, India Rajagiri School of Engineering and Technology, India

Technical Program Committee A. Vinod Aggelos Katsaggelos Bing Li Carlos Gonzalez Damon Chandler Egon L. van den Broek Feng Wu Hakan Johansson Joaquim Filipe Lotfi Senahdji Reyer Zwiggelkaar Xianghua Xie Yoshikazu Miyanaga

NTU, Singapore Northwestern University, USA University of Virginia, USA University of Castilla-La Mancha, Spain Oklahoma State University, USA University of Twente, The Netherlands Microsoft Research Asia, P.R. China University of Linkoping, Sweden EST-Setubal, Portugal Universit´e de Rennes 1, France Aberystwyth University, UK Swansea University, UK Hokkaido University, Japan

International Workshop on Cloud Computing: Architecture, Algorithms and Applications (CloudComp 2011)

Workshop Organizers Binu A. Biju Paul Sabu M. Thampi

Cochin University of Science and Technology, India Rajagiri School of Engineering and Technology, India Rajagiri School of Engineering and Technology, India

Technical Program Committee Antonio Puliafito Bob Callaway Chee Shin Yeo Chin-Sean Sum Ching-Hsien Hsu Drissa Houatra Deepak Unnikrishnan Jie Song Salah Sharieh Francesco Longo Fabienne Anhalt Gaurav Somani Haibing Guan Hongbo Jiang Hongkai Xiong Hui Zhang Itai Zilbershtein Jens Nimis Jie Song

University of Messina, Italy IBM, USA Institute of High-Performance Computing, Singapore National Institute of Information and Communications Technology, Japan Chung Hua University, Taiwan Orange Labs, France University of Massachusetts, USA Northeastern University, P.R. China McMaster University, Canada Universit´ a di Messina, Italy Ecole Normale Sup´erieure de Lyon–INRIA, France LNMIIT, Jaipur, India Shanghai Jiao Tong University, P.R. China Huazhong University of Science and Technology, P.R. China Shanghai Jiao Tong University, P.R China Nec Laboratories America, USA Avaya, Israel University of Applied Sciences, Germany Software College, Northeastern University, China

XXIV

CloudComp 2011

Jorge Carapinha Junyi Wang K. Chandra Sekaran Kai Zheng Krishna Sankar Laurent Amanton Luca Caviglione Lukas Ruf Massimiliano Rak Pallab Datta Pascale Vicat-Blanc Primet Prabu Dorairaj Shivani Sud Shuicheng Yan Siani Pearson Simon Koo Srikumar Venugopal Stephan Kopf Thomas Sandholm Umberto Villano Vipin Chaudhary Yaozu Dong Zhou Lan

PT Inova¸cao S.A. Telecom Group, Portugal National Institute of Information and Communications Technology, Japan NITK, India IBM China Research Lab, P.R. China Cisco Systems, USA Havre University, France National Research Council (CNR), Italy Consecom AG, Switzerland Second University of Naples, Italy IBM Almaden Research Center, USA INRIA, France NetApp Inc, India Intel Labs, USA National University of Singapore, Singapore HP Labs, UK University of San Diego, USA UNSW, Australia University of Mannheim, Germany Hewlett-Packard Laboratories, USA University of Sannio, Italy University at Buffalo, USA Intel Corporation, P.R. China National Institute of Information and Communications Technology, Japan

International Workshop on Multimedia Streaming (MultiStreams 2011)

Program Chairs Pascal Lorenz Fan Ye Trung Q. Duong

University of Haute Alsace, France IBM T.J. Watson Research Center, USA Blekinge Institute of Technology, Sweden

Technical Program Committee Guangjie Han Alex Canovas Brent Lagesse Chung Shue Chen Debasis Giri Mario Montagud Doreen Miriam Duduku V. Viswacheda Elsa Mac´ıas L´opez Eug´enia Bernardino Fernando Boronat Jen-Wen Ding Joel Rodrigues IT Jo-Yew Tham Marcelo Atenas Jorge Bernab´e Bao Vo Nguyen Hans-Juergen Zepernick Jose Maria Alcaraz Calero Juan Marin Perez Lei Shu Lexing Xie Marc Gilg Miguel Garcia Mohd Riduan Bin Ahmad

Hohai University, P.R. China Polytechnic University of Valencia, Spain Oak Ridge National Laboratory, USA INRIA-ENS, France Haldia Institute of Technology, India Universidad Polit´ecnica de Valencia, Spain Anna University, India University Malaysia Sabah, Malaysia University of Las Palmas de Gran Canaria, Spain Polytechnic Institute of Leiria, Portugal Instituto de Investigaci´ on para la Gesti´ on Integrada de Zonas Costeras, Spain National Kaohsiung University of Applied Sciences, Taiwan University of Beira Interior, Portugal A*STAR Institute for Infocomm Research, Singapore Universidad Politecnica de Valencia, Spain University of Murcia, Poland Posts and Telecommunications Institute of Technology, Vietnam Blekinge Institute of Technology, Sweden University of Murcia, Spain University of Murcia, Spain Osaka University, Japan The Australian National University, Australia University of Haute-Alsace, France Polytechnic University of Valencia, Spain Universiti Teknikal Malaysia, Malaysia

XXVI

MultiStreams 2011

Phan Cong-Vinh Alvaro Su´ arez-Sarmiento Song Guo Tin-Yu Wu Zhangbing Zhou Zuqing Zhu Juan M. S´ anchez Choong Seon Hong

London South Bank University, UK University of Las Palmas de Gran Canaria, Spain University of British Columbia, Canada Tamkang University, Taiwan Institut Telecom & Management SudParis, France Cisco System, USA University of Extremadura, Spain Kyung Hee University, Korea

Second International Workshop on Trust Management in P2P Systems (IWTMP2PS 2011)

Program Chairs Visvasuresh Victor Govindaswamy Jack Hu Sabu M. Thampi

Texas A&M University-Texarkana, USA Microsoft, USA Rajagiri School of Engineering and Technology, India

Technical Program Committee Haiguang Ioannis Anagnostopoulos Farag Azzedin Roksana Boreli Yann Busnel Juan-Carlos Cano Phan Cong-Vinh Jianguo Ding Markus Fiedler Deepak Garg Felix Gomez Marmol Paulo Gondim Steven Gordon Ankur Gupta Houcine Hassan Yifeng He Michael Hempel Salman Abdul Moiz Guimin Huang Renjie Huang Benoit Hudzia Helge Janicke

Fudan University, P.R. China University of the Aegean, Greece King Fahd University of Petroleum & Minerals, Saudi Arabia National ICT Australia, Australia University of Nantes, France Universidad Politecnica de Valencia, Spain London South Bank University, UK University of Luxembourg, Luxemburg Blekinge Institute of Technology, Sweden Thapar University, Patiala, India University of Murcia, Spain Universidade de Brasilia, Brazil Thammasat University, Thailand Model Institute of Engineering and Technology, India Universidad Politecnica de Valencia, Spain Ryerson University, Canada University of Nebraska-Lincoln, USA CDAC, India Guilin University of Electronic Technology, P.R. China Washington State University, USA SAP Research, UK De Montfort University, UK

XXVIII

IWTMP2PS 2011

Mohamed Ali Kaafar Eleni Koutrouli Stefan Kraxberger Jonathan Loo Marjan Naderan Lourdes Penalver Elvira Popescu Guangzhi Qu Aneel Rahim Yonglin Ren Andreas Riener Samir Saklikar Thomas Schmidt Fangyang Shen Thorsten Strufe Sudarshan Tsb Demin Wang Fatos Xhafa Jiping Xiong Chang Wu Yu

INRIA, France National University of Athens, Greece Graz University of Technology, Austria Middlesex University, UK Amirkabir University of Technology, Iran Valencia Polytechnic University, Spain UCV, Romania Oakland University, USA COMSATS Institute of Information Technology, Pakistan SITE, University of Ottawa, Canada University of Linz, Austria RSA, Security Division of EMC, India HAW Hamburg (DE), Germany Northern New Mexico College, USA TU Darmstadt, Germany Amrita School of Engineering, India Microsoft, USA UPC, Barcelona, Spain Zhejiang Normal University, P.R. China Chung Hua University, Taiwan

Table of Contents – Part IV

Position Papers Impact of Node Density on Node Connectivity in MANET Routing Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . G. Jisha and Philip Samuel Survey and Comparison of Frameworks in Software Architecture . . . . . . . S. Roselin Mary and Paul Rodrigues Two Layered Hierarchical Model for Cognitive Wireless Sensor Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . K. Vinod Kumar, G. Lakshmi Phani, K. Venkat Sayeesh, Aparna Chaganty, and G. Rama Murthy 3D-CGIN: A 3 Disjoint Paths CGIN with Alternate Source . . . . . . . . . . . . Meenal A. Borkar and Nitin Architecture for Running Multiple Applications on a Single Wireless Sensor Network: A Proposal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Sonam Tobgay, Rasmus L. Olsen, and Ramjee Prasad

1 9

19

25

37

Feature Based Image Retrieval Algorithm . . . . . . . . . . . . . . . . . . . . . . . . . . . P.U. Nimi and C. Tripti

46

Exploiting ILP in a SIMD Type Vector Processor . . . . . . . . . . . . . . . . . . . . Abel Palaty, Mohammad Suaib, and Kumar Sambhav Pandey

56

An Extension to Global Value Numbering . . . . . . . . . . . . . . . . . . . . . . . . . . . Saranya D. Krishnan and Shimmi Asokan

63

Data Privacy for Grid Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . N. Sandeep Chaitanya, S. Ramachandram, B. Padmavathi, S. Shiva Skandha, and G. Ravi Kumar

70

Towards Multimodal Capture, Annotation and Semantic Retrieval from Performing Arts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Rajkumar Kannan, Frederic Andres, Fernando Ferri, and Patrizia Grifoni A New Indian Model for Human Intelligence . . . . . . . . . . . . . . . . . . . . . . . . Jai Prakash Singh Stepping Up Internet Banking Security Using Dynamic Pattern Based Image Steganography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . P. Thiyagarajan, G. Aghila, and V. Prasanna Venkatesan

79

89

98

XXX

Table of Contents – Part IV

A Combinatorial Multi-objective Particle Swarm Optimization Based Algorithm for Task Allocation in Distributed Computing Systems . . . . . . Rahul Roy, Madhabananda Das, and Satchidananda Dehuri

113

Enhancement of BARTERCAST Using Reinforcement Learning to Effectively Manage Freeriders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . G. Sreenu, P.M. Dhanya, and Sabu M. Thampi

126

A Novel Approach to Represent Detected Point Mutation . . . . . . . . . . . . . Dhanya Sudarsan, P.R. Mahalingam, and G. Jisha

137

Anonymous and Secured Communication Using OLSR in MANET . . . . . A.A. Arifa Azeez, Elizabeth Isaac, and Sabu M. Thampi

145

Bilingual Translation System for Weather Report (For English and Tamil) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . S. Saraswathi, M. Anusiya, P. Kanivadhana, and S. Sathiya

155

Design of QRS Detection and Heart Rate Estimation System on FPGA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Sudheer Kurakula, A.S.D.P. Sudhansh, Roy Paily, and S. Dandapat

165

Multi-document Text Summarization in E-Learning System for Operating System Domain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . S. Saraswathi, M. Hemamalini, S. Janani, and V. Priyadharshini

175

Improving Hadoop Performance in Handling Small Files . . . . . . . . . . . . . . Neethu Mohandas and Sabu M. Thampi

187

Studies of Management for Dynamic Circuit Networks . . . . . . . . . . . . . . . . Ana Elisa Ferreira, Anilton Salles Garcia, and Carlos Alberto Malcher Bastos

195

International Workshop on Identity: Security, Management and Applications (ID 2011) Game Theoretic Approach to Resolve Energy Conflicts in Ad-Hoc Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Juhi Gupta, Ishan Kumar, and Anil Kacholiya

205

Software Secureness for Users: Significance in Public ICT Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C.K. Raju and P.B.S. Bhadoria

211

Vector Space Access Structure and ID Based Distributed DRM Key Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Ratna Dutta, Dheerendra Mishra, and Sourav Mukhopadhyay

223

Table of Contents – Part IV

Multiple Secrets Sharing with Meaningful Shares . . . . . . . . . . . . . . . . . . . . . Jaya and Anjali Sardana

XXXI

233

On Estimating Strength of a DDoS Attack Using Polynomial Regression Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B.B. Gupta, P.K. Agrawal, A. Mishra, and M.K. Pattanshetti

244

Finding New Solutions for Services in Federated Open Systems Interconnection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Zubair Ahmad Khattak, Jamalul-lail Ab Manan, and Suziah Sulaiman

250

Duplicate File Names-A Novel Steganographic Data Hiding Technique . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Avinash Srinivasan and Jie Wu

260

A Framework for Securing Web Services by Formulating an Collaborative Security Standard among Prevailing WS-* Security Standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . M. Priyadharshini, R. Baskaran, Madhan Kumar Srinivasan, and Paul Rodrigues

269

Improved Web Search Engine by New Similarity Measures . . . . . . . . . . . . Vijayalaxmi Kakulapati, Ramakrishna Kolikipogu, P. Revathy, and D. Karunanithi

284

International Workshop on Applications of Signal Processing (I-WASP 2011) Recognition of Subsampled Speech Using a Modified Mel Filter Bank . . . Kiran Kumar Bhuvanagiri and Sunil Kumar Kopparapu

293

Tumor Detection in Brain Magnetic Resonance Images Using Modified Thresholding Techniques . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C.L. Biji, D. Selvathi, and Asha Panicker

300

Generate Vision in Blind People Using Suitable Neuroprosthesis Implant of BIOMEMS in Brain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B. Vivekavardhana Reddy, Y.S. Kumara Swamy, and N. Usha

309

Undecimated Wavelet Packet for Blind Speech Separation Using Independent Component Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Ibrahim Missaoui and Zied Lachiri

318

A Robust Framework for Multi-object Tracking . . . . . . . . . . . . . . . . . . . . . . Anand Singh Jalal and Vrijendra Singh

329

XXXII

Table of Contents – Part IV

SVM Based Classification of Traffic Signs for Realtime Embedded Platform . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Rajeev Kumaraswamy, Lekhesh V. Prabhu, K. Suchithra, and P.S. Sreejith Pai A Real Time Video Stabilization Algorithm . . . . . . . . . . . . . . . . . . . . . . . . . Tarun Kancharla and Sanjyot Gindi

339

349

Object Classification Using Encoded Edge Based Structural Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Aditya R. Kanitkar, Brijendra K. Bharti, and Umesh N. Hivarkar

358

Real Time Vehicle Detection for Rear and Forward Collision Warning Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Gaurav Kumar Yadav, Tarun Kancharla, and Smita Nair

368

PIN Generation Using Single Channel EEG Biometric . . . . . . . . . . . . . . . . Ramaswamy Palaniappan, Jenish Gosalia, Kenneth Revett, and Andrews Samraj

378

International Workshop on Cloud Computing: Architecture, Algorithms and Applications (CloudComp 2011) A Framework for Intrusion Tolerance in Cloud Computing . . . . . . . . . . . . Vishal M. Karande and Alwyn R. Pais Application of Parallel K-Means Clustering Algorithm for Prediction of Optimal Path in Self Aware Mobile Ad-Hoc Networks with Link Stability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Likewin Thomas and B. Annappa Clouds’ Infrastructure Taxonomy, Properties, and Management Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Imad M. Abbadi A Deduced SaaS Lifecycle Model Based on Roles and Activities . . . . . . . . Jie Song, Tiantian Li, Lulu Jia, and Zhiliang Zhu Towards Achieving Accountability, Auditability and Trust in Cloud Computing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Ryan K.L. Ko, Bu Sung Lee, and Siani Pearson Cloud Computing Security Issues and Challenges: A Survey . . . . . . . . . . . Amandeep Verma and Sakshi Kaushal A Deadline and Budget Constrained Cost and Time Optimization Algorithm for Cloud Computing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Venkatarami Reddy Chintapalli

386

396

406 421

432 445

455

Table of Contents – Part IV

XXXIII

International Workshop on Multimedia Streaming (MultiStreams 2011) A Bit Modification Technique for Watermarking Images and Streaming Video . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Kaliappan Gopalan

463

Efficient Video Copy Detection Using Simple and Effective Extraction of Color Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . R. Roopalakshmi and G. Ram Mohana Reddy

473

Mobile Video Service Disruptions Control in Android Using JADE . . . . . Tatiana Gualotu˜ na, Diego Marcillo, Elsa Mac´ıas L´ opez, and Alvaro Su´ arez-Sarmiento

481

Performance Analysis of Video Protocols over IP Transition Mechanisms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Hira Sathu and Mohib A. Shah

491

Performance Comparison of Video Protocols Using Dual-Stack and Tunnelling Mechanisms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Hira Sathu, Mohib A. Shah, and Kathiravelu Ganeshan

501

IPTV End-to-End Performance Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . Priya Gupta, Priyadarshini Londhe, and Arvind Bhosale A Color Image Encryption Technique Based on a SubstitutionPermutation Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . J. Mohamedmoideen Kader Mastan, G.A. Sathishkumar, and K. Bhoopathy Bagan

512

524

Second International Workshop on Trust Management in P2P Systems (IWTMP2PS 2011) Comment on the Improvement of an Efficient ID-Based RSA Mutlisignature . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Chenglian Liu, Marjan Kuchaki Rafsanjani, and Liyun Zheng A Secure Routing Protocol to Combat Byzantine and Black Hole Attacks for MANETs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Jayashree Padmanabhan, Tamil Selvan Raman Subramaniam, Kumaresh Prakasam, and Vigneswaran Ponpandiyan A Convertible Designated Verifible Blind Multi-signcryption Scheme . . . . Subhalaxmi Das, Sujata Mohanty, and Bansidhar Majhi

534

541

549

XXXIV

Table of Contents – Part IV

Middleware Services at Cloud Application Layer . . . . . . . . . . . . . . . . . . . . . Imad M. Abbadi

557

Attribute Based Anonymity for Preserving Privacy . . . . . . . . . . . . . . . . . . . Sri Krishna Adusumalli and V. Valli Kumari

572

An Anonymous Authentication and Communication Protocol for Wireless Mesh Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Jaydip Sen

580

Data Dissemination and Power Management in Wireless Sensor Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . M. Guerroumi, N. Badache, and S. Moussaoui

593

Performance Evaluation of ID Assignment Schemes for Wireless Sensor Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Rama Krishna Challa and Rakesh Sambyal

608

Author Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

617

Impact of Node Density on Node Connectivity in MANET Routing Protocols G. Jisha1 and Philip Samuel2 1

Department of Information Technology, Rajagiri School of Engineering and Technology, Kochi, India-682039 2 Information Technology, School of Engineering, Cochin University of Science and Technology, Kochi, India-682022 [email protected], [email protected]

Abstract. The functioning of routing protocols in Mobile Ad-hoc Networks depends on factors like node mobility, node failure, broken paths, node connectivity and node density. These factors make the network dynamic. Due to the change in node connectivity, availability of link for data transfer data may vary. This paper discusses about Mobile Ad-Hoc environment with varying node density and its effect on node connectivity among MANET routing protocols. The performance of two routing protocols like DSDV from proactive routing protocols, AODV from reactive routing protocols are analyzed and compared. Quantitative metrics like normalized overhead, packet delivery ratio, number of control packets are evaluated using the Network Simulator NS-2. This paper helps in identifying the impact of varying node densities on the node connectivity in Mobile Ad-Hoc networks. The result of performance comparison can also be helpful in the design of new routing protocols based on topological characteristics. Keywords: MANET, DSDV, AODV, Node Connectivity, Node Density.

1 Introduction A Mobile Ad-hoc network is a temporary or short period dynamic network used in battlefields, conference, rescue operation, multimedia games. These networks comprises of a group of wireless mobile nodes which communicate each other without any fixed infrastructure. Routing in MANET is a challenging task as the topology of such networks keeps on changing due to various factors like node mobility, change in the node status and change in node density. Here the nodes act as both host and receiver, who forward packets to other mobile host. Individual node has limited processing capacity but is capable of supporting distributed approach through coordination effort in a network [12]. Initially the node will not have prior knowledge of its neighboring nodes or the topology of the entire network. The nodes sends beacons to neighboring nodes, and listens to the broadcasting message from A. Abraham et al. (Eds.): ACC 2011, Part IV, CCIS 193, pp. 1–8, 2011. © Springer-Verlag Berlin Heidelberg 2011

2

G. Jisha and P. Samuel

neighboring nodes to find the list of current neighbors. This process continues till the node knows about all other nodes and also when a change in the topology of the network is detected. Thus through these neighbors, the nodes can communicate to other nodes outside its coverage area to maintain node connectivity in the network [3]. Knowledge of topological characteristics like connectivity, coverage, maximum inter-node distance and node degree helps in the design of new distributed protocol and also for evaluating the performance of existing routing protocols [12]. The factors that complicate the analysis of the topological characteristics are node mobility and node density [8], [9]. Paolo Santi and Douglas M Blough have discussed the conditions that are needed to ensure that a deployed network is connected initially and remains connected as node migrates [8]. Certain Routing Protocols are found to perform better in densely connected network than in sparse network [1]. There is a lot of work done for evaluating the performance of MANET Routing Protocols under different topological characteristics [1], [12], [2], [8], [9]. In our paper we have evaluated performance of MANET routing protocols under varying node density and how it affects the node connectivity. This paper analyzes the performance of routing protocols designed for MANET under different node density and its impact on node connectivity. The second sections of this paper discuss the routing protocols designed for MANET and the performance metrics used. The third section discusses the impact of node density in proactive and reactive routing protocols with a comparative evaluation. The forth section presents the environment for simulations in NS-2 for comparing the effect of node density on these two protocols. The fifth section discusses the simulation result and the last section concludes the paper.

2 Routing Protocols and Performance Metrics Mobile Ad-hoc Routing Protocol is a rule or standard that tells the mobile nodes in the network which way to route the packets. Effective routing protocols are needed to handle dynamic topology, a major problem in MANET routing protocol. Various routing protocols were proposed in the past, depending on routing information, updating mechanism and temporal information used for routing, routing topology and utilization of specific resources [4]. Protocols designed for MANET deal with high power consumption, low bandwidth and high error rates which are the typical limitations of these networks [5]. Main two classifications considered are Proactive Routing Protocols and Reactive Routing Protocols. Proactive Routing protocols stores information about nodes in the network to transfer data between different nodes in the network. These protocols constantly update node information and may react to change in the network topology even if no traffic is affected by the topology modification. This could create unnecessary overhead. Reactive Routing Protocols establish routes between nodes only when they is a request to required to route data packets. There is no updating of every possible route in the network instead it focuses on routes that are being used or being set up. Both qualitative and quantitative metrics are needed to evaluate the performance of a routing protocol [7]. Qualitative properties of MANET routing protocol includes

Impact of Node Density on Node Connectivity in MANET Routing Protocols

3

distributed operation, loop freedom, demand based operation, proactive operation, security, sleep period operation, unidirectional link support. Quantitative metrics used are end-to-end data throughput and delay, Route acquisition time, Percentage out-oforder delivery, Efficiency. The other parameters that should be varied are network size, network connectivity, and topological rate of change, link capacity, and fraction of unidirectional links, traffic patterns, Mobility, Fraction and frequency of sleeping nodes [6], [7]. This paper evaluates two routing protocols DSDV from Proactive Routing Protocols and AODV from Reactive Routing Protocols. Quantitative distributed operation, demand based operation, proactive based operation, sleep period operation, unidirectional link support. Qualitative measures used are number of routing packets used, normalized overhead, packet delivery ratio. Two main parameters that are verified to check the performance are network connectivity and node density. All qualitative measures are verified at different node densities.

3 Impact of Node Density on Routing Protocols-Comparative Evaluation A variety of performance metrics are discussed to determine the performance and robustness of MANET routing protocols [7]. The goal is to compare the routing protocols on the basis of qualitative and quantitative measures. Topological parameters like node density and node connectivity are also considered for comparing MANET routing protocols. 3.1 Impact of Node Density on Proactive Routing Protocol In Proactive routing protocols every nodes maintain the routing information by periodic updating of routes. Proactive routing protocols maintain up-to-date routing information between every node in the network. The dynamic change in topology results change in routing table. Proactive protocol update routing table when there is any change in the topology due to change in node density. Change in the number of nodes reflect in more overhead for such networks due to the updating of routing table by the nodes when new nodes are added or existing nodes are disconnected. Destination Sequence distance vector (DSDV) is the protocol considered under proactive category Destination Sequenced Distance Vector (DSDV) Destination Sequenced Distance Vector is a table- driven proactive protocol modified from Bellman Ford algorithm. DSDV is one of the mostly accepted routing protocols under the category of proactive routing protocol developed by C. Perkins and P. Bhagwat in 1994[5]. The main contribution of this algorithm was to solve the routing loop problem. Every mobile node in the network maintains a routing table in which all the possible destination within the network and the number of hops to each destination are recorded. Each entry in the routing table contains a sequence number,

4

G. Jisha and P. Samuel

the sequence numbers will be even if a link is present otherwise an odd number is used. The number is generated by the destination and the sender needs to send out the next update with this number [4]. DSDV periodically send routing control packets to neighbors for updating routing table [12]. Selection of routes: Latest sequence numbers are used if a router receives new information. Route with a better metric is used if the sequence number is the same as the one in the table. Stale entries and the routes using those nodes with stale entries as next hops are deleted. Advantages: DSDV is a hop by hop distance vector routing protocol suitable for creating ad-hoc networks with small node density. It selects the shortest path based on the number of hops to the destination. Loop freedom is eliminated. Use simple route update protocol. Routing table is maintained on each network. Sequence number is used for making decision. Network Connectivity of the network found to increase due to various paths between the nodes. Breakage of an intermediate node may not affect the connectivity if the node density is high. Disadvantages: Use of battery power and small bandwidth even when the network is idle, due to the regular updating of its routing tables. Periodic updating in transmissions limits the number of nodes that can be connected to the network. Not suitable for highly dynamic networks, as a new sequence number is necessary whenever the topology changes due to the increase in number of nodes. Routing overhead is directly related with the number of nodes in the network. 3.2 Impact of Node Density in Reactive Routing Protocols Reactive Routing Protocol does not maintain network topology information. Necessary path is obtained by a connection establishment process. The Routing information are not exchanged periodically. In case of reactive routing protocols the overhead for route calculation is less when compared to Proactive routing protocols in case of increase in node density. Ad-Hoc On Demand Distance Vector Routing Protocol (AODV) AODV, an extension of DSDV is a reactive routing protocol implemented for mobile ad-hoc networks. AODV is combination of DSR, a reactive routing protocol and DSDV, a proactive routing protocol. It has the basic on demand mechanism of Route Discovery and Route maintenance of DSR and the use of hop by hop routing sequence number and periodic beacons from DSDV. When a source node wants to send information to destination node and does not have a route to destination, it starts the route finding process starts the route finding process. It generates a RREQ and broadcast to its neighbors. The route request is forwarded by intermediate nodes. A reverse path is created for itself from destination. When the request reaches a node with a route to destination it generates a RREP containing number of hops required to reach destination. RREP is routed along the reverse path. Each node maintains is own sequence number and broadcast id. To maintain routes the nodes survey the link

Impact of Node Density on Node Connectivity in MANET Routing Protocols

5

status of their next hop neighbor in active routes. If the destination or some intermediate node move, steps are used to update the routing table of all neighbors [4],[11]. Features: • Combines the features of both DSR and DSDV • Route discovery and route maintenance from DSR • Hop by Hop routing ,sequence numbers and periodic beacon from DSDV Advantage: Maximum utilization of bandwidth. Simple. Node acts as router and maintains a simple routing table, Maintains effective routing information and current routing information, Loop free, Coping up with dynamic topology and broken links, Highly Scalable when compared with DSDV. Disadvantage: No reuse of routing information, vulnerable to misuse, high route discovery latency, overhead on bandwidth. When number of node increases initially throughput increase as large number of routes are available, after a certain limit throughput becomes stable[4]. 3.3 Discussion on MANET Routing Protocols Using Various Performance Metrics After the discussion of the two MANET routing protocols namely, DSDV, AODV. A comparative discussion using various performance metrics are made to judge the performance and suitability of these routing protocols. Both qualitative and quantitative metrics are used. • • • •

•

•

Distributed Operation: DSDV maintains routes between every pair of nodes in the network, while AODV finds path between nodes whenever the route is required. Broadcasting: In DSDV, for updating the routing tables, broadcasting is done periodically to maintain routing updates. In AODV, only hello messages are broadcasted to its neighbors to maintain node connectivity. Node Density: When node density varies DSDV is affected more than AODV as DSDV has to maintain connectivity between every node. Bandwidth: The periodic updating of routing tables for each node results in wastage of bandwidth in DSDV. But, Bandwidth is effectively used with AODV, as it propagates only hello messages to its neighbors and RREQ and RREP are broadcasted only on-demand. Route Maintenance: For sending data to a particular destination, there is no need to find a route as DSDV routing protocol maintains all the routes in the routing tables for each node. While AODV has to find a route before sending a data. Routing Overhead: Overhead in DSDV is more when the network is large and it becomes hard to maintain the routing tables at every node. But, in AODV overhead is less as it maintains small tables to maintain local connectivity.

6

G. Jisha and P. Samuel

•

Node Mobility: DSDV cannot handle mobility at high speeds due to lack of alternative routes hence routes in routing table is stale. While in AODV it does not affect much, as it find the routes on demand.

4 Simulation Result and Observations We evaluate the performance of MANET protocols using measurements obtained through both simulation and implementation. Simulations help to measure the effectiveness of routing protocols under varying node densities. Simulation is performed using Network Simulator NS-2 [10]. NS-2 is an object oriented simulator developed as a part of the VINT project at the University of California in Berkeley. The simulator is event-driven and runs in a non real time fashion. The main purpose of NS-2 is for evaluating the existing network’s performance or the performance of newly designed components Simulation Design: The basic configuration is that our testing is in a square of 500*500 with nodes ranging from 5 to 50. The traffic source used is CBR (Constant Bit Rate), 512 bytes as data packets, sending rate is 4pkts/second, Radio-propagation model used is TwoRayGround, MAC Type is 802_11,a\Ad-Hoc routing protocols tested are DSDV, AODV. Simulation Result: Number of nodes is the varying parameter as it plays an important role in performance Figure 1, 2, 3 shows various performance parameters versus number of nodes. a) Packet delivery rate: Packet delivery rate is the amount of packets successively received by the destination node over the total number of packets send throughout the simulation .With varying node densities packet delivery rate in DSDV and AODV increases with increase in number of nodes

Fig. 1. Number of Nodes Vs Packet delivery ratio

Impact of Node Density on Node Connectivity in MANET Routing Protocols

7

Fig. 2. Number of Nodes Vs Normalized Overhead

b) Normalized Overhead: Number of routing packets over the number of packets successfully received at the destination. c) Number of Routing Packets : Routing Packets(RP) is used to refer the routing related packets like route request, route reply, route error that are received by various nodes. Number of RP received is different from number of packets sent. Nodes on receiving such packets broadcast these packets to the neighboring nodes. Here the number of routing packets is compared with the number of nodes to measure the node connectivity.

Fig. 3. Number of Nodes Vs Number of Routing Packets

5 Conclusion We have presented a detailed performance comparison of important routing protocols for mobile ad-hoc networks. DSDV and AODV are the two protocols taken for comparison. Routing Protocols were studied in detail and their features advantages,

8

G. Jisha and P. Samuel

disadvantages were discussed. Then a comparative study on the basis of quantitative and qualitative measures including the parameters node connectivity and node density are also studied. Both reactive and proactive protocols perform well in case of packet delivery when number of nodes increase in the network which shows node connectivity. In case of Normalized overhead both DSDV and AODV shows increase in overhead with increase in number of nodes. Number of routing packets shows a decrease with increase in Node density. AODV gets more affected by change in node density than DSDV. Future works may evaluate more routing protocols with different metrics which will be helpful for those who are trying to design a new or improved version of any existing routing protocol. More works can address issues related to topological characteristics of mobile ad-hoc networks.

References 1. Schult, N., Mirhakkak, M., LaRocca, D.: Routing in Mobile Ad Hoc Networks. IEEE, Los Alamitos (1999) 2. Goel, A., Sharma, A.: Performance Analysis of Mobile Ad-hoc Network Using AODV Protocol. International Journal of Computer Science and Security (IJCSS) 3(5), 334 (1999) 3. Adam, N., Ismail, M.Y., Addullah, J.: Effect of Node Density on Performance of Three MANET Routing Protocols. In: 2010 International Conference on Electronic Devices, Systems and Applications (ICEDSA 2010). IEEE, Los Alamitos (2010) 4. Siva Ram Murthy, C., Manoj, B.S.: AdHoc Wireless Networks Architectures and Protocols, 2nd edn., pp. 321–347. Pearson Education, London 5. Royer, E.M., Toh, C.-K.: A Review of Current Routing Protocols for AdHoc Mobile Wireless Networks. IEEE Personal Communications, 46 (1999) 6. Arun Kumar, B.R., Reddy, L.C., Hiremath, P.S.: Performance Comparison of Wireless Mobile Ad-Hoc Network Routing Protocols. International Journal of Computer Science and Network Security 8(6), 337 (2008) 7. Corson, S.: Mobile Ad hoc Networking (MANET): Routing Protocol Performance Issues and Evaluation Considerations, RFC2501 8. Santi, P., Blough, D.M.: An Evaluation of Connectivity in Mobile Wireless AdHoc Networks. In: Proceedings of the International Conference on Dependable Systems and Networks (DSN 2002). IEEE, Los Alamitos (2002) 9. Deepa, S., Kadhal Nawaz, D.M.: A Study on the Behavior of MANET Routing Protocols with Variying Densities and Dynamic Mobility Patterns. IJCA Special Issue on Mobile Ad-hoc Networks, MANET 2010, 124 (2010) 10. Greis’, M.: Tutorial for the UCB/LBNL/VINT Network Simulator ns 11. Perkins, C., Royer, E.M.: Ad hoc On demand distance vector (AODV) routing (Internet draft) (August 1998) 12. Bagchi, S., Cabuk, S., Lin, L., Malhotra, N., Shroff, N.: Analysis of Topological Characteristics of Unreliable Mobile Wireless AdHoc Network (1999)

Survey and Comparison of Frameworks in Software Architecture S. Roselin Mary1 and Paul Rodrigues2 1

Department of Computer science and Engineering at Anand Institute of Higher Technology, Chennai 603103, India 2 Department of Information Technology, Hindustan University, Chennai 603103, India [email protected], [email protected]

Abstract. The development of various architectural frameworks and models in the field of software architecture shows the importance of the need for such a governing structure for growing and developed organizations. To create or to choose the right and suitable architecture frame work for any organization, the comparative study of all the frameworks and models must be analyzed. This paper technically analyzes various well known frameworks based on their views/perspectives, kind of architecture they deal with, characteristics, system development methodology, system modeling technique and business modeling technique and also explains their advantages and weakness. Frameworks that we consider are Zachman framework, TEAF, FEAF, TOGAF, DODAF and ISO/RM-ODP. Keywords: Framework, Software Architecture, Views.

1 Introduction Complexity of any system can be understood with the help of the architecture of that system. Planning is required when a system becomes more complex. Architecture is the combination of process and product of planning, designing and constructing space that reflects functional, social and aesthetic considerations [1]. It also encompasses project planning, cost estimation and constructing administration. In civil engineering, architecture deals with the relationship between complexity and planning for buildings and cities. Customers and builders may have different views and different perspectives of their own interest. [2]. Similarly, the same concept can be used for software which is called software architecture. Building a very complex, critical and highly distributed system requires the interconnected components that are basic building blocks and the views of end user, designer, developer and tester. The research work of Dijkstra in 1968 and David Parnas in the early 1970’s identified the concept of Software Architecture at first. Software architecture is known for the design and implementation of the high-level structure of the software. It is the connection of architectural elements in some wellchosen forms to achieve the major functionality and performance requirements of the system and to achieve non- functional requirements such as reliability, scalability, portability, and availability [4]. Software frameworks indicate the locations in the A. Abraham et al. (Eds.): ACC 2011, Part IV, CCIS 193, pp. 9–18, 2011. © Springer-Verlag Berlin Heidelberg 2011

10

S. Roselin Mary and P. Rodrigues

architecture where application programmers may make the adaptations for a specific functionality [5]. A software framework is an abstraction in which common code providing generic functionality can be selectively overridden or specialized by user code. Instead of concentrating on the low level details of a working system, the designers and programmers can concentrate only on the software requirements so as to reduce overall development time [6]. Even though ‘software architecture’ is relatively new to the field, the basic principles of this field have been applied since the mid 1980’s. Seeing the evolution of Software architecture from the algorithm’s era will clearly show us the various stages it has crossed and the concepts it has borrowed from others to get a shaped form. The following sections briefly describe the evolution and evaluation of Software architecture. Section 2 describes the evolution from algorithm to Zachman’s framework and Zachman framework to Service oriented Architecture. Section 3 describes the classification of frameworks and lists out the comparison criteria of frameworks. Frameworks are evaluated in section 4 using the criteria listed out in the section 3.

2 Evolution of Software Architectural Frameworks 2.1 Evolution from 1920’s to 1995 In 1928, an Algorithm was partially formulated to solve a problem by a finite sequence of instructions. To plan computer programs by having a visual representation of the instruction flow, Von Neumann developed ‘Flow Chart’ in 1947.He got the idea from the flow process chart(1921) and multi flow chart(1944)which were used mostly in the area of electrical engineering. Later, ‘Control Flow Diagram’ (CFD) was developed in 1950’s to describe the control flow of a business process and program. The representation of flow of control was not enough to view the complex systems and it was not an easy job to design one for it. It did not give a high level view of the work and immediate access of particular points. So ‘Block Diagram’ was developed in late 1950’s to understand the complete system by dividing it into smaller sections or blocks. A particular function will be done by each block and the connection between the blocks will be shown in a diagram. In the mid time, the historical development of abstraction in the field of computer science and programming made a turning point in the field of software architecture. The introduction of Abstract data types in the late 1960’s, paved a way to group data structures that have similar behavior and to group certain data types and modules of one or more programming languages that have similar semantics. The notion of Abstract data types lead to a software design technique called ‘Modular Programming’ that introduced the concept of modules in software. Modules represent a separation of concerns. They maintain the logical boundaries between components. This concept was introduced in 1968. In 1977, the adoption of layered architecture based on the modular programming led to the ‘Three Schema Approach’ to build information systems using three different views in systems development. By breaking up an application into tiers, developers

Survey and Comparison of Frameworks in Software Architecture

11

had to modify only a specific layer rather than rewrite the entire application over. And thus it helped to create a flexible and reusable application. By evolving the three schema model into layers of six perspectives, John Zachman developed ‘The Zachman Framework’ in 1987. It still plays an important role in the era of ‘Enterprise Architecture’ and influenced frameworks DODAF, TOGAF, TEAF and FEAF. The modified version of Zachman Framework with more number of views was released in 1993. In 1995, the 4+1 view model was developed by Kruchten. The purpose of Views used in these models was to analyze the complex systems, and to list out the elements of the problem and the solution around the domains of expertise. A view of a system is the representation of the system from the perspective of a viewpoint. This viewpoint on a system focuses on specific concerns of the system. It provides a simplified model with the elements related to the concerns of the viewpoint and hides other details [2] [4]. This section deals how the framework and view point evolved from the algorithm through several stages. It clearly portrays that the introduction of ADT and layered approach paved a way towards the frameworks era. The next subsection deals how the various standard architectural frameworks evolved. 2.2 Evolution from 1995 to 2010 The necessity of frameworks in defense side applications and the encouragement of U.S government to new architecture led to the C4ISR Architecture Framework in 1996. In 2003, ‘The Department of Defense Architecture Framework (DODAF)’ was released which restructured the C4ISR framework ver2.0 [7][8].This version was later restructured and released as ‘The Department of Defense Architecture Framework (DODAF)’ in 2003 [7] [8]. ‘The Open Group Architecture Framework (TOGAF)’ was developed by the members of open architecture forums in 1995. Recently in 2009, TOGAF Version 9 was released [9]. The ‘Federal enterprise Architecture Framework (FEAF)’ was developed in 1999 by the Federal Government to integrate its myriad agencies and functions under a single common and enterprise architecture [10]. ‘Treasury Enterprise Architecture Framework (TEAF)’ was developed by the US Department of Treasury and published in July 2000.It was used to support the Treasury’s business processes in terms of products [11]. Based on the distributed processing developments and using the concepts of abstraction, composition and emergence, a reference model RM-ODP was developed by Andrew Herbert in 1984. A set of UML profiles were included in ODP and UML4ODP was introduced in 2004 [12].In 2001, Aspect oriented programming came out by getting the principles of OOPS. It led to the Aspect oriented software development later in 2002.As an opposition to the distributed processing and Modular programming, the ‘Service Oriented Architecture (SOA)’ came out and IBM announced ‘Service Oriented Modeling Architecture (SOMA)’ as the first publicly announced SOA related methodology in 2004. Based on this concept, the SOMF ver 1.1 was released by Michael Bell to provide tactical and strategic solutions to enterprise problems [13] [14].

12

S. Roselin Mary and P. Rodrigues

This section clearly portrays the independent development of frameworks based on the Zachman framework, OOPS concept and Event driven concept. The application of UML on RM-ODP derived a new framework. By analyzing the concept and structure of various frameworks and combining those appropriately with some existing technology will yield a better framework. The frameworks dealt in the forthcoming sections are most widely used by the commercial and Government departments. So, it is necessary to classify and compare them. The next section deals the classification and comparison of frameworks based on few parameters

3 Classification and Comparison Criteria 3.1 Classification of Frameworks Frameworks were developed under the interests of people in different fields for various purposes. They evolved by keeping their base on different concepts in different directions. To establish a new organization with the implementation of architectural framework or to introduce the frameworks to an existing organization for streamlining their tasks, it is necessary to look up the environment where these frameworks were developed and used and adopt those architectural frameworks to the new environment. So, it is necessary to classify them as whether they were developed by standard bodies or individual interests or by private agencies. The frameworks developed by standard bodies fall under the standard category and others fall under the non standard category. And also they are subcategorized based on their usage in commercial or Government purposes. Frameworks developed and used for the Government departments and for Defense side applications are classified under the Government frameworks. Frameworks used for commercial purpose are classified under the commercial frameworks. The Open Distributed model ISO RM-ODP falls under the standard and commercial frameworks. DODAF, FEAF and TEAF which were developed for the U.S Government agencies fall under the standard and government frameworks. The well accepted and most widely used frameworks, TOGAF and Zachman frameworks are used by both the commercial and government agencies. Even though TOGAF and Zachman frameworks are falling under the non-standard category, mapping of these frameworks to DODAF, FEAF and other standard frameworks yielded good products in the industry. The classification described in this section will be very useful for the customer to choose the suitable framework quickly for his organization based on the job nature. The next subsection deals the comparison parameters that can be used by the customer to choose an appropriate tool. 3.2 Comparison Criteria In this paper, we have taken the survey of few frameworks which are most widely used. The parameters used for comparison in existing surveys are not suitable for a

Survey and Comparison of Frameworks in Software Architecture

13

customer to choose the tool. So, the methodologies, techniques and tools used in these frameworks are considered for the comparison .Parameters used for the comparison in this paper is listed below. 1. Views / View points: Total number of views defined in the framework 2. Domain: It deals about the domain of applications and services the particular framework focuses on. 3. Origin: It deals about for whom the framework was developed and in which area the framework was well suited 4. Focus: It describes the focus of the framework i.e. business, cost, quality and so on. 5. Phase of SDLC: It discusses in which stage of the software life cycle the particular framework can be used widely. 6. System development methodology: A system development methodology is like a framework to structure, plan, and control the process of developing an information system. Lots of such frameworks have come up over the years, each with its own recognized strengths and weaknesses. It is not mandatory to use one system development methodology for all projects. Based on the technical, organizational, project and team considerations, each of the available methodologies can be followed in specific kind of projects. Mostly used methodologies are Rational Unified process (RUP), Dynamic system development Method (DSDM), Rapid Application Development (RAD), Iterative Application Development (IAD), Linear Application Development (LAD) and Extreme programming (XP). 7. System modeling Technique: The working principle of the system is revealed in System modeling. These techniques help us examine how the different components in a system work together to produce a particular result. The tools used for system modeling are UML, Flow chart, OMG-Model driven Architecture, Interface Definition Language and Object oriented programming. 8. Business Modeling Technique: A business model explains the functions of the process being modeled. The nature of the process can be visualized, defined, understood and validated by representing its activities and flows. Available techniques are flow chart, functional flow block diagram, control flow diagram, Gantt chart, PERT diagram, and Integration Definition (IDEF). Recently evolved methods are Unified Modeling Language (UML) and Business Process Modeling Notation (BPN). 9. Advantages: It deals with the benefits of using the particular framework. 10.Weakness: It deals with the drawbacks of the framework. The following section deals the well known frameworks and lists out their comparison criteria.

4 Evaluation of Various Frameworks 4.1 Zachman Framework The Zachman Framework describes a complex thing in different ways using different types of descriptions. It provides thirty-six categories to describe anything completely. It has six different views (Planner's View (Scope), Owner's View (Enterprise or

14

S. Roselin Mary and P. Rodrigues

Business Model), and Designer’s View (Information Systems Model), Builder’s view, Subcontractor View, actual system view) to facilitate each player to view the system in their own particular way. The domain of this framework is mainly on Categorizing Deliverables. It is well suited for Manufacturing Industries. It focuses mainly on Business process. It can be used in the Planning stage or Design stage of SDLC [15]. Organization’s own system development methodology can be followed if they apply this framework. System modeling technique such as OMG-Model driven Architecture or Organization’s own technique can be followed. BPML is used as the business modeling technique for this framework. It provides improved professional communication within community and understanding the reasons for and risks of not developing any one architectural representation. It provides variety of tools and/or methodologies [26]. But, it has few weak points also. It may lead to more documentation depending on the cases and it may guide to a process-heavy approach to development. It isn’t well accepted by all the developers. It seems in its first appearance as a top-down approach to developers. It is biased towards traditional and data-centric techniques. 4.2 NATO Architecture Framework/C4ISR/DODAF The Department of Defense Architecture Framework (DoDAF) provides the organization of enterprise Architecture (EA) into consistent views. It is well suited for large complicated systems and interoperability challenges. DoDAF provides multiple views, each of which describes various aspects of the architecture. They are Overarching All View (AV), Operational View (OV), Systems View (SV), and Technical Standards View (TV)."Operational views" used here deal with the external customer's operating domain. It focuses mainly on Architecture data and Business process. It is used in the Process or Planning stage of SDLC. The Framework does not advice the use of any one system development methodology. It depends on the organization’s decision. If the system to be developed is larger, then UML tools are likely to be the best choice for system modeling and IDEF family for business modeling. It defines a common approach for describing, presenting, and comparing DoD enterprise architectures. Common principles, assumptions and terminologies are used and across the organizational boundaries architecture descriptions can be compared. It reduces Deployment costs and reinvention of same system [7]. The weakness of DoDAF is no common ontology of architecture elements in the framework. Baseline (current) and objective (target) architectures and business financial plans are not addressed. Usage of architectures to measure effectiveness is not dealt here [23]. 4.3 TOGAF The Open Group Architecture Framework (TOGAF) provides a comprehensive approach to the design, planning, implementation, and governance of enterprise information architecture. TOGAF identifies many views to be modeled in an architecture development process. It includes Business Architecture Views, Information Systems Architecture views, Technology Architecture views and Composite views. The domain of this framework mainly focuses on Business, data and applications. This framework is developed due to the motivation in Defence side framework. It focuses

Survey and Comparison of Frameworks in Software Architecture

15

mainly on Business process, Data, applications and Technology. It is used in the Process or Planning stage of SDLC. Rational Unified process (RUP) is used as the system development Methodology. UML, BPMN are widely used for system modeling and IDEF is used for business modeling. It has increased transparency of accountability. It provides controlled risk, protection of assets, proactive control and Value creation [21]. But, it is weak on Information Architecture, planning methods and governance framework [9]. It needs lots of Detail. And it can lead startup efforts into too much too soon [22]. 4.4 TEAF Treasury Enterprise Architecture Framework (TEAF) was developed by the US Department of the Treasury and published in July 2000 to support Treasury’s business processes in terms of products. This framework guides the development and redesign of the business processes for various bureaus. It is based on the Zachman Framework. It provides four different views. They are Functional Views, Information View, Organizational View and Infrastructure View. It has a domain on Business processes. It focuses mainly on Business process. It is used in the communication or Planning stage of SDLC [11] [15]. It does not refer to any specific system development methodology. It depends on the organization’s decision [20]. Flow chart, UML can be used as system modeling technique and IDEF and ERD can be used as business modeling techniques. It provides guidance to the treasury bureaus and offices in satisfying OMB and other federal requirements. It Supports Treasury bureaus and offices based on their individual priorities and strategic plans. It leads to Treasury-wide interoperability and reusability [11]. The TEAF does not contain a detailed description of how to generate the specification documents (work products) that are suggested for each cell of the TEAF Matrix [19]. 4.5 FEAF Federal Enterprise Architecture (FEA) was developed for the Federal Government to provide a common methodology for information technology (IT) acquisition, use, and disposal in various government enterprises. It was built to develop a common taxonomy and ontology to describe IT resources. The FEAF provides documenting architecture descriptions of high-priority areas. It guides to describe architectures for functional segments in the multi-organization manner of the Federal Government. Like zachman framework, FEAF also has five different views (Planner’s View, Owner’s View, Designer’s View, Builder’s View and Subcontractor’s View) in its framework. It has a domain on provision of services [15]. This framework is well suited for Enterprise Architecture planning. It focuses mainly on Business process, Data, Application and Technology. It is used in the Communication or Planning stage of SDLC [15]. Rational Unified process (RUP) is used as the system development Methodology. UMLis widely used for system modeling and BPML is used for business modeling. It serves customer needs better, faster, and cost effectively. It Promotes Federal interoperability and promotes Agency resource sharing. It reduces costs for Federal and Agency. It improves ability to share information and supports capital IT investment planning in Federal and Agency [10]. The weakness of FEAF is that the Federal

16

S. Roselin Mary and P. Rodrigues

Government can risk allocating too much time and resources to an enterprise architecture description effort yielding potentially little return at significant cost. The Federal Enterprise Architecture program requires technical and acquisition expertise. The Federal IT community must keep its eyes on the basic principles rather than near-term objectives and achievements. The Federal Government has to pay up-front for the right to exercise options in the future. Concern over territoriality and loss of autonomy may impede the Federal Enterprise Architecture effort due to long-term, realignment of Agency functions and responsibilities. It is hard to have common, cross-Agency models and standards to ensure interoperability [10]. 4.6 ISO RM-ODP The ISO Reference Model for Open Distributed Processing provides a framework standard to support the distributed processing in heterogeneous platforms. Object modeling approach is used to describe the systems in distributed environment. The five viewpoints described by RM-ODP are enterprise viewpoint, information viewpoint, computational viewpoint, engineering viewpoint and technology viewpoint. It has a domain on information sharing in distributed environment. This framework is well suited for major computing and telecommunication companies. It focuses mainly on Business process, Technical Functionality and Solution. It is used in the Processing and communication stage of SDLC. Object oriented method and IAD can be used as the system development methodology. UML and OMG are widely used for system modeling and BPML is used for business modeling. It provides lot of details for the analysis phases of the development of applications. It provides the platform to integrate the requirements from different languages consistently. It provides a set of established reasoning patterns to identify the fundamental entities of the system and the relations among them. It provides the appropriate degrees of abstraction and precision for building useful system specifications. It provides a set of mechanisms and common services to build robust, efficient and competitive applications, interoperable with other systems [17]. RM-ODP has the problem of inter-view and inter-view consistency. A number of cross-view checks have to be done to maintain consistency. Yet, these checks don’t guarantee the consistency [16].

6 Conclusion This paper summarizes the frameworks based on the important criteria used in industry side or business side applications and it discusses the benefits and drawbacks of each framework. These points will invoke the user to choose the suitable framework for their industry, organization and business based on their requirement. Users can easily identify the supporting tools available for the frameworks of their choice. On analyzing the work term ‘Focus’, we can easily conclude that all the frameworks developed mainly focus on business and IT solutions. In future, we can enhance the frameworks to focus on quality through effective mapping of frameworks. We can map ancient Indian architecture styles and patterns to the familiar Frameworks to yield new frameworks that will focus on quality.

Survey and Comparison of Frameworks in Software Architecture

17

References 1. Conely, W.: About Architecture (2009), http://www.ehow.com/about_4565949_architecture.html 2. Roger Session: A Comparison of Top Four Enterprise –Architecture Methodologies, ObjectWatch, Inc. (May 2007), http://www.objectwatch.com/white_papers.htm 3. Bass, L., Clements, P., Kazman, R.: What is software Architecture? In: Software Architecture in Practice, ch.2, 2nd edn., pp. 19-45. Addison Wesley, Reading (2003) 4. Kruchten, P.: Architectural Blueprints – The “4+1” View model of software Architecture. IEEE Softw. 12, 42–50 (1995) 5. Shan, T.C.: Taxonomy of Java Web Application Frameworks. In: Conf. Rec. 2006 IEEE Int. Conf. e-Business Engg., pp. 378–385 (2006) 6. HighBeam Research: Software Framework (2008), http://www.reference.com/browse/Software_framework 7. U.S. Dept. of Defense: DoD Architecture Framework Version 1.5. (April 23, 2007), http://www.cio-nii.defense.gov/docs/DoDAF_Volume_II.pdf 8. Kobryn, C., Sibbald, C.: Modeling DODAF Complaint Architectures. (October 25, 2004), http://www.uml-forum.com/dots/White_Paper_ Modeling_DoDAF_UML2.pdf 9. The Open Group: Module 2 TOGAF9 Components (2009), http://www.opengroup.org/togaf/ 10. U.S. Chief Information officers (CIO) Council: Federal Enterprise Architecture Framework Version 1.1 (September 1999), http://www.cio.gov/documents/fedarch1.pdf 11. U.S. Treasury Chief Information officer Council: Treasury Enterprise Architecture Framework Version 1 (July 2000), http://www.treas.gov/cio 12. Ignacio, J.: UML4ODP PLUGIN – User guide Version 0.9., Atenea Research Group, Spain (2009), http://issuu.com/i72jamaj/docs/uml4odp_plugin 13. Bell, Michael: Introduction to Service-Oriented Modeling. In: Service-Oriented Modeling: Service Analysis, Design, and Architecture. Wiley & Sons, Chichester (2009) 14. Buckalew, P. M.: Service Oriented Architecture (2009), http://www.pmbuckalew.com/soa.htm 15. schekkerman, J.: A comparative survey of Enterprise Architecture Frameworks. Institute for Enterprise Architecture Developments, Capgemini (2003), http://www.enterprisearchitecture.info 16. Maier, M., Rechtin, E.: Architecture Frameworks. In: The Art of Systems Architecting, 2nd edn., pp. 229–250. CRC Press, Florida (2000) 17. Vallecillo, A.: RM-ODP: The ISO Reference Model for Open Distributed Processing. ETSI Informática, Universidad de Málaga, http://www.enterprise-architecture. info/Images/Documents/RM-ODP.pdf 18. Liimatainen, K., Hoffmann, M., Heikkilä, J.: Overview of Enterprise Architecture work in 15 countries FEAR Research Project, Ministry of Finance, Finland (2007), http://www.vm.fi/julkaisut 19. Leist, S., Zellner, G.: Evaluation of Current Architecture Frameworks. University of Regensburg, Germany (2006), http://www.dcc.uchile.cl/~vramiro/d/p1546-leist.pdf

18

S. Roselin Mary and P. Rodrigues

20. Treasury Enterprise Architecture Framework, http://www.en.wikipedia.org/.../Treasury_Enterprise_ Architecture_Framework 21. What is TOGAF? http://www.articlebase.com/information-technologyarticles/what-is-togaf-626259.html 22. Westbrock, T.: Do Frameworks Really Matter?, EADirections (October 24, 2007), http://www.eadirections.com/.../ EAdirections%20Frameworks%20Breakout%20updated.pdf 23. Mosto, A.: DoD Architecture Framework Overview (May 2004), http://www.enterprise-architecture.info/Images/.../DODAF.ppt 24. Jim: Applicability of DODAF in Documenting Business Enterprise Architectures (August 9, 2008), http://www.thario.net/2008/08/applicability-ofdodaf-in-documenting.html 25. Ambler, S.: Extending the RUP with the Zachman Framework (2007), http://www.enterpriseunifiedprocess.com/essays/ ZachmanFramework.html 26. Zachman, J.A.: A Framework for Information Systems Architecture. IBM Syst. J. 26(3), 276–292 (1987) 27. Gulla, J., Legum, A.: Enterprise Architecture Tools project (2006), http://www.enterprise-architecture.info/EA_Tools.htm 28. May, N.: A survey of Software Architecture Viewpoint models (2005), http://mercuryit.swin.edu.au/ctg/AWSA05/Papers/may.pdf

Two Layered Hierarchical Model for Cognitive Wireless Sensor Networks K. Vinod Kumar1, G. Lakshmi Phani2, K. Venkat Sayeesh3, Aparna Chaganty4, and G. Rama Murthy4 4

1,2,3 National Institute of Technology Warangal, India Indian Institute of Information Technology, Design & manufacturing, Jabalpur, India 5 Communiation Research Centre, IIIT Hyderabad, India {vinodreddy.nitw,phani.l.gadde,sayeesh.nitw, aparna.214}@gmail.com, [email protected]

Abstract. In recent years, we have seen tremendous growth in the applications of wireless sensor networks (WSNs) operating in unlicensed spectrum bands. However, there is evidence that existing unlicensed spectrum is becoming overcrowded. On the other hand, with recent advancements in Cognitive Radio technology, it is possible to apply the Dynamic Spectrum Access model in WSNs to get access to less congested spectrum, with better propagation characteristics. One of the predominant problems in Cognitive aided Sensor Networks is spectrum management. In this paper we propose an effective way of Co-operative spectrum management in a large environment. The key idea is to localize the sensor field by forming clusters such that each cluster in a way is independent of another. Intra-cluster communication takes place within the locally detected spectrum holes and inter-cluster communication takes place between cluster heads in a common spectrum hole. Thus forming a two-layered Cognitive aided Sensor Networks. Keywords: Wireless Sensor Networks, Cluster, Cluster heads, Cognitive Radio, Co-operative Spectrum detection.

1 Introduction Recent technological advancements have made the development of small, low-power, low-cost, multifunctional, distributed devices, which are capable of wireless communication, a reality. Such nodes which have the ability to local processing are called sensor nodes (motes).Limited amount of processing is only possible in a sensor node. Wireless Sensor networks are the key to gathering the information needed by industrial, smart environments, weather in buildings, utilities, home, automation, transportation systems, shipboard or elsewhere. Recent guerilla warfare counter measures need a distributed network of sensors that can be deployed using, e.g. an aircraft. In such applications cabling or, running wires is generally impractical. A sensor network is required which is fast to maintain and easy to install. A key feature for current WSN solutions is operation in unlicensed frequency bands, for instance, A. Abraham et al. (Eds.): ACC 2011, Part IV, CCIS 193, pp. 19–24, 2011. © Springer-Verlag Berlin Heidelberg 2011

20

K.V. Kumar et al.

the worldwide available 2.4 GHz band. However, the same band is shared by other very successful wireless applications, such as Wi-Fi and Bluetooth, as well as other proprietary technologies. Therefore the unlicensed spectrum is becoming overcrowded. As a result, coexistence issues in unlicensed bands have been subject of extensive research. In addition, a large portion of the assigned spectrum is used sporadically. The spectrum usage is concentrated on certain portions of the spectrum while a significant amount of spectrum remains unutilized. The limited available spectrum and the inefficiency in the spectrum usage necessitate a new communication paradigm to exploit the existing wireless spectrum opportunistically. Dynamic Spectrum Access is proposed to solve these current spectrum inefficiency problems. DARPAs approach on Dynamic Spectrum Access network, the so-called NeXt Generation (xG) program aims to implement the policy based intelligent radios known as cognitive radios. Defined the first time by J.Miltola in 1999, cognitive radios are promising solutions to improve the utilizations of the radio spectrum. The central idea of cognitive radio is to periodically monitor the radio spectrum, intelligently detect occupancy in the spectrum and then opportunistically communicate over spectrum holes with minimal interference to active licensed users. Similar to the existing WSNs, a Cognitive Wireless Sensor Networks (CWSN) consists of many tiny and inexpensive sensors where each node operates on limited battery energy. In a WSN, each node both sends and receives data or it is in idle state. However, in a CWSN, there would be another state called sensing state where the sensor nodes sense the spectrum to find spectrum opportunities or spectrum holes. Adding cognition to a WSN provides many advantages. Sensor nodes in a CWSN can measure and provide accurate information at various locations within the network. Measurements made within the network provide the needed diversity to cope with multi-path fading. In addition, a CWSN could provide access not only to new spectrum (rather than the worldwide available 2.4 GHz band), but also to the spectrum with better propagation characteristics. In this paper we proposed a novel two layered approach co-operative for spectrum sensing. Rest of this paper is organized as follows related work in Section 2, our proposed approach in section 3 and conclusions in the section 4.

2 Related Work Nodes are grouped into distinct and non overlapping clusters. One of the node among a cluster is made has cluster head. This cluster-head collect sensor data from other nodes in the cluster and transfer the aggregate data to the base station. Since the data transfer to the base station dissipate much energy, so these cluster heads have some extra energy and more transmission range. i.e they are different from normal nodes. Since sensor nodes have limited power, power consumption is considered to be one of the most important issue. Thus care has to be taken in designing a protocol which consumes less power. Hence in a CWSN, more the sensors who participate in sensing, more energy is consumed. Thus, we tend to limit the sensing task to some sensors only. Spectrum sensing is a key task in a cognitive radio. It allows identification of spectral holes and helps in exploiting them efficiently. The most effective way of detecting spectrum holes is to detect the primary receivers in the range of secondary

Two Layered Hierarchical Model for Cognitive Wireless Sensor Networks

21

users (sensors). Practically it is difficult for a Cognitive Radio to have a direct measurement of the channel between the primary receiver and transmitter. So most of the research now-a-days focuses on primary transmitter detection based on the observations by the secondary user. In general, we can classify Spectrum Sensing techniques as Transmitter Detection, Co-operative Detection and Interference Detection A cognitive radio should be able to differentiate used and unused spectrum band. So it should be able to determine if a signal from primary transmitter is present in the spectrum. Transmitter detection approach is based on the detection of weak signals from the primary transmitter. Transmitter detection is based on a assumption that the locations of the primary receivers are unknown due to the absence of interactions between the primary users and the secondary users, moreover, transmitter detection model cannot prevent the hidden terminal problem and sometimes the secondary transmitter may not be able to detect the transmitter due to shadowing. While in the case of co-operative detection model the information from multiple secondary users is used for primary user detection. Co-operative detection is done in two methods: centralized and distributed. In centralized method, secondary base station collects all the sensing information from its users and detects the spectrum holes. While in distributed method secondary users exchange observations. Co-operative Spectrum sensing task in the CWSN sensing state, can be performed either by a distributed or centralized scheme. However, we use a centralized scheme for reasons explained earlier. In a centralized scheme, spectrum opportunities are detected by a single entity called network coordinator. The network coordinator broadcasts a channel switch command to indicate an alternate available channel. The alternate channel could be another licensed channel or an unlicensed channel in the ISM band. The broadcast message could be retransmitted by multiple nodes to reliably deliver the message. Typically, there exist two traffic load configurations in a CWSN: • Regular status report: each sensor sends regular status update to the coordinator. The information in such status updates depends on the particular application. • Control commands: control messages are sent by the coordinator. For example, in a heat control application, the coordinator sends commands to switch on/off the heaters. In most cases, due to multi path fading and co-relation shadowing, primary user detection is poor. Co-operative sensing is a method in which xG users co-operate with each other instead of competing. Cooperative detection among unlicensed users is theoretically more accurate since the uncertainty in a single user’s detection can be minimized. Cooperative detection schemes allow mitigating the multi-path fading and shadowing effects, which improves the detection probability in a heavily shadowed environment.

3 Motivation As discussed in the earlier section distributed sensing is a very useful technique for spectrum sensing. Consider a very large network where the primary users and secondary users co-exist sharing the spectrum. The secondary users sense the spectrum

22

K.V. Kumar et al.

at regular intervals of time. This time interval (dt) is decided by the permissible latency for the primary users. The secondary users sense the spectrum, detect the spectrum holes and use it without causing any harmful interference to the primary user. Since the secondary network in this scenario is wireless sensor network, it needs a single band of spectrum to communicate. The best suitable contiguous spectrum available for the whole network will have very small bandwidth while when we divide the network into smaller parts (cluster) ,the best available bands for each of the cluster will be relatively large. Consider the figure where we see 6 regions in a big network. The frequency band which is free to all the six areas is relatively very less when compared to the spectrum locally free within the region.

4 Our Contribution Our idea is to use the locally free spectrum for communication within a cluster. The whole network is divided into clusters and each cluster is headed by a coordinator node which has got extra abilities. The coordinator node will communicate with all the nodes in that particular cluster and Base station. All the data that is to be routed to the secondary Base Station will be sent first to the co-ordinator node and then the coordinator node communicates with the adjacent co-ordinator. There are two channels that a co-ordinator maintains with every node and the neighbouring co-ordinator nodes. They are: (1). Control channel and (2). Data Channel The control channel operates in unlicensed bands (2.4Ghz) and transfers only those packets which are related to the spectrum sensing activity. The data channel transfers the data to be routed to the Base Station via sensors. The data channel operates in the free spectrum bands that are decided centrally by the Base Station. Procedure: 1) The co-ordinator node senses (in regular intervals) the spectrum to detect the spectrum holes in that cluster and sends this sensing information via control channel to the adjacent co-ordinator node. Eventually the base station receives all the spectrum sensing information. 2) Based on the information the Base Station decides communication frequency in which the cluster should communicate in order to avoid harmful interference to the primary user. This information is also sent via control channel itself. 3) Once the co-ordinator node gets the information about the communicating frequency bands, it notifies the same to all the sensor nodes (secondary users) within the cluster. 4) Then all the sensors starts sending the sensing data to the co-ordinator in the data channel which operates in the locally free bands specified by the coordinator.

Two Layered Hierarchical Model for Cognitive Wireless Sensor Networks

23

Fig. 1. A sample Network with primary and secondary

Fig. 2. Control and Data links between nodes

5) The co-ordinator also forwards this information to the neighbouring co-ordinator. Finally, all the data reaches the Base station. 6) The nodes will route in the best available band (which changes from time to time) without causing interference to primary user.

24

K.V. Kumar et al.

5 Conclusion In this paper, we proposed a conceptual model of two layered architecture for Cognitive aided WSN. Considering the challenges raised by Wireless Sensor Networks, the use of Cognitive Radio appears as a crucial need to achieve satisfactory results in terms of efficient use of available spectrum and limited interference with the licensed users. As described in this paper, the development of the Cognitive Radio aided Sensor Network technology requires the involvement and interaction of many advanced techniques like cooperative sensing, interference management, cognitive radio reconfiguration management etc. Energy constraints are the main limitation of Cooperative Sensing which can be overcome placing some coordinator nodes with extra power. By doing so the network life time WSN will increase to a greater extent, also unutilized spectrum can be used more efficiently with good QoS. Also, each node maintains 2 channels which is an added advantage as the data and control channels are separated.

6 Future Work In this paper, we try to give a two layered hierarchy for the cooperative spectrum sensing. In future we would like to enhance the performance of these wireless sensors based cooperative sensing by implementing various methods of sensing and also under some problems like shadowing and fading. As future work we would like to implement this and find real time results for the proposed model.

References [1] Akyildiz, I.F., Lee, W.-Y., Vuran, M.C., Mohanty, S.: NeXt generation/dynamic spectrum access/cognitiveradio wireless networks: A survey. Computer Networks 50, 2127–2159 (2006) [2] Ganesan, G., Li, Y.G.: Cooperative spectrum sensing in cognitive radio: Part I: two user networks. IEEE Trans. Wireless Commun. 6, 2204–2213 (2007) [3] Akyildiz, I.F., Su, W., Sankarasubramaniam, Y., Gayirci, E.: A Survey on Sensor Networks. IEEE Communications Magazine (August 2002) [4] Mitola III, J., Maguire Jr., G.: Cognitive Radio: Making Software Radios More Personal. IEEE Personal Communications (see also IEEE Wireless Communications) 6(4), 13–18 (1999) [5] Haykin, S.: Cognitive radio: brain-empowered wireless communications. IEEE Journal on Selected Areas in Communications 23(2), 201–220 (2005)

3D-CGIN: A 3 Disjoint Paths CGIN with Alternate Source Meenal A. Borkar1 and Nitin2 1

Department of Computer Sciecnce and Engineering, Amrapali Institute of Technology and Sciences, Shiksha Nagar, Haldwani-263139, Uttarakhand, India [email protected] 2 College of Information Science and Technology, The Peter Kiewit Institute, University of Nebraska at Omaha, Nebraksa-68182-0116, United States of America [email protected]

Abstract. The performance of multiprocessor systems is greatly dependent on interconnections and their fault tolerance ability. Handling faults becomes very important to ensure steady and robust working. This paper introduces, a new CGIN with at least 3 disjoint paths. It uses an alternate source at the initial stage, due to which at least 3 disjoint paths can be ensured. The network provides multiple paths between any source and destination pair. The alternate source guarantees delivery of packets to the intended destination, even if two switches or links fail. The alternate source proves quite helpful in case of any fault at initial stage, or the source is busy. In such cases, the packets can be retransmitted through the alternate source to avoid delayed delivery or starvation, which was not being used in original CGIN. This network also provides the dynamic re-routing to tolerate faults. The paper further presents two very simple routing strategies – first for routing in fault free environment and second for routing in faulty environment. Keywords: Gamma Interconnection Network, CGIN, disjoint paths, fault tolerance, Distance tag routing, Destination tag routing, re-routing.

1 Introduction In a multiprocessor system, many processors and memory modules are tightly coupled together with an interconnection network. A properly designed interconnection network certainly improves the performance of such multiprocessor system. Multistage Interconnection Networks (MIN) are highly suitable for communication among tightly coupled nodes. For ensuring high reliability in complex systems, fault tolerance is an important issue. The Gamma Interconnection Network (GIN) is a class of MIN is popularly used in many multiprocessor systems. In a gamma interconnection network, there are multiple paths between any source and destination pair except when source and destination are same. To overcome this A. Abraham et al. (Eds.): ACC 2011, Part IV, CCIS 193, pp. 25–36, 2011. © Springer-Verlag Berlin Heidelberg 2011

26

M.A. Borkar and Nitin

drawback, many new techniques have been introduced. These techniques have also improved the fault tolerance capability of the GIN. These networks are – Extra Stage Gamma Network, Monogamma Network, B-network, REGIN, CGIN, Balanced-GIN, PCGIN, FCGIN and 3DGIN. These network architectures use additional stages, backward links & alteration in connecting patterns to tolerate the faults. These networks also suggest the techniques to route packets towards destination in case of any occurrence of a fault(s). In this paper, we propose a new network, namely 3D-CGIN – a 3 Disjoint CGIN with alternate source. This network is capable of tolerating two switch or link faults, by providing alternate source. Its hardware complexity is approximately equal to PCGIN. We further propose a simple routing algorithm for packet delivery. This paper is organized as follows – Section 2 covers Background and Motivation for this architecture. Section 3 introduces 3D-CGIN and its Topology, Section 4 focuses on routing in fault free environment and re-routing techniques to tolerate faults. Section 5 provides comparison of 3D-CGIN with other networks. Concluding remarks are in section six, followed by acknowledgments and references.

2 Background and Motivation 2.1 The Gamma Interconnection Network (GIN) The Gamma Interconnection Network [1] is an interconnection network connecting N = 2n inputs to N outputs. It consists of log2(N) + 1 stages with N switches per stage. These switches are connected with each other using 3 x 3 crossbar switches. The input stage uses 1 x 3 crossbars, output stage uses 3 X 1 crossbar and all the intermediate switches use 3 x 3 crossbar. A typical Gamma Network is shown in fig. 1. The stages are linked together using “power of two” [2] and identify connections such that redundant paths exist. The path between any source to destination is represented using any one of the redundant forms of the difference between source and destination. These redundant forms are generated using Fully Redundant Binary Number System. A number system gives a method to express numeric values. In a r radix fully redundant binary number system, each digit has (2r – 1) representations, ranging in {(r-1), …..., -1, 0, 1, 2, ….., (r-1)}. These number systems are redundant in the sense that some values have multiple representations. All non-zero values will have multiple representations. A digit can take any of the three values: 1, 0 and -1. In a Gamma Network, a packet visits n routing points before reaching its destination. There are three possible connections at stage i – the packet from node j takes a straight path to deliver it to node j at stage i+1; or reach node (j – 2i)mod N by taking an upward link; or reach node (j + 2i)mod N by taking a downward link. A routing tag is attached with each packet, which guides the packet through the network. This routing tag is made up of n bits, where n = log2N. This tag denotes the modulo N difference between destination and source. For this difference, we generate redundant representations. Each representation denotes a connection pattern from source to destination.

3D-CGIN: A 3 Disjoint Paths CGIN with Alternate Source

27

In this network, at any switching element three different packets can arrive at the same time. At stage i any node j can receive input packet from following three nodes: j, (j - 2i+1 ) and (j + 2i+1 ). These three packets will have 0, 1 and -1 at the ith digit in the routing tag. This network provides multiple paths between any source and destination pair using the redundant number representation. However, it provides unique path when source is same as destination.

Fig. 1. The Gamma Interconnection Network

2.2 Cyclic Gamma Interconnection Network (CGIN) In n-stage Gamma Network, the connection pattern can be represented as 20, 21, 22, …..., 2n-1 . In CGIN [8] the connection patterns were altered by repeating any stage at initial and end connections. This alteration provided multiple disjoint paths, guaranteeing one arbitrary fault tolerance. It also guaranteed multiple paths between any pair of source and destination. The resulting network depicted cyclic nature. A CGINγn is a CGIN with n stages and the connecting patterns between first two stages and last two stages being 2γ where 0≤ γ ≤ (n-2). So, the connecting patterns between stages can be ordered as 2γ, 2γ+1, 2γ+2, …., 2n-3, 2n-2, 20, 21, 22, …...2γ-1, 2γ

28

M.A. Borkar and Nitin

The stages of CGINγn are numbered 0 to n and the connecting patterns are based on plus-minus 2( γ+i)(mod n-1) functions. Fig. 2 shows a typical CGIN03 . Each request in CGINγn , carries a routing tag of n digits. The weight of each digit is determined by the connecting pattern. For a tag digit di , the weight is determined by the formula : ±2( γ+i)(mod n-1) if di is ±1. The routing complexity of CGIN is same as that of GIN. CGIN reduces the pin count, as it uses 2γ instead of 2n-1 connecting pattern. It reduces the total layout area as well thus, achieving reduction in cost. CGIN uses the destination tag routing and re-routing to tolerate any arbitrary single fault. It does not provide strong re-routability. Strong re-routability implies that the packet can be re-routed at every stage. CGIN provides at least 2 disjoint paths between any pair of source and destination. However, packet delivery can fail, if the source is faulty.

Fig. 2. CGIN03

2.3 Review of Fault Tolerance Techniques Used in GIN In order to provide reliable interconnection between each source and destination, one needs to look into the availability of switching nodes and links. Generally, a switching element is said to be faulty if it is down due to non-functionality or is busy with

3D-CGIN: A 3 Disjoint Paths CGIN with Alternate Source

29

transfer of packets. There are two possible faults in the Gamma Network, either a SE i.e. switching element is faulty or a link connecting two SEs is faulty. When a SE is faulty, then either the Source or the SE at previous stage should take a decision about retransmission of packet or re-routing the packet through some intermediate SE. In case of a link failure, the node connected with it should be able to choose an alternate path to the destination. In the following section we discuss various techniques used to tolerate these faults. Fault Tolerance Techniques. We try to focus on the major attempts made to tolerate the faults and improve the performance as well as terminal reliability of the Gamma Network. The majority of the work is done by providing additional hardware or altering the connection patterns. Adding Extra Stage. Adding extra stage to the Gamma Network eliminates following two problems: first, the unique path between a source and destination when S = D and second, the number of paths for even tag value are less than the number of paths for odd tag values. To provide multiple paths for S = D, an extra stage is added to the Gamma Network. The connection pattern for this extra stage can be any stage of gamma network. The routing tag is again made up of three possible values 1, 0 and -1. By using an additional bit for the extra stage one can generate the multiple paths from source to destination. The routing tags are generated in similar manner as that of the Gamma Network. The routing algorithm is a simple extension of routing in Gamma Network. The Extra Stage Gamma Network [3] uses this concept to provide multiple paths; those could be followed to handle the faults. Providing Back Links. In any multiprocessor system, the memory requests from processing elements are generated randomly, hence the path or memory conflicts are inevitable. By increasing switch sizes the path conflicts may be reduced, but memory conflicts are still unavoidable. Providing extra buffer space will certainly reduce the memory conflicts, but the implementations become very costly. Therefore, some networks use Backward Links to provide multiple paths, to cater with path / memory conflicts. The B-network [4] is the network using this particular fault tolerant technique. In this technique, the requests blocked due to path / memory conflict, are simply send back one stage and from there a new path is selected for the packet. In this approach, the packet may follow any number of back links, and then may get forwarded to destination. Following are certain features observed with back links – 1) The backward links act as implicit buffers, 2) The backward links at the very last stage can handle the memory contention, which cannot be done by crossbars. Providing the Extra Link. Some network architectures use an additional link that may connect to some additional SE in next stage. The Balanced Gamma Network [5] uses this approach. It uses the distance tag routing. Two more modified GINs, namely, PCGIN [6] and FCGIN [6], make use of additional links at 0th stage. In PCGIN, all the nodes are connected to each other, forming a chain from 0 to N. Using this layout it ensures at least 2 disjoint paths between any source to destination pair. It uses backtracking to tolerate faults. On the other side, FCGIN, uses a fully chained approach at each stage to avoid backtracking. Due to chaining at every stage, it provides distributed control and dynamic rerouting, hence a better fault tolerance is provided. These networks are 1 - fault tolerant.

30

M.A. Borkar and Nitin

Changing the Interconnection Patterns. Due to ±2i interconnection patterns, GIN provides multiple paths for many sources to destination pairs. However, for certain Source and Destination it provides unique paths, which prove risky if a node fails. Then for certain pairs the communication becomes impossible. One can provide multiple disjoint paths for all source to destination pairs by altering the interconnections between any stage i and i+1. The Reliable Gamma Network (RGIN) [7], uses the altered interconnection patterns to provide multiple paths and disjoint paths. Another network, called Mono gamma Network [8] also uses the altered interconnections to provide multiple paths between any source to destination pair, but they are not disjoint in nature. In Cyclic Gamma Interconnection Network (CGIN), any interconnection pattern between any two stages can be repeated to provide multiple disjoint paths without increasing the hardware cost. As it uses, the repetition of connection pattern the pin count reduces. Balance modified GIN [9], reverses the connection patterns for upper links as compared with GIN, while keeping the connection patterns intact for lower and straight links. This approach balances the distances between any communicating pair. By Combining the Switching elements. 3DGIN [10] is a network which combines the switches to provide 3 disjoint paths. Here, the switches at initial stage are combined together. It ensures without one lookahead, less hardware cost, 3 Disjoint paths and two faults tolerance. We propose a new network, which is an alteration in CGIN, with an alternate link at stage 0. This network provides 3 disjoint paths in CGIN, with use of the alternate link.

3 3D-CGIN: A 3 Disjoint Paths CGIN 3.1 Network Architecture of 3D-CGIN 3D-CGIN is a cyclic Gamma Network, connecting N = 2n inputs to N outputs. It consists of log2N + 1 stages with N switching elements per stage. The number of input nodes in 3D-CGIN are divided in two parts, and an alternate link is used connecting the respective input nodes to each other. It means that the first node in first part is connected with first node in second part with alternate link and so on. The 0th stage switches are 2 X 3 crossbars, 1st and 2nd stage switches are 3 X 3 crossbars, output stage switches are 3 X 1 crossbars. The connecting patterns between different stages are done as per CGIN concept. The connections between stage 0 - 1 & 2 - 3 are done as per 20 patterns whereas the 21 pattern is used for connection between 1 – 2. Fig. 3 shows the topology of 3D-CGIN for N = 8. In 3D-CGIN, a packet visits n switches before reaching the destination. The stages are numbered 0 to n, from left to right. The connecting pattern between stages is given by plus-minus 2(γ+i)mod (n-1) functions. The jth switch at stage i, 0 ≤ i ≤ n, is connected with three switches at stage i+1 using three functions: fstraight (j) = j fup (j) = j - 2(γ+i)mod (n-1) mod N fdown (j) = j + 2(γ+i)mod (n-1) mod N

3D-CGIN: A 3 Disjoint Paths CGIN with Alternate Source

31

The function fstraight defines the switch to be visited if a straight link is chosen. The functions fup and fdown denote the switches visited if we choose up and down links respectively. Each request in 3D-CGIN also carries a routing tag of n digits. Each digit in tag can take any of the following three values: 0, 1 and -1. We can use both the distance tag routing and destination tag routing methods to route a packet to its intended destination. By distance we mean Distance = D – S (Mod N), where D is the destination and S is the source. Following formula is used, to generate the all possible routing tags representing the distance between source and destination: RTDistance = δij 20 ± δij 21 ± δij 20 .

(1)

The alternate source / link at stage 0 is used in following cases : 1) The source S is faulty / non operational, 2) Source S is busy with packets and the current request needs urgent processing, 3) the buffer of source S is full, due to which the request is required to wait. The routing algorithm should make a decision about it. Whenever the packet is transferred to alternate source the routing needs one extra hop processing.

Fig. 3. Topology of 3D-CGIN with N = 8

32

M.A. Borkar and Nitin

3.2 Multiple Disjoint Paths We can observe that the destination D at stage n is connected to three switches at stage n-1; D + 2γ (Mod N), D and D - 2γ (Mod N) respectively. Therefore, a path can reach to D through one of them. So, the total number of alternative paths between source S and destination D should be sum of all possible paths from S to these three switches. We can estimate these numbers by using the recurrence relation used in CGIN. If we consider the alternate source is also used for transmission then, the paths from it will prove additional to the original paths generated from S to D. It can be observed that, multiple paths are always present between every pair (S, D), and we can get at least 3 disjoint paths considering the alternate link. Theorem: There exist at least 3 disjoint paths in 3D-CGIN. Proof : In 3D-CGIN, for any source S at stage 0, three switches at stage 1 are connected : S-1(Mod 8), S and S+1 (Mod 8), where the distance between S and D is in range -1 ≤ D – S (Mod 8) ≤ 1. The S ± i (Mod 8) switches at stage 1 will be connected with S ± i (Mod 8) and ((S ± i ) ± 2 ) mod 8 switches at stage 2. Therefore, we can say that the source S at stage 0 is connected with ( S ± 1 )mod 8 and (( S ± 1 ) ± 2 ) mod 8 switches at stage 2, except for a switch where (D – S ) mod 8 = 4. That means, any source S will be connected with switches (S, S ± 1, S ± 2, S ± 3) mod 8 at stage n-1. A switch at stage n is reachable through 3 links from stage n-1. The links 1 and -1 will certainly lead to disjoint paths towards destination D. Source S is connected with destination D by two paths if (D – S) mod 8 = ± 1. There is exactly one path from S to D if (D – S) mod 8 ≠ ± 1, except where (D – S) mod 8 = ± 4. The same logic is applicable when we use the alternate source. We can further show that, between two disjoint paths from alternate source, at least one path will be always in existence that will never use the switches used by source S to D. Hence, we can guarantee at least 3 disjoint paths from any source S to destination D considering the paths from alternate source.

4 Routing in 3D-CGIN 4.1 Routing Algorithm Considering Fault at Initial Stage In this section, we present an algorithm / strategy for selecting proper link at every stage. This algorithm considers fault at stage 0, and in case of faulty switch it forwards the packet to alternate source using the alternate link. The algorithm do not assumes any fault in further stages. Algorithm 1. If the source S is faulty at 0th stage then forward the packet to alternate source for that node i.e. the node S = S+4. 2. If S=D then always follow a straight link till you reach destination.

3D-CGIN: A 3 Disjoint Paths CGIN with Alternate Source

33

3. The routing will be done as follows: a. Let S be the source and D be the destination then first calculate Difference = D–S b. Repeat following steps till we reach the destination: 1. If -1 >= Difference >= -4 then follow uplink, you will reach an intermediate switch, make it new source and again compute the Difference = D-S. 2. If 1 Ω

3 Algorithm 3.1 Setting Up a Dedicated Path Here, we considered a 6 nodes topology of an ad hoc network to be fixed. Fig. 1 shows one source node Si, one destination node Di and four intermediate nodes A, B, C, D.

Fig. 1. Six nodes topology with Si and Di as destination and source node and four intermediate nodes

Strategy profile for each node having 3x3 random matrices has been generated. For any action (i, j) of the node, say A, value of the matrix a (i, j) is the payoff to node A for that action. Here, action represents the power with which the node is transmitting packets. To establish a communication link, these matrices are generated for every participating node and equilibrium occurs when maxima of one node occurs at position (i, j) where maxima of other node occurs. The strategy matrix is very much crucial to keep the track over selfish nodes. The following algorithm is proposed: a) Each node that will be participating in the transmission generates a 2-D matrix which contains the set of actions. Selection of a particular action decides the outcome of the node. A payoff value is assigned corresponding to each action of the node.

208

J. Gupta, I. Kumar, and A. Kacholiya Table 1. Payoff Matrix Node B a11

a21

a12

a22

Node A

b) Each node will cross verify the matrices of the rest of the nodes for the best action. This value will be considered as the virtual currency [2]. Considering three intermediate nodes between source and destination the condition can be checked in MATLAB using if ((A(j,i) == max A(i)) && (B(j,i) == max B(i)) && (C(j,i) == max C(i)) && (D(j,i) == max D(i))) Where, A, B, C, D are the corresponding strategy matrices and max(A), max(B), max(C), max(D) contains the maximum values of the corresponding strategies. The case may occur that a particular node is not participating with its best possible action. Then this node will be provided certain time to improve its behavior. The payoff values of all the nodes involved in the transmission are asked from the user. On the basis of outcome, one value from the various payoff values is being selected. Corresponding to this payoff value, there will be an energy with which node will be transmitting forward. After all nodes agree to participate at their corresponding energy levels, a dedicated path is formed. After the formation of dedicated path the transmission starts taking place. 3.2 Identifying the Cheating Node Cheating node can be identified by maintaining a table for all (Si,Di) pair which will be available at every node. Transmission by node will not be considered when it acts as source. Table 2. From node

To node

Power to support edge

Number times node participated

A A B B C C D D

B D A C B D C A

10 9 10 8 8 12 12 9

0 4 0 0 0 5 4 6

of

Game Theoretic Approach to Resolve Energy Conflicts in Ad-Hoc Networks

209

First three columns show the topology, whereas fourth column shows the number of times a node has participated in routing. It can be concluded from the table that when the node does not participate in the routing, value of fourth column for that particular node becomes zero. Based on the involvement or the co-operation of the nodes in the network payoffs or some incentives are given to them. Table 2 will be evaluated after every periodic interval and when value for any node comes out to be zero repeatedly, it means that particular node is not participating in routing therefore; no payoff will be given to it. This is how, the path is determined from the source to the destination which consumes least energy. In our simulation node B is not participating. This table can also help in minimizing the over-utilization of a node. When value of any node in fourth column becomes large, it means that node is being over-utilized.

4 Implementation The implementation of this novel algorithm is done by using rand function to generate the strategy matrices. The algorithm has been implemented for 50 games/transmissions. If the

Fig. 2. Graph representing Nash Equilibrium of source node

Fig. 3. Graph representing Nash Equilibrium of destination node

210

J. Gupta, I. Kumar, and A. Kacholiya

energy of a particular node in the topology gets exhausted then there will be no more participation of the node in the game/transmission. Fig.1 and Fig.2 show the Nash Equilibrium points for the source and destination nodes respectively. Similarly, the Nash Equilibrium of all the other nodes can be plotted.

5 Conclusion Game theory is used in many situations where conflict and cooperation exist. In this paper, we propose a game model that can be used to optimize total energy of the network and to analyze selfish behavior of the node, if any. Using this approach the route/path is determined which requires least energy with maximum co-operation among the nodes. If the same node is participating again and again to forward the packet then all the paths that go through that particular node will get diminished soon due to the over utilization of the node in terms of energy. Therefore, the above described algorithm has taken into account this problem. The nodes which are participating will be provided some payoffs or incentives and the others which are not co-operating will not be allowed to transmit their own packets. Nash equilibrium is used to determine the path which consumes less energy to reach the destination after taking decisions from the payoff matrices. Strategy of Game theory can further be applied to determine the network parameters like throughput and delay etc.

References 1. Komali, R.S., MacKenzie, A.B.: Distributed Topology Control in Ad-Hoc Networks: A Game Theoretic Perspective. In: Proc. IEEE CCNC (2006) 2. Leino, J.: Applications of Game Theory in Ad Hoc Networks, Master’s thesis, Helsinky University (October 2003) 3. Xiao, Y., Shan, X., Yongen, Tsinghua University: Game Theory Models for IEEE 802.11 DCF in Wireless Ad Hoc Networks, IEEE Radio Communications (March 2005) 4. Roughgarden, T.: Selfish routing and price of anarchy. Lecture Notes. Stanford University, Stanford 5. Srinivasan, V., Nuggehalli, P., Chiasserini, C.F., Ramesh, R.R.: Cooperation in Wireless Ad Hoc Networks. In: IEEE INFOCOM (2003) 6. Narahari, Y.: Game Theory. Lecture Notes, Bangalore, India

Software Secureness for Users: Significance in Public ICT Applications C.K. Raju and P.B.S. Bhadoria Indian Institute of Technology, Kharagpur, India {ckraju,pbsb}@agfe.iitkgp.ernet.in

Abstract. Software secureness as experienced by a user has connotations that imply better control over information that is getting encoded. It also implies adherence to established protocols by the software and provision to inspect software sources for coding errors. The significance of some of these issues is evident in some reference manuals on Software Quality. Software secureness could be treated as a significant constituent in software quality which can be enhanced by altering the properties of the software applications, software environment and software implementation of protocols or data standards that are deployed in the software projects. Traditional approaches to Software Quality often provide a privileged position to developers of software projects, in providing them the freedom to fix the prerequisites and conditions that determine quality. In situations where software serves public interests or needs, software secureness should not contrast amongst the communities that use, develop, test or maintain the same software project. For most of the services in public domain, the user community is the one which is constitutionally the most empowered. Utilities that serve public needs may also involve processing of information of user communities. Therefore, software secureness must be evaluated from the viewpoint of the community of its users, even if it happens to be the least privileged in setting the prerequisites or conditions for software quality. A shift of this nature is necessary because a proprietary software environment may be completely transparent to its developer community, even while remaining opaque or insecure to its user community.

1

Introduction

Software Quality is a widely discussed and debated issue especially in the context of software engineering practices. Software processes differ from most other manufacturing processes, in that the products and processes are capable of getting modified, tested or developed by communities of users, maintainers or developers. If one is aware of the constituents that create software quality, then it becomes easier to enhance the quality. This article examines the issue, taking software secureness as a parameter for achieving software quality. It attempts to define and view secureness through correctness of software sources, fair implementation of protocols and through the nature of data formats that the software projects use. Initial reviews on software quality measures on software products had prompted A. Abraham et al. (Eds.): ACC 2011, Part IV, CCIS 193, pp. 211–222, 2011. c Springer-Verlag Berlin Heidelberg 2011 

212

C.K. Raju and P.B.S. Bhadoria

detailed studies on issues like as-is utility, portability and maintainability [4]. Significance of portability and maintainability has also been stressed in another software product quality model suggested by Dromey [6]. This situation presupposed availability of software as sources and details of protocols, as without accessibility to such sources, maintainability could be ruled out and portability gets impossible. Manuals in software quality make adequate references to adherence to use of data standards, fair implementation of protocols and transparency in coding of their implementation [2], [3], [1]. These manuals, while laying out specifications for achieving software quality, however, do not insist on the dichotomies that arise while applying quality conditions to user and developer domains. While developers working within proprietary software establishments can claim software quality by adhering to these manuals by virtue of having accessibility to software design and development processes, a majority of users who are out of purview of the development establishment and who would be the major consumers of software, are not in a position to guarantee software quality on their own. This unique contradictory situation insofar as the software users are concerned has even prompted a suggestion that open standards without insistence of open source software would render the whole claim of software quality inadequate [14]. Software sources often undergo changes while catering to evolving demands. Its management too would get complex, when the communities of users, developers or maintainers are allowed varying degree of permissions or restrictions in their access to software sources. Adherence to established protocols also requires that software is programmed to do, what it claims to do. Even more importantly, software should not be doing, what it is not supposed to do. The task of validating secureness, therefore, needs a fair amount of expertise in programming by the inspecting agency. It is known that errors or deviations from norms in software can be brought out if more people are allowed to inspect the sources [13]. Therefore, access to software sources is a critical factor in establishing secureness of software, especially for those software applications serving public interests or needs. The properties and nature of data formats used in public applications also need to be scrutinized for their linkages with software secureness. Data formats could be either standards or open formats where ownership have been relinquished. Data formats could also be proprietary which may have owners. When ownership of proprietary formats are in private possession, encoded information risk getting under perpetual control, especially if the private owners shun efforts to convert them into legitimate standards relinquishing ownership. In a draft legislation introduced in Republic of Peru [15], a few issues were referred. It was argued that public agencies have a natural obligation to guarantee permanent availability of information encoded, processed and stored while engaging with software applications. To ensure this, proprietary formats were not desirable for public systems. The significance, as per the bill was due to the fact that private information of citizens gets processed in such software systems,

Software Secureness for Users: Significance in Public ICT Applications

213

and the state as a legitimate custodian of such information has an obligation to safeguard its availability. Hence usage of data standards or open data formats which do not have owners needs to be mandatory part of any public software initiative. Software that has the data formats encoded in open data formats or data standards will enhance its secureness, as these could be retrieved or made available at any time in future. Accessibility to software sources allows inspection of the sources for fair implementation of software protocols and coding practices. The draft bill had promoted use of Free Software in public institutions [15]. A study [14] on effectiveness of open standards had pointed out that unless the implementation of such standards are carried out with open source projects, a precarious situation involving vendor lock-in might follow. In a case taken up for study here, the twin requirements that deal with accessibility to software sources and adherence to established data standards or open data formats were scrutinized and their suitability examined towards enhancing software secureness. The public software application is one that monitors a rural employment guarantee scheme introduced on a national scale in India. 1.1

National Rural Employment Guarantee Scheme (NREGS)

A government initiative to guarantee 100 days of employment on an annual basis to all rural households in India was legislated [7] in 2005. Commissioned as National Rural Employment Guarantee Scheme (NREGS), the programme was open to all households whose members were willing to offer unskilled labour. Though initially the programme was implemented in selected areas, it later got extended to all rural areas of India. The programme, rechristened as Mahatma Gandhi National Rural Employment Guarantee Scheme (MGNREGS), continues to be executed through all local self-government institutions in the Panchayat Raj System which predominantly addresses rural population. The enactment was subsequently amended to place all information about the scheme in public domain through a website. It later became a mandatory requirement [8] for the purpose of introducing transparency in all the transactions within the system. This monitoring scheme which has already commenced is planned to be in operation at over 240,000 rural self-government institutions in India. The software that fulfills this requirement has been developed by National Informatics Centre (NIC) and is made available to the rural local self-government institutions. Here, the data processed at rural local self-government institutions spread across the country will be received and stored at a central database repository. NREGASoft, the software developed for monitoring these activities is capable of operating in ’online mode’ as well as in ’offline mode’ [12]. In the online mode of operation, a dedicated internet connection needs to be established between the local self-government institution and the Ministry of Rural Development (Govt. of India) which hosts the central server. In the online mode, details of all activities are updated on a daily basis with the help of a browser application at the nodes. However, due to the enormity of data, the data-entry operations which even include marking of attendance of the workers at the various work

214

C.K. Raju and P.B.S. Bhadoria

sites are carried out in the offline mode. In the offline mode, data related to MGNREGS are entered by local self-government institutions and updated in a local database repository. Later, at a convenient time or from an alternate location, the incremental updates to local database are synchronized with the remote central repository, which is housed in the premises of Ministry of Rural Development, Government of India. NIC has developed a web-server application integrated with a hypertext scripting engine with the central database server [8], which allows ’online mode’ of operation. According to its principal developer [11], the first major award bagged by the project was Microsoft e-Governance Award 2006.

2

State of Software Sources and Data Formats

On analysis of NREGASoft it was observed that the central server which received information from rural local bodies was configured using proprietary software. The information received was stored in database in a proprietary format. The minimum essential configuration for becoming the client of the monitoring network, as per the manual [12], is listed in Table 1. Table 1. Ownership of Client Software Sources (Offline) Software

Nomenclature

Owned by

OS

Windows XP SP-2

Microsoft Inc

Web Server IIS Server Database

Microsoft Inc

MS SQL Server 2000 Microsoft Inc

Application NREGASoft

NIC

It can be seen that a software firm has exclusive ownership over the software environment which embeds the application software developed by NIC during execution. Users of this rural software application do not have access to software sources that are owned by this software firm, and hence software secureness of the environment for the users gets reduced. For both the offline mode and the online mode of operation, the server configuration is listed in Table 2. The secureness of the scripts that make up NREGASoft is dependent on access to its sources. NIC owns and maintains the scripts of NREGASoft. Since these scripts are made available to local self-government institutions, secureness of NREGASoft will be dependent on the extent of access to the scripts that is made available to the users. However, when a software application is embedded inside an insecure software environment, the software project will become insecure for its users. In a study carried out by Jones, it was pointed out that at the user end, it is almost impossible to build a meaningful software metrics even for identifying its inadequacies or highlighting its worthiness as good, bad or missing [9]. The study even went ahead and claimed a metric as hazardous which was unrelated to

Software Secureness for Users: Significance in Public ICT Applications

215

Table 2. Ownership of Server Software Sources Software

Nomenclature

OS

MS Windows Server Microsoft Inc

Web Server IIS Server Database

Owned by Microsoft Inc

MS SQL Server 2000 Microsoft Inc

Application NREGASoft

NIC

real economic productivity. Therefore for any software project to be completely secure to its users, it should be operated only in an environment that can extend secureness of any software that is in execution. From the database description used in the application, it is evident that information related to public is encoded in proprietary data format and is opaque to its users. Deprived of the neutrality that is required in data standards or open data formats and transparency in implementation of its encoding, the secureness of data diminishes. 2.1

Secureness through Access to Sources

In NREGASoft, the community of users is mostly those from the rural local bodies in India, belonging to different states and union territories in India. The developers and maintainers of the application of NREGASoft happen to be from National Informatics Center (NIC), which is a public agency under the administrative control of Government of India. The developers of the software environment of NREGASoft happen to be from a private software firm. In this proprietary software project it can be seen that the communities of users, developers and maintainers are not the same. NIC has some definite control over the sources (server scripts) it develops and maintains. The communities of users, which happen to be the members in local self government institutions, do not enjoy the same privileges for access to the sources as that of the maintainers. A proprietary developer of kernel and similar services related to Operating System may have complete control over the entire project. This is because user-level software applications get embedded inside a proprietary operating environment, which can oversee any aspect of its functioning. A recent study suggested that exposure to software sources would help in reducing the number of faults which can be taken as an important factor while creating a process metrics [10], but the dilemma of software secureness would continue, so long as sources are not made available to user community. Secureness of software is directly related to access and control over source code of software by the users. The software project may be secure enough to Microsoft Inc., who has access to all the code it develops. NIC’s sense of secureness, however, is limited to its control over the sources NIC has developed. Still lesser sense of secureness will prevail on the programmers and other users in rural local self-government institutions, who may have access to some portions

216

C.K. Raju and P.B.S. Bhadoria

of the program developed by NIC. For the common rural citizens in whose service the application is created, however, the application can never be declared secure. This is because there are no legal provisions that facilitate rural citizens to inspect, test or debug the code or entrust such inspection to third-parties as brought out in the draft bill introduced in Peru [15]. In a democracy, where state serves its people, excluding people from accessing software sources is akin to excluding masters of the state. The secureness of software vis--vis ordinary citizens, whose information is getting processed, is therefore not prominent in NREGASoft. 2.2

Secureness through Adherence to Data Standards

Software scenario is replete with instances of multiple choices for data formats available for the purposes of storage or processing in certain application domains. Wherever data formats have been declared as data standards or open data formats, it can be presumed that issues over ownership over such data standards too have been settled. This is primarily because data standards or open data formats are devoid of owners claiming exclusive rights over such formats. Data standards or open data formats play a vital role in ensuring interoperability of encoded data between systems as they become neutral to applications that use them. Retention of ownership or rights over some or all parts of standards would dent this neutrality, in the process rendering it a non-standard. Its status then would be as a proprietary data format. The scope of discussion on proprietary formats in which data are encoded and other related protocols used in NREGASoft is limited, as their implementation details are not available for inspection by any user, other than the firm that developed it. Additionally, there cannot be a fool-proof mechanism for validating any claims of adherence to protocols, as these are available only in binaries, mostly in a non-decodable format whose ownership entirely lies with a single agency. The licensing conditions, under which these utilities are made available to users, strictly prohibit any attempts to reverse-engineer or decode. Thus, the existing state of the art is severely limited in its scope for evaluation or scrutiny, from a technological perspective. The data encoded cannot be guaranteed to be available permanently [15]. Secureness of the system, therefore, is further compromised through the usage of proprietary formats and non-verifiable protocols. Operations from client-side have been categorized into two modes. In the offline mode, a local database is created and updated, from where data is updated with the central database server. Most of the software utilities are available only in binary formats. The state of client in offline mode is almost the same as that of server. Secureness of client, therefore, is poor as in the case with secureness of server. In the online mode, it will be a web-application which will be used to update the remote database. Here too, the encoding of data for storage in remote database will be carried out in proprietary formats.

Software Secureness for Users: Significance in Public ICT Applications

217

The tendency of software secureness to vary can be gauged from the interest shown by the owner of proprietary format to have it converted into a legitimate standard, relinquishing any kind of ownership. Absence of ownership over any part of format, if published as a standard, and made available for public use, would naturally mean that everyone has an equal share of ownership, enforcing neutrality. In the event of non-neutrality of encoding process, the format may need alteration to become a standard. In the case of NREGASoft, Microsoft Inc currently holds the ownership of proprietary data formats used in its systems. Hence, software secureness is severely restricted with regard to encoding of information. 2.3

A Framework That Indicates Secureness of Software

In a similar description, one can find a range associated with accessibility of software. At one end of the spectrum is making available software source codes with freedom to inspect, modify and publish, to the community that uses them. At the other end of the spectrum lie software, extended as binaries with two different variants. One variant is a type of software binaries with access to their respective sources with varying degrees of freedom over their usage to inspect, modify, alter, distribute or publish as in the case with Free Software or other Open Source projects. The other is extension of mere binaries of software with no access to their sources, denying the user community to build the binaries from their respective sources. Thus, inspection, modification, alteration etc are impossible. A framework that adequately represents this model of arrangement is produced in Figure 1. The first and fourth quadrants deal with sources of software code, with a difference. While sources and standards are available in public domain in the case of first quadrant, the sources and data formats used in the fourth quadrant are available only within the proprietary establishments that develop them. The secureness in the first quadrant is highest, which are enjoyed by users, developers, maintainers and testers. The secureness for software in fourth quadrant are however enjoyed by only developers and testers of proprietary software. Since users of proprietary software deal only with software binaries and proprietary formats, secureness of software is absent for users of proprietary software. Cases that deal with standards and binaries (with no access to source code) as well as cases that deal with proprietary formats and binaries (with access to source code) are both deviations from the usual norm, and hence their representation is not considered important in this framework. They are not testable too, by virtue of having binaries or proprietary formats, often legally protected from any detailed scrutiny. NREGASoft as a product independent of its environment lie in third quadrant, and the software environment that facilitates its functioning lie in the fourth quadrant. It is pertinent to note that users of NREGASoft have their software secureness seriously compromised. This analysis sets off an inquiry whether it is possible to elevate the secureness of software, and if so, what should be conditions that favour this transition.

218

C.K. Raju and P.B.S. Bhadoria

Fig. 1. A framework highlighting differing environments for Users, Developers and Maintainers

3

Software Monitoring Application with Enhanced Secureness

A scalable prototype for a local database management system that captures and stores information pertaining to MGNREGS was developed using Free Software applications during late 2009 and early 2010. The following software components described in Table 3 were deployed. Table 3. Alternate Software Specifications Software Operating System

Nomenclature GNU/Linux Ubuntu 9.10

Web Server

Apache 1.3.42

Database

MySQL 5.1.31

Webserver Scripts

PHP 5.2.12

Content Managing Software

Drupal 6.15

A scalable prototype was developed with Drupal and the essential functions of a work-activity were captured and made available as reports. Assessment of work requirements and its processing was carried out at Panskura-I, a block panchayat in East Medinipore district, West Bengal. Information generated through the reports, validated the functional aspects of the prototype at the developer’s

Software Secureness for Users: Significance in Public ICT Applications

219

level. In a rural application developed with Free Software, the transparency of the solution would be highest if the rural citizens are allowed to inspect the code that processes their information. This meant that making available packages in Free Software over an Operating System built over Free Software is inadequate. The entire sources of the database that created the application too need to be made transparent. The new conditions made the publishing of the Structured Query Language (SQL) database dump for the application under a GNU General Public License (GPLv3), imperative. A mere replication of a database, too, is inadequate if inspections are to be carried out. The metadata design pertaining to the database that processed all work activities of MGNREGS were made part of the original design. This meant that the application displayed, as part of its features, the database design too, with relations, entity relationship diagrams and detailed description of every attribute in all relations, and the forms that invoke these relations. Moreover, all future transactions that are committed on this database would also retain the same openness and transparency, when copied for distribution. An SQL dump would then cause not only the data captured through the application available for inspection, but also the semantics of its usage. Since access privileges are controlled by the MySQL database which is separated from the database meant for storing information related to MGNREGS, unauthorized intrusions are blocked. Releasing the SQL dump under a GNU General Public License would ensure that every amendment incorporated would need to be published if the solution is made available to another party. These measures would in no way affect the operational capabilities of the monitoring software and would enhance the relationship between software design quality, development effort and governance in open source projects as carried out in a study [5]. Rather, it would reinforce the requirements for transparency in all its operational details, which had been a condition for setting up an information processing and monitoring system [8]. The new way for replication was, thus, to install all the packages mentioned in Table 3 above, superimpose the SQL dump of backed up Drupal application database and install MGNREGS database in MySQL. The entire application would be recreated that would not only have the application, but also one that contains the design aspects too of the database. By implementing such a design, secureness of software was enhanced with ease of reproduction for the purpose of analysis or modification. The authentication codes were the only elements that were not part of the transparent package, for obvious reasons. For developers, updating of software tools as and when new releases are distributed is essential, as most Free Software projects evolve continuously. A new challenge, therefore, would be to make available newer releases of software to all the nodes. A version control system would ensure seamless integration of the application to any versions of the software environment. Software projects may involve user, developer, tester and maintainer communities. Here, one can find that the privileges of all the communities are almost

220

C.K. Raju and P.B.S. Bhadoria

Fig. 2. Varying software secureness in different software environments

the same with regard to access to software sources, which is crucial to ascertain adherence to established protocols and adherence to open data formats or data standards. The privileges of user communities, here, are better than those in NREGASoft. For the user community, secureness of software has been enhanced in Free Software application when compared to secureness of NREGASoft. To enhance the software secureness of NREGASoft, therefore, the conditions require that the solution be re-designed in a Free Software environment. Additionally, the proprietary formats in which encoding of public information is currently being carried out are to be abandoned in favour of open data formats or data standards, devoid of any ownership. To ensure that the application scripts too can never be closed for inspection, they too should be released under an open public license that prevents its closure in future. By having the software secureness of NREGASoft enhanced considerably to the user community, it can be safely presumed that software quality too would be improved as depicted in Fig 2. The authors would like to point out that while this software development work merely validates the claim that secureness of software with respect to the user community can be enhanced, the study does not claim that such development work is beyond the capabilities of private software development companies. On the contrary, the authors may even recommend entrusting such development work to leading software developers in the private sector in India to make use of their vast experience and access to human resources. This study, however, accords priority to the licenses under which the transfer of rights of software and sources ought to take place that would reveal the extent of secureness of software to its users.

Software Secureness for Users: Significance in Public ICT Applications

4

221

Conclusion

As a principle, software quality is associated with adherence to use of data standards, fair implementation of protocols and transparency in coding of their implementation. Software that adheres to these criteria extends secureness to the users, developers and maintainers of software. In many software projects, especially those that process information related to public citizens, the communities of developers, maintainers and users could be different. There exist possibilities wherein software which may appear secure to developer community could become insecure to user community. Software which are released only as binaries cannot be verified for their adherence to data standards, protocols or for rules associated with its implementation. It is therefore vital to ensure that any software that are to be assured for its quality, adheres to established data standards or published open formats (after relinquishing ownership, so that these could be taken up for converting into a standard). Additionally, releasing the software sources would ensure that implementation details of software are transparent and do not violate any existing protocols. Rigorous methods of control have been suggested in a software quality management system adopted from standards Australia [2], which insisted on review of code and documents to assure their compliance with design criteria. Additionally, in a constitutional setup under which such public software services are developed, operated and maintained, the user community is the one which is constitutionally the most empowered. Therefore in cases like these, software secureness should be evaluated from the viewpoint of users to ascertain software quality. NREGASoft, a software implementation for monitoring information processed in the employment guarantee scheme (MGNREGS) is found wanting in areas related to data standards and transparency in implementation as the current environment and software platforms are proprietary in nature. In order to enable the government in extending the necessary guarantees over processing of information related to public, adherence to published protocols and its encoding, NREGASoft should be re-designed to be implemented with Free Software using published data standards. This variation in design and implementation would eventually enhance the software secureness to the user community of the software, thereby accomplishing better software quality. The experiment carried out with Free Software as a case study by the author, further exemplifies that by resolving to release the database dump under a GNU General Public License (GPLv3), the legal mechanisms would help in retaining the transparency of implementation in future too.

References 1. IEEE Guide for Software Quality Assurance Planning. ANSI/IEEE Std 983-1986, 1–31 (1986) 2. IEEE standard for Software Quality Assurance Plans. IEEE Std 730.1-1989, 0–1 (1989)

222

C.K. Raju and P.B.S. Bhadoria

3. Software Quality Management System. part 1: Requirements. Adopted from Standards Australia. IEEE Std. 1298-1992; AS 3563.1-1991, 0–1 (1993) 4. Boehm, B., Brown, J., Lipow, M.: Quantitative evaluation of software quality. In: Proceedings of the 2nd International Conference on Software Engineering, pp. 592–605. IEEE Computer Society, Los Alamitos (1976) 5. Capra, E., Francalanci, C., Merlo, F.: An empirical study on the relationship between software design quality, development effort and governance in open source projects. IEEE Transactions on Software Engineering 34(6), 765–782 (2008) 6. Dromey, R.G.: A model for software product quality. IEEE Transactions on Software Engineering 21, 146–162 (1995) 7. Government of India: The National Rural Employment Guarantee Act NREGA 2005. Government Gazette, India (2005) 8. Government of India: Government Notification on Transparency in NREGA. Government Gazette, India, p. 9 (2008) 9. Jones, C.: Software Metrics: Good, Bad and Missing. IEEE Computer 27(9), 98– 100 (1994) ISSN:0018-9162 10. Khoshgoftaar, T.M., Liu, Y., Seliya, N.: A multiobjective module-order model for software quality enhancement. IEEE Transactions on Evolutionary Computation 8(6), 593–608 (2004) 11. Madhuri, S., Mishra, D.: Strengthening National Rural Employment Guarantee Scheme (NREGS) through E-Governance. In: E-Governance in Practice (2008) 12. NIC, Government of India: User manual of NREGA. MIS for National Rural Employment Guarantee Act (NREGA) 2005 (2007) 13. Raymond, E.S.: The Cathedral and the Bazaar: Musings on Linux and Open Source by an Accidental Revolutionary. O’Reilly, Sebastopol (2001) 14. Tiemann, M.: An objective definition of open standards. Computer Standards and Interfaces. Science Direct 28(5), 495–507 (2006) ISSN 0920-5489 15. Villaneuva, E.: Use of Free Software in Public Agencies. Bill No 1609, Republic of Peru (2001)

Vector Space Access Structure and ID Based Distributed DRM Key Management Ratna Dutta, Dheerendra Mishra, and Sourav Mukhopadhyay Department of Mathematics Indian Institute of Technology Kharagpur–721302, India {ratna,dheerendra,sourav}@maths.iitkgp.ernet.in

Abstract. We present an effective DRM architecture with multi distributors that facilitates client mobility and propose a family of flexible key management mechanisms for this system coupling Identity-Based Encryption (IBE) with vector space secret sharing. Our proposed DRM architecture provides scalability of business model and allows to make proper business strategies for different regions and cultures. The encrypted digital content sent by a package server can only be decrypted by the DRM client and is protected from attacks by other parties/servers in the system. Our key management protects the key used to encrypt a digital content during its delivery from the package server to the DRM client, not only from purchasers but also from the distribution servers and the license server. The IBE enables efficiency gains in computation time and storage over the existing certificate-based Public Key Infrastructure (PKI) based approaches as no certificate management and verification is needed by the entities in the system. Keywords: DRM, key management, content protection, security, vector space secret sharing, IBE.

1

Introduction

The widespread use of the Internet has greatly facilitated the distribution and exchange of information. Immediate access to content with low-cost delivery is one of the new benefits Internet-based distribution brings. However, digital content by nature is highly vulnerable to unauthorized distribution and use. This raises issues regarding intellectual property and copyright. After content is provided, no further protection is provided on that content. While these new technologies have the potential to open up new markets, the risk of abuse makes copyright owners reluctant to use them. Digital Rights Management (DRM) technologies ensure the protection of digital content after distribution, providing ways to exercise usage control on that content. The goal of DRM technology is to distribute digital contents in a manner that can protect and manage the rights of all parties involved. The core concept in DRM is the use of digital licenses. The consumer purchases a digital license granting certain rights to him instead of buying the digital content. A. Abraham et al. (Eds.): ACC 2011, Part IV, CCIS 193, pp. 223–232, 2011. c Springer-Verlag Berlin Heidelberg 2011 

224

R. Dutta, D. Mishra, and S. Mukhopadhyay

The content access is regulated with the help of a license that contains permissions, constraints and a content decryption key. Permissions are privileges or actions that a principal can be granted to exercise against some object under some constraints. Examples of permissions include printing, playing, copying, and embedding the content into other content items. Constraints are restrictions and conditions under which permissions are executed. Constraints may include expiration date, available regional zone, software security requirements, hardware security requirements, and watermarking requirements. A set of constraints can also include another set of constraints recursively, which means that the included set of constraints must also be satisfied. Current Digital Rights Management (DRM) systems support only two-party systems, involving the package server and purchaser [10], [2], [13], [7], [3]. However, DRM systems need to be sufficiently flexible to support existing business models and extensible to adapt to future models. The DRM architecture in multi-party multi-level setups has been used [8], [11], [14], [15] as an alternative to the traditional two-party DRM architecture. Our Contribution: In this paper, we design a DRM system which is suitable to more innovative and scalable business models considering a network with multi-distributors instead of single-distributor. A local distributor can better explore potentially unknown markets for the owner (package server) and make strategies according to the market. In addition, the distributors can also help in handling different pricing structures of media in different countries, and share with the owner any information on price or demand fluctuation cost. In our DRM system, the DRM client has the flexibility of choosing a distributor based on his own preference. The DRM client may be mobile and roam from one region to another. The DRM client may contact the distributor who is nearest to him by location or who offers promotions/discounts on the price or offers more commissions. We provide a secure and efficient key management scheme in our proposed DRM system using IBE [17] instead of certificate-based Public Key Infrastructure (PKI), coupling it with vector space secret sharing scheme. The IBE has the property that a user’s public key is an easily calculated function of his identity, such as his email address, while a user’s private key can be calculated for him by a trusted authority, called Private Key Generator (PKG). The identitybased public key cryptosystem needs verification of user’s identity only at the private key extraction phase. Consequently, the identity-based public key cryptography simplifies certificate management and verification and is an alternative for certificate-based PKI, especially when efficient key management and security are required. We obtain efficiency gains in computation time and storage over the existing certificate-based PKI approaches as no certificate management and verification are needed by the entities in our DRM system. Moreover, our construction is general as it uses a general monotone access structure and vector space secret sharing. These facilitates to constructs a family of flexible key distribution schemes.

Vector Space Access Structure

225

In our key management mechanism, the package server does not trust distribution servers or license server. The symmetric decryption key used to encrypt a digital content is delivered from the package server to the DRM client in a secure manner and is protected from its generation to consumption. Unlike current DRM systems which have focused on content protection from purchasers, our scheme protects the key not only from purchasers, but also from other principals such as the distribution servers and the license server. Consequently, the encrypted digital content sent by a package server can only be decrypted by the DRM client who has a valid license and no one else.

2 2.1

Preliminaries Common Components in DRM System

Despite different DRM vendors having different DRM implementations, names and ways to specify the content usage rules, the basic DRM process is the same. The entities involved in a DRM system are a package server, distribution server, license server and DRM client [12], [9]. In this model, a purchaser is not a service provider, he simply pays a fee to the DRM client and watches a movie or listens to a song. 2.2

Certificate-Based Vs. Identity-Based Cryptography

The certificate-based protocols work by assuming that each entity has a static (long term) public/private key pair, and each entity knows the public key of each other entity. The static public keys are authenticated via certificates issued by a certifying authority (CA) by binding users’ identities to static keys. When two entities wish to establish a session key, a pair of ephemeral (short term) public keys are exchanged between them. The ephemeral and static keys are then combined in a way so as to obtain the agreed session key. The authenticity of the static keys provided by signature of CA assures that only the entities who posses the static keys are able to compute the session key. Thus the problem of authenticating the session key is replaced by the problem of authenticating the static public keys which is solved by using CA, a traditional approach based on a Public Key Infrastructure (PKI). However, in a certificate-based system, the participants must first verify the certificate of the user before using the public key of the user. Consequently, the system requires a large amount of computing time and storage. In identity-based public key encryption, the public key distribution problem is eliminated by making each user’s public key derivable from some known aspect of his identity, such as his email address. When Alice wants to send a message to Bob, she simply encrypts her message using Bob’s public key which she derives from Bob’s identifying information. Bob, after receiving the encrypted message, obtains his private key from a third party called a Private Key Generator (PKG), after authenticating himself to PKG and can then decrypt the message. The private key that PKG generates on Bob’s query is a function of its master key and Bob’s identity.

226

R. Dutta, D. Mishra, and S. Mukhopadhyay

Shamir [17] introduced this concept of identity-based cryptosystem to simplify key management procedures in certificate-based public key infrastructure. The first pairing-based IBE scheme was proposed by Boneh and Franklin in 2001. Shortly after this, many identity-based cryptographic protocols were developed (see [4] for a survey) based on pairings and this is currently a very active area of research.The identity-based public key cryptosystem can be an alternative for certificate-based PKI, especially when efficient key management and moderate security are required. The advantages of ID-based encryption are significant. It makes maintaining authenticated public key directories unnecessary. Instead, a directory for authenticated public parameters of PKGs is required which is less burdensome than maintaining a public key directory since there are substantially fewer PKGs than total users. In particular, if everyone uses a single PKG, then everyone in the system can communicate securely and users need not to perform on-line lookup of public keys or public parameters. In an ID-based encryption scheme there are four algorithms – (i) Setup: Creates system parameters and master key, (ii) Extract: Uses master key to generate the private key corresponding to an arbitrary public key string ID, (iii) Encrypt: Encrypts messages using the public key ID, and (iv) Decrypt: Decrypts the message using the corresponding private key of ID. 2.3

Secret Sharing Schemes

Definition 2.1: (Access Structure) Let U = {U1 , . . . , Un } be a set of participants and D ∈ / U is the dealer or group manager. A collection Γ ⊆ 2U is monotone increasing if B ∈ Γ and B ⊆ C ⊆ U imply C ∈ Γ . An access structure is a monotone collection Γ of non-empty subsets of U. i.e., Γ ⊆ 2U \{∅}. The sets in Γ are called the authorized sets. A set B is called minimal set of Γ if B ∈ Γ , and for every C ⊂ B, C = B, it holds that C ∈ / Γ . The set of minimal authorized subsets of Γ is denoted by Γ0 and is called the basis of Γ . Since Γ consists of all subsets of U that are supersets of a subset in the basis Γ0 , Γ is determined uniquely as a function of Γ0 . More formally, we have Γ = {C ⊆ U : B ⊆ C, B ∈ Γ0 }. We say that Γ is the closure of Γ0 and write Γ = cl(Γ0 ). The family of nonauthorized subsets Γ = 2U \Γ is monotone decreasing, that is, if C ∈ Γ and B ⊆ C ⊆ U , then B ∈ Γ . The family of non-authorized subsets Γ is determined by the collection of maximal non-authorized subsets Γ 0 . Example. In case of a (t, n)-threshold access structure, the basis consists of all subsets of (exactly) t participants. i.e. Γ = {B ⊆ U : |B| ≥ t} and Γ0 = {B ⊆ U : |B| = t}. Definition 2.2: (Vector Space Access Structure) Suppose Γ is an access structure, and let (Zq )l denote the vector space of all l-tuples over Zq , where q is prime and l ≥ 2. Suppose there exists a function Φ : U ∪ {D} → (Zq )l which satisfies the property: B ∈ Γ if and only if the vector Φ(D) can be expressed as a linear combination of the vectors in the set {Φ(Ui ) : Ui ∈ B}. An access structure Γ is said to be a vector space access structure if it can be defined in the above way.

Vector Space Access Structure

3 3.1

227

Protocol Overview of the Proposed DRM Architechture

Entities involved in our DRM model are: package server P , n distribution servers D1 , . . . , Dn , license server L, DRM client C. The package server P appoints n distribution servers D1 , . . . , Dn in different regions to facilitate the distribution process. The DRM client C is mobile and moves from one region to another. C can download encrypted contents from its preferred distributor, say Di , which might be location wise nearest to C. The owner of the package server P has raw content and wants to protect it. None of the principals except P and the DRM client with a valid licence should know how to decrypt the content. 3.2

Overview of the Proposed Key Distribution

The commonly used cryptographic primitives in DRM systems are symmetric and public key encryption, digital signatures, one way hash functions, digital certificates etc. A high level description of our proposed key distribution scheme and the implementation specifications are provided below. Symmetric key algorithm: Symmetric encryption is used to encrypt raw digital content with a content key by the package server P to prevent illegal copying of digital content. We can make use of any existing symmetric key algorithm (such as DES-CBC). Public key algorithm: We split the content key into several partial content keys. These partial content keys are delivered using public key encryption to the license server L and the distribution servers D1 , . . . , Dn in such a way that neither the distribution servers nor the license server can generate the content key. Public key algorithm is also used to encrypt the digital license containing the partial content keys using the public key of the receiver, thereby enabling only the party holding the matching private key to extract the partial content keys. The party then can reassemble these partial content keys to compute the original content key and get access to the digital content. The components of our proposed DRM system which have a content decryption key are the package server P and the DRM client C with a valid license. It is very difficult to authenticate a purchaser. Purchasers are concerned about their privacy and anonymity. They simply need to pay a fee to watch a movie. Instead, the DRM client C is a service provider to purchaser and should be authenticated by the owner of the package server P . RSA 2048 bit is widely used public key encryption algorithm. To mitigate the bandwidth overhead, among several public key cryptography one may adopt Elliptic Curve Cryptography (ECC) [5], [1] due to its acceptable overhead. In our public key distribution, we use the setup of Identity-Based Encryption (IBE) instead of certificate-based setup to simplify certificate management and verification. A trusted PKG generates the private key of a server upon receiving its public identity (which may be some known aspect of its identity, such as its e-mail address). We use the private/public key pair thus generated for each entity in the system as the respective signing/verification key pair of the corresponding entity.

228

R. Dutta, D. Mishra, and S. Mukhopadhyay

Digital signatures: We use digital signatures for non-repudiable rights issuing. The license server digitally signs licenses of the digital content. Consequently, the play application on the DRM client’s device can verify the correctness of the usage rights and keep the signature as a proof of rights purchase. The signature scheme ECC-192 provides higher security level than RSA-1024 while the length of its signature is 48 bytes compared to 128 bytes of RSA-1024 [5]. 3.3

Secure Delivery of Content Key

We now describe in detail our proposed key distribution scheme. 1. Setup: 1.1) The principals of the package server P , the distribution servers Di , 1 ≤ i ≤ n and the license server L submit their public identities to PKG and obtain the corresponding private keys SP , SDi , 1 ≤ i ≤ n and SL respectively through a secure communication channel. PKG uses its master key MK to generate the principals’ private keys after verifying the validity of the principals’ public identities submitted to PKG. 1.2) The principal of the DRM client C submits its public identity IDC to the principal of the package server P and obtains the corresponding private key SC through a secure communication channel. P uses its own private key SP issued by PKG to generate the private key of C after verifying the validity of C’s public identity IDC submitted to P . 2. Key Delivery when Packaging the Content: The package server P creates the content key K to encrypt a raw digital content M using symmetric encryption while packaging M . P splits the content key K and distributes a different part of K to each of the license server L and the distribution servers Di , 1 ≤ i ≤ n. These servers in turn keep their respective partial content keys secret. We describe below the generation of the content key, the procedure of splitting the content key and the delivery of the partial content keys to different servers. 2.1) Let U be a set of N servers and P ∈ / U. Select n < N and take a subset {D1 , . . . , Dn } of distribution servers from U. All the operations take place in a finite field, GF(q), where q is a large prime number (q > N ). We consider a vector space secret sharing scheme realizing some access structure Γ over the set U. Suppose there exists a public function Φ : U ∪ {P } → GF(q)l satisfying the property Φ(P ) ∈ Φ(Ui ) : Ui ∈ B ⇔ B ∈ Γ, where l is a positive integer. In other words, Φ(P ) can be expressed as a linear combination of the vectors in the set {Φ(Ui ) : Ui ∈ B} if and only if B is an authorized subset. Then Φ defines Γ as a vector space access structure. 2.2) The package server P first chooses uniformly at random a vector v ∈ GF(q)l and computes the content key K = v.Φ(P ). 2.3) For 1 ≤ i ≤ n, P computes YDi = EncIDDi (v.Φ(Di )) using Di ’s public identity IDDi , generates signature σYDi = SigSP (YDi ) using P ’s own private key SP and sends YDi |σYDi to Di . 2.4) P chooses randomly a subset W ⊂ U \ {D1 , . . . , Dn } such that W ∈ Γ 0 , i.e. W is a maximal non-authorized subset with respect to Γ with minimal cardinality. P generates the set S = {(Uk , v.Φ(Uk )) : Uk ∈ W }. P computes

Vector Space Access Structure

229

YL = EncIDL (S) using L’s public identity IDL , signature σYL = SigSP (YL ) using P ’s own private key SP , and sends YL |σYL to L. 2.5) For 1 ≤ i ≤ n, Di on receiving YDi |σYDi , verifies the signature σYDi on YDi using P ’s public identity IDP . If verification succeeds, i.e. VerIDP (YDi , σYDi ) = true, then Di decrypts YDi using its private key SDi , recovers v.Φ(Di ) = DecSDi (YDi ) and stores v.Φ(Di ) to its secure database. 2.6) L upon receiving YL |σYL , verifies the signature σYL on YL using P ’s public identity IDP . If verification succeeds, i.e. VerIDP (YL , σYL ) = true, then L decrypts YL using its private key SL , recovers S = DecSL (YL ), where S is the set given by S = {(Uk , v.Φ(Uk )) : Uk ∈ W }. L stores S to its secure database. 3. Key Delivery when Content Service is Provided: Suppose a DRM client C requests the content service for encrypted content M from a distribution server, say Di , which is within nearest reach to C. The following steps are executed. 3.1) Di computes YC = EncIDC (v.Φ(Di )) using C’s public identity IDC , signature σYC = SigSDi (YC ) using Di ’s private key SDi , and sends YC |σYC to L. 3.2) L on receiving YC |σYC , verifies the signature σYC on YC using Di ’s public identity IDDi . If verification succeeds, i.e. VerIDDi (YC , σYC ) = true, L computes YL = EncIDC (S) using C’s public identity IDC , signature σYC |YL = SigSL (YC |YL ) using L’s own private key SL , and issues the license that contains YC |YL |σYC |YL together with rights, content URL, and related other information. 3.3) The DRM client C analyzes the licence issued by L, verifies σYC |YL on YC |YL using L’s public key IDL . If verification succeeds, C decrypts YC and YL using its own private key SC , and extracts the partial content keys v.Φ(Di ) = DecSC (YC ) and S = DecSC (YL ), where S = {(Uk , v.Φ(Uk )) : Uk ∈ W }. C then reassembles these partial content keys and extracts the original content as follows: Since W ∈ Γ 0 and Di ∈ / W , the set B = W ∪ {Di } ∈ Γ . Thus B is an authorized subset and one can write Φ(P ) = {k:Uk ∈B} Λk Φ(Uk ) for some Λk ∈ GF(q). Hence C knows Λk and v.Φ(U  k ) for all k ∈ B and  consequently can  compute {k:Uk ∈B} Λk (v.Φ(Uk )) = v. {k:Uk ∈B} Λk Φ(Uk ) = v.Φ(P ) = K. Finally, C decrypts the encrypted content using the recovered content key K and can view (playback) M .

4

Security Analysis

We design our key management scheme keeping in mind the following specific security objectives. 1. Preventing insider attacks: Raw content should not be exposed to unintended parties with the help of an insider. 2. Minimizing attacks by outsiders: Unauthorized outsiders should not illegally obtain the content keys. 3. Protecting distribution channels for content key/license: The security of the following two distribution channels should be ensured. – the distribution channel between the distribution servers and the license server to transport the content key

230

R. Dutta, D. Mishra, and S. Mukhopadhyay

– the distribution channel between the DRM client, the distribution servers and the license server to transport the license. An attack on the (n + 1) partial content keys of the original content key K (which is used in symmetric key encryption for content protection by the package server) during delivery from the package server P to the distribution servers D1 , . . . , Dn and the license server L is prevented, because each piece of the (n+1) partial content keys of K is encrypted under a public key and delivered to a server who owns the matching private key. The (n + 1) partial content keys of K are separated and stored at different servers in such a way that, neither any of the distribution servers D1 , . . . , Dn nor the license server L has sufficient number of partial content keys to generate the original content key K by itself. The content key K is protected from an attack on the distribution servers or the license server, since the (n + 1) partial content keys of K is stored at different servers so that each server knows insufficient number of partial content keys to extract the original content key K. Moreover, since a distribution server encrypts its partial content key of K with the DRM client’s public key and sends it to the license server, the license server cannot decrypt it and consequently, cannot generate the original content key K. License server also encrypts its partial content key of K using the DRM client’s public key. Thus the partial content keys of K can only be decrypted by the DRM client who has the matching private key and no one else. The DRM client gets sufficient partial content keys after decryption and combines them to recover the original content key K. In summary, we achieve the following. 1. By splitting the content key, each of the distribution servers has a distinct partial content key. Thus if an insider attack on a server is successful, the partial content key obtained in the attack is insufficient to decrypt the DRM-enabled content. 2. For an outside attack to succeed, the attacker must break into the license server and any distribution server to obtain sufficient partial content keys. Thus the proposed scheme achieves multi-party security. 3. We use IBE and digital signature schemes to protect the content key/license distribution channel from impersonation attacks, replay attacks, man-in-themiddle attacks etc. Therefore, the security of the content key/license distribution channel depends on the security of the mechanisms IBE, digital signatures used for the key management. 4. Note that the content keys in the license file are transmitted to the client module under encryption with the client module’s public key. Consequently, entities other than the client module cannot retrieve the content key even when they have obtained the license file.

5

Performance Analysis

The process of authentication or verification of the identities of the parties is necessary in a DRM system to ensure that the packaged digital content is from

Vector Space Access Structure

231

the genuine authorized content distributor. In our design, digital certificates are not used to authenticate or verify the identity of the parties involved in the system unlike certificate-based public key infrastructure, thus saving large amount of computing time and storage. Instead, we use IBE that simplifies our key management mechanism. Our key management scheme enables the symmetric content key to be protected from the principals who manages the distribution servers and the license server. The digital content can thus be protected from attacks during the content distribution since the encrypted digital content is sent by the package server and only the DRM client can decrypt the digital content. Besides, we use IBE and digital signature instead of digital certificates. This simplifies the process of authentication or verification of the identities in the system. Our key management makes use of a general monotone access structure and vector space secret sharing which leads to a family of flexible key distribution schemes with effective performance. Our construction is general in the sense that it depends on a particular public mapping Φ and for different choices of Φ we obtain different key distribution schemes. The license server performs a range of tasks such as service monitoring, payment processing, license management and much information passes through it. License issuance and content key management involve time-consuming operations such as digital signature and public key encryption. Thus the license server could potentially become a bottleneck. However, the license server may consists of many subsystems arranged in a modular design that allows them to run independently to overcome this bottleneck. We have not addressed all these issues in this article and refer to Hwang et al.[8]. In our design, we mainly focus on ensuring security in content key management.

6

Conclusion

For a scalable business model of transacting digital assets, a multi-party DRM system is often necessary which involves more than one distributor, who can promote and distribute the content in regions unknown to the package server. We propose a key management scheme for a DRM system that involves more than one distributors with the DRM client’s flexibility of choosing a distributor according to his own preference. In our scheme, the package server does not trust the distribution servers or the license server. The encrypted digital content sent by a package server can only be decrypted by the DRM client who has a valid license and is protected from attacks by other parties/servers in the system. A general monotone decreasing access structure is used in our key distribution that leads to more flexible performance. Moreover, we use the IBE that incurs less computation cost and storage as certificate managements are not necessary and certificate verifications are no longer needed. These features make our DRM system suitable for more effective business models/applications with the flexibility in deciding a wide range of business strategies as compared to the existing works.

232

R. Dutta, D. Mishra, and S. Mukhopadhyay

References 1. ANSI X9.62, Public Key Cryptography for the Financial Services Industry. The Elliptic Curve Digital Signature Algorithm (1999) 2. Camp, L.J.: First Principles of Copyright for DRM Design. IEEE Internet Computing 7, 59–65 (2003) 3. Cohen, J.E.: DRM and Privacy. Communications of the ACM 46(4) (April 2003) 4. Dutta, R., Barua, R., Sarkar, P.: Pairing Based Cryptographic Protocols: A Survey. Manuscript (2004), http://eprint.iacr.org/2004/064 5. BlueKrypt: Cryptographic Key Length Recommendation, http://www.keylength.com/en/3/ 6. Grimen, G., Monch, C., Midtstraum, R.: Building Secure Software- based DRM systems. In: NIK 2006 (2006) 7. Hartung, F., Ramme, F.: Digital Rights Management and Watermarking of Multimedia Content for M-Commerce Applications. IEEE Comm. 38, 78–84 (2000) 8. Hwang, S.O., Yoon, K.S., Jun, K.P., Lee, K.H.: Modeling and implementation of digital rights. Journal of Systems and Software 73(3), 533–549 (2004) 9. Jeong, Y., Yoon, K., Ryou, J.: A Trusted Key Management Scheme for Digital Rights Management. ETRI Journal 27(1), 114–117 (2005) 10. Lee, J., Hwang, S., Jeong, S., Yoon, K., Park, C., Ryou, J.: A DRM Framework for Distribution Digital Contents through the Internet. ETRI Journal 25, 423–436 (2003) 11. Liu, X., Huang, T., Huo, L.: A DRM Architecture for Manageable P2P Based IPTV System. In: IEEE Conference on Multimedia and Expo., pp. 899–902 (July 2007) 12. Liu, Q., Safavi-Naini, R., Sheppard, N.P.: Digital Rights Management for Content Distribution. In: Proceedings of Australasian Information Security Workshop Conference on ACSW Frontiers 2003, vol. 21 (January 2003) 13. Mulligan, D.K., Han, J., Burstein, A.J.: How DRM- Based Content Delivery Systems Disrupt Expectations of Personal Use. In: Proc. 2003 ACM Works. Digital Rights Management, pp. 77–88 (October 2003) 14. Rosset, V., Filippin, C.V., Westphall, C.M.: A DRM Architecture to Distribute and Protect Digital Content Using Digital Licenses. Telecommunication, 422–427 (July 2005) 15. Sachan, A., Emmanuel, S., Das, A., Kankanhalli, M.S.: Privacy Preserving Multiparty Multilevel DRM Architecture. In: IEEE Consumer Communications and Networking Conference (CCNC) (January 2009) 16. Shamir, A.: How to Share a Secret. Communications of the ACM 22(11), 612–613 (1979) 17. Shamir, A.: Identity-Based Cryptosystems and Signature Schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)

Multiple Secrets Sharing with Meaningful Shares Jaya and Anjali Sardana Deptt. of Electronics and Computer Engg Indian Institute of Technology Roorkee Roorkee – 247667, Uttarakhand, India [email protected], [email protected]

Abstract. Traditional Visual Cryptography method produces random shares which is susceptible to attackers. Some methods have been proposed to generate innocent-looking shares so that attacker cannot get doubtful by looking at the random pattern of the share. They look like a valid image and the adversary cannot judge whether it is a secret share or not. However many of them use additional data structure and take much time in encoding the secret. In this paper, we propose a method which produces meaningful shares for color images without the need of any additional data structure and takes less time for encoding. The share size does not vary with the number of colors present in the secret image. The method is further extended to share multiple secrets together to reduce the overhead of keeping too many shares. Keywords: Visual cryptography schemes (VCS), share, pixel expansion, contrast, stacking.

1 Introduction In 1994, Naor and Shamir [1] proposed a new cryptographic area called visual cryptography based on the concept of secret-sharing. It divides an image into a collection of shares and requires threshold number of shares to retrieve the original image. Initially the model could be used only for black-and-white images but was further extended to support grey-level and color images. There are some interesting extensions of the original model. One of them is to generate innocent-looking shares so that attacker cannot get doubtful by looking at the random pattern of the share. Another extension is to encode multiple secret images together so that overhead of keeping too many shares can be reduced. The hacker can get suspicious by looking at the random looking shares and can guess that a secret message has been encoded. To remove this problem, Naor and Shamir [1] proposed a method to produce innocent looking shares to conceal the secret message. Chang et al. [3] proposed a method to generate two shares for hiding a secret two-tone image. Shares are embedded into two gray-level cover images by the proposed embedding scheme. Chang et al [4] suggested a scheme for color image hiding using a color index table. Chang and Yu [5] came with an A. Abraham et al. (Eds.): ACC 2011, Part IV, CCIS 193, pp. 233–243, 2011. © Springer-Verlag Berlin Heidelberg 2011

234

Jaya and A. Sardana

approach to provide a more efficient way to hide a gray image (256-colors) in different shares. The size of the shares does not change with the number of colors appearing in the secret image. Wu et al. [6] formulated a method in which size of each embedding image is about 1/k of that of the secret image (k- threshold), avoiding the need for much storage space and transmission time. Qualities of both the recovered secret image and he embedding images that contain the hidden shadows are acceptable. Tsai et al. [7] developed a method to support true-color secret image with size constraint on shares. To share multiple secret images, many shares need to be generated and it takes a lot of time during transmissions. This is not efficient and hence, some methods have been proposed to hide more secret images into two share images. Droste [8] proposed a scheme to share more than one secret among a set of shares. Wu and Chen [9] developed a VCS to share two secret images together using two circle shares. First secret can be obtained by stacking the two shares and second secret by rotating share 1 by a rotation angle and then stacking it with share 2. The scheme was extended by Shyu et al. [10] so that multiple secrets can be shared. Share 2 is rotated with n different angles and stacked with share 1 to get n secret images. Feng et al. [11] proposed another scheme to hide n secrets and to reveal the secrets by stacking the share images at n aliquot angles. This scheme is more general than the previously discussed two schemes. The paper is organized as follows: Section 2 reviews the basic schemes needed for the proposed method. Section 3 presents the proposed method. Section 4 analyzes the performance of the method. Section 5 contains the experimental results for the verification of the scheme.

2 Related Work 2.1 (2,2) Visual Cryptography Scheme A (2,2)-VCS scheme divides the original image into 2 shares and secret image is recreated by stacking both the shares. Secret image is viewed as a collection of white and black pixels. Each share contains collections of m black and white subpixels where each collection represents a particular original pixel. The resulting picture can be thought as a [n x m] Boolean matrix S = [si,j]. si,j = 1 if the j-th subpixel in the i-th share is black. si,j = 0 if the j-th subpixel in the i-th share is white. The algorithm, in Figure 1, describes how to encode a single pixel. One of the two subpixels in P is black and the other is white in both the shares. The possibilities "black-white" and "white-black" are equally likely, independent of the corresponding pixel in the secret image. So the shares do not provide any information as whether the original pixel to be encoded is black or white and hence proves the security of the scheme.

Multiple Secrets Sharing with Meaningful Shares

235

Fig. 1. Encoding and stacking of a single pixel

2.2 Hou’s Scheme Hou [2] proposed three VCS for color images. In all the three schemes, secret image is decomposed to three primitive color images – cyan, magenta and yellow first, then halftoning of those three images is done and finally the encryption is performed. First scheme, the four-share color VCS generates one black mask randomly as the fourth share which contains as many 2x2 blocks as the number of pixels in the secret image. The second method expands each pixel of a halftone image into a 2x2 block on two sharing images and fills it with cyan, magenta, yellow and transparent, respectively. Using these four colors, two shares can generate various colors with different permutations. To reduce the trouble of having four shares as in method 1, and to have a better image quality than in method 2, third scheme was developed which applies basic (2,2) VCS on each of the C,M and Y images to produce six intermediate shares and combines C1,M1,Y1 to get share 1 and C2,M2,Y2 to get share 2.

3 The Proposed Scheme 3.1 Encryption In method-2 proposed by Chang [3], one bit of the pixel-byte of cover image is replaced by the pixel-value of the share image. For security, the cover pixels in the cover image are first mixed using total automorphism. This method was developed for black-andwhite images. But it can be extended for color images. First, 2 shares are produced for the color image using Hou’s third algorithm. To share a W x H secret image, we take a cover image of size 2W x 2H so that the cover image size and share size is the same. Then each pixel of the share image has 3-bit of color information- one for each primitive color. Each pixel of the cover image has 8-bit (256 level) color information for each primitive color. Now for share 1, one bit of the cover pixel for a primitive color is chosen and is XORed with that primitive color bit of the share image. The process is repeated for all the pixels of share 1. Now for share 2, the same cover image is taken

236

Jaya and A. Sardana

and same procedure is reiterated. Here XOR is used instead of total automorphisms as proposed by Chang [3]. The reason is that XOR is easy to perform and takes very less time than total automorphisms. Further, the secret bit cannot be revealed from the cover image as it is the XOR-result of cover-pixel bit and share-bit.

Fig. 2. Bit pattern

The bit to be replaced should be one of the four lower order bits so that the pixel value of the cover image does not change much. 3.2 Data Extraction For decoding purpose, the specified bit of modified-share 1 and modified-share 2 are XORed and the bit value of the original halftoned image is achieved. Figure 3 shows Table 1. Pixel reconstruction using proposed scheme

Share 1

Share 2

Cover Image

Modified Share 1

Modified Share 2

Final XOR

0

0

0

0

0

0

0

1

0

0

1

1

1

0

0

1

0

1

1

1

0

1

1

0

0

0

1

1

1

0

0

1

1

1

0

1

1

0

1

0

1

1

1

1

1

0

0

0

Multiple Secrets Sharing with Meaningful Shares

237

one of the possible combinations of share 1 and share 2 using basic (2,2) VC proposed by Naor and Shamir[1] for white pixel, and the reconstructed image using XOR operation. Figure 4 shows the scheme for black pixel. The output image quality is better using this scheme as XOR operation allows for perfect reconstruction. It means that there is no loss of contrast. The decryption can be understood as follows. Suppose we have the secret image S. We create 2 shares for it as S1 and S2 using Hou’s method [3]. Then we XOR it with the cover image, S1 with C1 and S2 with C2 during encryption to produce innocentlooking shares. For the decoding process, we XOR the predefined bit of C1 and C2 to generate the secret.

( S1 ⊕ C1) ⊕ ( S 2 ⊕ C 2) = ( S1 ⊕ S 2) ⊕ (C1 ⊕ C 2) = S1 ⊕ S 2 C1 and C2 are the same images as they are just 2 copies of same cover image. Hence result of C1 ⊕ C 2 becomes 0 and this effectively results in S1 ⊕ S 2 which constructs the final image.

Share 1

Share 2

XORed Result

Fig. 3. White pixel reconstruction

Share 1

Share 2

XORed Result

Fig. 4. Black pixel reconstruction

3.3 Method Extension The proposed method can be extended to share multiple secrets in same cover image. For this, 2 shares are created for each secret to be shared. While embedding the shares in cover image, the same bit-position is used for both shares belonging to the same secret. Thus the extension will result in 2 innocent-looking cover shares which will contain multiple secrets. The method can be used to share up to 8 secret images together but in that case the shares produced will be random. To keep the shares meaningful, optimum number of shares should be embedded. If 4 secret images are shared together in same cover image then it can change the pixel value maximum by a value of 15. If 5 images are to be shared then it can change the original pixel value of cover image by a value of 31. These changes are not very large and the eyes will not be able to recognize a difference. The value of optimum number of shares depends on the application where the method is to be used such that it will not change the pixel value of cover image much and will still be innocent-looking shares.

238

Jaya and A. Sardana

The method can be summarized as: Step 1: Create 2 shares for each secret using Hou’s third method. Step 2: Choose a cover image. Make 2 copies of it. Step 3: Select one bit in cover image and XOR it with corresponding pixel of share 1. Step 4: Repeat the process for share 2. Step 5: Repeat the steps 1-4 for each of the secret to be shared.

4 Analysis 4.1 Security Analysis The proposed scheme does the security enhancement with a much cheaper operation XOR than the permutation method used by Chang [3]. The method XORs the original bit-value of the cover image with the pixel-value of the created color-share. The produced result becomes the bit-value of the corresponding pixel of modified cover image. If the bit-value in the cover image is 0 and the pixel-value of the color share is 0, this gives a bit-value of 0 after the modification done by XOR. But this result can also be produced if the values are 1 and 1. So each possible bit-value in the modified cover image has two possibilities and both of them are equally likely. This proves the security of the scheme. Table 2. Security analysis of the scheme

Cover image bitvalue

Pixel-value of color share

Modified cover image bit-value

0

0

0

1

1

0

0

1

1

1

0

1

4.2 Performance Analysis The methods discussed in [5, 6, 7] need additional data structure and so for decoding process, that data structure must also be provided along with the shares. This adds an extra overhead. Further, the security enhancement is done by the XOR operation and not by the permutation as in [3, 6, 7] which takes less encoding time. The proposed method supports true color images as opposed to [3, 5]. Finally, decoding needs again only XOR operation of the pixels and so it also takes less time than the methods

Multiple Secrets Sharing with Meaningful Shares

239

which need additional data structure to decode the image. The image quality is also good as XOR allows for perfect reconstruction of the pixels. Table 3. Comparison of various VCS for producing meaningful shares

Authors

Year

True-color (n,n)-scheme Security support supported enhancement

Chang-Yu [5]

2002

No

No

No

Yes

Wu et al. [6]

2004

NA

Yes

Permutation

Yes

Tsai et al. [7]

2009

Yes

Yes

Permutation

Yes

Proposed method

-

Yes

No

XOR

No

Additional data structure needed

Table 4. Comparison of various VCS for sharing multiple secrets

Author

Year

No of secret images

Pixel expansion

Share type

Wu and Chang [9]

2005

2

4

Circle

Shyu et al. [10]

2007

n>=2

2n

Circle

Feng et al. [11]

2008

n>=2

9

Rectangular

Proposed method

-

Upto 8 (upto 4 for better security)

4

Rectangular

240

Jaya and A. Sardana

5 Experimental Results Figure 5 shows 4 secret images to be encoded. The size of all the secret images is 200 x 200. Figure 6 is chosen as the cover image which is of size 400 x 400. 2 copies of the same cover image are taken. Then random-looking shares for the secret image are created using Hou’s method. The shares are then embedded in cover images. Thus the innocent-looking shares shown in figure 7 are achieved. These shares are decoded to generate the secret images, shown in figure 8. The reconstructed images are 4 times the original images as the pixel expansion in Hou’s method is 4. We can see that the created meaningful shares do not differ much from the original cover image. As we increase the number of secret images to be shared, the shares start to differ more than the original cover image. This method provides an efficient way to share up to 4 or 5 secret images together with innocent-looking shares. One limitation of the scheme is that it cannot be used for (n, n)- scheme.

(a)

(b)

(c)

(d)

Fig. 5. (a) Secret image Lena (b) Secret image Baboon (c) Secret image Ball (d) Secret image Toy

Fig. 6. Cover image

Multiple Secrets Sharing with Meaningful Shares

(a)

241

(b)

Fig. 7. (a) Innocent share 1 (b) Innocent share 2

(a)

(b)

Fig. 8. (a) Recovered image Lena (b) Recovered image Baboon (c) Recovered image Ball (d) Recovered image Toy

242

Jaya and A. Sardana

(c)

(d) Fig. 8. (continued)

6 Conclusions In this paper, we have proposed multiple-secret sharing scheme producing innocent shares. When the two shares are XORed, the original embedded information can be achieved. The scheme takes two copies of single cover image for producing two shares. We can share multiple secrets together with enhanced security. The advantages of the proposed method are good image quality, no additional data structure and less encoding time. The size of reconstructed images does not vary with the number of colors present in the secret images. The scheme is very much suitable for real-life applications which requires fast computation, less storage and is prone to attackers.

References 1. Naor, M., Shamir, A.: Visual cryptography. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 1–12. Springer, Heidelberg (1995) 2. Hou, Y.C.: Visual cryptography for color images. Pattern Recognition 36, 1619–1629 (2003) 3. Chang, C.-C., Chuang, J.-C., Lin, P.-Y.: Sharing A Secret Two-Tone Image In Two GrayLevel Images. In: Proceedings of the 11th International Conference on Parallel and Distributed Systems, ICPADS 2005 (2005) 4. Chang, C., Tsai, C., Chen, T.: A New Scheme For Sharing Secret Color Images In Computer Network. In: Proceedings of International Conference on Parallel and Distributed Systems, pp. 21–27 (2000)

Multiple Secrets Sharing with Meaningful Shares

243

5. Chang, C.-C., Yu, T.-X.: Sharing A Secret Gray Image In Multiple Images. In: First International Symposium on Cyber Worlds, CW 2002 (2002) 6. Wu, Y.S., Thien, C.C., Lin, J.C.: Sharing and hiding secret images with size constraint. Pattern Recognition 37, 137–138 (2004) 7. Tsai, D.-S., Horng, G., Chen, T.-H., Huang, Y.-T.: A Novel Secret Image Sharing Scheme For True-Color Images With Size Constraint. Information Sciences 179, 324–325 (2009) 8. Droste, S.: New results on visual cryptography. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 401–415. Springer, Heidelberg (1996) 9. Wu, H.-C., Chang, C.-C.: Sharing visual multi-secrets using circle shares. Computer Standards & Interfaces 28, 123–135 (2005) 10. Shyu, S.J., Huang, S.-Y., Lee, Y.-K., Wang, R.-Z., Chen, K.: Sharing multiple secrets in visual cryptography. Pattern Recognition 40, 3633–3651 (2007) 11. Feng, J.-B., Wu, H.-C., Tsai, C.-S., Chang, Y.-F., Chu, Y.-P.: Visual secret sharing for multiple secrets. Pattern Recognition 41, 3572–3581 (2008)

On Estimating Strength of a DDoS Attack Using Polynomial Regression Model B.B. Gupta1,2, P.K. Agrawal3, A. Mishra1, and M.K. Pattanshetti1 1

Department of Computer Science, Graphic Era University, Dehradun, India [email protected] 2 Department of Electronics and Computer Engineering, Indian Institute of Technology Roorkee, Roorkee, India 3 Department of Computer Science, NSIT, New Delhi, India

Abstract. This paper presents a novel scheme to estimate strength of a DDoS attack using polynomial regression model. To estimate strength of attack, a relationship is established between strength of attack and observed deviation in sample entropy. Various statistical performance measures are used to evaluate the performance of the polynomial regression models. NS-2 network simulator on Linux platform is used as simulation test bed for launching DDoS attacks with varied attack strength. The simulation results are promising as we are able to estimate strength of DDoS attack efficiently.

1 Introduction DDoS attacks compromise availability of the information system through various means [1,2]. One of the major challenges in defending against DDoS attacks is to accurately detect their occurrences in the first place. Anomaly based DDoS detection systems construct profile of the traffic normally seen in the network, and identify anomalies whenever traffic deviate from normal profile beyond a threshold [3,4]. This extend of deviation is normally not utilized. We use polynomial regression [5,6] based approach that utilizes this extend of deviation from detection threshold, to estimate strength of a DDoS attack. In order to estimate strength of a DDoS attack, polynomial regression model is used. To measure the performance of the proposed approach, we have calculated various statistical performance measures i.e. R2, CC, SSE, MSE, RMSE, NMSE, η, MAE and residual error [12]. Internet type topologies used for simulation are generated using Transit-Stub model of GT-ITM topology generator [7]. NS-2 network simulator [8] on Linux platform is used as simulation test bed for launching DDoS attacks with varied attack strength. The remainder of the paper is organized as follows. Section 2 contains overview of polynomial regression model. Detection scheme is described in section 3. Section 4 describes experimental setup and performance analysis in details. Model development is presented in section 5. Section 6 contains simulation results and discussion. Finally, Section 7 concludes the paper. A. Abraham et al. (Eds.): ACC 2011, Part IV, CCIS 193, pp. 244–249, 2011. © Springer-Verlag Berlin Heidelberg 2011

On Estimating Strength of a DDoS Attack Using Polynomial Regression Model

245

2 Polynomial Regression Model In its simplest, form regression analysis [9,10] involves finding the best straight line relationship to explain how the variation in an outcome variable, Y, depends on the variation in a predictor variable, X. When there is only one explanatory variable the regression model is called a simple regression, whereas if there are more than one explanatory variable the regression model is called multiple regression. Polynomial regression [4,5] is a form of regression in which the relationship between the independent variable X and the dependent variable Y is modeled as an ith order polynomial. The general form of this regression model is as follows:

Yi = Yˆi + ε i Yˆi = β0 + β1 X + β2 X 2 + ......... + βn X n

(1)

Input and Output: In polynomial regression model, a relationship is developed between strength of a DDoS attack Y (output) and observed deviation in sample entropy X (input). Here X is equal to (Hc-Hn). Our proposed regression based approach utilizes this deviation in sample entropy X to estimate strength of a DDoS attack.

3 Detection of Attacks Entropy [11] based DDoS scheme is used to construct profile of the traffic normally seen in the network, and identify anomalies whenever traffic goes out of profile. A metric that captures the degree of dispersal or concentration of a distribution is sample entropy. Sample entropy H(X) is

H ( X ) = −∑ pi log 2 ( pi ) N

(2)

i =1

where

pi is ni/S. Here ni represent total number of bytes arrivals for a flow i in {t −

= ∑ ni , i = 1,2....N . The value of sample entropy lies in the range 0N

Δ, t} and S

i =1

log2 N. To detect the attack, the value of

Hc ( X ) is

calculated in time window Δ conti-

nuously; whenever there is appreciable deviation from X n ( X ) , various types of DDoS attacks are detected. Hc ( X ) , and X n ( X ) gives Entropy at the time of detection of attack and Entropy value for normal profile respectively.

4 Experimental Setup and Performance Analysis Real-world Internet type topologies generated using Transit-Stub model of GT-ITM topology generator [7] are used to test our proposed scheme, where transit domains are treated as different Internet Service Provider (ISP) networks i.e. Autonomous

246

B.B. Gupta et al.

Systems (AS). For simulations, we use ISP level topology, which contains four transit domains with each domain containing twelve transit nodes i.e. transit routers. All the four transit domains have two peer links at transit nodes with adjacent transit domains. Remaining ten transit nodes are connected to ten stub domain, one stub domain per transit node. Stub domains are used to connect transit domains with customer domains, as each stub domain contains a customer domain with ten legitimate client machines. So total of four hundred legitimate client machines are used to generate background traffic. The legitimate clients are TCP agents that request files of size 1 Mbps with request inter-arrival times drawn from a Poisson distribution. The attackers are modeled by UDP agents. A UDP connection is used instead of a TCP one because in a practical attack flow, the attacker would normally never follow the basic rules of TCP, i.e. waiting for ACK packets before the next window of outstanding packets can be sent, etc. In our experiments, the monitoring time window was set to 200ms. Total false positive alarms are minimum with high detection rate using this value of monitoring window.

5 Model Development In order to estimate strength of a DDoS attack ( Yˆ ) from deviation (HC - Hn) in entropy value, simulation experiments are done at the varying attack strength from 10Mbps Table 1. Deviation in entropy with actual strength of DDoS attack Actual strength of DDoS Deviation in Entropy (X) attack (Y) 10M 0.149 15M 0.169 20M 0.184 25M 0.192 30M 0.199 35M 0.197 40M 0.195 45M 0.195 50M 0.208 55M 0.212 60M 0.233 65M 0.241 70M 0.244 75M 0.253 80M 0.279 85M 0.280 90M 0.299 95M 0.296 100M 0.319

On Estimating Strength of a DDoS Attack Using Polynomial Regression Model

247

to 100Mbps and at fixed total number of zombies i.e. 100. Table 1 represents deviation in entropy with actual strength of DDoS attack. Polynomial regression model is developed using strength of attack (Y) and deviation (HC - Hn) in entropy value as discussed in Table 1 to fit the regression equation. Figure 1 shows the regression equation and coefficient of determination for polynomial regression model.

Strength of Attack (Mbps)

120 100

y = -1284.9x 2 + 1176.4x - 144 R2 = 0.9603

80 60 40 20

Polynomial Regression

0 0.10

0.14

0.18 0.22 0.26 Deviation in Entropy (X)

0.30

0.34

Fig. 1. Regression equation and coefficient of determination for polynomial regression model

6 Results and Discussion We have developed polynomial regression model as discussed in section 5. Various performance measures are used to check the accuracy of this model. 120

Strength of Attack

100 80 60 40 20 0 0.149

0.184

0.199

0.195

0.208

0.233

0.244

0.279

0.299

0.319

Deviation in Entropy Actual DDoS attack Strength

Predicted DDoS attack strength using Model M2

Fig. 2. Comparison between actual strength of a DDoS attack and predicted strength of a DDoS attack using polynomial regression model M2

248

B.B. Gupta et al.

Predicted strength of attack can be computed and compared with actual strength of attack using proposed regression model. The comparison between actual strength of attack and predicted strength of attack using polynomial regression model is depicted in figures 2. Table 2 contains values of various statistical measures for polynomial regression model. It can be inferred from table 2 that for polynomial regression model, values of R2, CC, SSE, MSE, RMSE, NMSE, η, MAE are 0.96, 0.98, 566.31, 29.81, 5.46, 1.06, 0.96 and 0.81, respectively. Hence estimated strength of a DDoS attack using polynomial model is closed to actual strength of a DDoS attack. Table 2. Values of various performance measures R2 CC SSE MSE RMSE NMSE η MAE

0.96 0.98 566.31 29.81 5.46 1.06 0.96 0.81

7 Conclusion and Future Work This paper investigates how polynomial regression model can be used to estimate strength of a DDoS attack from deviation in sample entropy. For this, model is developed and various statistical performance measures are calculated. After careful investigation, we can conclude that estimated strength of a DDoS attack using polynomial regression model is very close to actual strength of a DDoS attack. Hence, polynomial regression model is very useful method for estimating strength of attack.

References 1. Gupta, B.B., Misra, M., Joshi, R.C.: An ISP level Solution to Combat DDoS attacks using Combined Statistical Based Approach. International Journal of Information Assurance and Security (JIAS) 3(2), 102–110 (2008) 2. Gupta, B.B., Joshi, R.C., Misra, M.: Defending against Distributed Denial of Service Attacks: Issues and Challenges. Information Security Journal: A Global Perspective 18(5), 224–247 (2009) 3. Gupta, B.B., Joshi, R.C., Misra, M.: Dynamic and Auto Responsive Solution for Distributed Denial-of-Service Attacks Detection in ISP Network. International Journal of Computer Theory and Engineering (IJCTE) 1(1), 71–80 (2009) 4. Mirkovic, J., Reiher, P.: A Taxonomy of DDoS Attack and DDoS defense Mechanisms. ACM SIGCOMM Computer Communications Review 34(2), 39–53 (2004) 5. Stigler, S.M.: Optimal Experimental Design for Polynomial Regression. Journal of American Statistical Association 66(334), 311–318 (1971)

On Estimating Strength of a DDoS Attack Using Polynomial Regression Model

249

6. Anderson, T.W.: The Choice of the Degree of a Polynomial Regression as a Multiple Decision Problem. The Annals of Mathematical Statistics 33(1), 255–265 (1962) 7. GT-ITM Traffic Generator Documentation and tool, http://www.cc.gatech.edu/fac/EllenLegura/graphs.html 8. NS Documentation, http://www.isi.edu/nsnam/ns 9. Lindley, D.V.: Regression and correlation analysis. New Palgrave: A Dictionary of Economics 4, 120–123 (1987) 10. Freedman, D.A.: Statistical Models: Theory and Practice. Cambridge University Press, Cambridge (2005) 11. Shannon, C.E.: A mathematical theory of communication. ACM SIGMOBILE Mobile Computing and Communication Review 5(1), 3–55 (2001) 12. Gupta, B.B., Joshi, R.C., Misra, M.: ANN Based Scheme to Predict Number of Zombies in DDoS Attack. International Journal of Network Security 13(3), 216–225 (2011)

Finding New Solutions for Services in Federated Open Systems Interconnection Zubair Ahmad Khattak1,2, Jamalul-lail Ab Manan2, and Suziah Sulaiman1 1

Universiti Teknologi PETRONAS, Department of Computer and Information Sciences, Tronoh 31750, Perak, Malaysia [email protected], [email protected] 2 MIMOS Berhad, Advanced Information Security Cluster, Technology Park Malaysia, 57000, Kuala Lumpur, Malaysia [email protected]

Abstract. Federated environment application running on cost-effective federated identity management system has been more widely adopted, and would potentially attract more organizations to adopt and invest if we enhance with security and trust mechanisms. The traditional certificate based authentication raises various issues such as firstly, the case when public portion of the key pair can be guessed or calculated by the attacker, it can further be used to masquerade against resource access, and secondly, when the storing of private key on user system can be compromised by viruses, Trojan horses etc. Also current computer platforms are lacking in platform trust establishment which makes it hard to trust remote platforms. In this paper, we discuss concerns related to federated services user authentication, authorization, and trust establishment in Federated Open Systems Interconnection and proposed trusted platform module protected storage to protect private keys, and platform attestation mechanisms to establish inter platform (and hence inter system) trust among interacting systems in open environment to overcome these issues. To assess our work we compared trusted platform module with existing authentication types and shows that trusted platform module provides better temper-resistance protection against attacks such as replay, Trojan horse’s, and fake anti viruses’ attacks etc. Keywords: federated identity management system, authentication, trust establishment, trusted computing, trusted platform module.

1 Introduction Federated Environment (FE) can be defined as a collaborative, sharing of resources or services between groups, environment between several organizations. The two well known FE application examples are Centers of Excellence (COE) and Federated Identity Management (FIM) [1]. The later one allows users to use their authentication (AuthN) credentials with home organization (from Identity Provider (IDP)) to access services (from Service Providers (SP)) within the federation. The Single-Sign-On (SSO) [2] facility plays a major role in reducing the number of users’ accounts by A. Abraham et al. (Eds.): ACC 2011, Part IV, CCIS 193, pp. 250–259, 2011. © Springer-Verlag Berlin Heidelberg 2011

Finding New Solutions for Services in Federated Open Systems Interconnection

251

reducing too many and repeated AuthN to various sites. The three major entities involved are: (1) User - an entity that access a service or multiple services (2) IDP an entity that performs user AuthN, and (3) SP- entity that offers services to the users [3]. In open environments SSO schemes, user identification is achieved via diverse AuthN methods ranging from a single to multiple factors. In a worst case scenario, if user identification process is typically based on weak method, such as a user name and password. In this scenario, once user credentials are compromised, it immediately opens a security breach hole. In two examples, as pointed in the data leakage reports in [4, 5] showed that the lost of personal data in open environment can bring disaster to whom it belongs and holds. Access to Internet Web-based services or a resource identification or AuthN of end-user, is mandatory to ensure they are, who they say they are. In certificate based AuthN, user first obtains private key certificate from certificate authority and installs it on client PC. The main problem in this case lies, how to protect the private key? The threat model which relates to dispersed identities presented in [9] which shows how concerns raises due to the attacks such as man-in-the-middle attack, replay attack, fake software’s, etc to unprotected entities on user system (client). The manin-the-middle attack also can impersonate IDP and SP to obtain users credentials, or intercept and/or tamper system or user messages, or installing Trojan horses or fake anti-viruses [10]. With no trust infrastructure, and the lack of trust between any two interacting parties, many of existing solutions, such as trust establishment based on traditional methods, such as Public Key Infrastructure (PKI), or sharing of secret keys, would have many challenges. We will present later in this paper, the Trusted Platform Module (TPM) AuthN (certificate based) and attestation mechanism (a platform integrity check) as a suggested solution to enhance the client side security & existing weak trust between platforms with hardware TPM. Trusted Computing Group (TCG) [6] replaces Trusted Computing Platform Alliance (TCPA) [7] which is a not-for-profit organization. Its main objective include developing, defining, and promoting open, vender neutral, and industry standards for Trusted Computing (TC) building blocks and software interfaces across multiple platforms [6]. For more details about TCG interested readers are referred to [6, 7, 8]. Our paper is structured as follows. In Section 2, we present federated services challenges. Section 3 presents trusted computing temper-resistant chip based solution. In Section 4, we present assessment of the work and we conclude with Section 5.

2 Federated Services Challenges In this section we present issues such as AuthN, authorization (AuthR) [11, 12, 13] & trust establishment [14, 15] that identify the potential & critical area of improvement. 2.1 User Authentication and Authorization The risk associated with authentication (SSO) in a federated system is more difficult to control as compared to a centralized systems. Therefore, weak AuthN mechanism such a username and password might produce major vulnerabilities to the subject, and would lead to increasing a risk associated to phishing, pharming & password attacks mentioned in [16]. In open system interconnection environment (Internet) these

252

Z.A. Khattak, J.Ab. Manan, and S. Sulaiman

threats would eventually lead to widely damage user trust and organization reputation due to the poor and weak AuthN mechanisms implementation. The study performed by panda security [17] in 2009 have found that Trojans which were maliciously designed to steal personal identifiable or financial information had lead to identity fraud which rose staggeringly to 800 % from the first half to the second half of 2008. In addition, researcher forecast based on the previous 14 months analysis that this rate would increase up to 336 % (p/m) throughout 2009. The two important challenges related to AuthN in FIMS are (1) measurement & determination of identity information accuracy & validity, and (2) trusted services that enhance confidence. In typical federated system, each domain has its own AuthR polices. In federation, user in domain (X), for example, want to access a service (P) or resource (R) in another domain (Y) is difficult to achieve without facing issues of compromising identity and loosing personal identity information. Hence, proper AuthR mechanisms are highly needed, i.e. when communicating with endpoints across multiple hops [18]. 2.2 Trust Establishment By analogy, in a real physical interaction between two persons coming from two different organizations, they must undergo certain “trust establishment’ before any serious engagement take place between two persons. Federated systems based on a concept to get into (login) the services (government services, education services, email services etc.) only once with username/ password or any other mechanism and then access many services without re-login. The most common open federated services systems are Shibboleth [24], Liberty Alliance [25], OpenID [26]. The basic architecture of these systems is nearly same. However, request and response of messages in theses systems varied from one to another. The common three entities involved in such systems a user, an IDP, and a SP. In a federated services scenario, a user requests a resource or service from SP. Let’s assumes there is no prior trust relationship exists between user and SP and the services provider depends on the AuthN information to make access decision. The user trust IDP, associated with one or more IDP, that they AuthN them and provide credentials associated with the users to the SP. The SP on basis of these credentials and their owned polices allow or deny access to the requested resource or a service. Therefore, the federated services approaches mentioned above solve the dilemma, user is AuthN and trusted not to misuse the provided services, of AuthN, and AuthR but the his/her platform might be not in trustworthy state. Therefore, before transferring credentials from IDP to SP assess the trustworthiness of user platform or IDP & SP’s platforms is mandatory.

3 Trusted Computing Trusted Computing is a response to the rising challenges and possible costs of networks and data security breaches. Practically TC covers a range of technologies and standards intended to make computers safer, reliable, and less prone to viruses, malwares, & spams. This technology can also help to make the network management security more effective and efficient. In early 2000s, TCPA [7] now known as TCG [6] launched the notion of trusted platform. This platform contains a hardware based

Finding New Solutions for Services in Federated Open Systems Interconnection

253

subsystem, called TPM [21], devoted to maintaining trust and security between communicating machines (client, servers, H/P, etc.). TPM is a unique paradigm to bring and establish trust among computing/ mobile platforms. The TPM by definition is small co-processor chip that can securely store and report information to provide a hardware root-of-trust. TPM has shielded locations, Platform Configuration Registers (PCR) that can store cryptographic hashes of the software loaded for execution, to store the platform configurations. These PCRs can only be manipulates by a mechanism called TPM-Extend. The hashes stored in PCR are used to report the platform configuration to the challenging party in a secure and trusted manner. The mechanism, for establishment of trust that reports the platform configuration to the challenging party is known as Remote Attestation. The RA enables a remote party (a validation service in our case) to verify the integrity of the remote platform through trust tokens submitted by the TPM on the target platform (a client or server in our case). 3.1 AuthN with Private Key Protection The four entities given in Figure 1 below a Bank service, an ISP playing the role of Private-Certificate Authority, User agent and TPM. The TPM and User agent are both part of the client system. In typical certificate based AuthN (e.g. public key certificate), user obtains a certificate from Certificate Authority (CA) and stores it on a client system. In such a process the public portion is passed on to the CA and private part is stored at client system. TPM

User agent

ISP (P-CA)

Bank Service (Server)

Service Req. Client Certificate Req.

Look for client certificate, if no then AIKcertificate Req. Perform(TPM_MakeIdentity)

Tspi_TPM_CollateIdentityRequest Perform(TSS_CollateIdentityRequest)

TPM_IDENTITY_REQ. ISP (P-CA) signing certificate AIKcertificate Activation

Perform(TPM_ActivateIdentity) Perform(TPM_CreateWrapKey) Perform(TPM_CertifyKey2)

Identity certificate (user) signing.

TPM_SYM_CA_ATTESTATION. Tspi_TPM_ActivateIdentity Tspi_Key_CreateKey Tspi_Key_CreateKey

Perform(TPM_CreateWrapKey)

Tspi_Key_CreateKey

Perform(TPM_CertifyKey2)

Tspi_Key_CertifyKey

Perform(TPM_Sign)

Perform(TPM_LoadKey) Perform(TPM_Sign)

Tspi_Hash_Sign

If certificate found

Cert.Verify message & certificate

Private key & certification verification Secure channel (SSL) (Username/ password)/

verify

Fig. 1. The flow diagram of setup and authentication phases

The storing of private key certificate on client system raises many issues. Therefore, to overcome from above problem two precautionary steps must be taken. Firstly, secure transferring of the public key, secondly, private key protection. Here we present only user AuthN to a single service via two factors, i.e. TPM provide protection to private key which involves (1) certificate and private key corroboration,

254

Z.A. Khattak, J.Ab. Manan, and S. Sulaiman

and (2) username and password confirmation. The AIKcertificate Request, ISP (P-CA) signing certificate, AIKcertificate Activation, Identity certificate (user) signing are important steps to be performed during phase-setup (Figure 1 above, left side). Complete process given in Figure 1 above, & detailed description in (Appendix: Table 2). 3.2 Attestation (Platform Authentication) Attestation (platform authentication) is a mechanism which is defined in TCG specifications, whereby the integrity measurements of the client or host platform is performed and stored in PCR registers of the TPM chip. During attestation process the TPM signs over the values of PCRs, and external 20-byte (160-bit) data (nonce) using RSA private key. The confidentially of these signed PCRs and nonce are protected by TPM. The unique aspect of the attestation is that it proves the identity, integrity and state of the platform to the attester (requestor). The Root of Trust for measurement (RTM), for instance, Core Root of Trust for Measurement (CRTM) is considered as a trustworthy and reliably measure the integrity of other entities. Secondly, Root of Trust for Reporting (RTR) proves to challenger of the local PC embedded with genuine TPM and reliably measure and reports its configuration. Thirdly, for Root of Trust for Storage (RTS), due to TPM memory constraint the external keys are secured by Storage Root Key (SRK) that is also secured by RTS. The remote attestation technique, Integrity Measurement Architecture (IMA) [19] extended TCG attestation mechanism, actually formed on load-time measurements. Because of space limitation please we refer interested reader to [19]. Using attestation process a TPM enabled device (such as PC, laptop, PDA, etc) assures the remote device of its trustworthy status. The TPM consist of many keys such Endorsement Key (EK), Attestation Identity Key (AIK), Binding, Sealing keys. The EK is a manufactured built-in key representing the identity of each TPM enabled platform. The EK private part using TPM signs assertion about the trusted computer states. The remote device can verify that those assertions are signed by a genuine TPM. The EK public part is certified by CA (P-CA) to indicate EK public part belongs to a particular TPM. There are several benefits of using AIK over EK, they are; (i) AIK not directly linked with the hardware TPM, (ii) prevent against EK cryptanalysis, (iii) reduces load on TPM, because AIK uses by the CPU, while EK uses TPM. The root of trust plays an important role in trusted chain establishment. For federated web services system, from Attestation Models (AM) we can build various trust models such as a Direct Trust i.e. Direct Attestation Model (DAM), and Indirect Trust i.e Delegated Attestation Model (DeAM). In DAM either exists as a uni-directional or mutual-directional. In uni-directional, only attestation requestor (e.g. a server) challenges the attested platform (e.g. a client or target), and in mutualdirectional the challenger (server) and attester (client) change their positions after each integrity measurement request and response. In an example of a mutual directional, a server (challenger) sends an integrity measurement request to the client, and if validation of returned measurement is successfully verified, then client sends the integrity measurement request to the server and performs the validation. If both measurement results are successfully validated each other then they are mutually attested. In DAM two main disadvantages exists, that is (i) the attested platforms (e.g. a client) need to disclose their integrity measurement information to the challenger

Finding New Solutions for Services in Federated Open Systems Interconnection

255

(e.g. a server), and that leads to the violation of integrity privacy disclosure to the attestation challengers (ii) in both cases uni-directional and mutual-directional attestation challenger needs to be capable of validating the attestation response. For detail request and response overview among different entities (see Figure 2). Please for more details interested readers referred to [20].

1

TPM

TPM



SML 5

Policy

4

SML PCR

PCR Integrity request/ response Module

3

Integrity request/ response Module

8

Attestation Challenger

6



Validation Repository SML PCR Certificate

2 7

Fig. 2. Practical delegation based trust and remote platform attestation (authentication) architecture

While in DeAM, a Corroboration Service (CS) performs the role of a challenger and validates the integrity measurement or performs attestation of attested platform (either a client or a server) on behalf of the requestor and forwards the validation result in the form a credential. The DeAM approach helps to overcome of the concerns pointed in DAM under the pre-condition that CS behaves properly and is trusted by both the challenger and attester platforms. Next, we show with an example of DeAM. The corroboration entity showed in Figure 2 above plays the role of trust validation service on behalf of the entities (client and server) provided that both are equipped with TPMs.

4 Assessment: Trusted Platform Module vs. Existing AuthN Types Federated system approaches mostly supports third parties AuthN, for instance IDP that authenticates end user, while in second approach TPM plays the role of IDP or ASP to achieve SSO among dispersed SP’s. Both approaches can adopt any single or combination of two factors AuthN mechanisms amongst knowledge-Based Authentication (KBA) such as password, Object-Based Authentication (OBA) fro instance hardware tokens or TPM, and ID-Based Authentication (ID-BA) such as biometric. In typical scenario user obtains a public key certificate from CA. The certificate is storing on client system. The public part of key is passing to the CA and private part of the key stored on client system. The storing of this key on user system raises many concerns. However, storing this key on smart card can bring great security to the private key. The TPM provides strong security against all software based attacks but TPM still vulnerable to hardware based attack. An example of such attack would be a cold-boot attack where a user doesn’t let the computer shut down completely. This

256

Z.A. Khattak, J.Ab. Manan, and S. Sulaiman

attack relies on data to be in the RAM after power has been removed [22]. The (X) represents that TPM is nearly strengthen the computer system security against all software based attacks. The Table 1 given below presents some potential attacks, vulnerable AuthN types, and examples, changed according to our requirements picked from [23]. Table 1. Some Potential attacks, vulnerable AuthN mechanisms with examples Attack Types User System Attack

AuthN Types Password Token Biometric TPM Password Theft, Token Copying, & Eavesdropping Biometric TPM Password Replay Token Biometric TPM Password, Trojan Horse’s Token, Biometric TPM Password, Fake Antivirus Token, Biometric TPM Phishing, Password, pharming, Token, Biometric man-in-theTPM middle

Instances By guessing, or exhaustive searching By exhaustive searching By False matching (X) By shoulder surfing By counterfeiting hardware, theft By spoofing (Copying biometrics) (X) By replay stolen password response By replay stolen pass code response By replay stolen- biometric- template response (X) By installing of a rough client or capture device (X) By installation of malicious software and capture secret info. via taking the control of client system (X) By using social engineering techniques, exploit the poor usability of current web service technologies (X)

5 Conclusion In this paper, we discussed concerns related to federated services that involve user AuthN, AuthR, and trust establishment in Federated Open Systems Interconnection. We argued that the traditional certificate based AuthN which raised number of issues such as firstly, the case when public portion of the key pair can be guessed or calculated by the attacker, and secondly, when the storing of private key on user system can be compromised by viruses, Trojan horses, etc. In addition current computer platforms are lacking to establish a platform trust which makes harder to trust remote platforms are trustworthy or untrustworthy. Therefore in distributed environment access a TPM based trust establishment mechanism, remote attestation, would boost the end user trust that no body can invade his computing/ mobile platform to run or install malicious software’s. From service or resource provider perspective that only an authentic TPM are allowed to make a request to a resource or a service.

Finding New Solutions for Services in Federated Open Systems Interconnection

257

We also discussed how TCG can potentially provide solution for these issues using both protected storage to protect private keys and platform attestation mechanisms to establish inter platform (and hence inter system) trust among interacting systems, and can help to overcome identity theft issues in open environment. Our assessment of range of most common AuthN types and TPM shows that TPM provides stronger security against range of attacks in open environment. Currently we are in a process to create IMA based prototype to demonstrate the remote attestation mechanism. In this demo we will show how the requester and responding platforms attest each others that they are trustworthy or not, & guarantees that no malicious software or code running on either platforms. Acknowledgments. This work funded by Universiti Teknologi PETRONAS Postgraduate Assistantship Scheme and MIMOS Berhad, Malaysia.

References 1. Chadwick, D.W.: Federated Identity Management. In: Aldini, A., Barthe, G., Gorrieri, R. (eds.) FOSAD 2007. LNCS, vol. 5705, pp. 96–120. Springer, Heidelberg (2009) 2. Pashalidis, A., Mitchell, C.J.: Taxonomy of Single Sign-On Systems. In: Safavi-Naini, R., Seberry, J. (eds.) ACISP 2003. LNCS, vol. 2727, pp. 249–264. Springer, Heidelberg (2003) 3. Lutz, D.: Federation Payments using SAML Tokens with Trusted Platform Modules. In: Proceedings of the IEEE Symposium on Computers and Communications, pp. 363–368 (2007) 4. Vijayan, J.: Wells fargo discloses another data breach. Computer World (2006), http://www.computerworld.com/s/article/9002944 /Wells_Fargodisclo_nother_data_breach 5. Lemos, R.: Reported data leaks reach high in 2007. Security Focus (2007), http://www.securityfocus.com/brief/652 6. Trusted Computing, http://www.trustedcomputinggroup.org/ 7. Trusted Computing Platform Alliance (TCPA), http://mako.cc/talks/20030416politics_and_tech_of_control/trustedcomputing.html 8. Balacheff, B., Chen, L., Pearson, S., Plaquin, D., Proudler, G.: Trusted Computing Platforms: TCPA Technology in Context. Prentice-Hall, Englewood Cliffs (2003) 9. Khattak, Z.A., Sulaiman, S., Manan, J.A.: A Study on Threat Model for Federated Identities in Federated Identity Management System. In: Proceeding 4th International Symposium on Information Technology of IEEE Symposium, pp. 618–623 (2010) 10. Ahn, G.-J., Shin, D., Hong, S.-P.: Information Assurance in Federated Identity Management: Experimentations and Issues. In: Zhou, X., Su, S., Papazoglou, M.P., Orlowska, M.E., Jeffery, K. (eds.) WISE 2004. LNCS, vol. 3306, pp. 78–89. Springer, Heidelberg (2004) 11. Stephenson, P.: Ensuring Consistent Security Implementation within a Distributed and Federated Environment, pp. 12–14 (2006) 12. Hommel, W., Reiser, H.: Federated Identity Management: Shortcomings of Existing Standards. In: Proceedings of 9th IFIP/IEEE International Symposium on Integrated Management (2005) 13. Smedinghoff, T.J.: Federated Identity Management: Balancing Privacy Rights, Liability Risks, and the Duty to Authenticate (2009)

258

Z.A. Khattak, J.Ab. Manan, and S. Sulaiman

14. Jøsang, A., Fabre, J., Hay, B., Dalziel, J., Pope, S.: Trust Requirements in Identity Management. In: Australasian Information Security Workshop (2005) 15. Maler, E., Reed, D.: The Venn of Identity: Options and Issues in Federated Identity Management. IEEE Security and Privacy 6(2), 16–23 (2008) 16. Madsen, P., Koga, Y., Takahashi, K.: Federated Identity Management For Protecting Users from ID Theft. In: Proceedings of the 2005 ACM Workshop on Digital Identity Management, pp. 77–83. ACM Press, New York (2005) 17. Mills, E.: Report: ID fraud malware infecting PCs at increasing rates, Security (2009), http://news.cnet.com/8301-1009_3-1019302583.html?tag=mncol;title 18. Shin, D., Ahn, G.-J., Shenoy, P.: Ensuring Information Assurance in Federated Identity Management. In: Proceedings of the 23rd IEEE International Performance Computing and Communications Conference, pp. 821–826 (2004) 19. Sailer, R., Zhang, X., Jaeger, T., van Doorn, L.: Design and Implementation of a TCGbased Integrity Measurement Architecture. In: Proceedings of the 13th USENIX Security Symposium Conference, Berkeley, CA, USA, pp. 223–238 (2004) 20. Khattak, Z.A., Manan, J.A., Sulaiman, S.: Analysis of Open Environment Sign-in Schemes-Privacy Enhanced & Trustworthy Approach. J. Adv. in Info. Tech. 2(2), 109– 121 (2011), doi:10.4304/jait.2.2.109-121 21. Trusted Computing Group, Trusted Computing Group Specification Architecture Overview v1.2. Technical Report. Portland, Oregon, USA (2003) 22. Bakhsh, S.: Protecting your data with on-disk encryption, Business Intelligence Solutions, http://www.trustyourtechnologist.com/index.php/2010/07/07 /protecting-your-data-with-on-disk-encryption/ 23. O’Gorman, L.: Comparing passwords, tokens, and biometrics for user authentication. Proceedings of the IEEE 91(12), 2021–2040 (2003) 24. Shibboleth, http://shibboleth.internet2.edu/ 25. Liberty Alliance, http://projectliberty.org/ 26. OpenID, http://openid.net/

Appendix: Table 2. Processes Steps Detailed Description User agent calling Tspi_TPM_Collate IdentityRequest

TPM Performs TPM_Make Identity

TSS_CollateIde ntityRequest

Process The user agent performs Tspi_TPM_CollateI dentityRequest making a request to TPM to create an AIK key & setup certificate request from ISP or IDP or AS plays a role of P-CA. The TPM_MakeIdentity execution creates a new AIK and using private key to sign structure (TPM_IDENTITY_CONTENTS). This structure includes public key, hashing result, identity Label. The user agent performs TSS_ CollateIdentityRequest. It assembles the data required by ISP (P-CA). Next it sends the IdentityRequest (to attest the new created TPM identity) TPM_IDENTITY_PROOF to the ISP (P-CA). This message include Identity-Binding signature to structure (TPM_IDENTITY_CONTENTS). In addition it consist endorsement l, conformance, and platform credentials. The IR message is symmetrically encrypted using a session key and

Finding New Solutions for Services in Federated Open Systems Interconnection

259

session key is asymmetrically encrypted using the public key of the ISP (P-CA). The user agent forwards Identity-Request (TPM_IDENTITY_REQ.) message to ISP. On receiving the TPM_IDENTITY_REQ. by ISP (P-CA). The ISP uses private key to decrypts the session key and then decrypts the message using session key. It verifies the Identity-Request message was generated by a genuine TPM. The ISP response by sending ISPResponse (TPM_SYM_CA_ATTESTATION structure) message. This message includes encrypted version of identity credential such as TPM_IDENTITY_CREDENTIAL structure, symmetrically encrypted using a session key and session key is asymmetrically encrypted using the public key of TPM Endorsement Key (EK). Tspi_TPM_Activate TPM_ActivateI User agent perform Tspi_TPM_ActivateIdentity to Identity dentity receives AIK credential from ISP (P-CA) and activate it. For this TPM performs TPM_ActivateIdentity to obtain session used to use to encrypt the identity credential. Only TPM EK private key part can be used to decrypt the encrypted session key with TPM EK public part. The user agent performs TSS_ RecoverTPMIdentity to decrypt the AIK certificate such as TPM_IDENTITY _CREDENTIAL using the session key. Tspi_Key_Create TPM_CreateWr The certified AIK private part can not be used to Key apKey sign external data to the TPM. Therefore, user agent should create another non-migratabale key pair (D) method call Tspi_Key_CreateKey (by Tspi_Key_Certify TPM_CertifyKe by performing a command- TPM_CreateWrap Key) Key y2 and then sign newly created key with AIK private key part by using the method- Tspi_Key _CertifyKey (by performing a commandTPM_CertifyKey2). Tspi_Key_ TPM_CreateWr The user agent should create non-migratabale key CreateKey apKey pair or certified migratabale key pair (E) using TPM_CMK_Cr methodTspi_Key_CreateKey. TPM_ eateKey CMK_CreateKey can be used if user want to Tspi_Key_ TPM_CertifyKe migrate the key to another TPM Platform while TPM_CreateWrapKey to create non-migratabale Certify Key y2 key pair. Using TPM_CertifyKey2 to sign new key pair (E) using private portion of AIK. Tspi_Hash_Sign TPM_Sign The user agent performs method-Tspi_Hash _Sign. TPM performs a command- TPM_Sign to sign E public key (confirming to X.509 v3 format). The public key certificate work as user identity certificate for authentication of client to the Bank Server.

Duplicate File Names-A Novel Steganographic Data Hiding Technique Avinash Srinivasan1 and Jie Wu2 1 2

PA Center for Digital Forensics, Bloomsburg University, Bloomsburg PA 17815 Center for Networked Computing, Temple University, Philadelphia, PA 19122

Abstract. Data hiding has been an integral part of human society from the very early days dating back to BC. It has played its role for both good and bad purposes. First instances of data hiding dates back to 440 B.C. and has been cited in several works as one of the first known and recorded use of steganography. Several complicated Steganographic techniques have been proposed in the past decade to deceive the detection mechanisms. Steganalysis has also been one of the corner stones of research in the recent past to thwart such attempts of the adversary to subterfuge detection. In this paper we present a novel, simple, and easy to implement data hiding technique for hiding files with duplicate names. The proposed file hiding technique Duplicate File Names uses an innocuous file as the cover medium exploiting its name and reputation as a good file. This vulnerability was first discovered on a Windows 98 machine with DOS 6.1. We have tested this vulnerability on several different file systems to confirm that the vulnerability exists across file systems and not specific to older Windows file systems. Finally, we have discussed using this method for legitimate data hiding as well as detecting when employed for illegitimate data hiding. Keywords: Digital forensics, duplicate file name, file hiding, identity and data theft, steganography.

1

Introduction

Steganography has been a great challenge to the digital forensic community from the very beginning. However, one has to be unbiased and recognize the good side to Steganography like digital copyrighting and watermarking. Several techniques have been developed to detect information hiding accomplished by various Steganographic tools employing a limited number of Steganographic algorithms. However the adversary has been consistently successful in developing new techniques to achieve the same. In this paper we expose a potentially serous vulnerability which was first discovered on a Windows 98 machine with DOS 6.1. The problem was identified while recovering deleted files on a FAT12 formatted floppy disk using DiskEdit. Norton Diskedit is a hexeditor for logical and physical disk drives on all Windows filesystems. It is an undocumented utility that comes along with the standard Norton Utilities package for Windows. The A. Abraham et al. (Eds.): ACC 2011, Part IV, CCIS 193, pp. 260–268, 2011. c Springer-Verlag Berlin Heidelberg 2011 

Duplicate File Names-A Novel Steganographic Data Hiding Technique

261

aforementioned vulnerability persists across the FAT file system family- FAT12, FAT16, and FAT32. The vulnerability can be formally stated as follows“A malicious file can be renamed, using a simple Hex editor tool, to bear the same name as that of a known good file on the media to evade simple detection schemes including visual examination”. This vulnerability is as powerful as it appears simple. An average computer user with the knowledge of the underlying file systems’ structure and layout can easily traffic important files in and out of a room, building, or the country. To accomplish this, all he needs is a simple hex editor tool such as DiskEdit or HxD. Such files can range anywhere from a simple and not so critical data like coworkers’ salary and bonus package to important business data like design and development blueprints and Intellectual Property. From a national security perspective, this could a document with classified information or a terrorist plot. None-the-less, these files can also be potentially dangerous viruses, malware, child porn image and video files. The question that many of us want an answer to is“Is this the most sophisticated data hiding technique”? and the simple answer is “NO”. However, the answer neither mitigates the risk nor eliminates the threat from such a simple data hiding technique. In this paper we will discuss the structure of a simple FAT file system- FAT12. We then discuss the steps by which malicious files can be hidden in plain sight there by easily evading detection and visual inspection techniques employed. Simple and routine inspections are commonly deployed at the periphery of an organization like the security guard who can be directed to inspect the files carried out by employees working in certain restricted areas. The idea of this research work is to develop a simple and easy to use tool that can be used to detect and thwart such simple information theft that can potentially cause irreversible business losses and jeopardize the national security. We then discuss in detail the reverse engineering process of extracting such files. The reminder of this paper is organized as follows. In Sec.2 we will review some of the important works in the field of steganography relevant to our work. We then present two application scenarios discussing in detail the presented data hiding technique in Sec.4. In Sec.3, we discuss the requirements for this method of data hiding to work, the categorization of storage devices, and related issues. We also present in this section the various areas on a disk where data can be hidden that usually would not hold user data otherwise. Later in Sec.5 we present some fundamental information of file systems with FAT12 as an example because of its simplicity. In Sec.6 we will discuss the details on how files can be hidden in plain sight by exploiting the vulnerability presented in this paper. We present a detailed detection and recovery process in Sec.7. Finally, in Sec.8, we conclude our work with directions for future research.

2

Related Work

Steganography can be used to insert plain or encrypted data in a cover file to avoid detection. The sole purpose of steganography is to conceal the very fact

262

A. Srinivasan and J. Wu

that something exists as opposed to cryptography which aims at rendering the contents uninterpretable. MaDonald and Kuhn’s StegFS [MK2000] hides encrypted data in the unused blocks of a Linux ext2 file system. Consequently, it makes the data look like a partition in which unused blocks have recently been overwritten. Furthermore, the proposed method of overwriting with random bytes mimics disk wiping tool. Metasploit Anti-Forensics Project [MetaSplolt] seeks to develop tools and techniques for removing forensic evidence from computer systems. This project includes a number of tools, including Timestomp, Slacker, and SAM Juicer, many of which have been integrated in the Metasploit Framework. Metasploits Slacker hides data within the slack space of FAT or NTFS file system. FragFS [TM2006] hides data within the NTFS Master File Table. It scans the MFT table for suitable MFT entries that have not been modified within the last year. It then calculates how much free space is available and divides it into 16byte chunks for hiding data. RuneFS [G2005] stores files on blocks it assigns to the bad blocks inode which happens to be inode 1 in ext2. Forensic programs are not specifically designed to look at the bad blocks inode. Newer versions of RuneFS also encrypt files before hiding them making the problem a two fold problem.

3

Hiding Information on Storage Devices

In this section we will list the the requirements for successful data hiding and various areas on the storage volume where data can be hidden. 3.1

Requirements

For successful data hiding using the Duplicate File Names method, the following requirements have to be met. 1. The cover file should always have a lower starting cluster number compared to the file to be hidden. This is because the OS, when you access a file will always open the file with the lower starting cluster number. This is true and has been verified on all three FAT file systems. 2. The cover file and the hidden file have to be at the same hierarchical level in the directory structure. In light of this point, we have to ask the following question“Is it possible to have two files with the same name but different contents at the same hierarchical level- i.e., on the same drive, inside the same partition, and inside the same folder? The answer to this question is “No”. Trivially, there are two ways to attempting to create two files with the same name1. Renaming an existing file-Two files already exists inside a folder with different names. Try to rename one of the them to have the same name as

Duplicate File Names-A Novel Steganographic Data Hiding Technique

263

the other by either right clicking or by opening the file and using the “save as” option under file menu. An error message will pop up. 2. Creating a new file- A file already exists. Try to create a new file and save it in the same folder as the existing one with the same name. This is same as opening an existing file and using “save as” option. Once again you will see an error message pop up. In summary, one cannot save two file with the same name inside the same directory without overwriting. Once overwritten, the original file content will be lost forever although parts of it may be recovered from slack space. None-the-less, creating multiple files with duplicate names can be easily accomplished with the use of any freely available HeX editor. This requires some knowledge of the underlying file system and the associated OS. With the help of a HeX editor, the adversary can rename multiple files with a single name. Since, with a HexEditor, we work below the file system, the OS will not complain about the file already existing. Neither does the OS overwrite the contents of the original file. This way, there can be several files with the same name inside the same directory. This has been illustrated in Fig.1

Fig. 1. Screenshot of a diskette storing two files with exactly the same name and extension at the at the same hierarchical level

There are several common areas on the disk that are either unused or reserved and can serve the purpose of hiding data without interfering with the intended primary operations of the storage partition. Below is the a list of areas common to both OS partition and non-OS partition.

264

– – – –

4

A. Srinivasan and J. Wu

Slack Space- RAM and File Slack Boot Sector of non-bootable partition Unallocated Space Volume Slack

Application Scenario

In this section we present two application scenarios in different domain to emphasize the potential threat that Duplicate File Name data hiding technique can pose. 1. Scenario- 1: Child Pornography: A child pornographer can hide child porn images and/or videos using the same name as that of an innocuous looking image and/or video file respectively. The child pornographer can be doing this at his work place or at home. Since two files have the same name and clicking on either will always open the known good cover file. 2. Scenario- 2: Information Theft: A company employee easily steal confidential and proprietary data. The employee can steal the data very easily. He can save it on to his system with the name of a file he has privilege to access. Then copy both the original file and the file he is stealing with the Duplicate Name and walk out. Even if there is any sceurity screeningNo body would immediately wonder as to how two files with the same name can be copied to the same directory. The following two situations have to be clearly differentiated. Duplicate files can have the same name and or different names. If they have the same name and are inside the same volume on a drive, then there will be only one root directory entry for all copies of the file with the same name. However, if duplicate copies have different names, then there will be a separate root directory entry for each copy with a different name irrespective of the hierarchy they reside at. In the former situation, as long as duplicate copies are inside the same volume, copies with the same name will have consistent data as long as they are duplicate. However, in the later scenario, modifying a file will not update the duplicate copies with different file names. As already mentioned, in this paper we are trying to resolve the first scenario. There are commercially available tools to handle the second and third scenario. The fourth scenario is benign and poses no threat as such.

5

Hiding On Floppy Disk

For simplicity, we consider the example of hiding a malicious file on a floppy disk formatted with FAT12 file system. Additionally, to enable the reader in appreciating and understanding the file hiding technique presented in this paper, we will briefly discuss the layout of a floppy disk formatted with FAT12 file system and important data structures as shown in Fig.2. The entire floppy disk can be divided into two main regions.

Duplicate File Names-A Novel Steganographic Data Hiding Technique

265

1. System Region 2. Data Region System region consists of important system areas and data structures as follows1. Boot Sector 2. File Allocation Table (a) Primary FAT (b) Secondary FAT 3. Root Directory For file recovery, the two most critical regions are the File Allocation Table and the Root Directory. The standard, default size of a root directory entry is 32 bytes and is consistent across the three FAT file systems-12, 16 and 32. In this paper we will restrict our discussions to FAT file systems for simplicity of conveying the idea. The 32 byte directory entry of a file stored on a FAT formatted volume has some critical information, which are listed below, that can be useful in detecting different files with duplicate names. 1. 2. 3. 4. 5. 6. 7. 8. 9. 10.

File Name File Extension File Attribute(s) Create Date Created Time Last Accessed Date Modified Date Modified Time Start Cluster Number File Size

In particular, for files that have different content but the same name and extension, the start cluster numbers have to be unique. The file size, in almost all cases should be different as well, however it cannot serve as an evidence to trigger suspicion nor serve as a confirmatory litmus test. The same vulnerability can be seen from another perspective of having positive applications including hiding password files in plain sight. Such file can be accessed and opened on the fly by the methods presented later in this paper.

6

The Process of Hiding

In this section, we will discuss the method of hiding files with duplicate name using HeX Editor tool. The file uses size as the key requirement for choosing a cover file. Extension is not a key concern when choosing cover file since extension can be easily modified for the malicious file to match that of the cover file. Without of loss of generality, we will use “Good File” to refer to the cover file being used whose name will not cause any suspicion or raise flags and “Bad

266

A. Srinivasan and J. Wu

Fig. 2. The two main regions of a FAT12 formatted floppy disk and regions and data structures within the system region of a FAT12 formatted floppy disk

File” to refer to the file being hidden which can be proprietary information of a corporate, child pornography image or video, etc. The tool scans the entire root directory and returns the top five files whose size match the given file in size and attributes very closely. Then the user can choose a file whose name and extension will be used as the cover for hiding the malicious file. Once the user makes his choice, the rest is very simple. 1. 2. 3. 4.

The user initially save the file to be hidden on the storage device. The user then loads the storage device into a hex editor and opens it. User locates the entry in the root directory for the file to be hidden. User over writes the name and extension of the file to be hidden with name and extension of the cover file. 5. User saves the changes made to the storage device. 6. Now, when the storage device is opened on any system, you can see two files with the exact name and extension at the same hierarchical level.

7

The Process of Detection and Recovery

Detecting files with duplicate names but different content can be performed in two different ways. Both these methods are described in detail below. Once two

Duplicate File Names-A Novel Steganographic Data Hiding Technique

267

or more files are detected to have the same name but different content using the method below, then they have to be recovered with out loosing data for their potential evidentiary value. 7.1

Renaming Method of Detection

1. Open the disk in a hex editor tool. 2. Scan the root directory entries on the entire disk including subdirectories for duplicate file names including the extension. If there is more than one file with the same name and extension, then cross check their start cluster number and logical file size. 3. Two files with the same name and extension, if they are exactly the same in content, should have the exact same start cluster number and logical size. 4. If the result of this test confirms the files under scrutiny have the same start cluster number, then it can be ignored since it represents duplicate files. 5. If the result of this test confirms that the file with duplicate names have different start cluster numbers, then they are clearly different. 6. The logical size cannot be used as a confirmatory test since two files with same name but different contents can have the same size. 7. Both these files can be now retrieved to a different location such that original content is not altered, rename them as DIRTY-1.EXT and DIRTY-2.EXT. Now open both files. Having named them differently, the malicious file will not be protected any longer since accessing it now will reveal the actual content.

8

Conclusion and Future Work

In this paper, we have exposed a subtle yet important vulnerability in file systems, specifically FAT, that can be exploited to hide files in plain sight and evade detection. We have also proposed simple solutions to overcome such data hiding techniques and detect hidden files. We will continue to investigate along these lines to uncover any such data hiding techniques that have been either unknown or have been dismissed as too trivial. We have shown strong reasons through example application scenarios where such simple techniques can have a big payoff for the adversary with minimum risk. In the second phase of this project we will be developing a tool that can be used to hide information in plain sight exploiting the same vulnerability. The tool will be primarily targeted for education and training purposes. As part of our future work we will be investigating anti-forensics techniquestechniques that are specifically designed to hinder or thwart forensic detection of criminal activities involving digital equipment and data. Also on our agenda of future research is Denial-of-Service attacks exploiting file system knowledge.

References [HBW2006] Huebnera, E., Bema, D., Wee, C.K.: Data hiding in the NTFS file system. Digital Investigation 3(4), 211–226 (2006) [P1998] Liu, Brown: Bleeding-Edge Anti-Forensics. In: Infosec World Conference & Expo. MIS Training Institute

268

A. Srinivasan and J. Wu

[AB1992] Abramson, N., Bender, W.: Context-Sensitive Multimedia. In: Proceedings of the International Society for Optical Engineering. SPIE, Washington, DC, September 10-11, vol. 1785, pp. 122–132 (1992) [BGM1995] Bender, W., Gruhl, D., Morimoto, N.: Datahiding Techniques. In: Proceedings of SPIE 2420 (1995) [BGML1996] Bender, W., Gruhl, D., Morimoto, N., Lu, A.: Techniques for Data hiding. IBM System Journal 35(3&4) (1996) [BL2006] Buskrik, Liu: Digital Evidence: Challenging the Presumption of Reliability. Journal of Digital Forensic Practice 1, 19–26 (2006), doi:10.1080/15567280500541421 [GM2005] Garfinkel, Malan: One Big File is Not Enough: A Critical Evaluation of the Dominant Free-Space Sanitization Technique. In: The 6th Workshop on Privacy Enhancing Technologies, June 28-June 30. Robinson College, Cambridge [LB2006] Liu, Brown: Bleeding-Edge Anti-Forensics. In: Infosec World Conference & Expo. MIS Training Institute [MK2000] McDonald, A., Kuhn, M.: StegFS: A Steganographic File System for Linux. In: Pfitzmann, A. (ed.) IH 1999. LNCS, vol. 1768, pp. 463–477. Springer, Heidelberg (2000) [TM2006] Thompson, I., Monroe, M.: FragFS: An Advanced Data Hiding Technique. In: BlackHat Federal, Wang (2004) [MetaSplolt] Metasploit Anti Forensics Project, http://www.metasploit.com/research/projects/antiforensics/ [G2005] Grugq: The Art of Defiling, Black Hat (2005), http://www.blackhat.com/presentations/bh-usa-05/bh-us-05-grugq.pdf

A Framework for Securing Web Services by Formulating an Collaborative Security Standard among Prevailing WS-* Security Standards M. Priyadharshini1, R. Baskaran2, Madhan Kumar Srinivasan3, and Paul Rodrigues4 1,2

Computer Science Department, Anna University, Chennai, India [email protected], [email protected] 3 Education & Research, Infosys Technologies, Mysore, India [email protected] 4 Department of IT, Hindustan University, Chennai, India [email protected]

Abstract. Web Services enables communication between applications with a less working out on the underlying mechanics of communication. This paper provides a brief introduction to security concepts and describes in detail various specifications related to security among WS-* family and association among those specifications. Web Service Standards available do not completely address security for web services. In this paper we have proposed a framework that consists of components which could secure web service interactions facilitating interoperability between various WS-* security standards, by devising a collaborative security standard based on the associability of WS-* security standards and can be furthermore customized by optimizing the selection and projection functions of standard list and parameter list. The parameter list is again formulated by clear understanding of association of the WS-* security standards. Keywords: WS-* family, collaborative security standard, interoperability, web services.

1 Introduction Today’s enterprises take advantage of the benefits of loosely coupled web services and made it an integral part of their business process. Therefore, need for security in business process raises the level of security needs in web services as well. The loose coupling is possible in web services due to extensive usage of XML (Extensible Mark-up Language). XML is used in web services for describing, requesting, responding and so on, which drives us to secure XML messages if web services need to be secured. The chapter just following briefs about the Web Service Model, Chapter III about the various security issues need to be addressed in web services and Chapter IV describes about formulation of collaborative security standard and proposed framework which provides an interoperable and secure gateway for web service usage. Chapter V briefs about various WS-* security standards along with the A. Abraham et al. (Eds.): ACC 2011, Part IV, CCIS 193, pp. 269–283, 2011. © Springer-Verlag Berlin Heidelberg 2011

270

M. Priyadharshini et al.

issues addressed by those specifications and followed by Chapter VI about the associations that exist between the standards, which serves as the basis for formulating the collaborative security standard. In Chapter VII selection criteria based on scenarios is presented with few scenarios and finally Chapter VIII gives how evaluation process can be done for evaluating the security provision of the framework

2 Web Service Model Web service model is one of the approaches for building SOA (Service Oriented Architecture). Service provider creates a web service and its service definition and publishes in the service registry. Service Requestor finds the service in the registry and obtains the WSDL description and URL to the service itself. The service requestor with the help of information obtained binds to the service and invoke it. Figure 1 shows the web services model as interaction between service requestor and service provider through UDDI registry which is same as that of the Service Oriented Architecture.

Fig. 1. Web Services Model

The core technologies which form the foundation of Web services are SOAP, WSDL and UDDI. 2.1 SOAP Simple Object Access Protocol (SOAP) is used as a standard to exchange messages between client applications and services that run on server through Internet infrastructure. The method invocation is made as a SOAP request and result is passed as SOAP response. SOAP message are in form of XML and it encapsulates as optional element and as mandatory element inside a [1]. Soap Header holds the information needed by the SOAP node

A Framework for Securing Web Services

271

to process the SOAP message such as authentication, routing etc. Soap body contains the information to be sent to the SOAP message receiver. The format of SOAP request and response will be as follows [7]: Table 1. SOAP Request invokes OrdItem() method from http://www.Tanishq.com/Order and SOAP Response passes order number generated on processing the order to the client SOAP Request to Process Order 70010 105057 WGRWRD WhiteGoldRing WithRoundDiamond 8332 2010-02-10 0:10:56

SOAP Response on Processing Order 20014

Table 2. Sample WSDL for Placing Order is specified OrderItem.WSDL

272

M. Priyadharshini et al. Table 2. (Continued)



2.2 WSDL WSDL is an XML document which is the web service interface published by the service providers. Service requestors who wish to access the service can read and interpret the WSDL file. The information in the WSDL file is as follows: • • • •

Location of the service Operations performed by the service Communication Protocol supported by the service Message Format for sending and receiving request and responses.

2.3 UDDI UDDI (Universal Description, Discovery and Integration) is the directory which has list of web service interfaces provided by various businesses. The interfaces are represented using WSDL which is rendered when businesses find the interfaces suitable for their search. UDDI are public or private platform-independent framework driven by service providers like Dell, IBM, Microsoft, Oracle, SAP, and Sun as well as few e-business leaders. Web service is a powerful technology for distributed application development and integration. Today’s most e-commerce applications are based on the involvement of web services and hence make web service as an essential element in current scenario. Next chapter elaborates security issues in web services.

3 Security Issues As stated earlier Web Services rely on Internet infrastructure and hence the security issues encountered in network is encountered in web services also. 3.1 Confidentiality Confidentiality specifies that the content of the message should be accessed only by the sender and receiver. This is achieved by appropriate encryption and decryption

A Framework for Securing Web Services

273

algorithms applied on entire message or parts of the messages. SSL using HTTPS can provide point-to-point data privacy i.e. security at transport level. At application level sensitive data fields can be applied with encryption mechanisms. Sniffing or eaves dropping is an attack with respect to confidentiality. 3.2 Authentication Authentication is establishment of proof of identities among entities involved in the system. Username and password are used for authenticating the user at platform level. At message level to provide authenticity SOAP headers [5] is added with user name and password, assigned tickets and certificates such as Kerberos and X.509 certificate. In application level custom methods can be included for authentication. Single Sign on or Trust relationship need to be incorporated in routing to provide authentication between multiple services. 3.3 Authorization One entity may be authorised to do certain operations, and access certain information whereas others may not be. In Web services access control mechanisms need to be provided in form of XML (XACML and SAML). Access control may be based on Role (RBAC), Context (CBAC), Policy (PBAC), Attribute (ABAC) and so on[2]. 3.4 Non-Repudiation Non-Repudiation is disclaiming the message sending or receiving, time of sending and receiving the message. On critical and secure service access non-repudiation is one of the major issues. A Central arbiter Trusted Third Party (TTP) [1] should be introduced along with XML Signature to provide security in these cases. 3.5 Availability Authorized resources and services available at all times are meant by availability. Denial of Service (DOS) is the commonly encountered problem related to availability. 3.6 Integrity The change of message content during transit leads to loss of Integrity. It is mainly concerned with the web service description (WDSL) file. On tampering and changing this file, intended service may not get bind to the requestor and even problems may arise in case of composition. Proper Hashing algorithm or XML Signature may overcome this issue.

4 Proposed Security Framework Including Formulation of Collaborative Standards 4.1 Security Framework The Proposed Security Framework consists of components such as Security Manager, Static Analyser and Dynamic Analyser. Figure 2 depicts the Security Framework

274

M. Priyadharshini et al.

which serves as a gateway to ensure the security of the web service access from various distributed client applications. Web Service model involves the process of publishing and invoking services. Proposed Security Framework includes security list formation and corresponding parameter list which is devised as a collaborative security standard. Static Analyser is the component which is invoked during registering of service, which will guide the service provider or the publisher to customise and hence record the security standard values for the Standard List as well as corresponding Parameter List.

Fig. 2. Security Framework

Dynamic Analyser component is invoked during discovery and execution of the service, checks for the correctness of the security needs specified in the standard at various levels such as message and transport level. Security Manager is the component in the framework which manages the process of proper execution of the framework maintaining the logs made during Static and Dynamic Analysis. SM={ | af() }

(1)

Where SL – Standard List PL (SL) – Parameter List of Standard List Item Slog – Service Log af – registering or access function 4.2 Collaborative Security Standard Collaborative security standard consist of Standard List and Parameter List. A Standard list is selected based on the precise understanding of the security needs and the WS-* Security Standards and their associations, which could address the needs.

A Framework for Securing Web Services

275

Standard List (SL) formulated with WS-*(all XML Security standards) pertaining to security as input: SL = {I | I Є WS} WS = {t | t Є sf(WS-*)} Where SL – Standard List I - Standard List Item sf – selection function selecting among WS standard Items with security as objective

(2)

Parameter List (PL) for each Standard List (SL) which are found to be suitable for inclusion: PL = {P | P Є pf (SL)}

(3)

Where pf – Projection function to list out only mutually exclusive parameters

5 WS-* Security Standards Organization for the Advancement of Structured Information Standards (OASIS) and World Wide Web Consortium (W3C) devised many WS standards which were used for providing security, reliability, and transaction abilities in web services. These WS* standard specifications help to enhance the interoperability between different industry platforms, most notably Microsoft’s .NET platform and IBM’s WebSphere software. This chapter will discuss on the standards which concentrate on Security. 5.1 WS-Policy WS-Policy [9] is general-purpose framework model that describes web service related policies. A policy can specify properties, requirements and capabilities of the web services. While service request is been sent this policy is used to validate and accept the request. For example a Policy can mandate the web service for NEFT (NonElectronic fund Transfer) to provide service between 10:00 AM and 5:00 PM from Monday to Friday and between 10:00 AM and 2:00 PM on Saturdays or that request should be signed using X.509. The Policies defined in WS-Policy can be attached to service endpoints or XML data using WS-PolicyAttachment. The Polices can be retrieved from SOAP node using WS-MetadataExchange. Specific Policy assertion related to text encoding, SOAP Protocol version and Predicates that enforce the header combinations existing between SOAP messages are defined using WS-PolicyAssertions. The Proposed Security Framework consists of components such as Security Manager, Static Analyser and Dynamic Analyser. Figure 2 depicts the Security Framework which serves as a gateway to ensure the security of the web service access from various distributed client applications. Web Service model involves the process of publishing and invoking services. Proposed

276

M. Priyadharshini et al.

Security Framework includes security list formation and corresponding parameter list which is devised as a collaborative security standard. 5.2 WS-SecurityPolicy WS-SecurityPolicy[8] consists of the security related assertions such as ‘Security Token’ which tells the requestor which security token need to be used while calling a given web service. The other assertions include assertions specifying about Integrity, Confidentiality, and Visibility which are used to specify the message part that need to be protected and that parts need to remain unencrypted. Message expiry can be prompted using ‘Message Age exception’. For Instance, XPath based SignedElements assertion is used to arbitrary message element that need Integrity protection. The RequiredParts and RequiredElements using QNames and XPath are used to specify the header element the message should contain. WS-SecurityPolicy also consists of assertions related to cryptographic algorithms, transportation binding and the order of applying cryptographic algorithms. 5.3 WS-Security WS-Security Standard addresses Confidentiality and Integrity of XML messages transferred as request and responses. The header [12] is used to attach security related information. WS-Security standard defines cryptographic processing rules and methods to associate security tokens. Since SOAP messages are processed and modified by SOAP intermediaries, mechanisms such as SSL/TLS are insufficient to provide end-to-end security of SOAP messages and hence WS-Security gain importance. WS-Security specifies that signature confirmation attribute included to digital signature of request and again back included in the response message, as signed receipt , in order to ensure that the request or response are tied to corresponding response or request. WS-Security defines a mechanism to associate a security token by including them in the header and a reference mechanism to refer the tokens in binary and XML formats. ‘Username Token Profile’ adds literal plaintext password, hashed password, nonce (time variant parameters), and creation timestamp to already available Username Token. ‘Kerberos token profile’ defines the way in which Kerberos tickets are embedded into SOAP messages. The Other profiles include ‘WSSecurity X.509 Certificate token profile’, ’SAML token profile’ and ‘Rights Expression Language Token profile’. 5.4 WS-SecureConversation WS-Secure Conversation [10] defines way to establish ‘security contexts’ identified by an URI, which will permit existing SSL/TLS connection to be shared by subsequent requests to a web server in the transport level. When overheads related to key management raises due to introduction of message level security and as a result of which scalability becomes a problem this standard proves to be a better solution. There are three different ways to establish Security contexts. First, SCT (Security Context Token) retrieval using WS-Trust i.e. SCT is retrieved from a security token

A Framework for Securing Web Services

277

service trusted by the web service. Second, SCT created by the requestor which has a threat of getting rejected by the web service. Third, using security context mutually agreed by requestor as well as provider using challenge-response process. This is SCT is then used to derive the session key, which is used for subsequent encryption and authentication codes. When Security context time exceeds the communication session then it will be cancelled but if it gets expired then it has to be renewed. 5.5 WS-Trust WS-Trust [11] standard introduces ‘Security Token Service’ which is a web service that issue, renew and validate security tokens. While multiple trust domains are involved, one security token can be converted into other by brokering trust. When a requestor wants to access a web service and he doesn’t hold the right security token specified in the policy. The requestor may state the available token and ask for the needed token to STS else requestor may delegate the responsibility of finding the ‘right’ token to STS itself and state only available token and just ask for the ‘right’ token. When the requestor includes time variant parameters as entropy while requesting for token, STS will return a secret key material which is called proof-of-possession. In this case token may be a certificate whereas the proof-of-possession is the associated private key. Requestor who needs an authorisation token for a colleague which need to be valid only till a particular time period can get a token from WS-Trust. 5.6 WS-Federation ‘Federation’ means two or more security domains interacting with each other, letting users to access the services from other security domain. Each domain has its own security token service and each of them has their own security policies. There are few XML standards used along with the WS-* security standards discussed above, which could help those standards in addressing the security issues. They include XMLSignature, XMLEncryption, SAML (Security Assertion Mark-up Language), XACML (Extensible Access Control Mark-up Language) and XKMS (XML Key Management Specification) and so on. XMLSignature. XMLSignature is the protocol which describes the signing of digital contents as whole or in parts. This provides data integrity and also important for authentication and non-repudiation of web services. This may also be used to maintain integrity and non-repudiation of WSDL files to enable definition of web service to be published and later trusted. XMLEncryption. XMLEncryption ensures confidentiality and hence provide secure exchange of structured data [3]. XMLEncryption can be applied to parts and even for documents in persistent storage, in contrast to SSL or VPN. Algorithms such as RSA, Triples DES are used for encryption, combination of these algorithms also prove to increase security during message exchange.

278

M. Priyadharshini et al.

SAML. SAML [4] is an XML standard for asserting authentication and authorisation information. Single sign-on (SSO) between different systems and platforms are realised using SAML. SAML does not establish or guarantee the trust between participants instead assumes and requires trust between them. Also SAML does not guarantee confidentiality, integrity or non-reputability of the assertions in transit. This could only be provided by XMLEncryption and XMLSignature or any other mechanisms supported by underlying communication protocol and platform. XACML. Extensible Access Control Mark-up Language express access control rules and policies used to derive access decision for set of subjects and attributes. In case of multiple rules and policies encoding rules, bundling rules into policies and defining selection and combination algorithms are done by XACML. Access control list in XACML consists of four tuples: • • • •

Subject – UserIds, groups or role names Target Object – single document element Permitted action – read, write, execute or delete (not domain specific) Provision – execute on rules activation – initiating log-in requesting additional credential etc,

XMLKeyManagementSpecification. XMLKMS is the web service interface which provides public key management environment for usage in XMLSignature and XMLEncryption. It consists of two sub protocols XML key information service specification and XML key registration service specification. The former is used for locating and retrieving public keys from key server. The later defines service interfaces to register to revoke and recover escrowed keys from key server. So far we had discussed about various WS-* standards that are related to security. Other than these standards we also have standards which ensures factors such as reliability, transaction, routing in web services such as WS-ReliableMessaging, WSTransaction, WS-Routing, WS-Discovery etc.,

6 Collaboration of WS-* Security Standards All the above standards discussed do not provide an entire solution on their own but need to be used along with other specification to finally arrive at an end to end security standard. For example WS-Security does not provide session management and that is done by WS-SecureConversation. The security solution can be tailored by the solution providers according to the specific need. In order to tailor the security solution it becomes necessary for the service providers and researchers involved in providing such solution to have a clear insight about the association of these standards in detail, which is as follows.

A Framework for Securing Web Services

279

WS-SecurityPolicy provides assertions specific for security. WS-Policy extends WS-SecurityPolicy provides all generic assertions. Hence WS-Security Policy fits into WS-Policy. The security assertions specified in the WS-Security Policy are utilized by WS-Trust, WS-Security and WS-SecureConversation. Security Assertions are represented using SAML. WS-Trust utilizes WS-Security for signing and encrypting SOAP Messages with the help of XMLSignature and XMLEncryption[6]. WS-Trust utilizes WSPolicy/WS-SecurityPolicy for expressing Security Token and to determine which particular security token may be consumed by a given web service.

Fig. 3. Collaboration of WS-* Security Standards Table 3. Summarises the WS-* Security Standards, their purpose and how they collaborate Standard

Purpose

Related Standards

WS-Policy

Define assertions for web services

WS-SecurityPolicy

WS-SecurityPolicy

Define security Assertions

WS-Security

Provide Message Security

WSSecureConversation WS-Trust

Establish security context

WS-Trust WS-Federation WS-Security WS-SecureConversation WS-Federation WS-Security

Security Token Management

WS-Security WS-SecuirtyPolicy

WS-Federation

Enable cross domain access

WS-Security WS-SecurityPolicy WS-Trust

280

M. Priyadharshini et al.

WS-Security uses session keys generated by WS-SecureConversation for subsequent encryption and decryption of messages. WS-Federation uses the WSSecurity, WS-SecurityPolicy and WS-Trust to specify the scenarios in which the requestors from one domain can get access to services in the other domain.

7 Scenarios of Security Challenges and Technological Solutions The proposed system provides us with an environment which could handle different scenarios of security challenges in different ways, but in an integrated and exhaustive manner ensuring the whole security challenges as per the requirements. Table 4. Selection criteria for choosing the WS-* Standards based on security challenges Security Challenge Confidentiality Authorisation

Standard List WS-Security WS-Trust

Authentication

WS-Security

Non-repudiation Availability Integrity

WS-SecureConversation WS-Security WS-Security WS-SecurityPolicy

Parameter List XMLEncryption SAML Assertion XACML Assertion Username Token Profile Kerberos token profile Certificate token profile SAML token profile Rights Expression Language token profile STS,X.509,Kerberos XMLSignature XMLSignature Username Token Profile Kerberos token profile Certificate token profile SAML token profile Rights Expression Language token profile

SCENARIO #1. A Project Proposal is formulated which is aiming at accessing lab results from various laboratories, who are specialist in performing diagnosis for various diseases. This project is intended to be used by all hospital management applications. This could give doctors a clear picture of the status of a patient. In the system requirements, identified significant non-functional requirement is security. SCENARIO #2. A renowned Bank plans to provide a facility of Tax Payment, which access a Tax calculator service, followed by payment through their payment gateway. The Service implementation needs to be incorporated so as to secure the profile of user details and tax amount as well.

A Framework for Securing Web Services

281

Table 5. We provide a listing for the above said scenarios, which gives the list of Security Objectives, possible Standard List and corresponding Parameter List, which could be the inputs from Static Analyzer to our system and used by Dynamic Analyzer during discovering and binding process Scenario # 1: Provider: Diagnostic Laboratories Requestor: Doctors

#2: Provider: Accounting Offices Requestor: Bank

Security Challenge Confidentiality Authorisation Authentication Nonrepudiation

Confidentiality Integrity

Standard List

Parameter List

SL= {WS-Security, WS-Trust, WSSecureConversation } WS= {WS-Security, WS-Trust, WSSecureConversation | sf (WS-Security, WSTrust, WSSecureConversation, WS-SecurityPolicy)}

PL= { pf (XMLEncryption, SAML Assertion, XACML Assertion, Username Token Profile ,Kerberos token profile, Certificate token profile ,SAML token profile, Rights Expression Language token profile, STS Token, X.509 Token, Kerberos Token)} PL= {XMLEncryption, SAML Assertion, XACML Assertion, (Username Token Profile || Kerberos token profile || Certificate token profile|| SAML token profile || Rights Expression Language token profile), (STS Token || X.509 Token || Kerberos Token)} PL= { pf (XMLEncryption, XMLSignature, Username Token Profile ,Kerberos token profile, Certificate token profile ,SAML token profile, Rights Expression Language token profile)} PL= {XMLEncryption, XMLSignature, (Username Token Profile || Kerberos token profile || Certificate token profile|| SAML token profile || Rights Expression Language token profile)}

SL= {WS-Security, WS-SecurityPolicy } WS= {WS-Security, WS-SecurityPolicy | sf (WS-Security, WSTrust, WSSecureConversation, WS-SecurityPolicy)}

8 Evaluation Process The formulation of collaborative security standard done by the framework can be justified by performing combinations of testing appropriate to the security objectives. Inputs for this testing are taken from Slog managed by Security Manager.

282

M. Priyadharshini et al.

n Security Metric sm =

i=1 Where

(Nai – Nfi)

(4)

Σ

Nai

n is the number of security objectives, Nai is total number of times client request for the service with security objective i Nfi is number of times program fails to access the service with security objective i

The security metric(sm) when maximum denotes a better security objective achievement. The individual values of Nai and Nfi as well as security metric(sm) gets updated for each discovery and binding in the Slog, which can be used for further optimisations.

9 Conclusion To provide better interoperability it is not enough to have a good level of understanding on these WS-* Security Standards but collaboration of these standards need to be clearly known without any discrepancies. Web Services Interoperability Organization (WS-I) provides security profiles which specifies the best combinations of these standards, yet it is difficult to devise a customized collaborative security standard and a framework to implement the standard which is proposed in this paper. The Optimization of the customization process can be performed by the logs maintained by the Security Manager component which will be taken care during the implementation of the above proposed framework.

References 1. Sinha, S., Sinha, S.K., Purkayastha, B.S.: Security Issues in Web Services: A Review and Development Approach of Research Agenda. AUJST: Physical Sciences and Technology 5(II) (2010) 2. Zhang, Y., Sun, C., Yang, J., Wang,Y.: Web Services Security Policy. In: International Conf. on Multimedia Information Networking and Security (2010) 3. Liu, W.-j., Li,Y.: Research and Implementation Based on Web Services Security Model. In: International Conference on Innovative Communication and Asia-Pacific Conference on Information Technology and Ocean Engineering (2010) 4. Nortbotten, N.A.: XML and Web Service Security Standards, IEEE Communications Surver & Tutorials, 3 (Third Quarter 2009) 5. Kadry, S., Smaili, K.: A Solutions for Authentication of Web Services Users. Information Technology Journal 6(7), 987–995 (2007) 6. Geuer-Pollman, C., Calessens, J.: Web Services & Web Services Security Standards. Information Security Technical Report, 10, 15–24, Published by Elsevier (2005) 7. WSDL Binding for SOAP 1.2, http://schemas.xmlsoap.org/wsdl/soap12/soap12WSDL.htm

A Framework for Securing Web Services

283

8. WS-SecurityPolicy 1.2 (July 1, 2007), http://docs.oasis-open.org/ws-sx/wssecuritypolicy/200702/ws-securitypolicy-1.2-spec-os.html 9. Web Service Policy 1.5 Framework, W3 Recommendations, 4 (September 2007), http://www.w3.org/TR/2007/REC-ws-policy-20070904 10. WS-SecureConversation 1.3, OASIS Standard (March 1,2007), http://docs.oasis-open.org/ws-sx/wssecureconversation/200512/ws-secureconversation-1.3-os.html 11. WS-Trust 1.3, OASIS Standard (March 19, 2007), http://docs.oasis-open.org/ws-sx/ws-trust/200512 /ws-trust-1.3-os.html 12. Web Services Security: SOAP Message Security1.0 (WS-Security 2004), OASIS Standard (March 01, 2004), http://docs.oasis-open.org/wss/2004/01 /oasis-200401-wss-soap-message-security-1.0 13. Chakhar, S., Haddad, S., Mokdad, L., Mousseau, V., Youcef, S.: Multicriteria EvaluationBased Conceptual Framework for Composite Web Service selection, http://basepub.dauphine.fr/bitstream/handle/123456789/5283/m ulticriteria_mokdad.PDF?sequence=2

Improved Web Search Engine by New Similarity Measures Vijayalaxmi Kakulapati1, Ramakrishna Kolikipogu2, P. Revathy3, and D. Karunanithi4 1,2

Computer Science Department, JNT University, Hyderabad, India [email protected], [email protected] 3 Education & Research, Infosys Technologies Limited, Mysore, India [email protected] 4 Information Technology Department, Hindustan University, Chennai, India [email protected]

Abstract. Information retrieval is a process of managing the user's needed information. IR system captures dynamically crawling items that are to be stored and indexed into repositories; this dynamic process facilitates retrieval of needed information by search process and customized presentation to the visualization space. Search engines plays major role in finding the relevant items from the huge repositories, where different methods are used to find the items to be retrieved. The survey on search engines explores that the Naive users are not satisfying with the current searching results; one of the reason to this problem is “lack of capturing the intention of the user by the machine”. Artificial intelligence is an emerging area that addresses these problems and trains the search engine to understand the user’s interest by inputting training data set. In this paper we attempt this problem with a novel approach using new similarity measures. The learning function which we used maximizes the user’s preferable information in searching process. The proposed function utilizes the query log by considering similarity between ranked item set and the user’s preferable ranking. The similarity measure facilitates the risk minimization and also feasible for large set of queries. Here we have demonstrated the framework based on the comparison of performance of algorithm particularly on the identification of clusters using replicated clustering approach. In addition, we provided an investigation analysis on clustering performance which is affected by different sequence representations, different distance measures, number of actual web user clusters, number of web pages, similarity between clusters, minimum session length, number of user sessions, and number of clusters to form. Keywords: Search engines, ranking, clustering, similarity measure, Information retrieval, click through data.

1 Introduction Web users request for accurate search results. Most of the Naïve users are poor in experts terminology in which they failed build right query to the search engine, due A. Abraham et al. (Eds.): ACC 2011, Part IV, CCIS 193, pp. 284–292, 2011. © Springer-Verlag Berlin Heidelberg 2011

Improved Web Search Engine by New Similarity Measures

285

this as one of the reason search engines are limited in capability in the providing accurate results. All most Google, Yahoo, Bing, Ask, etc search engines are in a nascent stage. Still they are interested in doing research to give better results to the end users through one click. Query expansion is one dimension of search engines problem, in which it allows to add new terms to the base query to form new query for better understandability of search engine. We had a survey on query expansion techniques in [7] our previous work. Even we found the difficulty to improve search results by adapting WordNet for term selection for Query reformulation [8]. With this experience [7] [8] we proposed a novel technique to improve the search results. One basic idea is to record the user interaction with the search engine. This information can be used by the user to feedback the base results. Such information is known as click-through data. This information helps to learn similarity between or among the query keywords. Firsthand information is always needed to decide the relevance of the search results. Similarity measure is a function that computes the degree of similarity between two vectors [6]. Different similarity measures are used to increase the function output as the item becomes more similar to the query. The query term based query expansion refers to the measurement of similarity between the terms of a query with the utilization of the similarity propagation of web pages being clicked [9] and the document term based query expansion refers to the measurement of similarity between or among document terms and search queries primarily based on the search engines’ query log of data [9]. The idea behind this is, that the web pages are similar if they are visited by users, which are issuing related queries and these queries are considered similar if the corresponding users visit related pages. The problem of web personalization has become very popular and critical with the faster growth of users in using WWW. The process of customizing web to meet the needs of specific users is called Web Personalization [10].Web customization is to meet the needs of users with the aid of knowledge obtained from the behavior of user navigations. User visits are essentially sequential in nature that needs the services of efficient clustering techniques, These provides sequential data Set similarity measure or S3M that are able to capture both the order of visits occurrence and the content of the web-page. We discuss how click-through information is used in section 3. We explore the importance of similarity measures in section 2 as Related Work.

2 Related Word Similarity Measures(SM) are used to calculate the similarity between documents ( or Web Items) and search query pattern. SM helps to rank the resulted items in the search process. It provides flexibility to present more relevant retrieved item in the search in the desired order. SM is used for Item clustering and term clustering. Statistical indexing and similarity measures [11].

286

V. Kakulapati et al.

2.1 Similarity Measure as Inner dot Product Similarity Measure SM between Item I and Query Q is measured as inner dot product for vectors. t SM(Ij , Q)=Σ Wi j Wi q i=1

Where Wij is weight of term i in Item j , and Wij is Weight of term I in query q. Wi j = TFi j / TOTFj TFi j = Fj /{ max(Fj )} Where TFij is occurrence of Term j in Item i and TOTFj is Total Term Frequency of term j in all Items of the Database. Sometimes less frequent terms in an item may have more importance than more frequent terms; in this case Inverse Item Frequency (IIF) is taken into consideration i.e TF-IIF weighting. Wi j = TFi j * IIFi = TFi j * Log (N/IF i ) Where N is total terms, IFi is Item Frequency. This is represented as binary vector and weighted vector. In binary vector inner dot product is number of matched query terms in Item. In Weighted vectors, it is the sum of product of the weights of the matched terms. It also used for clustering the Similar Items: SM(Ii , Ij)=Σ ( Termi *Termj ) This Inner dot product is unbounded good for larger Items with more number of unique terms. But one drawback of this technique is, it finds how many query terms have matched with Item terms, but not how many are not matched. Sometimes we use inverse Similarity for Relevance calculation in such cases it fails to provide good results. 2.2 Cosine Similarity Measure Inner dot product Similarity Measure is normalized by Cosine angle between two vectors. Cosine Similarity Measure (CSM) is defined as - ij .q CSM(Ij , Q) = -------|ij| .|q| CSM(Ij , Q) =

Improved Web Search Engine by New Similarity Measures

287

Fig. 1. Cosine Similarity Measure

Fig.1 Describes the similarity between Query Q terms and Item I 1 & I2 terms with angle θ1 and θ2 respectively. If the two vectors of Item Term and Query terms coincide and aligned to same line i.e. angle distance is zero, then those two vectors are similar [12]. Like few of the above many similarity measures are used to match the terms of user search to the repository item set. We used same similarity measures for comparison, but comparing information is taken not only from base search pattern, we extended the initial search pattern with the user personalized information and other sources of information to match the items that improve the search results. 2.3 User Personalization To improve the relevance of the user queries, user query logs and profiling is to be maintained as user logs. User Personalization can be achieved using adaption of user interface or adaption of content needed to specific user. To judge the relevance of search results users have no common mechanism. The order of ranking by user interest give better understanding of query results for future analysis. In domain specific search tools the relevance is closer to the ranking order and easy to judge the relevance. To capture the user behavior for future prediction [13] they used ranking quality measures. Using Implicit Feedback whether user get satisfied or not is predicted through learning by finding indicative features including way of search session termination, time spent on resultant pages[14]. The behavior of engine is observed by measuring the quality of ranking functions and observing natural user interactions with the search engine [15].

3 Click-through Data Measuring the similarity of search queries is observed by quarrying the increasing amount of click-through data recorded by Web search engines, which maintain log of

288

V. Kakulapati et al.

the interactions between users and the search engines [16]. The quality of training data considered by humans has major impact on the performance of learning to rank algorithms [17]. Employing human experts to judge the relevance of documents is the traditional way of generating the training examples. But in real time , it is very difficult, time-consuming and costly. From few observations [6] [7] [8] [11] [12] [14] [15] Simple Relevance judgment and normal personalization of user queries has no much affect in improving the search results. In this paper we claim a novel approach for selecting alternate source for user behavioral information i.e. click-through data. Click-through data helps the user to captures the similar features from the past user navigations and searches for alternate items to retrieve. This approach has significant information to decide whether the user option for relevance feedback improves search results or not. We used different similarity measures for matching the click through data aided to the personalized query logs or simple query logs. 3.1 Click-through Data Structure We took manually collected dataset for implementation setup. Our document collection consisting of 200 faculty profiles consisting of standardized attributes given as good meta-data. We begin ranking our document set using Coarse Grain Ranking Algorithm. Coarse grain ranking is good for the document ranking if the items are containing required query terms. This algorithm scores each document by computing a sum of the match between the query and the following document attributes: name of faculty, Department or branch, qualification summary, experience track, subjects handled publication details, references and other details. When we gave query to User interface it returns the following results: Query: “CSE Faculty with minimum of 5 years experience” Table 1. Ranking order of retrieved results for the above query 1

Dr.B.Padmaja Rani, 16 years of teaching experience. Http://www.jntuh.ac.in

2

Satya.K, CSE Faculty, http://www.cmrcet.ac.in

3

Ramakrishna Kolikipogu, CSE Faculty, 5 years experience in teaching http://www.jntuh.ac.in

4

Indiravathi, having 20 years experience, not working in CSE Department

5

Prof.K.Vijayalaxmi, Faculty of CSE, http://www.jntu.ac.in

6

Megana Deepthi Sharma, studying CSE, having 5 years experience in computer operation.

From the profiles document set that we have taken to experiment the model, we got the above result in the first attempt of query “CSE Faculty with minimum of 5 years experience”. We found interesting results i.e. 1, 3, 5 are relevant to the query and 2, 4, 6 are not relevant to the query. Due to blind similarity measure the results are not fruitful. Now we need user judgment for deciding the relevance of search results. The

Improved Web Search Engine by New Similarity Measures

289

user clicks are preserved for the future search process. If user clicks 3rd result first then it has to reserve the first rank among the relevance list. For capturing such click through data, we built a Click-through data data-structure as triplet. Click-through data in search engines is a triplet which consists of the query a, the ranking b presented to the user, and the set c or of links that the user clicks for every navigation. 3.2 Capturing and Storing Click-through Data Click through data can be captured with little overhead and without compromising the functionality and usefulness of the search engine. This does not add any overhead for the user compared to explicit user feedback in particular. The query q and the returned ranking r are recorded easily when ranking (resulted) is displayed to the user. A simple system can be used to keep log of clicks. The following system was used to do the experiments in this paper. We recorded queries submitted, as well as clicks on search results. Each record included the experimental condition, the time, IP address, browser, a session identifier and a query identifier. We define a session as a sequence of navigations (clicks or queries) between a user and the search engine, where less than 10 minutes passes between subsequent interactions. When attribute is clicked in query results keep track of recording clicks occurring within the same session as the query. This is important to eliminate clicks that appeared to come from stored or retrieved and captured search results. Sometimes if user is continuing search more than 10 minutes it is built in such a way that it continues the recording process. In order to capture the click through data as we used middle server. This proxy server records the user clicks information. It has no effect on overhead of the user in search. To give faster results we need to reduce processing time called overhead, in general recording increases the overhead, but in our approach recording click through data and ranking information has no effect on operational cost. The click-through data is stored in a triplet format Data-Structure. The query q and rank order r can be recorded when search engine returns initial results to the user. To record clicks, a middle server maintains a data store of the log file. User queries are given unique Ids, while searching IDs are stored into log file along with query terms and the rank information r. User need not think of storing Links displayed by the results page, but direct him to a proxy server. These links are steps to encode IDs of queries and URLs of the item being suggested. Recording of query, ranking order and URL address happens automatically through proxy server whenever a user clicks the feedback link. The server redirects the user to the clicked URL through HTTP protocol. All this process is done with no more operating cost, which keeps the search engine to present the results to the user with no much extra time.

4 Ranking and Re-ranking The ranking rule is set according to the rank score of the item equal to the number of selections of the same item in past. From the initial ranking we proposed a new ranking algorithm to redefine the user choice list. We use Probalistic Similarity Measure and Cosine Similarity Measure for Item Selection and Ranking for base Search.

290

V. Kakulapati et al.

1. Algorithm: Ranking (Relevant Items Set RIS) Input: Relevance Item Set RIS. Output: Ordered Item List with Ranking r. Repeat if (Reli >Relj) then Swap (Ii,Ij) else Return Item Set I with ranking Order Until (no more Items in RIS)

2. Algorithm: Re-ranking (Ranked Items Set S) Input: Ranked Item Set S. Output: Ordered Item List with Re-Ranking r. CTDRelj) then Swap (Ii,Ij) else Return Item Set I with Re-ranking Order Until (no more Items in S)

5 Experimental Setup We implemented the above concept using Java. We took 200 Faculty Profile Item Set S and Created Click-through Data set in a Table. Whenever user gives choice click from the retrieved Items to the visual place we recorded the click through data in to Click-through Data Table. Using Base algorithm 1 we rank the items in initial search process. We ran the search tool for more than 100 Times and build a click-through data table. For experimenting the algorithm 2, we ran the Search process again for multiple numbers of times and observed the results are more accurate than the initial search. This process has a number of advantages including, it is effortless to execute while covering a large collection of Items and the essential search engines provide a foundation for comparison. The Striver meta-search engine works in the following way. The user will type a query into the interface of the Striver. The query is then forwarded to MSN Search, Google, Excite, AltaVista, and Hotbot. The retrieved results of the pages returned by search engines are analyzed and diagonized for top 50 attempts that are suggested are somehow extracted. For every link, the system displays the name of the page along with its uniform resource locator (URL). The results of our experiment are shown in Table 2.

Improved Web Search Engine by New Similarity Measures

291

Table 2. Experimental Results Recommended Query from click through Data Table (Personalized Queries) CSE Faculty + 5 year experience

Q. No

Query

Average Relevance

Average Improvement

1

CSE Faculty

50.00%

82.00%

2

Faculty with 5 years experience

25.00%

98.00%

CSE Faculty with min. of 5 years experience

3

Experience Faculty in Computers

60.00%

79.00%

Experienced CSE Faculty

4

Experience

10.00%

18.00%

Minimum Experience

5

Computer Science Engineering

15.00%

50.00%

Computer Science Engineering Faculty

6

Teaching Faculty

40.00%

66.00%

Teaching Faculty for CSE

7

CSE

20.00%

50.00%

CSE Faculty

8

Faculty

12.00%

50.00%

CSE Faculty

9

CSE Faculty with good experience

80.00%

50.00%

CSE Faculty

6 Conclusion and Future Work With our proposed a model we measure the similarity of query term with Click through Data log Table instead of directly comparing the whole data set. This new Similarity gave positive result and improved the Recall along with Precision. For query suggestion based on user click through logs to implement it required less computational cost. The re-ranking and suggesting items for user to judge the results are enhance through this paper. Moreover, the algorithm does not rely on the particular terms appearing in the query and Item Set. Our experiments shows that click through data gave more related suggesting queries from the Table 2. Query Numbers 2>8>5>1>7>6>3>4>9 are the order of improved relevance. We observe some time if the Feedback is not right judged it even gives negative results. We experienced with Q.No .9 from Table 2. Inorder to overcome such negative impact from the Click through History we plan to enhance this base model more carefully by appending semantic network and Ontology as our future research direction.

References 1. Baeza-Yates, R.A., Baeza-Yates, R., Ribeiro-Neto, B.: Modern Information Retrieval. Addison-Wesley Longman Publishing Co., Inc., Amsterdam (1999) 2. Beitzel, D.M., Jensen, E.C., Chowdhury, A., Grossman, D., Frieder, O.: Hourly analysis of a very large topically categorized Web query log. In: Proceedings of the Annual International ACM SIGIR Conference on Research and Development in Information Retrieval, pp. 321–328 (2004)

292

V. Kakulapati et al.

3. Shen, X., Dumais, S., Horvitz, E.: Analysis of topic dynamics in Web search. In: Proceedings of the International Conference on World Wide Web, pp. 1102–1103 (2005) 4. Kumar, P., Bapi, R., Krishna, P.: SeqPAM: A Sequence Clustering Algorithm for Web Personalization. Institute for Development and Research in Banking Technology, India 5. Cohen, W., Shapire, R., Singer, Y.: Learning to order things. Journal of Artificial Intelligence Research 6. Shen, H.-z., Zhao, J.-d., Yang, Z.-z.: A Web Mining Model for Real-time Webpage Personalization. ACM, New York (2006) 7. Kolikipogu, R., Padmaja Rani, B., Kakulapati, V.: Information Retrieval in Indian Languages: Query Expansion model for telugu language as a case study. In: IITAIEEE, China, vol. 4(1) (November 2010) 8. Kolikipogu, R.: WordNet Based Term Selection for PRF Query Expansion Model. In: ICCMS 2011, vol. 1 (January 2011) 9. Vojnovi, M., Cruise, J., Gunawardena, D., Marbach, P.: Ranking and Suggesting Popular Item. IEEE Journal 21 (2009) 10. Eirinaki, M., Vazirgiannis, M.: Web Mining for Web Personalization. ACM Transactions on Internet Technology 3(1), 1–27 (2003) 11. Asasa Robertson, S.E., Spark Jones, K.: Relevance Weighting of Search Terms. J. American Society for Information Science 27(3) (1976) 12. Salton, G.E., Fox, E.A., Wu, H.: Extended Boolean Information Retrieval. Communications of the ACM 26(12), 1022–1036 (1983) 13. Kelly, D., Teevan, J.: Implicit feedback for inferring user preference: A bibliography. ACM SIGIR Forum 37(2), 18–28 (2003) 14. Fox, S., Karnawat, K., Mydland, M., Dumais, S., White, T.: Evaluating implicit measures to improve web search. ACM Transactions on Information Science (TOIS) 23(2), 147– 168 (2005) 15. Radlinski, F., Kurupu, M.: How Does Clickthrough Data Reflect Retrieval Quality? In: CIKM 2008, Napa Valley, California, USA, October 26-30 (2008) 16. Zhao, Q., Hoi, S.C.H., Liu, T.-Y.: Time-dependent semantic similarity measure of queries using historical click-through data. In: 5th International Conference on WWW. ACM, New York (2006) 17. Xu, X.F.: Improving quality of training data for learning to rank using click-through data. In: ACM Proceedings of WSDM 2010 (2010)

Recognition of Subsampled Speech Using a Modified Mel Filter Bank Kiran Kumar Bhuvanagiri and Sunil Kumar Kopparapu TCS Innovation Labs - Mumbai, Tata Consultancy Services, Pokhran Road 2, Thane (West), Maharastra 400 601. India {kirankumar.bhuvanagiri,sunilkumar.kopparapu}@tcs.com Abstract. Several speech recognition applications use Mel Frequency Cepstral Coefficients (MFCCs). In general, these features are used to model speech in the form of HMM. However, features depend on the sampling frequency of the speech and subsequently features extracted at certain rate can not be used to recognize speech sampled at a different sampling frequency [5]. In this paper, we first propose a modified Mel filter bank so that the features extracted at different sampling frequencies are correlated. We show experimentally that the models built with speech sampled at one frequency can be used to recognize subsampled speech with high accuracies. Keywords: MFCC, speech recognition, subsampled speech recognition.

1

Introduction

Mel Frequency Cepstral Coefficients (MFCC) are commonly used features in speech signal processing. They have been in use for a long time [3] and have proved to be one of the most successful features in speech recognition tasks [8]. For a typical speech recognition process (see Fig. 1), acoustic models are built using speech recorded at some sampling frequency during the training phase (boxed blue -.-. in Fig. 1). In the testing (boxed red - - - in Fig. 1) or the recognition phase, these acoustic models are used along with a pronunciation lexicon and a language model to recognize speech at the same sampling frequency. If the speech to be recognized is at a sampling frequency other than the sampling frequency of the speech used during the training phase then one of the two things needs to be done (a) retrain the acoustic models with speech samples of the desired sampling frequency or (b) change the sampling rate of the speech to be recognized (test speech) to match the sampling frequency of the speech used for training. In this paper, we address the problem of using models built for a certain sampling frequency to enable recognition of speech at a different sampling frequency. We particularly concentrate on Mel-frequency cepstral coefficient (MFCC) as features [9], [4] because of their frequent use in speech signal processing. Kopparapu et al [5] proposed six filter bank constructs to enable calculation of MFCC’s of a subsampled speech. Pearson correlation coefficient was used to compare the MFCC of subsampled speech and the MFCC of original speech. A. Abraham et al. (Eds.): ACC 2011, Part IV, CCIS 193, pp. 293–299, 2011. c Springer-Verlag Berlin Heidelberg 2011 

294

K.K. Bhuvanagiri and S.K. Kopparapu

Fig. 1. Speech Recognition - showing train and the test stages

In this paper, we construct a Mel filter bank that is able to extract MFCCs of the subsampled speech which are significantly correlated to the MFCC’s of original speech compared to the Mel filter banks discussed in [5]. This is experimentally verified in two ways (a) through the Pearson correlation coefficient and (b) through speech recognition experiments on AN4 speech database [1] using open source ASR engine [2]. Experimental results show that the recognition accuracy on subsampled speech using models developed using original speech is as good as the recognition accuracy on original speech and as expected degrades with excessive subsampling. One of the prime applications of this work is to enable use of acoustic models created for desktop speech (usually 16 kHz) with telephone speech (usually 8 kHz) especially when there is access to only the acoustics models and not to the speech corpus specifically as in Sphinx. The rest of the paper is organized as follows. In Section 2, largely based on our previous work [5], procedure to compute MFCC features and the relationship between the MFCC parameters of the original and subsampled speech is discussed. In Section 2.1, new filter bank is proposed. Section 3 gives the details of the experiments conducted to substantiate advantage of proposed modified filter bank and we conclude in Section 4.

2

Computing MFCC of Subsampled Speech

As shown in [5], let x[n] be a speech signal with a sampling frequency fs and be divided into P frames each of length N samples with an overlap of N/2 samples, say, {x1 , x2 · · · xp · · · xP }, where xp denotes the pth frame of the speech signal     N −1 x[n] and is xp = x p ∗ N2 − 1 + i i=0 . Computing MFCC of the pth frame involves,

Recognition of Subsampled Speech Using a Modified Mel Filter Bank

295

  1. Multiply xp with a hamming window w[n] = 0.54 − 0.46 cos nπ N , 2. Compute discrete Fourier transform (DFT) [7]. Note that k corresponds to the frequency lf (k) = kfs /N . Xp (k) =

N −1 

xp [n]w[n] exp−j

2πkn N

for k = 0, 1, · · · , N − 1

n=0

3. Extract the magnitude spectrum |Xp (k)| 4. Construct a Mel filter bank M (m, k), typically, a series of overlapping triangular filters defined by their center frequencies lf c (m). The parameters that define a Mel filter bank are (a) number of Mel filters, F , (b) minimum frequency, lf min and (c) maximum frequency, lf max . So, m = 1, 2, · · · , F in M (m, k). 5. Segment the magnitude spectrum |Xp (k)| into F critical bands by means of a Mel filter bank. 6. The logarithm of the filter bank outputs is the Mel filter bank output N −1

 Lp (m) = ln M (m, k)|Xp (k)| (1) k=0

where m = 1, 2, · · · , F and p = 1, 2, · · · , P . 7. Compute DCT of Lp (m) to get the MFCC parameters. Φrp

{x[n]} =

F 

 Lp (m) cos

m=1

r(2m − 1)π 2F

(2)

where r = 1, 2, · · · , F and Φrp {x[n]} represents the rth MFCC of the pth frame of the speech signal x[n]. The sampling of the speech signal in time effects the computation of MFCC parameters. Let y[s] denote the sampled speech signal such that y[s] = x[αn] where α = uv and u and v are integers. Note that α > 1 denotes downsampling while α < 1 denotes upsampling and for the purposes of analysis we will assume that α is an integer. Let yp [s] = xp [αn] denote the pth frame of the time scaled speech where s = 0, 1, · · · , S − 1, S being the number of samples in the time scaled speech frame given by S = N/α. DFT of the windowed yp [n] is calculated from the DFT of xp [n]. Using the scaling property of DFT, we have, Yp (k  ) =

α−1 1   l=0 Xp (k +lS) where k = 1, 2, · · · , S. The MFCC of the subsampled speech α is given by  F  r(2m − 1)π Φrp {y[n]} = Lp (m)cos (3) 2F m=1 where r = 1, 2, · · · , F and Lp (m)

= ln

S−1  k =0

 α−1 

1      M (m, k )  Xp (k + lS) α  



l=0

(4)

296

K.K. Bhuvanagiri and S.K. Kopparapu

Note that Lp and M  are the log Mel spectrum and the Mel filter bank of the subsampled speech. Note that a good choice of M  (m, k  ) is the one which gives (a) the best Pearson correlation with the MFCC (M (m, k) of the original speech and (b) best speech recognition accuracies when trained using the original speech and decoded using the subsampled speech. Kopparapu et al [5] chose different constructs of M  (m, k  ). 2.1

Proposed Filter Bank

We propose a Mel filter bank Mnew (m, k  ) for subsampled speech as  M (m, αk  ) for lf (k  ) ≤ ( α1 f2s )  Mnew (m, k ) = 0 for lf (k  ) > ( α1 f2s ) where k  ranges from 1 to N/α. Notice that the modified filter bank is the subsampled version of original filter bank with bands above α1 f2s set to 0. Clearly, the number of Mel filter bands are less than the original number of Mel filter bands. Let ξ be the number of filter banks whose fc is below fs /2α. Subsequently, Lp (m), the Mel filter bank output, is 0 for m > ξ. In order to retain the total number of filter bank outputs as the original speech we construct Lp (m) = (0.9)m−ξ Lp (ξ) for ξ < m ≤ F

(5)

Equation (5) is based on the observation that Mel filter outputs for m > ξ seems to decay exponentially.

3

Experimental Results

We conducted experiments on AN4 [1] audio database. It consists of 948 train and 130 test audio files containing a total of 773 spoken words or phrases. The recognition results are based on these 773 words and phrases. All the speech files in the AN4 database are sampled at 16 kHz. The Mel filter bank has F = 30 bands with lf min = 130 Hz and lf max = 7300 Hz and the frame size is set to 32 ms. The MFCC parameters are computed for the 16 kHz speech signal x[n], and also the subsampled speech signal x[αn]. The MFCC parameters of y[s] are calculated using the proposed Mel filter bank (5) while the MFCC of x[n] was calculated using (2). We conducted two types of experiments to evaluate the performance of the proposed Mel filter bank construction on subsampled speech. In the first set of experiments, we used the Pearson correlation coefficient (r) to compare the MFCC of the subsampled speech with the MFCC of the original speech along the lines of [5]. In the second set of experiments we used speech recognition accuracies to evaluate the appropriateness of the use of Mel filter bank for subsampled speech. We compared our Mel filter bank with the best Mel filter bank (Type C) proposed in [5].

Recognition of Subsampled Speech Using a Modified Mel Filter Bank

3.1

297

Comparison Using Pearson Correlation Coefficient

We computed framewise r for MFCCs of subsampled speech and the original speech. The mean and variances of r over all the frames are shown in Table 1. Clearly the Mel filter bank construction proposed in this paper performs better than the best method suggested in [5] for all values of α. For α = 16/4 = 4 the mean-variance pair for the proposed Mel filter bank is (0.85609, 0.04176) compared to best in [5] (0.67837, 0.14535). Table 1. Pearson correlation coefficient (r), between the MFCCs of original and subsampled speech Sampling factor α = 16/4 α = 16/5 α = 16/6 α = 16/7 α = 16/8 α = 16/10 α = 16/12 α = 16/14 α = 16/16

Proposed mean variance 0.85609 0.04176 0.90588 0.02338 0.9284 0.01198 0.94368 0.00633 0.96188 0.00005 0.98591 0.00037 0.989 0.00025 0.99451 0.00006 1 0

best mean 0.67837 0.70064 0.7201 0.7321 0.7465 0.8030 0.8731 0.9503 1

in [5] variance 0.14535 0.1280 0.1182 0.1010 0.0846 0.0448 0.0188 0.0029 0

Table 2. Recognition accuracies (percentage) Sampling factor Case A (30 MFCCs) Case B (39 features) proposed Best in [5] proposed Best in [5] α = 16/4 9.83 2.07 30.36 3.36 α = 16/5 20.18 1.68 58.86 2.85 α = 16/6 27.30 2.07 68.95 3.62 α = 16/7 31.44 2.33 73.22 5.30 α = 16/8 37 3.88 77.23 11.77 α = 16/10 40.36 7.12 80.50 34.15 α = 16/12 41.01 16.19 81.11 65.85 α = 16/14 42.56 34.80 82.54 77.10 α = 16/16 43.21 43.21 81.11 81.11

3.2

Speech Recognition Experiments

We used the 948 training speech samples of AN4 database to build acoustic models using SphinxTrain. Training is done using MFCCs calculated on the 16 kHz (original) speech files. Recognition results are based on the 130 test speech samples In Case A we used 30 MFCC’s while in Case B we used 13 MFCC but concatenated them with 13 velocity and 13 acceleration coefficients

298

K.K. Bhuvanagiri and S.K. Kopparapu

Fig. 2. Comparing ASR accuracies of both methods for different values of sampling factors (α)

Fig. 3. Sample log Filter bank outputs of original speech, and subsampled speech using the proposed Mel filter bank and the best Mel filter bank in [5]

to form a 39 dimensional feature vector. Recognition accuracies are shown in Table 2 on the 773 words in the 130 test speech files. It can be observed that the word recognition accuracies using the proposed Mel filter bank on subsampled speech is better that what has been proposed in [5] for all values of α and for both the Case A and the Case B. We also observe from Fig. 2 that proposed method is more robust, while accuracies rapidly fall in case of best method in [5] it gradually decreases in our case.

Recognition of Subsampled Speech Using a Modified Mel Filter Bank

299

The better performance of the proposed Mel filter bank in terms of recognition accuracies can be explained by looking at a sample filter bank output shown in Fig. 3. Filter bank output of the proposed Mel filter bank construct (red line ’+’) closely follow that of original speech Mel filter bank output (blue line ’x’), while even the best reported filter bank in [5] (shown in black line ’o’) shows a shift in the filter bank outputs.

4

Conclusion

The importance of this Mel filter bank design to extract MFCC of subsampled speech is apparent when there are available trained models for speech of one sampling frequency and the recognition has to be performed on subsampled speech without explicit creation of acoustic models for the subsampled speech. As a particular example, the work reported here can be used to recognize subsampled speech using acoustic (HMM or GMM) models generated using Desktop speech (usually 16 kHz). We proposed a modified Mel filter bank which enables extraction of MFCC from subsampled speech which correlated very well with the MFCC of the original sampled speech. We experimentally showed that the use of the modified Mel filter bank construct in MFCC computation of subsampled speech outperforms the Mel filter banks developed in [5]. This was demonstrated at two levels, namely, in terms of a correlation measure with the MFCC of the original speech and also through word recognition accuracies. Speech recognition accuracies for larger values of α can be improved by better approximating the missing Mel filter outputs using bandwidth expansion [6] techniques, which we would be addressing in our future work.

References 1. CMU: AN4 database, http://www.speech.cs.cmu.edu/databases/an4/ 2. CMU: Sphinx, http://www.speech.cs.cmu.edu/ 3. Davis, S.B., Mermelstein, P.: Comparison of parametric representations for monosyllabic word recognition in continuously spoken sentences. IEEE Trans. Acoust. Speech Signal Processing 28(4), 357–366 (1980) 4. Jun, Z., Kwong, S., Gang, W., Hong, Q.: Using Mel-frequency cepstral coefficients in missing data technique. EURASIP Journal on Applied Signal Processing 2004 (3), 340–346 (2004) 5. Kopparapu, S., Laxminarayana, M.: Choice of mel filter bank in computing mfcc of a resampled speech. In: 10th International Conference on Information Sciences Signal Processing and their Applications ISSPA, pp. 121–124 (May 2010) 6. kornagel, U.: Techniques for artificial bandwidth extension of telephone speech. Signal Processing 86(6) (June 2006) 7. Oppenheim, S.: Discrete Time Signal Processing. Prentice-Hall, Englewood Cliffs (1989) 8. Quatieri, T.F.: Discrete-time speech signal processing: Principles and practice, vol. II, pp. 686–713. Pearson Education, London (1989) 9. Reynolds, D.A., Rose, R.C.: Robust text-independent speaker identification using Gaussian mixture speaker models. IEEE Transactions on Speech and Audio Processing 3(1) (January 1995)

Tumor Detection in Brain Magnetic Resonance Images Using Modified Thresholding Techniques C.L. Biji1, D. Selvathi2, and Asha Panicker3 1

ECE Dept, Rajagiri School of Engineering & Technology, Kochi, India [email protected] 2 ECE Dept, Mepco Schlenk Engineering College, Sivakasi, India [email protected] 3 ECE Dept, Rajagiri School of Engineering & Technology, Kochi, India [email protected]

Abstract. Automated computerized image segmentation is very important for clinical research and diagnosis. The paper deals with two segmentation schemes namely Modified Fuzzy thresholding and Modified minimum error thresholding. The method includes the extraction of tumor along with suspected tumorized region which is followed by the morphological operation to remove the unwanted tissues. The performance measure of various segmentation schemes are comparatively analyzed based on segmentation efficiency and correspondence ratio. The automated method for segmentation of brain tumor tissue provides comparable accuracy to those of manual segmentation. Keywords: Segmentation; Magnetic resonance Imaging; Thresholding.

1 Introduction In medical image analysis, segmentation is an indispensable step in the processing. Image segmentation is the process of partitioning the image into meaningful sub regions or objects with the same attribution [6]. Brain tumor segmentation for magnetic resonance image (MRI) is a difficult task that involves image analysis based on intensity and shape [1, 4]. Due to the characteristics of the imaging modalities segmentation becomes a difficult but important problem in biomedical application. Manual segmentation is more difficult, time-consuming, and costlier than automated processing by a computer system. Hence, medical image segmentation scheme should posses some preferred properties such as fast computation, accurate and robust segmentation results [2, 3]. The proposed frame work employs with segmentation schemes viz. (i) Modified Fuzzy thresholding and (ii) Modified minimum error thresholding. The method includes two stages; initially the tumor along with suspected tumorized region is extracted using the segmentation scheme mentioned and which is followed by the morphological operation to remove the unwanted tissues. More over the segmentation schemes are comparatively analyzed based on the performance measure. The proposed A. Abraham et al. (Eds.): ACC 2011, Part IV, CCIS 193, pp. 300–308, 2011. © Springer-Verlag Berlin Heidelberg 2011

Tumor Detection in Brain Magnetic Resonance Images

301

automatic segmentation proves to be effective by its high segmentation efficiency and correspondence ratio. 1.1 Materials In this work, brain MR Images acquired on a 0.2 Tesla, Siemens–Magnetom CONCERTO MR scanner (siemens, AG medical solutions, Erlangen, Germany) are used. Axial, 2D, 5mm thick slice images, with a slice gap of 2mm were acquired with 246*512 acquisition matrix and with the field view of range 220mm to 250mm. In this work 30 abnormal patients are considered. For each patient a set of slices are selected by experts to provide the representative selection. Each brain slice consists of T1, T2 and T2 FLAIR weighted images. All T1 weighted images (TR/TE of 325550/8-12ms) were acquired using Spin Echo (SE) sequence. While T2 (TR/TE of 3500-10000/ 97-162ms) and T2-FLAIR (TR/TE of 3500-10000/89-162ms) weighted images were collected using Turbo Spin Echo (TSE) sequences.

2 Methodology Automated computerized image segmentation [20] is very important for clinical research and diagnosis. A wide variety of approaches [5,7] have been proposed for brain MR image segmentation which mainly relies on the prior definition of tumor boundary. The paper mainly aims to present new and sophisticated methods of automatically selecting a threshold value for segmentation. The general block diagram describing the proposed work is shown in Fig.1. Input MR Image

Segmentation Scheme

Post Processing

Output MR Image

Fig 1. General Block diagram for Tumor Extraction in Brain MR Images

The approximate tumor tissues in the brain MR images can be extracted by performing segmentation. Segmentation schemes employed in this work namely (i) Modified fuzzy thresholding and (ii) Modified minimum error thresholding. After the segmentation, the unwanted tissues can be removed by performing morphological operation [19]. Thus the post processing step merge the connected regions while removing some isolated non tumor regions 2.1 Modified Fuzzy Thresholding Fuzzy c means thresholding provides an efficient segmentation by considering all pixels with a membership value. In the classical Fuzzy C Means thresholding [12] the output threshold depends on the input threshold which has been arbitrarily fixed, hence in order to overcome the difficulties a proper initial threshold is encountered.

302

C.L. Biji, D. Selvathi, and A. Panicker

The parameter selected to have fuzziness is the gray level intensity values. The block diagram for the proposed method is displayed in Fig 2.

Input Image

Initial Threshold Selection

Fuzzy Cmeans Thresholding

Post Processing

Output Image

Fig. 2. Modified Fuzzy C Means Thresholding

The input initial threshold can be calculated using the formula

T = max⎛⎜⎜grayvalue⎞⎟⎟ / 2 ⎝

(1)

⎠

The extraction of tumor is carried out by performing fuzzy c means thresholding algorithm [14, 16] followed by hardening scheme. Fuzzy thresholding is an extension of fuzzy clustering for segmentation by considering the gray values alone as a feature. For fuzzy c-means thresholding the objective function to be minimized is given by 2 L −1 2 τ J = ∑ ∑ h μ ⎛⎜ j ⎞⎟ d ⎛⎜ j, v ⎞⎟ j i⎝ ⎠ ⎝ i⎠ i =1 j= 0

(2)

The objective function equation (2) can be iteratively minimized by computing the means with the equation (3) and updating the membership with equation (4) L ∑ v = i

j= 1 L ∑ j=1

μ

O

(j) =

μ j i

τ⎛ ⎞ ⎜ j⎟ ⎝ ⎠

h μ j i

τ⎛ ⎞ ⎜ j⎟ ⎝ ⎠

jh

(3)

1

(4)

2/(τ −1) ⎡ ⎛ ⎞⎤ ⎞ ⎛ 1+ ⎢d ⎜ j, v ⎟ /d ⎜ j, v ⎟⎥ ⎠ ⎝ ⎠ ⎝ 2 1 ⎣ ⎦

In order to remove the unwanted tissues, as post processing morphological erosion and dilation is carried. 2.3 Modified Minimum Error Thresholding The block diagram for the proposed frame work is given in Fig 3, Input MR Image

Pre Processing

Valley Point Removal

Minimum Error Thresholding

Post Processing

Fig. 3. Modified Minimum Error Thresholding

Output Image

Tumor Detection in Brain Magnetic Resonance Images

303

The preprocessing step provides a measure of local variation of intensity and is computed over a square neighborhood.

1 W2

⎧⎪ i +M j+ M 2 ⎤ ⎫⎪ 1 ⎡i+M j+M − I(k, l)⎥ ⎬ I ( k, l) ⎨∑ ∑ 2 ⎢∑ ∑ W ⎣i −M j−M ⎪⎩k =i −M j−M ⎦ ⎪⎭

(5)

As the internal local minimum can adversely affect the threshold selection the first valley point corresponding to background has to be suppressed [18]. The histogram provides a narrow peak corresponding to the background. Initially, two local maxima (peak) yj and yk are computed. The valley point can be obtained using

Vt = ( y j + y k )/2

(6)

After the valley point removal, threshold selection is carried out through minimum error thresholding algorithm ([14], [15]). Using this optimal threshold abnormal tissues are extracted. In order to remove the unwanted tissues after segmentation, morphological erosion and dilation is performed for improving the efficiency.

3 Results and Discussion The proposed methodology is applied to real datasets representing tumor images with different intensity, shapes, location and sizes. The effectiveness of proposed methodology is analyzed with the resultant average of T2 weighted and T2 FLAIR MR Images of size 512X320. The algorithms are implemented in Matlab 6.5 platform and are run on 3.0 GHZ, 512 MB RAM Pentium IV Personal Computer in Microsoft Windows operating system. Analysis is carried out for 30 different dataset. Defining the abnormal region can be useful for surgical planning and even for radiation therapy. The proposed methodology automatically extracts the tumor region and hence it largely assists the physicians. In this paper a comparative analysis of the two thresholding schemes have been tabulated. 3.1 Modified Fuzzy Thresholding The tumor extraction results obtained for four type data set is shown in the figure 4. The fuzzy threshold obtained through the algorithm for astrocytomas data set is 122, Glioma data set is 77, Metastas type data set is 103 and Meningiomas type is 95. 3.2 Modified Minimum Error Thresholding For Astrocytomas data set, inorder to get proper segmentation the first valley point is removed and first threshold valley point obtained is 19. The minimum error threshold

304

C.L. Biji, D. Selvathi, and A. Panicker

value obtained through the algorithm is 89 and for further improvement in result erosion and dilation is performed. For Gliomas type data set, inorder to get proper segmentation the first valley point is removed and first valley point obtained is 28. The minimum error threshold value obtained through the algorithm is 144 and for further improvement in result erosion and dilation is performed. For metastas type data set, Inorder to get proper segmentation the first valley point is removed and first valley point obtained is 34. The minimum error threshold value obtained through the algorithm is 110 and for further improvement in result erosion and dilation is performed. For meningiomas type data set inorder to get proper segmentation the first valley point is removed and first valley point obtained is 31. The minimum error threshold value obtained through the algorithm is 162 and for further improvement in result erosion and dilation is performed. The results obtained are shown in fig 5. Type Cancer

of

T2 Weighted

T2 Flair

Average

Fuzzy

Post

Image

Threshold

Processed

Image

Image

Astrocytomas

Glioma

Metastas

Meningiomas

Fig. 4. Result obtained for Modified Fuzzy Thresholding

Tumor Detection in Brain Magnetic Resonance Images

305

3.2 Performance Measure Quantitative measurement of segmentation criterions are performed based on segmentation efficiency (SE) and correspondence ratio (CR) [17]. Segmentation efficiency and Correspondence ratio are calculated in terms of true positive (TP), false positive (FP), ground truth area (GT) and false negative (FN) [18]. SE and CR can be defined as follows. The quantitative measures of both the schemes are given in the table1 and 2.

SE =

TP *100 GT

(4)

CR = [(TP - 0.5 * FP)/GT] * 100 Type of Cancer T2 Weighted T2 Flair

(5)

Average

Minimum

Post

Image

ErrorThreshod

Processed

Image

Image

Astrocytomas

Glioma

Metastas

Meningiomas

Fig. 5. Resultant Images for Modified Minimum Error Thresholding

306

C.L. Biji, D. Selvathi, and A. Panicker

Table 1. Performance measure of modified fuzzy thresholding

Tumor Type

Astrocytomas

Name Slice 1 Slice 2 Slice 3 Slice 4 Slice 5

Tumor Isolated 11779 14349 16709 16295 15957

TP 7984 11385 13125 13313 13291

FP 3795 2964 3584 2982 2666

GT 8048 11464 13139 13660 13994

FN 64 79 14 347 703

SE 99.20 99.310 99.89 97.45 94.97 98.16

CR 0.75 0.86 0.86 0.86 0.85 0.840

Tumor Isolated 12053 11775 7698 12804 15069

TP 4913 7201 6914 5924 4276

FP 7140 4574 784 6880 10793

GT 4937 7229 6923 5949 4319

FN 24 28 9 25 43

SE 99.51 99.61 99.87 99.57 99.00 99.51

CR 0.27 0.67 0.94 0.41 -0.25 0.41

Tumor Isolated 15135 17470 20001 20284 17119

TP 13307 13576 14777 17709 15555

FP 1828 3894 5224 2575 1564

GT 13518 13751 14924 18153 16466

FN 211 175 147 444 911

SE 98.43 98.72 99.01 97.55 94.46 97.64

CR 0.91 0.84 0.81 0.90 0.89 0.87

Tumor Isolated 43325 46048 43375 36850 49307

TP 12017 9806 8780 13807 10632

FP 31308 36242 34595 23043 38675

GT 12031 9806 8798 14157 10697

FN 14 0 18 350 65

SE 99.88 100 99.79 97.52 99.39 99.31

CR -0.30 -0.84 -0.96 0.16 -0.81 -0.55

Avg Name

Glioma

Slice 1 Slice 2 Slice 3 Slice 4 Slice 5

Avg Name

Metastas

Slice 1 Slice 2 Slice 3 Slice 4 Slice 5

Avg

Meningiomas

Name Slice 1 Slice 2 Slice 3 Slice 4 Slice 5

Avg

Tumor Detection in Brain Magnetic Resonance Images

307

Table 2. Performance measure of modified Minimum thresholding

Tumor Type Name Slice 1 Slice 2 Astrocytomas Slice 3 Slice 4 Slice 5

Tumor Isolated 9222 12726 14647 18494 16118

TP 7848 11329 13099 13602 13604

FP 1374 1397 1548 4892 2514

GT 8048 11464 13139 13660 13994

FN 200 135 40 58 390

Avg

Glioma

Name Slice 1 Slice 2 Slice 3 Slice 4 Slice 5

Metastas

Avg

CR 0.88 0.92 0.93 0.81 0.88 0.89

Tumor Isolated

TP

FP

GT

FN

SE

CR

5239 8143 7873 6454 4831

4804 7212 6918 5860 4177

435 931 955 594 654

4937 7229 6923 5949 4319

133 17 5 89 142

97.30 99.76 99.92 98.50 96.71 98.44

0.92 0.93 0.93 0.93 0.89 0.92

Tumor Isolated 5485 10353 14685 15044 19633

TP 3712 8907 13150 12968 14726

FP 1773 1446 1535 2076 4907

GT 3988 9616 13518 13751 14924

FN 276 709 368 783 198

SE 93.07 92.62 97.27 94.30 98.67 95.19

CR 0.70 0.85 0.91 0.86 0.82 0.83

Avg Name Slice 1 Slice 2 Slice 3 Slice 4 Slice 5

SE 97.51 98.82 99.69 99.57 97.21 98.56

Tumor Name Isolated TP FP GT FN SE CR Slice 1 3536 3016 520 12031 9015 25.068 0.22 Slice 2 2632 2383 249 9806 7423 24.30 0.23 1498 175 8798 7300 17.02 0.160 Meningiomas Slice 3 1673 Slice 4 2997 2746 251 14157 11411 19.39 0.18 Slice 5 3279 3129 150 10697 7568 29.25 0.28 Avg 23.01 0.218 From the quantitative analysis, it is observed that both the methods for comparable results.

4 Conclusion The paper presents two new approaches for automatic segmentation of tumors from MR images. The approaches shows promise in effectively segmenting different tumors with high segmentation efficiency correspondence ratio. A potential issue that is not handled by the proposed method is extraction of tumor if the intensity level is less. The method can further extended through clustering methodologies, which should been even suitable for Meningiomas type tumors.

Acknowledgement The author would like to thank S. Alagappan, Chief consultant Radiologist, Devaki MRI & CT scans, Madurai, INDIA for supplying all MR images.

308

C.L. Biji, D. Selvathi, and A. Panicker

References 1. Macovski, A., Meyer, C.H., Noll, D.C., Nishimura, D.G., Pauly, J.M.: A homogeneity correction method for magnetic resonance imaging with time-varying gradients. IEEE Trans. Med. Imaging 10(4), 629–637 (1991) 2. Clark, M.C., Goldgof, D.B., Hall, L.O., Murtagh, F.R., Sibiger, M.S., Velthuizen, R.: Automated tumor segmentation using knowledge based technique. IEEE Trans. on Medical Imaging 17(2), 238–251 (1998) 3. Lenvine, M., Shaheen, S.: A modular computer vision system for image segmentation. IEEE Trans. on Pattern Analysis and Machine Intelligence 3(5), 540–557 (1981) 4. Kichenassamy, S., Kumar, A., Oliver, P.J., Tannenbaum, A., Yezzi, A.: A geometric snake model for segmentation of medical imagery. IEEE Trans. on Medical Image Analysis 1(2), 91–108 (1996) 5. Sahoo, P.K., Soltani, S., Wong, A.K.C.: A survey of Thresholding Techniques. Computer Vision, Graphics, and Image Processing 41, 233–260 (1988) 6. Gonzalez, R.C., Woods, R.E.: Digital Image Processing, 2nd edn. Pearson Education, London (2002) 7. Illingworth, J., Kittler, J.: Threshold Selection based on a simple image statistic. Computer Vision, Graphics, and Image Processing 30, 125-147 (1985) 8. Yan, H., Zhu, Y.: Computerized Tumor Boundary Detection Using a Hopfield Neural Network. IEEE Transactions on Medical Imaging 16(1) (1997) 9. Gauthier, D., Wu, K., Levine, M.D.: Live Cell Image Segmentation. IEEE Transactions on Biomedical Engineering 42(1) (January 1995) 10. Calvard, S., Ridler, T.: Picture thresholding using an iterative selection method. IEEE Trans. Systems Man Cybernet. SMC-8, 630–632 (November 1978) 11. Biswas, P.K., Jawahar, C.V., Ray, A.K.: Investigations on Fuzzy thresholding Based on Fuzzy Clustering. Pattern Recognition 30(10), 1605–1613 (1997) 12. Ostu, N.: A threshold selection method from gray level histogram. IEEE Trans. System Man Cybernet. SMC-8, 62–66 (1978) 13. Kapur’s, J.N., Sahoo, P.K., Wong, A.K.C.: A new method for gray-level picture thresholding using the entropy of histograms. Computer Vision Graphics Image Process. 29, 273–285 (1985) 14. Illingworth, J., Kittler: Minimum Error thresholding. Pattern Recognition, 19(1), 41–47 (1985) 15. Danielsson, P.E., Ye, Q.Z.: On minimum error thresholding and its implementations. Pattern Recognition Letters 7, 201–206 (1988) 16. Cheng, H.-D., Freimanis, R.I., Lui, Y.M.: A novel Approach to Micro calcification Detection Using Fuzzy Logic Technique. IEEE Transactions on Medical Imaging 17(3), 442–450 (1998) 17. Mendelsohn, M.L., Prewitt, J.M.S.: The analysis of cell images. Ann. N. Y. Acad. Sci. 128, 1035–1053 (1966) 18. Goldgof, D.B., Hall, L.O., Fletcher-Heath, L.M., Murtagh, F.R.: Automatic Segmentation of non-enhancing brain tumors in magnetic resonance images. Artificial Intelligence in Medicine 21, 43–63 (2001) 19. Middleton, I., Damper, R.I.: Segmentation of MR Images Using a Combination of Neural networks and active contour models. Medical Engineering & Physics 26, 71–76 (2004) 20. Pradhan, N., Sinha, A.K.: Development of a composite feature vector for the detection of pathological and healthy tissues in FLAIR MR images of brain. ICGST-BIME Journal 10(1) (December 2010)

Generate Vision in Blind People Using Suitable Neuroprosthesis Implant of BIOMEMS in Brain B. Vivekavardhana Reddy1, Y.S. Kumara Swamy2, and N. Usha3 1

2

City Engineering College Bangalore Department Of MCA DYSCE, Bangalore 3 Department Of CSE, BGSIT Bangalore

Abstract. For Human beings, image processing occurs in the occipital lobe of the brain. The brain signals that are generated for the image processing is universal for all humans. Generally, the visually impaired people lose sight because of severe damage to only the eyes (natural photoreceptors) but the occipital lobe is still working. In this paper, we discuss a technique for generating partial vision to the blind by utilizing electrical photoreceptors to capture image, process the image using edge & motion detection adaptive VLSI network that works on the principle of bug fly’s visual system, convert it into digital data and wirelessly transmit it to a BioMEMS implanted into the occipital lobe of brain.

1 Introduction Since visually impaired people only have damaged eyes, their loss of sight is mainly because their natural photoreceptors (eyes) are unable to generate signals that excite the neurons in the occipital lobe of the brain. The temporal lobe in the human brain is responsible for the visual sensation. It is proved that the neurons of the occipital lobe in a blind patient are healthy and have the potential to create visual sensation if the required signals are fired to the neurons in that region. Thus here we are discussing a technique of transmitting visual data digitally into the occipital lobe of the brain by wireless means, in the brain a BioMEMS device is implanted to receive this wireless digital data. The visual data transmitted by external means into the brain is received by a Patch Antenna that is present on the BioMEMS device. This digital data tapped by the patch antenna is then converted into analog signal using a resistor controlled wein bridge oscillator. This analog signal obtained from the wein bridge oscillator is equivalent to the signals that are required by the occipital lobe neurons to create visual sensation in human beings. The visual sensation occurs in temporal lobe but the image processing in human beings is done in the occipital lobe of the brain. Our main agenda is to generate same image processing signals in blind peoples mind. The brain signals also referred to as “Visual Evoked Potential (VEP)” is obtained from EEG tests of normal people [3]. The whole Process carried out in EEG test is given in Fig 1a. The EEG signals obtained from normal people serve as a means of reference for us to design our system. An adaptive VLSI network is used to recognize the edges & motion, based on these a suitable decision to identify the edges is made. Fig 1b shows the block diagram of our system. A. Abraham et al. (Eds.): ACC 2011, Part IV, CCIS 193, pp. 309–317, 2011. © Springer-Verlag Berlin Heidelberg 2011

310

B.V. Reddy, Y.S.K. Swamy, and N. Usha

Fig. 1a. EEG electrode configuration

Fig. 1b. Block diagram of the system

2 Image Acquisition and Processing A 2-dimensional array of electrical photoreceptor cells are used in the system, this acts as the artificial eye that captures visual data. The image is focused onto the photoreceptor cell array. Each pixel is mapped on to the corresponding cell which is aligned in the straight line of sight. Each cell has a concave lens which allows only the light rays from straight line of sight pixel. Thus, pixel data is obtained on to the corresponding photoreceptor cell. The correlation between the adjacent cells is used to extract the edges. When an image is focused onto the photoreceptor cell array, the current induced due to the intensity variation is converted into voltage and then it will be sampled and hold for further analysis. The refresh time is made equal to the perception time of humans. Inspired by biological transduction, we shall assume that the primary goal of phototransduction is to compute image, contrast invariant to absolute illumination. We can think of the total intensity as a sum Igb+i of a steady state background component “I”. The contrast of the signal is as the ratio of i / Igb & the receptor response should be proportional to this ratio independent of Igb, at least for small ratios. The rationale for this assumption is that objects reflect a fixed amount of the light that hits them. The simplest logarithmic receptor that produces useful voltage

Generate Vision in Blind People Using Suitable Neuroprosthesis Implant of BIOMEMS

311

Fig. 2. Basic Cell of Pixel

Fig. 3. MOS Transistor Photoreceptor & Log Respons

range is shown in Figure 3, it consists of a MOS transistor where the source of the transistor forms the photodiode & channel forms the barrier that results in logarithmic response of intensity. Now this forms the basic photoreceptor cell. The number of electrons excited is dependent on the light intensity i.e. color Eg=nhv, the number of electrons emitted into the conduction band is dependent on wavelength of light hence on color, thus there is a small change in current/voltage when an edge is detected. The correlation between adjacent cells is extracted to detect edges; figure 4 shows a simplified 2 x 2 photoreceptor array & correlation between the adjacent cells. Usually spatial-temporal model is used for motion detection, but since we have to have a real time motion detection system, this model needs prediction of speed to induce delays, so this creates a problem. Hence so called “Template Model” proposed by G.A.Horridge [4] is used for motion detection.

312

B.V. Reddy, Y.S.K. Swamy, and N. Usha

Fig. 4. Correlation technique used for edge detection

3 Adaptive Network Using VLSI The adaptive network is used to generate signals equivalent to VEP, using the photoreceptor cells output. The adaptive network is used in 2 modes 1. Training Mode 2. Recognition Mode In training mode the training image is given to set the weights of the network. These weights are the optimum weights. In recognition mode, random images are given, and the network will adapt to recognize the new image. When circuit is in training mode, the photoreceptor output is given to the adaptive network; the output from each cell is given to a capacitor so that the desired response for a particular edge is obtained. This desired response is sampled and then compared with output of the network when it is operated in the recognition mode. In recognition mode the current obtained from the photoreceptor correlation is given to the input capacitor. It changes to a voltage Vgs peak then it produces a current (ac) “Ids peak” which is proportional to the transconductance gain “gm1”. The output from “n” amplifiers is added to get the weighted sum of the input. Then it is subtracted from the desired response to get the error for the particular network. This will be four to five networks for four basic edges say Circular, Square, Triangular, etc. similarly for motion there will be two to three networks. The error functions of these networks determine the edge or motion. Fig 5 shows the implementation circuit implementation using VLSI. The Network Adaptation Process: If the error is positive, the current pump circuit in figure 5 is selected and large current flows through input capacitor. If the error is negative then the current sink circuit in figure 5 is selected and then the error voltage controls the amount of current to sink. Thus, Ids of the transconductance amplifier is varied depending upon the error. After two cycles of weight adjustments, the adaptation stops. Depending upon the errors of all the networks the object, edge is recognized. The transconductance gain of the amplifier acts as weights (gm) gm=B (Vgs-Vl). The selection of particular digital value for the corresponding object based

Generate Vision in Blind People Using Suitable Neuroprosthesis Implant of BIOMEMS

313

on the errors of the adaptive network is shown in figure 6. After two cycles of adaptation process which ever has the minimum error, that particular edge network & motion network is dominant & the brain signal equivalent to that is generated. Figure 7 shows a method to select the minimum errors. In the circuit, the comparator values give the minimum error function of the four networks Ek1, Ek2, Ek3 and Ek4. Depending on these the digital values are selected that are obtained from the ADC of the VEP of the particular edge/motion.

Fig. 5. Adaptive Network designed in VLSI

Fig. 6. Selection of digital value for corresponding error

314

B.V. Reddy, Y.S.K. Swamy, and N. Usha

Fig. 7. Circuit to select minimum of errors

Fig. 8. Comparator values for all possibilities

4 Visual Evoked Potential The EEG test has shown that, for any visual evoked potential the response is of the order of microseconds and is divided into four regions of frequency as shown in figure 8. The gain of the weinbridge oscillator which has the same frequency as the VEP is altered in the four frequency regions to generate the particular brain signal. The digital values of the particular brain signal is stored in a 6 transistor Pseudo SRAM cell shown in figure 9, then depending on the digital values transmitted the gain of the oscillator in the given frequency is varied.

Fig. 9. EEG test signal with 4 frequency regions f1, f2, f3 and f4

Generate Vision in Blind People Using Suitable Neuroprosthesis Implant of BIOMEMS

315

Wireless Digital Data Communication: The digital data from the Pseudo SRAM cell will now have to be transmitted to the BioMEMS that is implanted inside the patient’s brain. To establish this communication link we need to use wireless technology. The data from the SRAM cell is transmitted using a wireless patch antenna operated at 300MHz frequency. Also, there will be one more patch antenna, meant only for receiving data, is embedded on the surface of the BioMEMS device. This patch antenna is tuned to operate in the band or around 300MHz. The digital data has to be encoded, because the resistance values must have different resonant frequencies so that the particular resistance is selected. This is achieved by having a Voltage Controlled Oscillator [8] V.C.O in which, the frequency is dependent on the magnitude of the applied voltage.

Fig. 10. Pseudo SRAM Memory cell to store and transmit data

BioMEMS: The BioMEMS [9] is implanted into the blind person’s occipital lobe. It contains 5 parts namely: 1. Patch Antenna Receiver, 2. Resistor Controlled Schmitt trigger and double integrator and 3. Demultiplexing Circuit and 4. A 4 x 4 silicon platinum Electrode Array. The patch antenna receiver receives the digital encoded data wirelessly. The gain controlled scmitt trigger generates signals depending upon the received digital encoded data from the receiver antenna. The resistors in the ciccuits as shown in fig11 is controlled through the resistors are implemented using ujt and the rlc circit is used to tune the resistor to a particular frequency and hence control the selection of the resistor of double integrator circuit shown in figure 11, the output voltage of the oscillator is controlled by the resistor network. Thus signal corresponding to only the transmitted digital data. As explained above the VEP is sum of the potential of neuron firing. Hence the signal generated by the wein bridge oscillator has to be demultiplexed and then apply the voltage signals to the neurons. Figure 14 shows the Demultiplexer circuit used to demultiplex the signals and apply the same to the electrode array.

316

B.V. Reddy, Y.S.K. Swamy, and N. Usha

Fig. 11. Simulated circuit of Schmitt trigger and dual integrator Gain Controller Circuit that should be incorporated on BioMEMS

Fig. 12. Simulation results

Thus, the demultiplexer is used to drive voltages of the electrodes that are placed on the neurons. The silicon material is used to create the 4 x 4 electrode array; we used this material because of the biocompatibility of silicon for BioMEMS application [10].The simulated results are as shown in fig12.The output of the first integrator is triangular and the output of the second integrator is sine wave. Since ujt

Generate Vision in Blind People Using Suitable Neuroprosthesis Implant of BIOMEMS

317

and micro strip antenna is not available in multisim. Resistors are controlled using switching MOSFET. This is also shown in figure 12.

4 Conclusion A technology to enable partial vision in visual impaired people is discussed here. Since majority of the blind people have the occipital lobe healthy, we are using new technologies to artificially excite brain neurons, like using a BioMEMS 4 x 4 electrode arrays that is precisely firing the neurons with required brain signals. The brain signals are generated using VLSI circuits, the VLSI circuit processes an image captured by electrical photoreceptors for this purpose. The EEG signal is known to be the summation of the individual neuron firing. So the output generated from the gain control circuit is given to demultiplexer the frequency of the clock is twice as the frequency of the output. The demultiplexed output is given to the respective MEMS electrode .This information is got from the EEG electrode configuration.

References 1. Yakovleff, A.J.S., Moini, A.: Motion Perception using Analog VLSI. Analog Integrated Circuits & Signal Processing 15(2), 183–200 (1998) ISSN:0925-1030 2. Mojarradi, M.: Miniaturized Neuroprosthesis Suitable for Implantation into Brain. IEEE Transaction on Neural Systems & Rehabilitation Engineering (March 2003) 3. Rangayanan, R.M.: Visual Evoked Potential ”Biomedical Signal Processing Analysis. A Case Study Approach”. IEEE Press, Los Alamitos 4. Sobey, P.J., Horridge, G.A.: Implementation of Template Model For Vision. Proc. R. Soc. Lond. B 240(1298), 211–229 (1990), doi:10.1098/rspb.1990.0035 5. Nguyen, C.T.-C.: MEMS Technology for Timing and Frequency Control. Dept. of Electrical Engineering and Computer Science 6. Schmidt, S., Horch, K., Normann, R.: Biocompatibility of silicon-based electrode arrays implanted in feline cortical tissue. Journal of Biomedical Materials Research (November 1993)

Undecimated Wavelet Packet for Blind Speech Separation Using Independent Component Analysis Ibrahim Missaoui1 and Zied Lachiri1,2

2

1 National School of Engineers of Tunis, BP. 37 Le Belv´ed`ere, 1002 Tunis, Tunisia [email protected] National Institute of Applied Science and Technology INSAT, BP 676 centre urbain cedex, Tunis, Tunisia [email protected]

Abstract. This paper addresses the problem of multi-channel blind speech separation in the instantaneous mixture case. We propose a new blind speech separation system which combines independent component analysis approach and the undecimated wavelet packet decomposition. The idea behind employing undecimated wavelet as a preprocessing step is to improve the non-Gaussianity distribution of independent components which is a pre-requirement for ICA and to increase their independency. The two observed signals are transformed using undecimated wavelet and Shannon entropy criterion into an adequate representation and perform then a preliminary separation. Finally, the separation task is done in time domain. Obtained results show that the proposed method gives a considerable improvement when compared with FastICA and other techniques. Keywords: Undecimated wavelet packet decomposition, independent component analysis, blind speech separation.

1

Introduction

The human auditory system has a remarkable ability to separate the target sounds emitted from different sources. However, it is very difficult to replicate this functionality in their machine counterparts. This challenging known as cocktail-party problem has been investigated and studied by many researchers in the last decades [20]. The blind source separation (BSS) is a technique for recovering a set of the source signals from their mixture signals without exploring any knowledge about the source signals and the mixing channel. Among the solutions to BSS problem independent component analysis (ICA) approach is one of the popular BSS methods are often used inherently with them. The ICA is a statistical and computational technique in which the goal is to find a linear projection of the data A. Abraham et al. (Eds.): ACC 2011, Part IV, CCIS 193, pp. 318–328, 2011. c Springer-Verlag Berlin Heidelberg 2011 

Undecimated Wavelet Packet for Blind Speech Separation

319

where the source signals or components are statistically independent or as independent as possible [17]. In the instantaneous blind separation, many algorithms have been developed using this approach [19] such as ICA based on the mutual information minimization [2,27], maximization of non-Gaussianity [1,6,4] and maximization of likelihood [3,12]. To perform the blind separation task, the ICA approach can use the second or higher-order statistics. For instance, SOBI [13] is the Second order blind identification algorithm which extract the estimated signals by applying a joint diagonalization of a set of covariance matrix. Similarly, the Jade algorithm is introduced in [10] based on higher-order statistics and use a Jacobi technique in order to performed a joint diagonalization of the cumulant matrices. Some approach combines the ICA algorithm with another technique. For instance, the geometric information [29]and the subband decomposition [24] can be used in combination with ICA. In [5], the mixture is decomposed using the discrete wavelet transform and then the separation step is performed in each sub band. The approach proposed in [22,25] employed the wavelet transform as the preprocessing step and the separation task is then done in time domain. In this paper, we propose a blind separation system to extract the speech signals from their observed signals in the instantaneous case. The proposed system use undecimated wavelet packet decomposition [9] for the transformation of the two mixtures signals into adequate representation to emphasize the non-Gaussian nature of mixture signals which pre-requirement for ICA and then performed a preliminary separation [22,25,23]. Finally, the separation task is carried out in time domain. The rest of the paper is organized as follows. After the introduction, the section 2 introduces the blind speech separation problem and describes the FastICA algorithm used in the proposed method. In section 3, undecimated wavelet packet decomposition is presented. Then in section 4, the proposed method is described. Section 5 exposes the experimental results. Finally, Section 6 concludes and gives a perspective of our work.

2

Blind Speech Separation

In this section, we formulate and describe the problem of blind speech separation by focusing mainly on the ICA approach. 2.1

Problem Formulation

The main task of the blind speech separation problem is to extract the original speech signals from their observed mixtures without reference to any prior information on the sources signals or the observed signals under the assumption that the source signals are statistically. The observed signals contain a different combination of the source signals. This mixing model can be represented in the instantaneous case where the number of mixtures signals equal that of source signals by: X(t) = AS(t) . (1)

320

I. Missaoui and Z. Lachiri

Where X(t) = [x1 (t) .. xn (t)]T is a vector of mixture signals, S(t) = [s1 (t) .. sn (t)]T is the unknown vector of sources signals and A is the unknown mixing matrix having as dimension (n  n). The Independent component analysis is a statistic method of BSS technique, which tends to solve this problem by exploiting the assumption of independence of the source signals. This method consist to find the separating matrix known as unmixing matrix W = A−1 , whose used to recover the original independent components as Y = W X. Their principle can be depicted by figure 1. The key idea is to maximize the non-Gaussianity for attempting to make the sources as statistically independent as possible under some fundamental assumptions  (i.e. the sources) are and certain restrictions [17]: The components si (t) of S(t) assumed to be statistically independent with non-gaussian distribution. In order to measure the non gaussianity or independence, the ICA approach exploits the high-order statistics and information-theoretic criteria such as the kurtosis or differential entropy called negentropy [17]. FastICA algorithm [6,17], which based on negentropy, is one of the most popular algorithms performing independent component analysis.

Fig. 1. Principle of ICA

2.2

FastICA Algorithm

The FastICA is one of an efficient algorithm which performs the ICA approach. It realizes the blind separation task by using a point iteration scheme in order to find maximum of the non-Gaussianity of projected component. The non gaussianity can be measured through the value of negentropy which defined as the differential entropy: J(y) = H(ygauss ) − H(y) . (2) Where H(y) represents the differential entropy of y and it is computed as fallows:  H(y) = − f (y) log(f (y))dy . (3) The negentropy can be considered as the optimal measure of the gaussianity. However, it is difficult to estimate the true negentropy. Thus, several approximations are used and developed such the one developed by Aapo Hyvarinen et al [6,17]:

Undecimated Wavelet Packet for Blind Speech Separation

J(y) =

p 

ki (E[gi (y)] − E[gi (v)])2 .

321

(4)

i=1

where ki , gi and v are respectively positive constants, the non quadratic functions and Gaussian random variable. The fundamental fixed-point iteration is performed by using the following expression: i g(WiT X i )} − E{g  (WiT X i )} Wi . Wi (k) ← E{X

(5)

where g is the contrast function and g  is its derivative.

3 3.1

Undecimated Wavelet Packet Wavelet Transform

Wavelet transform (WT) is introduced as a time frequency analysis approach which leads a new way to represent the signal into a linear powerful representation [14,21]. In addition, the discrete wavelet transform (DWT) has been developed. It decomposes signals into approximation and details followed by decimators after each filtering. However, the DWT is not translation invariant [21]. In order to provide a denser approximation and overcome this drawback, the undecimated wavelet transform (UWT) has been introduced. In which, no decimation is performed after each filtering step, so that every both approximate and detail signal have the same size which equal to that of the analyzed signal. The UWT was invented several times with different names as algorithm a` trous (algorithm with holes) [8], shiftinvariant DWT [26] and redundant wavelet transform [7]. The UWPT is developed in the same way and computed in a similar manner as the wavelet packet transform except that the downsampling operation after each filtering step is suppressed. 3.2

The Undecimated Wavelet Packet

In our BSS system, we use the undecimated wavelet packet decomposition using Daubechies4 (db4) of an 8 kHz speech signal. This decomposition tree structure consists of five levels and it is adjusted in order to accords critical band characteristics. The sample rate of speech signal used in this work is 8 Khz which leads a bandwidth of 4 kHz. Therefore, the audible frequency range can be approximate with 17 critical bands (barks) as shown in Table 1. The tree structure of undecimated wavelet packet decomposition is obtained according to this results critical bandwidths [9]. It is depicted in figure 2, The frequency bandwidth for each node of the UWPD tree is computed by the following equation: cbw(i, j) = 2−j (Fs − 1) .

(6)

Where i = (0, 1, .., 5) and j = (0, .., 2−j − 1) are respectively the number of levels and the position of the node and Fs is the sampling frequency.

322

I. Missaoui and Z. Lachiri Table 1. Critical-band characteristics Critical bands Center frequency Critical bandwidth (barks) (Hz) (CBW) (Hz) 1 50 100 2 150 100 3 250 100 4 350 100 5 450 110 6 570 120 7 700 140 8 840 150 9 1000 160 10 1170 190 11 1370 210 12 1600 240 13 1850 280 14 2500 320 15 2150 380 16 2900 450 17 3400 550

4

The Proposed Method

The idea behind employing wavelet transform as a preprocessing step is to improve the non-Gaussianity distribution of independent components that is a pre-requirement for ICA and to increase their independency [22,25]. Inspired from this idea, we propose a new blind separation system, in the instantaneous mixture case, to extract the speech signals of two-speakers from two speech mixtures. The proposed system use the undecimated wavelet packet decomposition for transformed the two mixtures signals into adequate representation to emphasize the non-Gaussian nature of mixture signals. The UWPD tree is chosen according to critical bands of psycho-acoustic model of human auditory system. The results signals are used to estimate the unmixed matrix W using the FastICA algorithm [6]. The separation task is then done in the time domain. Our speech separation system, shown in figure 3, contains two modules shown in dotted boxes. The first module (Preprocessing Module) consists to extract appropriate signals from the observed signals to improve the source separation task. The second module (Separation module) performs the source separation using FastICA algorithm [6]. The Description for each module is given bellow. 4.1

Preprocessing Module

The first module corresponds to the preprocessing step that decomposes the observed signals using a perceptual filter bank. This filterbank is designed by

Undecimated Wavelet Packet for Blind Speech Separation

323

Fig. 2. The CB-UWPD tree and its corresponding frequency bandwidths (perceptual filterbank)

adjusting undecimated wavelet packet decomposition tree, according to critical band characteristics of psycho-acoustic model [9]. Each result coefficients of the two mixtures can be viewed as an appropriate signal. Thus, we have many possibilities in the choice of the best coefficients. In order to increase the non Gaussianity of the signals that is a pre-requirement for ICA, we need to find the best coefficients which improves the source separation task. The coefficients selection is done by using Shannon entropy criterion [22,25,15]. The following steps summarize the procedure of the selection algorithm: Step 1: Decompose each mixture signals into undecimated wavelet packet. Step 2: Calculate the entropy of each node Cj,k of UWPD tree. Step 3: Select the node which has the lowest entropy. The Shannon entropy is computed for each node (j, k) as follow:  H(j, k) = − pi log(pi ) . Where pi =

Cj,k (i) . X(k)2

(7)

(8)

324

I. Missaoui and Z. Lachiri

Fig. 3. The framework of proposed speech separation system

With Cj,k are the UWPD coefficients and X is the mixture signal. 4.2

Separation Module

In this module, the separation task in done and can be devised into two steps, the first one consists on generating the unmixing matrix W using the FastICA algorithm [6]. This step uses the result signals of the previous module as new inputs of FastICA. The two input signals correspond to the UWPD coefficients having the lowest entropy. The second step consists on extracting the estimated speech signals using the matrix W and taking into account the original mixtures signals.

5

Results and Evaluation

In this section, we illustrate the performance of our system described in the previous section. We use TIMIT database which formed by a total of 6300 speech signals. These signals are formed by 10 sentences spoken by each of 630 speakers. The latter are chosen from 8 major dialect regions of the United States [28]. The speech signals taken are resampled to 8 kHz. We consider in this work the instantaneous case with two mixture signals composed of two speech signals. The observed signals are generated, artificially, using the following mixing matrix:   21 . (9) A= 11

Undecimated Wavelet Packet for Blind Speech Separation

325

To evaluate our system, we use different performance metrics such as the blind separation performance measures introduced in BSS EVAL [11,30], including various numerical measures of BSS performance. We exploit in this work, the Signal to Interference Ratio (SIR) and Signal to Distortion Ratio (SDR) measures. To generate these measures, the estimated signals si (n) must be decomposed into the following component sum: si (n) = starget (n) + einterf (n) + eartef act (n) .

(10)

where starget (n), einterf (n) and eartef act are, respectively, an allowed deformation of the target source si (n),an allowed deformation of the sources which takes account of the interference of the unwanted sources and an artifact term which represents the artifacts produced by the separation algorithm. Then, the SIR and SDR ration are computed using the last decomposition as: starget (n)2 . einterf (n)2

(11)

starget (n)2 . einterf (n)2 + eartef act (n)2

(12)

SIR = 20 log

SDR = 20 log

In order to evaluate the quality of the estimated speech signals, the segmental and overalla Signal to Noise ration are used. In addition, a subjective test is done using perceptual evaluation of speech quality PESQ, which is an objective method, defined in the ITU-T P.862 standard [16]. The PESQ measure is a score comprise between 0.5 and 5 db and equivalents to the subjective ”Mean Opinion Score”. The experiment results of our proposed system has been compared to that of FastICA algorithm [6], described in section 2, and two well-known algorithms SOBI [13] and Jade [10]. The obtained results are summarized in four tables. The table 2 presents the BSS evaluation, including SIR and SDR ration, obtained after separation task by proposed method, SOBI, Jade and FastICA. We observed that the SIR ≈ SDR and their values for the proposed method is improved compared to FastICA. The SIR average is 55.93 db for the proposed method, 48.03db for FastICA, 50.17 db for Jade and 26.60 db for SOBI. Table 3 and 4 illustrates segmental SNR and overall SNR. We can see that the estimated signals obtained by our method have better values than that of the other methods. for instance, we have obtained overall SNR improvement of 9 db compared with FastICA. To measure the speech quality of the estimated signals, the BSS evaluation measures is reported in terms of PESQ. As depicted in table 5, the proposed

326

I. Missaoui and Z. Lachiri

Table 2. Comparison of SIR and SDR using SOBI, Jade, FastICA and proposed Method (PM)

SIR(Signal 1) SIR(Signal 2) SDR(Signal 1) SDR(Signal 2) Average

SOBI Jade FastICA PM 26.92 54.72 44.39 51.11 26.29 45.63 51.68 60.75 26.92 54.72 44.39 51.11 26.29 45.63 51.68 60.75 26.60 50.17 48.03 55.93

Table 3. Comparison of segmental SNR using Sobi, Jade, FastICA and proposed Method (PM) SOBI Jade FastICA PM Seg SNR (Signal 1) 22.58 33.56 30.79 32.79 Seg SNR (Signal 2) 20.47 29.40 31.15 33.03 Table 4. Comparison of Overall SNR using Sobi, Jade, FastICA and proposed Method (PM) SOBI Jade FastICA PM Overall SNR (Signal 1) 26.92 54.72 44.39 51.11 Overall SNR (Signal 2) 26.29 45.63 51.68 60.75 Table 5. Comparison PESQ using SOBI, Jade, FastICA and proposed Method (PM) SOBI Jade FastICA PM PESQ (Signal 1) 2.58 3.29 3.25 3.29 PESQ (Signal 2) 3.45 4.14 4.27 4.38

method is still more effective in terms of perceptual quality than FastICA and the other techniques.

6

Conclusion

In this work, we have proposed a novel blind speech separation approach to separate two sources in the instantaneous case. This approach is based on undecimated wavelet packet transform and ICA algorithm. We employed the undecimated wavelet packet and used Shannon entropy criteria in order to increase the non gaussianity of observed signals. The results signals are used as new inputs of ICA algorithm to estimate the unmixing matrix which was employed to separate the speech signals in time domain. The experimental results of this hybrid undecimated wavelet packet-ICA show that the proposed approach yields a better separation performance compared to similar techniques.

Undecimated Wavelet Packet for Blind Speech Separation

327

References 1. Comon, P.: Independent component analysis: A new concept? Signal Processing 36(3), 287–314 (1994) 2. Bell, A.J., Sejnowski, T.J.: An information maximization approach to blind separation and blind deconvolution. Neural Computation 7, 1004–1034 (1995) 3. Cardoso, J.F.: Infomax and maximum likelihood for blind separation. IEEE Signal Processing Letters 4, 112–114 (1997) 4. Wang, F.S., Li, H.W., Li, R.: Novel NonGaussianity Measure Based BSS Algorithm for Dependent Signals. In: Dong, G., Lin, X., Wang, W., Yang, Y., Yu, J.X. (eds.) APWeb/WAIM 2007. LNCS, vol. 4505, pp. 837–844. Springer, Heidelberg (2007) 5. Xiao, W., Jingjing, H., Shijiu, J., Antao, X., Weikui, W.: Blind separation of speech signals based on wavelet transform and independent component analysis. Transactions of Tianjin University 16(2), 123–128 (2010) 6. Hyv¨ arine, A.: Fast and robust fixed-point algorithms for independent component analysis. IEEE Transactions on Neural Networks 10(3), 626–634 (1999) 7. Fowler, J.: The redundant discrete wavelet transform and additive noise. IEEE Signal Processing Letters 12(9), 629–632 (2005) 8. Shensa, M.: The discrete wavelet transform: Wedding the ` a trous and Mallat algorithms. IEEE Trans. Signal Processing 40(10), 2464–2482 (1992) 9. Tasmaz, H., Ercelebi, E.: Speech enhancement based on undecimated wavelet packet-perceptual filterbanks and MMSE-STSA estimation in various noise environments. Digital Signal Processing 18(5), 797–812 (2008) 10. Cardoso, J.F.: Higher-order contrasts for independent component analysis. Neural Computation 11, 157–192 (1999) 11. Vincent, E., Gribonval, R., Fevotte, C.: Performance Measurement in Blind Audio Source Separation. IEEE Transactions on Audio, Speech, and Language Processing 14(4), 1462–1469 (2006) 12. Chien, J.T., Chen, B.C.: A New Independent Component Analysis for Speech Recognition and Separation. IEEE Transactions on Audio, Speech and Language Processing 14(4), 1245–1254 (2006) 13. Belouchrani, A., Abed-Meraim, K., Cardoso, J.F., Moulines, E.: A blind source separation technique using second order statistics. IEEE Trans. Signal Processing 45, 434–444 (1997) 14. Gargour, C., Abrea, M., Ramachandran, V., Lina, J.M.: A short introduction to wavelets and their applications. IEEE Circuits and Systems Magazine 9(2), 57–58 (2009) 15. Coifman, R., Wickerhausser, M.: Entropy-based algorithms for best-basis selection. IEEE Transactions on Information Theory 38, 713–718 (1992) 16. ITU-T P.862, Perceptual evaluation of speech quality (PESQ), an objective method for end-to-end speech quality assessment of narrow-band telephone networks and speech codecs. International Telecommunication Union, Geneva (2001) 17. Hyv¨ arinen, A., Karhunen, J., Oja, E.: Independent Component Analysis. Wiley Interscience, New York (2001) 18. Wang, L., Brown, G.J.: Computational Auditory Scene Analysis: Principles, Algorithms, and Applications. Wiley/IEEE Press, Hoboken, NJ (2006) 19. Haykin, S.: Neural Networks and Learning Machines, 3rd edn. Prentice-Hall, Englewood Cliffs (2008) 20. Cichocki, A., Amari, S.: Adaptive Blind Signal and Adaptive Blind Signal and Image Processing. John Wiley and Sons, New York (2002)

328

I. Missaoui and Z. Lachiri

21. Mallat: A Wavelet Tour of Signal Processing: The Sparse Way, 3rd edn. Academic Press, London (2008) 22. Moussaoui, R., Rouat, J., Lefebvre, R.: Wavelet Based Independent Component Analysis for Multi-Channel Source Separation. In: IEEE International Conference on Acoustics, Speech and Signal Processing, pp. 645–648 (2006) 23. Usman, K., Juzoji, H., Nakajima, I., Sadiq, M.A.: A study of increasing the speed of the independent component analysis (lCA) using wavelet technique. In: Proc. International Workshop on Enterprise Networking and Computing in Healthcare Industry, pp. 73–75 (2004) 24. Tanaka, T., Cichocki, A.: Subband decomposition independent component analysis and new performance criteria. In: IEEE International Conference on Acoustics, Speech and Signal Processing, pp. 541–544 (2004) 25. Mirarab, M.R., Sobhani, M.A., Nasiri, A.A.: A New Wavelet Based Blind Audio Source Separation Using Kurtosis. In: International Conference on Advanced Computer Theory and Engineering (2010) 26. Walden, A.T., Contreras, C.: The phase-corrected undecimated discrete wavelet packet transform and its application to interpreting the timing of events. Proceedings of the Royal Society of London, 2243–2266 (1998) 27. Chien, J.T., Hsieh, H.L., Furui, S.: A new mutual information measure for independent component alalysis. In: IEEE International Conference on Acoustics, Speech and Signal Processing, pp. 1817–1820 (2008) 28. Fisher, W., Dodington, G., Goudie-Marshall, K.: The TIMIT-DARPA speech recognition research database: Specification and status. In: DARPA Workshop on Speech Recognition (1986) 29. Zhang, W., Rao, B.D.: Combining Independent Component Analysis with Geometric Information and its Application to Speech Processing. In: IEEE International Conference on Acoustics, Speech, and Signal Processing (2009) 30. Fevotte, C., Gribonval, R., Vincent, E.: BSS EVAL toolbox user guide, IRISA, Rennes, France, Technical Report 1706 (2005)

A Robust Framework for Multi-object Tracking Anand Singh Jalal and Vrijendra Singh Indian Institute of Information Technology, Allahabad, India [email protected], [email protected]

Abstract. Tracking multiple objects in a scenario exhibit complex interaction is very challenging. In this work, we propose a framework for multi-object tracking in complex wavelet domain to resolve the challenges occurred due to incidents of occlusion and split. A scheme exploiting the spatial and appearance information is used to detect and correct the occlusion and split state. Experimental results illustrate the effectiveness and robustness of the proposed framework in ambiguous situations in several indoor and outdoor video sequences.

1 Introduction There are a sheer number of applications where visual object tracking becomes an essential component. These applications include surveillance system to know the suspicious activity, sport video analysis to extract highlights, traffic monitoring and human computer interaction to assist visually challenged people. Even the performance of high level event analysis is highly depends on the accuracy of an object tracking method. Multi-object tracking is one of the most challenging problems in computer vision. The challenges are due to change in appearance of the objects, occlusion of objects and splitting of object. Occlusion occurs either due to one object is occluded by another object or an object is occluded by some component of the background. Split may occur due to merged object or because of errors in the segmentation method. An error in the split may mislead the tracker. A good multi-object tracking method should be able to detect changing numbers of objects in the scene, adding and removing objects and also able to handle both occlusion and split events. Kalman filtering is an efficient solution to track multiple objects [1]. However mistakes become more frequent and are difficult to correct as the number of objects increases. The problem can be solved using particle filtering by exploiting the multiple hypotheses [2]. In [3], the author formulates the multi-object tracking as a Bayesian network inference problem and explores this approach to track multiple players. In [4], the author proposed a probabilistic framework based on HMM to describe a multiple object trajectory tracking. The framework was able to track unknown number of multiple objects. The association problem has been represented as a bipartite graph in [5]. A method was proposed to maintain hypotheses for multiple associations. They also resolved the problem of objects entering and exiting, and handled the error due to merging and splitting objects. However, particle filterbased tracking algorithms having not enough samples that are statistically significant A. Abraham et al. (Eds.): ACC 2011, Part IV, CCIS 193, pp. 329–338, 2011. © Springer-Verlag Berlin Heidelberg 2011

330

A.S. Jalal and V. Singh

modes, faced difficulty to track multiple objects. They are only capable to handle partial short duration occlusion. In recent years a number of approaches are proposed in the literature to resolve the issues of multi-object tracking [6,7,8]. However, these methods are failed when the objects suddenly disappears or change its direction or in case of similar colored/textured objects. This paper describes a multi-resolution tracking framework using Daubechies complex wavelet transform. Due to its approximate shift invariant and noise resilience nature Daubechies complex wavelet transform based method provides efficiency and robustness to the tracking system in varying real-life environment and even in the presence of noise [9]. Also the wavelet transform has an inherent multi-resolution nature that provides a rich and robust representation of an object. A multi-resolution approach employs opportunity to perform tracking at high resolution when we require accurate estimation of object state e.g. confusion due to occlusion, while tracking at lower spatial resolution at other times. Therefore, in the proposed approach we exploit the high resolution to gain more discriminative power to object model, whereas all other tasks are performed at low resolution. The proposed algorithm exploits a correspondence establishment approach similar to that presented in [6], but with a different distance measure and different appearance model based on Daubechies complex wavelet coefficients. The proposed approach encompasses the principle of object permanence to handle the occlusion occurred due to a background object such as an electric pole or a tree. Object permanence is defined as the ability of an infant to understand the existence of a hidden moving object [10]. The remaining part of the paper is organized as follows. Section 2 gives an overview of the proposed framework. Section 3 presents the proposed multi-object tracking approach and discusses how to handle the occlusion and split problems in multi-object scenario. Section 4 contains results over real world video sequences, and finally, Section 5 concludes and discusses the open issues for future research.

2 Proposed Framework Wavelet domain provides a framework to view and process image at multiple resolutions [11]. We have used Daubechies complex wavelet transform (CxWT), as it is approximately shift-invariant and has better directional information with respect to real DWT. The details of CxWT can be found in [12]. The proposed framework is broadly subdivided into two components: 1) moving object extraction using background subtraction 2) muti-object tracking using occlusion reasoning. Fig. 2 illustrates the block diagram of the proposed framework, which is self explanatory. From the block diagram it is clear that all the tasks are performed in complex wavelet domain. The first component of the proposed framework consists of a simple and effective background modelling and subtraction method, in which a background model is extracted initially by a training stage. Background subtraction is then performed to extract moving foreground pixels in the current frame using a single Gaussian method in wavelet domain [13]. An area thresholding method is incorporated to remove the

A Robust Framework for Multi-object Tracking

331

false detections. The background is updated using the feedback of classification results of the extracted moving objects. Morphological operators are then applied for further smoothing of the moving object. The second component is the tracking module, which uses a correspondence process to associate each foreground object with one of the existing tracked object. However, this task becomes challenging even in the simple case of partial occlusions. Therefore, in the proposed method we are exploiting the spatial and appearance information of object to handle object occlusion and object split problem. In the proposed framework we compute appearance model at a high resolution (lower level) to gain more discriminative power for object model, whereas other tasks like background modelling and subtraction, shadow suppression and correspondence establishment are performed at low resolution (higher level). By performing most of the task at low resolution, we have attained high immunity to noise and also reduced the computations.

Complex Wavelet Transform

Frame Capture

Background Modelling

N Last Frame ?

Update Objects Database

Background Subtraction

Morphological analysis Extract Moving Objects

Y Finish Tracking

Compute feature vector for candidate objects

Multi-Object Tracking Occlusion Analysis

Correspondence Establishment

Multi-Object Tracking

Fig. 2. The proposed multi-object tracking framework

3 Multi-object Tracking Mutli-object tracking algorithms should be able to establish unique correspondences between objects in each frame of a video. The first component of the proposed framework detects foreground pixels and form isolated regions of connected foreground pixels, which are called blobs. The next task is to establish a correspondence between object instances over frames. The proposed framework is capable to track any number of objects without any prior information about the object modelling.

332

A.S. Jalal and V. Singh

3.1 Object Appearance Modelling Object modelling can be defined as finding an appropriate visual description that makes the object distinguish from other objects and background. In the proposed method, each object is characterised with it’s spatial layout and appearance. A histogram of wavelet coefficients is used to model the object appearance. Since in the tracking process, usually the boundary points of object are prone to error due to occlusion or interference from the background. So we used Epanechinikov kernel function to smooth the probability density function, which assign lower weights to pixels farther from the centre [14]. This improves the robustness of the object model, by diminishing the influence of boundary clutter. The histogram of a target can be computed as:

p = { pk ; k = 1: K} Where K represents the number of histogram bins. For each bin the discrete probabilities are formulated as: M

(

)

pk = CN ∑ g E || xa ||2 δ ( b( xa ) − k ) a =1

Where CN is a normalization constant required to ensure that ∑ kK=1 pk = 1, δ the

kronecker delta, { xa ; a = a : M } the pixel location, M is the number of target pixels, and b( xa ) a function that makes a correspondence between the given pixel value and its analogous histogram bin. The symbol g E ( x) represents an isotropic kernel having a convex and monotonic profile. In order to make the appearance model more discriminative, we used complex wavelet coefficients at higher resolution to compute weighted histogram. A Bhattacharyya coefficient is used as a measure of comparability between two appearance models [14]. 3.2 Detection of Object Correspondence

The aim of Correspondence Establishment module is to associate foreground blobs with objects that are already being tracked. In ideal cases a single object is mapped to one connected blob. However, due to occlusions and splits, two or more different objects may assign to a single connected blob or single object may appear as more than one connected blobs. To resolve the correspondence problem, we use a correspondence matrix Cm showing the association between foreground regions extracted in current frame and the objects successfully tracked in the previous frame. In the correspondence matrix (Cm), the rows correspond to existing tracks in previous frame and columns to foreground blobs in the current frame. In the proposed approach we maintain a data structure named as object database ( DBobj ) to keep track of information about the tracked objects. The information are: identity(ID), area(A), centroid(C), minimum bounding box(MBB), appearance model(OM), merge list(MList) and status(S). Where status can be A(Active),

A Robust Framework for Multi-object Tracking

333

P(Passive), E(Exit), M(Merge). MList consists of the ID of the objects that are involved in merging. Suppose Oti −1 represent a i th tracked object in (t − 1)th frame and Btj represent the j th blob in t th frame respectively, where i = 1, 2,..., M and j = 1, 2,..., N . M represents the number of objects that already being tracked in the previous frame and N represents the number of foreground blobs in the current frame. The distance between blob Btj and object Oti −1 can be defined as: t −1

Bt

D x = COx i − C x j

t −1

Bt

and D y = COy i − C y j

(1)

Where C x and C y represent the X and Y component of the respective centroid. The size of the correspondence matrix (Cm) is M x N and its value can be defined as: ⎧ ⎪ C m [i, j ] = ⎨ 1; ⎪ 0; ⎩

Dx