Architecture of reconfigurable artificial neural network Co-processor

Proceeding

May 23-25, 2008

1st National Conference on Security, Computing, & Communication

Organized By Institute of Information Technology Kohat University of Science & Technology Kohat, NWFP, Pakistan

Sponsored By Higher Education Commission Islamabad, Pakistan

Copyright © 2008 Kohat University of Science & Technology

Kohat, NWFP, Pakistan

Table of Contents

S.No

Content

Page No

1. Conference Honorary Committee i 2. Conference Steering Committee i 3. Conference Organizing Committee ii 4. Conference Session Chairs iii 5. Conference Founder Message iv

Conference Chapter on Security

1. A Semi-Fragile Watermarking Scheme for Gray Scale Image Authentication Based on Self Embedding Mechanism with Improved Recovery of Original Work

1

2. What Smart ! About Smart Cards Technology 5 3. A System for Multimedia Ownership Identification Using PIC 9 4. Personal Authentication System Using Biometrics Techniques 13 5. Securing Services in Multi-Agent Systems 20 6. DoS and DDoS Attacks; Analysis and Prevention 22 7. SAKE: Secure Authenticated Key Establishment in Wireless Sensor Networks 28 8. Overview of Spam for VOIP and IMS and Future Direction for Developing Spam Protection

Model for Video Conferencing 33

Conference Chapter on Computing

1. Assessing the Usability of Official Web Portal of Government of Pakistan; A Heuristics Approach

37

2. Architecture of Reconfigurable Artificial Neural Network Co-Processor 41 3. Towards Terrain Modeling For Robot Navigation Using A Single Camera 44 4. Decrease Training Time of Feedforward Multilayer Perceptrons by Attribute Selection

Method 49

5. Classification in Associated Patterns of Stock Data 52 6. A Framework for Agent-based Earthquake Management System 55 7. Intelligent Information Retrieval 58 8. Decentralized Resource Discovery in User-Oriented Grid 63 9. MST and SFMST based Clustering 68 10. Association Rule Mining Towards Business Solution 72 11. Motion Invariant Multi-Focused Image Fusion for Video Processing 75 12. From Deep Web Up To the Surface Web 78

Conference Chapter on Communication

1. Analysis of VOIP by Using Different Vocoders in IEEE 802.11b Wireless Networks 84 2. Using Mobile Phones for Quizzes in m-Learning Environments 88 3. Load Balancing for Congestion Control in MPLS Networks 91 4. Integration between WLAN and MANET 94 5. Handoff Issues in Cellular Networks 99 6. Location Determination Technique for Locating Wireless Devices in Indoor Environment 104 7. RSSI Based Triangulation Method and Clustering Technique for Locating Wireless Devices in

Indoor Environment 109

8. Noise Cancellation in WLAN and Bluetooth 112

i

Conference Patron Prof. Dr. Atta Ur Rehman Chairman, Higher Education Commission Conference Co-Patron Prof. Dr. Lutfullah Kakakhel Vice Chancellor, KUST Conference Founder & Principle Organizer Muhammad Hamad Hassan Director IIT, KUST Conference Steering Committee

Prof. Dr. Fida Younus Khattak KUST

Prof. Dr. Salikhov T.K. KUST

Prof. Dr. Shafiq Ur Rehman KUST

Dr. Muneeb Ur Rehman KUST

Dr. Syed Asif Mehmood Gilani GIKI

Dr. Ajmal Khan Bangash GIKI

Dr. Junaid Mughal GIKI

Prof. Dr. Anwar Majeed Mirza NUCES-FAST

Prof. Dr. Farooq Ahmed NUCES-FAST

Prof. Dr. Amjad Shah NUCES-FAST

Dr. Tariq Mahmood Jadoon LUMS

Dr. Sohaib Khan LUMS

Dr. Sharif Ullah Khan NUST

Dr. Hafiz Farooq NUST

Dr. Fauzan Mirza NUST

Dr. Raihan Ur Rasool NUST

Prof. Dr. Jamil Ahmed Iqra University

Prof. Dr. Ismail Shah Iqra University

Prof. Dr. Abid Khan Peshawar University

Dr. Saeed Mahfooz Peshawar University

Dr. Azhar Rauf Peshawar University

Dr. Shah Khisro Peshawar University

Dr. Rashid Khan Gomal University

Dr. Abdul Bais NWFP-UET

Dr. Siraj Ul Islam NWFP-UET

Engr. Ghulam Mubashar NWFP-UET

ii

Conference Organizing Committee

Mr. Tariq Saleem Qasuria Registrar, KUST

Mr. Azad Khan Khattak Director Academics, KUST

Maj ® Haider Jahanzeb Director Administration, KUST

Mr. M. Masood Shah Assistant Director Finance, KUST

Mr. M. Hamad Hassan Director IIT, KUST

Mr. Rauf Khan IT Manager, KUST

Mr. Nadeem Ahmed Assistant Professor IIT, KUST

Mr. Sohail Shinwari Lecturer IIT, KUST

Mr. Abdur Rehman Lecturer IIT, KUST

Mr. Amjad Mehmood Lecturer IIT, KUST

Mr. Zeeshan Bangash Lecturer IIT, KUST

Mr. Faisal Baseer Lecturer IIT, KUST

Mr. Qadeem Khan Lecturer IIT, KUST

Mr. Abdul Wahid Lecturer IIT, KUST

Mr. Farhan Shafique Lecturer IIT, KUST

Mr. Asad Habib Lecturer IIT, KUST

Mrs. Saima Tariq Lecturer IIT, KUST

Ms. Rabia Khan Lecturer IIT, KUST

Mr. Zeeshan Iqbal Lecturer IIT, KUST

Mr. Jawad Ashraf Lecturer IIT, KUST

Mr. Ali Zeb Lecturer IIT, KUST

Mr. Athar Ali Qureshi Lecturer IIT, KUST

iii

Session Chairs Session I Conference Chapter on Security Chair Dr. Fauzan Mirza School of Electrical Engineering & Computer Sciences National University of Science & Technology, Pakistan Session II Conference Chapter on Computing

Chair Prof. Dr. Mushtaq Ahmed Faculty of Computer Science & Engineering Ghulam Ishaq Khan Institute of Engineering Sciences & Technology, Pakistan Session III Conference Chapter on Communication Chair Prof. Dr. Salikhov Tagaimurod Khaitovich Department of Physics Kohat University of Science & Technology, Pakistan

iv

Conference Founder Message The Institute of Information Technology (IIT) at Kohat University of Science & Technology (KUST) was established in 2001, the pioneer teaching department providing various degree programs at undergraduate and graduate level, professional certifications and IT services. The IIT is equipped with state of the art IT infrastructure, qualified faculty and hardworking students. Our aim is to teach the people about the IT and its applications to improve their living standards. Our vision is to become one of the high tech institutes of Pakistan in providing a band of disciplines in IT and Engineering at all level with promise of providing quality education to produce future leaders in the domain of Science & Technology. The IIT does arrange events that include lecture series, IT trainings, seminars, and workshops. At present the IIT successfully managed to organize a national level conference at KUST by the title; “1st National Conference on Security, Computing, & Communication” that was held on May 23-25, 2008. The key aim of the event was to provide the formal platform to academicians, faculty members, researchers, IT professionals and research students to share their contributions in the domain of Security, Computing, & Communication. In first phase, we sent a conference grant proposal to Higher Education Commission (HEC) office in late Sep 2007 that got sanctioned in Oct 2007 and consequently we started our job. In second phase, we consulted the eminent Professors working in the domain of Security, Computing, and Communication at various reputed Universities of Pakistan including GIKI, NUST, LUMS, NUCES-FAST, Peshawar University, NWFP-UET Peshawar, Iqra University, Gomal University and of course at KUST and after having their consent we constituted our Conference Steering Committee and we are very much thankful to them for their extended and timely support in arranging this event at KUST. In third phase, we finalized our conference toolkit, got it published from the press and sent it to almost all public and private sector universities and R & D organizations of Pakistan. In fourth phase, we got about 50+ research papers from all over the country, which were thoroughly evaluated by the conference referees and finally about 28 papers, were recommended for the oral presentation in the conference. In fifth phase, we did start our work towards setting up the conference stage, conference hall, hanging the conference banners, doing boarding & lodging arrangements to facilitate the participants who had to come from all over the country to attend this conference either to deliver the key note lecture or to present the research paper. We are very much thankful to the Chairman HEC Prof. Dr. Atta Ur Rehman and the HEC officials who are striving hard to promote the higher education and research culture in Pakistan. We are heartedly thankful to our Vice Chancellor Prof. Dr. Lutfullah Kakakhel and the Dean of Sciences Prof. Dr. Fida Younus Khattak for their administrative and moral support and encouragement in arranging this national level event at KUST in a nice manner. I am personally thankful to my faculty members, students, technical staff, and university administrative staff, who remained supportive and helpful during this event. At last but not the least, I am thankful to my family who remained supportive and patient throughout the event. Regards ! Hamad

Proceeding of the First National Conference on Security, Computing, & Communications (1st NC-SCC 2008), KUST, NWFP, Pakistan May 23-25, 2008

Session I Conference Chapter on Security Chair Dr. Fauzan Mirza School of Electrical Engineering & Computer Sciences National University of Science & Technology, Pakistan


1

Abstract — In this paper a semi-fragile watermarking scheme is proposed for gray scale image authentication based on self-embedding mechanism with improved recovery of the original work. The host image that is to be watermarked for authentication is first divided into blocks each of size 8x8 pixels. Each block is then transformed into frequency domain using the DCT and the desired DCT coefficients selected in zigzag pattern are subjected for quantization based on the 50% JPEG compression standard. The watermark is generated by encoding the DCT quantized coefficients into binary bits string of desired length and embedded into the selected LSBs of each block. The proposed scheme is semi-fragile in nature and thus supports the common legitimate operations like JPEG compression, filtering and is able to detect the malicious tampering like feather cropping and recover the original work. The quality of work is quite reasonable both subjectively and objectively as the PSNR of watermarked image and recovered image satisfies the standard threshold. Index Terms — Data Security, Data Authentication, Multimedia Signal Processing, Multimedia Communication

I. INTRODUCTION Data authentication verifies the originality of work by ensuring that the work has not been changed or transformed in any way since it was last created. The work can be a text document, an audio clip, an image or a video. To develop a data authentication system there are two sister technologies that are in practice; Cryptography and Digital Watermarking. The former deploys its hash functions to verify the integrity of work but it can tell us only; whether the work has been changed or not. However, the latter can even tell us; where the changes have been made in the work and if so it can even recover the original work by deploying its powerful authentication and recovery mechanisms. In recent decades, information security researchers have shown their interests in deploying the digital watermarking technology in designing data authentication systems and such like applications. For ensuring data authentication there are two principle watermarking techniques that are discussed in this paper.

A. Fragile Watermarking Techniques Fragile watermarking techniques are primarily designed and are very sensitive for all kind of transformations if applied to the work. Although they cannot differentiate between the legitimate processing and illegitimate processing but still they are applicable in variety of scenarios where we do want to detect even if a bit is changed like patient information, legal documents, war plans etc. Fragile watermark is simply a mark that does not survive if a work is modified in any way. Fragility is important and helpful for authentication purposes. If a very fragile mark is detected in the work, we infer that the work has not been changed since the watermark was last embedded.

B. Semi-Fragile Watermarking Techniques The semi-fragile watermarking techniques are primarily designed to have some degree of intelligence to differentiate between the legitimate and illegitimate processing. Semi-fragile watermark is simply a mark that is unaffected by the legitimate processing like compression but destroyed by the illegitimate processing like tampering. In this paper a semi-fragile watermarking scheme has been proposed based on the self embedding mechanism and is able to support the legitimate operations like compression upto an acceptable level. In addition, our scheme is able to recover the original work if the work has been affected by the illegitimate operations like feather cropping. The host image that is to be authenticated is first divided into blocks each of size 8x8 pixels and each block is transformed into frequency domain using DCT (Discrete Cosine Transform). The desired DCT coefficients are selected in a zigzag pattern using the zigzag scanning table Z (see Table I) and are subjected for quantization using the quantization table Q (see Table II) that corresponds to the 50% quality of JPEG (Joint Photographic Experts Group) compression. The watermark is generated for each block by encoding the DCT quantized coefficients into desired number of bits using the bits length table L (see Table III). The watermark payload and number of LSBs (Least Significant Bits) of each block used for embedding depends on the type of algorithm chosen to develop an authentication system. The watermark is then embedded into the destination block’s selected LSBs determined by the distance vector for random distribution of a watermark in the image. The proposed scheme is semi-fragile in nature therefore it supports common legitimate processing like JPEG compression, filtering etc. Also the scheme is able to detect the malicious tampering like feather cropping in the watermarked work. Our scheme is able to recover the original work without any loss. The quality of work is quite reasonable both subjectively and objectively as the PSNR (Peak Signal to Noise Ratio) of watermarked image and recovered image meets the threshold. The rest of the paper is structured as: Section II discusses the related work. Section III explains the Fridrich’s self-embedding scheme and its implementation results. Section IV explains the proposed scheme and its implementation results. Section V demonstrates the authentication and recovery mechanism. Section VI derives the conclusion and future directions.

II. RELATED WORK The survey of fundamental authentication schemes based on the watermarking technology can be found in the paper presented by T. Liu. et al. [1]. An early scheme for image authentication was presented by S. Walton [2] that uses a key based pseudo-random scanning of an image to compute the checksum. The check-sum is obtained by summing the numbers determined by the 7 MSBs (Most Significant Bits) and taking a remainder with a large integer N. The computed

A Semi-Fragile Watermarking Scheme for Gray Scale Image Authentication Based On Self Embedding Mechanism with Improved Recovery of Original Work

Muhammad Hamad Hassan Research & Development Cell

Institute of Information Technology Kohat University of Science & Technology, Kohat, NWFP, Pakistan

[email protected]


2

check-sum is then inserted in a binary form in the LSBs of the selected pixels. The method is very fast and on average modifies only half of the pixels by one gray level. The check-sum approach provides a very high probability of tamper detection but cannot distinguish between an innocent change like brightness adjustment or replacing person’s face modules. Van Schyndel et al. presented their work in [3] that modifies the LSBs of the pixels by adding extended m-sequences to the rows of pixels. The sequence is generated with a linear feedback shift register. For an NxN image a sequence of length N is randomly shifted and added to the host image rows. The phase of the sequence carries the watermark information. A simple cross-correlation method is used to test the presence of the watermark. Wolfgang and Delp [4] extended Van Schyndel’s idea and improved their work by tuning the localization and robustness parameters. J. Fridrich presented her schemes in the paper [5]-[8] where an approximation of the image is embedded in the LSBs of the original image for authentication and recovery of original work. I. Kostopoulos et al. [9] presented their scheme for color image authentication based on self-embedding scheme in which a given color image is initially transformed from RGB to YCbCr color space in order to extract the luminance channel that holds approximately 75% information of an image. The two LSBs are discarded to have reduced image space. The watermark is generated using special mapping function that swaps the given pixel’s intensity value with a new value within the boundaries specified by the mapping function. The watermark information is then embedded in all the three channels, using a secret key in such a way that on average one bit of information affects at most the four LSBs of each channel. The present work is based on Fridrich’s self-embedding scheme presented in [7] with the objective to recover the original work with relatively high quality.

III. FRIDRICH’S SELF EMBEDDING SCHEME This scheme was primarily presented by Fridrich et al. [7]. The scheme is illustrated by the following standard algorithm.

A. Algorithm An original image is first divided into blocks each of size 8x8 pixels. The following three steps are carried out for each block of an image. 1) Step 1 Pre-Processing of an Image Gray levels of all the blocks are set into the interval [-127, 128] and the LSBs of all pixels of each block are set to zero. This step helps in distinguishing between a tampered block and non-tampered block. 2) Step 2 Watermark Generation Each block B of an image is transformed into the frequency domain using DCT. The first 11 DCT coefficients are selected in zigzag pattern using the zigzag scanning table Z (see Table I) and quantized using the quantization table Q (see Table II) that corresponds to the 50% JPEG compression standard. The DCT quantized coefficients of each block are then encoded into binary form using the bits length table L (see Table III). Coding based on L table ensures that the first 11 DCT quantized coefficients of each block are encoded into exactly 64 bits. This 64 bits string yields a watermark for each block. 3) Step 3 Watermark Embedding The 64 bits binary string obtained in Step 2 is then inserted into the LSBs of the block B + P, where P is the position vector that can be

determined using the following equation. P = [ 3 / 10 ] * Image Dimension ……… (1)

TABLE I

Z: ZIGZAG SCANNING TABLE

TABLE II

Q: QUANTIZATION TABLE

16 11 10 16 24 40 51 61

12 12 14 19 26 58 60 55

14 13 16 24 40 57 69 56

14 17 22 29 51 87 80 62

18 22 37 56 68 109 103 77

24 35 55 64 81 104 113 92

49 64 78 87 103 121 120 101

72 92 95 98 112 100 103 99

TABLE III

L: BITS LENGTH TABLE

7 7 7 5 4 3 2 1

7 6 5 5 4 2 1 0

6 5 5 4 3 1 0 0

5 5 4 3 1 0 0 0

4 4 3 1 0 0 0 0

3 2 1 0 0 0 0 0

2 1 0 0 0 0 0 0

1 0 0 0 0 0 0 0

B. Simulation Results The simulation of the above algorithm is developed in the Matlab (Matrix Laboratory) Version 7.0 using the IPT (Image Processing Toolbox) and some other built-in and user-defined functions where desired. The original image is shown in the Fig. 1(a) and the watermarked image is shown in Fig. 1(b) with PSNR of 51 dB. The tampered image is shown in Fig. 1(c) and tampering detection in Fig. 1(d). The recovered work is shown in Fig. 1(e) and zoomed version in Fig.1 (f). However the recovery is not perfect as highlighted by the ellipse that shows patches in the recovered area.


3

Fig. 1 Fridrich’s Self Embedding Scheme Simulation Results

IV. PROPOSED SCHEME

For improved recovery of original work Fridrich [7] proposed an advanced version of above algorithm that deploys each block for DCT quantization and the first 3 and 22-36 DCT quantized coefficients are selected for binary encoding using the bits length table L that yields a watermark payload of 190 bits on average but only 128 bits are embedded into the 2 LSBs of each block’s pixels. In proposed scheme, for improved recovery of original work, we increase the embedding space by using the 3 LSBs to accommodate the entire information of each block represented by 190 bits string of a watermark. Each block of size 8x8 pixels is initially transformed

into frequency domain using the DCT and quantized in the same manner as done before while implementing the Fridrich’s self-embedding algorithm. After quantization, the first 3 and 22-36 DCT quantized coefficients are selected for onward binary encoding using the bits length table L that yields a watermark payload of upto 190 bits in general. The 190 bits string can be now easily accommodated into 3 LSBs of each block pixels after 0’s padding to have uniform bits string i.e. upto 192 bits. With incorporation of more bits, our scheme is now able to survive under all kind of legitimate operations like JPEG compression; filtering and can deal with illegitimate operations like feather cropping, tampering etc. In addition, it is now able to recover the original work without compromising the quality of work. The proposed scheme is illustrated by the following standard algorithm.

A. Algorithm An original image is first divided into blocks each of size 8x8 pixels. The following three steps are carried out for each block of an image. 1) Step 1 Pre-Processing of an Image Gray levels of each block are set into the interval [-127, 128] but now the 3 LSBs of each block are set to zero to have large embedding space and accommodate the maximum information of an image into image itself to have full recovery of original work in authentication and recovery phase. 2) Step 2 Watermark Generation Each block of an image is transformed into the frequency domain using the DCT and the transformed coefficients are quantized using the quantization table Q. After quantization, the first 3 and 22-36 DCT quantized coefficients are selected in zigzag pattern for onward binary encoding using the bits length table L that yields a watermark payload of upto 190 bits. The 190 bits string can be now easily accommodated into 3 LSBs of each block pixels after applying 0’s padding to have uniform bit stream of 192 bits. The reason for considering more bits is to store the maximum information about image into the image itself that ensures the full recovery of original work in the authentication and recovery phase. 3) Step 3 Watermark Embedding The watermark bits string of 192 bits obtained in Step 2 is now embedded into the 3 LSBs of each block’s pixels of an image. The rest of procedure is same as discussed in Step 3 of Fridrich’s algorithm.

B. Simulation Results The simulation of the above algorithm is developed in the Matlab 7 using the IPT and other built-in and user-defined functions where desired. The original image is shown in the Fig. 2(a) and the watermarked image is shown in Fig. 2(b) which is quite imperceptible as the PSNR value of watermarked image is 42 dB. The tampered image is shown in Fig. 2(c) and tampering detection in Fig. 2(d). The recovery of original work is shown in Fig. 2(e) and Fig. 2(f) for zoomed version which is close to that of original image as the PSNR is about 37 dB.

V. AUTHENTICATION AND RECOVERY MECHANISM To check the performance of our authentication system, a watermarked image is tampered in Adobe’s Photoshop software. For instance a block from the watermarked image is cropped (say block B (1)) and replaced with a different image block, the code C (1) stored at B (1+P) will not match with the code C generated from

(b) Watermarked Image (PSNR=51 dB)

(e) Recovered Image

(c) Tampered Image (d) Tampering Detection

(a) Original Image

Image Specification Test Image: Saturn Format: tiff Dimension: 256x256 Resolution: Gray Scale Tampered Region: Surface

(f) Recovered Image (Zoomed Version) (PSNR=32 dB)


4

the content of B (1). In addition, the code stored in the block B (1) LSB will not match the code generated from its respective source block say B (1-P).

Fig. 2 Proposed Scheme Simulation Results

In such scenario, the region that has been tampered is marked by setting the affected pixels values to zero. After the tampered region identification, the next phase is to recover the original work. For that first we have to determine the source block for the affected block to extract the watermark bits string for the recovery of original work. Once the desired bits string is extracted, it is de-quantized using the same quantization table as deployed in the quantization step of a watermark generation phase. The de-quantized bits are transformed using inverse DCT to have spatial values of affected pixels. In this way the original work is recovered in the form of a reconstructed image which is very close to original work as shown in Fig. 2(e) and a zoomed version in Fig. 2(f) respectively.

VI. CONCLUSION AND FUTURE DIRECTIONS In this paper, some of the fundamental image authentication techniques have been reviewed. A new semi-fragile watermarking scheme has been proposed for gray scale image authentication that uses JPEG compression model to create the watermark and embed it into the image itself, that’s why called self embedding scheme. This enables us to recover the portions of image that have been cropped, replaced or severely modified. The increment in the watermark payload helps us in the recovery of work without losses. The intent to propose this technique is to maximize the quality of the recovered work. In future we will extend our scheme for color image authentication by choosing a suitable color space to accommodate enough payload of watermark in each channel and with ability to recover the original work. The choice of transformation domain also matters to extend the scheme capability to support the range of legitimate and illegitimate operations. For instance watermarking in wavelet domain will enable the proposed scheme to support JPEG2000 compression, filtering and operations like that and would be able to survive under the attacks like feather cropping, tampering or modification like that.

REFERENCES

[1] T. Liu and Z.D. Qiu, “The Survey of Digital Watermarking Based Image Authentication Techniques”, 6th ICIP, pp 1566-1559, 2002. [2] S. Walton, “Image Authentication for a Slippery New Age”, Dr. Dobb’s Journal of Software Tools for Professional Programmers, vol. 20, April 1995. [3] R. G. Van Schyndel, A. Z. Tirkel, and C. F Osborne, “A Digital Watermark”, Proc. of the IEEE Int. Conf. on Image Processing, vol. 2, pp. 86–90, Austin, Texas, 1994. [4] R. B. Wolfgang and E. J. Delp, “A Watermark for Digital Images”, Proc. IEEE Int. Conf. on Image Processing, vol. 3, pp. 219–222, 1996. [5] J. Fridrich, “Image Watermarking for Tamper Detection”, Proc. ICIP 98, Chicago, Oct 1998. [6] J. Fridrich, “Methods for Detecting Changes in Digital images”, ISPACS, Melbourne, 1998. [7] J.Fridrich and M.Goljan, “Protection of Digital Images using Self Embedding”, Symposium on Content Security and Data Hiding in Digital Media, Newark, NJ, USA, May 1999. [8] J. Fridrich, “Methods for Tamper Detection in Digital Images”,

Multimedia and Security Workshop at ACM Multimedia, Orlando, Florida, USA, Oct, 1999.

[9] Kostopoulos, S.A.M.Gilani and A.N.Skodras, “Color Image Authentication Based on a Self-Embedding Technique” 14th International Conference on Digital Signal Processing, Santorini, Greece, 2002.

(b) Watermarked Image (PSNR=51 dB)

(e) Recovered Image

(c) Tampered Image (d) Tampering Detection

(a) Original Image

Image Specification Test Image: Saturn Format: tiff Dimension: 256x256 Resolution: Gray Scale Tampered Region: Surface

(f) Recovered Image (Zoomed Version) (PSNR=37 dB)


5

Abstract — Smart cards technology is perhaps the widely used technology in defending people and systems against the front line attacks. Some of the notable features make the smart cards really smart in terms of size, compactness, storage capacity, and computation power to run the powerful security algorithms. The high profile use of smart cards technology for applications like ID cards and passports, banking, transport, mobile communication, access to internet, satellite TV, and services entitlement and applications like that make it appealing for the academia, security researchers, and the industry to invest in this technology. Smart cards technology is relatively new technologies that already affect and will of course affect the life style of billions of people like the way we shop, use the telephone, see the doctor, and even enjoy leisure!!!

Index Terms— Smart cards, Chip cards, RFIDs,

I. INTRODUCTION Smart cards technology is one of the latest and smart additions to the world of information security. Smart card is almost the same as today’s plastic payment cards in terms of size but it contains memory chip to store the desired information which cannot be accessed other than the real owner and forged or copied by the attacker. In addition, it contains microprocessor to run a range of security algorithms and functions to implement the principles of security like confidentiality, integrity, authentication, and access control among others. All these features make the smart card “smart” and help it in a successful automated electronic transaction [1].

II. HISTORY Smart cards technology has roots back in the seventh century when inventors in Germany, Japan, and France filed the patents and the industrialists in the U.S., Japan and Austria, were given privilege to implement these patents. The chip card was historically invented by the German scientist Helmut Gröttrup and his colleague Jürgen Dethloff in 1968 but their patent was approved in 1982. Roland Moreno patented his idea of the memory card in 1974. Michel Ugon at Honeywell Bull invented the first microprocessor smart card in 1977. Bull patented the SPOM (Self Programmable One-chip Microcomputer) that defines the necessary architecture to auto-program the chip in 1978. Three years later, the very first "CP8" based on this patent was produced by Motorola. Today, Bull has almost 1200 patents related to smart cards. Telecarte, was the first French pay phones company that used cards for their payments in 1983. When paying with a Carte Bleue, one inserts the card into the merchant's terminal, then types the PIN, before the transaction is accepted. Only very limited transactions (such as paying small autoroute tolls) are accepted without PIN. Finnish manafactured smart cards by combining the features of credit cards and debit cards. In Europe since from the mid of 90s, systems using smart cards technology, used to store information on the card chip rather on an externally recorded account, so that machines accepting the card need no network connectivity. In addition, SIM cards were used by the GSM mobile phone equipments. In 1993, the international payment authorities including MasterCard, Visa, and Europay agreed to work together

to develop the specifications for the use of smart cards in payment cards. This let the banks to use smart cards systems to forecast the reduction in frauds, counterfeits, losts and steels. The research and development in smart cards technology is in fancy till date due to its valuable demand by the industry and organizations with billion of users incrementing annually for variety of applications ranging from money transits, mass transits, telephony, personal identification and authorization, upto adds on services and enhancing IT infrastructure [2] - [3].

III. ARCHITECTURE AND COMPONENTS As per ISO standards, the size of standard smart card is 85.6mm (length) x 53.98mm (width) x 0.76mm (thickness).

Fig. 1 ISO Smart Card Architecture

The architecture in Figure 1 is just to give an idea to the intended reader. Infact, the size of the smart card and the components (electrical contacts, magnetic stripe etc) it contains vary from application to application and on the manufacturer. [4]

A. Central Processing Unit Unlike standard credit, debit and loyalty cards that contains magnetic stripe, smart card uses microprocessor chip which are available in 8, 16, and 32 bit architecture. However, none have multi-threading and other powerful features that are common in standard computers. Smart card CPUs execute machine instructions at a speed of approximately 1 MIPS. A coprocessor is often included to improve the speed of encryption computations.

B. Memory The smart card contains the following type of memories:

Fig. 2 Smart Card Components

WHAT SMART! ABOUT SMART CARDs technology

85.6 mm

53.98 mm

Muhammad Hamad Hassan Research & Development Cell


[email protected]


6

1) RAM The RAM (Random Access Memory) is of about 1kilobytes. This is needed for fast computation and response. 2) EEPROM The EEPROM (Electrically Erasable Programmable ROM) is about 1 to 24 kilobytes. Unlike RAM, its contents are not lost when power is. Applications can run off and write to it, but it is very slow and one can only read/write to it so many (100 000) times. 3) ROM The ROM (Read Only Memory) is about 8 to 24 kilobytes. The operating system and other basic softwares like encryption algorithms are stored here.

C. Input/Output Unit This is via a single I/O port that is controlled by the processor to ensure that communications are standardized, in the form of APDUs (A Protocol Data Unit).

D. Interface Devices (IFDs) Smart card needs power and a clock signal to execute its operating system and application programs which is provided by the Interface Device - usually a Smartcard Reader - in contact with the card. The IFD is also helpful in establishing a communication channel between application software on the computer and the operating system on the card. The mode of smart card communication channel is half-duplex. Generally, the smartcard reader serves both the purposes, that is, it allows an application to write to the card as well as read from the card. The receiver is required to sample the signal on the serial line at the same rate as the transmitter sends it in order for the correct data to be received. This rate is known as the bit rate or baud rate. Data received by and transmitted from a smart card is stored in a buffer in the smart card’s RAM. Due to insufficient RAM, relatively small packets (10 - 100 bytes) of data are moved in each message.

E. Operating System Microsoft Corporation released a miniaturized version of Windows for smart cards in late 1998. Some versions of a Gnu O/S have also been released. The operating system found on the majority of smart cards implements a standard set of commands ranging from 20 – 30 commands, to which the smart card responds. The reader sends a command to the smart card, the card executes the command and returns the result to the reader accordingly and waits for another command thus operating in master-slave manner.

F. File System Most operating systems also support a simple file system based on the ISO 7816 standard. A Smart Card file is actually just a contiguous block. Files are organized in a hierarchical tree format. Once a file is allocated, it cannot be extended and so files must be created to the maximum size that they are expected to be. Each file has a list of which parties are authorized to perform which operations on it. There are different types of files: linear, cyclic, transparent, SIM, etc. The usual create, delete, read, write and update file operations can be performed on all of them. Certain other operations are supported only on particular types of files

G. Software Smart cards are either Soft-Mask or Hard-Mask, depending on whether the application is in EEPROM or in ROM. Hard-Mask cards are more expensive and non-editable. Some application-specific data with instructions set needs to be stored on EEPROM. In practice, while programming a smart card, it is tested on a simulator first for debugging. Banks normally use soft-mask cards for pilot testing new applications and then to move on to more customer-resistant hard-mask cards for larger deployments. Hard masking is relatively expensive w.r.t. time and cost than soft masking. .

H. Programming Language Most smart cards are currently programmed in low-level languages based on proprietary smart card operating systems. Some of the programming has been done in the chip's native instruction set (generally Motorola 6805, Intel 8051, or Hitachi H8). In 1998- 2000, a new type of card has shown up, sometimes called a re-configurable card. These have a more robust operating system that permits the addition or deletion of application code after the card is issued. Such cards are generally programmed in Java and are therefore called Java Cards. Other relatively popular languages are Windows for Smart Cards, MEL (Multos programming language) and Basic.

IV. TYPES There different types of cards that come under the smart cards technology and are discussed briefly in the following paragraphs.

A. Magnetic Stripe Cards Magnetic stripe card technology is widely used smart cards technology characterized for its low cost and easy processing like read/write operation. This card technology is normally used in range of applications like in banking; debit cards and credit cards are the valid examples, in access control systems; entitlement cards and tickets are valid examples. Consider the Figure 3, we have a plastic card typical of size 3.375″x2.125″ and is being used to carry stripe of magnetic tape. Apart from the embedded information in the magnetic stripe, this plastic card may carry useful information in the form of text or images so that people can easily interpret it. The stripe is almost the same as used in a cassette recorder i.e. magnetic field controls the alignment of magnetic dipoles into various orientations along the length of the tape. The capacity of magnetic stripe to hold information in quite limited but it can be extended by using multiple tracks along the stripe just like an audio tape-recorder. On each track few bits of information related to identity can be stored using a method so called Wiegend [5] – [6].

Fig. 3 Magnetic Stripe Card Architecture The typical examples of magnetic stripe cards are shown in the following figures.

Fig. 4 Author’s Credit Card (Front side) Courtesy: Askari Bank Limited, Pakistan

Magnetic Stripe

Signature Strip

Embossed Useful Data


7

Fig. 5 Author’s Credit Card (Back side) Courtesy: Askari Bank Limited, Pakistan

It is of worth mentioning that they lack the important characteristic that smart cards do have i.e. security of information. The reason being that magnetic stripe is a normal piece of audio tape and so it can be easily readable and re-writable. Measures have been taken to make the plastic card harder to duplicate but merely can be done about the magnetic stripe used in the automated transactions.

B. Chip Cards The chip card is the solution to overcome the issues presented in the case of magnetic stripe cards. The bottle neck was the magnetic stripe in case of magnetic stripe cards and so is replaced by the electronic chip in the chip-cards. Historically theses cards were identical from their golden or silver color contacts. The typical architecture of chip card is shown in the following figure.

Vcc GND RST Vpp CLK I/O RFU

RFU

Fig. 6 Chip Card Architecture

The Vcc, GND, RST, CLK and I/O together give basic functionality and power to the chip card. The Vpp pin is used for re-programming the chip card just like EEPROM. In past only above six pins were used by some cards and readers but nowadays industry has planned to also deploy the RFU and VPP contacts for adds on services. For instance Mobile phones industry is planning to use these spare pins for high speed USB interface for variety of applications. A chip card is placed within card reader which physically touches the golden contacts, enabled the chip to power on for clocking and for communication to offer services to user. The simplest chip card contains a fixed value and so it is easy for an attacker to read the value from a valid card and produce a copy of this chip card for later on frauds. Another type of card is the memory card keeps the record of telephone call minutes in a count down manner. Such card normally doesn’t need added security and so are easily read and copied. In addition, the memory may be re-written to disturb the application or to change user information. All these limitations make these chip cards useful for dedicated systems rather general purpose smart cards [5]-[6].

C. Microprocessor Chip Cards To overcome the limitations of chip cards, the industry shifted to have microprocessor chip cards that not only store the useful information but can run powerful security protocols. The benefit of protocol interface is that it is very impossible to access the

information or update it until and unless various checks are satisfied based on cryptographic algorithms. In general, if the embedded microprocessor offers tamper-resistant property as offered by other smart cards then theses microprocessor chip cards fulfills the smart card basic requirements. Due to tamper-resistant property it is very difficult to forge or copy the sensitive data and it is rather only accessible in automated electronic transactions, can store data security and can run range of security protocols and algorithms [5]-[6].

D. Smart Tokens A smart token is a personal device that does have all the basic properties and security measures as that of smart card but it doesn’t have any formal plastic format or size. The SIM (Subscriber Identification Module) used by the mobile service companies is the simple example of a smart token. Smart tokens go through the same manufacturing process as smart cards but they come in plug-in format as shown in the following figure [5]-[6].

Fig. 7 Author’s Mobile Phone SIM (Front side)

Courtesy: PMTCL, Pakistan

Fig. 8 Author’s Mobile Phone SIM (Back side) Courtesy: PMTCL, Pakistan

In future mobile service companies may deploy SIM even smaller than the current size and may incorporate other modes of powering and communicating with it.

E. Contact-less Smart Cards and RFIDs There is growing demand and usage for smart cards that do not requires physical contacts but exploit the radios communication techniques. This special property of smart cards helps the industry in tagging products and later on tracking. RFID is a special kind of smart card since it meets all the basic requirements of smart card but it is contact-less and communicate its ID with its associated reader via RF i.e. radio frequency. Normally RFIDs do not imply any protocol security, prevention against sensitive information cloning or tamper-resistance but nowadays they do incorporate these basic security measures [5]-[6].

V. WHY SMART CARDS? If a portability of record of one or more applications is necessary or desirable, and records are likely to require updating over time, records will interface with more than one automated system, security and confidentiality of records is important, then smart cards


8

are a feasible solution for making data processing and transfer more efficient and secure. Smart cards are small, handy, light weight, durable and re-usable (i.e. they allow multiple read/writes). They use chip operating systems that support multiple applications at the same time. The inbuilt storage facility equipped with security features of a smart card makes it robust against attacks and reduces it dependency on vulnerable external resources. The sensitive data to be stored in the card can be biometrics information of the card owner, personal medical history, and cryptographic keys for authentication. The smart cards technology works on the international standards; ensures multiple vendor support at competitive prices and hence established track record in the real world applications.

VI. APPLICATIONS Smart cards are nowadays deployed in public and private sector departments that includes personal identification on real time systems or on internet, banking and finance, loyalty, telephony, healthcare, mass transit, services entitlement, physical access control, IT access control, and entertainment.

A. Finance Almost all the countries have either reduced or eliminated the coins from the payment systems by incorporating the smart cards. Smart cards in the form of e-purse have replaced the traditional coins system even for small purchases in vending machines and at counter transactions. Securing money transactions using smart cards on internet form the basis of electronic commerce.

B. Telephony There are unlimited GSM mobile phones that use smart cards that contain the mobile phone security and subscription information. The handset is personalized to the individual by inserting the card, which contains its phone number on the network, billing information, and frequently call numbers.

C. Personal Identification All purpose student ID-Card contains variety of applications that is electronic purse for vending machines, laundry machines, library card, and meal card.

D. 6.4 Physical Access Control Employee access cards with secured ID and the potential to employ biometrics to protect physical access to facilities.

E. IT Access Control Employee access cards with secured passwords and the potential to employ biometrics to protect access to computer systems.

F. Healthcare Various countries with national health care programs have deployed smart card systems. The Germany and Austria are the one that deploy this technology to issue smart cards to every person in their country in the form of consumer health card that contains insurance eligibility and emergency medical data.

G. Entertainment Almost every small dish TV satellite receiver uses a smart card as its removable security element and subscription information.

H. Loyalty Smart cards can be used in retail loyalty schemes and corporate staff systems. Consumer reward/redemption tracking on a smart loyalty card, that is marketed to specific consumer profiles and linked to one or more specific retailers serve that profile set.

I. Transport Smart cards can be used for driver license, mass transit passes, fare collection systems, electronic toll collection systems.

J. Entitlement Cards Smart cards are now used in electronic benefits transfer systems to carry food stamp and WIC food benefits in lieu of paper coupons and vouchers. In addition, agricultural producer smart marketing card to track quotas.

VII. CONCLUSION AND FUTURE DIRECTIONS The important thing about Smart Cards is that they are everyday objects that people can carry in their pockets, yet they have the capacity to retain and protect critical information stored in electronic form. The “smartness” of Smart Cards comes from the integrated circuit embedded in the plastic card. Embedding similar circuits in other everyday objects, such as key rings, watches, glasses, rings or earrings, could perform the same electronic function. The development of contactless card technology was the catalyst for what is known as tags. Tags function like contactless smart cards but are in the form of a coin, a ring or even a baggage label. They are generally attached to objects such as gas bottles, cars or animals and can hold and protect information concerning that object. This allows the object to be managed by an information system without any manual data handling. The use of Biometrics will soon mean that his/her hand, fingerprint and the retina of the eye or the sound of the voice can reliably identify a person. Soon it will be possible to authorize the use of electronic information in Smart Cards by using a spoken word or the touch of a hand. Also Smart Card readers will be appearing on the PC and will enable the user to pay for goods purchased over the Internet. This will be especially useful for small value purchases, which are not really appropriate for credit card transactions. If you have products that have relatively low value - for example a few pages of information about your product that customers may pay 50c for - they may well pay you in the future using a Smart Card. As a smart infrastructure for mobile computing, Smart Card technologies will prove to be the killer application for the networked economy. The Smart Card will be "charged up" with money and you will use it as you do cash or a phone card. In the near future, the traditional magnetic strip card will be replaced and integrated together into a single card by using the multi-application Smart Card, which is known as an electronic purse or wallet in the Smart Card industry. It will be used to carry a lot of sensitive and critical data about the consumers ever more than before when compared with the magnetic strip card. Smart Cards are a relatively new technology that already affects the everyday lives of millions of people. This is just the beginning; soon it will influence the way we shop, see the doctor, use the telephone and even enjoy leisure!!

REFERENCES [1] www.smartcardforum.org [2] www.ewh.ieee.org/r10/bombay/news5/SmartCards.htm [3] www.wikipedia.org/wiki/Smart_card [4] www.smartcard.co.uk [5] www.scc.rhul.ac.uk [6] Keith Mayes, Konstantinos Markantonakis “Smart Cards, Tokens, Security and Applications” Springer, 2008. [7] www.cardwerk.com [8] www.crisptelecom.com


9

Abstract— A new approach for multimedia owner

identification is introduced. In this approach a unique code is calculated by the system first and then this code is embedded into the multimedia content. We used this code with images. The code generated is called PIC (Personal Identification code) and one PIC can be allotted to a single person only. This new approach is able to identify the exact owner of the multimedia content by producing the owner’s identification data. The embedding points in the image are made adaptive according to the owner’s identity so that it is difficult to detect the watermarks in the image by the hackers.

Index Terms — Multimedia, Ownership Identification, Digital Watermarking

I. INTRODUCTION Use of multimedia contents in computer systems is increasing day by day. Now people prefer to use a system showing information in the form of graphics, displaying images and playing videos, music and sounds. Due to recent growth in the multimedia tools and technologies it is now easy to create multimedia contents like images, videos and music. But on the other hand it has also been made easy to make pirated copies of multimedia data. Due to the availability of powerful multimedia processing tools, illegal distribution of the under subject multimedia is very easily which may effect the royalty, ownership and data authentication issues. These copies are usually distributed through different mediums like internet and mobile devices like CD's, DVD's, flash disks, cell phones and PDA’s. There is no way to stop the piracy except to monitor and keep an eye on the pirated contents. The owner can only stop the piracy to claim his ownership if he is able to find some traces in the illegally distributed multimedia contents [1, 2]. There were many techniques introduced to stop the illegal distribution. The most common way is through Digital Rights Management (DRM) Technology: instructions are embedded in the multimedia data files which can limit their use [3]. This technology has many advantages but limitations on the other side. It is possible in this system that the content can’t be copied or modified so most important is that owner does not want to stop people to make one or two copies but to avoid making of million copies. To implement principles of security like confidentiality, integrity and authentication, there are various techniques like cryptography and digital watermarking. For multimedia contents watermarking is considered the best way for imposing DRM in the multimedia contents. Many organizations use watermarking techniques in different ways [4]. Our approach is to embed a unique watermark that can easily identify the owner of a multimedia content. For this purpose a system is introduced which generates a PIC (Personal Identification Code) for the owners. PIC is generated from the user’s daily life aspects which identify him like name and identity card number. The user has to remember a short code but the system will use a long code stored in the database. The generated code is then embedded into the multimedia content which is invisible and can’t be detected. This content is called watermarked multimedia content. The watermarked content can be easily used to identify it owner any

time. In this way the owner will be able to pick his creation anywhere and any time and can prove his ownership. The rest of the paper is structured as: Section II discusses about some basics relating to our system. Section III demonstrates our proposed scheme. Section IV reflects the conclusion and future directions.

II. BACKGROUND In this section we will discuss some basic elements that are necessary to understand our system. First of all we will discuss A. Multimedia, its types and its classifications, then we will briefly discuss B. Multimedia Security C. Digital Rights Management and at the last we will discuss on D. Digital Watermarking in details.

A. Multimedia: It is hard to clearly define multimedia in few words. Most of the authors define multimedia as “It is media that uses multiple forms of information content and information processing.[5]” In general we can say that multimedia is the combination of text, still and animated images, animations, videos and any type of medium where information can be represented and stored [1]. Multimedia generation can be categorized into two terms i.e. Captured which is taken from real world like images and videos and Synthesize that are developed through multimedia tools. e.g. animations, digital graphics and text etc[5]. Multimedia content can be continuous or can be discrete in terms of signal processing. Different formats of multimedia can be defined as follows. Text: In early days of computers text alphabets were appeared white of green on black background having size of 8 pixels wide and 8 pixels high. Each pixel used single color and was monochrome. ASCII codes were used to display these letters. Later on Adobe introduced vector based true type and colored text. Now there are different types of text available in different styles and colors [6]. Text has many attributes like face, size, color and formatting (bold/italic/regular). Images: Images are pictures captured from real world or synthesized by computer. It is said that “A picture worths that thousand words can’t”. Images are more suitable for providing information than reading text. Images can be either vector based or raster [6]. Videos: Combination of images is called video. Images are combined and showed in a timely fashion. Each image in the video is called frame. The number of frames per second is called frame rate. There are different frame rates for videos. For example if we talk about TV Channels then they have 30-40 frames per second. In case of computer monitor the frame rate is 70 frames per second. The minimum frame rate for human vision system is 16 frames per second. [6]. Animations: There is a minor difference in videos and animations and in most cases animations are called videos. Animations are made by computers and different tools. Most of the common tools are Macromedia Flash, Macromedia Director and Swish. Animations are broadly used in web pages, commercial movies and games. [6]. Sound: Sound can be speech, voice, music and audio effects. Usually speech is referred to a living and live sound while voice is

A System for Multimedia Owner Identification Using PIC Muhammad Muneer Umar, Muhammad Hamad Hassan

Research & Development Cell Institute of Information Technology

Kohat University of Science & Technology, Kohat, NWFP, Pakistan [email protected]


10

considered as the recorded non living sound. Sound can be digital or analog. Sound is represented and stored in single dimension [7].

B. Multimedia Security The recent growth of multimedia systems has increased the need for the protection of digital media. In multimedia security we normally try to emphasis on the following security principles Confidentiality: By confidentiality we mean to protect the actual contents of multimedia data from an unauthorized user. For example we want to transmit a very sensitive image or video so there should be a restriction to avoid use of such data by a third unauthorized person. [9]. Integrity: Means that the actual data is not altered by any cracker or hacker. With the advancement in computer applications now it is easy to make changes in multimedia data. Now multiple images or videos can be combined and make the new ones. Authentication: The right person who is allowed to use the data or its owner is called authenticated. The process of identifying the owner is called authentication.

C. Digital Rights Management For assuring multimedia security Digital Rights Management (DRM) system is introduced. DRM is defined as "A system which has the collective set of technologies and policies used to impose rules on how content is being produced, distributed, and consumed". Without DRM, digital content can be easily copied, altered, and distributed to a large number of recipients which can cause revenue and honor loss to media companies by these activities. DRM provides secure delivery over the internet by using protection technology against interception and modification and restriction of the content usage for the end user so user will not be able to tamper the image or video due to data-resistant mechanism [3].

D. Digital Watermarking Digital watermarking is the process of embedding some useful information in coded forms into the under subject multimedia for variety of reasons like copyright protection, copy control, data authentication, ownership identification and multimedia indexing etc. in our system we are focusing on the digital watermarking for ownership identification [4,10]. There is a difference between encryption and watermarking. Encryption is based on key mechanism while watermarking uses marks which are embedded into the image or video. More over encryption forms capsulation of data while watermarking is the embedding process. In watermarking process there is less degradation in the quality of the data due to embedding process.

Encryption Watermarking

• Key mechanism • Capsulated Form • High Random Source Generation

• Mark mechanism • Embedded Form • Less degradation of multimedia quality

Fig. 1 Difference between encryption and watermarking

Watermarking can be classified as visible and invisible. Visible

watermarks are normally useful for copyright protection and are commonly used in paper currency. Invisible watermarking is the process in which we put some data hidden into a multimedia content. A watermark can be fragile of robust. A fragile watermark is used to detect slight changes which can be made by anyone to the data. Robust watermarks are used for copy rights protection. Robustness also leads to survival from all kinds of attacks on the data [11] To implement watermarking system we need to follow these steps

1. Watermark Generation Phase 2. Embedding Phase 3. Extraction Phase

III. PERSONAL IDENTIFICATION CODE (PIC) We use a new approach by putting a maximum of 23 bytes code as a watermark. This code is named as Personal Identification Code. The code can be embedded into the image or video. This code is primarily generated from the name of the owner who wants to embed his ownership identity into the data. The owner has to provide his full name and a small code of maximum 6 digits called User Code (UCode). This small code is used for the purpose to avoid clash in case of same names of the two or more owners. These codes are stored in the database, after the generating process. We define a set of bits used for each alphabet and digit. The number of bits is 6 for each symbol as shown in the table 1 and 2. Space and separator are also given bits patterns. Separator will be discusses later in this paper.

TABLE I SHOWING THE LIST OF ALL BIT PATTERNS FOR

ALPHABETS

Symbol Bits Symbol Bits a 000001 n 001110 b 000010 o 001111 c 000011 p 010000 d 000100 q 010001 e 000101 r 010010 f 000110 s 010011 g 000111 t 010100 h 001000 u 010101 i 001001 v 010110 j 001010 w 010111 k 001011 x 011000 l 001100 y 011001 m 001101 z 011010

TABLE II

. SHOWING THE LIST OF ALL BIT PATTERNS FOR DIGITS

Symbol Bits Symbol Bits 0 011011 6 100001 1 011100 7 100010 2 011101 8 100011 3 011110 9 100100 4 011111 Separator 111111 5 100000 Space 000000

The system can only use small alphabets with blank space and digits. The system does not understand special symbols as there is no need to specify the special symbols in names or UCodes.


11

The length of the PIC is variable and depends upon the length of the owner’s name and the code length. The maximum number of characters in the name are allowed to be less than or equal to 20 and greater than 3 and the UCode should be less than or equal to 6 characters. The maximum size of a PIC is 23 bytes. The PIC structure is defined in the following table 3.

Table III

Bit Sizes of different fields of PIC

Name Separator UCode Separator SCode 120 bits 6 bits 36 bits 6 bits 16 bits

Special Code (SCode) which is 16 bits is used for key purpose. First 8 bits are used to show the initial column number while the rest are used to determine the key row of the image. SCode is generated through a function applied on the name and timestamp of entry. Separator is defined to show the end of the name and the UCode as we already said that PIC is a Variable code in length. We can take two examples of a PIC which are given to ‘muneer’ with UCode 304 and ‘hamad’ with same UCode. The PIC for ‘muneer’ will be as follows. 001101 010101 001110 000101 000101 010010 111111 011110 011011 011111 111111 1010101010101010 The PIC for ‘hamad’ will be as under 001000 000001 001101 000001 000100 111111 011110 011011 011111 111111 1010101010101010 The last 16 bits in both the above strings are generated at run time and depend upon the stored time stamp with the user data in the database. so these 16 bits are only typed for understanding purpose. These bits are not actual according to the system.

A. A. PIC Generation Process The generation process is started by taking the owner’s name and any UCode. The system will first of all check the availability in the database. If there is same entry stored in the database then the process will be restarted by asking the user to change the UCode. Process of initial code (PIC without SCode) generation is illustrated in the follow figure 2.

Fig 2 Initial PIC generation process

A sequence of bits is calculated for the name and UCode using the defined table. Merger is used to merge these two sets of bits. A Separator is also added in between the two to specify the boundary between the two sets of sequences of bits. This merged data and the timestamp of entry is stored in the database if UCode is available for a same name. This code is further merged with the SCode at run time to build a complete PIC.

B. PIC Validation Process The PIC validation process is same as the above by replacing few steps. The data storage process is omitted and a true return is added in the system. The system at the end returns a false in case the entry is not stored in the database and it returns the merged bits and timestamp of entry in case the system founds the entry stored in the database.

C. Special Code (SCode) Generation SCode is the last segment of PIC consisting of 16 bits. SCode is used for key purpose. It is calculated in a systematic way that uses both the owner’s name bits and the timestamp of entry. Timestamp is also converted to bit sequence accordingly. We calculate 4 bits from the timestamp and then rest from the name. Calculation is made in the following steps 1. Divide the month number of the timestamp by 2 and take a ceil function of the result. 2. Convert the timestamp digits into bits according to the defined table. 3. Now take the first bit from the timestamp using the calculated number by counting from left to right. Second bit is taken by continuing counting after the first one. Same calculation is made for the other 2 bits by scanning timestamp bits from right to let using the same calculated number. We need to calculate 12 bits from the name bit. This can be done as. 1. Divide the number of name bits by 12 and take a floor function. This number will be used as increment value. 2. Take the first bit of the name as 5th bit in the SCode. 3. Count from the first bit using increment value and take the 2nd bit from the name bits and so on.

D. PIC Embedding Process Once this initial PIC is stored in the database, the owner needs to submit his full name along with his UCode at next time for verification. The system will first of all check the validity. If the data entered is found valid then the system generates the SCode. A whole PIC is calculated by merging the SCode bits with name and UCode bits. Separator bits are also used to identify the boundaries. The next step is to take the image in which the owner wants to embed his identity. The first and foremost thing is that the image should be enough in size to accommodate these 184 bits in its pixels, one bit for each pixel. we suggest at least 256 x 256 pixels image for best results. Then the coordinate system of the image is calculated and the pixels are determined for embedding data accordingly during embedding process. In our system we use LSB [3] watermarking scheme. We alter the last bit of all the selected pixels of the image. The embedding process will start as Calculate the jump size. Jump is increment value which is used for the next location for embedding. This includes both the rows and columns increment values.


12

W/ =Floor of (Image.Width/184) H/= Floor of (Image.Height/184) Divide SCode into two segments, one for specifying the current row and the other one for current column. W= Decimal of first 8 most significant bits of SCode H = Decimal of first 8 least significant bits of SCode Initialize a counter variable for locating the bits in the PIC array J = 1 XOR function of first most significant bit (MSB) of PIC with the first least significant bit (LSB) of the image at location W, H of image is performed to embed the first bit into the image. LSB(Image[W,H]) XOR PIC[J] Now loop is applied which is used for inserting PIC bits into the image. In this process the current row and column values are incremented by the jump values W/ and H/. In case the current value of either row or column is increased than the image size then the current value(s) are set at the backward positions in the image accordingly. LOOP I =1 to PIC.Length Increment J by 1 Increment W by W/ Increment H by H/ IF H is greater than Image. Height Then H= H – Image. Height [END IF] IF W is greater than Image. Width Then W= W – Image. Width [END IF] LSB (Image [W, H]) XOR PIC [ J ] [END LOOP] Using the above algorithm the PIC code can be successfully inserted into the image. This code is inserted using Exclusive OR (XOR) function. It can be re detected using the same parameters by XOR function.

E. Watermark Detection Process Same procedure is used to detect the ownership of a person. The owner has to produce his name with UCode and the watermarked image. The full name and the UCode is first of all checked in the database for availability and then calculated to build PIC using the entry timestamp available in the database. Once the PIC is calculated, then we need to scan the whole image for the watermarked bit. For this purpose we need to dig out the pixels where the XOR function is made. The location can be easily searched out using the same algorithm of watermark generation with minor modifications. Once again XOR function is applied with the same locations using the calculated PIC. After this process if we get the image equal to the actual image (non-watermarked) then the owner is identified else the given owner details are fake or wrong. The process is show in the following chart.

Fig. 3 Watermark Detection

IV. CONCLUSION AND FUTURE WORK In this paper we presented a new scheme for identification of multimedia ownership. We described the process of watermarking for images but it can be applied on other multimedia types like videos and sound with minor modifications. The system is found successful and produce results with less degradation of multimedia images. Because we use an adopting watermark key mechanism therefore it is difficult to identify the exact location and order of watermarked pixels of the image. Our future work will be to extend our proposed system to sound and videos.

REFERENCES [1] http//en.wikipedia.org/wiki/Multimedia [ last visited on 10 April 2008] [2] http://en.wikipedia.org/wiki/Piracy [ last visited on 12 April 2008] [3] Bechtold, S. “The Present and Future of Digital Rights Management:

Musings on Emerging Legal Problems.” In: Digital Rights Management: Technological, Economic, Legal and Political Aspects, E. Becker W. Buhse, D.Gunnewig, & N. (2003).

[4] Richard Barnett. “Digital watermarking: Applications, techniques, and challenges.“, Electronics and Communication Engineering Journal, 11(4):173–183, August 1999

[5] R. J. Flynn, W. H. Tetzlaff “Multimedia: An Introduction”, IBM Journal of Research and Development, archive Volume 42 , Issue 2 (March 1998)

[6] http://www.adobe.com/aboutadobe/adobeventures/ [last visited on 05 January 2008]

[7] Ze-Nian Li, Mark S Drew, “Fundamentals of Multimedia” , Prentice Hall, 2004

[8] P. Heracleous, S. Nakamura, and K. Shikano, “Multiple Sound Sources Reconition by a Microphone Array-based 3-D N-best Search with Likelihood Normalization.” , in Proc International Workshop on Hands-free Speech Communication, 2001, pp 103–107

[9] Oded Goldreich, “Foundations of Cryptography”, Cambridge University Press, 2004

[10] I.J. Cox, J. Killian, F.T. Leighton and T. Shamoon, “Secure spread-spectrum watermarking for multimedia”, IEEE Trans. Image Processing, vol. 6, no. 12, pp. 1673–1687, Dec. 1997

[11] http://en.wikipedia.org/wiki/Digital_watermark [last visited on 10 April 2008]

[12] Schyndel, R.G., Tirkel, A.Z., Osbome, C.F., “A Digital Watermark”, Proceedings of the IEEE International Conference on Image Processing; Austin, Texas, vol 2, pp. 86–90, 1994.

[13] B. Chen et al, 2001, “Quantization index modulation: A Class of Provably Good Methods for Digital Watermarking and Information Embedding,” IEEE Trans. Inform. Theory, vol. 47, pp. 1423–1443, May 2001.


13

Abstract — Personal authentication is the process of

verifying an individual who is requesting an access to the system concern followed by pool of resources. Various techniques exist for personal authentication system; knowledge-based authentication system that uses passwords or PINs for authenticating users.,Token-based authentication system that uses tokens or smart cards for authentication and Biometrics authentication system that uses physical and behavioral traits of human for authentication. In knowledge-based authentication system, If the user forgets required password or PIN then the system will not be accessed by him. If the password or PIN is shared with someone then the system will be insecure. Token-based authentication system is made more secure by using passwords or PINs in combination with the tokens. In this ever growing and ever-dynamic world old systems of authentication have become outdated. Every individual is unique, while the overall human structure is same. This approach puts biometrics authentication system in a great demand in the constantly updating field of authentication. Though this system is still in its early days but in future it will play a critical role in applications used for authentication. Some quality measures like FAR, FRR, FTE and EER can be used to measure the performance level of a biometrics technique used for personal authentication. Performance level of any biometrics technique is dependent on the environment in which application is deployed.

Index Terms — Authentication, Password, PIN, Token and

Biometrics

I. INTRODUCTION Personal authentication is a system that ensures that the services are being provided to the legitimate user. The recent events of terrorism and theft have invited the organizations to safeguard employees and themselves against the theft of confidential information or property [1]. Both the concept of Knowledge-based and Token-based authentication systems are long in used but they are widely fundamental security concept. If a person can prove that who he is and also knows something that only he could know, it is reasonable to think that a person is he, who claims to be. However, changing environment has forced to adopt new system of security as old security systems lasted for a very short time. For instance, identity theft through forged passports or documents and the skimming of the information encoded in the magnetic strip on the back of plastic cards is now very common. Though some organizations are still persistent with outdated Knowledge-based and Token-based security systems but present day life has proved it almost entirely insecure. Therefore, scientific community comes up with a solution-oriented authentication in the form of ‘biometrics technique’. It is convenient in use, safe and reliable. The scientific community is seriously putting efforts to improve biometrics techniques to be accepted as alternative to other authentication techniques. A biometric system is essentially a pattern-recognition system that recognizes a person based on features derived from a specific physiological or behavioral characteristic that the person possesses [2]. The accuracy of a biometric system is ascertained through a series of tests beginning with an assessment of matching algorithm

accuracy, then assessing performance evaluation in a given scenario, followed by operational evaluation before full operations begin. To perform the evaluation of performance of different biometrics techniques there are different quality measures such as FAR, FRR, FTE and EER.

II. PERSONAL AUTHENTICATION SYSTEM Personal authentication refers to authenticating an individual who is requesting an access to a pool of resources, to use them or update them as desired. The purpose of personal authentication is to ensure that the rendered services are being accessed only by a legitimate user. At the present, the personal authentication system is mainly used at close range, such as for laptops, cellular phones, ATMs, in-house room-entry control, access to safes, and systems operation. But future demands something differently as diversified applications effective for networks to control the access of information, to provide remote personal identification and e-commerce via the internet will be shaped. That’s why efforts on standardization are being made from a global point of view [3].

A. Standard Authentication Systems There are three standard authentication systems, which are basically used to implement principle of authentication. 1) Knowledge-Based Authentication System Knowledge-based authentication system is largely employed for user authentication. Knowledge-based authentication system consists of text-based that uses passwords or PINs and graphics-based authentication that uses graphics for authentication. But here we will focus only on text-based authentication. In knowledge-based authentication system based on Password or PIN, user provides some information to authentication system then the system process this information and suggests that either the user is a legitimate user or not. Many new measures are introduced to improve the security including inserting passwords’ options. By obeying passwords’ options, user will select a password or PIN that will not be predicted by imposters easily. But knowledge-based authentication is not free from errors i.e. it relies heavily on the precise recall of secret information. If a minor error on the part of user is committed during authentication process, the system fails to respond as desired. It would not be easy for the user to remember the password for a long time or sometimes a user may have so many accounts with different passwords. So it would be very difficult to remember all these passwords all the time. To overcome this problem the user will either write his password somewhere or he will share it with someone. By doing so the user has overcome the problem but the uncertainty has been increased [4]. 2) Token-Based Authentication System Token-based authentication requires some unique information, designed personally, called token that he possesses during the authentication process. Each user is registered against that unique token which becomes his Identifying Label of the token in order to verify its verification. Tokens are named as Storage Token and Dynamic Token. In storage token, the stored information is presented to the system for authentication, for instance smart cards and USB tokens. In Dynamic Token, some responses are stored which will be provided to system when the system will ask some questions. But situation demands necessary changes to ensure

Personal Authentication System Using Biometrics Techniques Muhammad Altaf Khan, Muhammad Hamad Hassan

Research & Development Cell Institute of Information Technology



14

No

Yes

unaltered and flawless security for the system. Because in token-based authentication, if same information is provided by the unauthorized user he will also be authenticated as the systems needs only correct response or correct information to verify someone. In Today’s age, Token-based authentication is combined with the knowledge-based authentication to strengthen the security systems. Multifactor token is used to prevent impersonation through theft or loss of token. The most common example of multifactor token is ATM authentication which requires a token (i.e. ATM card) as well as secret knowledge (i.e. PIN) for the user’s authentication [4]. 3) Biometrics-based Authentication System Any physical features; fingerprints, hand, face, iris, retina or voice of humans can be used for authentication. Biometrics is used for both authentication and identification. By and large, biometrics is a stronger means of authentication than other authentication method. Following are the fundamental phases of a biometrics authentication system [5].

a) Enrollment phase During enrollment phase the raw biometrics data is being captured by using some sensors.

b) Feature Extraction phase In this phase, the raw data captured during enrollment is processed by using some efficient biometrics algorithms to locate and encode the distinctive characteristics on which the system operates.

c) Template Creation phase A template is “a small digital file derived from the distinctive features of a user Biometrics data” [5]. A Template is of size from 250 to 1,000 bytes. Template can occur in two forms i.e. “Enrollment Template “and” Match Template”. Enrollment template is generated during the user first interaction with the system and stored in the enrollment database for future use. Match Template is obtained when the user provides his data when he wants to be authenticated.

d) Biometrics Matching During this process the enrollment template is compared with the match template to determine the degree of correlation. The matching process results in a score that is compared against a threshold. If the score exceeds the threshold, the result is a match; otherwise it is considered a mismatch [5]. For the last few years, researches have been conducted in order to strengthen biometrics authentication system in the hope that these will provide more secure alternatives. This research has been triggered by the discovery of many discrepancies in Knowledge-based and Token-based authentication systems. The use of Biometrics for authentication or verification is often regarded as a revolutionary concept, coming straight out of modern thoughts of science. A few glimpses into past reveal that physical or behavioral characteristics for identification existed even in ancient times [6]. In our modern world Biometrics applications are employed in large scale identification systems, where they offer two important benefits: Fraud detection and Fraud Deterrence [7]. Biometrics is being used in many locations to enhance the security and convenience of the society. Example: Deployments within the United States Government include the FBIs IAFIS, the US-VISIT program, the Transportation Workers Identification Credentials (TWIC) program, and the Registered Traveler (RT) program etc. In Fig.1, initially the biometrics sensor recognizes biometrics data from the user and translates into digital signals by the data acquisition module afterwards. Data processing module then

performs the desired processing on that translated digital signals to improve the signals quality by reducing noise and prepare the data for pattern analysis. The pattern analysis module locates the most distinctive patterns of the biometrics data. Templates are generated in extraction module by picking those distinctive patterns found in pattern analysis. The pattern matching module compares the newly generated templates with those in the biometrics database, and calculates match scores or quality scores for final decision. The decision module decides whether there is a match between the matching score and a predetermined threshold. If the match is found, the decision module performs the necessary action (service granted) [8].

Fig.1. Block diagram of Biometrics System [8]

III. STANDARD BIOMETRICS TECHNIQUES A biometrics is any reliable human characteristic that can be measured and used for personal authentication which includes; fingerprints, iris, face, voice, vein identification, retina, etc. But there hardly exists any biometrics module that accurately fulfils all the implementations. So, it calls of considerable preventive measures while implementing a biometrics module including location, security risks, task (identification or verification), expected numbers of users, user circumstances, existing data, etc. A fact remains that biometrics modalities are in different stages of maturity e.g. fingerprints in use for centuries while iris recognition hardly a decade old. Maturity is an indicator proving which modules fits well. Biometrics modules used for personal authentication can iometrics modules used for personal authentication can be divided into two categories

A. Physiological Biometrics Physiological Biometrics is inborn human characteristics that define physical features. It includes: 1) Fingerprint Print A fingerprint is the pattern of ridges and so many very small points called minutia available on the surface of a fingerprint, the information of which is determined during the first seven months of fetal development. Fingerprints of individual twins are different and so are the prints on each finger of the same person. Fingerprints, a century old personal authentication, was first time used in 1888 for identification process by an Argentinean Police officer, Jaun Vucentich. Personal authentication systems based on Fingerprints are proved to be more accurate for verification system and small-to-medium scale identification system involving a few hundred users [9]. Sir Edward, who classified fingerprints,

User Raw Data

Biometrics Sensor(s)

Data Acquisition

Data Processing

Pattern Analysis Pattern

Extraction

Pattern Matching

Decision (Match?)

Service Granted


15

published a book “Classification and Use of Fingerprints”. Macro and Micro are two features of fingerprints identification. Macro-features of the Fingerprints can be seen unaided by the human eye .It includes Ridge Patterns, Pattern Types, Core Point Delta Point, Type Lines and Ridge Count. Micro-features of the Fingerprints include the features which can not been seen directly by the human eye. It includes Ridge Endings, Ridge Bifurcation, Ridge Divergence, Dot or Island, Short Ridges, Orientation, Spatial Frequency and Curvature [4]. Strengths It is a century old authentication security system and has

delivered high accuracy level. Its flexible nature makes it acceptable for a wide range of

environment. Devices used in Fingerprints authentication system are very

user-friendly [7]. Weaknesses In some cases hardware weaknesses and physiological reasons

prevent enrollment of some small number of users [7] Performance of the system based on fingerprints degrades over

time because Fingerprints changes due to many reasons like aging and wear or tear [7].

According to T. Matsumoto, a Japanese mathematician Fingerprints device can be made fool easily by artifacts gelatin fingers [10].

Physiological Biometrics

Fingerprint Face Iris Hand Scan Retina

DNA

Hand Vein Behavioral Biometrics

Voice Scan

Signature Gait

Fig.2. Standard Biometrics Techniques [4] Applications Fingerprints technique is being used by many consumer

electronic devices, personal digital assistant (PDA) and Personal Computers (PC).

The law enforcement agencies are using Automated Finger Identification System (AFIS) for implementing security.

Fingerprints technique can also be employed in applications used for controlling borders of the country.

A national ID card, planned by the U.K government, will be based on fingerprint and iris data [1].

2) Face Print The face of the person is considered to be the most immediate and transparent biometrics modality for physical personal authentication application. 2D and 3D images of a face provides bases for the facial recognition scan for personal authentication. Facial recognition features offer significant images that are different from other individuals. Strengths It can be easily integrated in an environment that already uses

image acquisition equipment. It can also be used to search against static images for example

photographs used on driver license [7]. It doesn’t always require the user’s cooperation to obtain the

necessary data. It is relatively economic module to implement than the other modules like Iris, Retina etc.

Weaknesses While taking snapshots of the face, many other variables are

captured which constitutes an implementation challenge due to which measurements like FAR and FRR of the system are greatly affected.

Privacy of the user is at risk. Another problem with the facial recognition scan is that with the

passage of time FAR increases. Because the facial expression of the user changes significantly with the passage of time. The rate of error in algorithm is 43% to 50% in one year [11]-[12].

Applications Facial recognition scan technique is being used in many places for authentication and/or verification. It includes banks, health care centers, access controls and law enforcements. 3) Iris Print Iris, only internal organ, can be utilized as a biometrics technique, which does not undergo for a longer period of time. It is the best biometrics technique when imaging is done at the distance less than one millimeter. Especially in a case where false acceptance rate is considered to be very low while searching a very large database. Its great mathematical advantage help avoiding many problems as iris pattern varies widely among different persons. As a planar object its image is relatively insensitive to angle of illumination, and changes in viewing angle cause only affine transformations; even the non-affine pattern distortion caused by papillary dilation is readily reversible. Due to its unique annular shape eyes can be easily localized in a face [13]. These features enable iris scan to be more reliable and precise. The uniqueness of iris, discovered in 1987, was later confirmed by two ophthalmologists that no two irises were the same. Strengths Iris recognition is the most accurate means of identification that’s

why it will be widely used for high-security identification by governments and border controls.

Its user acceptance is very high due to its convenient use and non-disturbing nature.

Iris-scanning identification is a fast process. Active participation of people being identified not required.

Weaknesses Image acquisition process requires some proprietary devices and

accurate positioning of capturing devices. So special training is required.


16

Sometimes eye-based authentication represents a discomfort for the users [5].

Applications In May 2004, the UK immigration service started project IRIS,

installing iris recognition systems in the UK’s five major airports. The system will be used to help process visa holders through immigration [1].

In 2002, an iris recognition system was implemented in the infant unit of the Hospital of Bad Reichenhall in Bavaria, Germany. Individuals requiring permission to enter the baby unit, including doctors, nurses and parents, are authorized using the system.

By the end of 2005, the iris recognition patent holder, Iridian Technologies, planned to introduce a chip that could be incorporated into laptops, PDAs and other handheld devices. The chip would be low cost and of small size. When used in conjunction with a small digital camera, the chip would provide a basic iris recognition control system. Experts predicted that these chips would bring down prices and make iris recognition an affordable identifier for handheld devices.

4) Hand Print Hand scan authentication works on extraction on hand pattern that includes parameters such as length of fingers, width, thickness, curvatures, or relative location [15]. CCD camera is the device that captures all these information and infrared illumination. Ordinary and somewhat needless details are neglected during capturing above features. Inter-finger pegs or locator pins are used to force the specific hand positioning. Strengths It includes Small template size of hand scan makes it very useful

for personal authentication system involving very small target samples (such as 500 users).

This technique is simple, easily used and cost effective. Its market share, according to 2004 survey, is above 11%. From the user perspective, it is considered to be non-intrusive. Physiological characteristics involved in this technique are

considered to be more stable then other biometrics. Weaknesses According to Organization and Technology Research Group

(OTR) this technique is of limited accuracy and the ergonomic design limits usage by certain population [1].

Applications Right from 1993, above 18000 employees are authenticated by

this technique in San Francisco’s international airport [1]. It has been implemented for a frequent traveler programme at Tel

Aviv’s Ben Gurion airport and for the US immigration and Naturalization Service Passenger Accelerated Service System (INSPASS) programme which operates at nine US airports [16].

5) Retina Print This technique, used for Identification /Authentication, works on the distinctive features of the human retina. This technique, least used in the field of Biometrics, restricted merely to government and military facilities. Its difficult use and users’ discomfort have made it unpopular irrespective of its high level of accuracy. [5]. 6) DNA Print DNA (Deoxyribonucleic acid, the molecule that encodes genetic information) is a true biometrics technique. It is relatively a new technique that relies on the analysis of DNA sequences for identification and authentication. Strengths Very soon requirements needed for the DNA sampling will

become affordable and small in size. Mobile DNA labs are likely

to appear as a significant step towards real-time processing of DNA samples.

Thoughtful future predictions indicate that it will emerge as a major component of future personal authentication systems used for criminal justice system [17]

Weaknesses DNA matching is not done in real time, and currently not all

stages of comparison are automated. DNA matching does not employ templates or feature extraction,

but rather represents the comparison of actual samples Applications In the UK, forensic scientists tend to use DNA to link

a person to a crime scene sample reliably. The UK National DNA Database, established in 1995, is an

important tool in the fight against crime and fear of crime. 7) Vein Print This technique is still experiencing development phase and has not attained maturity but its unmatched, high accuracy has made it an integral part in commercial products like VeinID. It is non-intrusive to the user.

B. Behavioral Biometrics Behavioral biometrics includes the following traits of human: 1) Voice Print Vocal tracts, mouth, nasal cavity and lips constitute the shape and science of the appendages of an individual Voice. Age factor, medical condition and emotional state are some of the reasons that change voice considerably. Voice, A non distinctive feature, may not be trusted for large scale identification. A Voice authentication system could either be a Text-dependent or Text-independent. A text-dependent voice authentication system is based on the statement of a fixed predetermined phrase. A text-independent voice authentication system recognizes the speaker. In a Text-independent speaker authentication system we don’t need to provide the password. The words that are spoken by the user will only be processed. While in a text-dependent speaker authentication system password is required. Text-independent speaker authentication does not see what the speaker speaks. Therefore a text-independent system is more difficult to design than a text-dependent system. As for as security is concerned, text independent system is more secure against frauds than text-dependent speaker authentication system [14]. Weaknesses Voice recording is affected by a number of factors; background

noise is one of them. Voice capturing devices are absolutely critical for gathering accurate data. Though voice authentication system best suits in phone-based applications but microphones in communication deteriorate the quality of voice signals.

Due to the large size of Voice templates it is not suitable for many applications [14].

Applications In the mid-1990s, most of the voice recognition systems used

software to recognize person’s voice and the words spoken. In late-1990s this technique was used in call centers for

verification of speaker. Interactive voice response (IVR) systems predicted by the

Organization and Technology Research (OTR) Group in 1999 [1]. IVR systems used with a touch-tone keypad to provide automated self-service offerings to customers. It is mostly adopted by call centers.


17

2) Keystroke (Typing Pattern) Print Typing pattern of a person, assisted by traditional password scheme, is used for authentication and identification. It does not require any additional equipment as all the data entered through keyboard. But all the discrepancies of password-based system have been inherited by the system. [5]. 3) Gait Recognition It is a new biometrics concept presented for personal authentication. It is based on the analysis of the “rhythmic patterns associated with walking stride” [5] of a user. It is intrusive therefore It would be dislike by the user because it violates the privacy concerns. 4) Electronic Signature Print The user’s hand written signatures are used in this technique for authentication and identification of a user. So it is non-invasive to the user and unlike other Biometrics Technologies it can be changed by the user.

IV. QUALITY MEASURES FOR BIOMETRICS TECHNIQUE Reliable performance and recognition are the ultimate supreme measures of the utility of the biometrics systems for a specific application. Recognition rate is generally ascertained by the following terms False Rejection Rate (FRR) FRR also known as Type-1 error. It is the probability that a user’s verification template is not matched with his enrollment template [4]. So it is likelihood of a valid user not being recognized. It is calculated as

tionAuthentica ul UnsucessfMatch User OfNumber (n)MatchUser' =teAuthentica toAttempts s'Match User ofNumber )( =nMatchUser

)........().........(/)(')( AnMatchUsernMatchUsernFRR = 1nfor =

(B).............................. Match User / Match User FRR = If we generalize the formula, we get

∑=

−−−−−−−×=N

n

nFRRNFRR1

)1()(/1

Where “N” represents total population of users and “n” represents the users, presenting their biometrics for authentication. The strength of the FRR is the robustness of the algorithm. As the matching algorithm will be more accurate probability of false rejection will be less. False Acceptance Rate (FAR) FAR also known as Type-II error is the probability that a system will match a user’s verification template with the enrollment template of other user” [4]. It can be understood as the likelihood of an imposter being recognized as an authenticated user. In general it is the most critical security metric, as it is imperative in most application to keep the imposters out. It is calculated as

tionAuthentica false Successful Imposters ofumber (n) er'NonMatchUs N=tedAuthenticafalsely toAttempts imposters ofNumber er(n)NonMatchUs =

.....(A)(n).......er NonMatchUs(n)/ er'NonMatchUs (n) FAR =

1nfor = E).........(..........er........NonMatchUs / er'NonMatchUs FAR =

If we generalize the formula, we get

∑=

−−−−−−−−−−−−−−−−−×=N

n

nFARNFAR1

)2()(/1

Where “N” represents total population of users and “n “represents the users, presenting their biometrics for false authentication. The importance of the FAR is the strength of the matching algorithm. As the algorithm is stronger, the chances of false authentication will be less. Failure to Enroll (FTE) The FTE is defined as the probability that a user attempting to biometrically enroll himself/herself will be unable to do so [4]. The FTE is normally defined by minimum of three attempts. This is justified by the Rule of Three. The Rule of Three in this case provides us with a confidence level for a given error rate for our FTE. It also assume that each attempt to enroll is independent, identically distributed and that the used population is significantly large enough. Thus FTE can be calculated as

Events Enrollment ful UnsuccessofNumber (n) Event' = Events Enrollment ofNumber Total (n)Event =

.(A)..........(n).......Event (n)/ Event' (n) FTE = 1nfor =

)...(............................../' BEventEventFTE = If we generalize the formula, we get:

∑=

−−−−−−−−−−×=N

1n

)3()( 1/NFTE nFTE

The strength of FTE is the amount of coverage for the population that the biometrics system has. The More coverage the biometrics system has, the less likely that a user will experience an FTE. Equal Error Rate EER The EER is defined as the crossover point on a graph that has both the FAR and FRR curves plotted. The EER can also be calculated from a Receiver Operating Characteristic (ROC) curve, which plots FAR against choice of using the crossover point of the FRR / FAR or using a ROC is a question of significance. An EER calculated using the FRR and FAR is susceptible to manipulation based on the granularity of threshold value. A ROC based EER is not affected by such manipulations because the FRR and FAR are graphed together. Thus, the EER calculated using a ROC is less dependent on scaling. To calculate the EER using the FRR/FAR crossover, the following is done: for any given threshold value from 0 to 1, respective FAR and FRR are calculated and plotted on the same graph. Since the granularity used for the values between 0 and 1 can be selected, this introduces the possibility of manipulating the results. The EER will occur at the point where the two lines of FRR and FAR will cross the each other.

Fig. 3 ROC-curve showing FRR Vs FAR [18]

The strength of the EER is that it gives a comparison of different biometrics systems. Procedure for using the ROC-curve to judge performance in a particular application is as follows. Choose an acceptable level of FAR. On Figure shown below a dashed line is shown at 0.1% FAR. The FRR corresponding to this choice is the attainable FRR, in this example about 1.6% [18].

(1)

(2)

(3)

(4)

(6)

(7)

(8)

(9)

(5)


18

Modification to the parameters of the system, especially the threshold value, allow to lower either FRR or FAR but unfortunately not both at the same time as research conducted by the BWG has shown that there is inverse relationship between the two criteria [14]. This is why many available systems tolerate enormous FRR just to keep the FAR as low as possible. The identifying method based on pattern information must find a compromise between FAR and FRR. Test Results The Biometrics World Group (BWG) has conducted a large-scale comparative test [14]. Over a period of 3 months, a volunteer crew of slightly over 200 participants has used authentication systems based on 7 different biometrics technologies in a normal office environment. The test was back in late 2000, but it is still widely referenced in the biometrics community. Except for retina scanning (difficult acquisition process, limits it mere military use) and DNA matching (isn’t fully automated and in experimental stages), all physiological biometrics mentioned above have been tested. In the following, we present the most important results. The data is cited from the final Test report [15]. For more detailed results and an exact description of test scenario and methodology, please refer to the report.

TABLE I FAILURE-TO-ENROLL RATE [15]

System Failure-to-Enroll Rate

Face 0.0%

Fingerprint-chip 1.0%

Fingerprint – Optical 2.0%

Hand 0.0%

Iris 0.5%

Vein 0.0%

Voice 0.0%

TABLE.2

FAR VS FRR [15]

System FAR 0.001%

FAR 0.01%

FAR 0.1%

FAR 1.0%

Face -- FRR 40%

FRR 30%

FRR 15%

Fingerprint-chip

FRR 2.7%

FRR 2.3%

FRR 2.1%

FRR 1.7%

Fingerprint – Optical -- FRR

16% FRR 12%

FRR 10%

Hand FRR 13%

FRR 9.0%

FRR 1.2%

FRR 0.25%

Iris FRR 0.25%

Vein FRR 13%

FRR 13%

FRR 12%

FRR 10%

Voice FRR 12%

FRR 4.5%

FRR 0.5% --

We can conclude from the above-mentioned Table.1 and Table.2 that iris scanning and capacitive fingerprint systems achieve good overall performance. Unfortunately, those technologies appear to have the highest failure-to-enroll rates. One percent does not seem

to be much, but in a company with 500 employees, it means five of them won’t be able to enroll an alternative authentication method would have to be provided, raising cost and potential security problems. It will be interesting to see whether improved acquisition devices and algorithms will be able to overcome this problem in the near future. Another test conducted in 2001 by a UK-Based National Physics Laboratory, which is a national standards laboratory in measurement and materials science. It tested various biometrics systems. Six biometrics systems were evaluated: face, fingerprint, hand geometry, iris, vein and voice. These were tested with 200 volunteers over a three-month period. The objectives were to show the level of performance attainable [1]. The test results, shown in Fig.4, demonstrate that iris recognition is the most accurate biometrics method as it had:

0

1

2

3

4

5

6

7

8

9

10

Iris Hand FingerOptical

FingerChip

FacialRecog

Failure to EnroleRate

Failure to AcquireRate

False RejectionRate

False AcceptanceRate

Fig.4. Biometrics Systems False Error Rates [1] Courtesy: UK-National Physics Laboratory

Zero FAR in over 2 million comparisons (2,735,529

comparisons), A 0.0% FTE rate. The failure-to-acquire rate is the proportion of

attempts for which a biometrics system is unable to capture an image of sufficient quality from a person,

A FRR of 1.8%, the lowest of all the technologies tested, in comparison, four of the

V. CONCLUSION AND FUTURE DIRECTIONS Personal authentication has become a dire need for organization not only to cope with security threats but also to develop policies, procedures and mechanisms in order to provide administrative, physical and logical security. Whatever the authentication technique is employed, the main objective is to gain increasing level of assurance of valid users and to abandon the imposters to access the system. Knowledge-based authentication system is very effective for a number of authentication applications but since passwords are liable to be forgotten or stolen that reduces their credibility. Tokens may be used for personal authentication. The

%


19

level of security is increased in this technique by adding password/PIN with tokens called multi-factor token. Again problems related to password/PIN are inherited in token-based systems. Proved by experiments, strong biometrics authentication systems ensure reliable and considerably high level of security in comparison to any other technique being used for authentication. Environment is the key-factor for the importance and strength of biometrics technique. Therefore, this misconception must be completely eradicated that biometrics techniques produce the same level of performance and accuracy in all environments and application. On the whole, fingerprints and Iris for personal authentication systems are convincing their users for their high degree of conviction. The performance of any biometrics technique can easily be measured by the quality measures i.e. FAR, FRR, FER and EER. As the probability of FAR decreases the probability of FRR will be increased. According to the research done by BWG, there is an inverse relationship between FRR and FAR. Therefore the personal authentication system used for a higher secure environment tolerates on FRR by keeping FAR as low as possible. The fact cannot be overlooked that maturity level and use of other authentication system is greater than the biometrics system. But the coming events predict that soon individuals and organizations will be significantly relying on the improved biometrics acquisition algorithms and techniques and the availability of industry standards, which will guaranty the bright future of biometrics. Biometrics provides a good trade-off between security and user convenience, so future personal authentication systems will be the mixture of different technologies like token and biometrics for instance Bio-smart cards.

REFERENCES

[1] http://www.otr-group.com/Biometrics Authentication Devices.pdf, OTR Group members, Version 1.0, 2005.

[2] Salil Prabhakar , Sharath Pankanti, Anil k. Jain , “Biometrics Recognition: Security and Privacy Concerns”, IEEE Security & Privacy, March 2003.

[3] Seto Y, “Activities for Standardizing Biometrics Technologies”, In Proceedings of symposium, IEICE’s ,Tokyo, May 2002.

[4] Paul Rovage, “Biometrics and Network Security”, Pearson Education, 2004.

[5] Uwe Bubeck, Dina Sanchez,” Biometrics Authentication : Technology and Evaluation”, Term Project CS574, 2003.

[6] Ashbourn, Julian, “Biometrics: Advanced Identity Verification”, Journal of Springer, London, 2000.

[7] Nunavuti, Samir et al,”Biometrics: Identity Verification in a Networked World”,Wiley Computer Publishing, New York, 2002.

[8] Yingzi , Eliza.Du, “Multimodal Biometric System Using Low-cost Sensors”, MURI Mentors Project Proposal Form for Fall, 2006.

[9] Anil K. Jain, Arum Ross, Salil Prabhakar, “An Introduction to Biometrics Recognition “, IEEE, 2004.

[10] Matsumoto, Tsutomu, “Importance of Open Discussion on Adversarial Analyses for Mobile Security Technologies”, Yokohama National University, 2002.

[11] A Pentland and T. Choudhury, “Face recognition for smart environments,” Computer, vol. 33, no. 2, pp. 50–55, 2000.

[12] P. J. Phillips, H. Moon, S. A. Rizvi, and P. J. Rauss, “The FERET evaluation methodology for face-recognition algorithms,” IEEE Trans. Pattern Anal. Machine Intel, vol. 22, no. 10, pp. 1090–1104, 2000.

[13] John Daugman,”How Iris Recognition Works”. IEEE Transactions on Circuits and Systems for Video Technology, Vol. 14, No. 1, January 2004.

[14] Mansfield, T. et al, "Biometrics Product Testing Final Report", UK Biometrics Working Group, 2001.

[15] A.K. Jain, R. Bolle, and S. Pankanti (Eds.), “Biometrics: Personal Identification in Networked Society”, Norwell, MA: Kluwer, 1999.

[16] http://www.jrc.cec.eu.int. [17] J.Elliott,“Biometrics roadmap for police applications” [18] Lawrence O’Gorman, Veridicom Inc. “An Overview of

Fingerprints Verification Technology”. Elsevier Science Ltd, 1998.


20

Abstract — Agent oriented software engineering is the rapid development area in distributed computing. Securing agent platform is the limelight research area. Several aspects of security have been the major focus of research community e.g. attacks from one agent to another, from agent to platform, from platform to agent. Less focus has been given to securing the services provided by one agent and securing them at Directory Facilitator (DF). Managing security at service level will be the motivating factor in this research issue. Providing security at service level will enhance interoperability regarding platform independence. Direct & indirect security concern to agent will be addressed. This paper propose an authentication & authorization approach in which some form of public key infrastructure (PKI) & operating system concept of sand box will be utilized for direct & indirect security concern respectively.

Index Terms — Distributed Computing, Multi-Agent

System, Security, Authentication, Interaction Protocol

I. INTRODUCTION Distributed systems are relatively autonomous building blocks which work together to achieve some overall objective. This notion of autonomy and synchronization are the basic of any distributed systems. Multi-agent Systems (MAS) can be thought of as distributed systems, composing of number of software agents, to work together in achieving some common goal that otherwise might be in not reach of individual agent. Implementation and operation of secure services running on a multi-agent system might leads to many challenges. Simple rule at security will be to mark out the authentication & authorization mechanism will be detach, keeping in view that both are inter-related to each other e.g. authentication sometimes need authorization list to validate the request [1]. The fact that security is the most vital and concerning issue is due to that no consideration has been done in providing no security requirement in the abstract architecture and various component details. Only little work has been carried out to integrate security concerns into an agent-oriented methodology [7]. All the necessary definition has been provided by FIPA neglecting the security either for the platform developers or for the security experts.

II. BACKGROUND AND RELATED WORK There are several reasons why the security had been the most ignore characteristics in the MAS domain. Security is usually not taken as a central concern in most implementations either because systems are usually deployed in controlled environments, or because they take the one-to-one tutoring approach, not requiring strict security measures [2]. Security is very complex and secure systems can only be developed by security experts and not by agent system developers [3]. Many think that security should be provided as part of the application

software and can be tolerate able in agent architecture. Heterogeneous applications and platform implementation adds the motive behind having standard specification for security by FIPA. Security concern can be categorized as direct and indirect as follows [4]:

A. Direct Security Concern Lack of authentication: an agent can masquerade as another agent

B. Indirect Security Concerns • Authorization problems/lack of access control:

o a masquerading agent is authorized to change another agent’s published service description

o any agent can also read any service provider agent’s entry in the DF.

III. DESIGN & IMPLEMENTATION FIPA model helps in moving towards interoperability and globalization of agent industry. Platform to platform communication is the major consideration in proposing all the specification. High level security will not only limit the agent interaction with other agent especially the external platform communication will be reduced, which will be a break FIPA dream about interoperability. It is indispensable to deploy such mechanism that will be supported towards FIPA abstract architecture and boost agent interaction. One of the main threats in MAS is the lack of accountability, which help malicious agent to personate himself as some other agent. Two security choices has been proposed i.e. first one deals with providing authentication mechanism through DF, second will describe the authorization mechanism in DF.

A. Authentication via DF Main issue revolving behind agent grooming involves is that there is no one accountable in case of any misbehavior. Software can be pram, deployers of the MAS software can be thought of as dishonest. This all contribute in hesitant usage of MAS frequency. To overcome this issue of spoofing we have to make agent accountable and make agent some kind of unique id for identification purpose. This all means that we have to authenticate agent before they can be allowed any request. Several mechanisms have been adopted by research community for authentication purpose varying from Kerberos to some kind of digital signature. Our architecture shows some similar kind of key based authentication encompassing various algorithms for privacy & integrity purpose (Fig. 1). Whenever new agent come into the platform and wishes to communicate, a pair of key and content will be generated. This content is the ACL message an agent wishes to communicate. Key generation process will be some kind of centralized scheme. That encrypted key and content will be processed through MD5 algorithm and this whole message with

Securing Services in Multi-Agent Systems Zeeshan Iqbal 1, Amjad Mehmood 1, Muhammad Hammad Hassan 1, Abdul Ghafoor 2,

1 Research & Development Cell Institute of Information Technology

Kohat University of Science & Technology, Kohat, NWFP, Pakistan 2 NUST Institute of Information Technology Chaklala Scheme III, Rawalpindi, Pakistan

zn [email protected], amjadiit [email protected], [email protected], [email protected]


21

new header will be transmitted to DF. DF will parse this receiving message and here the validity of the message content will be analyzed. If secure communication is performed that message will be break down into again a pair of key and content. The DF will perform the requested action by the agent. The key with that content will be stored along with that content for future accountability and making that agent liable for his action.

B. Authorization via DF In order for the agent to be more robust and interactive with the environment in moving towards the interoperability between agents, they should be deployed in a secure sand box [6] [8] environment. In this, an untrusted agent is run under the control of a supervisor agent i.e. DF that traps and examines its entire request. The supervisor agent may accept or reject the attempted action according to some security policy, the user agent must provide a mandatory access control (MAC) list that specifies the object that the untrusted program is allowed/ not allowed to access. For all this policy to be managed we have to provide agent with some form of authorization mechanism, which will be done in case of no authentication or some top level authentication for the agent to enter into the MAS platform. These permissions will be granted by supervisor agent, in this case DF. Providing security mechanism will help us in not only preserving the abstract architecture but we can also negotiate security at interaction layer [5]. This gives us the advantage of not forcing security on all type of communication.

IV. CONCLUSION & FUTURE WORK Our proposed solution outlined an extensive framework for agent authentication and authorization provision. DF will be enhanced in order to address the direct & indirect threat security threat evading. Still there are many loopholes in the security requirement to attract major development in the field of MAS. Simplification and trust creation among agent and various components of MAS will provide the guideline for our future work.

V. ACKNOWLEDGMENTS The author gratefully acknowledges his teacher Abdul Ghafoor for his continuous technical support and encouragements. Thank you.

REFERENCES

[1] Somchart Fugkeaw, Piyawit Manpanpanich, Sekpon Juntapremjitt, Multi-Application Authentication based on Multi-Agent System, Proceedings of IAENG International Journal of Computer Science, 33:2, IJCS_33_2_6

[2] Carine G. Webber, Maria de Fátima W.P.Lima, Marcos E.Casa, Alexandre M.Ribeiro, Towards Secure e-Learning Applications: a Multiagent Platform, JOURNAL OF SOFTWARE, VOL. 2, NO. 1, FEBRUARY 2007

[3] Poslad, S., Calisti, M., Towards improved trust and security in FIPA agent platforms. Proceedings of Autonomous Agents 2000 Workshop on Deception, Fraud and Trust in Agent Societies, Spain, 2000

[4] FIPA Security Work Group Request For Information (RFI), FOUNDATION FOR INTELLIGENT PHYSICAL AGENTS

[5] Zeeshan Iqbal, Amjad Mehmood, Abdul Ghafoor, H. Farooq Ahmed, Awais Shibli, “Authenticated Service Interaction Protocol for Multi-Agent System” HONET 2007, Dubai, UAE. 18-20 November 2007.

[6] http://www.kernelthread.com/publications/security/sandboxing.html visit on 22 March 2008

[7] H. Mouratidis, P. Giorgini, and G. Manson. Modelling Secure Multiagent Systems, in the Proceedings of the 2nd International Joint Conference on Autonomous Agents and Multiagent Systems, Melbourne-Australia, July 2003

[8] H. Mouratidis, M. Weiss and P. Giorgini. Modelling Secure Systems Using an Agent-Oriented Approach and Security Patterns, International Journal of Software Engineering and Knowledge Engineering, World Scientific (accepted for publication - in press)

Fig. 1: Underlying Mechanism for authentication of agents involving different algorithms for privacy & integrity


22

Abstract — DoS and DDoS attacks are used to prevent the

legitimate users to access the available services on a computer network by overwhelming available resources required for service access. Preventing DoS and DDoS is a challenging task, as it exploits vulnerabilities within the existing Internet architecture. In this paper, several forms of DoS and DDoS attacks and the current prevention mechanisms are analyzed. At the end a multi-layered distributed source end DoS and DDoS prevention model is proposed.

Index Terms — DoS, DDoS, Egress, Ingress

I. INTRODUCTION Dependence of society on computers in business, education, governance, national security and almost all walks of life is increasing each day. It is not enough to prevent the computer systems and networks from Viruses, Worms, Trojan horses, Logic bombs, Trap doors etc, but in addition it must also be tried to design a new mechanism that deals with the alarming threat from the Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks as shown by statistics in Figure 1. DoS and DDoS attacks can put governments out of contact with the outside world, businesses out of the market, and provide attackers a chance to launch attacks against anyone for fun or ransom or for political reasons. Mostly, attackers attack for fun sake such as the targeted attacks on several well known websites including Yahoo and Google [5] in June 2004. There were also instances when DoS and DDoS attacks were for political motives such as; US military and NASA security was breached by the British hacker Gary McKinnon in 2001 and 2003 [2]; more than 600 Danish websites were under DDoS attacks due to the blasphemous cartoons during 2005/06 [1]. In some cases, such as the Al-Jazeera attack in 2003, the attackers increased the volume of attack as the defenders added capacity to handle traffic.

Fig. 1 DDoS Cost for Victim Organizations [7]

These show that attackers can easily increase the attack strength when necessary, so the measured attack magnitudes have more to do with what the attacker feels is required than with the maximum amount that he or she can generate [4]. According to the 2004 Computer Crime and Security survey report by CSI/FBI, DoS and DDoS attacks are the most expensive attacks for the victim organizations, as shown in Figure 1. A Denial-of-Service (DoS) attack is characterized by “an explicit attempt by an attacker to prevent legitimate users from using service(s)” [6]. Distributed Denial of Service (DDoS) attack is an amplification of DoS attack by launching it from the simultaneous collaboration of many compromised computers called zombies that are scattered all over the Internet. There are many ways to perform DoS attacks. Some examples are exploiting a flaw in application software, or a protocol like TCP or UDP running on the remote system, or by sending a huge number of packets that affect the bandwidth, processing usage or the memory of the remote attacked-system. These attacks consume the resources required for service access, thus denying that service to legitimate users. In DDoS attacks, attackers use many insecure systems on internet as sources for launching Distributed attacks. In the case of Figure 2, the attacker is only directing the zombie systems to launch the attacks thus preserving its bandwidth and other resources while making the attack much deadlier. These zombie computers might have weak processors with limited bandwidth but their collective effect is stronger than any single super machine. DDoS attacks are more dangerous than the DoS attacks. Firstly, because the identity of the attacker can remain completely hidden even if, thousands of zombie systems are identified. Secondly, because it is very easy to make systems get compromised, even with the tools freely available on many hacking websites and the underground communities. Once the attacker has launched the attack, he or she can then disconnect, leaving the zombies or the agents to carry on the attack. The DoS and DDoS attacks analyzed in section 2 of this paper are TCP SYN Flooding, ICMP Ping Flooding, ICMP Smurf attacks and UDP Flooding attacks. Since these are the common DoS and DDoS attacks used for denying a service on internet, therefore, the effects of these attacks were analyzed on the victims’ machine by writing application programs for launching the attacks using POSIX API. All these four attacks exploit vulnerability in a protocol of TCP/IP protocol stack. Earlier researches proposed several research models for countering DoS and DDoS attacks. The four famous models are analyzed in section 3 of this paper. Finally, based on the studies of these research models, a DoS and DDoS attack prevention model that employs a layered architecture on edge routers is proposed which removes the shortcomings in the earlier models discussed.

DoS and DDoS Attacks; Analysis and Prevention Shah Mahmood1, G. Mubashar Hassan1, M. Hamad Hassan3

1Department of Computer Systems Engineering N-W.F.P University of Engineering & Technology, Peshawar

2Research & Development Cell, Institute of Information Technology



23

Fig. 2 DDoS Attacks [8]

II. ANALYSIS OF SOME DOS AND DDOS ATTACKS

A. Test Environment: In this section four DoS and DDoS attacks are analyzed in a home network of three systems. All the three systems had processors of 1.6 GHz and memories of 256MB each. Two of the systems running Linux were used to attack, a third system running windows 2000. The firewalls were enabled; all the software and the operating systems were fully patched and updated. The attacks were coded using C language with the help of POSIX API.

B. TCP SYN Attacks: TCP SYN attack is caused as a result of the architectural flaw in the TCP connection establishment. TCP, as described in [22], follows a three way handshaking mechanism for connection establishment as follows: 1. System A --------- (SYN) ------ System B 2. System A --- (SYN + ACK) ----System B 3. System A ------ (ACK) ---------- System B Now if System A spoofs its IP and keeps on sending TCP packets with the SYN flag set, then System B will keep on reserving space for incoming packets in the backlog queue (till the limit exceeds) and will be sending SYN + ACK to some other system which will simply drop the packets if alive. The SYN flooding will cause a severe processing loss for the victim computer. When one attacker was attacking the victim using its full processing power, the victim had to use 75% of its processing power to cope with the attack as shown in Figure 3. When the attack was stopped, the victim’s processor usage dropped down to 0%. Afterwards, when the attack was made distributed and two systems were attacking the victim, the victim’s processor usage rose up to 99% as shown in Figure 4

Fig. 3 TCP SYN attack on victim by one attacker

Fig. 4 Distributed TCP SYN attack on the victim

Table 1 shows the ethereal network statistics on the victim machine under a distributed TCP-SYN attack by two attackers.

TABLE I NETWORK STATISTICS FOR DISTRIBUTED TCP SYN

FLOODING

C. ICMP Ping Attacks: These attacks also exploit a vulnerability in ICMP protocol [23], used for carrying error and control messages back to the sender of an IP packet. The attacker floods the victim with ICMP ECHO_REQUEST packets; having a spoofed source-IP. The victim responds with ICMP ECHO_REPLY with the spoofed IP address as the destination. The continuous flooding of ICMP ECHO_REQUEST packets fills up the IP buffer thus leaving no space for legitimate IP packets. When one system attacked the victim with its entire processing power, the victim’s 52% processing power was used handling the attack as shown in Figure 5. The results show a big difference compared to the TCP SYN attacks. This is because TCP is a connection oriented protocol and the state is maintained, besides, it needs to be processed up till the transport layer. On the other hand the ICMP is a Network-layer protocol, thus requires less processing. When a distributed ICMP Ping attack was launched the victims’ processor usage went up to 93% as shown in Figure 6.

Fig. 5 ICMP Ping Attack on the victim by one attacker

Fig. 6 Distributed ICMP Ping Attack against the victim

Table 2 shows the ethereal network statistics on the victim machine under a distributed ICMP Ping attack by two attackers.

TABLE II

NETWORK STATISTICS FOR DISTRIBUTED ICMP PING ATTACK

D. ICMP Smurf Attacks: ICMP Smurf [24] attacks are reflexive attacks in which the attacker sends many broadcast ICMP ECHO_REQUEST packets with the source IP spoofed with the IP of the victim. The destination address in the ICMP ECHO_REQUEST is a directed broadcast address that is sent to all the nodes on the IP subnet, causing all nodes to reply with ICMP ECHO_REPLY packets addressed to the victim. Thus, Smurf attack sends a moderate amount of traffic and causes a virtual explosion of traffic at the attacked subnet as shown in Figure 7.


24

When an ICMP Smurf attack was launched on a network of three systems, only 27% of the victim’s processing power was used as shown in Figure 8. If it was a network of 500 systems the results would certainly have been quite different. The table 3 shows the ethereal network statistics on the victim machine under an ICMP Smurf attack by two attackers.

E. UDP Flooding Attacks: UDP [25] is a connectionless protocol unreliable transport protocol used by time-sensitive applications. In UDP-flooding, the attacker uses forged packets to try and connect the chargen-UDP service to the echo-UDP service at another site. UDP-flooding [10] overflows the UDP receive-buffer leaving no space for legitimate UDP datagrams. When the single attacker was attacking using 4 % of its processing power the victim was using 25% of its processing power as shown in Figure 9. When a distributed UDP Flooding attack was launched against the victim, it used 43% of its processing power as shown in Figure 10. Table 4 shows the ethereal network statistics for UDP Flooding on the victim machine.

F. Combined effect of all four attacks: A distributed attack comprising of all the four types of attacks was launched and the results were amazing. The victims 100% processing was used due to the attack, as shown in Figure 11. Table 5 shows the network statistics, captured at the victim machine for the Distributed combined flooding attack by two attackers.

III. PREVENTION MECHANISMS Several prevention mechanisms have been used and are proposed for DoS and DDoS attacks. Some of them will be discussed in this section with their respective advantages and shortcomings.

A. Ingress and Egress Filtering: Ingress filtering explained in [10] is used to make sure that incoming packets are actually from the networks that they claim to be from, otherwise they are discarded, hence providing a defense against source IP spoofing. Ingress filtering also helps in ensuring that traffic is traceable to its correct source network. It is better explained in Figure 12. In this example attacker resides within network 9.0.0.0/8 and connects to internet through ISP D. An input traffic filter on ingress input link of router 2 restricts traffic to allow only traffic originating from the source address within the 9.0.0.0/8 prefix. As Ingress filtering reduces the success of spoofing the source address, but it can not stop an attacker from using a spoofed source address of another host within the allowed range of the filter. Thus, even in the case of a spoofing attack, the administrator can be sure that the attack is occurring from within a specified range, and in the worst case can block all the addresses in the range [10]. The main problem with Ingress filtering is that it can not help prevent DoS attacks launched using non-forged IP address. Another problem is that the network needs to know which IP addresses it is connected to, but it is not always possible, because if a network has a single connection to the internet then it has no way of knowing whether this address is spoofed or not i.e. a router at the edge-network configured with the default route has no way of knowing the networks it is connected to.

Fig.7 ICMP Smurf Attack [9]

Fig. 8 ICMP Smurf attack in a three system network

TABLE III

NETWORK STATISTICS FOR ICMP SMURF ATTACKS

Fig. 9 UDP Flooding attack on the victim by a single attacker

Fig. 10 Distributed UDP Flooding attack

TABLE IV

NETWORK STATISTICS FOR DISTRIBUTED UDP FLOODING

Fig. 11 DDoS attack comprising of all four attacks

The concept of Egress filtering is to allow only those packets to leave your network that contain an IP from your internal network as the source IP [12]. If all routers at the border of edge-networks are configured with Egress filtering then no spoofed denial of service attack will be launched from any network, thus the cyber world


25

would be much more secure. Like Ingress filtering, Egress filtering also cannot protect against non-forged DoS and DDoS attacks.

B. TCP SYN Prevention Mechanisms: A detailed account of defense against TCP SYN attacks is given in [11]. 1) Increasing the size of Backlog Queue: One suggested prevention mechanism is to increase the backlog queue (a large memory structure used to handle incoming packets with the SYN flag set until the moment the three-way handshake process is completed). This way the system would be able to manage more half-open connections. The problem with increasing the backlog queue is that its size remains finite no matter how large it is, and this finite size would eventually get filled with illegitimate half-open TCP connections.

TABLE V NETWORK STATISTICS OF COMBINED ATTACKS

Fig. 12 Ingress Filtering

2) Decreasing the connection timeout value: Another suggested mechanism is to decrease the total time of handling the connection request in the backlog queue. Although this will help us in getting rid of the attack packets soon, but in the case of congestion in the network the legitimate packets will also be lost. 3) SYN Cookies: The concept of SYN Cookies is discussed in [13]. In this technique the backlog queue is not used. When System A receives a TCP SYN packet from System B, it does not maintain any state for the packet, instead its sends a SYN-cookie back to System B. This SYN-cookie acts as a SYN + ACK in the normal three way connection establishment. Though the SYN-cookies mechanism has the advantage of not using the backlog queue, but it has some limitations as well. The server is limited to using only 8 MSS values [14]. As the server discards the backlog queue it must reject all TCP options such as large windows [14].

C. Research Models Proposed: In this section four research models about the prevention of DoS and DDoS attacks are discussed. 1) DoS Resistant Internet Architecture: The first model suggested in [15] tries to make transfer of worms from computer to computer impossible, thus making it impossible to turn a computer into a zombie which would make the internet architecture DoS resistant. The model makes the following assumptions:

• The use of separate IP-addresses for the clients and the servers.

• Some systems though very limited can act both as clients and as servers.

• The clients are not allowed to communicate with the other clients.

• The server is not allowed to initiate a connection with the client.

• If two clients need to communicate it should be of the form, client server client; provided that in the second part the client has opened the connection with the server.

According to the paper, the worms and other malicious software that are a strong tool to create zombies for distributed DoS attacks spread from clients into clients, thus with the server in between, the malicious software cannot be transferred from client to client. The malicious software has to be platform independent as normally the client and the server do not use the same platform. The Morris-worm infected only the UNIX systems [16] (being platform dependent); so it would not be able to spread in this architecture as the systems at the server-end are mostly UNIX systems. It is also suggested to use non global addresses for clients so that clients can not be used for launching DoS attacks on servers. A client address can be given a local significance and still be made unique across entire Internet by using Path-based Addressing, as shown in Figure 13. If a path based address of a client is known to a malicious server it can not be used by other servers because this address can not be used at any other server to send packets back to the client. Such path based addressing will make complete source-address spoofing impossible. All reflexive attacks against remote clients are prevented. Many routing DoS-attacks on client systems, such as announcing bogus routes, are prevented as client routes are not announced.

Fig. 13 Path Based Addressing [26]

Although this architecture helps prevent transfer of worms from computer to computer, it does not support peer to peer applications, which have become very popular for sharing files directly between users on internet. It also affects use of internet telephony, because it also resembles peer to peer architectures. One other disadvantage is that path based client address can change when either the client moves to another network or inter domain routing path between client and server changes. This change of path-based client address requires additional identification mechanism at the transport layer to enable the server to identify the client even when client’s address has changed. 2) Preventing Internet Denial of Service with Capabilities: The second model is proposed in [18]. This model builds on the architecture proposed in SOS [27] and Mayday [2], the problem with these two approaches is that authenticator assigned to the verified transmission by overlay nodes is compromised; a DoS attack can still be launched. This approach also uses a nonce token in every packet as a lightweight authenticator, but these tokens are transient and limited in scope to a single source destination path, thus limiting the damage that can occur after the token is discovered by the attacker. This model is based on assigning capabilities to sending nodes in the form of tokens; the intended source acquires a capability by sending the request through a hierarchy of Request to Send (RTS) servers along the path to each participating destination. A RTS RTS …….. RTS System B


26

In the above mechanism System-A is the source which wants to communicate with System-B. To make this possible, System-A will send RTS packet to the first RTS server on path to the System-B. This is relayed along the chain of RTS servers to the destination RTS server. Eventually an RTS server will reach its destination and the destination then must decide whether to allow the source further packets. If the destination decides to allow the source to send packets, it assigns capabilities by calculating a chain of K 64-bit one way hash values h1, ………, hk. These hi values are capabilities; possession of each allows a client to send a limited number of n packets in the next t seconds. Each RTS server in the reverse path from destination to source remembers the hi values and associates them with the flow in the Verification Point (VP) coupled to the RTS server. Each packet sent by the source is labeled with the capability and the associated sequence value. When each VP along the path receives the packet it checks the capability, sequence number and the flow identifier. If the capability is found and the parameters match the packet, it is forwarded and the use of field capability count is increased. If the count has reached a threshold value of n or the amount of time for which the capability is in use has expired, the capability is flushed. If the match is not found then the token is deemed invalid and is discarded. This approach proposes to change the internet architecture by adding extra functionality in the core i.e. RTS servers and VPs. One other aspect that is not considered is the way by which servers would differentiate legitimate client requests from illegitimate ones. Also, this model is not appropriate for real time services because of the increased overhead of acquiring capabilities and checking tokens in each packets against parameters of a capability. 3) Denying Denial-of-Service: A Router Based Solution: This model [19] proposes up gradation of selected routers with capabilities of encryption, signing, verifying, and dropping the packets they route. It proposes a change in selected group of routers in the core and it does not affect the protocol stacks at the end systems, which means the applications do not need to be changed or reconfigured. In this scheme all the hardened routers, as shown in Figure 14, in the path from source to destination sign the packets. When the last hardened router gets the packets it strips off all signatures and decrypts packets so that destination can recognize them. The signature provides source and route authentication and adding some information gathering and traffic control in hardened routers will allow us to provide attack resilience from DDoS attacks. The signature based routing between hardened routers provides the benefits of privacy, DoS prevention, and DDoS prevention. The problem with this model is that it burdens the core with extra functionalities due to which generality of core suffers. It also affects the time constrained delivery of multimedia traffic.

Fig. 14 Hardened Access Routers [19]

D. Source Based Three Layer DoS and DDoS Prevention Model: In this section after research, a new model, “Distributed Source-end Three-Layer DoS and DDoS Prevention Model”, shown in Figure 15, is proposed. This model aims to remove the shortcomings identified in the models analyzed. It builds on the ideas presented in DWARD [20], [21]. This also is a source based mechanism implemented at the border router of the edge-networks.

In layer 1, Egress filtering is performed in order to stop IP spoofing and detect the attacker. The spoofed packet’s corresponding MAC address is temporarily blocked and the notification is sent to the administrator so that its zombie state can be cleared. There is a problem with the Egress filtering; it can not identify the spoofing within the allowed range. Besides, it can not stop any non-spoofed DDoS attacks. Thus, we embedded two additional layers. As TCP SYN flooding attacks are the most common DDoS attacks, we designed a special layer to prevent them. It is the second layer called the TCP SYN Defender. It will be using TCP Proxying to defend against SYN attacks. A request for TCP connection establishment would not be forwarded to the destination server instead, SYN + ACK segment will be sent by the border router, and only if TCP three way handshake completes the edge router would initiate the connection establishment with the destination server. If the client does not send the ACK to the border router the MAC address will be temporarily blocked till the zombie state is cleared. If an attack passes undetected through layer-2 then it would be detected at layer-3. The third layer is a hybrid Intrusion Detection System. It maintains the flow for each Source-IP, Destination-IP, Source-Port and Destination-Port and analyzes the traffic flow across it. Signature- based attack detection uses signatures which are updated dynamically for a particular pattern in traffic that has been characterized as a known exploit or vulnerability. If a match is found the packet is dropped and the MAC is temporarily blocked and the administrator is notified. The anomaly-based attack detection checks for a particular pattern in traffic which is identified as normal traffic. If a match is not found then the traffic is declared as anomalous [26], the MAC is temporarily blocked and the administrator is notified. These signatures and normal traffic patterns will be dynamically updated by the service provider. This will create a certain problem for new software’s with new traffic patterns. Hence, there must be some international Software Security Authority which certifies the software. After certification, the IDS will update its signatures and prove it to be normal. As most of the viruses, worms are intentionally embedded into some application software; this certification will put a pause on them. The trapdoors will also be identified.

Fig. 15 Source Based Three Layer DoS and DDoS Prevention Model

As the architecture of the model is multi layer, it can be distributed amongst several systems on the network edge, thus helping in balancing the load and increasing the processing efficiency. The model provides direct benefit to the victim still an organization shall implement this due to the following reasons:

• This will protect the organization from getting involved in some crime; intentionally or by innocently.


27

• Stopping the attack packets at the gateway will preserve the organizations external bandwidth; thus used for some more useful things.

• If the network contains worms or some systems in the network act as zombies then they will be identified easily, and before much damage is done.

• The Local Area Network (LAN) will function in a much better way.

• The cyber law must enforce the implementation of this or any similar model.

IV. CONCLUSION AND FUTURE WORK: A clear explanation of DoS and DDoS attacks is presented; then its effects are analyzed in a real network by programs coded in C using the POSIX API’s. The flooding DoS and DDoS attacks had a severe effect on the resources of the victims’ machine. Moreover, four research models were reviewed, their strengths and shortcomings were identified, and finally a new research model was proposed which indeed sums up the strengths of many of the models and eliminates most of their shortcomings, thus competing to be a better alternative to prevent DoS and DDoS attacks. This model can be simulated in NS-2, or implemented in some test environment to get the actual results and clarifying its way for real world implementation.

V. ACKNOWLEDGEMENTS: I would like to thank N-W.F.P. University of Engineering and Technology, Peshawar, Pakistan for providing me the suitable research environment to carry on this work.

REFERENCES

[1] Humphrey Chang, “Danish websites hit by DoS attacks and

defacements?”, February 9, 2006 20:23; http://www.tgdaily.com/2006/02/10/danishwebsiteshacked

[2] http://en.wikipedia.org/wiki/Gary_McKinnon

[3] J D. Anderson, Mayday: Distributed Filtering for Internet Services. In Proc. of USITS 2003.

[4] J. Mirkovic, S. Dietrich, D. Dittrich, P. Reiher; “Internet Denial of Service: Attack and Defense Mechanisms”

[5] Attack downs Yahoo, Google. http://news.zdnet.co.uk/internet/security/0,3902039157748,00.htm June, 2004.

[6] CERT Coordination Center, “Denial of Service Attacks,” http://www.cert.org/tech_tips/denial_of_service.htm

[7] Peir Luigi Rotando, “Denial of Service (DoS) attacks and countermeasures”, Dipartmento di Informatica, Universita di Roma, La Saienza

[8] Nick Delfort, “The Brief History and Effect of DDoS attacks”, CEN445 Final Paper

[9] The TCP Guide; http://www.tcpguide.com [10] P. Ferguson, D. Senie, “Network Ingress Filtering: Defeating Denial of

Service Attacks which employ IP Source Address Spoofing”, RFC 2267, 1998

[11] M. Burdach, “Hardening the TCP/IP stack to SYN attacks”, 2003 [12] http://en.wikipedia.org/wiki/Egress-filtering [13] D. J. Bernstein, “SYN Cookies”, http://cr.yp.to/syncookies.html [14] http://en.wikipedia.org/SYN_cookie [15] M. Handley, A. Greenhalgh; “Steps towards a DoS-resistant Internet

Architecture”, University College London [16] W. Stallings, “Cryptography and Network Security, Principles and

Practices” pages 607-608. [17] M. BlueMenthal and D. Clark, “Rethinking the design of the Internet:

The end to end arguments vs. the brave new world”, MIT Press 2001 [18] T. Anderson, T. Roscoe, D. Wehterall; “Preventing Internet

Denial-of-Service with Capabilities” [19] S. Zhang, P. Dasgupta; “Denying Denial-of-Service: A Router Based

Solution” [20] J. Mirkovic, P. Reiher; “D-WARD: A Source-End Defense Against

Flooding Denial-of-Service Attacks” [21] J. Mirkovic, “D-WARD: A Source-End Defense Against Distributed

Denial-of-Service Attacks”, Ph.D. dissertation, University of California, Los Angeles.

[22] M. D. Rey, “Transmission Control Protocol”, RFC 793, 1981 [23] J. Postel, “Internet Control Message Protocol”, RFC 792, 1981 [24] Cert Advisory, “Smurf IP Denial-of-Service Attacks”, 1998 [25] J. Postel, “User Datagram Protocol”, RFC 768, 1980 [26] G. Maselli, L. Dari, S. Suin; “Design and Implementation of an

Anomaly Detection system: An empirical approach” [27] A. Keromytix, V. Misra, D. Rubenstein, SOS: Secure Overlay Services.

In Proc. ACM SIGCOMM, 2002


28

Abstract — Master key schemes are a viable solution to establish pairwise shared secret keys in Wireless Sensor networks. In these schemes, a master key is preconfigured into each sensor node which is then used by each node to generate pairwise shared secret keys. In the literature so far, it is essential for each sensor node to keep master key in its memory during the entire phase of key setup. As soon as key setup completes, each node erases the master key from its memory. Although key setup phase of a node lasts for a small interval of time, it is not impossible for an adversary to compromise a node during this time. In this situation, the presence of master key can be disastrous. So the challenge is to protect a sensor network from the compromise of master key during its key setup phase. We propose Secure Authenticated Key Establishment (SAKE) protocol that meets the above challenge by introducing an idea that master key need not to be kept by a sensor node for the entire key setup phase thereby shortening the master key compromise window. With the help of our proposed scheme, other attacks during key setup phase can also be avoided.

Index Terms— Sensor Networks, Key Establishment,

pairwise key

I. INTRODUCTION Wireless Sensor Networks are self-organizing networks of locally communicating sensor nodes having limited computation, memory, and energy resources. Due to the deployment of sensor nodes in large numbers, the nodes are made inexpensive; thereby not tamper-resistant and an adversary is quite capable of destabilizing some of them. Above all, the sensor nodes with limited resources are not capable of using public key cryptography because it is computationally intensive. All of these inherent unique characteristics make implementation of security in wireless sensor networks far more challenging than in traditional computer networks. Key establishment lays the foundation for implementing security in a sensor network, in which a sensor node establishes secure links with its neighbors when it is deployed in a sensor network. In fact it establishes the keys necessary to provide confidentiality, integrity and authentication services. Due to the resource limitations of sensor nodes, key establishment protocols for sensor networks are based on symmetric key algorithms. Key establishment for wireless sensor networks must be lightweight, secure and efficient. Camtepe et al. [12] described following specific security requirements of wireless sensor networks along with availability, authentication, integrity, confidentiality, and non-reputation. • Survivability: capability of providing minimum level of service

in the presence of power loss, failures or attacks. • Degradation of security services: capability of changing

security level with the change in resource availability. Pre-deployed keying is the most suitable solution for bootstrapping secret keys in sensor networks. In pre-deployed keying sensor nodes are loaded with keys before their deployment. Several solutions based on pre-deployed keying are proposed. Master key

schemes [2,3,8,9,10,11], are also based on pre-deployed keying in which each sensor node is preconfigured with the same master key and that master key is then used by each node to generate pairwise keys for sharing with each of its neighbors. After the key setup phase, each node removes the master key from its memory. Key establishment techniques are evaluated on the basis of following metrics [12]: • Scalability: Key establishment technique should be flexible

against significant increase in the size of the network even after deployment.

• Efficiency: Key establishment technique must be efficient in terms of storage (required memory to store security credentials), processing (amount of processor cycles required to establish a key) and communication (number of messages exchanged during key generation process).

Resilience: Resilience against node capture and security credentials compromise stored in a node or exchanged over wireless radio links.

II. AN OVERVIEW OF RELATED WORK Perrig et al. [10] proposed Security Protocols for Sensor Networks namely SPINS. It consists of two protocols, SNEP and TESLA. SNEP provides confidentiality, two-party data authentication, integrity, and freshness. TESLA supports authenticated broadcast. Figure 2 shows the key establishment protocol for SPINS [9]. It shows that when a node A wants to establish a pairwise shared key SKAB with node B with the help of a trusted third party server S, which acts as authentication and key distribution server. Key establishment protocol works as:

1. Node A sends a request message to node B. 2. Upon receiving this message, Node B sends a message

to the S 3. Key server S authenticates and generates the pairwise key

and sends the key back to node A 4. Key server then sends pairwise key to node B.

S 3. {SKAB|NA|IDB}KAS 4. {SKAB|NB}KBS 2. IDB|{NA|NB|IDA} KBS A B

1. NA|IDA

Fig. 1 Key establishment in SPINS [10]

The drawback of SPINS is the use of a central key server S. As a sensor network comprises a large number of nodes, the use of central key server restricts the scalability of the sensor networks. Seys et al. [8] proposed SNAKE, a protocol for key establishment based on an ad-hoc scheme. In contrast to SPINS, no key server is involved in key establishment. Key establishment in SNAKE is done in the following way. 1. Node A sends a request and a nonce to node B

SAKE: SECURE AUTHENTICATED KEY ESTABLISHMENT IN WIRELESS SENSOR NETWORKS

Muhammad Yasir, Mureed Hussain Computer Science Department

Shaheed Zulfikar Ali Bhutto Institute of Science and Technology, Islamabad, Pakistan


29

2. Node B returns T (the identity and nonce of node A, B’s own identity and nonce), concatenated with a Message Authentication Code (MAC) of T to A.

3. Upon receiving this message, node A proves its authenticity and sends the message back to node B.

Figure 2 describes the protocol. 1. request|NA

3. IDA|NB|MACK [IDA|NB]

Fig. 2: SNAKE [8]

After this process, node A and node B generates pairwise shared key as: KAB = MACK [NA|NB] Lai et al. [9] proposed BROSK in which each node broadcasts the key negotiation message to establish the pairwise shared key with its neighbors. To establish session keys with its neighbors, a sensor node A broadcasts the following message:

A *: IDA|NA|MACK (IDA|NA) K is the same master key preconfigured in all the nodes prior to deployment. Upon receiving A’s broadcast, a node B can construct the pairwise shared key KAB by generating the Message Authentication Code (MAC) with the help of two nonces as:

KAB= MACK (NA|NB)

Similarly node A also receives the broadcast message from node B and constructs the key KAB in the similar manner. Zhu et al. [3] proposed Localized Encryption and Authentication Protocols (LEAP) based on master key scheme. In LEAP, an initial key kI is preconfigured into each node. Each node u derives its master key as: ku = f(kI, u), where f is a secure one-way function. A node u establishes pairwise keys by broadcasting its identity as:

u *: u

After broadcasting node u waits for its neighbor’s response. A node v sends the response as:

v u: v, MAC(kv, u|v)

Upon receiving the response, Node u derives kv as: kv =f (kI, v) and authenticates the response using the derived key. The pairwise key for nodes u and v is f(ku,v), for u > v, and f(kv, u) otherwise. Each node erases the key kI from its memory after the key setup phase but retain its own master or individual key. The initial key kI in LEAP is the single point of failure. If an adversary is somehow ever able to obtain kI before it is erased, she will be able to compute all previously setup pairwise keys in the network as well as calculate all future session keys that may be established. In addition, the adversary can also inject any number of malicious nodes into the network.

Deng et al. [2] described Opaque Transitory Master Key Scheme (OTMK), a pairwise key establishment scheme in which a master key M is preconfigured into each sensor node. To establish session keys, each node u broadcasts a request message as:

u *: JOIN|EM (IDu|nonce) IDu is the identity of u. Upon receiving this broadcast, a node v generates a random number kv,u and responds u as:

v u : REPLY|EM(IDv|nonce+1|kv,u) After receiving this message node u performs verification of nonce and designates node v as its verified neighbor. The pairwise key is either kv,u generated by v or ku,v generated by u. ku,v is used as shared key if IDu<IDv else kv,u is used as shared key. To enable new nodes to join, Deng et al. [2] proposed another scheme in which a node v generates a new key kv= MAC (M, IDv) and a number of verifiers containing two random numbers ri and yi where yi = f (M, ri). A node v stores many verifiers and erases the master key M. When a new node u arrives, node v sends one of its random numbers ri as a challenge to node u. Node u computes zi=f (M, ri ) and sends it to node v. Now node v compares zi with yi and if both are equal then it verifies node u. After that the pairwise key is established between u and v. A critical question is how many verifiers are to be contained by a node. A sensor node with a limited memory resource cannot store too many verifiers for authentication of newly joining nodes. Dutertre et al. [11] depicted that many timing mechanisms can be used to reduce the probability of message collisions and proposed a protocol in which a secret group authentication key bk1 and a key bk2, to generate session key is preconfigured into all nodes. To establish pairwise keys a node A broadcasts a hello message as:

A *: HELLO|A|NA|MACbk1 (HELLO, A, NA)

Upon receiving, a node B checks the validity of A and responds to A as:

ACK|A|B|NB|MACbk1 (ACK, A, B, NB, NA)

This acknowledgement proves to A that B knows bk1 and has received NA. After that A and B establish keys as KAB=Gbk2 (NA, NB). G is a keyed one-way hash function. Perrig et al. [1] paid attention to key distribution in commodity sensor networks where they did not assume a global passive adversary and proposed Key Infection: a plaintext key exchange protocol, in which every sensor node sends plaintext to establish pair-wise keys with each of its neighbor nodes. In this scheme it was assumed that during the network deployment phase, the attacker can monitor only a fixed percentage a of communication channels. This assumption was in contrast to the previous work on key distribution for sensor networks, in which a strong threat model was assumed: it was assumed that the adversary is present both before and after the deployment of nodes, and can monitor all communications in the network at all times. It is assumed also that it is possible for an adversary to maliciously reprogram a small number of sensor nodes. If this key setup time completes in short time, an adversary has very little time to eavesdrop on key setup. Compromising a node does not offer the adversary any added advantage in deducing these keys. Key Infection establishes key as: every sensor node simply decides a key and broadcasts it in plaintext to its neighbors. For example a node i, after deployment, broadcasts a key ki. Due to short-range nature of transmission, possibly half a dozen other nodes within range of i, notice each other’s presence and start self-organization. Another node j after hearing i’s signal, produces a pair wise key kj

2. T=(IDB|IDA|NA|NB) | MACK [T]

A B


30

and sends it, along with its name, to i:{ j, kji} ki. Minimum power essential for the link is used to transmit the packet. The key kji is used between i and j. Perrig et al. argued that only 2.4% of links will be compromised if there is one hostile sensor node for every 100 white nodes, and there are four neighbors in the range of each node. Plaintext key exchange protocol does not provide protection for confidentiality, integrity, and node authentication. Another drawback of this approach is that an adversary can inject malicious nodes into the network, since there is no authentication mechanism to verify whether a sensor node is a valid member. In key pre-distribution schemes, secret keys or secret information is distributed to every sensor node prior to deployment into the sensing area. Gligor et al. [4] proposed the probabilistic key pre-deployed scheme, which is regarded as basic scheme. In this scheme, key setup completes in three phases: key pre-distribution, shared-key discovery, and path-key establishment respectively.

Fig. 3 probabilistic key scheme [5]

Figure 3 shows the key pre-distribution phase in which each sensor node holds k distinct keys, randomly chosen from a big key pool having size P where P>> k. This set of k keys carried by each node is called key ring. An identifier is attached with each key. Shared key discovery phase starts with the deployment of nodes in which each node discovers its neighbors to share common keys in its radio range. Links are established between the nodes at the end of shared-key discovery phase. Path-key establishment phase is the last phase in which pairs of nodes are connected that want to establish a secure link but they are not sharing a common key. These pairs of nodes can be reachable by two or more hops. Perrig et al. [6] modified Gligor’s scheme for proficient handling of bootstrapping problem. This scheme is more resilient against node capture. In this scheme, instead of using one common key for key establishment, q common keys are required for key setup with a hash function. Figure 4 demonstrates this scheme [9].

Fig. 4 common keys with a hash function

It is possible that many nodes in the sensor network can share that same key. If one of these nodes is compromised, all other nodes sharing the same key will also be compromised. Du et al. [7] has proposed a model, in which the sensor nodes are deployed in groups, so in each group the nodes have high probability to be near to each other. So the basic idea is to let the nodes deployed near to each other select keys from sub-key pools that share more keys. In the scheme, because each node carries fewer keys, the memory efficiency and resilience are both improved.

III. SAKE: SECURE AUTHENTICATED KEY ESTABLISMENT

In key establishment techniques based on master key schemes, master key is a single point of failure. Deng et al. [2] demonstrated that time to deploy a sensor network is very important. The key setup phase may need to be extended until all nodes are activated, or arrive at their destination. In such cases, the master key would live for several minutes. If an adversary knows the memory area precisely from which to draw the keys, then the node compromise time is in the tens of seconds. So it is quite possible for an adversary to physically capture a node and compromise the master key during its key setup phase. The challenge in this scenario is to protect the network from its single point of failure. This challenge can be met if key establishment process would be made less dependent on master key. This can be done if the individual key of each sensor node would be made an active participant in key establishment process along with the master key. This load balancing approach will protect the master key from becoming a single point of failure. Moreover, in a situation when master key is compromised, it is required that a typical key establishment technique would not enable an adversary to compute all pairwise keys with the help of master key. We propose Secure Authentication Key Establishment (SAKE) protocol, which is based on master key scheme. SAKE supports the establishment of pairwise shared keys between the nodes of a sensor network. SAKE is dissimilar from other master key schemes as it makes key establishment less dependent on master key. Firstly, it is not essential for sensor nodes running SAKE to keep the master key in the memory for the entire key setup phase. In fact a node running SAKE erases the master key very early during its key establishment process. This reduces the chance of master key compromise if an adversary physically captures a node during its key setup phase. It also makes the insertion of malicious nodes in the network nearly impossible. Secondly, in case of master key compromise, an adversary cannot compute all pairwise keys in the network with the help of master key in contrast to LEAP protocol proposed by Zhu et al. [3] in which an attacker can calculate all previously setup pairwise keys as well as is able to compute all pairwise keys that may be established in future.

A. Assumptions It is assumed that the sensor nodes are static and a sensor node does not know its immediate neighbors in advance. Tmin is a certain amount of time an adversary requires to compromise a node. Tkey is the total key setup time of a sensor node and it may be less or greater than Tmin. This is in contrast to other master key schemes [2,3], where Tkey is assumed to be always less than Tmin. Tkey is divided into two time intervals namely Tstart and Testab. Tstart is the smaller portion of Tkey that at maximum is less than half of Tkey so it is smaller than Testab. It is assumed that being a very small portion of total key setup time; Tstart is always less than Tmin. In other words it is believed that a node that requires Tkey time to complete its key setup process cannot be compromised in its Tstart phase. Following notations have been used in the presentation of the protocol a and b are communicating sensor nodes. Ekm (M) means encrypting message M with master key km. Eks (M) means encrypting message M with subordinate key ks. x|y means concatenation of message x with y.

Since communication is taking place between a typical sensor node and its immediate neighbors, our scheme establishes pairwise keys that are shared by a node and its immediate neighbors. In this scheme, each sensor node is preconfigured with a master key km and subordinate key ks. Moreover each sensor node has also its unique individual key. A node keeps the master key km during its Tstart phase only. A node erases km when Tstart expires but retains ks.


31

B. Functional Details of SAKE Key setup process of a sensor node starts when a node is deployed. Initially the node a is in its Tstart phase in which it performs following tasks. Encrypts its individual key ka with both km and ks.

y1= Ekm (a|ka) y2= Eks (a|ka) Broadcasts a HELLO message to discover its immediate

neighbors. a *: HELLO|a|na| Ekm (a|na|ka) (1) a is the identity of node a. na is the nonce or random number and ka is the unique individual key of a. Tstart interval is made so small that a node a can perform the above tasks only. As soon as Tstart expires, node a erases km but keeps y1, y2 and ks. From (1) it is clear that km is used for authentication purpose because while receiving this broadcast, another node b is assured of the identity of node a. Now following conditions can occur. 1) Node b is in Tstart phase If node b is in its Tstart phase, it keeps both km and ks. Besides its own HELLO broadcast, if it receives HELLO message from node a during Tstart, it can decrypt (1) with km and gets ka. After getting ka, it can generate pairwise key as

ka,b= f(ka,b) if a>b else ka,b = f(kb,a ) if a<b and sends a response to a b a: REPLY|b|Eka(a|b|kb|na+1) (2)

f is a secure one-way function. Upon receiving this reply, a decrypts with its individual key ka and validates the identity of b. After that it generates pairwise key with b as b has generated above. It does not matter that whether node a is in its Tstart phase or in Testab phase, because it is not dependent on any master key to decrypt and process (2). Testab is the second time interval of Tkey which lasts till the expiration of Tkey. Node a only needs its individual key ka to generate pairwise keys. 2) Node b in Testab phase If node b is not in Tstart phase, it will be in Testab phase where it has erased km. Node b will remain in Testab phase until Tkey expires. We know that most of the requests will be processed after Tstart, because Tstart is so small that a node hardly broadcasts its on HELLO request. Now node b is not in position to decrypt (1). Node b computes pair wise key as ka,b= f(kb,a ) only if a<b, and replies to node a as

b a: REQUEST|b|a|na+1|y1|y2 (3) Node b cannot compute ka,b= f(ka,b ) if a>b, because it cannot decrypt (1), so in this case it simply sends (3) to a. Upon receiving this message, if node a is still in Tstart phase (although the chances are very rare), since it keeps km and ks, it decrypts y1 with km to verify the identity and to get individual key of node b and ignores y2. But if node a is also in Testab phase, y1 is useless for it. It decrypts y2 with the help of ks to get b’s identity and its individual key. So it has not only verified the identity of b but also generated key ka,b. Node a verifies the identity of b and generates pairwise key ka,b= f(kb,a ) if a<b and does not send any notification message to b, otherwise generates ka,b = f(ka,b) if a>b and sends following notification message to b as

a b: REPLY|a|b|Ekb(a|b|ka,b) (4) Node b decrypts this message and gets the pairwise key. An interesting situation arises if node a has received HELLO broadcast from b during its Tstart phase and generated pairwise key ka,b. But a’s HELLO broadcast was received by b in b’s Testab. Now b generated ka,b and responded with (3). When a receives this message, it checks

the identity of b and discards immediately because it has already established the pairwise key. When Tkey expires, each node erases individual keys of its immediate neighbors with which it has established pairwise keys, but it retains ks, y1 and y2 because they are used by a node to establish pairwise keys with newly coming nodes that come after the expiration of Tkey. Depending upon the policy, if internal network processing (data aggregation and passive participation) is required, a node can be programmed to keep the individual keys of its immediate neighbors collected during key setup. 3) Adding new nodes If a new node u arrives, it will broadcast HELLO message as:

u *: HELLO|u|nu| Ekm(u|nu|ku) Suppose a node b, which was deployed earlier and has completed its key setup process, receives this broadcast. Node b cannot decrypt the broadcast since it has erased km. Node b computes pair wise key as ku,b= f(kb,u )and replies to node u as

b u: REQUEST|b|u|nu+1|y1|y2 Upon receiving REQUEST message, if node u is in Tstart phase, it can decrypt y1 to verify the identity of b as well as to get kb. Now node u computes the pairwise key as ku,b= f(kb,u ). If node u is in Testab phase, it can do all the above tasks with the help of y2. Because the HELLO message cannot be authenticated by node b, resource consumption attacks can be launched. Solutions to these attacks have been suggested by [3] which can successfully be adopted. Authentication process of newly coming nodes in SAKE is very simple and consumes less memory because a certain node has to store only y1 and y2 than the scheme proposed by Deng et al. [2], in which a number of verifiers are stored in memory for the same purpose.

C. Security Analysis of SAKE The prime objective of SAKE is to protect a sensor network from master key compromise during key setup phase and making the insertion of malicious node very difficult. During the first time interval (Tstart) of key setup phase, a typical node broadcasts the HELLO message encrypted with the master key km to identify its neighbors. Tstart being a very small time interval of total key setup time ends after this broadcast and each node erases km from its memory though the key setup phase is not completed yet. According to our assumption, it is impossible for an adversary to compromise a node during Tstart. Therefore an adversary has a very less time and chance to get km and it is clear that a sensor node must require km to be authenticated and to establish pairwise keys. In Testab, which is the second and the larger time interval of key setup phase, if an adversary however compromises a node, she will get the subordinate key ks only. ks alone is useless for her, since the malicious nodes dropped by her need to have km for authentication as well as to establish pairwise keys with the legitimate nodes. If an adversary inserts his malicious node in the network and broadcasts the HELLO message encrypted with ks rather than km, the receiving node, when tries to decrypt the HELLO message, the message will be decrypted. This decryption will prove that the sending node is a malicious node since a legitimate node knows that no other legitimate node will broadcast the HELLO message encrypted with ks. A legitimate receiving node also knows that it cannot decrypt the HELLO message when it has completed its key setup phase. So the receiving node will discard this message. Moreover if a malicious node x which has no km and ks, broadcasts the HELLO message encrypted with a different master key, it will not be able to decrypt y1 or y2 contained in the REQUEST message received from the legitimate node b that has received x’s HELLO


32

message. Since the malicious node x cannot get kb it cannot be able to establish the key with node b. In other mater key schemes [2,3,8,9,10,11], since master key is kept and required for entire key setup phase, a skilled adversary gets more time to compromise a node and to get the master key. Moreover the compromise of master key in LEAP [3] allows adversary to determine all pairwise keys in the network. It is not possible in SAKE if km or ks are compromised.

IV. CONCLUSIONS We have proposed Secure Authenticated Key Establishment (SAKE) protocol that establishes pairwise keys shared between neighboring nodes of a wireless sensor network. SAKE is an efficient protocol in terms of memory, processing and communication. It makes a sensor network more resilient to master key compromise and makes the insertion of malicious nodes extremely difficult. We plan to implement and validate this security protocol in a simulator in near future.

REFERENCES [1] R. Anderson, H. Chan, and A. Perrig, “Key infection: Smart trust for

smart dust,” In 12th IEEE International Conference on Network Protocols, Berlin, Germany, 2004.

[2] J. Deng, C Hartung, R. Han, and S. Mishra, “A Practical Study of Transitory Master Key Establishment for Wireless Sensor Networks,” University of Colorado at Boulder, Boulder, CO, 80309-0430.

[3] S. Zhu, S. Setia, and S. Jajodia, “Leap: Efficient security mechanisms for large-scale distributed sensor networks,” In 10th ACM Conference on Computer and Communication Security, Washington D.C, USA, 2003

[4] L. Eschenaur and V. Gligor, “A key-management scheme for distributed sensor networks,” In Proceedings of the 9th ACM Conference on Computer and Communication Security, pp. 41-47, 2002.

[5] S. Sarsan and V.G. Adadda, “Analysis and Evaluation of Key Management Schemes in Wireless Sensor Networks,” 2004.

[6] H. Chan, A. Perrig, and D. Song, “Random Key Predistribution Schemes for Sensor Networks,” In IEEE Symposium on Research in Security and Privacy, 2003.

[7] Du W, Deng J, Han Y S, Chen S, and Varshney P K, “A key management scheme for wireless sensor networks using deployment knowledge,” In Proceedings of IEEE INFOCOM′04, IEEE Press, Hong Kong, 2004.

[8] S.Seys, “Key Establishment and Authentication Suite to Counter DoS Attacks in Distributed Sensor Networks” unpublished manuscript, COSIC.

[9] Lai, B., Kim, S., and Verbauwhede, I, “Scalable session key construction protocol for wireless sensor networks,” In IEEE Workshop on Large Scale RealTime and Embedded Systems (LARTES), 2002.

[10] A. Perrig, R. Szewczyk, V. Wen, D. Culler, and J. Tygar, “SPINS: Security Protocols for Sensor Networks,” In Proc. Of Seventh Annual ACM International Conference on Mobile Computing and Networks (Mobicom 2001), Rome Italy, 2001.

[11] Dutertre, B., Cheung, S., and Levy, J, “Lightweight key management in wireless sensor networks by leveraging initial trust,” Tech. Rep. SRI-SDL-04-02, System Design Laboratory, 2004.

[12] S. A. Camtepe and B. Yener, “Key Distribution Mechanisms for Wireless Sensor Networks: a Survey,” Rensselaer Polytechnic Institute, 2005.


33

Abstract — With the emergence of Voice-Data Integration,

the circuit switched infrastructure is being replaced by packet switched networks i.e. Voice over IP (VoIP) The VoIP technology is gaining popularity because of low cost and easy to maintain but at parallel it faces many challenges like security, reliability and QoS etc. This paper focuses on the Spam threats describing unsolicited and junk calls and emails. The spam is likely to become a severe large problem in the future for all IP based networks. The Spam is also a serious concern for future next generation IP Multimedia Subsystem (IMS) which provides Service Delivery Platform (SDP) for Fixed-Mobile Convergence (FMC). In this paper, we present state-of-art review of Spam for VoIP and IMS and propose a multi-layered architecture to block automated spammers. Our approach is based on the combination of blacklists, white lists and Bi F analysis.

Index Terms — Voice over IP (VoIP), IP Multimedia

Subsystem (IMS), Security, Spam, Unsolicited Calls

I. INTRODUCTION The internet is becoming an integral part of modern society. Daily million of people communicate with their family, friends through internet, emails, SMS and video communication. The technique of sending emails became widely accepted and succeeded to replace old means of communication i.e. letter. The human society is shifting from traditional telephone network to Voice over IP (VoIP) networks because this is cheaper and simple way to communicate. According to TeleGeography’s forecast, the total VoIP subscribers in the U.S. would reach 17.5 million users at 2010 [1]. As VoIP gains popularity it also faces a lot of problems which need to be solved. The biggest weakness of this emerging technology is Spam threats which are unsolicited and junk calls and mails [2]. Different researchers and IT companies are working on Spam protection but the problem is not abating and the number of Spam messages and calls are increasing exponentially every year. The data and statistics obtained in September, 2005 illustrate that 67, 6% of email was spam [3] There are different type of Spams but the most well known is email Spam. The Internet users receive many spammed emails daily. As compared to e-mail spam with VoIP Spam, the load on network resources may be ten times as much [4] due to VoIP Spam. The Spam over Internet Telephony (SPIT) is also more annoying [5], because the real time transmission runs with every spam message, disturbing the users current activity. The use of VoIP instead of traditional PSTN networks will make it easier for spammers to make automated tools to deliver their spam to the user [6] and VoIP communication is also much cheaper. The authors of [7] claim that the cost per call for VoIP are roughly three orders of magnitude lower than traditional PSTN calls, making it a lot cheaper for a spammer to send the messages world wide. The spammed emails get filters out by using different filters but not in the case of real time transmission.

The IP Multimedia Subsystem (IMS) is currently being standardized by the Third Generation Partnership Project (3GPP) nd 3GPP2 [8]. IMS architecture based on Internet Protocol (IP) .This emerging technology brings real time multimedia services to mobile terminals that have GPRS, UMTS and WiFi interfaces. Multimedia services include web browsing, email, video conferencing, video sharing and push-to-talk. The next generation packet-switched networks make the communication easier and cheaper by voice, instant message or video than ever before. Spammers will find that their increased returns from distributing multimedia spam will make it profitable to exploit these technologies [9] This is a far more serious problem than traditional spam because real time communications require immediate action from the recipient, unlike email that can be filtered and delivered whenever user is ready. It takes significantly more time to identify real time spam than to identify email spam. If users receive voice and video calls after many hours then they also get frustrated. Just like other forms of Spam, voice and video spam has also shown growth in recent years. A recent study shows that during the 2006 US mid-term elections nearly two-thirds of registered voters received unsolicited robo-calls from various political campaigns [10]. IP Multimedia Subsystem (IMS) is attractive environment to spammers. Packet switch nature of (IMS) is cost saving and provides cheaper services for end users. Hence it is most profitable and lower cost for spammers. As it uses traditional IETF protocols such as SIP and RTP means that writing applications for VoIP spam is more or less same as writing an email spam bot. Moreover, IMS users are particularly susceptible due to the nature of the SIP Uniform Resource Identifier (URI). These URI addresses are similar to email addresses (sip:[email protected]), and can easily be taken from the Internet in a similar fashion that email addresses are currently taken from websites, newsgroups and mailing lists.

II. VIDEO COMMUNICATION ARCHITECTURE BASED ON SIP

The IP Telephony based on Session Initiation Protocol (SIP) developed by the Internet Engineering Task Force (IETF). It is an application layer control protocol that can create, modify, and terminate multimedia sessions [7]. Different types of entities are defined in SIP: user agents, proxy servers, redirect servers, and registrar servers. Figure 1 shows a simple video communication architecture based on SIP. The SIP based architecture consists of two types of entities: user agent (UA) and network servers. The User Agents are the end devices in SIP network, they can be either a SIP phone or SIP client software running on a PC. They also generates SIP request for establishing media session. There are following four types of SIP network servers.

A. Redirect Server Redirect server accepts SIP request from a client, maps the SIP address of the called party and returns the address to the client. Redirect Server doesn’t forward request to other servers [11].

OVERVIEW OF SPAM FOR VOIP AND IMS AND FUTURE DIRECTION FOR DEVELOPING SPAM PROTECTION MODEL FOR VIDEO CONFERENCING

Ayesha Salahuddin1, Mohammad Sher2, Thomas Magedanz2 1. Department of Computer Science, AIOU, Islamabad

2. TU Berlin/Fraunhofer FOKUS Open Communication Institute, Berlin, Germany


34

B. Registrar server A registrar server is a server which accept register request from a client, and update the location database, the location database is used to store contact information [11].

Fig. 1 A typical VoIP Architecture

C. Proxy server Proxy Server handles SIP requests for the source UA. A proxy server can perform as a server or a client to make a request in the name of clients. Requests are serviced either locally or passed on to another server. If it is necessary, proxy server will rewrite a request before forwarding the request [11].

D. Location Server Location Server is used to store terminals location, and provide a terminals location to the proxy server or redirect server.

III. SPAM-BASED SECURITY THREATS The SIP based VoIP is open based and flexible architecture which faces many security threats from different communication protocols and at different level. We have grouped these threats from three levels i.e. IP, Application and Content.

A. IP Level Threats These threats are from the IP based infrastructure and are transferred to the VoIP infrastructure. For example, these threats are shared with application such as WAP, emails etc

B. Application & Protocol Level Threats These threats are exploiting the design faults and implementation flaws of communication protocols and applications. For example, the protocols and application level threats include misdirect calls, contaminated calls etc. They cause a lot of disruption in VoIP systems.

C. Content Level Threats They are content related threats interfere with media streams like voice calls and video conferencing and this level focus on VoIP spam. These threats shared with other applications such as email, IM and browse based applications.

IV. TYPES OF VOIP SPAM Today the most annoying Internet problem is the spam emails. The volume of email spam has grown up to that level that it threatens the viability of email as a service. It is predicted that the impact of VoIP spam will much greater than email spam. In this scenario SIP is the most targeted protocol by the attackers to launch Spam calls. The top level view of launching Spam on the VoIP network is depicted in figure 3.

Spam in VoIP scenario is going to occur in the shape of Voice/Video messages that has to be treated in real time in order to prevent our system from being flooded with spam messages. Spammers sends Spit calls during communication and our application server is intelligent enough to distinguish between good calls and Spit calls.

Fig. 2 Different Security Threats Levels

Fig. 3 Spam Launching Scenario

In the following we briefly describe different types of spam for SIP-based architecture.

A. Call Spam The spammers generate bulk of unsolicited session initiation procedures to establish a voice, and video, instant messaging [12]. The SIP INVITE requests are utilized in this scenario. If the recipient accepts the request the spammer proceeds to relay their message over the real time media. This is the classic way to generate commercial spam on SIP telephony.

B. IM Spam The instant messaging spam is similar to email spam. In this type, the spammer sends a bulk of unsolicited instant messages. These messages may be any commercial advertisement about any product or business etc. In VoIP scenario, the SIP Messages Requests [13] are utilized for generating IM Spam etc.

C. Presence Spam Presence Spam is also like email Spam. It is defined as a bulk unsolicited set of instant messages, whose content contains the message that the spammer is seeking to convey. IM spam is most naturally sent using the SIP MESSAGE [13] request. This spam used SUBSCRIBE request for the presence event package in an attempt to be in white list of user in order to send them IM. It does not convey content in the messages.


35

V. ANALYSIS OF MOST IMPORTANT TECHNIQUES FOCUSING ON LIMITATIONS AND IMPROVEMENTS

There are many solutions to VoIP spam like content filtering, white lists, black lists, consent based communication and identity authentication. These solutions were developed for email spam. It could be adapted to SIP spam because of similar nature. Generic over view of these solutions are as under

A. Content Filtering It is most common type of spam protection which is used in email. It analyzes the content of email and checks whether it is spammed or not. Bayesian spam filter belongs to this category. But for VoIP spams this method is not efficient for two reasons. Firstly spam cannot be analyzed by content filter before user reply. Secondly if we consider current state of technology it might be impossible for real time data. [15].

B. Black List Here the spam filter maintains a list of addresses that identify spammers. It may include user name or entire domain. IT is unlikely to have effectiveness for VoIP spams. First it is easy for spammer to do spoofing. Secondly spammer can obtain new SIP address from any providers. In the case of unauthenticated identity it may be difficult for spammers to forge the SIP identity. Even in the case of authenticated identity spammers can obtain new SIP addresses and this cause blacklist useless for VoIP. [15]

C. White List It is inverse of black list. It is a list of valid sender from whom user is willing to take calls. Here spammers cannot change the identities to obtain white list. It used strong identity authentication mechanism which prevents address spoofing problem. It concludes that combination of white list and identity authentication could be a good solution for VoIP spam. But they do not provide complete solution to the problem e.g. it does not give solution to introduction problem which is how to decide whether the caller should place in white list or not so this can be solved by next technique. [15]

D. Consent Based Communication It is used in collaboration with black list and white list. These kinds of systems are mostly used in presence and IM but not in email. This should be combined with identity mechanism. Since most IM systems are closed nowadays so sender identities can be authenticated. It is standardized in SIP for presence if they extend to cover IM and calling both it may not be useful.

E. Reputation Systems It is also used in collaboration with black list and white list. It is implemented in highly centralized architecture. It based on negative reputation scores suffer from many of the same problem like in black list. It based on positive reputation if users are happy with each other rather then blaming. If we combine presence based systems with reputation it will give an interesting mixing. [15]

F. Pay-per-Call Here receiver gets paid for every message that is unwanted. Every sender is charged for spam message. Family and friends would be put on the do-not-charge list and their emails would arrive in the user’s inbox for free. But for anyone the user doesn’t know, a charge of $ 5 (or whatever price the user wanted) could be levied. [14] In this way messages are accepted only from trusted senders and for every other email the users get paid for receiving VoIP spam messages.

G. Turing Tests In email systems Turing test are those where the sender gives some puzzle which can only be solved by human, these are also known as CAPTCHAS (Completely Automated Public Turing test to tell Computers and Humans Apart).If user correctly answered the

puzzle it will be placed on White list. Like many other techniques Turing test is also depend on Senders identity which cannot be easily authenticated in emails. It can be applied to call spam as well. This kind of voice-based Turing test is easily extended to a variety of media, such as video and text, and user interfaces by making use of the SIP application interaction framework [14].The problem with Voice Turing test is same as with emails instead of having automata process the test spammer can pay to the cheap workers to take the tests. Due to these limitations Turing test never completely solve the problem.

VI. PROPOSED SOLUTION AND TOP LEVEL ARCHITECTURAL VIEW

Multi layered architecture is proposed to meet the objectives of undersign research and this study will entail a literature and software study to determine if and which approaches have already been identified or implemented. The suitability of NS 2 for security simulation can be examined through a literature study. As no single solution has yet solved this problem so it’s a fair assumption that a single solution will not provide suitable protection against spam. The diagram below shows the description of the methodology to be followed with in this research

Fig. 4 Multi layered Architecture for preventing video spams

A. Blacklists and White lists The first and second layer of protection involves blacklisting and white listing. These lists provide good protection against well-known spammers and ensure calls from regular contacts are connected without intrusion. The problem with blacklists is that they are hard to keep up-to-date and they are notorious for blocking entire domains when only a few guilty parties are involved. In our architecture we will populate the user-defined blacklists according to Bi F analysis. The user defined white list will be populated manually.

. Fig. 5 Flow Diagram Of Multi layered Architecture for preventing video

spasm

Bi F analysis

White lists

Black list


36

B. Bi F Analysis The third layer of protection in our architecture involves analyzing the call patterns of unknown callers. An unknown caller is one that does not appear on a blacklist or white list and therefore the legitimacy of the caller is still in question. In our system we will calculate variance in call frequency with the Bi F (FFT) algorithm and detail over view of these layers is as above

C. Flow of SD Application Server Once the call arrives at the SD (Spam detection) Application Server the URI of the caller is tested against user defined black lists and white lists. If a caller is unknown then BI F analysis are used to determine the legitimacy of the caller. Following Figure shows the flow of INVITE and 200 OK SIP messages

VII. CONCLUSION

This paper highlighted the problems of multimedia spasm in IMS. We also proposed a multi layered approach for developing spam protection for video conferencing. We also presented architecture of Video communication based on SIP. Security threats focusing on spam and analysis of important anti spam techniques are described.

REFERENCES

[1] http://www.forbes.com/2003/11/11/cz_kb_1111spam.html [2] H. M. Butler, ‘Spam-the meat of the problem’, Computer Law &

Security Report, vol. 19, pp. 388–391, 2003.

[3] M. Sunner, ‘Email security best practice’, Network Security, pp. 4–7, 2005.

[4] Gagner, R.P, ‘Voice over Internet protocol’ Bowie State University, Maryland, 2005.

[5] J. Pessage, J. Seedorf,’ Voice over IP: Unsafe at any Bandwidth?’, Eurescom Summit Heidelberg, 2005.

[6] R MacIntosh, D.Vinokurov, ‘Detection and mitigation of spam in IP telephony networks using signalling protocol analyses’, pp. 49–52, 2005.

[7] J.Rosenberg, C.Jennings,’ the Session Initiation Protocol (SIP) and SPAM’ , 2004.

[8] 3rd Generation Partnership Project (3GPP), ‘IP Multimedia Subsystem (IMS)’, TS 23.228.

[9] V. Mockapetris,’Telephony’s Next Act’, IEEE Spectrum Magazine, April 2006.

[10] L. Rainie ‘64% of registered voters received robo-calls in the final two Months of the 2006 election’, Pew Internet & American Life Project , 2006,.

[11] Radvision, “Session Initiation Protocol”, 2005. [12] B.Campbell,’The Message Session Relay Protocol’,

draft-ietf-simple-message-sessions-19 (work in progress) February 2007,

[13] B.Campbell, J. Rosenberg, H.Schulzrinne, C. Huitema, and D. Gurle,’Session Initiation Protocol (SIP) Extension for Instant Messaging’, RFC 3428, December 2002.

[14] S.Arrison, ‘Canning Spam: An economic solution to unwanted Email [online]. 1st Edition’, Pacific Research Institute, 2004.

[15] J.Rosenberg, C.Jennings’ The Session Initiation Protocol (SIP) and Spam’, July 9 2007,


Session II Conference Chapter on Computing Chair Prof. Dr. Mushtaq Ahmed Faculty of Computer Science & Engineering Ghulam Ishaq Khan Institute of Engineering Sciences & Technology, Pakistan


37

Abstract — This paper reports on the usability of the official Web Portal of Government of Pakistan. To the best of the author’s knowledge it’s the first ever usability study of Pakistan’s official web portal. The result was that many heuristics usability problems were found on the web portal. The web portal failed to comply with even basic web usability guidelines. This indicates that web usability is poorly understood by the web developers, if at all. It also indicates that no usability testing is in place to ensure that the web portal follows the basic usability guidelines. Some key mistakes were poor searching, non-standard use of color for links, improper page title and a complex home page.

I. INTRODUCTION Almost every government has a presence on the internet in the form of a website. Websites for governments have got much more importance than in the early days of internet. More and more governments business such as job advertisements, providing basic information about identity card, passport, constitution, government plans etc are moving on to internet. With increasing internet users in Pakistan, many users’ first choice to get information about an issue related to government is to visit the relevant web site. But it’s not just a matter of quickly developing a web site, decorating it with some heavy graphics or flash animations and be on the internet. It requires proper planning and testing. Taking care of usability is an important part of web development. One study shows that users spend less than 2 minutes on the entire site before deciding to abandon it [1]. On the web, usability has become a necessary condition for survival.

Web usability is important for two main reasons:

(i) First is that web users don’t spend much time on a single

web site. Web users are mostly goal driven. They come to a web site with a specific goal, try to achieve that and leave the site. They require instant results.

(ii) Second is the massive growth and scale of the Internet and the amount of online resources has that have led to information market overwhelming users with choice. It does not cost users more than a click or typing a few words to go from one web site to other. Good usability has two benefits [1]:

(i) It supports an organization’s business goals on the web and thus helps achieve its goals.

(ii) Usability empowers humans and makes it easier and more pleasant to handle the technology that's infusing every aspect of modern life.

On the other hand, the impact of poor usability includes: (i) Wastage of innumerable person-hour (ii) High levels of frustration

(iii) Significant under use of potentially useful system

One survey of 6000 computer users in US found an average of 5.1 hours per week wasted trying to use computers [2].The increase in the amount of information risks acting as a time sink that can prevent people from ever getting any real work done [3]. Users on the web are usually so overloaded with information within a single application that they find it difficult to use these resources effectively. They are so overloaded with information that they end up with nothing usable. The success rate in usability studies, when a user was asked to perform a task, has been reported to be less than 50 % [4].

II. NUMBER OF INTERNET USERS IN PAKISTAN According to wired Pakistan [5], Internet usage in the country has witnessed a tremendous increase during the last couple of years. Number of Internet users have reached a record number of 12 million. And there are approximately 7 million Pakistanis living abroad [6], who are also possible users of the web portal. This means the total number of expected users of the web portal is at least 19 million. In the following sections, official web portal is analyzed for observance of heuristics usability guidelines.

III. PROBLEMS IN HOME PAGE The home page is different from all other web site pages. Mostly it acts as a door to any web site. A well-designed home page projects a good first impression. A good home page should clearly convey the site purpose. One study found that when asked to find high quality web sites, about half of the time participant looked only at the home page [4]. One study shows that users visiting a new site spend an average of 30 seconds on the homepage before deciding to abandon it [1]. Home page of web portal at http://www.pakistan.gov.pk was visited between 10 to 13 March 2008 and was analyzed for observance of the heuristics usability principles such as avoiding active links to same page, use of standard colors for links, use of breadcrumbs and proper search facility etc .

A. Avoiding Active Links to same page Active links to current page cause following problems. (i) Clicking a link that links users to same page is sheer waste of user time. (ii) It causes the users to doubt that they are really at location they think they are? The problem was found on the home page of web portal.

B. Simplicity in Design According to Neilson [8], in designing user interface for traditional application or for a web site, one of the developer’s key decisions concerns the tradeoff between features and simplicity. The more features, the more complicated the system inevitably becomes. This means that the more buttons and options one puts on home page, the less users are capable of quickly finding information they need. Web sites must focus on simplicity rather than features. A common design pitfall is to believe that by providing lots of options and several ways of doing things, we can satisfy everybody. Every time developers add a feature to a system, there is one more thing for users to learn and possibly use erroneously.

Assessing the Usability of Official Web Portal of Government of Pakistan: A Heuristics Approach

Abdur Rehman, Muhammad Hamad Hassan, Amjad Mehmood Research & Development Cell


[email protected], [email protected]


38

One of the common mistakes made on the portal was the repetition of same link on same page or two slightly different links connecting to same sub page. This causes following problems: (i) When two or more different links are used to connect to

same sub page, it naturally makes users think that these are two different links. But when user sees the same sub page it confuses the users.

(ii) Using two exactly similar links wastes valuable space on web page.

(iii) Every element that is put on page puts burden on user memory by having the user to look at one more unnecessary feature.

(iv) Also every irrelevant link competes with a relevant link for user attention

MSN Usability Research recommends that pages be not overloaded with navigation choices .People will stop reading options after they see 4-5 distinct option [8]. The problem in web portal is that there is unnecessary repetition of links on the home page, as has been shown in following figures.

Fig. 1 Menu option in General tab

Fig. 2 Menu option in Citizen Tab

Following are the numbers for repetition of different links on different tabs on same page. (i) Citizenship and Immigration link on 3 tabs. (ii) Utilities link on 3 tabs. (iii) Revenue and Taxation link on 3 tabs. (iv) E-Government Projects link on 3 tabs. (v) Online flight booking link on 3 tabs. (vi) Railways and Train Schedule on 3 tabs.

Fig. 3 Menu option on Business tab

Fig. 4 Menu option on Foreigners tab (vii) Economic and Statistics link on 3 tab. (viii) Industries and Trade link on 2 tabs. This repetition of links unnecessarily complicates the interface for users. Also the Launch option provides a relatively new style of interaction, rather than a simple click option. It has been observed that users bitterly complain whenever they are exposed to sites with too many diverging ways of doing things [8].

IV. NAVIGATION RELATED PROBLEMS Two important things related to navigating a web page are [10]:

(i) Knowing where you are. (ii) Knowing where you have been.

To tell the user where he is currently in the context of the overall structure of the site, “breadcrumb” technique is used. Breadcrumb is a simple but very useful in navigating a web site.

A. Absence of Breadcrumb It just takes a one line space on the page but provides two useful information to the user: (i) It displays a hierarchical path to user’s current location. (ii) It enables a user to go to a previous link in a single click. Although the web portal uses breadcrumb it does not do so in a standard way. For instance in the breadcrumb: “Home>About Government” Home is not clickable. Another heuristics guidelines is that a link to home page should be available form every other page. One of the techniques usually used is to connect the logo to home page. Users than can simply click on logo from any sub-page to go to main page. But this fundamental guideline has not been observed on the web portal. Although home link is provided in Launch option, but it has two problems. (i) Its not clearly visible for users.


39

(ii) It displays the same page again , instead of home page of web portal.

B. Non standard use of color for links Of the 222 guidelines for web sites, Neilson describes the most important to be user having a sense of control while visiting the site. Neilson has observed that there is increasing reluctance among users to accept innovations in web design [11]. The prevailing user trend in design is to request designs that are similar to everything else they see on the Web. For example, using blue color for link and red or purple for visited links has become a de facto standard for web sites. It greatly helps user in instantly deciding: (i) What are links and what is text? (ii) Differentiate between visited and unvisited links. (iii) What was the last visited link? Any deviation from this standard will make users insecure and less confident in browsing the site. Figure number (5) and (6) highlights the problem of using non-standard color for links on tabs. The link color on these tabs is light black and yellow respectively.

Fig. 5

Fig 6

The references part contains link in green color figure no (7). Fig. 5 Non Standard color for links Using non standard color for link has another problem. That is when same color is used for both link and simple text.

C. Providing Link Title A simple step developers can use to help users in navigation is use of proper link title. It helps present to users bit of information about what the link offers. Newer browsers offer the ability to pop up a short explanation of a link before the user selects it. Such explanations can give users a preview of where the link will lead and

improve their navigation [12]. This technique has two clear advantages:

Fig. 7 The launch link is in white color as has been shown in figure (8)

Fig. 8 (i) It helps users avoid the links they are not interested in thus

saving their time. (ii) It helps user understand the destination page upon arrival.

Exceptions to using link titles are where it is clear from the link and surrounding text where it leads. The web portal does not use link title except at two places , but that too incorrectly.

Following problems were found on the Web Portal. (i) Placing the mouse over the logo in the upper left side of web

page display the title “Ministry of information Technology”. (ii) Placing the mouse over the picture on right side displays the

title “Click to activate and use this control”. (iii) Moving the mouse over “Founder of Pakistan” link displays

the title”Founder of Pakistan”. First is confusing because it displays the title of a specific ministry. Second is wrong because its not a meaningful title. It could have been like “Web site of Law Ministry” etc. Third is wrong because it displays same title as link, which is of no help to users.

V. PROPER SEARCH FACILITY Navigation is useful for information space that a user can cover completely. But for a site with lots of information, search becomes an important element of the user interface. A web site may start off as a simple site, not containing much detailed information for users. But as an organization begins to grow, it feels the importance of its site and, they start adding various kind of information to their site. This makes it difficult for users to find their relevant information,


40

especially when the links are not in proper hierarchy. The best users can do to save their time is to search a site for particular information. As has been observed by Neilson, half of the users of web are search dominant. And rest also try searching a web site for information when their navigation efforts fail. For such users its better to provide search option on every page of a site, because one does not know , when a user fails to find relevant link and turns to searching option[9]. As an example it will be really difficult for a user to browse the whole portal to find information about, say, what the current passport fee is? Web portal of Government of Pakistan provides the search interface in the form what users usually expects, but the results of searching for information were really poor. Following screen shots shows the result when web portal was searched for basic information like Pakistan, Musharraf and National Assembly.

Fig. 9 Result of searching the site for Musharraf

Fig. 10 Result of searching the site for National Assembly

Fig. 11 Result of searching the site for Pakistan

Also the search option in Launch menu works really poorly. It displayed a system generated message as is clear from figure.

Fig. 9 Result of selecting the search option from Launch option

VI. IMPROPER PAGE TITLE Being easily searchable on the internet is vital for any web site. One study has shown that users usually don’t look at web sites that are not in top 30 of search engine result page(SERP) [4] . One of the simple steps to include a site or a page in search engine results is to use proper page titles. The web portal failed to use proper page title for its different sub pages. It just uses the title “Pakistan.Gov.pk The official gate way to the Government of Pakistan”. Using proper page title for sub pages help improve the site ranking in search engine.

VII. CONCLUSIONS It has been observed that official web portal of Government of Pakistan does not observe even the basic usability guidelines. This affects the user performance as well as web site purpose. To improve the situation, web developers should be taught the importance of usability plus an independent usability testing could be arranged.

REFERENCES [1] Jakob Nielsen and and Hoa Loranger ,Prioritizin web usability, New Riders Press, Berkeley CA, 2006 [2] Ben Shneiderman “Pushing Human Computer Interaction to empower every citizen, Universal Usability”, COMMUNICATIONS OF THE ACM, May 2000/Vol 43. No5 [3] Jakob Nielsen,”Multimedia and Hypertext:The Internet and Beyond” , Chapter 8 “Coping with Information overload “ Morgan Kaufmann, San Francisco, 1995. [4] Snjay J.Koynal, Robert W. Balley, Janke R Nall “Research-Based Web Design & Usability Guidelines”, htp://usability.gov/pdfs/guidelines%5Fbook.pdf. [5] http://www. wiredpakistan/2007/01/01/number-of- a internet-users-hits-12-million-in-pakistan/ [6] http://www.dailytimes.com.pk/default.asp [7] Feature Richness and User Engagement, aaaahttp://www.useit.com/alertbox/features.html [8] http://msdn.microsoft.com/library/default.asp?url= /library/en-us/dnsiteplan/html/improvingsiteusa.asp [9] Search and You May Find, http://www.useit.com/alertbox/9707b.html [10] Alan Dix ,Janet E. Finlay ,Gregory D. Abowd ,Russell Beale ,Human Computer Interaction 3rd Edition, Pearson Prentice Hall, 2003 pp205. [11] The Increasing Conservatism of Web Users, http://www.useit.com/alertbox/980322.html [12] Using Link Titles to Help Users Predict Where They Are Going. http://www.useit.com/alertbox/980111.html.


41

Abstract — In this paper we propose the architecture of a neural co-processor for on-board learning. The co-processor is based on backpropagation network and acts as a dedicated hardware connected to a PC. It consists of several sub-modules i.e. sub-processors representing a column of the backpropagation neural network. The architecture allows the co-processor to form any structure depending on the specific application. We have built a communication network for the sub-modules to communicate with each other and within each sub-module; there is also a communication network for the layers to communicate with each other. The operations of each sub-processor are independent from other sub-processors i.e. a neuron calculates its output as soon as all inputs are available.

I. INTRODUCTION Large training time in neural network is the fundamental ob- stacle in real time applications. A computer based neural network program can’t solve the timing problem, as the essence of the neural net is the parallelism which a single processor can not give. There are several commercial softwares that are using neural network algorithms to solve different problems. These softwares can not provide mobility and good training time [1]. There are also a few commercialized chips available for the neural network applications but these chips do not have the capabilities of on-chip learning because these chips do not train the neural network but take the weights that computer has calculated for it [1]. One of the vendors of these chips is Intel, with its 80170 ETANN (Electronically Trainable Artificial Neural Net- work) chip and Neural Semiconductor, with its DNNA (Digital Neural Architecture) chip [1]. There is a demand for a dedicated hardware that can be trained for different applications. Some attempts have been made for the dedicated hardware, designed specifically for an application e.g. [2], [3] etc. The main thing in the hardware implementation is the communication structure. The more the communication structure is efficient, the higher is the performance of the hardware. This constitutes the architecture of the co-processor which will act as a dedicated neural hardware. One of the famous dedicated hardware co-processor based on self organizing map neural networks is KOKOS [4]. The first on-board learning based on backpropagation network KOBOLD is presented by M.Bogdan, H.Speckmann and W.Rosenstiel [5, 6]. In [5, 6] architecture, they implement a communication structure on the basis of bus topology. There is a global bus, to which all sub-processors are connected and a local bus which is connecting the sub-processors in a ring like structure. The problem in this communication structure is that while propagating error difference to other relevant sub-processors, only one sub- processor is allowed to do so and all other wait for their turn. So there is a significant delay for the sub-processors. Also communicating via local bus, the sub-processor sends its data on the bus and the neighbor collects it, which observe the packet for its relevancy. If the packet is for that sub-processor, it will save it in its local memory and if not, it will forward it to its neighbor. This method of communicating weights produces a significant delay. For faster communication, the delays are to be reduced to their possible level. In proposed architecture there is a special switching center used for the

communication between the co-processor’s top module and sub-processors and also with in the sub-processors. There is also a network structure designed for the communication of layers with in a sub-processor. The co-processor reported in [5, 6] and the proposed architecture depend on the backpropagation network. The rest of the paper is organized as follow: The architecture of the backpropagation network is described in Section 2. This is followed by a detailed presentation of the proposed architecture of the co-processor based on backpropagation with online learning in Section 3. Finally, the paper is concluded in Section 4.

II. BACKPROPAGATION NETWORK ARCHITECTURE Backpropagation network shown in Fig. 1 is a multilayered neural network with n sub-processors (neurons). A sub-processor has an input layer (X), an output layer (Y) and hidden layer(s) (H) [7]. X 0, X 1, ..., X n represent the input layers, H 00, H 01,..., H 0n show first hidden layers, H 10, H 11, ..., H 1n show the second hidden layers, H m0, H m1, ..., H mn show mth hidden layers and Y 0, Y 1, ..., Y n represent the output layers of n sub-processors as shown in Fig. 1. Each column in Fig. 1 represents a sub-processor i.e. a neuron which is connected to other neurons.

Fig. 1 Architecture of Backpropagation network There are two modes of operations in training of backpropagation network, forward propagation and backpropagation [7]. In forward propagation, the network input patterns are presented to input layer which calculate its products and convey it to the above hidden layer and associated sub-processors’ hidden layer. Then each hidden layer calculates its net input and output which is then conveyed to the layer above of the current sub-processor and other connected sub-processors. Similarly the process is continued in other

Architecture of reconfigurable artificial neural network Co-processor

Kamran Rauf, Muhammad Usman and Abdul Bais Department of Computer Systems Engineering NWFP

University of Engineering and Technology Peshawar, Pakistan


42

sub-processors as well until final layer i.e. output layer calculate its output [7]. In backpropagation mode each sub-processor’s output layer then computes the error difference and if it’s greater than a specified tolerance level than all layers below the output layer updates their weights. Similarly the error is also conveyed to the connected sub-processors, so that they can also compute their new weights [7]. The whole training is followed in this trend.

III. PROPOSED ARCHITECTURE In this section, we will describe the co-processor architecture. The section is broken in to the following sub-sections: first we will describe the hierarchy of modules involved in the implementation of co-processor in Section 3.1, then the proposed co- processor architecture in Section 3.2 and finally the sub-processor architecture in Section 3.3.

A. Hierarchy of Modules The code implementation of the co-processor comprises six major modules. The hierarchy of the modules is given in Fig. 2. In Fig. 2, the CoProcessorTopModule is the top module which is receiving configuration instruction and pattern-target pairs from external environment. To configure the co-processor, user give instructions through PC interface and these instructions are conveyed to the co-processor’s top module which configures the co- processor accordingly.

Fig. 2 Hierarchy of modules The MainSwitchingCenter is the main module for communication. The whole communication of the co-processor depends n this special switching center. The MainSwitchingCenter is like a switch in a star topology network but it is specially designed to work for the parallel structure of the co-processor and present less delay to the data. The MainSwitchingCenter is designed in a way that it can receive data from its all ports and can send data on all its ports simultaneously which makes the co- processor faster. Each sub-processor is assigned an address in order to identify the sub-processors. Each sub-processor starts its calculations for itself and then it calculates products and other results for its forward neighbor which ensures that no two sub- processors are sending data to same sub-processor and in this way the collision is avoided. This method also increases the speed of communication. For further optimization in speed, the co-processor implementation is pipelined. SubProcessor is the basic processing device in the co-processor.. It is like neuron in biological nervous system. Each SubProces- sor has three different kinds of layers i.e. InputLayer, Hidden- Layer and OutputLayer as show in Fig. 2. These layers work simultaneously and the whole process is carried in a way that as soon as a layer has

its required data, it will calculate its output and convey it to the relevant layer and sub-processor (if needed). The proposed architecture of the co-processor is described in the followed Section 3.2.

Fig. 3 Co-Processor Architecture

B. Co-Processor Architecture Architecture of the co-processor shown in Fig. 3 is very similar to a star topology network. There is a special switch named MainSwitchingCenter. In Fig. 3 the top module which provides the external environment interface is CoProcessorTopModule and the adjacent blocks represents the sub-processors which are the basic processing elements of the co-processor. There are sixteen sub-processors in the proposed architecture. The number of the sub-processors can be increased to two hundred and fifty six. They can also be extended to more than two hundred and fifty six by increasing word size but by increasing the number of sub-processors, the complexity of the network will also increase. Also we need the same number of pins in the co-processor as that of sub-processors, so that in applications all sub-processors can be given patterns simultaneously which is not a feasible solution. Applications that are having sixteen dependent parameters can be dealt with it. Within each sub- processor there are ten layers working autonomously. The architecture of the sub-coprocessor is described in the following sub section.

C. Sub-Processor Architecture The special architecture of sub-processor shown in Fig. 4 resembles to that of a bus topology network. The SubProcessor is the top module for this portion of co-processor. It receives the configuration instructions, patterns and targets sent by co-processor and products and error differences sent by other sub-processors from MainSwitchingCenter and accordingly it maneuver its layers.


43

Fig. 4 Sub-Processor Architecture

There are ten layers in each sub-processor i.e. an input layer, an output layer and eight hidden layers. The number of layers can be increased to any number but increasing number of layers lead to larger training time i.e. the network will take more time to converge for a specific application than with lesser layers. There is an advantage of having large number of hidden layers that is the network will converge more precisely. There is basically a trade off between training time and preciseness of the network. But since many application areas can be accommodated in this limited number of hidden layers, so there is no need to increase the number of layers. These layers are the processing components of the sub-processor like the components in neurons of biological nervous system. Each different type of layer has its own different process structure.

IV. CONCLUSION We presented a new architecture for digital neural co-processor for online learning backpropagation. The architecture of the co-processor leads to better performance. The communication network leads to asynchronous communication between sub- processors and also with co-processor’s top module. Further work is in progress on the co-processor. The major steps that are left include the implementation of PC interface for configuration and implementation of other backpropagation algorithms for further optimization. This hardware implementation can lead to a powerful neuro-computer that can be used in a wide range of applications such as: ” Optical character recognition ” Image and Data compression ” Load forecasting problems in power system area ” Control problems ” Non linear simulation ” Biomedical applications ” Fault detection problems ” Network monitoring systems ” Communication etc

REFERENCES [1] Ingrid F. Russell, “Neural networks,” 2007, [Online:

www.hartford.edu, accessed 12-09-2007]. [2] Johannes Schemmel, Karlheinz Meier, and Eilif Mueller, “A new vlsi

model of neural microcircuits including spike time dependent plasticity,” in Proceedings IEEE International Joint Conference on Neural Networks, Kirchhoff Inst. for Phys., Heidelberg Univ., Germany;, 2004, vol. 3, pp. 1711– 1716.

[3] Michael Freeman, Michael Weeks, and Jim Austin, “Aicp: Aura

intelligent co-processor for binary neural networks,” in IP-SOC 2004 IP Based SOC Design Forum and Exhibi-tion.

[4] H. Speckmann, P. Thole, and W. Rosenstiel, “Hardware

implementation of kohonen’s selforganizing feature map,” in Artificial Neural Networks, 2, I. Aleksander and J. Tay- lor, Eds., Amsterdam, Netherlands, 1992, vol. II, pp. 1451–1454, North-Holland.

[5] M. Bogdan, “Kobold: a neural coprocessor for backpropagation

with online learning,” M.S. thesis, Ecole d’IngCnieurs in Informatique Industrielleet Instrumenta- tion, Grenoble, France, 1993.

[6] M. Bogdan, H. Speckmann, and W. Rosenstiel, “Kobold -a neural

coprocessor for backpropagation with online learning,” in Proceedings of the Fourth International Confer- ence on Microelectronics for Neural Networks and Fuzzy Systems, 1994, pp. 110–117.

[7] S. N. Sivanandam, S. Sumathi, and S. N. Deep, Introduction to Neural

Networks using Matlab 6.0, Tata McGraw Hill Companies, 2006.


44

Abstract — Terrain modeling is one of the basic capabilities that a mobile robot must have for vision-based navigation in an outdoor environment. In order to have enough information for robot navigation, it is required to construct dense depth map from the images of the scene. 3D scene reconstruction from depth maps of the environment can then be used to obtain a terrain model. Research on terrain modeling using multiple cameras has been actively pursued. However, to reduce system cost this study aims at achieving similar results from a monocular camera and sequential images. The main objective is to reduce the computational time for dense 3D reconstruction.

I. INTRODUCTION Antipersonnel mines have been a serious threat to the safety and livelihoods of people during wars. In war hit countries, agriculture, transport and economic recovery is affected by the presence of landmines. One of greatest challenges of landmine clearance is finding the buried mines. Currently, locating landmines is mainly done by hand. Humanitarian demining personnel use metal detector and a stick to probe every 2.5 square cm in a suspect area. Using this technique a great amount of time and manpower is required to clear a relatively small area. Another drawback is the high risk of injury to the demining personnel. Recent advances in the development of accurate and reliable sensors for landmine detection are so promising that researchers have become interested in the development of autonomous robotic system that requires minimum interaction of human operators. Typically, the robots/vehicles are equipped with GPS and IR systems and other tools like metal detectors to search for landmines buried in broad fields. On the other hand, robots are more suitable for off-road missions and antipersonnel unexploded ordnance detection. Specifically, robots are useful for civilian mine clearance missions whose reliability must be above 99.6% as defined by the UN agenda [1]. For practical applications like landmine clearance missions, the robot should have the capability to localize itself and accurately map the scene simultaneously. This is the basic requirement for autonomous robots. A central issue in intelligent robotics is the problem of knowing the position of a robot in the environment. This issue has been greatly researched. However, the problem of handling the very large number of landmarks in the scene is still the target for many researchers [2]. Using vision as the information source for robot navigation for landmine detection and clearance purposes carries many advantages over using other approaches like laser scanning. Vision sensors and their measurement procedures for 3D information are flexible and simple. We only extract the details of information from the sensed data based on which the size, depth, structure, and material of the object in the scene can be determined. This study deals with the requirement to develop a wide baseline monocular stereo vision technique for landmine detecting mobile robots that combines local motion estimation and robust image matching in order to build a 3D model of the terrain. The reasons for using the monocular approach are low-cost and ease of replication in case of damage to the robot during the landmine detection process. The system must work from two images obtained at

different robot positions as a virtual stereo pair. The remaining of the paper is structured as follows: Section 2 presents detection of sparse features and their matching for camera calibration and rectification of the image pair. Establishment of dense correspondence and 3D reconstruction is the topic of Section 3. Experimental results are discussed in Section 4; finally the paper is concluded in Section 5.

II. FEATURES DETECTION AND MATCHING Feature points between two images in sequence are matched based on similarity in order to establish a relationship between them. The selection of appropriate features plays an important role in the matching process and has a direct impact on 3D reconstruction. The use of Harris corners [3] as feature points for camera calibration and rectification is discussed in this section. Corners are matched over two images within limited disparity. While matching corners, there may be more than one match in one image for a corner in other image. In case of multiple matches for a single corner the selection is based on gray value similarity in pre-defined neighborhood of the corners in the two images. Due to errors in the correspondence process, the set of initial corresponding points is typically contaminated with incorrect matches or outliers, which are removed using the RANSAC (RANndom SAmple Consensus) algorithm. Once the correspondence between feature points in the two images is established, it is used for computation of the fundamental matrix and planar rectification as presented in the following subsections.

A. Fundamental Matrix and Epipolar Geometry The geometric relationship between the two images which is necessary for establishing correspondence between them is best captured by the epipolar geometry and therefore in applications like scene modeling and mobile robot navigation, its computation is one of the basic tasks to be performed. For a given point x in one image (for notations used in this paper please refer to Appendix A), the corresponding point x’ in another image must lie on the epipolar line. This important fact is called the epipolar constraint. The following equation should be satisfied for all corresponding points

)1(011 333231

232221

131211

=

′′

yx

fffffffff

yx T

or, equivalently, [ ] )2(01 =′′′′′′ fyxyyyyxxxyxx From all point matches, we can obtain a set of linear equation of the form

Towards Terrain Modeling For Robot Navigation Using A Single Camera

Muhammad Tufail, Abdul Bais, Muhammad Usman, Sheraz Ali Khan NWFP University of Engineering and Technology

Peshawar, Pakistan {tufail,bais,usman,sheraz.ali}@nwfpuet.edu.pk


45

)3(0=Α f In (3), f is a nine-vector containing the entries of the matrix F, and A is the equation matrix. The system of equation can be solved by singular value decomposition (SVD). Applying SVD to A yields the decomposition USVT with U and V being orthogonal matrices and S, a diagonal matrix containing the singular values. These singular values 0.... 9321 ≥≥≥≥ σσσσ are positive or zero elements in decreasing order.

B. Rectification Rectification seeks to map an input image pair to one in which epipolar lines are parallel and correspond to image rows. Rectification helps simplify stereo matching by reducing the search space to one dimension. If the epipoles are not visible in either image, it can be achieved by applying projective transformations (also called homographies) H and H’ to the left and right images respectively, so that the epipoles e and e’ in the left and right images are mapped to infinity and the epipolar lines become parallel to horizontal scan lines. In short we have to find H and H’ such that

=′Η′

=Η

001

,001

ee

The algorithm for estimating H and H’ is reported in [4] and briefly explained in this section. From the estimated fundamental matrix F and epipoles e, e’, the projective transformation H’ for the right image is obtained which maps the epipole e’ to the point at infinity, (1, 0, 0)T . This transformation H’, is given by:

)4(GRT=Η′

Where,

•

−−

=100

1001

0

0

yx

T is the translation matrix.

•

−=

1000cossin0sincos

θθθθ

R is the rotation matrix where

′′

=x

ye

earctanθ

•

−=

101010001

f

G Where f = x-component of eRT ′ .

The corresponding projective transformation for the left image H is found through least-squares estimation. This means finding HA by minimizing the cost function,

( )2ˆ,ˆ∑ ′Ηi

iiA xxd

Where ii xx ′Η′=′ˆ , and ii xx 0ˆ Η= , ΜΗ′=Η0 ,

[ ] Fe x+′=Μ (Actually F can be factored into a skew-symmetric

matrix of epipole e’ and a non-singular matrix M as F = [ ] Μ′ xe ). Equivalently we can minimize the function

( )2ˆ),,( ∑ ′−+′+′=i

iii xcyaxacbaf

The resulting HA will be of the form

=Η

100010cba

A

And finally

)5(0ΗΗ=Η A

III. DENSE CORRESPONDENCE AND 3D RECONSTRUCTION

The sparse matching is used for estimation of fundamental matrix and image rectification. However, dense depth map is required for robot navigation. Dense correspondence can be achieved by pixel to pixel matching in the image pair. The main advantages of using this approach over the sparse matching are (i) a dense disparity map or depth image is provided, and (ii) no feature extraction is required [5].

A. Algorithm for Dense Correspondence Dense correspondence is achieved using dynamic programming which determines the set of correspondences between two images by minimizing a cost function encoding the following two heuristics: 1. Ordering constraint: If a point a is on the left of point b in the

reference image then the match for a should to be on the left of the match of b in target image.

2. Uniqueness constraint: Each pixel should have exactly one or no match in the other image.

In the pseudocode [6] shown in Algorithm 1, i and j range from 0 to n − 1, where n is the number of pixels per scan line (it also represents the width of the input images). For the left and right scan lines from the stereo pair, the correspondence problem is solved by using dynamic programming on an n × n matrix A which holds the costs of matching two scan lines of size n each. A[0, 0] is initially zero and all other entries are computed from upper left to the lower right corner. All the entries in matrix A can be filled initially with some dissimilarity measures as used in [7]. The minimum optimal cost for a scan line is then calculated by backtracking through matrix A starting from A[n − 1, n − 1] and ending at A[0, 0]. Three directions Left, Up, and UpLeft (default) are possible choices to go up along the diagonal. The column difference between path- and diagonal entries will result in the left disparity map.

Algorithm 1. Computing Disparity Map [6]

1: // Calculate the minimum optimal cost for a scanline 2: Minimum = Min (A[i − 1, j] ,A[i, j − 1] ,A[i − 1, j − 1]) 3: ColorL = LeftImage [i, y] 4: ColorR = RightImage [j, y]


46

5: A[i, j] = Minimum + (ColorR − ColorL)2 6: DisparityMapL [i, y] = j − 1 7: DisparityMapL [j, y] = i − j 8: Up = A[i − 1, j] 9: Left = A[i, j − 1] 10: UpLeft = A[i − 1, j − 1] 11: Minimum = Min (Up, Left,UpLeft) 12: case (Minimum) 13: UpLeft : i = i; j = j − 1 14: Left : j = j − 1 15: Up : i = i − 1 16: end

In the second part of the pseudocode from Line 6 to Line 11, i and j are initially 0 then repeat until they become 0 again. The variables i and j represent the current position in the left and right scanlines respectively. Left or right disparity maps will come out depending on our choice of variable i or j. The variable y represents the vertical position inside the disparity map and remains constant per iteration. The disparity map determined above is used to reconstruct dense structure of the scene up to Euclidean transformation by triangulation. The matched points ii xx ′↔ from the previous step and the original camera matrices P, P’ are used to reconstruct the 3D structure up to a similarity transformation if P and P’ are the true camera matrices and up to projective transformation if the true camera matrices are unknown. As ( ) 0=× PXx and

( ) 0=′×′ XPx , we can formulate a linear equation for point X in the world coordinate frame as,

)6(0

23

13

23

13

=

′−′′′−′′

−−

=ΑΧ

TT

TT

TT

TT

ppyppxpyppxp

Where piT are the rows of P. Then the world position X can be obtained by least squares solution of the homogeneous linear system using the SVD.

IV. EXPERIMENTAL RESULTS The performance of the algorithm is tested using the famous ”Head and Lamp” and the ”Bread and Oranges” image pairs. In the ”Head and Lamp”, the image planes are perfectly parallel to each other and therefore no rectification is needed. On the other hand, for the ”Bread and Oranges” image pair, a great deal of rotation and translation is involved between the two image planes and therefore it serves as a real image pair in our experiments. All the algorithms were implemented in MATLAB and Intel’s OpenCV library [8] on a Microsoft Windows platform. Torr’s Structure and Motion Toolkit [9] is used for detection and matching of corner points in two images.

Fig. 1 shows the detected Harris corners for ”Bread and Oranges” image obtained with the Torr’s tool. The matched corners are shown in Fig. 2. Corners are matched over two images within limited disparity. In Fig. 2 we use 20.

Fig. 1 Image Corners. Crosses show the Harris Corners.

Fig. 2 Feature Matching. Corners are matched by the Correlation Matching Technique.

For the “Bread and Oranges” image pair, we have found that RANSAC removes 36% of the initial correspondences, resulting in a very accurate set of correspondences.

Fig. 3 Original Left and Right Images before Rectification

Left and right input images shown in Fig. 3 are rectified with H and H’ respectively and the resulting rectified images are shown in the Fig. 4.

Fig. 4 Rectified left and right images. Corresponding points lie on the same horizontal line.

The results for dense correspondence are obtained with Intel’s OpenCV library 1 which implements the algorithm presented in [7]. The algorithm takes the rectified image pair as an input. It matches the pixels in both images on scan line by scan line basis. A scan line in one image is taken at a time and the match for every pixel in the corresponding scan line is searched for with in the horizontal range


47

specified by the parameter maximum disparity. In order to correct the errors in a single scan line, the global information about the relationship between different scan lines in the same image is utilized. The algorithm generates the disparity map in (0.531 seconds) however it is prone to errors and the resultant disparity maps are noisy. Fig. 5 shows a ground truth disparity map for the “Head and Lamp” images 2 defined with respect to the left image. For display purposes, the disparity values are normalized to a range of 0 − 255. Bright pixel intensities correspond to high disparity values which in turn represent small depth values.

Fig. 5 Disparity map for Tsukuba image pair.

Fig. 6 shows the disparity map for the “Head and Lamp” image pair. It can be seen that based on the intensity values, objects in the image can be differentiated from one another. For example lamp can be easily distinguished from the head due to its high brightness. In real scene lamp is closer to the camera than the head. The lamp shaft is as brighter as the head which is basically due to the noise in the disparity map.

Fig. 6 Estimated disparity map for “Head and Lamp” image pair.

For the left image, both the camera rotation and translation matrices were taken to be identity matrices as it was assumed as the reference position of the camera. The world coordinate system is assumed to coincide with the coordinate system of the first camera. The translation matrix for the second camera position was assumed equal to the 0.03 meter (same as baseline) and the rotation matrix was taken as identity matrix due to rectification. Focal length f is 900 pixels and the principal point of the camera is (320, 240) (which is the image center).

Fig. 7 3D reconstructed “Bread and Oranges” image.

The resulting reconstructed images for the “Head and Lamp” image are shown in Fig. 8 and Fig. 9.

Fig. 8 View 1: 3D reconstructed “Head and Lamp” image.

Fig. 9 View 2: 3D reconstructed “Head and Lamp” image.

V. CONCLUSION The effectiveness of dense 3D reconstruction may vary depending on the type and complexity of scene we deal with. In case of landmine detection and clearance problems, scenes are relatively


48

complex and the 3D reconstruction software is very sensitive to changes in scene attributes like its distance from camera, lighting conditions, amount of texture, surface smoothness, objects motion, and occlusion rates. Future work will focus on modeling of natural terrain where occlusion rate is high and object surfaces are not smooth and have low texture. In these cases, getting an accurate disparity map from the images can improve the reconstruction process considerably. Following are some recommendations for future work: • Instead of Harris corner detector, a more robust feature

detector such as SIFT can be used. • For rectification [10] presents very good improvement on

(Hartley, 1999) which is implemented in our work. The improvement is in the way robust matching homographies are computed which perfectly aligns the epipolar lines in the two images. Also the rectified images can be interpolated bilinearly which will reduce the re-sampling error in the images.

• The accuracy of dense stereo disparity maps can be improved in order to have 3D representation of the scene suitable for applications like robot navigation. The Birchfield algorithm implemented in OpenCV is open source and therefore can be modified to bring improvements in it. Instead of matching individual pixels with each other, a correlation matching technique can be used so that errors of up to one or two pixels in image rectification can be accounted for.

Acknowledgment This work was carried out at Asian Institute of Technology, Thailand as part of the Master Thesis under the supervision of Dr. Matthew Dailey. The thesis report is available at [11].

REFERENCES [1] H. Najjarin and A. A. Goldberg, “Landmine detection using an

autonomous terrain scanning robot,” Industrial Robot Journal, vol. 32, no. 3, pp. 240–247, 2005.

[2] M. Montemerlo, S. Thrun, D. Koller, and B. Wegbreit, “FastSLAM: A factored solution to the simultaneous localization and mapping problem,” 2002.

[3] C. Harris and M. Stephens, “A combined corner and edge detection,” in Proceedings of the fourth Alvey Vision Conference, 1988, pp. 147–151.

[4] R. I. Hartley, “Theory and practice of projective rectification,” International Journal of Computer Vision, 1998.

[5] I. J. Cox, “A maximum likelihood n-camera stereo algorithm,” in CVPR’94, 1994, pp. ‘733–739.

[6] Sven Forstmann, Yutaka Kanou, Jun Ohya, Sven Thuering, and Alfred Schmitt, “Real-time stereo by using dynamic programming,” in Proceedings of the 2004 Conference on Computer Vision and Pattern Recognition Workshop (CVPRW’04) Volume 3, Washington, DC, USA, 2004, p. 29.

[7] Stan Birchfield and Carlo Tomasi, “Depth discontinuities by pixel-to-pixel stereo,” in ICCV, 1998, pp. 1073–1080.

[8] Intel, “Open Source Computer Vision and Image Processing Library(Computing Software),” 2000.

[9] H. S. P. Torr, “A structure and motion toolkit in MATLAB (Computing Software),” 2002.

[10] John Mallon and Paul F. Whelan, “Projective rectification from the fundamental matrix,” Image and Vision Computing, vol. 23, no. 7, pp. 643–650, 2005.

[11] Muhammad Tufail, “Towards real-time terrain modeling for robot navigation using a monocular camera,” M.S. thesis, Asian Istitute of Technology, Bangkok, Thailand, 2007.

[12] R. I. Hartley and A. Zisserman, Multiple View Geometry in Computer Vision, Cambridge University Press, ISBN: 0521540518, second edition, 2004.


49

Abstract — Data mining, the extraction of hidden

knowledge from large databases, is a powerful and the hottest new technology with great potential to help organizations focus on the most important information in their large databases. Data mining tools predict future trends and behaviors, allowing businesses to make knowledge-driven decisions, and extracts knowledge buried within the mountain. Feedforward Multilayer Perceptrons (MLPs) is the most widely used model in artificial neural networks models and used for classification problems as well as regression. The training process of an overly large network can be prohibitively expensive and time consuming, especially when model contains a large number of inputs dimensionality. This paper presents a new proposed algorithm for MLPs and compares the results with traditional MLPs algorithm based on backpropagation algorithm.

Index Terms — Data Mining, Neural Network,

Classification, Backpropagation

I. INTRODUCTION “The nontrivial extraction of implicit, previously unknown, and potentially useful information from data” [1] or “The science of extracting useful information from large data sets or databases” [2]. Also known as knowledge-discovery in databases (KDD) is the practice of automatically searching large stores of data for patterns. To do this, data mining uses computational techniques from statistics, machine learning and pattern recognition. “Data mining is the process of discovering meaningful new correlations, patterns and trends by shifting through large amounts of data stored in repositories, using pattern recognition technologies as well as statistical and mathematical techniques.” [3] There are other definitions: “Data mining is the analysis of (often large) observational data sets to find unsuspected relationships and to summarize the data in novel ways that are both understandable and useful to the data owner”. [4]. “Data mining is field bringing together techniques from machine learning, pattern recognition, statistics, databases, and visualization to address the issue of information extraction from large data bases” [5]. Data mining is an essential step in the process of knowledge discovery in databases (KDD). Knowledge discovery contains of an iterative steps [6]: Data Cleaning: The process of ensuring that all values in a dataset are consistent and correctly recorded. Data Integration: some cases multiple data sources may be combined. Data Selection: The data relevant to the analysis task are retrieved from the database Data Transformation: is transformed into forms appropriate for mining. Data Mining: The extraction of hidden predictive information from large databases.

Pattern Evaluation: Identifying the patterns representing knowledge. Knowledge Representation: Present the data in a useful format, such as a graph or table. Data mining can be classified either as descriptive or predictive mining, which performs the tasks of classification and regression, or clustering and association respectively. Data classification is a two-step process. In the first step, a model is constructed, which describes a predetermined set of data classes. Each tuple/sample is assumed to belong to a predefined class, as determined by the class label attribute. The set of tuples used for model construction belong to training set. The model is represented as classification rules, decision trees, or mathematical formulae. In the second step, the model is used for classifying future or unknown objects. To estimate accuracy of the model, the known label of the test sample is compared with the classified result from the model. In this study we realized the classification and prediction model with feedforward MLPs, which is widely used model in artificial neural networks, using the backpropagation algorithm. The field of neural network was originally kindled by psychologists and neurobiologists who sought to develop and test computational analogues of neurons. A neural network consists of an input layer, one or more hidden layers, and an output layer (as shown in Figure 1), where each connection has a weight associated with it. During the learning phase, the network learns by adjusting the weights so as to be able to predict the correct class of the input tuples/samples [7].

Fig. 1 In the following sections, a detailed review of related literature, proposed algorithm, and experiment can be found and in the last section, the paper is concluded.

II. RELATED LITERATURE A lot of work has been done on multilayer perceptrons (MLPs) and other classification and prediction algorithms. In the following lines we present a brief introduction of few classification and prediction algorithms. Neural Networks (NNs) have been shown to be accurate classifiers in many domains, often superior to other statistical and data mining techniques. Unfortunately, NNs do not provide an easy process to explain how they arrived at their accurate results and this has somewhat limited their use within organizations, as managers desire both accuracy and understanding [8].

DECREASE TRAINING TIME OF FEEDFORWARD MULTILAYER PERCEPTRONS BY ATTRIBUTE SELECTION METHOD

Zakia Hussain, Shoukat Ullah, Aman Ullah Institute of Information Technology

University of Science & Technology Bannu, N-W.F.P, Pakistan


50

There are many types of neural networks that has been employed and these include multilayer perceptrons (MLPs), radial basis function (RBF) and Bayesian neural networks [9,10]. New pattern recognition methods called support vector machines (SVMs) and Gaussian mixture models (GMMs) have been proposed and found to be particularly suited to classification problems [11]. During training, the learning rate is gradually decreased in discrete steps until the network converges to a minimum error solution [12].

III. PROPOSED ALGORITHM In this section we present a proposed algorithm for data classification, as shown in Figure 2. This algorithm works in two steps. In first step, it takes D, a set of training tuples and their associated class labels, and attribute_list. By applying Attribute Selection Method [7], only those attributes are selected whose information gain are ranked high. In the second step, it takes the new_attribute_list consisting of training tuples and their associated target values, learning rate and MLPs network to give a trained neural network [7].

IV. EXPERIMENT Experiments have been performed on real dataset of student’s data for admission in MSCS [13] as shown in Figure 3. The software used for classification is Neuralworks Predict 3.21.

First we trained the neural network with actual dataset consisting of eleven attributes through traditional MLPs algorithm whose results are shown in Figure 4. Second, we trained the neural network through proposed algorithm with nine attributes whose results are shown in Figure 5.

V. CONCLUSION

In experiments, we found that the proposed algorithm decreases the training time as compared to traditional MLPs algorithm. Furthermore, it increases the efficiency and reduces the complexity of MLPs structure.

Fig. 2

Fig. 3

Fig. 4

ALGORITHM: BACKPROPAGATION_ASM Input:

• Data set of training tuples with class labels • Attribut_list • Feedforward MLPs network • Learning rate

Output: A trained neural network Step-I (!) for each attribute A { (2) apply Attribute_Selection_Method (3) // to rank each attribute describing the given tuple } (4) if an attribute has rank above average Then (5) obtain new_attribute_list Step-II (6) All weights and biases are initialized (7) Repeat Steps 8 to 12 while terminating condition is not satisfied { (8) for each training tuple X in Data set { (9) Calculate Net input and output of

each unit in hidden and output layers (10) Calculate Error of each unit in hidden and output layers (11) if Error exists Then (12) Calculate updated weights and biases (13) }}


51

Fig. 5

REFERENCES [1] W. Frawley and G. Piatetsky-Shapiro and C. Matheus, Knowledge

Discovery in Databases: An Overview. AI Magazine, Fall 1992, pp. 213-228.

[2] D. Hand, H. Mannila, P. Smyth: Principles of Data Mining. MIT Press, Cambridge, MA, 2001. ISBN 0-262-08290.

[3] The Gartner Group, www.gartner.com. [4] David Hand, Heikki Mannila, and Padhraic Smyth, Principles of Data

Mining, MIT Press,Cambridge, MA, 2001. [5] Peter Cabena, Pablo Hadjinian, Rolf Stadler, JaapVerhees, and

Alessandro Zanasi, Discovering Data Mining: From Concept to Implementation, Prentice Hall, Upper Saddle River, NJ, 1998.

[6] Chaudhuri, S., “Data Mining and Database Systems : Where is the Intersection?”, IEEE Bulletin of the Technical Committee on Data Engineering, Vol.21 No.1, pp. 4-8, March 1998.

[7] J. Han, M. Kamber, “Data Mining: Concepts and Techniques”, Elsevier India Pvt Limited, Second Edition, 2007.

[8] Christie M. Fuller, Rick L. Wilson "Assessing Extracted Knowledge From Classifier Neural Networks: An Exploratory Empirical Study", International Journal of Management and Decision Making (IJMDM), Vol. 9, No. 1, 2008. [9] T. Marwala. "Fault Identification Using Neural Networks and Vibration Data", University of Cambridge Ph.D. Thesis, Cambridge, UK, 2001.

[10] C.M. Bishop. Neural Networks for Pattern Recognition. Oxford University Press, Oxford, UK, 1995.

[11] J. Joachims. Making large-scale SVM learning practical. Scholkopf, C. J. C. Burges and A. J. Smola, editors, Advances in Kernel Methods-Support Vector Learning, 169-184, MIT Press, Cambridge, MA: ,1999.

[12] S.K. Pal, S. Mithra, "Multilayer perceptron, fuzzy sets, and classification", Neural Networks, IEEE Transactions on Volume 3, Issue 5, Sep 1992 , Page(s):683 – 697, Digital Object Identifier 10.1109/72.159058.

[13] Institute of Information Technology, UST Bannu, N-W.F.P, Pakistan.


52

Abstract — Stock Data Mining has a great potential in business and trading decision support system. The evaluation of inventory data to identify the reason of dead stock, slow-moving, and fast-moving products is a useful mechanism for business support, investment and surveillance. In this paper we have proposed an algorithm for mining patterns of huge stock data to predict factors affecting the sale of products. In first phase, we divide the stock data in three different clusters on the basis of sold quantities i.e. Dead-Stock (DS), Slow-Moving (SM) and Fast-Moving (FM). In the second phase we have proposed Most Frequent Pattern (MFP) algorithm to find frequencies of property values of the corresponding items. MFP provides frequent patterns of item attributes in each category of products. From the result we conclude that why an item falls in a certain category.

Index Terms — Dead-Stock (DS), Slow-Moving(SM),

Fast-Moving (FM), Most Frequent Patterns (MFP), clustering, K-Means

I. INTRODUCTION:

It is easy to turn cash into inventory, but the challenge is to turn inventory into cash. Effective inventory management enables an organization to meet or exceed customer’s expectations of product availability while maximizing net profits and minimizing costs [1] [2]. Stock data mining has a potential to provide trading decision support and market surveillance. Data mining techniques like clustering and associations can be used to find meaningful patterns for future predictions [3] [4]. Clustering is used to generate groups of related patterns, while association provides a way to get generalized rules of dependent variables [5]. Patterns from a huge stock data on the basis of these rules can be obtained. The behavior in terms of sales transaction is significant. The general term used for such type of analysis is called Market Basket Analysis [5]. Typically there are lot of different items, placed in a market for selling, in which some of the product will be fast selling items, some will be slow selling items and some will be dead stocked i.e. rarely selling items. We consider a scenario of super store or super market. Decision making in business sector is considered as one of the critical tasks. There is study for data mining for inventory item selection with cross selling considerations which is used for maximal-profit selling items [6]. But our problem is finding out the selling power of the products in the market. This is a useful approach to distinguish the selling frequency of items on the basis of the known attributes. E.g. we can examine that a “black coat of imperial company in winter season at Karachi has high ratio of sale”, here we have basic property related to this example, i.e. color, type, company, season, and location. Similarly we can predict that certain products of certain properties have what type of sale trends in different locations. Thus on the basis of this scenario we can predict the reason of dead-stock, slow-moving and fast moving items. Data mining techniques are best suited for the analysis of such type of predictions.

A. Effects of Items Properties: Store location, season, color, design, quality, company and prices are the key attributes which affect the sale of products. Our algorithm takes into account these attributes for the evaluation of sale of products.

Impacts of Faulty Stocking Strategies: Most warehouse networks have built-in barriers. Overcoming these, create needless costs and diminishes the service proficiency of the network which they provide to their customers. The following list contains five obstacles that distribution executives can gauge against their own warehouse networks [5] [7].

• Ignoring Cost • Mistaken Territories Increase Costs • Too Few Classes/ Varieties • Wrong Emphasis • Dead Inventory

II. MOTIVATION AND RELATED WORK In most of the data mining research, it is assumed that some patterns can be mined from the history of transactions as it likely that may persist in future. These can help to predict the customer behaviour for decision making. Some of the earlier works include, Mannila et al. (1994) [8], Agrawal and Srikant (1994) [9], Gebouw et al. (2004) [10], Brijs et al. (2000) [11], Raymond Chi-Wing Wong (2005) [12]. Long et al (2008) [13]. Association rules plays key role in prediction. But it is difficult to understand the association rule generated by the formal methods of association. Therefore further processing is needed for finding simple patterns. We have proposed MFP matrix which is simple and needs no further refinement.

III. DATA MINING Data Mining is the key element of the Knowledge Discovery in the Databases task (KDD) [5]. KDD can be defined as “the process of identifying valid, novel, potentially useful and understandable patterns in data”. Data mining software is one of a number of analytical tools for analyzing data. It allows users to analyze data from many different dimensions or angles, categorize it, and summarize the relationships identified. Technically, Data Mining is the process of finding correlations or patterns among dozens of fields in large relational databases [5]. Data Mining is not a field in itself; it is more a collection methods of data analysis coming from different fields of computer science, artificial intelligence and statistics [3].

IV. ASSOCIATED PATTERNS OF STOCK DATA Our proposed approach is a two phased model. First we generate clusters using K-Mean algorithm, and then FPP is designed for counting frequencies of items under their specified attributes. First we are going to explain phase-1. The block diagram of the whole process is given in figure 1.

A. Phase one As discussed earlier in the first phase of our process, we have used K-Mean [14] clustering technique to classify the products in three groups.

Classification in Associated Patterns of Stock Data

Khairullah khan, Nasir Gul, Warda Abbasi Institute of Information Technology, University of Science & Technology Bannu. N.W.F.P. Pakistan

[email protected], [email protected], [email protected]


53

Fig. 1 Block Diagram Cluster 1: Dead-Stock: This cluster contains record of those products which have small selling quantity. Every company has dead inventory (or at least sick and dying inventory). It’s a natural outgrowth of being in business for any length of time. As a matter of fact, any successful product such as start decreasing in sale volume when exact replicas with low cast are introduced into the market which soon supercedes the existing stock. Cluster 2: Slow-Moving: This cluster contains records of those products which have medium selling quantity. Cluster 3: Fast-Moving: This cluster contains records of those products which have large selling quantity.

B. Phase Two In this phase our proposed algorithm FPP will be used to generate a property matrix containing counted values of corresponding properties of each product.

This procedure receives Data sets from clusters. The first loop scans all the records of the data set. The inner loop counts occurrences of the attribute for a given item and placed in the MFP matrix. Finally maximum occurrences with-in a row gives a single pattern. On the basis of these patterns, we can predict that why a certain product falls in particular category. From the first row of Table 1, it is clear that white coat of female in winter has high ratio of sale. Similarly in the second row it can be seen that black shoes of female in summer has high ratio of sale and so on.

TABLE 1

MFP Matrix Colors Gender Season

Item

Re

d W

hite

Blac

k

Max

Male

Fema

le

Max

Wint

er

Summ

er

Sprin

g Au

tumn

Max

MFP

Coat

2 5 3 Whit

e

3 7 F 5 0 2 3 Wint

er

Coat-

Whit

e-F-

Wint

er

Shoe

s

3 4 5 Blac

k

4 8 F 3 4 3 2 Summ

er

Shoe

s-Blac

k-F-S

umme

r

swee

ter

5 6 7 white

10 8 M 5 2 6 5 Sp

ring

Swee

ter-W

hite-

M-Sp

ring

V. CONCLUSION We looked at the use of Data Mining for identifying stock data patterns using clustering and Most Frequent Pattern algorithm. Our contribution here was to formulate most frequent pattern of products using their known properties in inventory system. We identified the trends of selling products through their known attributes. Our technique is simple by using matrix and counting of attribute values.

Some of the limitation of study includes that it requires proper data with required attributes.

Clustering K-Means

Cluster 1 SM

Cluster 3 DS

Cluster 2 FM

Extract (FPP)

Display

end

OLTP Databa

Pseudo code for FPP: Let we have set X of N items in a Dataset having set Y of attributes. This algorithm counts maximum of each attribute values yij for each item in the dataset. Input: Datasets (DS) Output: Matrix Frequent Property Pattern (FPP): FPP (DS) Begin for each item Xi in DS

a. for each attribute

i. count occurrences for Xi

C=Count (Xi) ii. Find attribute name of

C Mi=Attribute (Ci)

next [End for inner loop] b. Find Most Frequent Pattern

i. MFP=Combine(Mi) next [End for outer loop]


54

REFERENCES [1] Abubakar, Felix “Customer satisfaction with supermarket retail

shopping” 2002 [2]. Marcello Braglia, Andrea Grassi, Roberto Montanari “Multi-attribute

classification method for spare parts inventory management” 2004 [3] By Terry Harris,”Optimization creates lean green supply chains” 2008 [4] Matt Hartely “Using Data Mining to predict inventory levels” 2005 [5] Jiawan Han, Micheline Kamber “Data Mining Concepts and Techniques” [6] Lu Frans, Wei, Paul, “Towards an agent based framework for online after

sales services” 2006 [7] Rules Marco-Antonio Balers, Fernando Berzal, Juan-Carlos Cubero,

Eduardo Eisman, Nicolás Marín “Discovering Hidden Association” 2004

[8] Mannila et al. “Mining Association Rules” 1994

[9] Agrawal and Srikant “Fast Algorithms for Mining Association Rules”

1994 [10] Gebouw D, B-3590 Diepenbeek, Belgium “Building an Association

Rules Framework to Improve Product Assortment Decisions” 2004 [11] Brijs, Bart, Gilbert, Koen, Geert “A Data Mining Framework for

Optimal Product Selection in Retail Supermarket Data: The Generalized PROFSET Model” 2000

[12] Raymond Chi-Wing Wong, Ada Wai-Chee Fu, Ke Wang”Data Mining for Inventory Item Selection with Cross-Selling Considerations” 2005

[13] Long Cao, Chao Luo, Jiarui Ni, DanLuo, Chengqi Zhang “Stock Data Mining through Fuzzy Genetic Algorithm” 2008 - Vol. 4, No.3/4 pp. 225 – 238

[14] P.Thomas, Macredie “Knowledge Discovery and Data Mining” 1999


55

Abstract — Earthquake ranks among leading chronic natural disasters to manhood. The devastating effects of this natural phenomenon in the recent past have raised more concerns considering the amount of efforts (both human and material) usually expended before, during, and after its occurrences. Although many strategies are usually employed in tackling its horrific anticipated incidence, we believe agent-based approach could be of tremendous assistance. The focus of this work is to develop a multi agent system technique which we consider as an efficient option for solving the current problems. Here, we present a framework of our proposed earthquake management system (EMS) where agents are deployed at all levels of the relief efforts starting from sensing of hazard to provision of most suitable relief assistance to the concerned individuals. Apart from being efficient in terms of real-time response in such distributed and dynamic situation, the system would be web-enabled, autonomous and invariably reduce both cost and efforts usually expended.

Index Terms — Multi-agent system, disaster management,

information sharing

I. INTRODUCTION There are many terrible and devastating natural occurrences in human history. Earthquake is a singular most dreadful of them all as evidenced despite the advancement in science and technology. For instance, the 1976 Tangshan earthquake was officially reported to have claimed about 255000 lives even though experts believed twice to thrice such number were lost, with about 800000 people injured [1]. Similarly, lately in 2004 in the Great Sumatra-Andaman Earthquake [2], about 230000 loss of lives were accounted for. Besides these astonished human loss, many billions of dollars worth of property also perished along with them. Thus, it is imperative for more combating efforts aimed at it occurrences and relief operations. This has resulted in research efforts directed towards disasters management in general, and earthquakes in particular such that the devastating effect after occurrences could be reduced [3, 4]. Another similar project is disaster management and coordination organization as reported in [5]. However, these available approaches have proved to some extent inadequate in combating this natural debacle. Major challenges facing these works are unpredictable incidences and untimely relief operations. The delay in providing these urgent services is largely due to improper means and channel of information flow. In a typical earthquake management, there is the need for providing means for earthquake detection, alerting of appropriate relief agencies and potential victims of occurrences and subsequent timely report of occurrences. Our encompassing EMS consists of various field stations located in many areas where sensors detect and continuously send seismic readings to a central station. This station, which coordinates all the system’s activities, sends prompt directives and information to both the relief institutes and humans in the anticipated areas once the fields reading tallies with a benchmark figure. Each principal actor in the system is to be coordinated by a software agent. Agents are loosely coupled entities that can act on human behalf. Thus, they possess intelligent features that include ability to communicate, learn, be proactive, and even act autonomously. A community of agents coming together to tackle problems too complex to be solve individual agent is referred to as Multi Agent System (MAS).

Software Agents have proved to be valuable resources as deployed in many critical mission projects [6]. The aim of this work is to design a MAS where intelligent agents are deployed in monitoring, information sharing and data management in the event of earthquakes. This system would also support coordination and timely triggering of emergency services faster than humans. First, we make a survey of previous work in this domain and see areas of difference where our proposed system produces encompassing and more efficient services. Next we describe our proposed system architecture and explain the roles of agents involved. Likewise, a generic description of the workflow between these agents is highlighted. We conclude with a summary of contributions and direction for future work.

II. RELATED WORK The concept of teamwork being championed by agents especially in disaster management has been reported in [7]. However, the work was oriented towards generic emergency events like fire and explosion. [8, 9] have applied MAS for planning and coordination in relief operation. In terms of emergency relief response, works in this regard include Crisis Information Management Software [10] and an HLA-Based Multi-Agent System for Optimized Resource Allocation [11]. Yet, all these systems have no provision for active decision making based on prevailing situations. More importantly, one thing common with these works is that they are most effective in post earthquake operations and management. Our work focuses on the use of agent technology to produce autonomous and more efficient system in earthquake crisis management. More importantly, the system benefits from the autonomous and adaptive nature of agents for effective performances.

III. PROPOSED SYSTEM ARCHITECTURE We conceptualized a system that automatically and efficiently provides services like alerting, coordinating and collaborating in earthquake crisis. Five major software agents involved in our system are illustrated in Figure 1. These are Central Service Agent (CSA), Field Service Agent (FSA), Personalized Service Agent (PSA), Emergency Service Agent (ESA), and Personal Assistant (PA).

A. The agents and their roles in the EMS We describe the roles of these agents as follows:

1) Field service agents (FSAs) These agents are situated in different locations and coordinated by the CSA. FSAs are responsible for detecting waves range with the help of the seismographs and continuously update the Central Service Agent. They alert the CSA of earthquake occurrence if the reading reaches a benchmark 2) Central service agent (CSA) It coordinates the readings from the FSAs. Based on received data, it identifies potential disastrous area and informs the Emergency Service Agent (ESA) accordingly. It also consults the database on past records for appropriate strategy.

A Framework for Agent-based Earthquake Management System

Mukaila Rahman1, 3, Sarmad Sadik1, Arshad Ali1, H. Farooq Ahmad1, 2, Hiroki Suguri2 1NUST School of Electrical Engineering and Computer Sciences (NUST-SEECS), Pakistan

2Communication Technologies, Sendai, Japan 3Department of Computer Sciences, University of Lagos, Nigeria

{rahmalade, sarmad, drfarooq, drarshad}@niit.edu.pk, {farooq, suguri}@comtec.co.jp


56

3) Emergency service agent (ESA) It coordinates all the activities of the emergency services (police, health, fire and other relief organizations). It alerts and gives appropriate instructions to the PSA based on information and directives from the CSA.

4) Personalized service agent (PSA) This agent sent alert and relief information to the users through the Personal Assistants (PAs). The PSA, which possesses user’s profiles also models their interaction with the system and provides personalized services to each user. These services include language of communication and means of information delivery (textual or graphical) based on user’s literacy level. Information from the PA for necessary updating and verification is also received by the CSA through the PSA.

5) Personal assistant (PA) This acts as a personal assistant to humans. Messages from the PSA are transmitted through the PA to user for necessary emergency actions. Likewise, any observed and/or perceived report can also be reported to the CSA through the PSA. This PA can be deployed on PDAs, mobile phones, and other ubiquitous devices. The Database (DB) contains records of past occurrences and strategies employed as well as latest update as sent in by the CSA.

B. Generic Description of the workflow between the Agents The FSA detects wave range, sends the readings to the CSA and alerts it depending upon the benchmark reading of the seismograph. The CSA analyses the data consulting the database for strategy to be adopted. If earthquake is confirmed, the ESA is alerted for prompt actions. The ESA coordinates the relief organizations like police, fire, and ambulances. Based on the information and directives from the CSA, appropriate instructions are given to these organizations. Likewise, the PSA is informed of the development between the initial starting and big scale waves as defined by the readings. The PSA sends personalized information to the particular individuals through the PA. The PSA also passes observed and/or perceived report from the PA to the CSA. The PA passes directives and expectations from the PSA to the individuals. After the operation, the ESA produces report of events that transpired to the CSA for necessary updating of the Database. With these and previous information in it, the Database is queried in analysing the event for

necessary reporting. These queries include death toll, hospitalization, property loss and missing people information. This report also subsequently assists in future operations. Interaction between EMS agents is largely through the CSA. Agent Communication Language (ACL) is adopted for this interaction. An ACL specifies the sender, receiver, and the type of action to be performed as well as the arguments (or parameters) of such action.

Apart from the coordination and prompt triggering of emergency services which the system supports, the role plays by the personalized service agent go a long way in enhancing the system, making it adaptive and efficient. This agent as described above is saddle with responsibilities such as identification and classification of users; acquisition of user profiles during interaction; personalization of system services. User’s alert-service varies along language of communication and means of information delivery. This may be in form of text or graphics (based on education level). Also, the way to alert a hypertensive user of imminent earthquake has to be different from others, taking into consideration individual health history.

IV. CONCLUSIONS AND FUTURE WORK We describe an Agent-based system which is capable of detecting, alerting and triggering various relief institutes to combat and manage earthquake crisis. As shown in section 3, agent-oriented decomposition is suitable for partitioning complex systems that cater for disaster detection, emergency response and management. Our proposed earthquake management system comprises five different agents being coordinated by the central service agent. Although a relatively simple framework has been described, there are technical challenges which involve the development of supervised and unsupervised learning component of the personalised service agent especially in modelling user’s interaction with the system. We have commenced work on the user modelling subsystem and the results are encouraging. Both the stereotypical information acquisition and the analysis of user-system interaction history construction models are being considered in this subsystem. The integral properties of the subsystem include reasoning and learning. Subsequently, a prototype system of the EMS will be implemented.

Sensor n

User 1

User 2

User n

Sensor 1

Sensor 2

Personal Assistant 2

Users’ Profiles

Personalized Service Agent

Database

Relief Institute n

Field Service Agent 1

Central Service Agent

Field Service Agent 2

Field Service Agent n

Emergency Service Agent

Relief Institute 2

Relief Institute 1

Personal Assistant 1

Personal Assistant n

Fig. 1 EMS architecture


57

V. ACKNOWLEDGEMENT M. Alade Rahman from the University of Lagos, Nigeria thanks the Academy of Sciences for the Developing World (TWAS) Italy, and the National University of Sciences and Technology (NUST) Pakistan, for the ongoing one-year research fellowship sponsorship at NUST School of Electrical Engineering and Computer Sciences (NUST-SEECS), Pakistan.

REFERENCES [1] Historic Earthquakes. “Tangshan, China”, U.S. Geological Survey.

[Online]. Available: http://earthquake.usgs.gov/regional/world/events/1976_07_27.php

[2] Lay, T., Kanamori, H., Ammon, C., Nettles, M., Ward, S., Aster, R., Beck, S., Bilek, S., Brudzinski, M., Butler, R., DeShon, H., Ekström, G., Satake, K., Sipkin, S., “The Great Sumatra-Andaman Earthquake of December 26, 2004”, Science, 308, 1127–1133, 2005.

[3] M. Scalem, Somprakash Bandyopadhyay, Sushants Sinha, Ashok K. Sircar. “Decentralized Disaster Management Information Network (DDMIN): Research Discussions on the inherent Technological and Strategic implementation issues and Proposed Solutions”, draft for CISTM 2005. [Online]. Available: www.iimcal.ac.in/research/adhocnet/Papers/56.pdf

[4] Earthquake Management. [Online]. Available: www.earthquakemanagement.net/

[5] US Earthquake Hazards Program. [Online]. Available: http://earthquake.usgs.gov/

[6] Michael Wooldridge, An Introduction to Multi-agent Systems, John

Wiley & Sons Press, 2002. [7] M. Tambe, E .Bowring, H. Jung, G. Kaminka, R. Maheswaran, J. Marecki,

P. J. Modi, R. Nair, S. Okamoto, J. P. Pearce, P. Paruchuri, D. Pynadath, P. Scerri, N. Scerri, N. Schurr, P.Varakantham. “Conflicts in teamwork: Hybrids to the rescue”, In Proceedings of the Fourth International Joint Conference on Autonomous Agents and Multiagent Systems (AAMAS), 2005,pp.3-5.

[8] Lucian Vlad Lita, Jamieson Schulte and Sebastian Thrun. “A MultiAgent System for Agent Coordination in Uncertain Environments”, Proceedings of the fifth international conference on Autonomous agents, 2001, Montreal, Quebec, Canada, pp. 21 – 22.

[9] Wei Chen and Keith S. Decker, “Managing Multi-Agent Coordination,

Planning and Scheduling”, AAMAS,2004, pp. 1360-1361. [10] Ashcroft, J., D. J. Daniels, and S. V. Hart. 2002, “Crisis Information

Management Software (CIMS) Feature Comparison Report”, NIJ Special Report 197065, U.S. Department of Justice, National Institute of Justice, Washington, DC. [Online]. Available: www.ncjrs.gov/pdffiles1/nij/197065.pdf

[11] Frank Fiedrich, “An HLA-Based Multiagent System for Optimized Resource Allocation after Strong Earthquakes”, Proceedings of the Winter Simulation Conference, 2006. L. F. Perrone, F. P. Wieland, J. Liu, B. G. Lawson, D. M. Nicol, and R. M. Fujimoto, eds., pp. 486-492.


58

Abstract — Semantic-based information retrieval understands the meanings of the concepts that users specify in their queries. We presented an ontology driven information retrieval framework to improve the precision of searching results. We adopt thematic similarity approach for information retrieval in this paper in order to concentrate on the context aware use of a particular word (concept) to improve the precision of search results. We maintain metadata information of source(s). We employ RDF triples instead of keywords in the available metadata and probe user queries for capturing the context of the keywords. This improves the information retrieval precision.

Index Terms — Information Retrieval, RDF,

Semantic-based, Thematic Similarity, Context-aware

I. INTRODUCTION Different Information retrieval (IR) techniques exist to improve search efficiency and performance. These can be classified as: traditional keyword and semantic information retrieval techniques. The keyword information retrieval techniques perform keyword searching in documents by matching the string (i.e. characters) of keywords that users specify in their queries. In addition the systems, using the technique, maintain a word index to accomplish searching [20, 21], Google search engine is the most famous example of such systems. Although these systems spend less time in searching results because they do not have the ability to understand the meanings of keywords (i.e. semantics). Moreover, digital repositories are maintained and managed independently according to users own requirements in distributed environment. In these repositories, different documents containing same information may be represented differently (i.e., semantic heterogeneity) that makes it more difficult to understand semantics of the keywords [2, 6, 17, 18]. The most important semantic heterogeneity issues are: synonym and polysemy. A synonym is a word that means the same as another word, for instance, author is a synonym of writer. A polysemy is a word or phrase with multiple, related meanings, for instance fan can be used to refer electrical device in one context and a sports fan in other [2, 17, 18]. In semantic information retrieval technique, searching is performed by interpreting the meanings of keywords (i.e. semantics). The systems, using the technique, have higher results’ precision than, the systems, using the keyword information retrieval techniques because of the semantics of the keywords. However, in semantic information retrieval, improvement in the recall is not guaranteed (i.e., either lower or higher) [3, 6]. The semantics of keywords are identified through the relationships between keywords in an available knowledge base (i.e., ontology) by performing semantic similarity on them [1, 2, 3, 6, 8, 9, 10, 16]. In this paper we adopt thematic similarity approach for information retrieval to improve the precision. We propose Ontology Driven Information Retrieval Framework to carry out search in digital documents. In our proposed framework we are focusing on Resource Description Framework (RDF) triples instead of keywords. A user submits the query in the form of RDF triples, this query is expanded through synonyms and other relationships (i.e. hyponym, meronym)using existing semantic similarity techniques

[8]. We maintain source model that contain information about sources (i.e. digital documents). Our source model consists of two components: content metadata that contains metadata of contents and source metadata contains information about sources in the form of RDF. RDF triple matching is performed by semantic matcher. Documents containing relevant RDF triples are passed to the ranker to display the results to the user according to the relevancy of documents. Moreover different indexing techniques are used to enhance the performance of semantic matcher. The remainder of this paper is structured as follows: Section 2 describes the overview of RDF language and its terminologies. Section 3 reviews current approaches to compare different semantic search techniques and their proposed systems. Section 4 explains our proposed information retrieval framework and its different components. Section 5 presents the semantic similarity approach to carryout similarity calculation between concepts and relations. Section 6 describes our methodology to carry out semantic search. Section 7 discusses example to demonstrate our methodology whereas section 8 presents our conclusion.

II. RESOURCE DESCRIPTION FRAMEWORK In this section we describe the Resource Description Framework and its terminologies as in rest of the paper we will use it in our methodology. A Resource Description Framework (RDF) is a standard for representing metadata information that can be identified using a Universal Resource Identifier (URI) [7]. To describe metadata, RDF statements are expressed in triples: subject (represented by a URI or a blank node), predicate or property (represented by a URI) and object (represented by a URI, a blank node or a literal). This triple can effectively modeled as directed graphs. As shown in Fig. 1, the subject and object of the triple are modeled as nodes and the predicate as a directed link that describes the relationship between the nodes. The direction of the link always points towards the object. A URI is a more general form of Uniform Resource Locator (URL). It allows information about a resource to be recorded without the use of a specific network address. A blank node is used when a subject or object node is unknown. It is also used when the relationship between a subject and an object node is n-ary (as is the case with RDF containers). A literal is basically a string with an optional language tag. It is used to represent values like names, dates, and numbers. A typed literal is a string combined with a data type, whereas the data type is always a URI, for example “25” ^^http://www.w3.org-/2001/XML Schema#int.

III. RELATED WORK The state of the art semantic based IR system compute semantic similarity by mapping concepts to domain ontology and by examining their relationship in that ontology. Different semantic similarity methods are categorized in [7] as: 1) Edge counting methods measures the similarity between two concepts as a function

Intelligent Information Retrieval

Jibran Mustafa, Sharifullah Khan, Khalid Lateef NUST School of Electrical Engineering and Computer Sciences

Chaklala, Rawalpindi, Pakistan {jibran.mustafa, drsharif, Khalid.latif}@niit.edu.pk

Subject Object Predicate

Fig. 1 RDF triple as directed graph


59

of the length of the path (i.e. distance) relating the concepts (also called distance base approach). 2) Information content methods measure the difference in information of the two concepts as a function of their probability of occurrence in a corpus and commonly called term frequency, Inverse document frequency (tf.idf). 3) Feature based methods measures the similarity between two terms either as a function of their properties. A number of systems [1, 2, 3, 4] have been developed to improve either precision, recall or both of search results. In [3] ontology navigation was used to annotate the relevant results semantically. The results produced by this search engine improved the recall. Semantic search framework proposed in [2] improved the precision and recall as compared to existing systems. In this framework traditional term document matrix was extended in three steps to carry out reasoning between domain ontology. Semantic Similarity Retrieval Model (SSRM) proposed in [1] improved precision along with recall as compared to other systems [2, 3]. Initially, weights are computed by extending concepts through synonyms. Second, weights are recomputed by examining neighborhood of each concept. Finally, document similarity is computed using td.idf similarity method. The existing semantic based IR systems extend concepts through synonym to handle semantic heterogeneity (i.e. synonymy), for instance, looking only for word writer may have fewer results than looking for writer and author. However the existing techniques (systems) do not interpret the context of the concepts and their relationship (i.e. polysemy). For example, interest for a bank and interest in a book have different meanings. As a result the precision of search results of these systems decreases.

IV. INFORMATION RETRIEVAL FRAMEWORK We have proposed an Ontology Driven Information Retrieval Framework, as shown in fig. 2, to improve the precision of search results using thematic similarity. We employ RDF triples instead of keywords matching in order to concentrate on the context of the word to tackle with different semantic heterogeneity problems. Our proposed framework has following components: Crawler, Source Model, Semantic Matcher, Query Reformulator and Ranker.

A. Crawler The crawler extracts metadata (in the form of RDF triples) from digital documents residing in the documents repository. The crawler loads these triples into the source model. The crawler keeps on updating the information about the documents to maintain the source model updated. The focus of this research in on semantic searching so, we will not discuss crawler techniques here. A number of techniques with efficient algorithms are proposed in [11, 12, 13, 14] that can be extended to crawl metadata information from documents, but in this paper we focus on semantic based information retrieval.

B. Source Model Source Model maintains metadata information about sources (i.e. digital documents). Our source model has two components: source metadata and content metadata. Source metadata contain information (i.e. author, URI, title, research area etc) about sources. They help in identifying relevant sources in order to avoid querying all available sources. Content metadata contain metadata of contents of the documents in the form of RDF triples. The simplicity source model using RDF structure promotes interoperability across applications, and its machine- understandable format facilitates the automated (intelligent) query processing [8].

C. Semantic Matcher In the framework, semantic matcher is the most important component through which RDF triple matching is performed. In Semantic matcher “rule-bases” are created to deduce inference from existing RDF data. A rule is an object that can be applied to deduce inferences from RDF data. It has a name, antecedent, filter condition (optional) and consequent. Rule-base is an object that contains different rules. Moreover a rule-index is created to enhance the performance of rule-bases. The rule-index contains pre-computed triples that can be inferred from applying a specified set of rule-bases [7].

D. Query Reformulator Query reformulatoer expand RDF query with synonym and other relationships such as hyponym (i.e. Is-A relationship) and Meronym (i.e. Part-of) [6] using distance based approach [10]. Then the query is rewritten for these expanded terms to pass it to the semantic matcher in RDF format.

E. Ranker To retrieve documents that are related to user's query and rank them according to their importance, the relevance between documents and triples must be measured. The relevance of the documents is computed extending tf. idf weighting scheme [14] for triples instead of keywords. Let N be the total number of documents and ni the number of documents in which the triple ti appears.

)1()(max ijfreqi

ijfreqijtf =

Let freqij be the raw frequency of the triple ti in the document dj. Then the normalized frequency of tfij of the triple in dj is where the maximum is computed over all triples mentioned in the docements dj. Now let idfi be the inverse document frequency for ti given by:

)2()log(in

Nidf =

The final tf. idf weight of triple i to document j is calculated as : )3(iijij idftfW ×=

The triple similarity is calculated by measuring semantic similarity of concepts and their relationships.

V. SEMANTIC SIMILARITY To interpret the keywords with respect to the context it is being used requires to obtain similarity between concepts and relationships (i.e. thematic similarity). We focus on thematic similarity by matching RDF triples to concentrate on both aspects together.

A. Concepts Similarity Concepts similarity is measured by calculating the distance between them [10]. The distance is calculated between different concepts from concepts position in the hierarchy. The position of a concept in a hierarchy defined in [8] as follows.

)(2/1)( nlk

nmilestone = (4)

Where ‘k’ is a predefined factor larger than 1 that indicates the rate at which the value decreases along the hierarchy, and l(n) is the depth of the node ‘n’ in hierarchy. For the root of a hierarchy, l(root) = 0. For any two concepts in the hierarchy, have closest common


60

parent (ccp). The distance between two concepts c1, c2 and their ccp will be determined by their closest common parent as follows:

)5(),(),(),( 2121 ccpcdccpcdccd ccc +=

)6()()(),( 11 cmilestoneccpmilestoneccpcdc −= Thus, the similarity calculation between two concepts, c1 and c2, as follows:

)7(),(1),( 2121 ccdccsim cc −=

There are some exceptions that if the concept c1 is subclass of the concept c2 or c1 and c3 are synonym or acronym of each other, the distance will be set to 0, i.e. the similarity between these two concepts will be 1. We think it is reasonable because the subclass is always a kind of super class. We think synonym and acronym relation between concepts are at the same level.

B. Relations Similarity Likewise, the similarity between two relations is defined as follows:

)8(),(1),( 2121 rrrdrrrsim −=

The distance between two relations is also calculated by their respective positions in the relation hierarchy. The only difference is that the relation hierarchy is constructed manually by us. There are some exceptions that if the relation r1 is subclass of the relation r2 or relation r1 and r2 are synonym or acronym of each other than the distance will be set to 0, consequently the similarity between these two relations will be 1. In order to reduce computational complexity we consider relations similarity 0 for all other cases. Hence, the relation similarity is defined as follows:

=

,0,1

21̀ ),( rrrsim

C. RDF Triples Similarity The user query and data source RDF triples, are matched to find their similarity. The final triple similarity matching formula by combining eq. 7 (for concepts similarity) and eq. 8 (for relations similarity) as follows:

)10(

),(

),(

),(),(

0 0∏∏

= =

=n

i

m

j jobj

iobjobj

jr

irr

jsub

isubsub

sqsim

sqsim

sqsimsqsim

Where qsub , qobj and Ssub , Sobj are matched concepts while qr and Sr

matched relation of query RDF triple q and source RDF triple S respectively. ),( sqsim is the overall similarity between query (q) and source (S) RDF triples. Here i and j represent ith and jth subject or object or relation of query and source RDF triples respectively.

VI. PROPOSED MATCHING METHODOLOGY In this section, we discuss our approach that performs the semantic search by matching RDF triples. In the methodology we used oracle network data model (NDM) where metadata is stored in triples consistently. The index has been used to enhance the performance of matching. In our semantic search framework domain ontology is also defined in terms of RDF triples. Fig. 3 illustrates an example of the domain ontology.

Fig. 3 N3 notation of the domain ontology A user submits a query in the form of RDF triples, which is passed to the query reformulator, where the query expansion using existing semantic similarity techniques (as discussed in the previous section) are performed. Then the query is rewritten for these expanded terms to pass it to semantic matcher in RDF format. Semantic matcher performs matching with the help of metadata information available in the source model. The source metadata contains information about sources to avoid querying all available sources. For example, query about data integration (i.e. category = data integration) does not require to search the sources containing information about multi-agents (i.e. category = multiagent).

A. System Accuracy In the proposed framework, thematic similarity improves the precision of information compared to existing systems. The focal point is to understand the keyword with respect to the context (circumstance) it is being used to avoid irrelevant search results. We illustrate the improvement in precision with an example in the next subsection.

B. Example In this example we use RDF graph notation to represent the RDF triple segments in the respective sources. Suppose, the user enters

@prefix rdf:< http://www.w3.org/1999/02/22-rdf-syntax-ns#>. @prefix rdfs:< http://www.w3.org/2000/01/rdf-schema#>. @prefix uri:< http://www.niit.edu.pk/research/>. uri:Person a rdfs:Class. uri:Article a rdfs:Class. uri:ResearchPaper a rdfs:Class; rdfs:subClassOf :Article. uri:writes a rdf:Property. :writes rdfs:domain :Person; rdfs:range :Article.

Query Reformulator

Semantic Matcher

Crawler Documents Repository

Ranker

Source Model

Domain Ontology

Fig. 2 Ontology Driven Information Retrieval Framework

relation subsume each other Otherwise

(9)


61

the following query ‘Find all worker(s) who has visited the HBL on certain date’ and the corresponding RDF triple of this query is:

(?worker :visits :HBL) where date like ‘?date’

As shown in fig 4.

Fig 4 Query RDF graph

Fig. 5 shows three sources from our repository containing content metadata triples shown in fig 5(a), 5(b), 5(c) of source 1, source 2 and source 3 respectively. The similarity can be calculated between query RDF triple and the source RDF triple, shown in fig 5(a) as follows: simc(visits, visits), simc(HBL, HBL) is 1, as both are same, simc(worker, finance manger) is 0.01953125 (the fraction in fig 6. shows the ‘milestone’ of certain ontology level). Now similarity calculation for the query triple and source triples shown in fig 5(b) and 5(c) are:

simc(visits, goesto) = 1, since both are synonym simc(HBL, Habib Bank Limited) =1, acronym relation simc(worker, business man) = 0.0234375 simc(worker, employee) = 1 simc(HBL, Indus) = 0, since both are not related

Fig 5 Content metadata triples of three sources in RDF graph Based on the similarity measure for concepts and relations, we can calculate the similarity between two RDF triples. In this example, triple matching returns only three triples from respective sources shown in fig. 5. and eliminates other irrelevant triples (i.e. simc(HBL, Indus) = 0), hence the precision of search results have been improved by concentrating on the context aware use of particular word.

Fig 6 Ontology segment concerning ‘finance manager’ and ‘business man’

VII. CONCLUSION AND FUTURE DIRECTION In this paper, we presented an ontology driven information retrieval framework to improve the precision of searching results. The salient feature of this semantic search framework is that we concentrate on the context aware use of a particular word (concept) to improve the precision of search results. We employ RDF triple matching instead of keywords matching techniques. The subject, property and object of RDF triple enabled the search framework to concentrate on the combination of concept and relationship similarity of the keyword at the same time. We maintain source model to store metadata in RDF triples. The query submitted by the user is expanded with synonym and rewritten for generated concepts to pass it to the semantic matcher. The triple matching is performed by the matcher and results are ranked by ranker according to the relevancy score. In current framework we focused on unstructured data (i.e. flat file). In the future, we plan to augment the framework for other heterogeneities (i.e. incomplete and incompatible triples).

REFERENCES [1] Giannis Varelas, Epimenidis Voutsakis, Paraskevi Raftopoulou,

“Semantic Similarity Methods in WordNet and their Application to Information Retrieval on the Web”, 7th ACM international workshop on Web information and data management November 5, 2005.

[2] Wei-Dong Fang, Ling Zhang, Yan-Xuan Wang, Shou-Bin Dong, “Towards a Semantic Search Engine Based on Ontologies”, IEEE Preceedings of the Fourth International Conference on Machine Learning and Cybernetics Guangzhou China, 18-21 August 2005.

[3] D. Bonino, F. Corno, L. Farinetti, A. Bosca, “Ontology Driven Semantic Search”, WSEASTransaction on Information Science and Application, Issue 6, Vol. 1, pp. 1597-1605, December 2004.

[4] Manuel Montes-y-Gomez, Aurelio Lopez-Lopez, Alexander Gelbukh, “Information Retrieval with Conceptual Graph Matching”, DEXA-2000: 11th International Conference and Workshop on Database and Expert Systems Applications, Greenwich, England, September 4-8, 2000.

[5] Jonathan Poole and J. A. Campbell, “A Novel Algorithm for Matching Conceptual and Related Graphs”, In G. Ellis et al eds, Conceptual Structures: Applications, Implementation and Theory, Santa Cruz CA, USA Springer-Verlag, pp. 293-307, 1995.

[6] M. Andrea Rodriguez, Max J. Egenhofer, “Determining Semantic Similarity among Entity Classes from Different Ontologies”, Knowledge and Data Engineering, IEEE Transactions, Volume: 15, Issue 2, pp. 442- 456, March-April 2003.

[7] Oracle USA Inc, RDF Support in Oracle USA, July 2005. [8] Jiwei Zhong, Haiping Zhu, Jiaming Li, Yong Yu, “Conceptual Graph

Matching for Semantic Search”, Proceedings of the 10th International Conference on Conceptual Structures: Integration and Interfaces table of contents, Springer-Verlag London, UK, pp. 92-196, 2002.

[9] Qazi Muddasar Illyas, Yang Zong Kai and Muhammad Adeel Talib, “A Conceptual Architecture for Semantic Search Engine”, 9th IEEE International Multi topic conference Pakistan, 2004.

[10] S. Khan and F. Marvon, “Identifying Relevant Sources in Query Reformulation”. In the proceedings of the 8th International Conference on Information Integration and Web-based Applications & Services (iiWAS2006), Yogyakarta Indonesia, December 2006.

Worker BankVisits

“Habib Bank Limited”^^xsd:string

“Indus”^^xsd:string

“Indus”^^xsd:string #River Edge

#Financial Institute

#visits

“HBL”^^xsd:string

“Indus”^^xsd:string

#businessman

#River Bank

#goesto

“HBL”^^xsd:string #worksIn

#Financial Institute

#River Bank

#employee

#visits

#Finance Manager

(a) Source 1- Triple segment

(b) Source 2- Triple segment

(c) Source 3- Triple segment

Person

Manager Worker

Finance Manager

Employee Business man

1/32

1/64

1/128

1/256


62

[11] Blaz Novak “A Survey of Focused Web Crawling Algorithms”, Proceeding of the Multi-Conference SIKD 04, 12-15 October 2004.

[12] Matt Biddulph “Crawling the Semantic Web”, Proceedings of XML Europe2004, 18-21 April 2004, Holland.

[13] S.Ganesh, M.Jayaraj, V.Kalyan, G.Aghila “Ontology Based Web Crawler”. In the proceedings of the International Conference on Information Technology: Coding and Computing (ITCC’04), IEEE Computer Society, 2004.

[14] Ricardo Baeza-Yates, Berthier Ribeiro-Neto, Modern Information Retrieval, Addison Wesley Publishing Co. Inc. 2001.

[15] Tversky, A. “Features of similarity. Psychological Review”, Vol. 84(4): pp. 327-352, 1977.

[16] El Sayed, Ahmad Hacid, Hakim Zighed, Djamel, " A New Context-Aware Measure for Semantic Distance Using a Taxonomy and a Text Corpus", IEEE International Conference on Information Reuse and Integration, 2007 (IRI-07), pp. 279-284, 13-15 August 2007.

[17] Chen Yu Lee, Von Wun Soo, “Ontology based information retrieval and extraction”, 3rd International Conference on Information Technology: Research and Education IEEE, pp. 265-269, 27-30 June 2005.

[18] Michael Uschold, Michael Gruninger, “Ontologies and Semantics for Seamless Connectivity”, SIGMOND, vol. 33, December 2004.

[19] J. Smith and D. Smith, “Database Abstractions: Aggregation and Generalization,” ACM Trans. Database Systems, vol. 2, pp. 105-133, 1977.

[20] X. Li, F. Bian, H. Zhang, C. Diot, R. Govindan, G. Iannaccone. "MIND: A Distributed Multi-Dimensional Indexing System for Network Monitoring". IEEE Infocom-06 Barcelona, April 2006.

[21] Alexandros Ntoulas, Gerald Chao, Junghoo Cho, ”The Infocious Web Search Engine: Improving Web Searching Through Linguistic Analysis”, International World Wide Web Conference Committee (IW3C2) ACM, Chiba Japan, May 2005.


63

Abstract — Discovery of resources is essential in any resource sharing environments, including Grids. Many of the existing Grids facilitate resource discovery in a hierarchical and/or centralized manner. These approaches to resource discovery require environments with high level of trust and centralized control of resources. As Grids are expected to be utilized in different domains in future, and especially in user oriented environments as envisioned by the PhantomOS project, which endeavors to create a user oriented Grid operating system, these approaches to resource discovery are proving to be inadequately scalable and unworkable, due to the lack of trust in user oriented peer to peer environments. In this paper, a decentralized peer-to-peer approach of resource discovery has been proposed that is based on a semi-super-peer architecture and is reasonably efficient considering the heterogeneity, scalability and hybrid structure of future generation Grid networks.

Index Terms — Resource Discovery, Grid Resource

Discovery, P2P Resource Discovery

I. INTRODUCTION For the last decade or so, Grid computing has emerged as a new form of distributed computing in which organizations located around the globe collaborate and dynamically share computing, storage and network resources within virtual organizations spanning over multiple geographical locations [5]. Peer to Peer (P2P) is another form of distributed computing which has emerged over the last few years and which also focuses on the coordinated use of distributed resources located around the globe. As mentioned in [4] although Grid and P2P systems have different evolutionary paths, address different communities, resources, applications, yet they share a common objective i.e. resource sharing in large scalable distributed environments, and it is believed that ultimately these two domains are going to converge thus complementing each other’s strengths and weaknesses. Resource discovery is vital problem in distributed environments and is crucial for the efficient performance of any Grid system. As the Grids around the world increase in scale and complexity, resource discovery mechanisms should also be modified so as to meet performance and efficiency needs for the future Grid networks.

II. BACKGROUND There are various algorithms for resource discovery in distributed environments, according to [14] the most prominent of them are flooding algorithm, swamping algorithm, random pointer jump algorithm, and namedropper algorithm. Out of these, only random pointer jump and name-dropper algorithm are suitable for Grid environments because they usually produce less network traffic and make less rounds to have information about the nodes. In most of the existing Grid middlewares, resource discovery is being handled in a centralized and/or hierarchical manner [2, 6]. For example, in Globus Toolkit 2 [2, 6, 7, 8], nodes get registered at some central index server, Grid Index Information Server, and GRIS periodically sends the resource status from the nodes to that server. GIIS servers are arranged in a hierarchy, and serve for answering

user resource-related queries. In later versions, although OGSA and WSRF frameworks have been incorporated and there are Grid services which index the resource information or there is a separate web service associated with each resource, yet the main mechanism again revolves around centralized paradigm. Condor[10], again follows the centralized paradigm where there is a central manager which receives both the resource information and user requests and performs the matchmaking to finally destine the user job to a particular node. LCG/EGEE [8,9] framework also use the MDS-2 of GT-2, thus using centralized and hierarchical GRIS and GIIS services, and using BDII for caching Grid status information collected from GIIS for fast user response. UNICORE [8,15] software architecture also shows notions of client/server paradigm to some extent and there is client which submits the job to the gateway which authenticates the client before contacting the UNICORE servers. If the job is to be executed locally, it is executed by the native batch system, however if it is to be executed remotely, it is sent to peer gateways. Peer-to-peer environments are basically classified into two main categories i.e. there are structured peer-to-peer systems and there are un-structured systems. Structured peer to peer systems like CAN[16], Pastry[17], Chord[18] use rigid structure for the organizations of peers and thus highly structured overlay networks are formed. An overlay network is actually a network which is built on top of the actual communication layer and is like a graph where vertices indicate nodes and the edges indicate that the nodes know each other[19]. Structured peer-to-peer systems use the distributed hash tables (DHT’s) for the storing of key-data pairs and thus facilitate efficient routing of query. Structured systems although scale well, but have drawbacks of high maintenance cost, and high communication cost for up-to-date information [8]. They are also not feasible for direct keyword query searches[8]. Hence resource discovery techniques employed in traditional structured P2P systems is generally not considered suitable for Grid environments. In unstructured peer to peer systems, nodes and resources are made available to the network without global overlay planning and peers connect to each other somewhat in random fashion[8]. Gnutella[11], KaZaA are the examples of unstructured P2P systems. Resource discovery in Gnutella is mainly based on broadcasting i.e. flooding algorithm, hence produces too much network traffic and congestion. Various approaches as in [20] have been proposed based on random walks, directed searches to tailor flooding algorithm to minimize network traffic and increase network coverage. To address the issue of performance deterioration as Grid scale in size, to provide fault-tolerance, load balancing, self-organization, and performance efficiency, active research is being pursued nowadays to replace and design most of the existing Grid functionalities and services in a peer-to-peer fashion. Resource discovery mechanism is one of them that need to be re-designed in a decentralized way to meet the above performance objectives and to address the enormous size of future generation Grid networks.

III. RELATED WORK Although research efforts have started already to apply peer-to-peer and de-centralized approaches to resource discovery in Grid environments but still these are research or experimental

Towards Terrain Modeling For Robot Navigation Using A Single Camera

Muhammad Tufail, Abdul Bais, Muhammad Usman, Sheraz Ali Khan NWFP University of Engineering and Technology

Peshawar, Pakistan {tufail,bais,usman,sheraz.ali}@nwfpuet.edu.pk


64

implementations and no concrete framework has yet been proposed. Notable works in this area are of Iamnitchi et. al. [1] and Mastroianni et. al.[2]. Iamnitchi et al.[1] have proposed four axes of the solution space for the resource discovery problem, i.e. Membership Protocol, Overlay Construction, Preprocessing, Request Processing. Membership protocol tells that how new nodes will join the network and choose their neighbors, while overlay construction will be in a way that only a subset of nodes connect to each other. Pre-processing refers to offline processing for example prefetching or dissemination of resource descriptions and request processing tackles with the request propagation strategies e.g. random walk, learning based or best neighbor. They have carried the experiments on an emulated Grid on the basis of mainly resource distribution, request distributions and request propagation strategies and haven’t explored the problem in detail on their proposed four axes. Mastroianni et. al. [2] have proposed to tackle the resource discovery problem in Grid environments on the basis of super-peer architecture in which there is one super-peer per virtual organization (VO) and super-peers co-ordinate with each other in a peer to peer fashion. However, there are many drawbacks and limitations of their proposed technique which have been identified in this work. The bottom line is that all the peer-to-peer resource discovery approaches proposed for Grid environments only deal with the current structure of VO and do not consider the scalability of future generation Grid networks which this technique tries to serve.

IV. PROPOSED SCHEME AND ARCHITECTURE This proposed scheme is an enhancement over Mastroianni et al.[2]. The enhancements deal with some certain drawbacks, which are identified, such as concerns over adaptability of the algorithm to hybrid Grids, essentially Grids constituting of both peer to peer and client server portions, overhead of communication between the nodes in a single instance of resource discovery and usage, which are identified to be too network intrusive. The following is a discussion of some extensions which are introduced by us to Mastroianni et al.[2]. These are the main assumptions which underlie this proposed approach. Firstly, future generation Grid networks will be of hybrid nature i.e. there will be VO’s spanning over several physical locations operated under one administrative domain, for which resource discovery service will mainly operate in centralized manner; and there will also be common user/ common business Grid enabled ordinary nodes scattered around the world for which resource discovery problem will mainly operate in a P2P fashion / decentralized fashion. Secondly, in traditional resource discovery algorithms complete knowledge about all nodes was prerequisite to efficient functioning. However complete knowledge about each node is rarely possible in P2P environments. Moreover, the efficiency of resource discovery scheme was measured in terms of the number of as many results as possible it can return so as that the later on scheduler can choose the optimal resource to destine the request. But this approach is not suitable for environments with large number of nodes. In P2P or decentralized resource discovery technique, finding sufficiently large number of resources will definitely produce huge amount of network traffic and will cause a great delay in response time. Hence, resource discovery scheme (RDS) proposed return results meeting the minimum constraints matching the user request. There is no surety that the resources will fail and if this is the case, RDS can be run again. Alternatively, some additional resources (resources additional to the minimum constraints specified by the user request) can by found by RDS to keep the resource failure factor in consideration. Moreover, it is hoped that in future generation Grid

middleware, scheduling primitives/algorithms may well be included in the resource discovery technique to discover the optimal resources with the minimum communication load expected, high bandwidth and taking other relevant criteria into considerations. The proposed technique does not particularly deal with the request propagation/dissemination strategies or neighboring super-peers / peers selection. Of course, a great variety of techniques [8,14,19] for these aspects have been proposed in literature with little more or less modifications. However, it does induces some modifications to the request propagation and neighboring super-peers / peers selection primitives as compared with the algorithm originally proposed by Mastroianni et al. [2]. In this respect, this proposed technique works on the semi-super-peer architecture which is an extension to the super-peer architecture proposed by the Mastroianni et al. [2]. This proposed technique takes the notion of subgrid based architecture. Each subgrid consists of neighboring machines. Neighbor Machines in terms of network are not necessarily the machines physically next to it, but those machines which have the lowest network latencies between them. There are multiple subgrids within the Grid. Resource Discovery within each subgrid basically operates in a centralized fashion, as all the subGrid members can register their resources with the most powerful machines within the subgrid, called super-peer (also termed as master node, or ultra-peer in literature). When a node of a subgrid needs a resource, it sends a query request to the super-peer which in turn sends the list of resources matching the user query constraints if it has registered/available with it. If the super-peer does not have the required resources available in the subgrid, it then forwards the

Fig. 1 Semi-Super-Peer Architecture for Proposed Resource Discovery Scheme

query request to a pre determined number of neighboring super-peers and also sets some value for ttl parameter which gives the number of hops (i.e. the number of super-peers) a query request can/should travel, this a requirement to maintain QoS within the system. This is the portion where this proposed approach converges with the one proposed by Mastroianni et al.[2], however the crucial differences arise with [2]. In that algorithm, a subgrid is a physical cluster, where-as in this proposed approach a subgrid is a loosely grouped collection of machines which have high-speed network connectivity to each other. Moreover, in that algorithm, in an instance of discovery, if a resource has been discovered within the


65

local subgrid, even then the super-peer propagates the satisfied request to neighboring super peers. Moreover, once the resources were found in the neighboring subgrids, the super peer of that subgrid was used to send the notification to the owners of the resources as well with no apparent useful outcome. Moreover, there was also some strict requirement about the routing of query-hits to the Super-peer who originally produced the request. Hence, the drawbacks of the Mastroianni et al. algorithm can be described as on following lines. Firstly, there is no need to send notification to owners of resources what so ever as the user may be more interested to access resources from neighboring subgrids of its own VO in order to get the network transfer time to the minimum. Moreover, in this case, the algorithm will generate extra network traffic without any fruitful outcomes. When the user node will really require resource, it will request it to the target node, so sending notification from the super-peer (who identified the resource-owner) to the resource owner would not bear fruitful outcomes. Secondly, there is no need to send query-hits (results) along the same path from which query had come. Rather, it should be sent to the original sender of the request directly because it would reduce processing at each intermediate super-peer and sending directly to super-peer can/may also reduce network transfer time. Thirdly, there is no need to propagate query to other super-peers as long as the required resources can be met from within the subgrid itself. However, if these resources are not available from within the organization, then the query should be routed by the super-peer to best neighbor super-peers

A. Decentralized Resource Discovery Scheme on Semi-Super-Peer architecture This proposed technique addresses the structure of future generation Grid networks which will be of hybrid nature i.e. there will be client-server based VO’s and there will be a plethora of ordinary user Grid-enabled nodes as Grid computing is expected to move into new domains i.e. commodity computing or utility computing in future. These ordinary user nodes are referred as home peers here. Note that these home peers are different than the simple peers which operate under the super-peer in a sub-grid. If the requesting node is part of some VO, the resource request is sent to the super-peer of the VO, but if the node is standalone Grid user node (home peer), then there come the benefits of this proposed scheme. The common user can use resource from the community of other common user nodes (other home peers) i.e. the anonymous arbitrary user nodes spread across world-wide. In this case, the RDS scheme will operate (assuming for example, PhantomOS[3] (Grid OS) is configured on each machine) in a peer to super-peer or super-peer to super-peer fashion i.e. there are three possibilities, a) super-peer to super-peer As described above with modifications to Mastroianni et. Al. [2] Algorithm. b) home-peer to super-peer c) home-peer to home-peer In a completely de-centralized network of common Grid user nodes, home-peer will forward request to a predetermined number of neighboring simple home peers as well as neighboring super-peers which will check that required resources are available with them or not. The number of super-peers will obviously form the small subset of the overall neighbors of the requesting peer. The no. of neighboring peers to which request will be forwarded, of course, will be far greater in quantity as compared to the number of super-peers to which superpeer ordinary forward the query request. This increased number is mandatory so that realistic results (in terms of the amount of no. of resources and the different class types of resources) can be obtained.

Moreover, as opposed to the super-peer which has large number of resources registered with it (within a particular VO), a simple home peer usually has a very fewer number of resources, hence for this reason also query request is forwarded to a greater number of peers. Moreover, it is proposed that there would be no usage of resource advertisement, as there are so many common user Grid nodes and there would be so many resources and the resource advertisement would constitute a large amount of network traffic without having a substantial good amount of resource results.

B. Algorithm for the Proposed Resource Discovery Scheme sp_neighbor ---- neighbors for the super-peer p_neighbor ----- neighbors for the home peer q_sp_ttl -----------number of super peer hops a query can travel q_p_ttl ------------ number of common home peer hopes a query can travel For each query ‘q’ received by the super-peer, If (q. sender is simple node (peer) within the subGrid) then

Check resources registered with it. If (resources found matching the query ‘q’) then

send queryhit (containing the id’s of the nodes) to the q.sender else

{select all sp_neighbours for each sp_neighbour send a copy of ‘q’ to ‘sp_neighbor’}

elsif q.sender is another super-peer or home peer then if (q.id isn’t in the cache) then

check resources registered with it. If (resources found matching the query ‘q’) then Send queryhit to that request originating super-peer or home peer Else

{Decrease the q_sp_ttl Put q.id in the cache Select all sp_neighbors For each sp_neighbor

Send a copy of ‘q’ to ‘sp_neighbor’}

For each query ‘q’ received by a home peer, if (q.id isn’t in the cache) then

check resources registered with it. If (resources found matching the query ‘q’) then

Send queryhit to that request originating home peer

Else {Decrease the q_p_ttl Put q.id in the cache Select all p_neighbors Select all sp_neighbors For each sp_neighbor and for each p_neighbor

Send a copy of ‘q’ to ‘sp_neighbor && p_neighbor’

V. SIMULATIONS AND RESULTS Existing grid simulators like Bricks, SimGrid, GridSim, OptorSim, GangSim etc. were extensively surveyed in this study, but either these simulators are more targeted towards the simulation of scheduling, resource allocation issues or are devoted for some other purposes and treat the resource discovery mechanism in a centralized manner much in the same way as this is implemented in Grid middlewares like globus or etc [13]. Hence, the proposed resource discovery scheme was evaluated using a simulator developed at the DEIS University of Calabria, Italy, which is purpose-built for the simulations of resource discovery approaches based on peer-to-peer fashion. The simulator has been tailored a bit


66

to meet our needs to cater for the semi-super-peer architecture. The results were taken for this proposed semi-super-peer architecture

0102030405060708090

100110

ttl 1 ttl 2 ttl 3 ttl 4

SuccessPercentage

Fig. 2 Probability of Success VS TTL (No. of Hops)

(When home-peers forward query to other home peers only)

020406080

100120


SuccessPercentage

Fig. .3 Probability of Success VS TTL (No. of Hops)

(When home-peers forward query to other home peers and super-peer neighbors) No. of Super-Peer Neighbors = 2

with the parameters settings given in the simulator. Results were taken for a grid of 10,000 nodes where common home-peers constitute upto 400 to 2000. Resources were evenly distributed among the nodes and queries were generated randomly from these nodes and sent to neighboring super-peers and home-peers as described in the algorithm. Results were measured in terms of query success i.e. the query (resource request) which brings at least one resource in response to its request is said a successful query. As depicted below, Fig. 2 shows the probability of query success percentage with respect to different values for ttl (no. of hops) while homes peers forward query to other home peers only i.e. total decentralized network. Similarly, Fig. 3 shows the probability of query success percentage with respect to different values for ttl (no. of hops) while homes peers forward query to other neighboring home peers and neighboring super-peers thus emulating a semi-super-peer architecture. The no. of neighboring super-peers was set to 2, each with a sub-grid size of 20 i.e. each subgrid consisted of 20 common nodes. While, fig. 4 shows the average no. of results (or resources) brought in response to a query request in semi-super-peer architecture against different values of ttl (no. of hops). The graph clearly shows that if a greater value for ttl (no. of hops) a query can propagate upto is set, greater no. of results are obtained.

0

5

10

15

20


Average no. ofresults or q.hits

Fig. 4 Average No. of Results VS TTL (No. of Hops)

(When home-peers forward query to other home peers and super- peers neighbors) These all results show that in first simple scenario, for ttl=3 and ttl=4, we achieve probability of query success in the range of 85%—100%. While, if home peers forward query to super-peers as well i.e. semi-super-peer architecture than for only minor values of super-peer neighbors and ttl i.e. equal to 2 for both, we achieve probability of query success upto 100%. For this semi-super-peer architecture, we also achieve about 5 No. of q.hits or results in response to a single query request for a minor value of ttl = 2. Considering all above figures and facts, it is concluded that this semi-super-Peer architecture is very much feasible for resource discovery in grid networks and provides a reasonable and efficient mechanism for resource discovery in future generation grid networks of hybrid nature.

VI. CONCLUSION As the Grid environments are increasing in scale and complexity, resource discovery mechanisms should be modified to address fault-tolerance and performance efficiency issues. The replacement of the centralized mechanisms by their corresponding distributed or peer-to-peer mechanisms is the key to addressing these issues. This proposed approach takes into consideration the future structure of Grid networks and promises to efficiently handle the scalability challenges. It extends current work in P2P sub grid based discovery services and adopts it to user oriented Grid infrastructures. In future, it is intended to incorporate semantics in this resource discovery mechanism to minimize user interaction, provide inter-operability, autonomy, and search precision. Thus leveraging, combining and inducing the benefits of P2P and semantics in resource discovery primitives of present-day Grid infrastructure.

REFERENCES [1] A. Iamnitchi and I. Foster, “A Peer-to-Peer Approach to Resource

Location in Grid Environments”, In: J. Weglarz, J. Nabrzyski, J. Schopf and M. Stroinski (Eds.), Grid Resource Management, Kluwer, 2003.

[2] C. Mastroianni, D. Talia and O. Verta, “A Super-Peer Model for Building Resource Discovery Services in Grids: Design and Simulation Analysis”. Proc. European Grid Conference (EGC 2005), LNCS, vol. 3470, pp. 132-143, Springer 2005.

[3] Arshad Ali, Richard McClatchey, Ashiq Anjum, Irfan Habib, Kamran Soomro, Mohammed Asif, Ali Adil, Athar Mohsin. “From Grid Middleware to a Grid Operating System” Fifth International Conference Grid and Cooperative Computing, GCC 2006. China

[4] I. Foster and A. Iamnitchi. “On death, taxes, and the convergence of peer-to-peer and Grid computing”. In 2nd International Workshop on Peer-to-Peer Systems (IPTPS '03), 2003.

[5] I.Foster, C. Kesselman, and S. Tuecke. “The Anatomy of the Grid: Enabling Scalable Virtual Organizations” International Journal of High Performance Computing Applications, 15 (3). 200-222. 2001.

[6] GT Information Services: Monitoring and Discovery System (MDS) http://www.globus.org/toolkit/mds/


67

[7] GT Information Services: Monitoring and Discovery System (MDS) MDS 2.4 in The Globus Toolkit 2.4 release http://www.globus.org/toolkit/docs/2.4/mds/mdstechnologybrief_draft4.pdf

[8] Paolo Trunfio, Domenico Talia, Paraskevi Fragopoulou, Charis Papadakis, Matteo Mordacchini, Mika Pennanen, Konstantin Popov, Vladimir Vlassov, Seif Haridi, “Peer to Peer Model for Resource Discovery in Grids”. CoreGRID Technical Report Number TR-0028, March 17, 2006

[9] LCG - LHC Computing Grid Project. http://lcg.web.cern.ch/lcg/ [10] M. Litzkow and M. Livny, “Experience with the Condor Distributed

Batch System” Proc. IEEE Workshop on Experimental Distributed Systems, 1990.

[11] Gnutella (2003) The Gnutella protocol speci.cation. Home page http://rfcgnutella.sourceforge.net

[12] Napster. http://www.napster.com [13] Benjamin Quetier, Franck Cappello: “A survey of Grid research tools:

simulators, emulators and real life platforms”

[14] Sivadon Chaisiri and Putchong Uthayopas, “Survey of Resource Discovery in Grid Environments” Proc. IEEE Workshop on Experimental Distributed Systems, 1990.

[15] D.W. Erwin and D. F. Snelling, “UNICORE: A Grid Computing Environment”. Proc. 7th Euro-Par Conference (Euro-Par 2001), LNCS, vol. 2150, pp. 825834, Springer, 2001.

[16] S. Ratnasamy, P. Francis, M. Handley, R. Karp and S. Shenker, “A scalable content-addressable network”, Proceedings of ACM SIGCOMM San Diego, CA, USA (2001).

[17] A. Rowstron and P. Druschel, “Pastry: scalable, distributed object location and routing for large-scale peer-to-peer systems”, Proceedings of the 18th IFIP/ACM International Conference on Distributed Systems Platforms (2001).

[18] I. Stoica, R. Morris, D. Karger, M.F. Kaashoek and H. Balakrishnan, “Chord: a scalable peer-to-peer lookup service for internet applications”, Proceedings of ACM SIGCOMM San Diego, CA, USA (2001).

[19] K. Vanthoumout, G. Deconinck, R. Belmans: “A taxonomy for resource discovery”, Springer-Verlag London Limited 2005

[20] D. Mitrios, N. Roussopoulos: A comparison of peer-to-peer search methods http://www.citeulike.org/user/lrodero/article/328160


68

Abstract — MST based clustering is used to find clusters of varying shape and size without requiring input parameters. This work is about the review of MST and SFMST (Scale Free MST) based clustering. The strategies to create MST and remove inconsistent edges are reviewed and implemented. SFMST methods are also reviewed with our implementation results. As a reference k-menas clustering method is used for comparison purposes. In this study we also review the methods to find optimal number of clusters, particularly focusing on “largest average silhouette width” and edge length distribution in SFMST. SFMST was found to be a promising method that can detect clusters of varying shape and size, and requires minimum dependence on external input parameters.

I. INTRODUCTION

Due to innovations in information technology the amount of storing digital data is growing rapidly but unfortunately data processing and analysis techniques have not grown correspondingly. The valuable information and knowledge is hidden within the masses of data, which makes knowledge discovery a very complex and tedious process. The solution to the problem is given by data mining. Data mining incorporates the knowledge of human experts with the power of computers for the searching the valuable information from large databases. Clustering is an unsupervised data mining technique. It plays a central role in the process of knowledge discovery and data mining. The aim of clustering is to group similar objects in the same cluster and organize objects in different clusters apart from each other. Clustering besides the core data mining task; is also a very complex problem because of dealing with increasingly volume of datasets. Moreover dataset may contain variety of attributes which make clustering more challenging. Many techniques have been developed to solve the clustering problem. Each technique has its own benefits and drawbacks and applicable on certain situations. Clustering method is said to be efficient if it follows certain design principles i.e. the method should not be computationally expensive, capable of finding clusters independent of shape, size and density, efficiently detect optimal number of clutters and require minimum dependence on parameters provided by user. The biggest problem with the clustering techniques is the accomplishment of clustering design principles. It is found that clustering techniques always left one or more important principles while satisfying others. We don’t have any single clustering technique that performs well in all situations. Therefore, it cannot be said beforehand which clustering technique is suitable in a particular case. Other problem includes the selection of technique for a particular situation by users. The users are not usually familiar with all clustering techniques and can select inappropriate technique, that my lead to undesired results. In this paper we review the some of the clustering techniques particularly in the area of graph theory. The focus will be on MST and Scale Free MST (SFMST) based clustering. MST based clustering can detect clusters of varying shape and size whereas SFMST has certain interesting application of arbitrary scaled networks.

The rest of the paper is organized as: Section 2 deals with MST based clustering along with techniques to remove inconsistent edges. Section 3 explains SFMST clustering technique and its comparison with k-menas method. Section 4 reviews the methods to find optimal number of clusters. The results of implemented techniques are shown in the corresponding sections to retain the reader’s concentration.

II. MST BASED CLUSTERING In this section we review the techniques presented in [1] “Minimum Spanning Tree Clustering of EEG Signals” along with our implementation results.

MST has been used to cluster data. An important property of MST based clustering is that it can detect clusters of different shape and size. It starts with a graph which can be constructed using any similarity measure e.g. Euclidean, correlation, etc. Then Minimum Spanning Tree (MST) is obtained using algorithms e.g. prim, kruskal. The resultant Minimum Spanning Tree consists of all connected elements. The clustering can be obtained by removing edges from tree. The removed edges lead to the collection of sub-trees that represents the clustering of given data. Figure 1 shows the result of MST clustering from iris data set. First four attributes of the data set are sepal length, sepal width, petal length, petal width. The last element contains the class information. The following distance measure is used specific to the data set. d (i, j) = petal length * peal width For the reference k-means method is used. The coloring in Figure 1 shows the intrinsic clusters in the data set.

Fig. 1 MST from iris data set.

The biggest problem in MST clustering method is identification of edges to be removed so that clustering gives meaningful results. The inconsistent edges can be removed in many different ways. Following are edge removal strategies that are used in [1].

MST and SFMST based Clustering

Muhammad Aniq, Zahid Halim and Rauf Baig Department of Computer Science

National University of Computer and Emerging Science, FAST-NU H11/4 Islamabad, Pakistan.

[email protected], [email protected], [email protected]


69

i. Strategy 1 The first strategy is to remove longest edges in the tree. Removing k longest edges leads to k+1 clusters.

ii. Strategy 2

In this method, each edge is compared with its neighbors. The edge is removed if length of the edge is above than certain threshold.

e – mean > q * std-dev Where,

e is the length of the edge. mean is the average length of edges of the node q is a constant (1 to 1.5) std-dev is the standard deviation of edges of the node

iii. Strategy 3

It is Similar to strategy 2 except neighborhood is extended to two steps away from current node.

Figure 2 illustrates the result of strategy 2. Three removed edges are marked. From this we get four clusters; three intrinsic clusters and one possible outlier.

Fig. 2 Removal of edges using strategy 2.

III. SFMST CLUSTERING In this section we review the technique presented in [3] “Modifying the scale-free clustering methods” along with our implementation results. The Scale Free MST (SFMST) also belongs to graph theory. The idea of scale free networks in clustering was presented in [2]. Scale free, as its name suggests means without any scale. Scale is defined as average number of links in the network. In Scale Free network, some nodes have many high connected links while others have very few. For example Web Wide Web consists of few sites highly connected sites, while most have very few links. From implementation point of view, SFMST can be constructed by giving preference to highly connected nodes when attaching nodes in the network First of all distance matrix is calculated by using some similarity measure. The first idea to construct SFMST tree, is to use reversed distances as edge weights described in [2].

W0(i, j) = | maxi,j(d(i, j)) | − d(i, j) Where, d(i, j) is the Euclidean distance between the nodes. The spanning tree algorithm selects the highest weight (instead of lowest usually) edge each time and adds it to the tree repeatedly, until all nodes are connected. The preference is given to the highly connected nodes when adding an edge in the tree. To deal with SFMST, we need certain criterion to give preference to highly connected nodes in the network. For this a threshold is used to decide highly connected node. If a node gets pass the threshold value, a bonus fitness value is added to all the edges attached to it. The highly connected node is called hub. Wnew(i, j) = W0(i, j) + ncn Where, n is the number of edges connected with the node c is a constant, 0.5 < c < 1 The value of c is very important in the construction process of SFMST. Different value of c leads to entirely different shape of SFMST. Higher value of c leads to less number of hubs with many links. Figure 3, 4 illustrates the outcome obtained by varying the value of c. To take the liberty form threshold value, a second method can be used that was also described in [2]. The major changes are in the weight initialization and weight updating phase. The weights are initialized to 1 / d(i, j)2. Weights are updated whenever an edge is added to the tree using the equation: Wnew(i, j) = ncn / d(i, j)2

Fig. 3 Two hubs with single cluster

Fig. 4 Effect of smaller c value

We can get clustering from SFMST by defining the term of cluster. For example one way is to consider a hub as a cluster. But in practice, multiple hubs may belong to same cluster. As mentioned in [2], two or more hubs connected each other directly or with the distance of one node are defined to be in the same cluster and also chain of nodes belongs to the same cluster. In this paper we also used this criterion for defining cluster in SFMST. Similarly different criterion can also be defined to get good clustering results.


70

Figure 5 contains a SFMST from iris data set. Correlation was used as a distance metric. The points of intrinsic clusters in the data set are colored. Here, the value of c = 0.815 and m = 3 is used. The result obtained was groups of 3 clusters with misclassification of only 4 data points. There were 9 non-clustered points found. If non-clustered points are to be treated as misclassification, then we have total of 13 misclassified data points. If k-means method applied with k=3, there are total of 17 misclassified points. Figure 6 shows a SFMST from multi-feature digit dataset. The 47 attributes contained in “mfeat-zer” file of the dataset was used. The first 400 records that corresponds to digit “0” and “1” were used. In this case, value c = 0.91 was used. From this, two clusters were found that were separated quite well. There was only one non-clustered point found and also no misclassification was noticed. From K-means clustering method, 22 data points were found to be in the wrong clusters.

Fig. 5 SFMST from iris data set

IV. FINDING OPTIMAL NUMBER OF CLUSTERS

In this section we review the technique presented in “Finding the Optimal number of clusters from Artificial Datasets”. Because clustering is an unsupervised task, many suppositions can be wrong during the clustering process. For example distance metric, initial centeroids positions, number of clusters chosen might be wrong. Many clustering methods like k-means and Nearest Neighbor (NN) requires number of clusters prior the clustering process. There is a need to reduce the risk of wrong inference and efficiently determining optimal number of clusters in the data set. Following are traditional methods that have been used in determining the number of clusters along with the idea of largest average silhouette width that was presented in [3].

• After performing various clustering’s The clustering process runs many times and the clustering with the smallest objective function is taken as optimal.

• Model-based cluster analysis It works on the assumption of probability distribution in the data set.

Fig. 6 SFMST from multi-feature digit database set

• Probability function estimation Optimal value is selected without running clustering process.

• Largest average silhouette width. The silhouette width is determined by following equation.

Si = ( minkbi(k) – ai ) / max(ai, minkbi(k)

. Where,

ai is the average dissimilarity between the data point and all other points in the same cluster bi(k) is the average distance from the ith point to points in an another cluster k,

The value lies between -1 and 1. The k value is taken for which largest average silhouette width is obtained (closer to 1).

A. Edge length distribution in SFMST SFMST clustering is accomplished by removing some edges. The criterion for removing edges is very important to get good clustering results. Previously we have discussed some methods i.e. longest edge removal, etc. In [3] Edge length histogram method was introduced to remove inconsistent edges. It is known that the average edge length in scale-free graphs depends logarithmically on the number of nodes [4], [5]. The basic idea is to remove edges by truncating histogram. Because of the lognormal distribution of edge lengths, the longer edges with fewer connections grouped into the right side of histogram. Afterwards, Freedman-Diaconis [6] rule can be used to find the number of bins. Thus inconsistent edges can be identified and removed to get clustering.

• After performing various clustering’s The clustering process runs many times and the clustering with the smallest objective function is taken as optimal.


71

• Model-based cluster analysis It works on the assumption of probability distribution in the data set.

• Probability function estimation Optimal value is selected without running clustering process.

• Largest average silhouette width. The silhouette width is determined by following equation.

Si = ( minkbi(k) – ai ) / max(ai, minkbi(k)

. Where,

ai is the average dissimilarity between the data point and all other points in the same cluster bi(k) is the average distance from the ith point to points in an another cluster k,

The value lies between -1 and 1. The k value is taken for which largest average silhouette width is obtained (closer to 1).

B. Edge length distribution in SFMST: SFMST clustering is accomplished by removing some edges. The criterion for removing edges is very important to get good clustering results. Previously we have discussed some methods i.e. longest edge removal, etc. In [3] Edge length histogram method was introduced to remove inconsistent edges. It is known that the average edge length in scale-free graphs depends logarithmically on the number of nodes [4], [5]. The basic idea is to remove edges by truncating histogram. Because of the lognormal distribution of edge lengths, the longer edges with fewer connections grouped into the right side of histogram. Afterwards, Freedman-Diaconis [6] rule can be used to find the number of bins. Thus inconsistent edges can be identified and removed to get clustering.

V. CONCLUSION: In this study we have discussed some of the techniques of MST and SFMST methods along with our implementation results. MST method has the advantage of finding clusters of irregular shape and size. SFMST found to be a promising method that has certain application in scale free networks. The biggest benefit of using SFMST is its minimum dependence on external input parameters. SFMST needs only one input parameter i.e. c. In this work, we showed that better results can be achieved by using correlation as a distance metric. From the results, SFMST based clustering method was found to be far more efficient than the k-means. SFMST is a promising method for clustering but there is a need to lower down the computations required by Spanning tree algorithm. Different optimization can be performed by various techniques along with the improvement in distance functions.

REFERENCES [1] Paivinen, N. Gronfors, T. Minimum spanning tree clustering of EEG

signals, In Proceedings of the 6th Nordic Signal Processing Symposium (NORSIG 2004), June 9–11, Espoo, Finland, 2004, pp.149–152.

[2] Paivinen, N. Gronfors, T. Modifying the scale-free clustering method, In Proceedings of International Conference on Computational Intelligence for Modelling, Control & Automation, CIMCA 2005, vol. II. Los Alamitos: IEEE Computer Society, 2006, pp. 477-483.

[3] Paivinen, N. Gronfors, T. Finding the optimal number of clusters from artificial datasets, In Proceedings of IEEE International Conference on Computational Cybernetics (ICCC 2006), August 20–22, Tallinn, Estonia, 2006, pp. 155–160.

[4] G. Szab6, M. Alava, and J. Kertesz, Shortest paths and load scaling in scale-free trees, Physical Review E, vol. 66, no. 2, pp. 26101, 2002.

[5] S. H. Yook, H. Jeong, A.-L. Barabasi, Y Tu, Weighted evolving networks, Physical Review Letters, 2001, vol. 86, no. 25, pp. 5835-5838.

[6] Freedman, D. Diaconis, P. On the histogram as a density estimator: L2 theory, Zeitschrift fur Wahrscheinlichkeitstheorie und verwandte Gebiete, 1981, vol. 57, no. 4, pp. 453-476.


72

Abstract — the boundaries of businesses are expanding with the integration of computers with large databases forming the core. And businessmen today need to find latest trends using this data so as to keep abreast with the rapid changes in the market, by. Association Rule Mining is one area of data mining, which offers businessmen the answers to their prayers. In this paper we present a review of some the techniques from the field of association rule mining that offer to uncover mystifying answers to unnerving questions. Such techniques include MAFIA algorithm and the Apriori Algorithm.

Index Terms — Data mining, Data warehousing, Association

Rule Mining, MAFIA, Apriori.

I. INTRODUCTION:

Computers have become a very important part of modern day business and are used in many capacities. Today computers are used as a means of storing data in electronic format rather than as large stockpiles of files where keeping files in proper order, preserving them and managing them for later retrieval becomes extremely infeasible with time. Another important usage of computers is in bringing businesses on the web; today business have actually come to the door step of any potential customer, with charges on the part of the business men so low that they are close to being non-existent. Businesses have started to realize the greatest and most prolific advantage of using computers that is large memory and relatively low cost associated with it. They have started using this ability of computers and make data warehouses out of computers where huge amounts of data are stored, which is easily accessible. But the establishment of a data warehouse posses a huge problem along with its associated advantages; the data although can be secured very efficiently out of it. There are however specialized indexing techniques involved that when implemented and managed with some common sense on the warehouse can lead to appropriate results. We will at this point in time divert our attention from data warehousing, its problems, issues and solutions to those problems and focus on the topic at hand. The latest advantage that businessmen have observed is related to the use of computers in efficiently bettering their businesses is the extraction of useful but hidden information from given data (data mining) [1]. This involves the logical deduction of current trends on the basis of latest market updates. For instance, if the marketing manager of a particular company observes that the sales of some particular product has declined in the last 3 months, he would be very much be interested in analyzing the causes for this decline in sale. He would like to know what factors known or unknown lead to the current scenario, what were the existing market trends, what were the prices of the product at time and what were the prices of their competitors, what and how effective was the advertising campaign, which were the most affected areas in terms of decline in sale, what local and foreign factors were involved and what was the stock market situation at the time. All these are the most likely questions a manager would like his computer to give response to so as to come to the exact cause or causes for the problem and in-turn devising tactics for their remedial. If the organization has a working active-data warehouse, it would most likely be able to give answers to these questions. But it would

fail to do a market-basket analysis, which is a much thorough investigation line. This analysis tells the manager what products sell together and using this technique the manager may be able to devise incentives for the customers thus forming an effective competitive strategy which if put into action in time as compared with its competitors would result in much greater benefits. For scenarios such as these, sophisticated data mining techniques are required that derives answers for the most complex of queries. One of the most notable set of techniques from the field of data mining that are able to cater for such scenarios is Association Rule Mining. In this paper we will be reviewing some of the techniques of Association Rule Mining (ARM) and shall study their influence on the world of business. The rest of the paper is organized as: Section II will be a brief description of the basic concepts involved before ARM techniques are actually explained. Section III will elaborate the Apriori algorithm, section IV will deal with the MAFIA algorithm from ARM. And finally Section V will be the conclusion of the entire paper.

II. BASIC CONCEPTS: Before dwelling into what are the types of association rule mining, we need to focus on some of its basic concepts. ARM states that given a certain set of values (Itemsets) say A and B, where A and B are mutually exclusive, i.e.

and

Read as A implies B is an association rule, meaning that if A exists then B will also exist, then ARM is the process of finding all association rules in the entire data (D), where D consists of n records and m attributes or in other words it is transactional data. The itemset A or B consists of at most m items and that each transaction in D is an itemset.

The total number of patterns that exist in D is km–m-1, where k is the minimum cardinality for the existence of an itemset, i.e. if we want a minimum cardinality of 2 it will mean that the rules mined must have at least two itemset and m = 5, then the total number of potential itemset = 26, but this number increases exponentially with the increase in m and a constant k or at least a lower value of k. For instance if k = 2 and m = 50, the total number of potential itemsets shoots to 1125899906842573. Keeping record of all these many itemsets where they may or may not exist in D is very cumbersome; hence the need to maintain only interesting patterns where interestingness in the field of ARM is most commonly measured by the following two factors.

A. Support: It is the number of occurrences of an itemset in D.

Association Rule Mining Towards Business Solution Syed Salman Ahmed, Zahid Halim, Rauf Baig and Nusrat Habib

Department of Computer Science National University of Computer and Emerging Science, FAST-NU

H11/4 Islamabad, Pakistan. [email protected], [email protected], [email protected], [email protected]


73

We have to maintain a threshold factor on support to determine whether the itemset if frequent or not, this threshold is known by minsupport [2] and is defined as if support(A) ≥ minsupport then A is considered a frequent itemset (F). Normally this minsupport is a very small value as compared to the large value of n.

B. Confidence: It is the ratio of the support of an association rule to the support of the antecedent in that rule.

A threshold is also maintained for the confidence and is used to quantify the confidence level of the rule known as minconfidence threshold. Any rules failing below a certain confidence level are discarded. The confidence level required for rules is set to be relatively higher, so that appropriate and interesting rules are mined only.

An important point that must be raised at this point to have in mind for future reference is that for attributes that are not related to one another there might seem to exist some relation, however it will be definitely be misleading to follow such relations. Always remember to look for relation between co-related attributes and not anything else.

Rules are deduced/mined from D on the basis of some existing correlation among itemset in D. the rule extraction process has been divided into 2 phases [3]. The first phase finds the frequent itemsets (F) as mentioned above, while in the second phase interesting patterns are extracted from D on the basis of F.

This process of finding the interesting patterns is the one that forms the basis of a number of competitive techniques in ARM. The need for these techniques arises from the fast that there would not be a significant need for these techniques if the number of attributes were significantly small. However in the scenario where the number of attributes is very large, greater than 200 for instance, finding interesting patterns by mere brute force becomes computationally infeasible; where initially all the possible combinations of itemsets are noted along with the actual support in D, then rules are mined from this data based on the minsupport threshold and min-confidence threshold, where for large n and m the process becomes nearly computationally infeasible.

In the following sections, we will discuss some ARM techniques that primarily achieve the above-mentioned purpose but with prominent ease and algorithmic efficiency.

III. APRIORI: Agrawal, et al, presented the Apriori algorithm in 1994. The Apriori algorithm works on the principle that any subset of a frequent itemset must also be frequent, meaning that if {bread, butter, milk} is frequent then so will be {bread, butter}. Similarly, if an itemset is infrequent its superset should not be generated. A detailed description of the Apriori algorithm is given in [3], however we present here a summary of the algorithm describing only the required detail.

There are two major parts of the Apriori algorithm: the candidate generation phase and the support counting phase.

In the first phase candidates to be considered as frequent or not are generated. This is achieved once again in a two-step approach: the self-join step and the pruning step. In the self-join step, all candidates are added to each other to produce all the possible combinations; these are generated along with their support count. In

the prune step all those candidates that are determined to be, infrequent that less than the minsupport threshold are eliminated.

This entire first phase is the largest time consuming part of the entire process and is thus considered to be the downfall of the entire approach. Methods have been proposed that include the counting of more than the size of the current considered size of itemsets. Furthermore efficient candidate generation techniques are the focus of research these days.

The data structure used for storing the candidate itemsets along with their support count is a hash-tree structure. This enables for an efficient placement and retrieval mechanism of the itemsets.

To sum up the entire process, initially a set of candidate itemset and a set of frequent itemset are generated based on the minimum cardinality desired or in other words k. the support of the candidate set is verified and pruned where necessary and finally update the frequent itemset which qualifies the minsupport threshold.

Below is a diagrammatic summary of the described process. Taken under consideration is a type of market basket analysis where TID stands for Transaction ID and each represents an itemset. At the beginning of the example the transactions are listed, where from the initial itemsets are derived along with their support, and they are consequently pruned away. In the next iteration, the items in the itemset are increased and as in the previous step they are checked to be frequent with the minsupport threshold.

Fig. 1 Diagrammatic Summary of Apriori

IV. MAFIA: This algorithm was proposed by Burdick et al. [2] in 2001. MAFIA stands for Maximal Frequent Itemset Algorithm. This algorithm focuses on the Maximal Frequent Itemset (MFI) in D where MFI is the set of frequent Itemsets where no superset of it exists.

This algorithm works by maintaining a tree like structure of the entire itemset lattice. It does so quite efficiently and without repeating items in the lattice. An important requirement for this algorithm is that the transactional items be ordered within each transaction according to some pre-specified criteria, normally it would be better to simply maintain an ascending order of transactional items. This process is known as Dynamic Reordering.


74

The root node of the tree is maintained to as null and each next level node from the previous node is an extension of the items in the itemset. For instance consider the itemsets from Fig. 1 as representations in Fig 2.

Fig. 2 Tree Structure Representation of MAFIA

The working of MAFIA is similar to Apriori in the sense that both the algorithms work on the basis of negative selection; that is they both greatly depend on the pruning of the structure. MAFIA cuts the tree at such points that the branches below the cut (subsets) are deemed to be pruned away as they are termed to be infrequent, whereas the branches are termed to be frequent.

The most prominent advantage that MAFIA holds over Apriori is that Apriori needs constant recursive referral to the dataset, whereas MAFIA involves very few referrals to the dataset, in fact it nearly requires only a single complete traversal of the dataset, which saves a lot of time.

MAFIA works as a simple Depth First Search algorithm. Access to a particular item in the tree or finding whether a particular itemset is frequent or not requires a simple Head-to-Tail framework, where the path from the root node to the current node is termed as head and the path up to any possible leaf node forms the tail. For instance, in the tree structure drawn above a possible of a head-to-tail connection can be {[Sugar], [Butter Milk, Bread]} which obviously does not exist in the fig. 1 and so will be pruned away.

Furthermore, if the support of any particular node is found to be infrequent, its subsets are not explored, following the principle followed by Apriori algorithm as explained in section III. The depth first approach used helps limit any unnecessary traversals, thus increasing efficiency.

Tree Pruning Methods for Efficiency:

Following are some of the main types of tree pruning techniques used [2] to remove unnecessary, infrequent parts of the tree so as to drastically reduce search space.

A. Parent Equivalent Pruning (PEP): This method involves that the support of both the parent and its child are checked, if they are the same and that the child’s tail is similar to the remaining tail of the parent, then the parent and the child nodes are merged in conformance with the Apriori principle. This step does not compromise the overall performance and correctness of the system since we are not interested in counting individual items; rather we are interested in MFI.

B. Frequent Head Union Tail Pruning (FHUT): This method is also known as superset pruning. This method involves the pruning of any subset of an itemset (tail) rooted at some node if the head of that node is found to be frequent, consequently there is no need to explore the tail as it is found to be frequent. In principle if an itemset is found to be MFI its subsets will be Frequent Itemsets at the very least.

C. Head Union Tail MFI (HUTMFI): This is the opposite process of FHUT, whereby it looks for the superset of a HUT in the MFI, if it exists there then the HUT can be termed to be frequent and the tail can be pruned away at the current node.

Using these methods fast access to itemsets can be achieved, which leads to finding interesting patterns much more efficiently than other such methods.

V. CONCLUSION:

Businessmen always need to make the best out the little time they have while trying to maximize any and all sources of profit earning. To achieve their goals they need techniques from the area of data mining and more specifically association rule mining, which can enable them to reach to quick conclusions and finding of interesting patterns in data that would potentially lead to growth in their businesses. We have in this paper reviewed two such techniques and conducted a short market basket analysis with these techniques, to prove their effectiveness. It has been found that although both the techniques are good mining techniques, the MAFIA algorithm for finding important patterns is the better of the two.

REFERENCES: [1] R. Agrawal, T. Imielinski, and A. Swami. Mining association rules

between sets of items in large databases. In Proc. of the ACM SIGMOD Con-ference on Management of Data, Washington, D.C., May 1993.

[2] D. Burdick, M. Calimlim, and J. Gehrke. MAFIA: A maximal frequent itemset algorithm for transactional databases. In 17th International Conference on Data Engineering (ICDE’ 01), pages 443–452, Washington - Brussels - Tokyo, April 2001. IEEE.

[3] Rakesh Agrawal and Ramakrishnan Srikant. Fast algorithms for mining association rules in large databases. In International Conference On Very Large Data Bases (VLDB ’94), pages 487–499, San Francisco, Ca., USA, September 1994. Morgan Kaufmann Publishers, Inc.

[4] Sergey Brin, Rajeev Motwani, Jeffrey D. Ullman, and Shalom Tsur. Dynamic itemset counting and implication rules for market basket data. SIGMOD Record (ACM Special Interest Group on Management of Data), 26(2):255–264, June 1997.

[5] Bing Liu, Wynne Hsu, and Yiming Ma. Integrating classification and association rule mining. In KDD, pages 80–86, 1998.

[6] J. Han, Y. Cai, and N. Cercone. Knowledge discovery in databases: An attribute oriented approach. In Proc. of the VLDB Conference, pages 547-559, Vancouver, British Columbia, Canada, 1992.

[7] R. Agrawal, C. Aggarwal, and V. Prasad. Depth First Generation of Long Patterns. In 7th Int’l Conference on Knowledge Discovery and Data Mining, Aug. 2000.

[8] R. Agrawal, H. Mannila, R. Srikant, H. Toivonen, and A. I. Verkamo. Fast discovery of association rules. In U. Fayyad and et al, editors, Advances in Knowledge Discovery and Data Mining, pages 307–328. AAAI Press, Menlo Park, CA, 1996.

Sugar Butter Milk Tea Bread


75

Abstract — In this paper we propose a technique of

obtaining sharp images from multiple images having different focus areas. The method utilizes image diffusion and motion invariant techniques to obtain sharp images. Examples presented show the performance of the proposed technique.

Index Terms — Image diffusion, Multi Focused, Motion

Invariant, Image sharpness

I. INTRODUCTION Image sharpness or edge enhancement has been an active topic for researchers for many years. Still a lot of work is being done and different techniques have been proposed [1, 2]. According to the lens theory, we cannot focus on all parts of the scene at the same time. The focal length of a lens can be varied in order to get sharp image. The lens can only focus on a single point at a same time. If our requirement is to get the sharpest image in which all areas appear as if lens is focusing on all parts; one must capture multiple images of the same area focusing on all parts of the scene to be captured one by one [3,4,5]. Later, some image processing technique must be used to merge those multi-focused images like the one presented in [6]. The proposed algorithm in this paper first finds the matching area in two or more consecutive frames. Later, the sharpest part of one is diffused to other and the process continues. Two image acquisition techniques have been discussed, with single camera capable of taking multiple focus frames. Two cameras, creating same video of same scene ideally placed very close to each other. Rest of the paper is organized as follows. Next two sections discuss two cases of image acquisition. The motion invariance is discussed in section 4 while section 5 discusses the proposed technique. Simulation results are presented in Section 7 while the paper is concluded in section 6.

II. IMAGE ACQUISITION CASE-1 For this case, single high speed multi-focus camera is required that is capable of taking minimum 60 frames per second by taking all the even frames focusing at the background and all the odd frames focusing at the closer objects. Later, sharpening algorithm can be applied to get the sharpest.

III. IMAGE ACQUISITION CASE-2 For this case, two separate cameras are used in parallel, creating different videos of the same scene and same group of objects. Later, these two videos can be merged, using the proposed algorithm. One must assure that the cameras are close to each other having distance of not more than a few centimeters between them. One camera must focus at the background and other at the foreground.

IV. MOTION-INVARIANCE Video can be considered as a sequence of different but closely related images. Therefore, there is a great degree of similarity

between consecutive frames. In our work we have used 3x3 pixel window to look for similar objects. Once similar location in other frame is marked out, the size of the window is further increased to 7x7 or more in-order to verify the region for correctness. Similar regions are then treated as small scale separate images and the proposed algorithm is applied to get enhanced edges. Once enhanced edges are calculated in the small scale images, the source frame is updated with the new vales of enhanced edges.

V. PROPOSED TECHNIQUE Suppose, two images A and B have been acquired in a sequence, with one is focusing at the background and the other on the foreground. Since the images are assumed to be acquired in sequence the will have some similarity we therefore assume the case of very little similarity i.e., they just have slight overlapping area, which normally happens in fast motion videos. We now need to sharpen the first image by taking features from the second image, and then we need to find out similar area of the first image in the other image. For this purpose, we need to divide both images in sub images of size 3x3 or more. So if we have an image of size m x n where m=n then we will get (m-2)2 number of 3 x 3 sub images. The matrix of these sub images is given by:

A=

mnmm

n

AAA

AAA

.................

.........

21

11211

Therefore we get a general block matrix with m rows and n columns, where Aij is a sub matrix at the ith row and jth column of size 3x3. These sub matrices can be written as:

[ ]ijji aA =ˆ̂ˆ

where

2ˆˆ2ˆˆ

+≤≤

+≤≤

jjj

iii

where

)2(ˆ,ˆ −= mji Similarly the other image can be defined. Once, the sub-matrices are made, the difference matrix D between one image A and the second image B is calculated. For this we need to iterate one sub matrix of A with all the sub matrices of B and this process continues till we get (m-2)^4 difference matrices. Hence ,

jiji

BjiB

AjiA BAD ˆˆˆˆ

ˆˆˆˆˆˆ

ˆˆ −=

∈

∈

MOTION INVARIANT MULTI-FOCUSED IMAGE FUSION FOR VIDEO 1Adeel Khalid Siddiqui, 1Nadeem Talib, 2*Syed Ismail Shah and 2Jamil Ahmad

1National University of Modern Languages and Sciences, 2Islamabad, Iqra University Islamabad Campus

[email protected]


76

Fig. 1 Multiple blurred Images

Now we need to find individual sum of all the difference matrices

∑∑= =

=3

1

3

1ˆ̂ˆ̂ ][ˆ

j iijjiji aDD

Hence, the similar area in the other frame will be the group of pixels

where the difference of jiA ˆˆˆ

and jiB ˆˆˆ

is minimum, and the

minimum of these can be seen by looking at the minimum of jiD ˆˆˆ

Now, from the two images, the sub images S1 and S2 can be extracted because the corresponding similar areas have been identified. We now apply multiple focused method similar to the one proposed in Asada [6]. The algorithm can be written as follows: S1 = [aij]mxn

= ∑=

8

1ppd where

)(

)(

)(

)(

)(

)(

)(

)(

18

17

16

15

114

113

112

111

jiij

jiij

ijij

jiij

jiij

jiij

jiij

jiij

aadd

aadd

aadd

aadd

aadd

aadd

aadd

aadd

+

−

+

−

−−

++

−+

+−

−=

−=

−=

−=

−=

−=

−=

−=

where

1,11,1

1,00,100

),( ++++

++

−=

====

jiijjiij

jiijji

aaaad

aaaaa

DS [aij] = max(dp) Similarly S2 is calculated using the same DS. The entries in DS are replaced by ‘difference’ entries of S2 only if they are greater than the value stored at the same location already. The original value to be selected for the edge will be chosen from the matrix whose difference value was the greatest. Thus giving the sharpest value of all the pixels.

VI. SIMULATION RESULTS Consider the three images depicted in Figure 1a, 1b and 1c. The three images are of the same scene but are focusing different areas while the rest of the areas are blurred. The proposed algorithm was applied on the three images and the resultant image is shown in Figure 1d. As can be seen it presents a sharp image of the entire scene.

VII. CONCLUSION

This paper introduced a new approach for video enhancement by sharpening the foreground and the background at the same time using the technique of motion invariance by calculating the sharp features from its neighboring frames in motion; even sharper frames that borrow sharper areas form their neighbors are developed. This method is well suited for offline video processing. It can also be applied to the videos that have already been created up till now. Videos produced after being processed by this algorithm will appear to be more sharp and detailed then they were before. Simulation results show the performance of the proposed technique.

a) Input image 1, Focused at left

b) Input image 2, Focused at center

c) Input image 3, Focused at right

d) Resultant image, Completely Focused


77

REFERENCES [1] V.Maik, D.Cho, J.Shin and J.Paik, “Regularized Restoration Using

Image Fusion for Digital Auto Focusing” IEEE Transactions on Circuits and Systems for Video Technology VOL 17, NO. 10, Oct 2007

[2] V.Maik, D.Cho, J.Shin and J.Paik, “Pattern selective image fusion for multi-focus image reconstruction,” Proc.Comput. Anal. Image patt., LNCS, vol 3691, pp. 677-684, Sep. 2005

[3] M. Subbarao, T. C. Wei, and G. Surya, “Focused image recovery from two defocused images recorded with different camera settings,” IEEE Trans. Image Process., vol 4,no. 12,pp. 1613-1628, Dec. 1995

[4] A. Katsaggelos, J.Biemond, R. Scharfer, and R. Mersereau, “A

regularized iterative image restoration algorithm,” IEEE Trans. Signal Process., vol 39, no.4 pp. 914-929, Apr 1991

[5] L. Bogoni and M. Hansen, “Pattern selective color image fusion,” Int. J. Patt. Recog., vol 34, pp. 1515-1526, 2001.

[6] N. Asada, H. Fujiwara and T. Matsuyama, “Edge and Depth from Focus” Int. J. Comp. Vision., vol 26, no. 2 pp 153-163, Feb 1998


78

Abstract — "Deep Web" is the hidden but distributed

repository of data lying in the databases and other documents which is not accessible through search engines. This information is mostly accessible through query interfaces and only the authorized users can query it after login. As a result data access is restricted to the search engines and web crawlers as well. In this paper a new algorithm DWToSW (Deep Web To Surface Web) is proposed that aims to bring Relational Database over the surface web via semi structured XML thus attempting to locate and quantify material on the Web that is hidden from typical search techniques.

I. INTRODUCTION The word deep Web refers to the World Wide Web content that is not a part of the surface web indexed by search engines. It is estimated that the deep Web [4] is several magnitudes larger than the surface Web and contains approximately 7,500 terabytes of data and more than 550 billion individual documents. To discover content on the Web, search engines use web crawlers that follow hyperlinks. This technique is ideal for discovering resources on the surface Web but is often ineffective at finding deep Web resources. For example, these crawlers do not attempt to find pages that are the result of database queries due to the infinite number of queries that are possible. This can be partially overcome by providing links to query results, but this could unintentionally inflate the popularity for a member of the deep Web. Thus the data present in the deep web must be converted to some other form so that it can be accessed by web crawlers. The Title, From Deep Web up to the Surface Web, is chosen purposely and that is to show migration from RDBMS to XML. Rest of the paper is organized as follows: Section 2 presents different techniques of XML to RDBMS conversion. In section 3 a technique named as publishing rules is explained that uses 11 rules for publishing RDB to XML step by step using a many to many relationship example and also the inefficiencies in these rules are highlighted. In section 4 a proposed algorithm DWToSW (Deep WEB To Surface Web) is presented for RDBMS to XML conversion. In section 5 the working of proposed algorithm is explained with the help of different examples, and finally in section 6 a conclusion is made.

II. FROM XML TO RDBMS (SURFACE WEB TO DEEP WEB) The approaches CLOB, SHREDDING and NATIVE XML are the mechanisms to store XML files in Relational DB Systems. - In CLOB technique, the actual XML document including the tags

and data, not the DTD, is saved in any underlying Database System. The attribute which contains this document is a varchar field. This technique is only employed when full document insertion and retrieval is required and no sub-document operation is needed.

- In SHREDDING (means scattering) technique, all the tags from the XML document are removed using some Parsing mechanism. Now the underlying DB system can be relational, and the data is stored in the relevant tables using shredder algorithm which can be proprietary. In this mechanism, sub-document insertion,

updation and removal can be performed using SQL queries or XQUERY/XPATH to SQL Mapping can do this.

- In NATIVE XML technique, the document is stored not in any underlying DB system but in the form of a Tree Data Structure. Therefore XQUERY/XPATH to SQL mapping is not required.

Some rules are employed on an input Relational Schema and an XML Schema in the form of DTD file is produced which then produces XML pages.

III. FROM RDBMS TO XML (DEEP WEB TO SURFACE WEB)

We defined 11 rules that convert a Relational DB to the corresponding XML file by generating its schema in DTD. We have taken the example of Student Course Registration System. The tables in un-normalized and normalized form are shown in figure 1 and 2 respectively.

In this example, a student can register many courses and a course can be registered by many students. The un-normalized many to many tables of Figure1 can be converted to normalized one-to-many-to-one relationship by introducing a Join table (Microsoft says) [6] or a Bridge table (DB says). This table StudentCourse contains the primary keys of the two tables, Student and Course, and makes them the composite key. The bold arrows show the direction of traversal. This can now easily be solved by the 11 rules as mentioned in the First Draft

FROM DEEP WEB UP TO THE SURFACE WEB Peer Azmat Shah, Muhammad Maaz Rehan

Department of Computer Science Mohammad Ali Jinnah University, Islamabad Pakistan.



79

A. Publishing (RDB to XML) Step by Step process [2] In a DTD, a table is mapped to an !ELEMENT declaration, attributes to !ATTLIST declaration, type of attribute as CDATA, Not-Null value with #REQUIRED declaration and NULL value with #IMPLIED. Rule 1: Choose tables and columns from relational database to be included in the documents The Relational Schema is - Student (RegNo, Name (NOT NULL), Address(NOT NULL), Hobbies(NULL)) - StudentCourse (RegNo, Course) - Course (Code, Name(NOT NULL), CreditHours(NOT NULL)) Rule 2: Create a root element for the DTD and declare any attributes of that element that are required to hold additional semantic information. Root element's names should describe their content. // Rule: 2 <!ELEMENT UniversityCourseRegistration EMPTY> <!ATLIST UniversityCourseRegistration

UniversityName #REQUIRED Location #REQUIRED ContactNo #REQUIRED>

Rule 3: Model the Content Tables Create an element in the DTD for each content table we have chosen to model. Declare these elements as EMPTY . <!ELEMENT UniversityCourseRegistration EMPTY> <!ATLIST UniversityCourseRegistration UniversityName #REQUIRED Location #REQUIRED ContactNo #REQUIRED > // Rule: 3 <!ELEMENT Student EMPTY> <!ELEMENT StudentCourse EMPTY> <!ELEMENT Course EMPTY> Rule 4: Modeling Non-foreign Key Columns Create an attribute for each column we have chosen to include in our XML document (except foreign key columns) <!ELEMENT UniversityCourseRegistration EMPTY> <!ATLIST UniversityCourseRegistration UniversityName #REQUIRED Location #REQUIRED ContactNo #REQUIRED> <!ELEMENT Student EMPTY> <!ATLIST Student // Rule: 4 RegNo CDATA #REQUIRED

Name CDATA #REQUIRED Address CDATA #REQUIRED>

<!ELEMENT StudentCourse EMPTY> // Foreign Keys <!ELEMENT Course EMPTY> <!ATLIST Course

Code CDATA #REQUIRED //Rule: 4 Name CDATA #REQUIRED

CreditHours CDATA #REQUIRED> Rule 5: Adding ID Attributes (Primary Keys) to the Elements (for use in Rule 9)

Add an ID attribute to each of the elements created in the target DTD Schema excluding root element. We use element name followed by ID as the Primary key to avoid name collisions. Primary attribute type is ID and #REQUIRED is must. <!ELEMENT UniversityCourseRegistration EMPTY> <!ATLIST UniversityCourseRegistration UniversityName #REQUIRED Location #REQUIRED ContactNo #REQUIRED> <!ELEMENT Student EMPTY> <!ATLIST Student

StudentID ID #REQUIRED // Rule: 5 RegNo CDATA #REQUIRED Name CDATA #REQUIRED Address CDATA #REQUIRED Hobies CDATA #IMPLIED> <!ELEMENT StudentCourse EMPTY> <!ATLIST StudentCourse // Rule: 5

StudentCourseID ID #REQUIRED> <!ELEMENT Course EMPTY> <!ATLIST Course CourseID ID #REQUIRED // Rule: 5 Code CDATA #REQUIRED Name CDATA #REQUIRED CreditHours CDATA #REQUIRED>

Rule 6: Representing Lookup Tables

If a foreign key references a lookup table:

- Create an attribute in the element containing foreign key

- Keep attribute name same as the referenced table name, and make it #REQUIRED or #IMPLIED

- Make the attribute of the enumerated list type. The allowable values should be some human-readable form of the description column for all rows in the lookup table

In our example, Hobies in Student table is an enumerated data type (allows NULL) and its look-up table is Hobbies.

<!ELEMENT UniversityCourseRegistration EMPTY> <!ATLIST UniversityCourseRegistration UniversityName #REQUIRED Location #REQUIRED ContactNo #REQUIRED> <!ELEMENT Student EMPTY> <!ATLIST Student StudentID ID #REQUIRED RegNo CDATA #REQUIRED Name CDATA #REQUIRED Address CDATA #REQUIRED // Rule : 6 Hobies (Cricket | Other) #IMPLIED> <!ELEMENT StudentCourse EMPTY> <!ATLIST StudentCourse StudentCourseID ID #REQUIRED> <!ELEMENT Course EMPTY> <!ATLIST Course CourseID ID #REQUIRED Code CDATA #REQUIRED Name CDATA #REQUIRED


80

CreditHours CDATA #REQUIRED>

Rule 7: Adding Element Content to Root elements

We add element content for the type of information we want to publish in our documents, so we add it in root element. It means our documents will contain data from these tables only.

<!ELEMENT UniversityCourseRegistration (Student*)> // Rule: 7 <!ATLIST UniversityCourseRegistration UniversityName #REQUIRED Location #REQUIRED ContactNo #REQUIRED> <!ELEMENT Student EMPTY> <!ATLIST Student StudentID ID #REQUIRED RegNo CDATA #REQUIRED

Name CDATA #REQUIRED Address CDATA #REQUIRED Hobies (Cricket | Other) #IMPLIED> <!ELEMENT StudentCourse EMPTY> <!ATLIST StudentCourse StudentCourseID ID #REQUIRED> <!ELEMENT Course EMPTY> <!ATLIST Course CourseID ID #REQUIRED Code CDATA #REQUIRED Name CDATA #REQUIRED CreditHours CDATA #REQUIRED>

Rule 8: Adding Relationships through Containment

(One-to-One/Many or Single Parent Relationship)

If the relationship is one-to-one or one-to-many in the direction we selected for navigation, and no other relationship leads to the child within the selected subset, then add the child element as element content of the parent element with the appropriate cardinality which is ? for on-to-one and * for one-to-many.

In our direction of traversal, there is a one-to-many relation and a many-to-one relationship, from Student to StudentCourse and then from StudentCourse to Course, respectively.

<!ELEMENT UniversityCourseRegistration (Student*)> <!ATLIST UniversityCourseRegistration UniversityName #REQUIRED Location #REQUIRED ContactNo #REQUIRED> <!ELEMENT Student (StudentCourse*) > // Rule: 8 <!ATLIST Student StudentID ID #REQUIRED RegNo CDATA #REQUIRED Name CDATA #REQUIRED Address CDATA #REQUIRED Hobies (Cricket | Other) #IMPLIED> <!ELEMENT StudentCourse EMPTY> <!ATLIST StudentCourse StudentCourseID ID #REQUIRED> <!ELEMENT Course EMPTY> <!ATLIST Course CourseID ID #REQUIRED

Code CDATA #REQUIRED Name CDATA #REQUIRED CreditHours CDATA #REQUIRED>

Rule 9: Adding Relationship using IDREF (Many-to-One or Multiple Parent Relationship)

If the relationship is many-to-one, or the child has more than one parent, then we need to use pointing to describe the relationship. This is done by adding an IDREF to the element on the parent side of the relationship. The IDREF should point to the ID of the child element. <!ELEMENT UniversityCourseRegistration (Student*)> <!ATLIST UniversityCourseRegistration UniversityName #REQUIRED Location #REQUIRED ContactNo #REQUIRED> <!ELEMENT Student (StudentCourse*)> <!ATLIST Student StudentID ID #REQUIRED RegNo CDATA #REQUIRED Name CDATA #REQUIRED Address CDATA #REQUIRED Hobies (Cricket | Other) #IMPLIED> <!ELEMENT StudentCourse EMPTY> <!ATLIST StudentCourse StudentCourseID ID #REQUIRED // Rule: 9

CourseIDREF IDREF #REQUIRED> <!ELEMENT Course EMPTY> <!ATLIST Course CourseID ID #REQUIRED Code CDATA #REQUIRED Name CDATA #REQUIRED CreditHours CDATA #REQUIRED> Rule 10: Adding Missing Elements For any element that is only pointed to in the so far created structure, add that element as allowable element content of the root element. Set the cardinality suffix of the element being added, to *. This is because it is only pointed to, not contained. In our case Course is the missing element, as it is being 'pointed by' and has not 'pointed to'. <!ELEMENT UniversityCourseRegistration (Student*, Course*)> // Rule: 10 <!ATLIST UniversityCourseRegistration UniversityName #REQUIRED Location #REQUIRED ContactNo #REQUIRED> <!ELEMENT Student (StudentCourse*)> <!ATLIST Student StudentID ID #REQUIRED RegNo CDATA #REQUIRED Name CDATA #REQUIRED Address CDATA #REQUIRED Hobies (Cricket | Other) #IMPLIED> <!ELEMENT StudentCourse EMPTY> <!ATLIST StudentCourse StudentCourseID ID #REQUIRED CourseIDREF IDREF #REQUIRED>


81

<!ELEMENT Course EMPTY> // Missing Element <!ATLIST Course CourseID ID #REQUIRED Name CDATA #REQUIRED

CreditHours CDATA #REQUIRED> Rule 11: Remove Unwanted ID Attributes (created in Rule 5) ID attributes not referenced by IDREF attributes in the DTD must be removed. <!ELEMENT UniversityCourseRegistration (Student*, Course*)> <!ATLIST UniversityCourseRegistration UniversityName #REQUIRED Location #REQUIRED ContactNo #REQUIRED> <!ELEMENT Student (StudentCourse*)> <!ATLIST Student RegNo CDATA #REQUIRED // Rule: 11 Name CDATA #REQUIRED Address CDATA #REQUIRED Hobies (Cricket | Other) #IMPLIED> <!ELEMENT StudentCourse EMPTY> <!ATLIST StudentCourse // Rule: 11

CourseIDREF IDREF #REQUIRED> <!ELEMENT Course EMPTY> <!ATLIST Course CourseID ID #REQUIRED

// Cannot Remove CourseID Code CDATA #REQUIRED Name CDATA #REQUIRED CreditHours CDATA #REQUIRED>

B. Produced XML Document From the data of Figure 3 the XML document produced will be: <?xml version="1.0"?>

<!DOCTYPE UniversityCourseRegistration "http://MAJU/mmdb/secondDraft.dtd" >

<UniversityCourseRegistration UniversityName="MAJU" Location="Blue Area, Islamabad", ContactNo="051-111878787">

<Student RegNo="MS071017" Name="Peer" Address="Mansehra" Hobbies="Reading" <StudentCourse CourseIDREF=CS1234/> <Course CourseID=CS1234> Name="MMDB" CreditHours="3" </Course> <Student RegNo="MS063014" Name="Maaz" Address="D. I. Khan" Hobbies="" <StudentCourse CourseIDREF=CS1234/> <Course CourseID="CS1234"> Name="MMDB" CreditHours="3" </Course> <Student RegNo="MS071017" Name="Peer" Address="Mansehra"

Hobbies="Reading" <StudentCourse CourseIDREF= CS5678/> <Course CourseID= CS5678> Name=" MMSIP " CreditHours="3" </Course> <Student RegNo="MS063014" Name="Maaz" Address="D. I. Khan" Hobbies="" <StudentCourse CourseIDREF= CS5678/> <Course CourseID=" CS5678"> Name=" MMSIP " CreditHours="3" </Course> </UniveristyCourseRegistration>

Fig. 3 Data in Relational Tables

C. In-efficiencies in the Publishing rules - Rule 5 creates ID attributes only for the sake of its own

processing and then deletes them in Rule 11, which is an overhead.

- The concept of IDREF introduced in Rule 9 brings additional processing or indirection; we can represent (M M) relationship of Relational DB in XML document by introducing a Sub Tag, e.g. Course Tag in Student Tag where, there is (M M) relationship in Student and Course.

IV. PROPOSED ALGORITHM (DWTOSW) FOR “RDB TO XML CONVERSION”

INPUT: SQL Create Queries OUTPUT: XML DTD 01- Create Root Element detail as entered by the User

// Required to hold Semantic Information 02- For Each Table’s Create Query 03- If TABLE has PK 04- { 05- If TABLE has ONE FK 06- { 07- Create ELEMENT & ATLIST tags for this table 08- place its name in the ELEMENT tag whose primary

key is referred 09- } 10- else if TABLE has more than ONE FKs 11- { 12- Create ELEMENT & ATLIST tags for this table 13- place its name in the ELEMENT tag whose primary

key is referred 14- add subsequent FK table names in the ELEMENT

tag mentioned in 11 15- } 16- else 17- {


82

18- Create ELEMENT & ATLIST tags for this table 19- } 20- } 21- else if the TABLE has Composite Key 22- { 23- if TABLE has more than ONE FKs NOT part of

Composite Key 24- { 25- Create ELEMENT & ATLIST tags for this table 26- place its name in the ELEMENT tag whose

primary key is referred 27- add subsequent FK table names in the ELEMENT

tag mentioned in 11 28- } 29- else if ONE Key in Composite Key, is PK in Another

TABLE 30- { 31- Create ELEMENT & ATLIST tags for this table 32- place its name in the ELEMENT tag whose primary

key is referred 33- } 34- else if More than ONE Keys in Composite Key, are

PKs in other TABLEs 35- { 36- place ONE attribute’s table name in other another

Attribute’s Table 37- Ignore this Table (the Bridge/Join table) 38- } 39- }

V. EXAMPLE CASES

Case 1: One-to-Many The DTD of Figure: 3 after executing - lines 03 & 18 for Book, and - 05 – 08 for Accession is given below. // Root <!ELEMENT LibrarySystem (Book*)> <!ATLIST LibrarySystem University #REQUIRED LibraryName #REQUIRED

URL #REQUIRED> <!ELEMENT Book (Accession*)> <!ATLIST Book BID CDATA #REQUIRED Name CDATA #REQUIRED ISBN CDATA #REQUIRED> <!ELEMENT Accession EMPTY> <!ATLIST Accession BID CDATA #REQUIRED AccNo CDATA #REQUIRED>

The DTD of Figure: 4 after executing - lines 03 & 18 for Employee, and - lines 21 and 29-32 for EmpSkill is given below. // Root <!ELEMENT EmployeeIS (EmpSkill*)> <!ATLIST EmployeeIS CompanyName #REQUIRED URL #REQUIRED> <!ELEMENT Employee (EmpSkill*)> <!ATLIST Employee EID CDATA #REQUIRED Name CDATA #REQUIRED Desig CDATA #REQUIRED> <!ELEMENT EmpSkill EMPTY> <!ATLIST EmpSkill EID CDATA #REQUIRED Skill CDATA #REQUIRED> Case 2: Many-to-Many (Normalized in RDB using the Bridge/Join) The DTD of Figure: 5 after executing - line 03 and 18 for Table Book and Author, and - line 21 and 34-37 for Table BKAuthor is given below // Root <!ELEMENT LibraryIS (Book*)> <!ATLIST LibraryIS University #REQUIRED LibraryName #REQUIRED

URL #REQUIRED> <!ELEMENT Book (Author*)> <!ATLIST Book

Figure: 3

Book

BID Name ISBN

Accession

BID AccNo

1 *

Figure: 4

Employee

EIDNameDesig

EmpSkill

EID Skill

1 *

* 1

Book

BIDNameISBN

1 *

Author

AuthorID Name Address

BKAuthor

BID AuthorID

Figure: 5


83

BID CDATA #REQUIRED Name CDATA #REQUIRED ISBN CDATA #REQUIRED> <!ELEMENT Author EMPTY> <!ATLIST Author AuthorID CDATA #REQUIRED Name CDATA #REQUIRED

Address CDATA #REQUIRED>

The DTD of Figure: 6 after executing - line 03 and 18 for Table Passenger and Flight, - and, line 03 and 10-14 for Table Reservation is given below. // Root <!ELEMENT AirTicketReservationSystem (Passenger*, Flight*)> <! ATLIST AirTicketReservationSystem AirLine #REQUIRED

URL #REQUIRED> <!ELEMENT Passenger (Rservation*, Flight*)> <!ATLIST Passenger PID CDATA #REQUIRED Name CDATA #REQUIRED Address CDATA #REQUIRED>

<!ELEMENT Reservation EMPTY> <!ATLIST Reservation RID CDATA #REQUIRED PID CDATA #REQUIRED

FID CDATA #REQUIRED> <!ELEMENT Flight EMPTY> <!ATLIST Flight FID CDATA #REQUIRED DepTime CDATA #REQUIRED>

VI. CONCLUSION The proposed algorithm DWToSW (Deep Web To Surface Web) is mapped on different examples from RDBMS and was found that it generates the DTD efficiently. It’s DTD is more comprehensive and understandable to present schema as compared to the traditional technique of 11 publishing rules for RDB to XML conversion.

REFERENCES [1] George Lapis. “XML and Relational Storage–Are they mutually

exclusive?”, IBM Corporation, 2005 http://www.idealliance.org/proceedings/xtech05/papers/02-05-01/

[2] Kevin Williams, Michael Brundage, Patrick Dengler, Jeff Gabriel, Andy Hoskinson, Michael Kay, Thomas Maxwell, Marcelo Ochoa, Johnny Papa, Mohan Vanmane, “Professional XML Databases”, WROX Press, 2005.

[3] Jennifer Chu-Carroll, John Prager, Krzysztof Czuba, David Ferrucci , and Pablo Duboue, “Semantic Search via XML Fragments: A High- Precision Approach to IR”, Proceedings of the 29th annual international ACM SIGIR conference on Research and development in information retrieval, Seattle, Washington, USA, Pages: 445 – 452, 2006.

[4] www.en.wikipedia.org/Information retrieval [5] Michael Champion, “Native XML vs. XML- enabled: The difference

makes the difference” http://www.softwareag.com/xml/library/xml_outlook_2001.htm

[6] “Microsoft SQL Server on-line Help” http://msdn2.microsoft.com/en-us/library/ms169620.asp

* 1

Passenger

PID Name Address

1 *

Flight

FID DepTime

Reservation

RID PID FID

Figure: 6


Session III Conference Chapter on Communication Chair Prof. Dr. Salikhov Tagaimurod Khaitovich Department of Physics

Kohat University of Science & Technology, Pakistan


84

Abstract — VoIP over Wireless-LANs (VoWLANs) is gaining importance due to its excellent potential in wireless voice communication. With the rapid deployment of WLANs, there is a growing demand for WLANs to support voice applications. In this paper we present simulation results for seven voice coders i.e. G.711, G.723.1, G.728 LDCELP G.729, G.726 ADPCM, G.729 CS-ACELP, and GSM under similar load conditions for interactive Voice over WLAN system utilizing the IEEE 802.11b wireless LAN standard. The analysis is based upon packet end-to-end delay and variance in delay measurements. In our previous work [1], we suggested G.723.1 codec for transmission over WLAN when there was only voice traffic. This paper extends our earlier work and explores the performance of seven different codecs when integrated Voice/Data traffic is transmitted simultaneously over WLAN. From our simulation results, we again emphasize the use of the G.723.1 vocoder that provides least end-to-end delay and packet delay variation when the WLAN is used for the transmission of integrated Voice/Data traffic.

Index Terms — Vocoders, WLANs, VoWLAN

I. INTRODUCTION WLANs have been widely deployed in recent years. Voice over IP over WLAN, also called Voice over WLAN (VoWLAN or wi-fi phone), is regarded as one of the killer application for public and private WLANs. However, VoWLAN suffers from a number of technical challenges that make the commercial and large VoWLAN services difficult to provide [2]. But this technology is expected to experience dramatic growth in the near future [3] . Voice over IP (VoIP) is a form of voice communication that uses data networks to transmit voice signals. For transmission the voice signal needs to be encoded at one end of the communication channel and sent as packets through the data network. The encoded signal is decoded at the receiving end and transformed back in the form of voice signal. There are different vocoders like G.711, G.723.1, G.729, G.726 ADPCM, G.728 LD-CEPT, and G.729 CS-ACELP, GSM etc that can be used for voice transmission over Wireless local area networks (WLANs). The G.711 is an ITU-T standard audio codec and represents voice signal sampled at the rate of 8000 samples/second using logarithmic Pulse-Code Modulation (PCM). Similarly, the G.729 standard compresses voice audio in chunks of 10 milliseconds frames. It is mostly used in Voice over IP (VoIP) applications for its low bandwidth requirement in wireline networks. This codec operates at 8 kbit/s. The G.723.1 is another audio codec for voice that compresses voice audio in 30 ms frames and is mostly used for VoIP applications due to its low bandwidth requirement. The G.726 is an ADPCM speech codec standard with transmission rates of 16, 24, 32, and 40 kbit/s. The most commonly used mode is 32 kbit/s which is half the rate of G.711, and consequently increases the usable network capacity by 100%. Adaptive Multi-Rate (AMR) is another audio data compression scheme optimized for speech

coding.. AMR is adopted as the standard speech codec by 3GPP in October 1998 and is now widely used in GSM [ 4]. As VoIP permeates from the wireline to the wireless world, performance issues arise due to differences in the characteristics of wireline and wireless networks. Delay and jitter are the key factors that impact packet voice quality in the fixed Internet and are further magnified in a WLAN environment. Due to access point congestion and poor link quality high delay variation is not unusual in an 802.11b network. Such a high jitter complicates proper reconstruction of the speech signal at the receiver and so packet voice quality in WLAN environment can be severely degraded [5]. The objective of this paper is to simulate different vocoders for hybrid voice/data traffic scenario and to analyze the voice characteristics like Packet End-to-End Delay and Packet Delay Variation for different encoders. This paper is organized as follows. In Section II, we present the related work, in Section III our simulation model is discussed, Section IV presents and discusses the results, and Section V provides conclusions.

II. RELATED WORK Shiao-Li Tsao presents the general procedure to establish a voice over wireless LAN (VoWLAN) and describes various problems and challenges to both WLAN technologies and VoIP systems [2]. Among other challenges, QoS is an important issue. Jong-O Kim, Hideki Tode, and Koso Murakami discuss mixing voice and data traffic over a WLAN and investigate the QoS [6]. Due to its strict delay requirement, voice is severely interfered by Best effort (BE) data. They also propose an enhanced medium control scheme, called vDCF which is designed to simply enhance the legacy DCF. Quan and Hui [7] analyze a polling scheme called Deficit Round Robin (DRR) polling scheduling algorithm to enhance the performance of a WLAN to support a voice application. Kamesh Medepalli, Praveen Gopalakrishnan, David Famolari and Toshikazu Kodama present analytical and simulation results for the conversational speech capacity of WLANs [8]. Veeraraghavan, N.Cocher, and T. Moors [9] use the PCF mode of the 802.11 MAC protocol (which uses a polling scheme) to carry voice traffic. The objective of their work is to limit the number of call to guarantee delay within bounds. Ping Wang, Hai Jiang, and Weihua Zhuang propose several mechanisms to enhance voice quality of service for hybrid voice/date traffic in a WLAN environment [10]. We have simulated and analyzed the effect of different voice encoders in a hybrid voice/data traffic environment for transmission over WLAN and suggested an encoder that can provide the highest user satisfaction based on our simulation results.

ANALYSIS OF VoIP BY USING DIFFERENT VOCODERS IN IEEE 802.11b WIRELESS NETWORKS

Ihsan Ul Haq1, Khawaja M. Yahya1, Ghulam Mubashir Hassan1, Tariq M. Jadoon2

1Department of Computer Systems Engineering, NWFP University of Engineering and Technology, Peshawar Pakistan

{ihsan, yahya.khawaja, [email protected]} 2Department of Computer Science, LUMS, Lahore, Pakistan

[email protected]


85

III. SIMULATION MODEL This section discusses the simulation model used to analyze interactive voice communications over a WLAN in an integrated Voice/Data scenario. The simulation has been performed using OPNET Modeler 10.5 and eight different scenarios have been designed to study the effect of Voice coders on the performance of VoIP over WLAN. In each scenario, all the physical characteristics of the WLAN have been kept constant like data rate of the network i.e. 11 Mbps. The voice encoder is changed in each scenario to study its effect over speech transmission. The infrastructure BSS network model that consists of WLAN nodes in a 100 x 100 meter2 area modeling an office environment is used for simulation as shown in Figure 1.

Fig. 1 WLAN (Infrastructure BSS) Network Model The WLAN parameters chosen for all workstations are shown in Figure 2. The data rate is set to 11 Mbps and Direct sequence spread spectrum (DSSS) is used to emulate an IEEE 802.11b WLAN. The 802.11b amendment to the original standard was ratified in 1999. 802.11b has a maximum raw data rate of 11 Mb/s and uses the CSMA/CA media access method defined in the original standard. Due to the CSMA/CA protocol overhead, in practice the maximum throughput that an application can achieve is about 5.9 Mb/s using TCP and 7.1 Mb/s using UDP [11]. The details of voice encoders used for the simulation are presented in Table 1. The UDP/IP has been used for voice application as being traditionally implemented for multimedia transmission [12] and TCP/IP has been implemented for data application.

IV. RESULTS The metrics that are collected for analysis include:

• End-to-End Delay (sec) & • Packet Delay Variation (sec)

Seven different voice encoders have been used in the simulation and the Packet End-to-End Delay and Packet Delay Variation has been analyzed for a WLAN carrying voice and FTP traffic. The simulation has been designed so that the Packet End-to-End Delay and Packet Delay Variation is measured after every 7.2 seconds. The mean, standard deviation, minimum value, maximum value and

confidence interval for 90% confidence level have been calculated for each vocoder. All these statistics are available in Table 2 and 3.

Fig. 2 Wireless Station Parameters

TABLE I VOICE ENCODER DETAILS

S. No

Vocoder

Frame Size

(msec)

Coding Rate (kbps)

Speech Activity

Detection1. G.729 10 8 Disabled 2. G.723.1 30 5.3 Disabled 3. G.711 4 64 Disabled 4. G.726

ADPCM 10 32 Disabled

5. G.729 CS-ACELP

5 8 Disabled

6. GSM 20 13 Disabled As a particular random seed value can potentially result in an anomalous or non representative behavior. Multiple seed values have been used to obtain standard or typical behavior. The graphs for Packet End-to-End Delay and Packet Delay Variation are shown in Figure 3 and 4 respectively. The tabular and graphical simulation results clearly indicate that G.723.1 voice coder provides least mean, standard deviation, minimum value and maximum value for both Packet End-to-End Delay and Packet Delay Variation, which is highly desirable for real time application like voice communication. Moreover, it has been observed that the introduction of FTP traffic increases the jitter. In one of the scenario, G.723.1 voice encoder is implemented for interactive voice traffic only but under same conditions, the FTP has been introduced into the network and it has been observed that the average Packet Delay Variation has increased from 9.86E-08 to 3.43E-07 and standard deviation has increased from 2.67E-09 to 7.29E-08. This result indicates that the data traffic (FTP Traffic) has an effect over the quality of voice.

V. CONCLUSIONS We compared the performance of seven audio codecs i.e.G.729, G.723.1, G.711, GSM, G.726 ADPCM, G.728 LC CELP and G.729 CS-ACELP in a WLAN environment under similar load conditions i.e. voice is interactive and data traffic is best effort. The simulation results show that the use of the G.723.1 audio codec in a WLAN


86

TABLE II STATISTICAL COMPARISON FOR PACKET END-TO-END

TABLE III STATISTICAL COMPARISON FOR PACKET DELAY

Fig. 3 Packet End-to-End Delay Comparison for Different Vocoders


87

gives least Packet End-to-End Delay and Packet Delay Variation and thus can provide the acceptable user satisfaction for Voice over WLAN.

REFERENCES [1] Ihsan Ul Haq, Khawaja M. Yahya, Raziq Yaqoob, Tariq M. Jadoon,

“Effect of Speech Activity Detection in IEEE 802.11 Wireless Networks” IEEE International Conference on Emerging Technologies”, 12-13 Nov- 2007, Rawalpindi Pakistan.

[2] Shiao-Li Tsao, “Research challenges and perspectives of voice over wireless LAN”, IEEE Emerging Information Technology Conference, 15-16 Aug 2005.

[3] Ping Wang, Hai Jiang, Weihua Zhuang, “IEEE 802.11e enhancement for voice service”, IEEE Wireless Communications, Volume: 13, issue 1, Page(s): 30 – 35, Feb 2006.

[4] http://en.wikipedia.org/wiki/ List_of_codecs [5] Miroslaw Narbutt and Mark Davis, “An Assessment of the Audio

Codec Performance in Voice over WLAN (VoWLAN) Systems”, IEEE Proceedings of the Second Annual International Conference on Mobile and Ubiquitous Systems, Page(s):461 – 467, 17-21 July 2005.

[6] Jong-Ok Kim, Hideki Tode, and Koso Murakami, “Friendly

Coexistence of Voice and Data Traffic in IEEE 802.11 WLANs”, IEEE Transaction on Consumer Electronics, Volume 52, Issue 2, Page(s) 347-354, 21 March 2006.

[7] Wan Quan, Du Ming Hui, “Improving the Performance of WLAN to Support VoIP Application”, IEEE Wireless communication.

[8] Kamesh Medepalli, Praveen Gopalakrishnan, David Famolari and Toshikazu Kodama, “Voice Capacity of IEEE 802.11b, 802.11a and 802.11g Wireless LANs”, Second International Conference on Mobile Technology, Applications and Systems, 15-17 November 2005.

[9] M. Veeraraghavan, N.Cocher, T. Moors, “Support of Voice Services in IEEE 802.11 Wireless LANs,” IEEE INFOCOM 2001, Volume 1, page(s) 488-497, 22-26 April 2001,

[10] Ping Wang, Hai Jiang, and Weihua Zhuang, “Performance Enhancement for WLAN Supporting Integrated Voice/Data Traffic”, IEEE International Conference on Communications, Volume 8, page(s) 3808-3813, June 2006.

[11] J. Postel, “User Datagram Protocol”, RFC 768, August 1980. [12] http://en.wikipedia.org/wiki/802.11_b # 802.11b

Fig 4 Packet Delay Variation Comparison for Different Vocoders


88

Abstract — The emergence of wireless networks has introduced new ideas like m-commerce, m-banking, m-learning etc. Majority of the people now have mobile phones which they use for different purposes in addition to making and receiving phone calls. In all educational institutions Student evaluation is a major task performed by instructors for grading of students and quizzes are often used for this purpose. In this paper we identify some problems in the current methods of taking quizzes and then propose a solution by suggesting a novel method for taking the quizzes using handheld devices like mobile phones and PDAs.

Index Terms — SMS, WAP, J2ME.

I. INTRODUCTION

Almost all educational institutions have significant portion of weight allocated for internal tests/quizzes for students grading. The questions in the quizzes are of the form true/false, multiple choice, fill in the blanks and/or free text answers. There are certain problems in the current methods of taking the quizzes that are given as under:

1. Due to increased workload the instructor doesn’t find sufficient time to prepare the test properly.

2. Composing, printing and photocopying of the quiz paper, and checking of the students’ answers and tabulation also takes instructors’ time.

3. Sometime due to rush on the photocopying machines the instructor leave the test paper with the photocopier operator which leads to security vulnerability.

4. Students demand for a quick response of their test results but usually the results are delayed due to time constraints of the instructor.

5. Comparison of different tests for individual students is not carried out to know whether a particular student is improving or otherwise.

6. Comparison of students’ attendance, final exam result and tests is not taken into account. If we compare the students’ attendance with the test results it may give us very useful information; for instance students with good attendance get good marks but if the case is not like, it may lead to some other questions like “was the topic not taught properly?”, “was the test too difficult?” etc. If we compare the test results and the final exam result the percentage of marks obtained should be comparable otherwise it will mean many things like “either the final exam or the test were too difficult”, “the final exam didn’t covered the full course” etc.

7. Students answer sheet transcripts are usually lost when the result is prepared. For students these are useful to see their weaknesses, for instructors they are useful to check back records.

These problems become worse as the number of students in the classroom increases. In this paper we propose a solution to these problems. In section 2 we have given detail of the related work; the problems in the methods of the related work are also identified in this section. In section 3 we give detail of our suggested method. In section 4 we

give conclusion of the research work. In section 5 we give a food of thought for researchers for future work in this area.

II. RELATED WORK

Researchers have worked in the field of using handheld devices for tests and have proposed methods that are based on either Short Message Service (SMS) or Wireless Application Protocol (WAP). The idea of using handheld devices for tests in classes was provided by [1]. In this paper the researchers provided the idea of using handheld devices for taking concept tests in the classes. The concept test was used to determine whether the material covered in the class was understood by the students or not? They experimented it on a Windows CE device. They found that most of the students preferred the use of handhelds for this purpose to the use of a show of hands or holding up of flashcards. In their research they suggested that this approach was used only for small concept tests and cannot be used for taking actual tests used for grading of the students. They suggested that in order to take such tests, a large database is to be maintained to which the questions can be added by topic and when required a test can be taken. They also suggested for an improved security considerations for such tests. Another method of M-Quiz using SMS was given by [2]. In this method a low-cost SMS-based system is proposed. The proposed method targets average budget conscious educational institutions. In this method the questions are presented to students in PowerPoint slides. The students answer the questions through an SMS message and they follow certain guidelines while writing answers in the SMS. The students get their results by connecting to the Internet. Another work of using SMS for M-quiz was done by [3]. In this method the questions are sent to the students in SMS. The answers to the questions are also sent to the students using image steganography. Steganography is “the art through which writing is hidden requiring recovery by the minds of men” [4]. Another definition given by [3] “Steganography means hiding information in a cover media so that the others will not notice that such information exists.” Since the answers are given in the steganographic image these cannot be revealed by the students. The student after completing the quiz gets his/her grade without connecting to the Internet. The grade of the student is sent to the instructor in an SMS message. The research work by [2] and [3] is a good step forward in the field of M-Quiz but lacks a common feature and that is the availability of an easy to use interface for the instructor for creating a questions database, creating a test from selected topics and automatic checking of the test results through software. Our research addresses these problems and gives a complete picture of the proposed M-Quiz method. We call our method as jM-Quiz because it requires a java-enabled handheld device for students.

III. THE SUGGESTED METHOD As with previous methods our method has two main actors i.e. the instructor and student. The proposed architecture of our proposed method is given in figure-1.

Using Mobile Phones for Quizzes in m-Learning Environments Haider Ali 1, Dr. Saeed Mahfooz 2

1 CECOS University Peshawar 2 Department of Computer Science University of Peshawar



89

Fig. 10 Architecture

As given in figure-1 the proposed architecture has following components:

1. A web server; we suggest Apache web server. 2. MySQL database for quiz database 3. Server side php scripts for interacting with instructor and

j2me client application on student’s handheld device. 4. J2ME-enalbled handheld device like mobile phone or

PDA. 5. Cleint application written in j2me and installed on student

handheld device.

A. The Instructors Activities The proposed method will provide a web-based interface to the instructor that will be accessed by the instructor through a PC and Internet connection to perform the following tasks:

1. Adding questions to the question database 2. Creating a test 3. Compiling the test results

1) Adding questions to the question database The system offers facility to establish a questions database. The instructors can add questions as and when he/she gets spare time. Following entries are entered by the instructor to add questions:

• Course ID: as the questions may be added for different courses,

• Topic: This is the selected from the list of the topics given in the course outline. Purpose of storing the topic is that when the test is taken the instructors may select from different topics.

• Question: The question written in free text format. • Answer options: A list of options that will be displayed to the

student, from which the student will select. • Correct Answers: A list of correct answers is stored in the

database such that when the students submit his answers, they are compared with the correct answers and the result is prepared.

Multiple instructors teaching the same subject can add questions

to the questions database. The questions database is kept on a server with all instructors having access to it.

2) Creating a test The instructor may create a test/quiz by invoking the ‘Create Test’ module. Following steps are taken to create a test:

• A drop-down list of courses is presented to the instructors; the instructor selects the course ID.

• When the course ID is selected by the instructor, he is presented with a list of topics. The instructor may select multiple topics.

• The instructor also enters the maximum time for completing the test, the total number of questions and the total marks allocated to this test.

• When the instructors presses the CREATE TEST button, the Create test module selects at random the required numbers of questions from the topics selected and stores them separately and gives the instructor a unique Test ID for that test.

• The instructor provides the test ID to the students which is used by the students for downloading the test.

Fig. 2 Adding Questions to Questions Database

Fig. 3 Creating the Test

3) Compiling the test results The instructor may create certain analysis reports like:

• Test result of a particular test showing all student IDs with their score. This report is displayed to students.

• Individual students report showing detail of all the tests. This report is e-mailed to individual students.

• Topic-wise scores showing the topic, correct and incorrect answers to examine the weak areas of the students.

B. The Students Activities The students interact with the system using a java-enabled handheld device like mobile phone or PDA. The students have to perform the following tasks during the course of different interactions with the system:

1. Installing the client application on mobile device. 2. Downloading the test. 3. Performing the test. 4. Submitting the answers. 5. Viewing the test result.


90

1) Installing the client application on mobile device The client application needs to be installed on student’s mobile device for interaction of student with the system. The application can be installed by using Over the Air (OTA) protocol from the web server. The application may also be downloaded to the PC and then connecting the mobile phone with PC via USB cable, infrared or Bluetooth.

2) Downloading the test The instructor announces the Test Code to the students, the students give the Test Code and test is downloaded in the student’s mobile device.

3) Performing the test When the student starts the test the question are displayed on the student mobile device and the student can answer the questions by using the keys of the mobile device. The system provides navigation buttons for moving forward and backward in the test paper.

Figure 4: Taking the Test

4) Submitting the answers When the student finishes answering all the questions, he/she presses the submit button and the answers are sent to the web server using http. In this portion of the system the j2me code on the client device interacts with the php code on the server side. 5) Viewing the result When the answers are submitted by the student these are automatically checked by the software on the server and the results are stored in the database. The results can be seen by the student by connecting to the web server using http.

IV. CONCLUSION Quizzes are one of the most commonly used tools used by instructors for evaluation of their students. In this paper we identified some problems faced by instructors in taking quizzes. We have studied the related work of taking the quizzes using handheld devices. The proposed methods in the related research work were thoroughly studied and some problems were identified. The major problems in these proposed methods were that little attention was given to the instructor interface for adding questions in the database, making a new test and automatic checking of answers. In this paper we have proposed a method that addresses all the key areas of the M-Quiz application.

V. FUTURE WORK While some components of our proposed system have been developed, the development of complete prototype system needs attention. We will recommend the development of complete prototype system for this method. The prototype application can then be tested on quizzes for different courses in an educational institution.

VI. REFERENCES

[1] C. Franklen, M. Brad, and Y. David, “Using Handheld Devices for Tests in Classes”, Human-Computer Interaction Institute School of Computer Science Carnegie Mellon University Pittsburgh, PA 15213, July 2000.

[2] Alexi Triakov, and Kinshuk, “Creating a Pervasive Testing Environment by using SMS”, Proceeding of IEEE International Workshop on Wireless and Mobile Technologies in Education (WMTE’05), IEEE Computer Society, 2005.

[3] Mohammad Shirali Shahreza, “M-Quiz by SMS”, Proceedings of the Sixth International Conference on Advanced Learning Technologies (ICALT'06), IEEE Computer Society, 2006.

[4] J.C Judge, “Steganography: Past, Present, future”, Lawrence Livermore National Laboratory US Department of Energy 2001.

[5] André N. Klingsheim, Vebjørn Moen, and Kjell J. Hole, “Challenges in Securing Networked J2ME Applications”, Computer Magazine, IEEE Computer Society, pp. 24-30 August 2007.

[6] O. Chito, J. M. Leonard, I. Black, V. S. Joshep, “The Mobile Conference Information System, Unleashing academic conferences with Wireless Mobile Computing”, Proceeding of the 35th Hawaii International Conference on System Sciences (HICSS-35’02), 2002.

[7] Jason Lam, “PHP Interacting with J2ME”, http://www.devarticles.com accessed on January 2008.

[8] James Keogh, “J2ME - The Complete Reference”, Tata McGraw-Hill Publishing Company Limited 2003.

[9] Stephen W. Thorpe, “Online Student Evaluation of Instruction: An Investigation of Non-Response Bias” 42nd Annual Forum of the Association for Institutional Research Toronto, Canada, June 2002.

[10] Julie C. Meloni “Sams Teach Yourself PHP, MySQL and Apache in 24 Hours”, Sams Publishing 2002.


91

Abstract — Traffic Engineering has become an essential tool in the design and implementation of large networks as the requirement for efficiency, reliability and QoS has increased. Data communication technologies are fastly developing in the recent years but the growth of data traffic in networks is very faster than the capacity of network. Network traffic delays are usually the result of congestion in networks, and these congestions can cause packet delays and consumption of more network resources, as a result decreasing the Quality of service QoS. One of the main objectives in optimizing network resource utilization is to balance the network load by bandwidth re-allocation and re-routing techniques. In this paper a comparison of different load balancing schemes for MPLS networks using re-allocation and / or re-routing is made.

Index Terms — MPLS, Traffic Engineering, QoS,

Congestion Control

I. INTRODUCTION Multi Protocol Label Switching (MPLS) [10] is a data-carrying mechanism that belongs to the family of packet-switched networks. MPLS operates at an OSI Model layer that is generally considered to lie between traditional definitions of Layer 2 (data link layer) and Layer 3 (network layer), and thus is often referred to as a "Layer 2.5" protocol. It was designed to provide a unified data-carrying service for both circuit-based clients and packet-switching clients which provide a datagram service model. It can be used to carry many different kinds of traffic, including IP packets, as well as native ATM, SONET, and Ethernet frames. MPLS as a new technology tries to overcome the problems of traditional IP networks routing by adding a label to IP packet and forwarding this packet on the basis of label. Traffic Engineering is a technique to control the routing of traffic through network and ensuring efficient and balanced use of network resources and also satisfying the QoS requirements [1]. The main objective is the optimization of performance of Network by efficient utilization of network resources. This may be done in MPLS network by creating new label switching paths (LSP’s) or by the re-routing of existing LSP’s so as to decrease the congestion and splitting the overall traffic among different parallel LSP’s. The LSP configurations work well as long as the network conditions do not change from the data initially given. However in dynamic networks this type of mismatch can not be avoided between traffic forecast and actual load. Due to this some LSP’s may be underutilized and some over utilized [1]. So a load balancing mechanism must be implemented which can minimize the over and underutilization of LSP’s. LSP’s can be rerouted due to many reasons such as failure or recovery of the node. When a link fails LSP is re-routed. Re-routing consumes processing power and is time consuming, so we want to improve the rerouting mechanism and to reduce the number of LSP’s rerouted. The key idea is to efficiently re-route LSP’s from most congested links in the network so as the overall links load is balanced and allow better use of resources. The rest of the paper is organized as follows. Section 2 describes the Congestion control policies, section 3 presents traffic engineering capabilities of MPLS networks, section 4 presents a bandwidth

re-allocation mechanism, section 5 discusses a load balancing scheme for congestion control, section 6 presents an idea of priority base congestion control in MPLS networks, section 7 gives an idea of QoS using traffic engineering, section 8 presents a load balancing algorithm supporting QoS, section 9 presents critical review and section 10 concludes the paper.

II. CONGESTION CONTROL MANAGEMENT The main objective of the ISP’s is reducing traffic congestion to provide better QoS. There are various types of congestion control schemes [9]. These falls into three categories: Response time scale which may be described as long, short and medium, Reactive vs. Preventive and Supply side vs. Demand side. • Response Time Scale

These can be categorized as; 1. Long when it refers to the capacity upgrading of network by

anticipating future traffic demands. It may take weeks to months to upgrade network.

2. Medium when it refers to monitoring the traffic distribution and utilization of network resources that subsequently provides feedback to online or offline traffic engineering mechanism.

3. Short, when it refers to packet level for control / signaling congestion function.

• Reactive Vs. Preventive:

Reactive strategies respond to congestion problems by reducing them, while Preventive strategies avoid the congestion by predicting future congestions.

• Supply side vs. demand side: Supply side congestion management policies increase the available capacity to traffic demands so as to decrease congestion. With Demand side traffic is regulated to improve congestion problems.

III. TRAFFIC ENGINEERING CAPABILITIES OF MPLS NETWORKS

In MPLS IP header analysis is done only at the ingress router. This process simplifies and speeds up the routing process. A label assigned in an IP header associates to a Forwarding Equivalence Calss (FEC). Packets in a FEC are treated in the same manner. The binding of labels and FEC’s is done by Label Distribution Protocol (LDP). From traffic engineering perspective flow of MPLS network should be examined before making a path. If traffic of similar type (belonging to same FEC) is mapped onto the LSP performance could be better. Traffic engineering operations can optimize the performance of networks both at traffic level and at resource level. Using the explicit routes, gives the ability to manage network resources efficiently and support new services. Traffic trunk has traffic of same class and is routed along the same path. All Traffic inside a traffic trunk has the same label and same 3-bit class of service [7]. Traffic trunk can be set up between any two nodes and same egress node can have multiple parallel trunks. Trunking results in separation in competing traffic flows and automatically leads to a

LOAD BALANCING FOR CONGESTION CONTROL IN MPLS NETWORKS

Peer Azmat Shah, Muhammad Maaz Rehan Department of Computer Science,

Mohammad Ali Jinnah University Islamabad, Pakistan. Email: {[email protected], [email protected]}


92

traffic engineering ability and better QoS. Traffic engineering implementation on Linux can be seen in [5].

IV. A BANDWIDTH RE-ALLOCATION MECHANISM Jose L Marzo [2] proposed a dynamic virtual path allocation scheme. For load balancing, to increase network performance, a virtual path uses two ways. First way is to establish more than one path from host to destination. When connection is established, use the most convenient path. Second way is the reallocation of resources among different paths.

Fig. 1 Bandwidth re-allocation and re-routing

When different paths of network are congested, then a connection that could be accepted, in case of better traffic, is rejected. If in the same link paths are congested then the bandwidth is reconfigured i.e bandwidth reallocation occurs and if all the paths in a link are congested and no bandwidth is available, then routes are altered i.e path re routing occurs. If a link is shared by two or more LSP’s then to fulfill the request of an LSR the bandwidth of LSP’s can be reallocated in such a manner that QoS does not affect.

V. A LOAD BALANCING SCHEME FOR CONGESTION CONTROL IN MPLS NETWORKS

A technique to reduce congestion in MPLS networks by using a load balancing mechanism [3] is based on local search method. Basic idea is to efficiently reroute LSP’s from most congested links, in order to balance overall links load and to allow a better use of network resources. Most of congestion control schemes are preventive. These techniques allocate paths in the network so that to prevent the congestion. The network presented by Elio Salvadori [3] consists of n routers and a subset of ingress-egress routers. When a connection request arrives at an ingress router then it determines the explicit route for LSP by inspecting the topology and available residual capacity of each link. Each router in the network must know the network topology and the residual capacities of each link. A request for connection i is defined by (ii , ei , bi ) [3]. Where i is ingress router, e is egress router and b is the bandwidth required. The LSP’s are routed through the network according to routing scheme. The virtual load of a link is determined by summing the bandwidth bi. The residual bandwidth is equal to the difference between link capacity and the virtual load. If the residual bandwidth is minimum then it means that path is congested. Paper presents a load-balancing algorithm named as DYLBA [3]. The algorithm dynamically balances the bandwidth (load) by inspecting each link that whether it is congested or not. If a link is found congested then a

set of alternate paths to re-route an LSP are found. And the re-routing of traffic over the alternate LSP is executed.

A. Working of DYLBA Dynamic Load Balancing Algorithm calculates the network load by using a parameter x, which indicates the threshold value for the link residual bandwidth which is measured as a fraction of link capacity. X determines when a link is considered congested. DYLBA is triggered only when setup of new LSP causes the detection of network congestion. i.e. when residual bandwidth left on a link is x. First set of alternate paths are found and a most promising move is selected randomly and then rerouting of traffic over alternate LSP is executed.

VI. PRIORITY BASED CONGESTION CONTROL IN MPLS NETWORKS

Priority based congestion control [4] has the goal to manage traffic to achieve maximum throughput by maximizing the capacity of network resources with very low packet loss. This type of technique requires a close collaboration between sending and receiving nodes to determine the network traffic. The system presented uses the approach that ingress router collaborates with the receiver instead of sender communicating with the receiver [4]. When a packet comes at the ingress router it is assigned an MPLS label based on Forwarding Equivalent Class (FEC). While assigning FEC, the ingress router using the IP priority of packet establishes the sending rate. IP packet priority will be assigned by the sender or sender’s router before arriving at the ingress. The ingress starts sending packets and changes the sending rate dynamically by using the response from receiver. Receiver informs ingress by ACK about sending rate. It is important to determine when an ACK packet would be sent, to prevent the receiver from sending an ACK on every packet arrival, because sending an ACK for every packet results in an increase usage of network resources causing a decrease in maximum capacity of network. For this purpose receiver setup a timer which when expires ACK is sent to ingress. It is important to make sure that timer is neither too short nor too long. If ACK are sent too often, this will result in unnecessary traffic and cause an increase in network congestion. With too few ACK’s will cause decrease in QoS. Thus receiver decides the sending rate [4].

VII. QUALITY OF SERVICE USING TRAFFIC ENGINEERING OVER MPLS

To provide QoS in the network Wei Sun [6] presented an analysis of performance of TCP and UDP flows using MPLS traffic trunks. Traffic trunks carry a number of micro-flows carrying different transport types such as TCP or UDP. Mixing different type of transport can cause performance problems, unfairness for certain traffic. Services received by TCP and UDP flows are compared when they share either a link or an MPLS traffic trunk. When TCP and UDP flows are mixed in a trunk, TCP flows receive reduced service as the UDP flows increase their rate.

A. End –to-end trunks TCP and UDP have very different behavior when packets are lost TCP reduces its traffic, whereas UDP traffic is not affected when the packets are lost. Some experimental result has also been made in [6] which shows that when the TCP flows and UDP flow are using the same LSP, and UDP flow increase its rate ,TCP flow decreases and when UDP flow reaches to maximum bandwidth, TCP flow become zero. By separating the UDP flow from TCP flow using class based queuing [6] so as bandwidth is properly allocated to all different


93

trunks at the router. Here when we increase the UDP flow rates, TCP source is not affected too much. Although fair constant rate of TCP is achieved at the overhead by maintaining the separate queue for each of the trunk at each of the router [5].

B. Non –end –to-end Trunks. Here trunks are not end to end. Trunks are initialized at Router 2, here the flow interfere with each other for some part of path, since Router1 does not make a distinction between various flows. At R1 the flow are treated almost identical and during the period of congestion TCP reduces there flow rate. This lead to very poor throughput for TCP source although they are treated distinctly at R2. Therefore different type of flows should be secluded in different traffic trunks so as to guarantee the QoS.

VIII. A LOAD BALANCING ALGORITHM SUPPORTING QOS FOR TRAFFIC ENGINEERING IN MPLS

Queue tuning algorithm (QTA) [8] is used to support QoS for Traffic engineering in MPLS networks. This algorithm maps different type of traffic on different queues while the order of the packet within a flow of traffic remains unchanged. Traffic engineering need load balancing and load splitting. Traffic with different QoS requirements is distributed by the QTA. QTA checks the state of LSP and distributed the traffic dynamically to LSP’s to improve their efficiency. TE architecture consists of three parts, Traffic splitter, packet from incoming link is received at traffic splitter and then packets are divided into different parts. Traffic distributor forwards the packet to different LSP’s seeing the result of measurement analysis. Measurement analysis measures the delay, jitter, and bandwidth of all LSP’s. Traffic splitting is executed at the packet forwarding path for every packet, and there it introduces per packet overhead, packet splitter need to avoid packet disorder within a TCP flow. Different traffic splitting algorithm has been suggested in past. Among all of these hash based traffic splitter performance is best. Hash based CRC16 [8] is more complex than other systems but it is implemented on high speed systems more efficiently.

A. Working of Load balancing Algorithm Only ingress and egress router of MPLS network uses QTA. It does not know about the intermediate router. Two types of traffic are described, best effort traffic (BE) and expedited forwarding traffic (EF). Implementation architecture is in [6].Classifier divides the packet into two different type of traffics. EF traffic should be forwarded so fast that QoS requirement is achieved. BE traffic needs no QoS requirement. Different type of traffic enters to different queue seeing the result of Hash based CRC16. QTA maps the traffic from queue onto the LSP so as to obtain the QoS requirement.

IX. CRITICAL REVIEW The papers studied so far for survey of “Towards QoS by efficient bandwidth management and congestion control in MPLS networks: An analysis*” present different techniques for efficient bandwidth management and congestion control in MPLS networks. There are many issues to be discussed in these.

In [2] a resource management system was presented. When the congestion appears permanently a change in the configuration of network is done. In this situation a traffic that was present on the LSP is stopped and there is no restoration of failed traffic. Also when some LSP becomes congested and some under utilized, a connection that can be established, if traffic load was balanced, is rejected. It might be possible that this connection has very high priority but resource management system does not accept this connection. A solution for this technique is presented in [4]. In [4] a technique is discussed that the sending rate is decided by receiver and not by sender. This is done by sending ACK from receiver to sender. A good thing in the paper is that it uses priority based congestion control. [3] Presents an algorithm DYLBA which checks each link on network whether it is congested or not, if it is congested then it finds alternate paths and the traffic is sent through that alternate path. The paper does not give any idea that when no alternate path is found what will happen. [8] discusses load balancing algorithm it suggests that if load on LSP1 is increased and LSP2 load is less, then transfer the traffic to LSP2. But it is ideal situation that load on LSP2 may be less, if no LSP is found having less load, traffic should be dropped which is drawback of this algorithm. [7] Gives idea that TCP traffic flow must be separated from UDP traffic flow so as to increase throughput of TCP but does not give a mechanism to separate these two types of traffic.

X. CONCLUSION: In this survey paper different techniques were studied to achieve QoS by efficient bandwidth management and congestion control in MPLS Networks. All the techniques have advantages as well as shortcomings e.g Priority based congestion control does not support the ACK from receiver to sender for each packet received but it handles packets on the basis of priority. Similarly load balancing scheme and QoS in IP based core networks do not support the priority based congestion control.

REFERENCES: [1] Sanda Dragos, Radu Dragos. “Bandwidth management in MPLS

networks” [2] Jose L Marzo. “Towards QoS in IP based core networks”. Acciones

Integrates program ref. HI1998-0032 [3] Elio Salvadori, Roberto Battiti. “A load balancing scheme for

congestion control in MPLS networks”. Proceeding of eigth IEEE international symposium ISCC’2003.

[4] Scott Fowler. “Priority based congestion control in MPLS networks”. Proceeding of advance industrial conference on telecommunication IEEE 2005.

[5] A Hafid. N. Nataranjan. “Adaptive Dynamic Traffic Engineering”. IEEE 2006.

[6] Wei Sun, Parveen Bhaniramka “QoS using Traffic Engineering over MPLS” Proceedings of IEEE 25th annual conference, 2000.

[7] Mansoor Alam “Study of traffic Engineering capabilities of MPLS networks” Proceedings of IEEE International conference on information technology, 2005.

[8] Bing-Feng Cui “Aload balancing Algorithm supporting QoS for Traffic Engineering in MPLS networks” Proceedings of fourth international conference on computer and information technology, IEEE 2004.

[9] D. Awduche, A. Chiu, A.Elwalid, I. Widjaja and X. Xiao.” Overview and Principles of Internet Traffic Engineering” RFC 3272 IETF 2002.

[10] http://en.wikipedia.org/wiki/mpls


94

Abstract — In recent few years, many efforts has been put into account for solving most of the important challenges of Wireless Local Area Network (WLAN) and Ad-hoc network. WLAN has wireless connection within a network it based on fixed infrastructure and range of WLAN is approximately 100m. In Ad hoc due to mobility of node or the absence of fixed infrastructure, this network can be deployed anywhere any time. One of the emerging forms of Ad-hoc network is Mobile Ad-hoc Networking (MANET) that advocates wireless interconnection between devices which will be self organized and can be extend or operate in recital with the wired networking infrastructure or can grow in Autonomous networks too. Because of intermediate nodes in MANET which have arbitrary and malicious behavior a new security challenge exist in MANET as compared to the wired network which has fixed infrastructure.Mobile ad-hoc networks are also a good alternative in rural areas or third world countries where basic communication infrastructure is not established. Minimal configuration and quick deployment make mobile ad-hoc networks (MANET) suitable for emergency situations like natural disasters or military conflicts. In this Paper a D-WLAN architecture model is proposed for integration between WLAN and MANET to make them to communicate with each other via a single node which is an intermediate node using feature of both WLAN and MANET.

Index Terms — WLAN, MANETs, AP, BSS, ESS

I. INTRODUCTION

D-WLAN architecture model is designed to provide significant improvements in system capacity and performance relative to data sharing in networking environment. The proposed architecture is motivated by the fact that there are a lot of similarities between WLAN and MANET, but communication between both of them was not possible due to the different protocol architecture. If we have both network together and want to share the data of each other so firstly should know the location of nodes with-in the network. Thus requiring effective integration of wireless local area network “WLAN” with the Mobile ad-hoc wireless network (MANET) nodes. This D-WLAN architecture model is applicable to a number of emerging ad-hoc networking scenarios including extended wireless local-area networks and home wireless networks. WLAN network covers approximately 100 m range dependent on fixed infrastructure and MANET also covers a small area and it is self organized network. In WLAN an IEEE 802.11 architecture model is used where movement of data packets with in network is controlled by Data link layer. Data Link layer is divided into two layers 1) MAC layer 2) LLC layer. In MANET every node keeps track of its neighboring node in form of table due to the DSDV protocol. If location of node is known then nodes can communicate with each other. In this paper we are embedding DSDV (discovery) protocol into the data link layer of IEEE 802.11 architecture.

This approach adapted here is based on the DSDV Discovery that scale well and integrate naturally with the existing IEEE 802.11 Model, while retaining much of the coverage area of MANET. Before due to different protocol architecture both networks can not recognize each other, but now D-WLAN architecture is know for both WLAN and MANET. So communication between them is possible.

II. SYSTEM OVERVIEW

A. WLAN Wireless LAN technology is comparatively slower than wired LAN. Wireless LANs have a nominal data transfer rate of between 11 and 54 Megabits per second (Mbps) compared to most wired LANs in schools which operate at 100Mbps. Newly installed wired networks can now operate at up to 1,000Mbps (1Gb). [8]

B. Working of WLAN In a typical LAN configuration, receiving, buffering, and transmitting information between the wireless LAN (WLAN) and the wired network infrastructure is performed by a device called Access Point (AP). A single access point supports a number of users and functions within a specified range (the maximum number of devices connected simultaneously for Bluetooth standard is seven). The access point and its antenna are usually mounted on a ceiling or wall to obtain the best coverage. [9] Ranges of AP depend on the power of output units. Normal range for class 1 units is 50 to 70 meters. Usage areas are restricted to client’s needs. Among the multiple possibilities we can find: conference rooms, home, hotels, boats, trains, hospitals, factories, airports, etc.[9]

III. ARCHITECTURE OF WLAN

A. IEEE 802.11 Architecture Fig 1 shows that model developed by the 802.11 working group. Basic service set (BSS) is the basic building block of wireless LAN.

The BSS may connect to a backbone distribution system (DS) through an access point (AP). The DS can be a switch, a wired network, or a wireless network. [10] The association between a station and a BSS is dynamic. Stations may turn off, come within range, and go out of range. An extended service set (ESS) consists of two or more basic service sets interconnected by a distribution system. Typically, the distribution system is a wired backbone LAN but can be any communications network. The extended service set appears as a single logical LAN to the logical link control (LLC) level. AP is the logic within a station that provides access to the DS by providing DS services in addition to acting as a station. To integrate the IEEE 802.11 architecture with a traditional wired LAN, a portal is used. The portal logic is implemented in a device, such as a bridge or router, that is part of the wired LAN and that is attached to the DS. [10]

INTEGRATION BETWEEN WLAN & MANET Sumaira Kanwal 1, M.A Ansari 2 1 SZABIST Islamabad, Pakistan 2 FUUAST Islamabad, Pakistan



95

Fig. 1 IEEE 802.11 Architecture [10]

B. Protocol Architecture of WLAN Fig 2 shows the IEEE 802.11 Protocol Layers Compared to OSI Model. This architecture was developed by the IEEE 802 committee and has been adopted by all organizations working on the specifications of LAN standards. It is generally referred to as the IEEE 802 referred model. [10] Working from the bottom up, the lowest layer of the IEEE 802 referenced model corresponds to the physical layer of OSI model and includes such functions as

• Encoding/ decoding of signals • Preamble generations/ removal (for synchronization) • Bit transmission /reception

Above the physical layer of the functions associated with providing services to LAN users. These include the following:

Fig. 2 IEEE 802 Protocol Layers Compared to OSI Model [10]

• On transmission. Assemble data into a frame with address and error detection field.

• On reception. Disassemble frame, and perform address recognition and error detection.

• Govern access to the LAN transmission medium. • Provide an interface to higher layers and perform flow and

error control. [10] These are the functions typically associated with OSI layer 2. The set of functions in the last bullet item are grouped into a logical link control (LLC) layer. The functions in the first three bullet items are

treated as a separate layer, called medium access control (MAC). The separation is done for the following reasons. [10]

• The logic required to manage access to a shared-access medium is not found in traditional layer 2 data link control.

• For the same LLC several MAC options may be provided.

IV. AD-HOC NETWORKS In Wireless Ad-hoc Network the communication links are wireless, this is called Ad-hoc because each node is willing to forward data for other nodes so the decision which node forward data is made dynamically based on the network connectivity due to mobility issue. They can allow users to access and share data, applications, internet access or other network resources in the same way as wired networks. [8]

Fig. 3 Ad hoc [1]

V. MANETS It is a collection of nodes which do not depend on a predefined infrastructure to keep the network connected. Due to non-dependency on fixed infrastructure it can be formed, merged together or partitioned into separate network on fly to manage it operations. Adhoc networks node are often mobile so that they apply wireless communication to maintain its connectivity so they are called (MANET) Mobile Adhoc Networks while it may contains static and wired nodes which can use the services offered by the fixed infrastructure.[3]

A. Characteristics of MANETs MANETs have several characteristics that have to be identified when discussing the underlying technology of ad hoc networks.

• Topologies are dynamic. Nodes are free to move arbitrarily, which means that topology may change randomly and rapidly.

• Broadcast transmission overhearing is possible. • Network is bandwidth-constrained and capacity of the

links may vary. Wireless links have significantly lower capacity than wired links.

• MANET is a bidirectional connection. • Operations are energy-constrained. Most nodes in a

MANET are usually running on batteries or on other exhaustible means.

• The physical security is limited. Ad hoc networks are generally more prone to physical security threats than fixed-cable networks. [3]

B. Architecture of MANETs A mobile ad hoc network (MANET) consists of mobile nodes that connect themselves in a decentralized, self-organizing manner and may also establish multi-hop routes. Each MANET interface is a broadcast interface, typically, but not necessarily, wireless. With only those nodes which are within its coverage area. In fig the coverage area is indicated by a fixed radius disc, but in real world it is variable according to environment. [2]

IEEE 802.x LAN

ESS Extended Service Set

Distributed system

Portal

BSS Basic Service Set BSS

AP STA 1

AP STA 5

STA 2

STA 4

STA 3STA 6

STA 7


96

Fig. 4 MANET [6] Nodes (N) with MANET interfaces. The light grey area indicates the coverage area of each MANET interface. The dark grey circle indicates the interference area of the MANET interface of N3. 1) Hidden Terminals A property of MANETs which is commonly brought forward is the ”hidden terminal problem”: if N3 through some protocol agrees with its neighbors (N2 and N4) that it will, for the moment, have exclusive access to the wireless media via its MANET interface, then N3 may go ahead and make a transmission. However, if at the same time N1 also transmits over its MANET interface, then the transmissions of the MANET interfaces of N1 and N3 may appear concurrently at the MANET interface of N2 potentially interfering and causing N2 to receive neither of the transmissions. [2] 2) Symmetric vs Asymmetric Connectivity We can say that if communication from one interface to another interface is possible in one hop, then communication in the inverse direction is also possible, so the connectivity between neighbor’s interfaces is symmetric. [2] Let suppose the coverage area of N1 is large due to some reasons like powerful transmitter or large antenna and N2 can receive the transmission of N1. on the other hand the coverage area of N2 is smaller the N1 in such a way that the transmission from N2 can not be received by N1.

Fig. 5 MANET: neighbor asymmetry. [6]

Thus an asymmetric – or more precisely, a unidirectional connectivity between the MANET interface of N1 and the MANET interface of N2 exists: N2 sees N1 as a neighbor (since the MANET interface N2 can receive transmissions from the MANET interface of N1), whereas N1 does not see N2 as a neighbors (since the MANET interface of N1 can not receive transmissions from the MANET interface of N2). Thus, MANET neighbor relationships are non-reflective. [2]

VI. ROUTING PROTOCOL IN MANET Each node in an ad hoc network participates in forming the network topology; each node is on its own part responsible for routing packets between other nodes, too. There are many different routing protocols that provide information to forward packets to the next hop. In ad hoc network it would be necessary to manage topology changes, as all the nodes are required to run routing protocols. [3]

A. Protocols MANET routing protocols are divided into three categories. 1. Proactive protocols 2. Reactive protocols 3. Hybrid protocols

B. DSDV (Destination Sequenced Distance Vector) DSDV is proactive protocol and traditional distributed shortest-path protocols which maintain routes between every host pair at all times. Based on periodic updates; high routing overhead. It also maintains the routes which are never used. DSDV protocol keeps the simplicity of Distance Vector. In this protocol Guaranteed Loop Freeness. This means that there will be new table for entry of Destination Sequence Number. It also allows fast reaction to topology changes. It makes immediate route advertisement on significant changes in routing table but wait with advertising of unstable routes (damping fluctuations) [3].

VII. PROPOSED MODEL WLAN and MANET both are small range networks. Due to different protocol architecture both networks can not communicate with each other even they are in range of each other. In fig 6 the proposed system is trying to give an idea of sharing the features of MANET with WLAN. As MANET is self organized architecture and can be formed anywhere anytime and discovers its nodes. The main feature of MANET which is used in this proposed model is DSDV (Discovery) protocol. DSDV maintains routing table at each node. Each node maintains the information of all available destinations, the next neighboring node, the no of hops to reach the destination in routing table. This table is send to all neighboring nodes. Bi-directional links are required. DSDV protocol makes immediate route advertisement on significant changes in routing table, but wait with advertising of unstable routes. When new node is added, it immediately sends its sequence no. to all its neighboring nodes and nodes updates their table.

Fig. 6 Purposed Layer Structure D-WLAN Architecture/ Model.

A D-WLAN architecture model is proposed for communication between MANET and WLAN when they are in range of each other. Both network can share information between them, when nodes of these systems are close to each other. Whenever one or more nodes of MANET are in the range of WLAN, both networks can communicate with each other by an intermediate node in which DSDV (Discovery) protocol are used.


97

A. Discovery In traditional ad-hoc networks, there is no discovery phase and the routing protocol itself is responsible for building up topologies either using on-demand broadcast of route requests or by exchanging neighbor information proactively with one hop neighbors. While this may be sufficient for smaller networks, as the number of nodes increases, it results in denser physical topologies, leading to extensive routing message exchanges. The problem is more severe in a multi-channel network where the multiple nodes that need to communicate could be on different radio channels. In this case, the routing messages need to be propagated across multiple channels in order to enable data transfer from one node to the other. [7]

B. DSDV (Discovery) protocol The main function of DSDV is to maintain the data base of each and every node of network by using this discovery feature. DSDV maintains routing table at each node. Each node maintains the information of all available destinations, the next neighboring node, the no of hops to reach the destination in routing table. This table is send to all neighboring nodes. Bi-directional links are required. DSDV protocol makes immediate route advertisement on significant changes in routing table, but wait with advertising of unstable routes. When new node is added it immediately send its sequence no. to all its neighboring nodes and nodes updates their table. In proposed model, which is D-WLAN architecture, a new sub layer is introduced in data link layer of IEEE 802 model. This new sub layer named DSDV (Discovery) having the features of discovery protocol of DSDV. In fig 6 DSDV discovery protocol is embedded on the second layer (i.e. Data Link Layer) of IEEE 802 Model, with the two already existing layers that is LLC and MAC. So the features of DSDV discovery protocols are also added in the Data Link layer of IEEE 802 Model.

C. Data Flow In IEEE 802 model data travels in form of packets. Whenever a packet arrives from the lower layer, this layer handles the packet processing and passes the information to the higher layers. Packets moves from physical layer to data link layer which is divided into two sub layers (MAC & LLC). Packet then enters in MAC layer then forwarded to LLC layer. Data flow in D-WLAN architecture in same sequence as in IEEE 802 architecture but when D-WLAN encounters a MANET node, third sub layer of data link layer become active and data from LLC layer is passed to DSVD (Discovery) layer and then passed to upper layer of model. DSDV (discovery) maintain record of every neighboring node and information related to nodes in form of table and this table is passed to every neighboring node, so WLAN can share the features of MANET through the DSDV discovery protocol. DSDV Discovery handles the discovery of nodes with in network. [3]

D. Working of D-WLAN MANET is small network which can be created anywhere anytime. Nodes in MANET are mobile. When any node of MANET finds WLAN network with-in its range. DSDV (Discovery ) protocol become active and immediately maintain record of neighboring node. Nodes of WLAN become the neighboring node of MANET. So nodes of WLAN can communicate with nodes of MANET through an intermediate node which can be a MANTE node which enters in range of WLAN. It is possible now that both network can communicate with each other and can share data of each other.

Fig. 7 Data Flow in the layers of D-WLAN

Fig. 8 Ranges of WLAN and MANET As shown in fig 8 , due to MANET mobility node B comes in the in the range of WLAN. Node B becomes a DSDV active node now and it will use the D-WLAN architecture with embedded DSDV (Discovery) protocol. Node B already have data of node A and immediately update its table and add information of new node which is node C .Node B will recognize node A and also node C. Node B will introduce Node A to node C as node B is familiar with the location of node A and node C due to the feature of DSDV protocol. So node B now becomes an intermediate node between node A and node C.

In fig 9 communications between nodes of MANET and WLAN is shown. Node B has the information of node A and when it comes in range of WLAN, it becomes a DSDV active node and it immediately updates the data. Node C now sends its sequence no to node B so node B now has information of node C. Now node B can communicate with node A and node C and in this context node A of MANET can communicate with node C which is node of WLAN. In proposed model provide integration between WLAN and MANET. MANET features are now embedded in WLAN and both networks can communicate with each other.

Fig. 9 Data Flow between nodes D-WLAN architecture is proposed integration between WLAN and MANET.

Upper Layers

MAC

LLC

DSDV (Discovery)

Data Link

Physical

WLAN Range

CB

DSDV active


98

VIII. CONCLUSION In today’s technological world one of the fastest growing technologies is wireless communication which also has importance in networking field. Due to the enhancement in wireless era made easy deployment of wireless communication networks in infrastructure as well as Ad-hoc environment too. In comparison in reference to the security issues there is a difference in these networks one has a centralized authority (infrastructure network) while other not. In this paper introduction about the WLAN and MANET (Mobile Ad-hoc Network) one of the hottest type of AdHoc network today in detail. In this paper comparison of MANET with WLAN is described on the basis of architecture and after finding the similarities between both, D-WLAN architecture model is suggested by using this architecture integration between WLAN and MANET is possible.

REFERENCES

[1] P. Gupta and P.R. Kumar. “Capacity of wireless networks. IEEE Transactions on Information” Theory, Volume 46, Issue 2, March 2000, Digital Object Identifier 10.1109/18.825799

[2] Jinyang Li, Charles Blake, Douglas S. J. De Couto, Hu Imm Lee, and

Robert Morris, “Capacity of Ad Hoc Wireless Networks”, in the proceedings of the 7th ACM International Conference on Mobile Computing and Networking, Rome, Italy, July 2001

[3] Vesa Kärpijoki, Security in Adhoc Networks Helsinki University of Technology Telecommunications Software and Multimedia Laboratory

[4] Humayun Bakht, “Understanding mobile ad-hoc Networks” [5] Donatas Sumyla “Mobile Ad-hoc Networks (manets)” [6] Thomas Heide Clausen “A MANET Architecture Model”, January 2007 [7] S. Ganu, S. Zhao, L. Raju, “architecture and prototyping of an

802.11-based self-organizing hierarchical ad- hoc wireless network (sohan)”, WINLAB, Rutgers University, 73 Brett Road, Piscataway, NJ 08854

[8] www.eng.nene.ac.uk/~idc/nets3/WLAN.doc [9]http://www.paradigma.cl/English/blue2net1_blue2net. Html [10] William Stallings “Wireless Communications and Networks” 2002 [11] http://www.javvin.com/protocolWLAN.html [12] http://www.windowsecurity.com/img/upl [13]http://www.kiikm.org/images/hierarchical networks .gif [14] Mesh Networks (2001) MEA product sheet, 2001,

<http://www.meshnetworks.com>.


99

Abstract — In recent few years, many efforts have been put into account for solving most of the important challenges of cellular telecommunication system. Continuation of an active call is one of the most important quality measurements in the cellular systems. Handoff process enables a cellular system to provide such a facility by transferring an active call from one cell to another. Handover and handoff are performed by all cellular telecommunications networks and they are a core element of the whole concept of cellular telecommunications. The concept of handover or handoff seems relatively straightforward; it is not an easy process to implement in reality. The process is quite complicated, and in early systems calls were often lost if the process did not work correctly. The factor lead to the customer dissatisfaction is failure in proper handover that can result in dropped calls, which in turn may lead to them changing to another cellular network provider. In this paper the basic focus is on the interference due to the same frequencies during softer handover. Frequency collusion will disturb the connected calls, distortion will occur or it may lead to drop the call. Authors here presented a new technique namely as M-FCCH. By using this technique handover become efficient and fast. M-FCCH allocates a beacon frequency as soon as MS enters in the conflicting area.

Index Terms — MS, BS, BTS, BSC, MSC, PSTN, GSM,

FCCH, Handoff/ Handover

I. INTRODUCTION

In GSM communications, there exist two types of interference. 1. Adjacent cell interference 2. Co-channel interference. In this paper authors have focused on call dropping / distortion due to co-channel interference. Co-channels are the same channels (or frequencies) that are used by different cells. To avoid this kind of interference, it is necessary to separate the co-channel by as great distance as possible. But by doing so, channel capacity will be compromised. M-FCCH is designed to provide significant improvement in system capacity and performance relative to handover. The proposed architecture is motivated by the fact that there are a lot of problems during softer handover like interference in call or it may lead to call dropping. Normal burst is used to carry the data signals and control channel which are initially used to establish a call. FCCH is used to find a free frequency to initiate a call at first time. If we get the interference in same frequencies due to the reuse concept then it encounters the frequency clash, which may lead to call dropping. To avoid this problem it requires effective handoff on a beacon frequency. M-FCCH architecture is applicable to every MS which establish a call in cellular network. Every call established in a cellular network first use the control channels to establish a call. FCCH is used to allocate frequency at very first time when mobile establish call. Data / voice bits travel at normal burst and it can be sending by MS and BTS both. In this paper FCCH is embedded in normal burst. M-FCCH is used to broadcast a beacon frequency as soon as MS encounters a conflicting region.

II. BACKGROUND

A. Handoff /Handover Continuation of an active call is one of the most important quality measurements in the cellular systems. Handoff process enables a cellular system to provide such a facility by transferring an active call from one cell to another. Different approaches are proposed and applied in order to achieve better handoff service. The principal parameters used to evaluate handoff techniques are: forced termination probability and call blocking probability. The mechanisms such as guard channels and queuing handoff calls decrease the forced termination probability while increasing the call blocking probability. [12]

B. The Handover Concept In cellular systems or wireless systems the freedom to be able to make and receive calls anywhere, at any time, creating a totally new dimension in human communications. Handovers are a key concept in providing this mobility. It makes it possible for a user to travel from one cell to another while having a seamless connection. [12]

C. Types of Handover / Handoff There are three types of hand off

• Hard Handover • Soft Handover • Softer Handover

1) Hard Handover The definition of a hard handover or handoff is one where an existing connection must be broken before the new one is established. One example of hard handover is when frequencies are changed. As the mobile will normally only be able to transmit on one frequency at a time, the connection must be broken before it can move to the new channel where the connection is re-established. This is often termed and inter-frequency hard handover. While this is the most common form of hard handoff, it is not the only one. It is also possible to have intra-frequency hard handovers where the frequency channel remains the same. [12] 2) Soft Handover The new 3G technologies use CDMA where it is possible to have neighboring cells on the same frequency and this opens the possibility of having a form of handover or handoff where it is not necessary to break the connection. This is called soft handover or soft handoff, and it is defined as a handover where a new connection is established before the old one is released. In UMTS most of the handovers that are performed are intra-frequency soft handovers.[6] 3) Softer Handover The third type of hand over is termed a softer handover, or handoff. In this instance a new signal is either added to or deleted from the active set of signals. It may also occur when a signal is replaced by a stronger signal from a different sector under the same base station. This type of handover or handoff is available within UMTS as well as CDMA2000.[6]

HANDOFF ISSUES IN CELLULAR NETWORKS Sumaira Kanwal 1, M.A Ansari 2 1 SZABIST Islamabad, Pakistan 2 FUUAST Islamabad, Pakistan



100

Fig 1 : Soft handover scenario [6]

Fig. 1: Soft handover scenario [6]

Fig. 2 Soft vs softer handovers[6]

D. Handoff Techniques in Cellular Networks Cellular network is a wireless network communicates via radio network. Mobile unit is a basic unit of cellular system, which communicates through radio link to an infrastructure of switching equipment interconnecting the different parts of the system and allowing access to the normal (fixed) Public Switched Telephone Network (PSTN). [5]

Fig. 3 Cellular Network [1]

1) Operation Of The Cellular Phone When a mobile phone is switched on, it registers with the appropriate BS, depending on its location, and its cell position is stored at the responsible MSC. When a user makes a call, the base station monitors the quality of the signal for the duration of the call, and reports that to the controlling MSC, which in turn makes decisions concerning the routing of the call. When a cellular phone moves from one cell to the other, the BS will detect this from the signal power and inform the MSC of that. The MSC will then switch the control of the call to the BS of the new cell, where the phone is located. This is called handover. It normally takes up to 400ms, which is not noticeable for voice transmission.

A cellular phone user can only use his/her mobile within the covered area of the network. Roaming is the capacity of a cellular phone, registered on one system, to be able to enter and use other systems. Those other systems must be compatible to enable roaming (i.e. they must have the same type of networks). In Europe, the standard cellular network is called GSM (Global System for Mobile Communication). Incoming calls to GSM users are routed to them, irrespective of where they are, as long as they are within Europe. [5] 2) Handoff Priority In Cellular System The probabilities of forced termination have been reduced by channel assignment strategies with handoff prioritization have.

a) GUARD CHANNELS By reserving a fixed or dynamically adjustable number of channels exclusively for handoffs, guard channels improve the probability of successful. For example, a reserve N channel for handoff among C channels in the cell means that priority is given. The remaining (C – N) channels are shared by both new calls and handoff calls. [10]

b) QUEUING OF HANDOFF Queuing is a way of delaying handoff, the MSC queues the handoff requests instead of denying access if the candidate BS is busy. Queuing new calls results in increased handoff blocking probability. The probability of a successful handoff can be improved by queuing handoff requests at the cost of increased new call blocking probability and a decrease in the ratio of carried-to-admitted traffic since new calls are not assigned a channel until all the handoff requests in the queue are served. Queuing is possible due to the overlap region between the adjacent cells in which MS can communicate with more than one BS.[10]

Fig. 5 Illustrate ration of a handoff scenario at cell boundary [10]

III. PROBLEMS & REASONS OF HANDOVER IN CELLULAR NETWORKS

A. Power control of mobile station transmissions during handoff in cellular Networks A method and apparatus for controlling the transmission power of a mobile station during handoff of a call between base stations of a cellular system .The desired transmission power of the mobile station may be determined based on measurements made on the pilot channel of the target base station at the mobile station. Alternately, base station power classes may be defined for the cellular system so that each base station at which it is desired to receive mobile station transmissions at a signal level within a selected range is assigned to a power class associated with that selected range A mobile station involved in a handoff can determine the power level at which it should begin transmitting on a new


101

traffic channel during handoff by determining the power class of the base station to which the new traffic channel is assigned. [14]

B. Call Dropping 1) No Channels Are Available If signals of MS is getting low and before handing over call drops due to unavailability of channel. Sometimes BSC is overloaded and have no free channels are available. 2) Prioritizing Handoff One method for giving priority to handoffs is called the guard channel concept, whereby a fraction of the total available channel in a cell is reserved exclusively for handoff requests from ongoing calls which may be handed off into the cell. This method has the disadvantage of reducing the total carried traffic, as fewer channels are allocated to originating calls. Guard channels, however, offer efficient spectrum utilization when dynamic channel assignment strategies, which minimize the number of required guard channels by efficient demand –based allocation, are used. [14] 3) Degrade Call Quality When a call is established and having a lot of distortion and interference that the caller can not listen clearly, It means that call is getting weak signals or bad quality signals so call handed over. This type of handover can be any type handover like inter- handover or intra-handover. 4) Waste Of Capacity In Multiple Signaling Signal strike with the resistance like buildings, trees, walls etc… by sticking, signals become weak.

IV. YPES OF HANDOVER IN CELLULAR NETWORKS In a cellular network, the radio and fixed links required are not permanently allocated for the duration of a call. There are four different types of handover in the GSM system, which involve transferring a call between. [16]

1. Intra-Cell Handover 2. Intra-BTS Handover 3. Intra-BSC Handover 4. Inter-BSC Handover 5. Inter-MSC Handover

A. Intra-Cell Handover When call is established and it gets the weak signal at any area within the cell. As we know that different channels are allocated to a single cell. The MS is handed over to another channel on the same cell, under the same BTS. This type of handover is known as intra-cell handover.

B. Intra-BTS Handover When a call is established in a cell and start moving towards neighboring cell and due to weak signal strength handover is made. The MS is handed over to another channel on a different cell, under the control of the same BTS. This type of handover is known as intra-BTS handover.

C. Intra-BSC Handover When a call is established in a cell and start moving towards neighboring cells and cross the BTS boundary and enters in the range of new BTS. The MS is handed over to another channel on a different cell, under the control of a different BTS of the same BSC. This type of handover is known as intra-BSC handover.

D. Inter-BSC Handover When a call is established in a cell and start moving towards neighboring cell and cross cell boundary, cross BTS boundary and then cross BSC. When MS cross BSC boundary and signal strength become weak then hand over is made. The MS is handed over to another channel on a different cell, under the control of a different

BSC of the same MSC. This type of handover is known as inter-BSC handover.

E. Inter-MSC Handover When a call is established and start moving it cross cell boundary , cross BTS boundary, cross BSC boundary and the cross MSC boundary. When MS cross MSC boundary and signal strength become weak then handover is made. The MS is handed over to another channel on different cell, under another MSC of the same PLMN.

V. PERFORMANCE ISSUES IN CELLULAR NETWORKS

A. Frequency Reuse In a cellular system, frequency reuse is achieved by assigning a subset of the total number of channels available to each base station, and controlling the power output of the transmitters. In this way, a cellular network increases capacity (number of channels available to users).Adjacent cells are not allowed to operate at the same frequency since this causes interference between the cells. It would increase the capacity. But by doing so, a number of difficulties arise. Interference: decreasing the cell size, especially with a low repeat factor increases the problems of interference between cells which are using the same frequency. [10] Handovers: Decreasing the cell size increases the frequency of handovers, since a moving cellular phone would be changing cells more often. Since the MSC needs time to switch (for handovers), increasing the handovers will increase that time delay. [11] Since each cell is designed to use radio frequencies only within its boundaries, the same frequencies can be reused in other cells not far away with little potential for interference. The reuse of frequencies is what enables a cellular system to handle a huge number of calls with a limited number of channels. The objective is to use the same frequency in other nearby cells, thus allowing the frequency to be used for multiple simultaneously conservations. Generally, 10 to 50 frequencies are assigned to each cell, depending to the traffic expected.

B. Co-Channel Interference A cell using a set of frequencies can be used at some distance known as frequency reuse. These cells can have co-channel interference. Co-channels are the same channels (or frequencies) that are used by different cells. To avoid this kind of interference, it is necessary to separate the co-channels by as great distance as possible. But, by doing so, channel capacity will be compromised. [11]

C. Burst When we talk about the channels in GSM, we are essentially referring to what data and signals are sent across the air between the Base Terminal Station (BTS) and Mobile Station (MS). The burst structures define which form this transmission is done in, without describing the details of the physical form of transmission, i.e. the antennae, the power levels etc.[17] 1) Normal Burst Fig 6 shows the normal burst carries 142 bits of information, and it transmitted by both the BTS and the MS. This kind of burst is a very important one, as it carries the actual call data, as well as the signaling information. It has 2 sets of 57 bits of each, which carry the information needed for call setup, maintenance and call ending, apart from the audio information. There is also a training sequence, or “midamble” of 26 bits used for equalization, which is required for extracting the correct signal from the various reflections that are also received by the equipment, due to bouncing of signals in the natural environment. This is a continuous process, and the equalization bits help compensate for any problems found in the radio path, for e.g. by Rayleigh fading.


102

Fig. 6 Normal burst [17] There are also 2 “stealing” bits on either side of the training sequence bits. These bits are essentially stolen from the data bits, by the Fast Associated Channel. This happens when there is a handover from one base station to another, or when the Slow Associated Channel is unable to send information fast enough. Same behavior is obtained when there is a disruption in the RF transmission, so that extra control information is sent (thereby degrading quality of voice), so that the link can remain established and the two communicating equipments are synchronized. According to [17], these bits work either in “blank” or “burst” mode, depending on whether they are stolen or not. 2) The Frequency Correction Channel (FCCH) The FCCH is simply bursts of sine wave. This is the first channel the mobile station (MS) searches for upon attempting to establish itself for the first time in a new sector. Each base station system (BSS) broadcasts exactly one FCCH. The distinctive sine wave bursts allow easy identification of the channel by the mobile, and since the frequency correction channel is broadcast on the same frequency as the SCH, it serves as an anchor by which to find the data channels (which otherwise would be indistinguishable from any other data channels).The structure of the frequency correction burst is as below in fig 7 [17].

Fig. 7 FCCH burst bit structure [17]

The frequency correction burst transports 142 bits of information. This is basically transmitted periodically from the BTS to the MS to notify the equipment of adjustments in the frequency. It is essentially an empty frame, i.e. full of zero bits. Thus its data contents are not important. It however, sets the radio frequency for use, and synchronizes timing information. This channel form parts of the GSM broadcast channel. A frequency correction burst I transmitted on the channel which generate a beacon 6.7.7 KHz from the cell carrier frequency.

VI. PROPOSED SYSTEM

A. Overview If a MS1 established a call in cell 1 and MS start moving from cell one to the other by using a frequency f1. Due to the concept of frequency reuse, cell 3 also have the same set of frequencies as cell 1 have, where call initially established. So cell 3 also has f1 frequency. MS1 enters in the boundary of cell 3, if f1 frequency in cell 3 is not used by any MS then there will be no problem in handing over frequencies. MS1 can continue using f1 frequency with out any distortion and without any problem. But if some other MS2 have already established call using f1 frequency in cell 3 before MS1 enters in the range of cell 3, collusion will occur. In fig 8 cell 1 and cell 3 are using the same set of frequencies due to the frequency reuse technique.

MS1 is Mobile station 1, it establish a call in cell and start moving toward cell 3. Cell 3 is using a same set of frequencies as cell 1.

MS1 is using f1 frequency of cell 1 and MS2 already established a call at f1 frequency at the same time when MS1 enters in the region of cell 3.

Fig. 8 MS1 is moving from cell 1 to cell 3 with frequency f1

If MS1 enters in the range of cell 3 at the same time then graph will be as follows.

Fig. 9 Graph of frequencies in cell 3 when MS1 & MS2 both using same frequencies

Fig 9 is showing the frequency overlapping, when f1 frequency of MS1 which established in cell 1 and comes in the range of cell 3. F1 frequency of cell 3 is already assigned to the MS2 and when MS 1 entered in the range of cell 3, In result distortion and collusion encountered. We can also say that, when MS1 and MS2 are using same frequency in same region then collusion will occur and neither MS1 nor MS2 will be able to communicate properly. MS1 or MS2 connection can also be dropped due to this distortion. To avoid this collusion or distortion a new technique is introduced in the normal burst bit structure.

B. Frequencies Allocation Scenario The Mobile station (MS) and base stations (BTS) transmit or communicate with each other on dedicated paired frequencies called channels. Base stations use one frequency of that channel and mobiles use the other. So when MS2 in cell 3 established a call, technically a pair of frequency is allocated to it that is f1 frequency. When MS1 enters in cell 3 it also has f1 frequency, It is difficult to change the MS2’s (already dedicated) frequency. Certain channels carry only cellular system data. We call these control channels. This control channel is usually the first channel in each cell. It is responsible for call setup, like FCCH (Frequency Correction Channel). FREQUENCY CORRECTION CHANNEL (FCCH) FCCH (Frequency Correction Channel) is a control channel which is used to allocate frequency at first time when Mobile station gets started. As FCCH carries information of frequency correction for MS. Each base station system (BSS) broadcasts exactly one FCCH. FCCH is a control channel by using FCCH technique a new temporary frequency is allocated to MS1. This frequency could be a beacon

Collusion Area

MS1 using f1 (cell 1)

MS2 using f1 (cell 3)

Frequency

Time

A Cell 3

B

E

C G

D F

A Cell 1

B

E

C G

D F A Cell 2


103

frequency or any unused frequency of cell 3. The FCCH carries information for frequency correction of the MS.

C. M-FCCH (Modified FCCH) When MS1 will enter in the range of cell 3 where frequency conflict can occur due to the same frequency, M-FCCH will immediately send message to BSS and BSS broadcast new available frequency and temporarily allocate it to MS1. This frequency can be a beacon frequency or any unused frequency of cell 3. 1) STRUCTURE OF M-FCCH M-FCCH is combination of normal burst and FCCH burst. As we know that normal burst carry data and FCCH burst carry control signals. Bits structure used in FCCH burst is 148 bits. This structure would be embedded in normal bust structure. Normal burst structure also has 148 bits, to avoid the over head of normal burst structure we use only 1 bit of FCCH from 142 fixed bits. As fig 7 shows that in 148 bits of FCCH 6 bits are TB (Tail Bits) which already part of Normal burst. Only one bit from the center portion shown in fig 7 would be used. This 1 bit can be 0 or 1 at a time. So it also avoids the overhead of the normal burst. Total bits of M-FCCH will be 149.

Fig. 10 Structure of M-FCCH 2) WORKING OF M-FCCH When MS1 with a frequency f1 will enter in the region of cell 3 where MS2 has already been established a call by using frequency f1. MS1 having a M-FCCH will send a frequency request to BTS directly and BTS will allocate a new temporary beacon frequency to MS1. This frequency could be a beacon frequency or any unused frequency of cell 3. Now there will be no collusion between MS1 and MS2.

Fig 11: Working of M-FCCH

Fig. 12 Graph of frequencies in cell 3 when a temporary beacon frequency is allocated to MS1 by M-FCCH.

After allocating a temporary beacon frequency to MS1 by M-FCCH, no collusion would be detected. New graph will be as follows.

In fig 12 Graph is showing that now MS1 and MS2 both have different frequencies and there is no more collusion in frequencies. No interference is encountered due to same frequency. Chance of call dropping due to same frequency has been finished.

VII. CONCLUSION In today’s technological world one of the fastest growing technologies is wireless communication which also has importance in networking field. Due to the enhancement in wireless era made easy deployment of wireless communication networks. This network is wirelessly connected to BTS, BSC and MSC and MSC is connected with a wired structure to PSTN. Handover and handoff are performed by all cellular telecommunications networks, and they are a core element of the whole concept of cellular telecommunications. Many problems occur during the handover in which call compromises. There is a need of efficient and fast handover to overcome the problems related to handover. In this paper concentration is on softer handover problem. M-FCCH is proposed, this approach adapted here is based on the FCCH, which is a control channel used for frequency control or to broadcast message. M-FCCH broadcast a new beacon frequency to MS1. In M-FCCH frequency control channels are merged in the normal burst data channel to overcome the problem of softer handover by allocating a beacon frequency. It prevents the collusion of the same frequencies. M-FCCH gives the faster and efficient handover.

REFERENCES [1] Nishith D. Tripathi,Nortel Jeffrey H. Reed and Hugh F.

VanLandingham "Handoff in Cellular Systems", IEEE Personal Communicatio, December, 2008

[2] Hongbo Zhou, Matt W. Mutka, "IP Address Handoff in the MANET", IEEE INFOCOM 2004.

[3] Dênio Mariz, Dave Cavalcanti, Thienne Mesquita, Kelvin Lopes, Judith Kelner "A Simulation Environment for Analysis of QoS and Signaling Load in Mobile Cellular Networks", 2006.

[4] Aman Kansal, "Handoff in Bluetooth Public Access Networks", Technical Report,2001

[5] "Introduction To Digital Cellular", Technical Report by Motorola Cellular Infrastructure Group, issue 5, revision 5

[6] Stijn N.P.Van Cauwenberge, "Study of soft handover in UMTS", Master's Thesis, Technical University, Denmark. July 2003

[7] Rajkumar Periannan, Fadi Joseph Fahham, "Performance issues of celluler networks", Journal of Imperial College, July 1996.

[8] Nasif Ekiz, Tara Salih, Sibel Küçüköner, Kemal Fidanboylu, "An Overview of Handoff Techniques in Cellular Networks", PWASET Volume 6 June 2005 ISSN 1307-6884

[9] Majid Ghaderi, Joe Capka and Raouf Boutaba, "Prediction-Based Admission Control for DiffServ Wireless Internet", IEEE 2003

[10] Theodore S. Rappaport, "Wireless Communication" Second Edition. [11] Rajkumar Periannan & Fadi Josep Fahham, "Performance issues of

cellular network" [12] [Online] David Chow,"Wireless Technology",

http://www.ylesstech.com Last visited April 01, 2008. [13] [Online] "UMTS Handover",

http://www.umtsworld.com/technology/handover.htm Last visited April 01, 2008

[14] [Online] "Power control of mobile station transmissions during handoff in a cellular system" http://www.freepatentsonline.com/5940743.html Last visited April 01, 2008

[15] [Online] US Patent 7227850, "Cellular radio communication system with frequency reuse", http://www.freepatentsonline.com/7227850.html Last visited April 01, 2008

[16] [Online] http://www.nortel.com Last visited April 01, 2008 [17] [Online] John Scourias, "Overview of the Global System for Mobile

Communications: GSM" Privateline Telecommunications Expertise. Last Visited April 01, 2008. http://www.privateline.com/mt_gsmhistory/01_overview_of_the_global_system_for_mobile_communications_gsm/

3 TB 57 data bits

1 26 enciphered

bits 1 57 data bits

M-FCCH bit

3 TB8.25 GP

MS1(Beacon Freq.) MS2 (using f1)

Frequency

Time

BTS allocate a beacon frequency

MS1 immediately send the M-FCCH to BTS for new frequency

MS1

MS2 using f1

Cell 3


104

Abstract — With emerging technology in mobile wireless environment, detection of a mobile node becomes an essential requirement. Thus location awareness and mobile detection is an important issue. This paper presents an RSSI (Received Signal Strength Indicator) based modified triangulation and modified clustering approach for locating a wireless device in indoor wireless environment. All existing systems are analyzed in this paper and compare some of them. On the basis of these comparisons proposed system is suggested. Proposed system is the modification of three systems, these systems are: triangulation, clustering and joint clustering. After modification of three techniques, offline and online phase is applied on them. Suggested proposed system is completed in three systems: (i) modification of three techniques (ii) offline phase (iii) online phase. Further offline phase is performed into four steps. The method which show high accuracy in offline phase, gives the best result for detection of a mobile node in indoor environment. Then perform the online phase in order to get more accurate results. The proposed system can be applied to all current WLAN location determination systems to reduce their computational cost and enhance their accuracy.

Index Terms — Positioning technologies, RSSI, Modified

Triangulation, Modified Clustering, Modified Joint Clustering, and Relative Position.

I. INTRODUCTION Many systems over the years have been developed for the detection of a mobile node in any wireless local area network. Some of them tackle the problem of determining and tracking the targeted node in WLAN. This paper used an RSSI (received signal strength indicator) method to detect the mobile device in WALN. Since there are many ways to categorize the positioning systems, in this paper we will just refer to indoors positioning systems based on WLAN. In this paper we modify three methods that are: Triangulation method used in system [20] Clustering method used in system [13] and Joint Clustering method used in system [18] Proposed system has three modules: (i) Modify three techniques one by one (ii) Offline phase (iii) Online phase. Offline phase is further performed into four steps: in first step, we take actual values. In second step, we performed our three modified methods one by one and get three different values. In third step, we compare three obtained values to the actual values and in fourth step we take ration to find the accuracy. The remainder of this paper is organized as follows. In Section 2, we survey related work in location determination technologies. Section 3, describe RSSI based Triangulation method. In Section 4, we compare existing systems showed in the table. In Section 5, we discuss our research methodology means, proposed system. Finally, we present our Conclusions and future work in section 6.

II. RELATED WORK The Horus system [13] lies in the probabilistic techniques category. The Horus system identifies different causes for the wireless channel variations and addresses them to achieve its high accuracy.

It uses location-clustering techniques to reduce the computational requirements of the algorithm. [13] In location estimation system [14], LOCATOR works in two phases. In the first phase, it builds a radio map of the site where the wireless network is deployed. The radio map is a mapping between the physical locations and the observed signal strength values at these locations from various base stations. In the second phase, LOCATOR uses the radio map to estimate the location of a user, given its current observed signal strength values from various base stations. [14] In [15], a weighted center of mass based trilateration approach for locating a wireless device based on the signal strength received from the access points at known locations. The location tracking algorithm runs on a central. The central computer gets site survey information from the wireless device, in case of managed device, or gets the information from sensors, in case of unmanaged device. [15] RADAR [16], an RF-based system for locating and tracking users inside buildings. RADAR uses signal strength information gathered at multiple receiver locations to triangulate the user’s coordinates. Triangulation is done using both empirically-determined and theoretically computed signal strength information. [16]. The basic idea in this Bayesian system [17] is that if estimates from more than one observers of the location of a user are available, the probability of correct estimation will be higher. The RSSI is used in location determination, by either establishing a physical relationship between the RSSI and the distance from the AP, or by using empirical methods. The clustering technique defined in [18] reduces the computational power by more than an order of magnitude. Such energy saving allows the system to be implemented on energy-constrained mobile devices and thus increases the scalability of the system in terms of the number of supported users. The Active Badge System [19], an infrared-based system, was an early and significant contribution to the field of location-aware systems. In this system, a badge worn by a person emits a unique infrared signal every 10 seconds. Sensors placed at known positions within a building pick up the unique identifiers and relay the location manager software

III. RSSI BASED TRIANGULATION METHOD Although many alternatives exist, most successful indoor location techniques are based on the RSSI triangulation method and clustering techniques. RSSI means Received Signal Strength Indicator, is the simplest and most effective RF measurement technique as its values are easily accessible with WLAN cards. Since the RSSI values fluctuate over time for a given location, it can be considered a random variable, and hence should be described in a statistical fashion, estimating its distribution parameters.

A. Variations in Measured RSSI RSSI is not a very reliable measure, and it depends on a large number of factors.

LOCATION DETERMINATION TECHNIQUE FOR LOCATING WIRELESS DEVICES IN INDOOR ENVIRONMENT

Uzma Irshad 1, M.A Ansari 2 1 SZABIST Islamabad, Pakistan 2 FUUAST, Islamabad, Pakistan

unity10us@gmail com drmaansari@fuuastib edu pk


105

1) Location: The main variable behind the variation of the signal strength received by the base stations is the location of the intruder. The localization phase is where the major computation is performed to match the received signal strength values to a position. 2)Transmission power: A change in the transmission power of the user’s wireless NIC will cause a change in the received signal strength at the receiver. But, as the received strength is directly proportional to the transmission power, a similar drop in RSSI will be noticed at all the base stations. 3) Directionality of the wireless NIC: A typical 802.11 card is not omnidirectional in nature. Thus, with neither the transmitter nor the receiver being omnidirectional in nature, we are bound to have variations in measured RSSI.

IV. COMPARISON OF THE EXISTING SYSTEMS We compare some existing techniques in order to find the best one and on the basis of the best techniques we suggested the proposed system to find more accurate results.

TABLE I COMPARING EXISTING SYSTEMS

Techniques Accuracy

level Error rate

Phases

RF Technique

Location Estimation System

90%

2

Horus System

90%

0.6m

2

Trilatration Approach

±5m

2

NO

Radar: Location And Tracking System

89%

3..5m

2

Kalman Filter And Multiple Observer

90%

2..5m

2

Clustering And Probability Distributions

90%

7 Feet

2

Bayesian Method

80%

2..5m

2

V. PROPOSED SYSTEM Problem statement of suggested proposed system is that: “Detection of a mobile node by using three modified techniques one by one and then apply offline and online phase on these modified techniques”

A. Introduction In suggested proposed system, we used three techniques, and modified these techniques in order to improve the accuracy of detecting wireless devices in indoor environment. The three techniques that we used in suggested proposed system are: a) Modified Triangulation b) Modified Clustering c) Modified Joint Clustering These techniques are obtained from system [20], system [13] and system [18] but these systems are costly, so we enhance these systems in such a way that it provide high accuracy within short time and less costly. For easy convenience, suggested proposed system is divided into three modules (parts): 1. Modifying the Techniques 2. Offline Phase 3. Online Phase We discuss these modules one by one to explore the suggested proposed system. The proposed modules are all applicable to any of the current WLAN location determination system.

B. Modifying The Techniques Now we discuss how modifications occur in these systems. 1) Modified Triangulation Method We modify the triangulation method that was used in system [20] in which three servers are used to detect the location of a mobile node, which is a costly method, but we modify it by using only one server and three clients that detect the location of a mobile device (target device). Mobile device is placed at any location within clients. In order to detect the location of a mobile device it is necessary to get the RSSI (Received Signal Strength Indicator) values in the form of dbm from the mobile node to the clients. Multiple readings of the signal strength of a mobile node is taken at the clients and then these signal strengths are converted into an average signal strength by using simple averaging formula [20]. RSSI = (RSSI1+RSSI2+RSSI3+……. +RSSIn)) /n Where RSSI = Average signal strength value (dbm) RSSI1 = Signal strength at first interval RSSI2 = Signal strength at second interval RSSIn = Signal strength at nth interval n = No. of intervals The average calculated RSSI from each client is sent to the server. At the server, calculations is performed by using distance formula which is proposed by [20] to calculate the distance of each client from the mobile node in the area covered by the Wireless Local Area Network (WLAN). The distance of three clients from the server and from each other is known, and we have to find the distance of clients from the mobile device according to the received signal. For this distance calculation, we used the formula that was proposed in system [20]. S = (RS-BS) * k (Ignoring the negative sign of the signal strength) Where RS = Received Signal Strength BS = Basic Signal Strength (which in the hardware used) k = distance covered in 1dbm. Now we used Trigonometric functions to calculate the angle of clients with the server [20]. Cos α = (b^2+c^2-a^2) / 2bc.


106

The calculated distance and the angles are stored in the server where all calculations are performed and the results obtained through the calculations show the actual location of a targeted device. Our modified system provides more accurate results in short time and also it is less costly. 2) Modified Clustering Method We modify the system [13] in which just clustering method is used. In clustering method of system [13], the locations are grouped into clusters according to the access points that cover the locations. The cluster is divided into patches; from each patch RSSI value is received and sampled the signal strength from each access point at the rate of one sample per second. I this method, two steps are performed [13]: i) At a fixed location, the signal strength received from an access point varies with time. ii) The number of access points covering a location varies with time. But we modify system [13] by using clustering and triangulation at the same time. We perform both techniques one by one and the results obtained by these two methods are put into average. So the final result gives more accurate results to detect the location of a target mobile. The clustering method of our proposed system use the same mathematical model as discussed in system [13] which states that: without loss of generality, let X be a 2 dimensional physical space. At each location x € X, we can get the signal strength from k access points. We denote the k- dimensional signal strength space as S. Each element in this space is a k-dimensional vector whose entries represent the signal strength readings from different access points. We denote samples from the signal strength space S as s. We also assume that the samples from different access points are independent. The problem becomes, given a signal strength vector s = (s1… sk), we want to find the location x € X that maximizes the probability P(x/s) [13]. By applying above mathematical model in our proposed system, we can estimate the location of a mobile device. 3) Modified Joint Clustering Method System [18] presents an accurate and scalable system for determining the user location with low computational requirements in an 802.11 wireless LAN (WLAN) framework. But this approach can only be used with small values of k (access points), which may affect the technique accuracy. So the problem in this approach is that it requires a large training set to obtain good estimate of the joint distribution and the required size increases exponentially with k (access points). To overcome this problem, we suggested to use large no. of k (access points). Number of readings of training set is used and then take the average of multiple readings to get more accurate results. Second suggestion is that we limit k (access points) i.e.:- k=2 or k=3, and then take the readings on this limitations.

C. Offline Phase Offline phase is also known as training phase in which the coordinates of location in Wlan and the distances of clients from each other and from the server is stored in database. On the basis of stored information we detect the location of a mobile device. We perform offline phase in four steps: Take Actual values AV. (X, Y) Obtain Values By Three Techniques Compare Obtained Values with Actual value Take Ratios

1) Take Actual values AV. (X, Y) We have to find the actual location of a mobile node manually. We take X, Y coordinates of a target device in a wireless local area network which may be a room, a floor or any indoor environment and calculated its distances from the user manually .We take values in X,Y coordinates. Let assume that the values we obtained in X, Y coordinates of a mobile node is (28, 20) of a mobile node. This is the actual values that indicate the exact location of a mobile node in wlan. (X, Y) = (28, 20) This actual value is stored in the database and we have to compare other values to this actual value (X, Y). 2) Obtain Values By Three Techniques In this offline phase we use three techniques one by one and get values according to their methods. “a” shows “ Modified Triangulation method” “b” shows “Modified Clustering method” “c” shows “Modified Joint Clustering method” a. Modified Triangulation Method: We used modified triangulation method as we discussed above. We manually calculated the coordinates of that client which has the shortest distance from the mobile node. The distance of clients from the mobile node is calculated on the basis of signal strength stored in the server. Let assume that the coordinates we obtained in this triangulation method (xa, ya) is (20, 15). We store the coordinates (xa, ya) (20, 15) in the database. a = (20, 15) “a” shows that coordinates (xa, ya) obtained by applying Triangulation method. b. Modified Clustering Method In this method we take an average of two results that is obtained by using two techniques that are: i) Triangulation ii) Clustering By applying the mathematical model as discussed in system [13], we can estimate the location of a mobile device in clusters. Let assume that the value of coordinates xb ,yb of a user that is close to the mobile is (22, 17). We store the coordinates (xb ,yb) (22, 17) in database. b= (22, 17) “b”shows that coordinates (xb ,yb) obtained by using modified clustering method. c. Modified Joint Clustering Method In this method, we use calculations as discussed in system [18]. Let assume that the value of coordinates (xc ,yc) of a user that is close to the mobile node is (25,18). We store the coordinated values (xc ,yc) (25,18) in the database in order to match it to the actual values in the database. c= (25, 18). “c” shows that coordinates (xc ,yc) obtained by using Joint Clustering method 3) Comparison of Obtained Values with Actual Value In this step of offline phase we compare the calculated values a, b, c (obtained by three techniques) to the actual value. We take the difference of the calculated dimensions to the actual dimension. Table shows the difference of the calculated values to the actual values, we can find the error rate of these techniques to determine the best one that provide more accurate results to reach the mobile node in wlan. Error rate can be found by adding the x,y dimensions. The values that we taken in table are on assumption based. We have taken these values from three different techniques on the basis of their previous performance.


107

4) Take Ratios By taking the ratio of three techniques, we get the following accuracy: A= 52% B= 67% C= 82% Where A, B, C shows the accuracy of three techniques (a,b,c) as shown in the table:

TABLE II COMPARISON OF OBTAINED VALUES WITH ACTUAL

VALUE.

TECHNIQUES READINGS DIFFERENCE AV VS.

Actual value AV

(X, Y)

(28,20)

0

Triangulation a

(xa, ya)

(20,15)

(8,5)

Clustering b

(xb ,yb)

(22,17)

(6,3)

Joint Clustering c

(xc , yc)

(25,18)

(3,2)

TABLE III ALCULATED ERROR RATE AND ACCURACY

TECHNIQUES ERROR

RATE ACCURACY

Actual Value Av (X, Y)

0m

100%

Triangulation A

(Xa, Ya)

13m

52%

Clustering B

(Xb ,Yb )

9m

67%

Joint Clustering C

(Xc , Yc)

5m

82%

The values and accuracy that we obtained, is considered for only one room in indoor environment, although if same techniques are applied to other room in wlan environment then it provide different results and accuracy, so that’s why we assign these values to the techniques on their previous results. We just proposed a method to improve the accuracy of the techniques. But it is shown that Joint Clustering method provide more accurate results to detect the location of a mobile node in any indoor environment. We show error rate and accuracy of three techniques in the form of graphs.

ERROR RATE

0

5

10

15

x,y xaya xb,yb xc,yc

Techniques

Rea

ding

s

readings

D. Online Phase Online phase is also known as runtime phase in which the real time values of signal strength of the mobile node is noted by applying three techniques one by one and then multiply the real time values of each technique to the corresponding accuracy stored in the database(offline values) . In this phase we get a, b, c, by applying Modified Triangulation, Modified Clustering and Modified Joint Clustering and Probability Distribution methods as discussed above in the same way as we do in the offline phase but in this phase we get online values. Real time values are taken into calculations. To find final Xf,Yf values of our system, following formula is used to estimate the location of a mobile node in Wlan. Xf,Yf = (a * A) + (b * B) + (c * C)/3 Where “a” show the value that we obtained by applying the Modified Triangulation Method in online phase. “A” is the accuracy of modified joint clustering method that was calculated in offline phase. “b” show the value that we obtained by applying the Modified Clustering Method in online phase. “B” show the accuracy of modified clustering method that was calculated in offline phase. “c” show the value that we obtained by applying the Modified Joint Clustering and Probability Distribution Method in online phase. “C” is the accuracy of modified triangulation method that was calculated in offline phase. Xf,Yf give the final values that is used to estimate the exact location of a mobile node.

VI. CONCLUSION Proposed “Location Determination Technique for Locating Wireless Devices in Indoor Environment” is easily implemented on any existing WLAN environment and offers as such additional value to pre - existing infrastructural networks. By using the modified triangulation, modified clustering and modified joint clustering method, the accuracy is high concerning the reliability of the measurement vectors.. We get accuracy of 82% in modified Joint Clustering method with 5m error rate, 67% in modified Clustering method with 9m error rate and 52% in modified triangulation method with 13m error rate. So it is concluded that joint Clustering method give more accurate results with minimum error rate for detecting wireless devices in indoor environment. A

SHOW ACCURACY

0

20

4060

80

100

120

X,Y xa, ya xb ,yb xc,y

Techniques

Accuracy

Accuracy


108

mean absolute error of 5.0 meters in an indoor environment is enough to pinpoint the corridor or room, where the target is located. These modified methods are used to reduce the computational requirements of the location determination algorithms and achieve scalability. The values we get is on assumption based by analyzing their previous results, however we can evaluate the performance of the proposed system by experimental testbed in WLAN. As a continuation of the work, I would like to improve the distance estimation phase of the proposed system. Modified Joint Clustering method presents an accurate and scalable system for determining the user location with low computational requirements in an 802.11 wireless LAN framework.

REFERENCES [1] Nirupama Bulusu. Self-Configuring Location Systems. PhD thesis,

University of California, Los Angeles, 2002. [2] LYU0401 Location-Based Multimedia Mobile Service. 2003/2004 Final

Year Project Second Term. Supervisor Professor Michael R. Lyu Fung Ka Kin Ma Tilen.

[3] “A method for implementing Mobile Station Location in GSM” by Svein Yngvar Willassen December 3, 1998.

[4] Horus: A Wlan-Based Indoor Location Determination System by Mustafa Amin Abdel Azim Yousief Abdel Rehim, Doctor of Philosophy, 2004.

[5] Kavitha Muthukrishnan, Nirvana Meratnia and Maria Lijding FLAVOUR - Friendly Location-aware Conference Aid with Privacy Observant Architecture.

[6] “Location Determination in a Wireless LAN Infrastructure”, Master’s Thesis by Jason Small epartment of Electrical and Computer Engineering Carnegie Mellon University.

[7] “Analysis Of The Optimal Strategy For Wlan Location Determination Systems”, by Moustafa A. Youssef¤, Ashok Agrawala Department of Computer Science University of Maryland College Park, Maryland 20742 fmoustafa, [email protected].

[8] “Flavour - Friendly Location-aware Conference Aid with Privacy Observant Architecture” Kavitha Muthukrishnan, Nirvana Meratnia and Maria Lijding Faculty of Computer Science University of Twente.

[9] “Area Localization using WLAN” by Vinod Patmanathan, Master of Science Thesis Stockholm, Sweden 2006:008.

[10] Moustafa Youssef, Ashok Agrawala, and Udaya Shankar: “The Horus WLAN Location Determination System”.

[11] Ankur Agiwal, Parakram Khandpur, Huzur Saran: “LOCATOR – Location Estimation System for WirelessLANs.”

[12] Navin Kumar Sharma A Weighted Center of Mass Based Trilateration Approach for Locating Wireless Devices in Indoor Environment.

[13] “RADAR: An In-Building RF-based User Location and Tracking System” by Paramvir Bahl and Venkata N. Padmanabhan.

[14] Raman Kumar K, Varsha Apte, Yogesh A Power Improving the Accuracy of Wireless LAN based Location Determination Systems using Kalman Filter and Multiple Observers.

[15] Mustafa A. Youssef, Ashok Agrawala, A. Udaya Wlan Location Determination Clustering And Probability ‘Distributions. In Proceedings of IEEE Per Com 2003 march- 2003

[16] Roy Want, Andy Hopper, Veronica Falcao and Jonathan Gibbons. The Active Badge Location System.

[17] Ansar-Ul-Haque Yasar, Dr. M.A. Ansari, Sherjeel Farooqui. Low Cost Solution for Location Determination of Mobile Nodes in a Wireless Local Area Network.

[18] “Localization For Intrusion Detection In Wireless Local Area Networks” by Vishal Bhargava a thesis submitted to the graduate faculty of north carolina state university in partial fulfillment of the requirements for the degree of master of science department of electrical and computer engineering Raleigh Aug 2003.

[19] “Design Of Indoor Positioning Systems Based On Location Fingerprinting Technique” by Kamol Kaemarungsi B. Eng., King Mongkut's Institute of Technology at Ladkrabang, Thailand, 1994. M. S. in Telecommunications, University of Colorado at Boulder.

[20] “Devices Location in 802.11 Infrastructure Networks using Triangulation” by David Sánchez, Sergio Afonso, Elsa M. Macías, Member IAENG, and Ávaro Suárez, Member IAENG.


109

Abstract — With emerging technology in mobile wireless environment, detection of a mobile node becomes an essential requirement. Thus location awareness and mobile detection is an important issue. This paper presents an RSSI based triangulation approach for locating a wireless device from the access points at known locations as finding out the location in a wireless environment is to-date not very easy, cheap and accurate using 802.11b technology. All existing systems are analyzed in this paper and compare some of them. On the basis of these comparisons proposed system is suggested. This paper suggest the clustering method to improve the accuracy of proposed system. The proposed system provides a solution for location detection of mobile devices in indoor environment where the configuration of access points like transmit power etc., is not fixed. Proposed system presented in this paper is the enhancement of system defined in [13]. In system [13] three servers and only one client is used. Three servers are used to detect the location of a mobile by using triangulation and calibration method so it is a costly method because with the help of three servers we can detect the location of mobile, but proposed system presented in this paper used only one server and three clients. Only one server has to detect the location of a mobile, thus proposed system is cheap and easy to implement. Two methods are used and results obtained from these two methods are taken into an average, which provide more accurate results. Index Terms — Positioning technologies, RSSI, Clustering, Triangulation, Relative Position.

I. INTRODUCTION Advancement in mobile world is catapulted by ncorporating the mobile users position information. The position of a hand held device is important information needed to enhance the communication efficiently. Basically, the positioning has been indigenously put apart into two parts, Indoors and Outdoors Since there are many ways to categorize the positioning systems, in this paper we will just refer to indoors positioning systems based on WLAN.The method of triangulation is altered in our research paper. We formed triangles of clients with server and then calculated the distance and angles using the formulas and second method, clustering is used to get the result, after that we take the average of the results to get the final results .The remainder of this paper is organized as follows. In Section 2, we survey related work in location determination technologies. In Section 3, we compare existing systems showed in the table. Section 4, describe RSSI based Triangulation method, in section 5, we discuss our research methodology means, proposed system. . Finally, we present our conclusions in section 6 and future work discuses in section 7.

II. RELATED WORK The Horus system [6] lies in the probabilistic techniques category. The Horus system identifies different causes for the wireless channel variations and addresses them to achieve its high accuracy. It uses location-clustering techniques to reduce the computational requirements of the algorithm. The Horus system uses the Perturbation technique for handling small-scale variations. [6]

In location estimation system [7], LOCATOR works in two phases. In the first phase, it builds a radio map of the site where the wireless network is deployed. The radio map is a mapping between the physical locations and the observed signal strength values at these locations from various base stations. In the second phase, LOCATOR uses the radio map to estimate the location of a user, given its current observed signal strength values from various base stations. [7]. In [8], a weighted center of mass based trilateration approach for locating a wireless device based on the signal strength received from the access points at known locations. The location tracking algorithm runs on a central computer (a system used by network administrator for monitoring the wireless environment). The central computer gets site survey information from the wireless device, in case of managed device, or gets the information from sensors, in case of unmanaged device. [8] RADAR [9], an RF-based system for locating and tracking users inside buildings. RADAR uses signal strength information gathered at multiple receiver locations to triangulate the user’s coordinates. Triangulation is done using both empirically-determined and theoretically computed signal strength information. Experimental results are quite encouraging. With high probability, RADAR is able to estimate a user’s location to within a few meters of his/her actual location [9] The basic idea in this Bayesian system [10] is that if estimates from more than one observers of the location of a user are available, the probability of correct estimation will be higher. The RSSI is used in location determination, by either establishing a physical relationship between the RSSI and the distance from the AP, or by using empirical methods. The clustering technique defined in [11] reduces the computational power by more than an order of magnitude. Such energy saving allows the system to be implemented on energy-constrained mobile devices and thus increases the scalability of the system in terms of the number of supported users. Results also showed that locations clustering increases the accuracy of the location determination system and help scales the system to larger coverage area. . The Active Badge System [12], an infrared-based system, was an early and significant contribution to the field of location-aware systems. In this system, a badge worn by a person emits a unique infrared signal every 10 seconds. Sensors placed at known positions within a building pick up the unique identifiers and relay the location manager software. While this system provides accurate location information, it suffers from several drawbacks.

III. COMPARISON OF EXISTING SYSTEMS We compare some existing techniques in order to find the best one and on the basis of the best techniques we suggested the proposed system to find more accurate results.

RSSI Based Triangulation Method And Clustering Technique For Locating Wireless Devices In Indoor Environment

Uzma Irshad 1, M.A Ansari 2 1 SZABIST Islamabad, Pakistan 2 FUUAST, Islamabad, Pakistan



110

Techniques Accuracy level

Error rate

Phases

RF-Technique

Location Estimation System

90% 2

Horus System

90%

0.6m

2

Trilatration Approach

±5m

2

NO

Radar: Location And Tracking System

89%

3..5m

2

Kalman Filter And Multiple Observer

90%

2..5m

2

Clustering And Probability Distributions

90%

7 Feet

2

Bayesian Method

80%

2..5m

2

IV. RSSI BASED TRIANGULATION METHOD Although many alternatives exist, most successful indoor location techniques are based on the RSSI triangulation method and lustering techniques. RSSI means Received Signal Strength Indicator, is the simplest and most effective RF measurement technique as its values are easily accessible with WLAN cards. RSSI was chosen over Signal to Noise ratio (SNR) as the radio signature because it is more location dependant. Noise can vary considerably from location to location and depending on external factors, but this is not the case for the received signal strength. Since the RSSI values fluctuate over time for a given location, it can be considered a random variable, and hence should be described in a statistical fashion, estimating its distribution parameters.

A. Variations in Measured RSSI RSSI is not a very reliable measure, and it depends on a large number of factors. 1) Location: The main variable behind the variation of the signal strength received by the base stations is the location of the intruder. The localization phase is where the major computation is performed to match the received signal strength values to a position. There are various algorithms that exist to locate the position of intruder. 2) Transmission power: A change in the transmission power of the user’s wireless NIC will cause a change in the received signal strength at the receiver. But, as the received strength is directly proportional to the transmission power, a similar drop in RSSI will be noticed at all the base stations.

The fact, that RSSI is measured on logarithmic scale aides in observing relative changes in signal strength. 3) Directionality of the wireless NIC: A typical 802.11 card is not omnidirectional in nature. Thus, with neither the transmitter nor the receiver being omnidirectional in nature, we are bound to have variations in measured RSSI. A variation in the directionality of the wireless NICs, compared to the NIC used for fingerprinting could change the perceived position of the user.

V. PROPOSED SYSTEM Problem statement of our proposed system is that: Detect location of a mobile node using clustering and triangulation method. We have to find out a mobile device by calculating the distance of each client from the server by applying a method of RSSI based Triangulation and Clustering then take the average of RSSI values to find the accurate location of a mobile node.

A. Description There are three clients and one server in the room. Clients are connected to the server. Server has to perform the calculations on the results. Signal strengths of all clients are stored in the server and the location of the client is determined with the help of these signal strengths. The server is the basic requirement of our system to obtain RSSI value of the mobile node. We have to use two methods we get RSSI value of each client and then take the average of these two values to find out the mobile node.

B. Clustering Approach The Clustering module is used to group radio map locations based on the access points covering them. We define a cluster as a set of locations sharing a common set of access points. We call this common set of access points the cluster key. Clustering is based on the idea that each access point defines a subset of the radio map locations that are covered by this access point. These locations can be viewed as a cluster of locations whose key is the access point covering the locations in this cluster.

C. Triangulation Approach 1. Get the RSSI value of each client (mobile nodes) from the server which will be in the form of dbm. Since 802.11b is highly effective by multipath propagation, where several waves arrive at the receiver via different paths and with different phases, different variations of actual signal. Server get RSSI value from three clients and then converted them in to average signal strength by using simple averaging formula described below: RSSI = (RSSI1+RSSI2+RSSI3+… +RSSIn)) /n Where RSSI = Average signal strength value (dbm) RSSI1 = Signal strength at first interval RSSI2 = Signal strength at second interval RSSI3 = Signal strength at nth interval n = No. of intervals. 2. Once the signal strength of the client is obtained with respect to each client, we calculated distance to determine the approximate location of the client (mobile node) in the area covered by the WLAN. The method of triangulation is altered in our research project. We formed triangles of clients with server and then calculated the distance and angles using the formulas mentioned above rather then finding the triangulation region.

D. Location Calculation The calculation of the location of a user takes place in two phases: an offline and an online phase. Offline Phase: During the offline


111

phase, which has to be executed only once for each building, a so-called radiomap will be composed. This radiomap can be considered to be a collection of calibration points at different locations in the building, each with a list of RSSI values for visible access points at that particular location. This process is also known as fingerprinting.

Fig Architecture of Triangulation

Online Phase: During the online phase, the calibration points are being used to calculate the most probable location of the user, whose actual location is unknown.

E. Average We take the average of results that we obtained through clustering method and triangulation method in order to estimate the location of mobile node.

F. Advantages of the Proposed System Our proposed system is the enhancement of system defined in [13], only one server is used to estimate the location of mobile node instead of three servers. One server is connected to three clients to detect the location of mobile node. Also clustering technique is used in this method, which provide more accurate results. A major advantage of our proposed technique is that we can obtain higher accuracy while reducing the training cost by requiring only a fraction of the labeled samples as compared to previous methods. We demonstrate this result in a series of tests on WLAN location estimation using the data collected in a realistic environment. The clustering technique reduces the computational power by more than an order of magnitude. Such energy saving allows the system to be implemented on energy-constrained mobile devices and thus increases the scalability of the system in terms of the number of supported users. We also showed that locations clustering increases the accuracy of the location determination system and help scales the system to larger coverage area.

VI. CONCLUSION The RSSI- based tracking system is easily implemented on any existing WLAN environment and offers as such additional value to pre - existing infrastructural networks. By using the described triangulation method, the accuracy is high concerning the reliability of the measurement vectors. A mean absolute error of 1.5 meter s in an indoor environment is enough to pinpoint the corridor or room, where the target is located. The triangulation method is required for successful location estimation in a new environment. The value of the block method is emphasized in heterogeneous environments even though benefits from its usage can be observed in any environment. As a continuation of the work, I would like to improve the distance estimation phase of the proposed system.

VII. FUTURE WORK The design of indoor positioning systems requires an analytical model that can explain the relationship between the system performance and system parameters. The adoption of location-based services in the future will require an efficient and effective design methodology for indoor positioning systems. The design area of indoor positioning has not been considered at all in any literature. There is no simple way to predict the performance of indoor positioning without actually performing a real measurement to test the positioning algorithm. Therefore, this study proposes a model of triangulation method which can be incorporated into an analytical model for study of indoor positioning systems The RSSI based position estimation still has limitations. First, the RSSI value is time dependent. Thus, the future study should address this issue. Second, the movement of object is not considered. Third, orientations of sensors affect the performance which should be taken care off. Fourth, to improve the performance of the system we need to find a solution to deal with those incomplete or missing data during the offline and the online phase. Fifth, position estimation on multifloor and three dimensional coordinates is not available.

REFERENCES

[1] U.S.Robotics Wireless LAN Networking White Paper. [2] Alcatel Technology White paper “End-to-End Location-Based

Services Solution”, 2Q 2005, N. Faggion, S.Leroy, C. Bazin. [3] Ingersoll, Minnie (2005-11-17).Wi- Fi in Mountain View. Official

Google Blog.Google. [4] Kavitha Muthukrishnan, Nirvana Meratnia and Maria Lijding

FLAVOUR – Friendly Location-aware Conference Aid with rivacy Observant Architecture.

[5] Dr. WJ Buchanan, Dr. J. Munoz, R. Manson, K. Raja. Analysis and Migration of Location-Finding Methods for GSM and 3G Networks. Fifth IEEE International Conference on 3G Mobile Communication Technologies (3G 2004) The Premier Technical Conference for 3G and Beyond, , London, UK, 18-20 Oct. 2004.

[6] Moustafa Youssef, Ashok Agrawala and Udaya Shankar. The Horus WLANlocation Determination System.

[7] Ankur Agiwal, Parakram,Khandpur, Huzur Sara LOCATOR–Location Estimation System For WirelessLANs..

[8] Navin Kumar Sharma A Weighted Center of Mass Based Trilateration Approach for Locating Wireless Devices in Indoor Environment.

[9] RADAR: An In-Building RF-based User Location and Tracking System Paramvir Bahl and Venkata N. Padmanabhan.

[10] Raman Kumar K, Varsha Apte, Yogesh A Power Improving the Accuracy of Wireless LAN based Location Determination Systems using Kalman Filter and Multiple.

[11] Mustafa A. Youssef, Ashok Agrawala, A. Udaya Wlan Location Determination Via Clustering And Probability ‘ Distributions. In Proceedings of IEEE PerCom 2003 March. 2003.

[12] Roy Want, Andy Hopper, Veronica Falcao and Jonathan Gibbons. The Active Badge Location System.

[13] Ansar-Ul-Haque Yasar, Dr. M.A. Ansari, Sherjeel Farooqui. Low Cost Solution for Location Determination of Mobile Nodes in a Wireless Local Area Network.

[14] Vinod Patmanathan. Area Localization using WLAN.

Clients Client

Client

Server


112

Abstract — Wireless communication is an ever-developing field and a plethora of innovations is envisioned in the future. It is anticipated that in this field devices will be developed to support communications with higher quality, and high data rates. Since WLAN and Bluetooth operate in the same unlicensed ISM band (2.4 GHz), they often cause mutual interference and hence degrade performance. A number of collaborative and non-collaborative mechanisms have been proposed to overcome interference problems. In this paper a new method is proposed for noise and interference cancellation between WLAN and Bluetooth to achieve high-quality voice and data communication. This new concept is based on a common control channel (CCCH), which is used by different radio devices for synchronization.

Index Terms — 802.11, Noise, Interference1, WLAN,

Bluetooth.

I. INTRODUCTION Interference creates noise in the communication signals which destroys the signal completely or signal becomes meaningless. Radio frequency interference is a major concern in the deployment and use of wireless LANs, and is often a justification for avoiding their installation. WLAN operates in the Industrial, Scientific, and Medical (ISM) band [1], spectrum reserved by regulators worldwide for applications without the requirement for individual user or device licensing. A consequential challenge in using these frequencies is that a potentially large number of wireless devices may be competing for the same media in a particular location. These devices often resulting interference with WLAN, and thus degrade performance in terms of throughput, connection quality, and range. Interference occurs when two signals are transmitted on the same frequency at the same time. When two (or more) simultaneous signals have similar relative transmitting power, in which case they will likely mutually interfere, and the weaker signal will suffer more interference from the stronger. With respect to WLANs, it can be interfere from other WLAN devices. Since WLAN employ a “listen-before-talk” protocol, based on Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA) [1], any interference between WLAN networks tends to work out somewhat cooperatively, with the two networks often sharing channel capacity. In contrast, interference from non-WLAN sources, which use protocols different from those of WLANs, more often result in the degradation of WLAN throughput. There are numerous non-WLAN devices that operate in the unlicensed bands, including Bluetooth products of many forms (some operating at the same power levels as WLANs), cordless phones, baby monitoring devices, wireless security and energy managements systems, computer peripherals such as cordless mice, keyboards, and game controllers etc. In addition, there are some commercial and industrial devices such as microwave ovens, and microwave-based lights. Here the main focus of this paper is on WLAN IEEE 802.11b and Bluetooth interference. As WLAN and Bluetooth devices share common spectrum in the 2.4GHz ISM band. When WLAN and Bluetooth operate in the same area they often cause interference due to which transmitted packet is lost. The WLAN and Bluetooth

1 Noise and Interference are used interchangeably

receivers are able to detect this loss by examining the signal to interference ratio (SIR), and tally the lost packets into a bit error rate (BER) [6]. The last packets are retransmitted later. As the number of retransmissions increases on the other hand throughput decreases. This paper is organized as follows: the second section gives a system overview of WLAN and Bluetooth. Third section presents an interference model. In fourth section related work is described, and fifth section presents proposed model, conclusion is presented in section fifth.

II. SYSTEM OVERVIEW

A. IEEE 802.11 WLAN WLAN operates in the 100 meter range using 2.4 GHz ISM unlicensed band. The IEEE 802.11b standard provides a maximum bit rate of 11 Mbps through a transmission mode based on 8-chip Complementary Code Keying (CCK) modulation at a chip rate of 11 Mchip/s. Since IEEE 802.11b uses Direct Sequence Spread Spectrum (DSSS) technique, it occupying a dedicated bandwidth of approximately 22 MHz within the ISM band [14]. In the recent past years the 802.11g protocol has been developed to be backward compatible with 802.11b and has a capacity of 54Mbps using OFDM modulation. All the versions of the IEEE 802.11x share the same MAC sub-layer, which uses the Carrier Sense Multiple Access and Collision Avoidance (CSMA/CA) for contention. The maximum transmitted power is recommended at 100mW. IEEE 802.11 protocol entities are shown in the Figure 1 [14].

Fig. 1 Protocol entities for IEEE 802.11 [14] The general operations of physical layer are carrier sense, transmission and receiving of data frames, encoding/decoding, and preamble generation/removal. When the MAC layer instructs, the PLCP prepares MAC protocol data units (MPDUs) for transmission. The PLCP also delivers incoming frames from the wireless medium to the MAC layer. Under the direction of the PLCP, the PMD provides actual transmission and reception of Physical layer entities between two stations via the wireless medium. The MAC management sublayer defines the registration process, roaming support in the ESS, power management, and security. Both the MAC and PHY layers cooperate in order to implement collision avoidance procedures.

B. Bluetooth The following section gives an overview of the Bluetooth technology. Bluetooth is a low-power microwave wireless link technology designed to connect phones, laptops, PDAs and other portable equipment. Unlike infra-red, Bluetooth does not require line-of-sight positioning of connected units. Bluetooth systems operate in the unlicensed Industrial-Scientific-Medical (ISM) radio band at 2.4 GHz. Low-power RF transmission provides communication between devices over a range of 10 meters and

Noise Cancellation in WLAN and Bluetooth

Sohail Sarwar 1, Dr. M. A. Ansari 2 1 Department of Computer Science, SZABIST 2 Federal Urdu University Islamabad, Pakistan.

ssohailsarwar@yahoo com drmaansari@fuuastib edu pk


113

supports data speeds of up to 721 Kbps [12], [13], as well as three voice channels. Bluetooth enables ad-hoc networking for up to eight devices without the need for a formal wireless infrastructure. Bluetooth uses frequency hopping spread spectrum (FHSS) [13] operation. The basic frequency-hopping pattern is a pseudo-random ordering of 79 channel frequencies in the ISM band. The hopping rate is 1600 hops per second [12], [13]. Bluetooth signal transmitting power is 1 mW, and signal is modulated using binary Gaussian Frequency Shift Keying (GFSK) [13]. Bluetooth technology provides the effect of full duplex transmission through the use of a time-division duplex (TDD) scheme with 625 µs time slots [13]. Two or more devices sharing the same physical channel form an ad-hoc network called piconet [12]. With one device acting as a master, up to seven other devices or slaves can be actively operating in the piconet. All devices in the piconet are synchronized to a common clock reference and frequency hop pattern provided by the master. A slave packet always follows a master packet transmission. Two types of link connections that can be established between a master and a slave [12], [14]: the Synchronous Connection-Oriented (SCO), and the Asynchronous Connection-Less (ACL) link. The SCO link is a symmetric point-to-point connection between a master and a slave where the master sends an SCO packet in one TX slot at regular time intervals, defined by TSCO time slots. The slave responds with an SCO packet in the next TX opportunity. TSCO is set to 2, 4 or 6 time slots for HV1, HV2, or HV3 packet formats [13] respectively. All three formats of SCO packets are defined to carry 64 Kbits/s of voice traffic and are never retransmitted in case of packet loss or error [13]. The ACL link is an asymmetric point-to-point connection between a master and active slaves in the piconet. Several packet formats are defined for ACL, namely DM1, DM2, and DM3 packets that occupy 1, 3, and 5 time slots [13] respectively. An Automatic Repeat Request (ARQ) procedure is applied to ACL packets where packets are retransmitted in case of loss until a positive acknowledgement (ACK) is received at the source. Bluetooth Protocol stack is shown in the Figure 2 [13]. The RF block is responsible for transmitting and receiving packets of information on the physical channel. The link controller is responsible for the encoding and decoding of Bluetooth packets. The baseband resource manager is responsible for all access to the radio medium. The link manager is responsible for the creation, modification, and release of logical links.

Fig. 2 Bluetooth Protocol Stack [13]

The device manager is the functional block in the baseband that controls the general behavior of the Bluetooth enabled device. The L2CAP resource manager block is responsible for managing the ordering of submission of PDU fragments to the baseband and some relative scheduling between channels. The channel manager is

responsible for creating, managing, and destroying L2CAP channels for the transport of service protocols and application data streams.

III. INTERFERENCE MODEL Interference is the major limiting factor in the performance of wireless systems. WLAN and Bluetooth operate in the same ISM band [12], often caused interference; hence the performance of both the systems degrades. When WLAN and Bluetooth operates in the same area, the 22MHz wide WLAN channel occupies the same frequency as 22 of the 79 Bluetooth channels which is 1 MHz wide [1], [12]. When a Bluetooth transmission occurs on a frequency that lies within the frequency space occupied by WLAN transmission, some level of interference can occur depending on the strength of each signal. A packet is lost due to noise when the WLAN and Bluetooth packet overlap in the time and frequency domains. This interference problem is address in [1], [3], [4], [6], and [9]. Since WLAN uses DSSS occupies 22MHz channel in ISM band and Bluetooth system with FHSS uses 79MHz of available frequency with 1MHz channels. As a result probability that a Bluetooth packet collides with WLAN packet is 27.8%. Throughput of WLAN drops rapidly at high Bluetooth network load. If a packet collision has occurred, the WLAN packet is dropped and retransmitted again. As the number of retransmissions increases the performance decreases. Interference from Bluetooth increases BER in WLAN and it decreases the throughput of WLAN. The performance of Bluetooth also effected. IEEE 802.11g uses OFDM with data rate up to 54Mbps [6], and IEEE802.11n applies spatial coding techniques, which uses multiple transmitter and receivers antennas [6]. The simulation results in [6] shows that even the throughput of these systems are very high in the absence of interference, a small amount of interference still cause substantial performance degradation of these systems.

IV. RELATED WORK In contrast to classical interference and noise avoidance techniques such as modulation, channel coding, most of the techniques to solve noise/interference problem in 2.4 GHz band focus on non-signal processing control strategies including power and frequency hopping control and MAC parameter adjustments and scheduling [7], [8]. A number of mechanisms have been proposed to ensure the coexistence of WLAN and Bluetooth. These interference avoidance mechanisms are divided into two categories [8], and [12]: Collaborative and non-Collaborative mechanisms. A short description of these mechanisms is as follow:

A. Collaborative Mechanisms: In collaborative mechanisms both WLAN and Bluetooth communicates to avoid mutual interference. Collaborative mechanisms require that both the systems should be collocated. Collaborative mechanisms include Time Division Multiple Access (TDMA), and MAC EnHanced Temporal Algorithm (MEHTA) [10]. In the TDMA technique, the 802.11 and Bluetooth networks transmit alternately, defining the time that each has access to the medium. The TDMA technique can support multiple Bluetooth piconets. MEHTA uses a centralized controller that monitors the WLAN and Bluetooth traffic and allows exchange of information between these two radio systems. The centralized controller works on MAC layer and allow or deny the transmission, thus avoiding interference between the two systems.

B. Non-Collaborative Mechanisms In non-collaborative mechanisms there is no method for WLAN and Bluetooth to communicate each other. WLAN and Bluetooth take independent means to avoid interference. Non-collaborative mechanisms include Adaptive Packet Selection and Scheduling [2], and Adaptive Frequency Hopping [5], [11]. Bluetooth specifies a


114

variety of packet types with different combinations of payload length, slots occupied, FEC codes, and ARQ options. The motivation is to provide necessary flexibility for the implementers and applications so that the packets can be chosen optimized for the traffic and channels presented. By selecting the best packet type according to the channel condition of the upcoming frequency hop, better data throughput and network performance can be obtained. In addition, by carefully scheduling packet transmission we can avoid/minimize interference to WLAN systems and at the same time increase the throughput of the Bluetooth / IEEE 802.15.1 systems. Similarly Adaptive frequency hopping mechanism dynamically changes the frequency hopping sequence in order to avoid or minimize the interference detected by the 802.15.1 device. Adaptive frequency hopping is a method by which the available channels are used intelligently to decrease the likelihood of packet loss.

V. PROPOSED MODEL The interference problem and fair allocation of frequencies between different systems competing for same resources have led different research groups to present different mechanism to mitigate the interference problem. WLAN and Bluetooth work on the same unlicensed frequency band (2.4 GHz). A new method is proposed to mitigate the interference problem between these two systems when working in parallel. The proposed model is based on a common control channel (CCCH). CCCH is a low rate signal used for synchronization between WLAN and Bluetooth. On CCCH a narrow band signal is generated WLAN access point (AP) and received by all the devices in the area. The concept is to enable sharing information such as carrier frequency, bandwidth, power level, time slots, etc. between neighboring radio devices competing to access the same frequency band via a common control channel. This work is focused on WLAN and Bluetooth for interference cancellation further it can be applied to any system in the ISM band.

A. Common Control Channel basics The new concept is based on a common control channel (CCCH). CCCH is used by different radio devices for synchronization. The key concept is that a control packet is being transmitted as an announcement packet on the same ISM band. The transmitted packet includes some parameters such as power level, carrier frequency, time slots duration, duty cycle etc. CCCH allows to add more parameters if needed. Figure 3 shows a packet format of CCCH message.

Fig. 3 Packet format of a single message on the CCCH The working of the proposed model is shown by a flow chart in the Figure 4. When a Bluetooth device starts communication, it first scans for WLAN control packet. Control packet is transmitted by the WLAN AP and received by all the devices in the area including Bluetooth. This control packet is transmitted at a regular pattern just like beacon control packet transmitted by WLAN AP for WLAN devices. In a Bluetooth piconet the master device receives this packet and adjusts its frequency hopping pattern according to the information provided in the control packet. This control packet provides information about the frequency channel used by WLAN and other useful parameters. As in a piconet all slave devices follow the master device for communication, the master device mark the

22MHz channel as “bad” frequency channel that is being used by WLAN in the area. Bluetooth starts its normal communication except using these 22MHz frequency channel that has been marked “bad” in its frequency hopping table. If the Bluetooth device does not find any of WLAN control packet, it immediately starts its normal communication. If during communication a Bluetooth device detects interference then it stops its communication and rescans for WLAN control packet and follows according to the information provided.

Fig. 4 Working of CCCH for noise cancellation

The main advantages of the proposed mechanism are the following:

• The proposed mechanism does not require a centralized traffic scheduler as in MEHTA.

• It can be implemented either when 802.11 and Bluetooth are able to exchange information (collaborative coexistence mechanism) or when they acquire this information by detecting interfering transmissions over the radio channel (non-collaborative coexistence mechanism).

• It has a minor impact on the IEEE 802.11 standard and the Bluetooth specification.

• Reduces number of Link Manager Commands to exchange information about “good” and “bad” channels as compared to AFH.

VI. CONCLUSIONS WLAN and Bluetooth devices share common frequency spectrum in the 2.4 GHz ISM band. When WLAN and Bluetooth operate on the same area they often cause interference. A packet is lost due to noise when both WLAN and the Bluetooth packet overlap in the time and frequency domains. A number of mechanisms have been developed to mitigate this interference problem. In this paper a new method is proposed to avoid interference between WLAN and Bluetooth. The new model is based on a control channel. Control packet is transmitted from WLAN AP periodically; the control packet having parameters such as frequency channels used by WLAN devices etc, is received by Bluetooth devices to adjust its frequency hopping pattern to avoid interference.


115

REFERENCES [1]. Ramakrishna Gummadi, David Wetherall, Ben Greenstein, Srinivasan

Seshan, “Understanding and Mitigating the Impact of RF Interference on 802.11 Networks”, SIGCOMM’07, August 27–31, 2007, Kyoto, Japan.

[2]. Chen-Han Shih, Kuochen Wang , Hung-Cheng Shih,“ An adaptive bluetooth packet selection and scheduling scheme in interference environments”, Computer Communications 29 (2006) 2084–2095, 17 February 2006.

[3]. Abhishek P. Patil, Dan J. Kim, Lionel M. Ni, “ A study of frequency interference and indoor location sensing with 802.11b and Bluetooth technologies”, Int. J. Mobile Communications, Vol. 4, No. 6, 2006.

[4]. Angela Doufexi, Arun Arumugam, Simon Armour and Andrew Nix, An Investigation of the Impact of Bluetooth Interference on the Performance of 802.11g Wireless Local Area Networks”, 2004.

[5]. N. Golmie, O. Rebala, N. Chevrollier, “Bluetooth Adaptive Frequency Hopping and Scheduling” 2004.

[6]. Angela Doufexi, Arun Arumugam, Simon Armour and Andrew Nix, “An Investigation of the Impact of Bluetooth Interference on the Performance of 802.11g Wireless Local Area Networks” IEEE_VTC_Spring 2003

[7]. Carla F. Chiasserini and Ramesh R. Rao, “Coexistence Mechanisms for

Interference Mitigation between IEEE 802.11 WLANs and Bluetooth”, 0-7803-7476-2/02 IEEE 2002.

[8]. Carla F. Chiassserini, Ramesh R. Rao, “A Comparison between

Collaborative and Non-Collaborative Coexistence Mechanisms for Interference Mitigation in ISM Band”, 2001.

[9]. R. J. Punnoose, R. S. Tseng, D. D. Stancil. “Experimental Results for

Interference between Bluetooth and IEEE 802.11b DSSS Systems”, In Proceedings of IEEE Vehicular Society Conference, October 2001.

[10]. IEEE 802.15.2-01300r1, TG2 Mobilian Draft Text, TDMA and

MEHTA, http://grouper.ieee.org/groups/802/15/pub/2001/Jul01/01300r1P802-15_TG2-Mobilian-draft-text.doc

[11]. IEEE P802.15-TG2_366r1, Clause 14.3 Adaptive Frequency Hopping, http://grouper.ieee.org/groups/802/15/pub/2001/Jul01/01366r1P802-15_TG2-Clause-14-3-Adaptive-Frequency-Hopping.doc

[12]. Andrew Fredman, “Mechanisms of Interference Reduction for Bluetooth”, 2003

[13].http://www.bluetooth.com/Bluetooth/Learn/Works/Core_System_Architecture.htm, © 2007 Bluetooth SIG, Inc.

[14]. Kavesh Pahlavan, Prashant Krishnamurthy, “Principle of Wireless Networks: A unified approach”, 2006.