vol2 no8

(IJCNS) International Journal of Computer and Network Security, Vol. 2, No. 8, August 2010

1

Students’ Perspectives on their Preferences in the Networked Learning Environment

Sha Li

Alabama A & M University, School of Education 4900 Meridian St., Normal, AL 35762, USA

[email protected] Abstract: The creation of learning resources on the internet provides learners with rich learning information in varieties of digital formats. But the new learning paradigm generates new issues. Many instructors designed learning resources online but found that their students have not used them as effectively as expected. There is a need for us to understand the learners’ preference and their needs in using online learning resources to help us teach and design instruction more effectively in the online-resource aided learning environment. This study uses the course of FED 529 Computer-Based Instructional Technology as a case to explore the learners’ preferences in the use of the online learning resources the class provides. This study uses both quantitative and qualitative methods. There are nine student preferences found while they use the course online learning resources. The findings could help us design better online learning resources to meet the learners’ preferences and needs, motivate student involvement, and enhance the instructional effectiveness in the Internet assisted learning environment. Keywords: Instructional Design, Online Learning Resources, networked learning, distance education.

1. Introduction Internet-based learning resources play an important role in learning. Teachers are incorporating, planning and designing effective resource-based online learning environments to enhance learners’ academic development [2, 16], The digital resource-based learning promotes the learners’ acquisition of effective information skills and engenders high quality outcomes [8, 23]. The project-based learning under a resource-assisted learning environment cultivates the learners’ hands-on skills as well as their thinking skills such as problem solving, reasoning, and critical thinking through information handling and creative experiential work [36, 41]. It encourages active participation and information skill development through self-directed learning and reflection as opposed to teacher-directed instruction. It also allows for the active construction of personal understanding through a variety of activities [17, 40]. In the resource-based learning process, students learn how to connect information searching with knowledge growth [30] and improve their confidence and attitudes toward academic success and self- Image [12, 38]. Ehlers indicates that the academic information transparency is an important variable in an online learning environment while providing resources and course information to the learners

[13]. Because of the available multimedia effect, the online resources could foster enthusiasm and better meet the needs of different learners. They also inspire self-image through active interaction with information as well as with peers [21, 43]. Peluchette and Rust made a study on the faculty members’ preference in using technology facilities for classroom instruction [34]. They found that most faculty in their study preference the use of the basic technology facilities for daily instruction, such as overhead transparencies, PowerPoint, Blackboard and whiteboard. Very few of the faculty members expressed a preference for teaching courses online. Learners have their own learning preferences in relation to their habit or preference of in-taking and processing information resources [6, 22, 33]. Felder and Brent indicate that the learner’s preference relates to the learning style difference that exists among college students. Tailoring the instructional resource design to meet the different student learning styles could yield better academic outcome [15]. Kvavik states that the preferences the new generation of students have in their technology-facilitated learning environment are critical issues for us. He found in his study that students showed their highest preference level for the moderate use of technology, and the lowest preference level for the classes that have no technology or the classes that are entirely online. In addition, the students’ motivation for the use of learning technology was very much tied to the requirements of the course curriculum [24]. There are four major types of learning styles that guide the learner’s preferences: (1) visual learners (learn by seeing), (2) auditory learners (learn by hearing), (3) Reading/writing (learn by processing text), and (4) kinesthetic learners (learn by doing) [35]. Laddaga and his colleagues found in their study of the student preference for audio in computer-assisted instruction that there are strong differences in preference for a visual or auditory presentation mode. They suggest providing both formats of presentation mode for the learners’ options [25]. In this Information Age, all information reaches users in multiple dimensions. Helping students develop their information skills is as important as teaching the subject matter. Integrating Internet-assisted resources into instruction has become fashionable and the associated pedagogical strategies are flourishing. Brown and Liedholm report that students’ cognitive strategies are the motivating factor in choices about the learning materials, and their learning strategies and preferences for learning materials are very diverse [4]. Felder indicates that academic


2

information comes on a daily basis in both visual and aural formats. Developing students’ skills to take in information in both formats is necessary. He says that if an instructor teaches in a manner that disagrees with the student’s learning preference, the student’s discomfort level may increase enough to interfere with his learning. However, if the instructor teaches exclusively in the student’s learning preference, or learning style, the student may feel comfortable to learn, but his cognitive dexterity might not be developed enough to meet the future challenges [14]. Byrne’s study indicates that learners tend to prefer learning with some online multimedia better than others, depending on their individual learning style [7]. Curtis and Howard used a slide show to provide text-based tutorials on how to assemble computer hard drives for the verbal/sequential learners in their computer science class [14]. They also provided multimedia-based tutorials in the format of pictures, animation and video for the visual/global learners. This allowed students a variety of options to learn in their own preferred manner. Using multimedia programs to improve instruction and motivate learning has become a new issue for teachers. The Internet provides a convenient platform for teachers to exert their expertise to design and teach classes in a resource-based network environment. An understanding of the learners and their preferences in this learning format would help us increase the quality of the instructional design and strategy in the technology-rich learning environment. Li and his colleagues [26] have created an online learning model, the Online Top-Down Modeling Model, to help enhance the learning effectiveness through the learner-resource interaction on a graduate technology course FED 529 Computer-Based Instructional Technology course website at http://myspace.aamu.edu/users/sha.li. The FED 529 Course is a graduate computer literacy course. It is taught in a blended format. The course has a resource rich website, especially on the course website where there are previous student project models such as Word projects, PowerPoint projects, Excel projects , graphics design projects, and web page design projects, etc. available. This strategy advocates retrieving the class resources from the course website to show model projects to students first, and then to demonstrate the new program tools and teach specific skills when each new project is taught. Through this strategy, the effective learning occurred, and the students’ motivation and positive attitude toward the use of technology-aided learning resource increased. This article is a follow-up study after that previous study on the Online Top-Down Modeling Model. It explores deeper into the learners’ world during their instruction under the Online Top-Down Modeling Model, trying to better understand the learners’ needs and perspectives to add to the literature on the effectiveness of the online learning resources from the learner’s side. This article focuses on the learners’ preferences in using online learning resources while learning under the Online Top-Down Modeling Model. 1.1 Theoretical Framework of the Study

Michael Moore defines the three major types of interaction in IT driven distance learning setting: the learner-learner interaction, the learner-teacher interaction, and the learner-

content interaction [29]. The learner-content interaction is gaining more interest in empirical studies, which mostly focus on integrating learning resources into learning activities. The learner’s preference in an online learning resource rich environment has aroused research attention. Educators try to understand the learners’ preferred ways to use the available online resources. Linda Jensen asserts the interaction with the content as follows: Interaction with the subject matter is the heart of education…. In order to learn, students must have a meaningful interaction with the content, and the content must be presented in such as way that students will be motivated and inspired to think deeply about it. Since the media used for instruction can greatly affect how students interact with the content, there is a great deal of interest in determining how to maximize the benefits of using individual or combinations of media [18].

Brown and Liedholm conducted a quantitative study on the student preference in using online learning resources based on the learner’s three cognitive styles: 1) visual versus verbal; 2) active versus reflective; and 3) concrete versus abstract. They assert “Generally speaking, students vary in their cognitive or learning styles and therefore would benefit from teaching techniques that appeal to their individual styles” [4]. In their study, they collected data from a business economics course in a traditional class format, which is theory and concept-driven, and based on reading and lecturing plus online learning resources. They found that students valued the streaming video lecture the highest and the classroom lecture the next. They also found that the students’ cognitive styles correlated with the values of different kinds of resources, but students’ GPA was not related to the value of any of the resources. They concluded that the blended course is more effective than the traditional course because it has more options and learning resources to support the students [4]. Ke and Carr-Chellman assert that the solitary learner’s preference and the social learner’s preference might not differ in their perspectives on the learning situation. The solitary learner in an online collaborative learning environment prefers internal interaction, collaboration in an independent manner, and interaction academically rather than socially [20]. The learner’s preference of the online learning resources is an indicator of their interaction effectiveness from the perspectives of the learner. Understanding the learner’s preference for using online learning resources would enhance the design and instruction of the Internet resource-based learning activities in the eye of the learner-content interaction.

2. Methodology This study is an action research which adopts the qualitative and quantitative mixed method to collect and analyze the data for findings. The purpose of this study is to understand the learners’ preference and preference-related perspectives in the Online Top-Down Modeling Model environment in the FED 529 Computer-Based Instructional Technology class. The FED 529 course was used as a case to explore the


3

learners’ preferences in using online learning resources. The qualitative and quantitative mixed research method is regarded to better explain the process of an event and to give a more meaningful result [10]. The mixed research method draws from the strength of both qualitative and quantitative approaches, and minimizes the weakness of either in a single research study [19]. It increases the validity and reliability of the findings by allowing examination of the same phenomenon in different ways and promotes better understanding of findings [1]. Sixty-five students from four classes of the FED 529 course and the instructor, Dr. Lee, participated in this study. The data collection covered the fall semester of 2007 and the spring semester of 2008. We used interviews, observation and surveys to collect both qualitative and quantitative data, combined with descriptive statistics and Pearson’s Correlation in analysis. For some of the issues, we used graphs with SPSS to visualize the relation of the variables. We present both quantitative data and qualitative data item by item. In this way, we hope that readers will clearly understand each itemized analysis and perspective holistically.

3. Data Analysis In the FED 529 Computer-Based Instructional Technology class, the instructor, Dr. Lee, uses a course website to integrate the online learning resources into this blended class. The course website (http://myspace.aamu.edu/users/sha.li) provides, in addition to the course information and syllabus, computer-based assignment project models/samples, FAQ tutorials (including text FAQs and video FAQs), and multimedia online resources such as clip art, photos, sound clips, music background files, sample instructional websites, etc. to enhance learning. Since the class resources are online, students can access them anytime and anywhere. Integrating the course website resources in instruction can provide necessary support to the students who have unmet needs in class because of skill level, background, and possible absences—leaving no one "left behind." The teacher introduces the course website to the students during the first class of the semester and also introduces other useful website links to students, such as Marcopolo, Alex, Intel educational site, United Streaming, Alabama Virtual Library, etc. There is no forceful requirement for the students’ use of the online learning resources or what kind of resources they need to use. Students could have their own different preferences to access or use the online learning resources available to them. This study tries to find their preference tendencies and analyze the learners’ perspectives and attitudes related to their preferences of using online learning resources. There are nine major preferences found in this study.

3.1 Prefer Using the Course Website Resources vs.

Resources from Other Websites

In class, we see that students are immersed in learning the new computer skills needed to create multimedia-enhanced projects like PowerPoint presentations, web page design, flyer design, and graphics design. During their learning, students generate different needs to master the knowledge

and skills. Besides asking the teacher and classmates for help, students also frequently access the available online resources to find solutions; some of them prefer using more of the course website resources, and others prefer using more resources from other websites. Students gave survey feedback first on their own entrance computer skill level and then on their preference of using online learning resources from the course website vs. from other websites. Table 1 and Table 2 break these into percentages.

Table 1: Self–Assessed Student Skill Level

Question: As compared to the peers in class, I rate my computer skill level as

Choices N* Valid % 1. Low level 9 13.9 2. Middle level 40 61.5 3. High level 16 24.6

* N = number

Table 2: Preference for Using Course Website vs. Other Websites

Question: Your preference for using online learning resources is

Choices N Valid

% 1. I used more resources from FED 529 course website than from other websites.

28 43.1

2. I used more resources from other websites than from FED 529 course website.

8 12.3

3. I used FED 529 course website resources only. 1 1.5

4. I used other website resources only. 2 3.1

5. I used the FED 529 website and other websites equally. 26 40.0

6. I used neither website. 0 0

In Table 1, we know that the majority of the students stay in the middle level of the technology skill. In Table 2, the highest rate of the students’ preference of using online learning resource focuses on the FED 529 course website (43.1%); the next is for the use of both the FED 529 course website and other websites equally well (40.0%). While 12.3% of the students chose to use more resources from websites other than the FED 529 course website, only 4.6% chose to use either the course website only or other websites only. No one chose not to use learning resources from Internet. If we add the percent in Choice 1 and Choice 5, which emphasize the preference of using the course resources online, that is a total of 83.1%. The students’ verbal responses to this issue illustrate these trends:

• Our [class] online resources were extremely helpful. They provided the necessary help and tools to complete my assignments…. I learned a lot in a short period of time about computers.

• I think that this class made the use of the online learning resources more understandable and interesting. The website caught my attention. This site made me want to use the internet more.


4

• [It provides you] the opportunities to work at your own pace and having the resources ready available to meet your project needs.

• Using the online resources could give you the freedom to access the information at your own leisure. The student can also see an array of different kinds of information about a topic all in [one] spot. I really benefited from the course website resources as well as the other online resources during my study. But I prefer using more of the class website, because it provides information and support tied to our projects and assignments.

• The regular Internet resource websites have to be previewed in depth before using. Many sites contain too many advertisements or inappropriate materials for the intended project.

• Whenever I couldn’t remember what was said exactly, I could always online for a demonstration. I will use it for creating projects to enhance my learning.

• I feel that the online learning resources [of this course site] are very helpful. I use them to keep assignments fresh and to learn new things I may have missed in class.

• The online learning resources are well explained. It provides ample time for me to complete my assignments. I can learn and make my projects at my own pace, and experience more in-depth learning and understanding.

It is indicated that the major benefits of the resources from the course website include being very convenient, focused on class content and tasks, allow ample time for students to finish projects at their own pace, and allow students to experience more in-depth understanding and learning. The benefits of the resources from other sites include more variety of resources and a broadened vision on multimedia projects. Forty percent of the student respondents prefer retrieving resources from both the course website and the other websites as well. Three of those students' verbal responses showed their reasons:

• I like to get resources from both the class website and other websites because I would like to see more materials on how to integrate technology into specific subject areas: math, science, etc.

• I like the resources from both the FED 529 website and the online resources. Searching for information requires time and sometimes patience. Using both sources offers a broader range of choices.

• I used the FED 529 site mainly for technical things. I might use other resources if I would like to get more creative with my sounds, pictures, clipart, or other things.

It is clear that using both the course website and other websites to locate information and resources could combine

the strength of both resources, which could help students yield a higher quality learning outcome. The correlation between skill level and the preference for using the course website vs. other websites is r= -.053, p > .05. It is not significant.

3.2 Amount of Multimedia Preferred

The major characteristic of the project resources online is to provide many active multimedia features, such as sound, animation and video. Multimedia features help build interest, motivation, comprehension, retention and imagination [26]. Most students like to follow the online models as a start. They expressed their preference on following the multimedia projects and integrating multimedia features into their projects. Table 3 summarizes their preferences on this issue.

Table 3: Preference on the Degree of Multimedia Use Question: My preference to integrate multimedia features (like text, graphics, sound effects, music, animation, video, etc.) into my projects after the online models is

Answer Choices N Valid

% 1. I would like to integrate all kinds of multimedia formats, such as text, color, graphics, photos, sound, animation, video, etc.

58 89.2

2. I would like to consider using two kinds of multimedia formats. 5 7.7

3. I would like to consider using only one kind of multimedia format. 1 1.5

4. I would not consider using any multimedia (except text). 1 1.5

The survey shows the students’ highest preference is for the use of a combination of various formats of multimedia to create projects. Byrne conducted a study on the learner’s preference of educational multimedia with the use of self-directed online learning resources [7]. His study shows that students will prefer learning with some type of online multimedia resources, but their preferences vary according to their individual learning style. To understand the students’ multimedia preference related to their multimedia related learning style, we categorized the students’ multimedia related learning style to see if there is any relationship between their learning style and their multimedia preference. The students’ learning styles are shown in Table 4.

Table 4: Students’ Media Related Learning Style Question: Your learning style regarding the aid of multimedia is


% 1. I am a text-driven learner. 2 3.1 2. I am a graphic-driven learner. 21 32.3 3. I am a sound-driven learner. 6 9.2 4. I prefer all of the above media formats in learning. 36 55.4

From the table above, we can see that the number 4 choice, the preference on the use of multiple multimedia, is the highest (55.4%); the next is the number 2 choice, graphic-


5

driven preference (32.3%). After that is the number 3 and number 1 choice. So we can see that even though sound is an important factor in learning resources, graphics are much more preferred. This is similar to the study by Ross et al. that most students value integrating a variety of multimedia instead of one or two forms of multimedia [37]. The correlation between the students’ media related learning style and their multimedia preference is r= -.203, p>.05. It is not significant. We graph the Distribution of Students’ Multimedia Preference and their Media Related Learning Style as follows:

Figure 1. The Histogram of the Students’ Multimedia

Preference and their Media Related Learning Style

From the graph above, we see that the majority of the students’ preference, no matter what media related learning styles they possess, cluster around the Choice 1-All Media, a few with Choice 2-Two Media, a fewer with Choice 3-One Media, and nobody chose Choice Four-No Media. So even though the students’ multimedia preferences vary, they are not restricted by their learning styles. It seems that multimedia is a commonly shared learning preference for them to maximize achievement. This finding does not really agree with Byrne who states that learners tend to prefer learning with some online multimedia better than others, depending on their individual learning style [7]. We examined the students’ verbal feedback on this issue, which follows:

• I like to integrate multimedia features because it makes the final product look professional. It is also very interesting and fun to see many different enhancements you can attach to your project.

• Using more [multimedia] features allows your presentation to be more exciting and relayed to your audience. If a project is too simple or simply put together, it’s usually hard to get your point across without boring others.

• I think when you use multimedia in PowerPoint, for example, it keeps the attention of your audience longer than if you were not to include anything.

• I work with special need children. Some seeing, some not. I would use sound for my blind or low vision class, and graphics for the children who are seeing.

• It [multimedia] gives the students more to see than text only project. It helps you explain or demonstrate an idea. But sometimes it is hard to focus on the information if too many multimedia forms are used.

Dr. Lee also notes that when he began to teach this FED 529 class, he presented students with printout project models, such as flyers, web pages, PowerPoint presentations and graphics design. Since the creation of the course website for FED 529, the model projects all moved online. This brings all the multimedia features alive when showing model projects to the students either from the web browser or downloaded to show on the computer. Students are motivated by the multimedia functions and interested to learn with multimedia. He could not see very many learning style differences related to the preference of using multimedia in learning to create assigned projects. The possible reason for this might be the information carried by the visual, sound, animation and video has the closest representation of the real world that relates to everybody’s daily life and personal experiences. The next reason might be that the students’ computer skill level has generally increased as compared to past years. This greatly increases their ability to decode multimedia based information other than text and reduces the dependence on one kind of media such as text to receive information. Thus, their learning styles related to the retrieval of information have changed to accommodate the new information formats to be more effective.

3.3 Online Learning Resources vs. Printout Learning

Resources Preferred

The FED 529 class website has many resources to cater to the students’ needs for the content areas, anytime and anywhere. Students could view them online or download them to carry around. Those resources include syllabus, rubrics, project models, FAQ tutorials, multimedia resources (sound clips, clip art, photos, videos, sample websites, etc.) and links to other resources such as the Thinkfinity, United Streaming, Virtual Library, etc. This facilitation supports students during their learning processes. The students’ feedback on their use of the learning resources online vs. traditional printout resources is listed in Table 5. Table 5: Student Preference for Online Learning Resources

vs. Printout Resources Question: For learning resources formats used in this class, such as project models, FAQs, multimedia resources, etc., which do you prefer?

Answer Choices N Valid %

1. I prefer online learning resources 30 46.2 2. I prefer traditional printout resources 1 1.5 3. I prefer both 34 52.3 4. I prefer neither 0 0

The highest preference is number 3 for both online learning resources and the traditional printout learning resources (52.3%). The second highest preference is number one for the online learning resources (46.2%). The preference for


6

only the traditional printout resources is extremely low, (1.5%), and the preference for neither is 0%. If we put choices 1 and 3 together, both of which relate to the use of online learning resources, the total number will be 98.5%. Clearly, the resources online are the most favored by the students. The students gave their verbal feedback to further detail this:

• Putting the learning resources online gave me a wide arrange of options to choose from. It broadened my computer vision and skills. I really need those from the website, such as schedule, syllabus, models, Sounds, clipart, FAQs, and blackboard access.

• If I forget how to use a program, I would immediately access the website to get the information I needed. The printout resources are useful, but are dead. The resources online have all the multimedia features embedded, [such as] sounds, animation, vivid color, videos, and changeable features. Resources online are live ones. The printout is dead.

• I used the syllabus each week before class. I then looked at student work examples on the Internet and any teacher’s directions available there to help me prepare for class. When I look at the FAQs, I like to turn on speakers to hear the teacher’s voice, but the printout FAQs don’t have voice. It’s silent text only. But the printout is easier to read. Having an access to both online resources and a copy of the printout in hand is better.

We can see the reason that students favor the online learning resources is that resources online can keep their computer-based multimedia features “live” on computers, and also take the benefit of the Internet to reach the resources any time. The advantage of the printout resources is “easy to read.” The comparison of the features of online learning resources and the printout learning resources is listed in Table 13 in the Summary and Discussion section. 3.4 The Online Syllabus vs. the Printout Syllabus

To know about the students’ preference specifically, our survey went deeper to probe the students for their preferences in specific areas. About their preference for the syllabus in the online format and printout format, the feedback was solicited in two questions as shown in Table 6:

Table 6: Student Preference for Online Syllabus and

Printout Syllabus Question: If you have only two formats of syllabus to choose from, which do you prefer?


1. I prefer the online syllabus. 40 61.5 2. I prefer the printout syllabus. 25 38.5 Question: If you have three formats of syllabus to choose from, which do you prefer?


1. I prefer the online syllabus. 22 22.0 2. I prefer the printout syllabus. 3 4.7 3. I prefer both. 39 60.9

In the first question, 61.5% of the students prefer the syllabus online and 38.5% prefer the printout syllabus if there are only two options; in the second question, the students who prefer a printout syllabus dropped to 4.7%, while those who prefer an online syllabus becomes 22.0%, and those who prefer both formats is 60.9%, if there are three options for them to choose from. That means only 4.7% of the students prefer a printout syllabus only in any condition; all others prefer a syllabus either online or in both formats. We unfold the students’ opinions to see how they explain this in their own perspectives:

• I like it [syllabus] online because I don’t have to keep up with the hard copy. I am always on my laptop computer and find it very easy to access it. If it is a hard copy, it is just another piece of paper to keep up with and fill. It is hard to lose it online.

• I like the online syllabus because I can access it at all times from any computer.

• I prefer an online syllabus simply because it never gets lost, and it’s easy to access without long pointless searches, since I’m always on the computer. Anyway, online syllabus works better for me.

• I like it online because I have access to it wherever I was. I occasionally travel, and I could refer to it when doing homework away from home.

Those students who prefer both formats presented their reasons as follows:

• They both are effective. The online syllabus is better because a person can access the syllabus at all times.

• I like both methods of receiving a syllabus. It is always important to have a backup. It is good to have a copy online in case you lose your hardcopy. However, it can be somewhat of a hassle to have to look up assignments online. I think both are good. The online is especially good if you remember to print out a copy.

• I like both. It depends on what you are doing. Sometimes you want it to be online because it is always there. But the paper handouts are easier to read than on the Internet. You don’t have to click, click, and look around for them.

• I prefer syllabus in both areas. I’m a student who doesn’t have a printer. But a hardcopy will help me when I am at home, even though I like the online syllabus.

• In my own background I used to read only printout syllabi. I didn’t know how to type in the course web address to find it online. After one semester, I can locate the syllabus on the Internet. I use both ways to access syllabus now.


7

The students who prefer hardcopies only of the syllabus gave their opinions as such:

• I prefer a hardcopy so that I can make notes and/or changes to assignment due dates on it as the semester goes on.

• I like a hard copy because I’m often in a position without either internet or computer. I do not have time to go online. I like getting it the first day of the class.

• Hardcopy! This way, I can access it anytime and anywhere without technical difficulty.

In summary, students find that the advantages of the online syllabus are its convenient access, easy to use when traveling around, and keeping the syllabus from being lost. The students who like the syllabus in both online format and printout format state that having access to both formats of the syllabus is more beneficial and flexible. You can take advantage of both. But the students who prefer the printout format of the syllabus indicated that a hard copy is good for keeping notes and marking the changes of the assignment due dates, if any. It is useful when you have no access to Internet or computers, or hope to stay away from technical frustration. The positive aspect of this class is that it provides both syllabus possibilities: online format and printout format (students could print out the syllabus in the lab or at home from the Internet).

3.5 Preferring Viewing Project Models Online vs. Printout Project Models

The project models provided online are an important component in the Online Top-Down Modeling Model. To know how effective the online models are to the students, we probe the students for their feedback as follows:

Table 7: Student Preference for Online Projects vs.

Printout Projects Question: When viewing previous students’ project models/samples, you prefer


1. Viewing them online. 35 53.8 2. Viewing them in printout. 0 0 3. Viewing them in both of the above formats. 30 46.2

The data shows that 53.8% of the students prefer project models online; 46.2% of the students prefer both formats; and 0% of the students prefer project models in printout. The correlation between the student skill level and their model format preference is r= -.163, p<.05. It is not significant. The graph of the relation between the skill level and the model format preference by the percent of the cases is as follows: From the above graph (figure 2), we see that the line slopes of the high level and low level regarding the preference of the use of the models online and both online/printout formats go in opposite directions, while the middle level stays horizontal. Students’ verbal responses to this issue further illuminate these preferences:

Figure 2. The Student Skill Level and Preference for Online Models vs. Printout Models. (Option 2 for the printout format is omitted because it has 0 people selected)

• Every resource on the FED 529 course website has helped me or motivated me to learn in some sort of way. I am glad I had to take this class because it increased my computer knowledge and gave me examples of work presented by others.

• I like the online models projects. For example, the flyer project model. When I open it, I just see different layout and design. I got an idea what other people did, how they did it, what color they used. It helps me spark my idea to work on my own project out.

• If showing me only the printout model projects, many things I cannot grasp completely. Because I cannot fully understand without animation, music playing, formation of the multimedia components like animation path and sequencing. These features are only functioning when they are playing on computers or on Internet.

• The resources on the FED 529 course website are a wonderful guide. Honestly, I would get lost without many of the examples. I kept them minimized [with Internet browser] while I was working [on my computer].

It is obvious again that the multimedia features are the main attraction to produce good computer-based projects. But the majority of those features are only functioning on computers or on the Internet, not on paper printout. That is why students prefer them online or in both formats, instead of printout only.

3.6 Preferring Format of Text FAQ vs. Video FAQ

The FAQs are actually tutorials provided on the FED 529 course website for students to learn how to make new projects. There are two kinds: the text FAQ and the video FAQ. The text FAQ is the text tutorial and the video FAQ is a screen captured video tutorial. It is made with Windows Media Encoder, something like Comtasia screen capture. Windows Media Encoder is a freeware provided by Microsoft Company. The students’ data feedback on the use


8

of the FAQ formats is solicited through two questions. They are shown in Table 8.

Table 8: Students’ Preference for Text FAQ vs. Video FAQ

Question: If you want to use FAQs to learn a new project and you only have two options, which do you prefer? Answer Choices N Valid % A. I prefer using text FAQs. 6 40.6 B. I prefer using video FAQs. 39 59.4

Question: If you want to use FAQs to learn a new project and you have three options, which do you prefer?

Answer Choices N Valid % A. I prefer using text FAQs. 13 20.0 B. I prefer using video FAQs. 16 24.6 C. I prefer both 36 55.4

In the first question of Table 8, the feedback shows that 59.4% of the students prefer using video FAQs, while 40.6% of the students prefer using text FAQs, if there are only two options provided. Then the condition breaks down from providing two options into three options in the second question. The responses to the second question show that 55.4% of the students prefer using both formats of FAQs, 24.6% of the students prefer using video FAQs, and 20.0% of the students prefer using text FAQs. For the first question, if two options are provided, r=-.165, p>0.05. The correlation is not significant. For the second question, if three options are provided, r= -.047, p>.05. The correlation is not significant either. Then we graph the two correlations by the percent of the cases with SPSS in the following two figures. If only two options are provided, we can see in the graph that the low technology level students have a sharp tendency to use the video FAQs and not to use text FAQs at all; the middle technology level students have a similar tendency of using more of the video FAQs and less of the text FAQs. Only the high technology level students have a tendency to use more of the text FAQs and less of the video FAQs.

Figure 3. The Relation between the Skill Level and the 2 FAQ Options

If we merge the low level student’s tendency line with the middle level student’s tendency line, it would be even clearer that the high technology level students’ and the lower level technology students’ FAQ use tendency lines go to the opposite direction.

Figure 4. The Relation between the Skill

Level and the 3 FAQ Options

In Figure 4, we can see that if three options are provided, the high skill level students have the highest level of preference for using text FAQs as compared to the other students, a low level of using video FAQ, and a high level of using both formats of FAQs. The low skill level students have the highest level of preference for using both formats and lowest level of using text FAQ. The middle level students have a relative high tendency of using both formats of the FAQs and relative low tendency of using the text FAQ. In class, it was also observed by Dr. Lee that there was some difference in learning style between the low technology level students and the high technology level students. The low level students usually are more dependent on the tutorials if they cannot get the teacher’s on-screen illustration, and they would take more time to view and follow the online FAQ tutorials step by step to learn a new project; the high level students preferred to spend less time viewing the online FAQ tutorials if needed, but they were more independent in producing their own projects. The low level students preferred viewing more video FAQs online, while the higher level students preferred viewing more text FAQs online. Two low level students gave the following explanations:

• I used more of the video FAQ than text FAQ to learn, [because] It takes me less time to understand what we’ll do and how by viewing the projecting processes on a video. I just follow it. I can view it again and again if I still do not quite understanding.

• I didn’t know PowerPoint, [and] Microsoft Word. I haven’t enough experience. But now I know how to do things like web page, and Excel grade book, too. I used resources online a lot. I missed classes, so I had to go in looking at the available resources. Such as, I used video FAQ for [catching up with] webpage design. That works real good for me.

And a higher skill level student gave us another story: • (The) text FAQ is enough for me. I already

have a very good background with computers. I can understand what it says in the text description. I browse text faster than viewing a video.

From here we can see that low level students are more dependent on the visually presented tutorials that guide them on a computer screen throughout the process of


9

creating a new project, while the higher level students are more independent of the visually presented tutorials to learn a new project. It is easier for them to decode the hands-on learning guidance out of a text tutorial with their rich experience and knowledge. But the instructor states that during an open-note quiz or test, it is different. The high level students have no difficulty creating a project for a quiz, while the low level students preferred downloading a text FAQ to bring into a quiz where referring to notes was allowed; when faced with a time limit, viewing a video FAQ takes longer than viewing a text FAQ. More notably, the low level students become more familiar with creating the tested projects now than at the time they started to learn them as new projects. Their tutorial preference has changed at this point. This is also supported by one student's comment:

I used more of the video FAQs when I started this class. But I find that the text FAQs equally helped me later on. Because I get more familiar with the terms used in the text FAQ. I can understand them now. So I am using both.

A few students mentioned in the interview that they did not use FAQs to learn their projects because they thought that their technology experiences were good enough and the teacher’s in-class instruction presented enough for them to go by. One student said,

I have never used FAQs. I think I am real well on the basics of technology. I have no difficulty to finish project assignments in class. On the other hand, I don’t have to stay on the top of technology. I don’t have to catch up with everything. Finishing my course requirement is what I currently want.

So we can see that this student preferred avoiding using FAQs because he/she thought that he/she already had a good background in one way, and just expected to meet the basic requiremenst for the assigned project in another. As you know, manipulating the higher level skill for a creative project design requires more self-efficacy and unique creativities. But those were not covered in the FAQ tutorials which start only from the basic required skills. To test and really see how dependent or independent the students are of the video FAQ, one day Dr. Lee asked the whole class of students to learn a new project on their own with the aid of the FAQs only, without the teacher’s on-screen illustration. It turned out that the majority of the students, more or less, resorted to the video FAQs a lot, regardless of their skill levels. So we can conclude that the first visual experience is important for every beginning learner. Those who usually prefer using text FAQs instead of video FAQs to learn a new project have actually gained related visual experiences (including physical experiences) in advance in that specific area. If they don’t, they also prefer to gain the first visual experience when they start learning a new project. The next finding is that Preferences 5 and 6 have interesting results. That is, regarding the online model formats in Preference 5, the high technology skill level students have an extremely high level of preference for using online models and an extremely low level of using both online and printout formats; while the low technology skill level students have a relatively lower level of using online model

projects and a relatively higher level of using both online and printout formats. The middle level students have a tendency of using online models and both online models and printout models equally well. Nobody prefers using printout models only. Regarding the format of online FAQs in Preference 6, the high technology skill level students have a higher tendency of preference for using more printout format and less video format, while the middle and low level students have a higher tendency of preference for using more video FAQs and less text FAQs.

3.7 The Preferred Sequence of Viewing Models vs. Learning New Tools

Learning activity is in a sequential process (Bennett, 1999). In the Online Top-Down Modeling Model setting, showing students the model projects is a necessary procedure before teaching a new project. It is beneficial to know which sequence is better for students to reach the best learning efficiency. We asked students whether the teacher should show them the online model first or show them new program tools/features first, like the tools/features in Word, PowerPoint, Excel, Access, Paint, webpage design, etc. to meet their sequential preference. The students’ responses are shown below:

Table 9: Student Preference for Sequence of Model and Tool Exposure

Question: When the teacher starts showing me a model project before teaching us about that project, I would like the teacher to show me in the sequence of

Answer Choice N Valid

% 1. First show me the model project -- then teach me how to use the program tools/features -- then let us work on our project.

50 76.9

2. First teach me how to use the program tools/features -- then show me the model project -- then let us work on our project.

13 20.0

3. First let us work on our project -- then teach me how to use the program tools/features -- then show me the model project.

1 1.5

4. First let us work on our project -- then show me the model project -- then teach me how to use the program tools.

1 1.5

In the survey feedback, 76.9% of the students prefer viewing project models first and then learning the new program tools and work on the project, while 20% of the students prefer viewing the program tools/features first and then watch the models and begin working on the new project. This verifies that the learning sequence of the Online Top-Down Modeling Model fits the majority of the learners’ sequence preference, which provides the students with model projects first and then engages the learners in learning new features and tools when working on the new projects. Students voiced the perspectives behind their preferences:

• I want to see the models first because I want to see what I am to be doing. I am a visual learner, so it’s important for me to see it first,


10

and I get a better understanding. It would be more difficult if you show tools first for me to learn…. It just easier for me to understand when I actually see it being used as apposed to just being told to do it.

• It’s pretty cool to see in result that you can do that…. I just like to say I like to see the models first. It was difficult when you’re telling me, and teaching it. When I see it, you know, it feels more exciting and more interested to start doing.

• I think it’s good to see the models first because you can see exactly [what] the capabilities are. And then when you show the tools, you have an idea in your head already and what to do with those tools.

• I like to see the models first, because it gives you ideas of what to come. I just prefer to visualize before I actually use it. It helps me feel motivated. Those models are excellent. They helped me very much…. If you have to explain it, and show us later, I wouldn’t catch on to the very end. I am a visual learner. It just takes me longer to catch on. And I think if you show me what I could create, it makes more fun, it makes more sense, it makes more exciting, and more memorable….

One low level student told us his preference: • I am a beginner with computers. I am not

familiar with most of the program tools. I would like to see tools first and models second. If I can see tools first, it would be better for me to relate the tools to how the models were created [with them]. But if I see models first, it will be difficult for me to relate the models to each specific tool and how to create the project with those tools. But another low level student had a different vision; he said:

• I am not good at computers at all. For me, I would like to see the models first at the start. The models you showed us from Internet are interesting and well made. It makes me interested to learn computers, and do the project we are supposed to learn. While I am learning to make the project, I will learn the tools also.

This suggests that if the teaching sequence conforms to the learner’s sequence preference, it’s more motivating, interesting, and memorable. Otherwise, it would be confusing and affect understanding, memory of what has been shown and how to do the task. To fix this issue to meet all learners’ needs in the sequence of showing models, the teacher usually adopts a flexible strategy. For some of the projects, he would show models first if this involves students more effectively. For others, he might show tools/features first—especially when those programs are new to the majority of the learners—leaving options for them to view tools or models on their own after the teacher’s demonstration, taking advantages of the strength of the Online Top-Down Modeling Model.

3.8 Preferring Viewing High Quality Model Projects vs. Lower Quality Model Projects

Exposing students to a learning outcome first is effective to start students on a new project-based learning task [32]. There are many previous student model projects on the course website to be displayed to the students when they start to learn to make that kind of project. But the quality of the model projects online is an issue among people. Traditionally, teachers like to show the high quality project models to the students as guidelines and criteria when they start learning a new project. But as observed, some of the students uttered their discomfort when they were first exposed to a high quality model project. With this issue, we posted a question in the survey to solicit feedback from students:

Table 10: Student Preference for Viewing High Quality Model Projects vs. Lower Quality Model Projects When the teacher displays a new model project to you before you learn to make that project, what quality project do you prefer?


% 1. I like the high quality, excellent models. 25 38.5

2. I like both high quality and lower quality models. 39 60.0

3. I like the lower quality models. 1 1.5 The survey shows that the students’ preference for the quality of the online project models varies. From Table 10, we can see that 60.0% of the students like to view both high quality and lower quality project models on the class website; while 38.5% of the students like to view the model projects of high quality. Only 1.5% (one student) prefers viewing the model projects of lower quality. The correlation between the students’ skill level and the model quality preference is r=.029, p>.05. It is not significant. We graph the distribution of the student computer skill level and their preference for the quality of the project models by the percent of the cases below:

Figure 5. The Histogram of Different Computer Skill Levels related to Model Quality Preferences

From Figure 5, the students of different skill levels are virtually spread around among the first choice and the second choice, excepting the third one. But relatively more low level students prefer high quality project models, more middle level and high level students prefer both high quality


11

and lower quality models, and only a small portion of the low level students prefer lower quality models. This graph displays that the majority of the students have a self expectation for aiming at the high quality projects but prefer a broadened vision of the model projects at varied quality levels. There are still a small number of the low level students who prefer viewing the lower quality project models. Probably students like them need a period of transition from being exposed to lower quality models to high quality models, depending on development of their knowledge and skills. To understand how students feel about the quality of the project models, we solicited verbal responses through interviews, which follow:

• The high quality model projects inspired me. I just got excited to see PowerPoint projects can be so beautiful and impacting. It has so many functions and can do many things. When I see them, I really want to learn those skills. I think my students will like them, too.

About the lower quality projects, student responses varied:

• It kind of helps you know what’s going on. If you look at something you don’t like, you say, “OK, I can do something better. That’s not a good thing to do.” And you feel how you could do it a different way.

• If I see only highly excellent projects, I would get scared. I am a slow learner. I would like to start seeing the lower level projects first. That would be close to my level. I might like higher quality ones in a later time.

Students who prefer both high quality and lower quality project models used their own judgment to evaluate the projects when both higher quality projects and lower quality projects were provided:

• Well, [I] like this one better than that. I don’t think this is eye-catching as the other one. You see its Christmas looking, and this is February. So I don’t think those two things go together.

The lower level students had more concerns and anxiety when they started each new project. They felt a pressure when they saw the previous students’ model projects:

• I am intimidated to see those projects. They are excellent. I am afraid I am far behind them [and I] cannot pass this class. My technology is pretty low. A lot of students in this class are not at the same level to use technology. I am concerned.

• I feel I just cannot do so many things at a time. There are a lot to learn. We are overwhelmed by those new features and skills we don’t know.

In conclusion, the learning process is both a growing process and a changing process. Students start learning from their different starting points. Both high quality models and lower quality models are beneficial to the students of this class. In the design of the model resource online, we need to hit the point of providing some of the lower quality project models along with the higher quality project models to

model the hands-on learning process to meet the students’ needs at various levels. A. 3.9 Preferring Sharing Online Learning Resources vs. Personal Use of Online Learning Resources

As Wolf said regarding the Big Six Skills [44]), the information literacy skills include using and sharing the information for scaffolding each other in brainstorming and problem solving. Sharing learning resources/information is a required component in class. Teamwork is assigned to develop students’ skills of collaboration. The instructor encourages students to pool their efforts and information for learning tasks. Students’ responses about this issue are in Table 11: Table 11: Student Preference for Sharing Online Learning Resources vs. Personal Use of Online Learning Resources

Question: My general preference for sharing online learning resources and information is


% 1. I like to share my resources/information among peers and also like to share other people’s.

62 95.4

2. I don’t like to share my resources/information among my peers and don’t like to share other people’s. I just like to work things out on my own.

2 3.1

3. I only want to get resources/information from other people but don’t like to let other people share mine.

1 1.5

4. I only give other people what I get but don’t like to get resources/information from other people.

0 0

Over 95% of the students prefer the shared use of the resources/information. In class, the students made effort to discuss, brainstorm, and share the information, resources, and experiences while trying to increase the quality of their project. When they were presenting their final projects for class evaluation, students often asked the presenters how to find the resources like content subjects, sound clips, photos, videos and even narrations. The presenters were not only presenting their final projects, but also introducing their ways of finding those online resources and how to screen resources for their projects. The students offered feedback about their shared use of resources and information:

• One strength of this class is the idea of “class as a family" and team work. I have learned new things from collaboration with others in the class. I have never used MyLabSchool.com before. Jane told our group about that. We retrieved something from that website, and it works great.

• I learned lots on the PowerPoint projects from Shiena and Jennifer. We shared the PowerPoint FAQs and experimented with the animation motion path. I also learned some of the things that the instructor says we might easily miss, such as hiding the sound icon in PowerPoint slide show and sequence the animated objects in animation advanced time line. Without my classmates


12

reminding me, I might miss some of those important areas.

• The discovery learning was by trial and error. I learned quickly what didn't work and sometimes took the "long way" to get back on track! I really learned a lot from my teammates and others in the class. The discussions and collaborations allowed deeper understanding for subject matter.

• There was the exact amount of discovery, cooperative and self-actuated learning. This was helpful in the experience needed to be successful in class. It tastes delicious! 1. Discovery learning--it's exciting to learn by doing; 2. Cooperative learning -- I learned from my partner in doing our projects; 3. Brainstorming--we brainstormed in ideas before we started our projects; 4. Constructivist learning -- we learned by searching, doing, and creating.

The majority of the students could understand the importance of sharing the online resources/information and work together to enhance their learning outcome and project quality. Using people’s resources and wisdom to achieve a common goal is a necessary competency. This class provides the opportunity to let students experience and share the information and to prepare them to be ready for teaching in the Information Age. The last survey question in Table 12 checks for students’ attitude change toward using the online learning resources. This survey response shows that 87.7% of the students’ attitudes (including Choice 1 and Choice 2) have changed Table 12: Students’ Response about their Attitude Change

Question: After this FED 529 class, your attitude toward using online learning resources is


% 1. My attitude has changed from bad to good. 14 21.5

2. My attitude has changed from good to better. 43 66.2

3. My attitude remains the same. 7 10.8 4. My attitude has changed to worse. 1 1.5

either from bad to good or from good to better; 10.8% remains the same; while only 1.5% (one person) reported that his/her attitude had changed to worse. The 10.8% of the people who choose Choice 3 are probably those who already have a good or bad attitude but no change in this semester. Since this survey is anonymous, we did not find a chance to ask those who chose Choice 3 and Choice 4 to identify the exact problems for analysis. But the overall evaluation of the students’ attitude toward using online learning resources is in a “gaining” process instead of a “failing” process. Meanwhile, students voiced their high preference of the online learning resources because of their “live” multimedia features as opposed to the “dead and silent” printout resources. Table 13 is a comparison of the tallied benefit points of multimedia features of online learning resources vs. printout learning resources in this class. The total effective feature point ratio between the online learning resources vs. printout resources is 198:56, and the average point ratio is 14:4. From this comparison, it is clear

that the online learning resources have a much higher advantage level over the printout learning resources. This partly accounts for the reason why more students prefer using online learning resources. The positive side is that more and more students are accustomed to the use of computers, and their technology barrier is diminishing while they build up more experiences to retrieve resources online, and that their multimedia awareness is increasing through the learning process. 4. Discussion and Conclusion

This study has yielded some impressing findings regarding the learners’ preferences and perspectives in using online learning resources in the Online Top-Down Modeling Model environment. For example, more of the students prefer the online model projects to contain both high quality and lower quality examples to meet the students’ varied needs. Most teachers might think that the model projects are the expectation and criteria for the learners’ outcome, so they usually pick the highest quality projects as project models for students. They might be gratified with their well-developed course website but overlook the fact that the students’ backgrounds are not the same, and their starting points are different. Their needs and self-expectation toward learning a new project are different. According to the Bloom’s Taxonomy, the learning process is a gradual development, from lower level to higher level [5]. In developing the online learning resources, we still need to follow those guidelines, making the online learning resources an attractive component to involve learners instead of scaring the learners and increasing their learning anxiety at the starting point [11]. The next interesting finding is that the majority of the students like to have a syllabus as both an Internet and printout resource. Since we provided the course resources online, whenever students ask the teacher for course materials, the answer is often “They’re on the website.” The teacher might think that since the learning resources are already online, available anytime and anywhere and the learner’s needs are met. But the students’ responses suggest that the students’ needs might not be gratified by only one format of resources, possibly because of the fact that some of them are not familiar with the Internet, or don’t have a convenient access to the website. The access to a copy of the hardcopy syllabus is still necessary, even though students are placed in an online resource-ready environment. It reflects the students’ preferences during their switch between their uses of the two formats of learning resources, online learning resources vs. printout resources. It is the fact that even though learning occurs in the information rich Internet-assisted learning environment, traditional resources are still a necessary component for learners. The findings of this study could enlighten the teachers who try to design learning resources online to enhance the effectiveness of instruction in traditional and non-traditional classes to expect successful outcome among the learners at various levels.

The brief outline of this article was shown as a research brief in the Quarterly Review of Distance Education 10(3).


13


14

References

[1] Anonymous, “Benefits of a Mixed-Method Approach to Data Collection,” http://www.k12coordinator.org/onlinece/onlineevents/presentingdata/id91.htm

[2] C. Armatas, D. Holt, M. Rice, “Impacts of an Online-Supported, Resource-Based Learning Environment: Does One Size Fit All?” Distance Education, 24(2), 141-158, 2003.

[3] C.I. Bennett, Comprehensive Multicultural Education: Theory and Practice, (5th Ed.), Pearson Education, Inc., New York, 1999.

[4] B.W. Brown, C.E. Liedholm, “Student Preference in Using Online Learning Resources,” Social Science Computer Review, 22(4), 479-492, 2004.

[5] B.S. Bloom, Taxonomy of Educational Objectives, Handbook I: The Cognitive Domain, David McKay Inc., New York, 1956.

[6] D.M. Buss, H. Greiling, “Adaptive Individual Differences,” Journal of Personality, 67, 209-243, 1999.

[7] D. Byrne, “A Study of Individual Learning Styles and Educational Multimedia Preferences: an Experiment Using Self-Directed Online Learning Resources,” http://www.computing.dcu.ie/~mfarren/denice.PDF

[8] B. Cleaver, “Thinking about Information: Skills for Lifelong Learning,” School Library Media Quarterly, 16(1), 29-31, 1987.

[9] R. Collins, “Students Speak, Teachers Hear: Evaluating The Use of ICT in Curriculum Delivery,” http://www.det.wa.edu.au/connectedlearning/presenters_concurrent_presenters.html

[10] J.W. Creswell, Research Design: Qualitative, Quantitative, and Mixed Methods Approaches (2nd Ed). Sage Publications, Thousand Oaks, CA, 2003.

[11] D.L. Coutu, “Edgar Schein: The Anxiety of Learning - The Darker Side of Organizational Learning,” http://hbswk.hbs.edu/archive/2888.html

[12] P. Cull, (1991). “Resource-Based Learning: a Strategy for Rejuvenating Canadian History at the Intermediate School Level,” ERIC No. ED 343 829.

[13] U.D. Ehlers, “Quality in E-Learning from a Learner’s Perspective,” http://www.eurodl.org/materials/contrib/2004/Online_Master_COPs.html

[14] R. M. Felder, “Matters of Style,” http://www.ncsu.edu/felder-public/Papers/LS-Prism.htm

[15] R. M. Felder, R. Brent, “Understanding Student Differences,” Journal of Engineering Education, 94(1), 57-72, 2005.

[16] J.R. Hill, M.J. Hannafin, (2001). “The Resurgence of Resource-Based Learning,” Educational Technology, Research and Development, 49(3), 37-52.

[17] A. Irving, Study and Information Skills across the Curriculum. Heinemann, Portsmouth, NH, 1985.

[18] L. Jensen, “Interaction in Distance Education,” http://seamonkey.ed.asu.edu/~mcisaac/disted/week2/7focuslj.html

[19] R. B. Johnson, A.J. Onwuegbuzie, “Mixed Methods Research: a Research Paradigm Whose Time Has Come,” Educational Researcher, 33(7), 14-26, 2004.

[20] F. Ke, A. Carr-Chellman, “Solitary Learner in Online Collaborative Learning: a Disappointing Experience?” Quarterly Review of Distance Education, 7(3), 249-265, 2006.

[21] D.F. Kohl, L.A. Wilson, “Effectiveness of Course-Integrated Bibliographic Instruction in Improving Coursework,” Reference Quarterly, (26)2, 206-11, 1986.

[22] D.A. Kolb, Experiential Learning: Experience as the Source of Learning and Development, Prentice-Hall, Englewood Cliffs, NJ, 1984.

[23] C.C. Kuhlthau, (1993). Seeking Meaning: A Process Approach to Library and Information Services. Ablex Publishing, Norwood, NJ, 1993.

[24] R.B. Kvavik, “Convenience, Communications, and Control: How Students Use Technology. Educating the Net Generation,” http://www.educause.edu/books/educatingthenetgen/5989

[25] R. Laddaga, A. Levine, P. Suppes, “Studies of Student Preference for Computer-Assisted Instruction with Audio,” http://suppes-corpus.stanford.edu/display_article.html?articleid=225

[26] S. Li, D. Liu, “The Online Top-Down Modeling Model,” Quarterly Review of Distance Education, 6(4), 343-359, 2005.

[27] R.E. Mayer, “Multimedia Learning: Are We Asking the Right Questions?” Educational Psychologist, 32, 1-19, 1997.

[28] R.E. Mayer, R. Moreno, “A Cognitive Theory of Multimedia Learning: Implication for Design Principles,” http://www.unm.edu/~moreno/PDFS/chi.pdf

[29] M.G. Moore, Three Types of Interaction. In M. R. Moore & G. C. Clark (Eds.), Readings in Principles of Distance Education. Pennsylvania State University, University Park, PA, 1989.

[30] P.A. Moore, “Information Problem-Solving: a Wider View of Library Skills,” Journal of Contemporary Psychology, 20(1), 1-31, 1995.

[31] G.R. Morrison, S.M. Ross, J.E. Kemp, Designing Effective Instruction, (4th Ed.), John Wiley & Sons, Inc., Danvers, MA, 2004b.

[32] G. Morrison, F. Clark, D.L. Lowther, Integrating Computer Technology into the Classroom (3rd Ed.), Prentice Hall, Upper Saddle River, NJ, 2004a.

[33] J. Neill, “Personality & Individual Differences,” http://www.wilderdom.com/personality/index.html

[34] J.V. Peluchette, K.A. Rust, “Technology Use in the Classroom: Preferences of Management Faculty Members,” Journal of Education for Business, 80(4), 200-205, 2005.

[35] M.J. Reid, “The Learning Style Preferences of ESL Students,” TESOl Quarterly, 21(1), 87-110, 1987.

[36] L.B. Resnick, Education and Learning to Think. National Academy Press, Washington D.C., 1987.

[37] S.M. Ross, L. Smith, M. Alberg, D.L. Lowther, Using Classroom Observations as a Research and Formative


15

Evaluation Tool in Educational Reform: the School Observation Measure. In S. Hilberg & H. Waxman (Eds.), New Directions for Observational Research in Culturally and Linguistically Diverse Classrooms (p. 144-173). Center for Research on Education, Diversity & Excellence, Santa Cruz, CA, 2004.

[38] I. Schon, K.D. Hopkins, J. Everett, B.R. Hopkins, “A Special Motivational Intervention Program and Junior High School Students’ Library Use and Attitudes” Journal of Experimental Education, 53, 97-101, 1985.

[39] S.E. Smaldino, D.L. Lowther, J.D. Russell, Instructional Technology and Media for Learning (9th ed.). Prentice Hall, Upper Saddle River, NJ, 2008.

[40] B.K. Stripling, “Learning-Centered Libraries: Implications from Research,” School Library Media Quarterly, (23)3, 163-170, 1995.

[41] R. Todd, C. McNicholas, “Integrated Skills Instruction: Does It Make a Difference?” School Library Media Quarterly, 23(2), 133-138, 1994/1995.

[42] Wikipedia Foundation. “ Learning styles: Models and Theories” http://en.wikipedia.org/wiki/Learning_styles

[43] S.S. Wilbert, A Study of Competency-Based Instruction to Determine Its Viability as a Technique for Teaching Basic Library Skills to A Selected Sample of Seventh Grade Students, Ph.D. Dissertation, Wayne State University, Detroit, 1976.

[44] S. Wolf, “The Big Six Information Skills as a Metacognitive Scaffold: A Case Study,” School Library Media Research, 2003. http://www.ala.org/ala /aasl/aaslpubsandjournals/slmrb/slmrcontents/volume62003/bigsixinformation.cfm.

Author Profile

Sha Li received his doctoral degree of educational technology from Oklahoma State University, 2001. His research interests are in E-learning in the networked environment, distance education, multimedia production, and instructional design with technology. He is also an

instructional design facilitator for the local public school systems.


16

An Adoptive Algorithm for Mining Time-Interval Sequential Patterns

Hao-En Chueh1 and Yo-Hsien Lin2

1Department of Information Management, Yuanpei University,

No.306, Yuanpei Street, Hsinchu 30015, Taiwan, R.O.C. [email protected]

2Department of Information Management, Yuanpei University, No.306, Yuanpei Street, Hsinchu 30015, Taiwan, R.O.C.

[email protected]

Abstract: An adoptive algorithm for mining time-interval sequential patterns is presented in this paper. A time-interval sequential pattern is a sequential pattern with time-intervals between successive itemsets. Most proposed algorithms use some predefined non-overlap time partitions to find the time-intervals between successive itemsets, but a predefined set of non-overlap time partitions cannot be suitable for every pair of successive itemsets. Therefore, in this paper, the clustering analysis is used first to generate the suitable time-intervals for frequent occurring pairs of successive itemsets. Next, the generated time-intervals are used to extend the typical sequential patterns mining algorithms to discover the time-interval sequential patterns. Finally, an operator to obtain the time-interval of a subsequence of a time-interval sequential pattern is also presented.

Keywords: Adoptive algorithm, Time-Interval, Sequential Pattern, Clustering Analysis

1. Introduction Data mining is usually defined as the procedure of discovering hidden, useful, previously unknown information from large databases. The common data mining techniques include classification, clustering analysis, association rules mining, sequential patterns mining and so on. Sequential patterns mining introduced by Agrawal and Srikant (1995) is the task of finding frequently occurring patterns related to time or other sequences from a given sequence database [1]. It is widely used in the field of retail business to assist in making various marketing decisions [3, 5, 7]. An example of a sequential pattern is “A customer who bought a digital camera will buy a battery and a memory card later”.

Up to now, many algorithms have been proposed [1, 4, 6, 9] for mining sequential patterns, however, most of these algorithms only focus on the order of the itemsets, but ignore the time-intervals between itemsets. In business field, actually, a sequential pattern which includes the time-intervals between successive itemsets is more valuable than a sequential pattern without any time information. An example of a sequential pattern with time intervals between successive itemsets is “A customer who bought a digital camera will return to buy a battery and a memory card within one week”. Clearly, the time-intervals between itemsets can offer the retail business more useful information to sell the appropriate products to their

customers at the right time. Therefore, recently, some researches start to propose algorithms for discovering the sequential patterns with time-intervals between successive itemsets, this kind of pattern is called time-interval sequential pattern [2].

To discover the time-interval sequential patterns, many researches adopt some predefine non-overlap time partitions, and assume that the time-intervals between successive itemsets of the frequently sequential patterns can fit into one of the predefined time partitions.

However, a predefined set of non-overlap time partitions cannot be suitable for every pair of successive itemsets. Therefore, generating the suitable time partitions for every pair of successive itemsets directly from the real sequence datasets is more reasonable. Accordingly, in this paper, we present an adoptive algorithm to discover the time-interval sequential patterns without using predefined time partitions. This algorithm uses clustering analysis to automatically obtain suitable time-intervals between frequent occurring pairs of successive itemsets, and then uses these time-intervals to extend typical sequential patterns mining algorithms to discover the time-interval sequential patterns.

The rest of this paper is organized as follows. Some researches related to time-interval sequential patterns are reviewed in section 2. The proposed time-interval sequential patterns mining algorithm is presented in section 3. A example is displayed in section 4. The conclusion is given in section 5.

2. Time-Interval Sequential Patterns Sequential patterns mining is defined as the task of discovering frequently occurring ordered patterns from the given sequence database. A sequence is an ordered list of itemsets. Let },......,,{ 21 miiiI = be a set of items,

,, 21 ssS =< >ks......, is a sequence, where Isi ⊆ is called an itemset. Length of a sequence means the number of itemsets in the sequence, and a sequence contains k itemsets is called a k-sequence. The support of a sequence S is denoted by supp )(S and means the percentage of total number of records containing sequence S in the sequence database. If


17

supp )(S is greater than or equal to a predefined threshold, called minimal support, than sequence S is regarded as a frequent sequence and called a sequential pattern.

Many algorithms have been proposed to discover sequential pattern [1, 4, 6, 9], and most algorithms only focus on the frequently occurring order of the itemsets, but ignore the time-intervals between itemsets. The time-intervals between successive itemsets, in fact, can offer useful information for business to sell the appropriate products to their customers at the right time. Due to the value of the time-intervals between successive itemsets, many algorithms for mining various sequential patterns with time-intervals between successive itemsets have been proposed [2, 8, 10, 11].

Srikant et al. [10] utilize three predefined restrictions, the maximum interval ),( intervalmax − the minimum interval

),( intervalmin − and the time window size )( sizewindow− to find sequential patterns related to time-intervals. The discovered sequential pattern is like )),,(),,(( DCBA where

),( BA and ),( DC are two subsequences of )).,(),,(( DCBA The −max interval and intervalmin − are respectively used to indicate the maximal time-interval and the minimal time- interval within subsequence. The sizewindow − is used to indicate the time-interval among subsequences. Assume that the intervalmax− is set to 10 hours, the

intervalmin − is set to 3 hours, and the −window size is set to 24 hours, then the time-interval between A and B lies in ]10,2[ , the time- interval between C and D also lies in ]10,2[ , and the time- interval between ),( BA and ),( DC lies in ]24,0[ .

Mannila et al. [8] use a predefined window width )(win to find frequent episodes in sequences of events, and the discovered episode is like ).,,( CBA Assume that the win is set to 3 days, then the episode ),,( CBA means that, in 3 days, Aoccurs first, B follows, and C happens finally.

Wu et al. [11] also utilize a window )(d to find the sequential pattern likes ),,,( CBA such that, in the sequential pattern ),,,( CBA the time-interval between adjacent events is within d . Assume d is set to 5 hours, then the discovered pattern ),,( CBA means that A occurs first, B follows, and C happens finally; the time-interval between A and B , and the time-interval between B and C are

both within 5 hours.

Chen et al. [2] use a predefined set of non-overlap time partitions to discover potential time-interval sequential patterns, and the discovered pattern is like ),,,,,( 20 CIBIA where 20 , II belong to the non-overlap set of time partitions. Assume that, 0I denotes the time-interval t satisfying

10 ≤≤ t day; 2I denotes the time interval t satisfying 73 ≤< t days, and then the pattern ),,,,( 20 CIBIA means

that BA, and C happen in this order, and the time-interval between A and B is within 1 day , and the time-interval between B and C lies between 3 days and 7 days.

These proposed researches can discover the sequential patterns with the time-intervals between successive itemsets by using a or some predefined time partitions, but the sequential patterns with time-intervals between successive itemsets lie outside these used time ranges cannot be found yet. To solve this problem, therefore, an adoptive algorithm for mining time-interval sequential patterns without using any predefined time partitions is presented in this work. The main concept of this proposed algorithm is to generate the suitable time-intervals directly from the real sequence dataset. The algorithm first adopts clustering analysis to automatically generate the suitable time-intervals for frequent occurring pairs of successive itemsets, and then uses these time-intervals to extend typical algorithms to discover sequential patterns with time-ntervals between successive itemsets. Details of the proposed algorithm are introduced in the next section.

3. Adoptive Time-Interval Sequential Patterns Mining Algorithm

The proposed algorithm for mining time-interval sequential patterns is introduced as follows. First, some notations are defined in advance.

},......,,{ 21 miiiI = : The set of items.

>=< ni sssS ,......,, 21 : A sequence, where each Isk ⊆ .

},......,,{ 21 kSSSD = : The sequences dataset.

supp )( iS : The support of the sequence iS .

suppmin − : The minimal support threshold.

kCS : The candidate set of frequent k-sequences.

kFS : The set of frequent k-sequences.

kCTIS : The candidate set of frequent time-interval k-sequences.

kFTIS : The set of frequent time-interval k-sequences.

3.1 The proposed algorithm Step 1: Produce 1FS , the set of frequent 1-sequences.

Each items Isi ∈ is as a candidate frequent 1-sequence. A candidate frequent 1-sequence whose support is greater than or equal to suppmin − is a frequent 1- sequence, and 1FS denotes the set of all frequent 1-sequences.

Step 2: Produce 2CS , the candidate set of frequent 2-sequences. From any two frequent 1- sequences of 1FS , say

1s and 2s , where 121, FSss ∈ and ,21 ss ≠ generate 2 candidate frequent 2-sequences belong to 2CS , say >< 21 ,ss and >< 12 ,ss .


18

Step 3: Produce 2FS , the set of frequent 2-sequences. A candidate frequent 2-sequence whose support is greater than or equal to suppmin − is a frequent 2-sequence, and the set of all frequent 2-sequences is 2FS .

Step 4: Find the frequent time-intervals for each 2-sequence of 2FS . For any frequent 2-sequence of 2FS , say ,, >< qp ss all the time-intervals between ps and qs appear in D and are listed in increasing order, then the following clustering analysis based steps, Step 4(a), Step 4(b) and Step 4(c) are used to obtain the frequent time-intervals.

Step 4(a): Let ],,,[),1( 21 ztttzT L= is the increasingly ordered list of the time-intervals of

., >< qp ss Let >< qp ssT , }),1({ zT= be the set of time-

intervals of ., >< qp ss The first step is to find the maximal difference between two adjacent time-intervals of

,, >< qp ssT and then divide >< qp ssT , into 2 subsets according to the maximal difference. Assume that the difference between it and 1+it is maximal, then ),1( zT is divided into ),1( iT and ),,1( ziT + where ],,,[),1( 1 ittiT L=

),1( ziT + ].,,[ 1 zi tt L+=

Step 4(b): Calculate the support of >< qp ss , that respectively includes each time- interval set. If the support of >< qp ss , that includes time-intervals ),1( iT is greater

than or equal to ,suppmin − then ),1( iT is a frequent time-interval of >< qp ss , , and then ),1( iT is reserved, otherwise

),1( iT is deleted. Similarly, if the support of >< qp ss , that

includes time-intervals ),1( ziT + is greater than or equal to ,suppmin − then ),1( ziT + is also a frequent time-interval,

and ),1( ziT + is reserved, otherwise ),1( ziT + is deleted. The reserved subsets of time-intervals next replaces the original set of time-intervals >< qp ssT , . If no subset is reserved, then the original set of time-intervals is called non- dividable. If all differences between two adjacent time- intervals in the original set of time-intervals are equal, then the original set of time-intervals is called as non-dividable as well.

Step 4(c): Repeat Step 4(a) and Step 4(b), until all subsets of time-intervals in >< qp ssT , are non-dividable.

Step 5: Produce 2FTIS , the set of frequent time-interval 2- sequences. Each 2-sequence of 2FS is extended by all its frequent time-intervals to generate .2FTIS If >=< qp ssT ,

},,,{ 21 RTTT L is the set of frequent time-intervals of

,, >< qp ss then ,1,,, RisTsT qi

p L=>< is a frequent time- interval 2- sequence.

Step 6: Produce 3, ≥kCTISk , the candidate set of frequent time-interval k-sequences. For any two frequent

time-interval (k-1)-sequences 1S and ,2S where ,,,,, 2,12,11,11,11 −=< kssTsS L

;,,,,,,,, 11,22,22,22,21,21,221,12,1 −−−−−− >∈=<> kkkkkk FTISsTssTsSsT L

2,12,23,11,22,12,21,12,23,11,22,1 ,,,;,,, −−− ===== kkk TTTTTssssss LL

,3,2 −= kT then we can generate a candidate time-interval k-

sequence .,,,,,,,, 1,22,21,12,12,12,11,11,112 >=< −−−−− kkkkk sTsTssTsS L

Step 7: Produce 3, ≥kFTISk , the set of frequent time- interval k-sequences. A candidate time-interval k-sequence whose support is greater than or equal to suppmin − is a frequent time-interval k-sequence, and the set of frequent time- interval k-sequences is .kFTIS

Step 8: Repeat Step 6 and Step 7, until no next kCTIS can be generated.

3.2 Time-intervals of a subsequence In this subsection, an operator to obtain the time-interval of a subsequence of a frequent time-interval sequential pattern is introduced. Let >=< −− kkkk sTssTsS ,,,,,, ,1122,11 L is a frequent time-interval k-sequence, and

,,,,, 111,'

−+=+=< jiiiii ssTsS L >++−+ jijiji sT ,,1 is a subsequence of S . Assume that =+1,iiT

],,[,],,[],,[ 11,1112,1 −+−++−+++++ == jijijijiiiiiii baTbaTba L and then the time-interval between is and jis + is equal to +++ + L1[ ii aa ]., 111 −++−+ ++ jiiiji bbba L

By using the above steps, a simple example is displayed in the next section.

4. Example In this section, we use the example sequence database shown as in Table 1 to discover the time-interval sequential patterns. In Table 1, Id denotes the record number of a sequence, and each sequence is represented as ,),(,),,(),,( 2211 >< nn tststs L where is denotes an itemset, and it denotes the time stamp that is occurs; here, the

suppmin − is set to 0.3.

Table 1: A sample sequence database Id Sequence

01 ( 5s ,8), ( 4s ,15), ( 6s ,20)

02 ( 1s ,2), ( 3s ,7), ( 2s ,11), ( 6s ,18)

03 ( 2s ,3), ( 1s ,4), ( 3s ,7), ( 6s ,16), ( 7s ,19)

04 ( 1s ,2), ( 2s ,8), ( 6s ,10), ( 7s ,15)

05 ( 5s ,4), ( 6s ,16), ( 1s ,20), ( 3s ,24)

06 ( 7s ,7), ( 1s ,13), ( 5s ,18), ( 2s ,25), (s6,28)

07 ( 5s ,4), ( 1s ,8), ( 3s ,12), ( 6s ,16), ( 7s ,20)

08 ( 1s ,3), ( 5s ,6), ( 2s ,9), ( 4s ,18), ( 6s ,21)

09 ( 2s ,5), ( 1s ,10), ( 3s ,15), ( 6s ,20), ( 7s ,25)

10 ( 6s ,2), ( 7s ,8), ( 5s ,12), ( 2s ,17)

First, we need to calculate the supports of all itemsets to produce .1FS Supports of all itemsets are shown in Table 2.


19

Here, we can obtain =1FS }.,,,,,{ 765321 ssssss

Table 2: Supports of itemsets itemsets support

1s 0.8

2s 0.7

3s 0.5

4s 0.2

5s 0.6

6s 1

7s 0.6

Next, 2CS is generated by jointing ;11 FSFS × Supports of the sequences in 2CS are calculated and shown in Table 3. Therefore, we obtain =3FS ,,,,,,{ 613121 ><><>< ssssss

,,,,,,,,,,,, 257363726271 ><><><><><>< ssssssssssss }.,,, 7665 ><>< ssss

For each frequent 2-sequence of 2FS , all its time intervals are recorded and listed in increasing order (Table 4).

Table 3: Supports of sequences in 2CS

2CS support 2CS support < 1s , 2s > 0.4 < 5s , 1s > 0.2

< 1s , 3s > 0.5 < 5s , 2s > 0.3

< 1s , 5s > 0.2 < 5s , 3s > 0.2

< 1s , 6s > 0.7 < 5s , 6s > 0.5

< 1s , 7s > 0.4 < 5s , 7s > 0.1

< 2s , 1s > 0.2 < 6s , 1s > 0.1

< 2s , 3s > 0.2 < 6s , 2s > 0.1

< 2s , 5s > 0.0 < 6s , 3s > 0.1

< 2s , 6s > 0.6 < 6s , 5s > 0.1

< 2s , 7s > 0.3 < 6s , 7s > 0.5

< 3s , 1s > 0.0 < 7s , 1s > 0.1

< 3s , 2s > 0.1 < 7s , 2s > 0.2

< 3s , 5s > 0.0 < 7s , 3s > 0.0

< 3s , 6s > 0.4 < 7s , 5s > 0.2

< 3s , 7s > 0.3 < 7s , 6s > 0.1

Table 4: Time-intervals of the sequences in 2FS

2FS time-intervals < 1s , 2s > T < 1s , 2s >={6, 9, 12}

< 1s , 3s > T < 1s , 3s >={3, 4, 5}

< 1s , 6s > T < 1s , 6s >={8, 10, 12, 16, 18}

< 1s , 7s > T < 1s , 7s >={12, 13, 15}

< 2s , 6s > T < 2s , 6s >={2, 3, 7, 12, 13, 15}

< 2s , 7s > T < 2s , 7s >={7, 16, 20}

< 3s , 6s > T < 3s , 6s >={4, 5, 9, 11}

< 3s , 7s > T < 3s , 7s >={8, 10, 12}

< 5s , 2s > T < 5s , 2s >={3, 5, 7}

< 5s , 6s > T < 5s , 6s >={10, 12, 15}

< 6s , 7s > T < 6s , 7s >={3, 4, 5, 6 }

According to the step 4 described in the section 3, the set of all suitable time-intervals for each sequences of 2FS are obtained as in Table 5.

Next, each 2-sequence of 2FS is extended by all its suitable time-intervals to form 2FTIS .

2FTIS ={< 1s , 12,1T , 2s >, < 1s , 1

3,1T , 3s >, < 1s , 16,1T , 6s >,

< 1s , 26,1T , 6s >, < 1s , 1

7,1T , 7s >, < 2s , 16,2T , 6s >, < 2s , 2

6,2T , 6s >,

< 2s , 17,2T , 7s >, < 3s , 1

6,3T , 6s >, < 3s , 17,3T , 7s >, < 5s , 1

2,5T , 2s >,

< 5s , 16,5T , 6s >, < 6s , 1

7,6T , 7s >}.

Table 5: Suitable time-intervals of the sequences in 2FS

2FS time-intervals < 1s , 2s > T < 1s , 2s >={ ]12,6[1

2,1 =T } < 1s , 3s > T < 1s , 3s >={ ]5,3[1

3,1 =T } < 1s , 6s > T < 1s , 6s >={ ]18,16[],12,8[ 2

6,116,1 == TT }

< 1s , 7s > T < 1s , 7s >={ ]15,12[17,1 =T }

< 2s , 6s > T < 2s , 6s >={ ]15,12[],7,2[ 26,2

16,2 == TT }

< 2s , 7s > T < 2s , 7s >={ ]20,16[17,2 =T }

< 3s , 6s > T < 3s , 6s >={ ]11,4[16,3 =T }

< 3s , 7s > T < 3s , 7s >={ ]12,8[17,3 =T }

< 5s , 2s > T < 5s , 2s >={ ]7,3[12,5 =T }

< 5s , 6s > T < 5s , 6s >={ ]12,10[16,5 =T }

< 6s , 7s > T < 6s , 7s >={ ]6,3[17,6 =T }

3CTIS , the candidate set of frequent time-interval 3- sequences is generated by jointing .22 FTISFTIS × Supports of the sequences of 3CTIS are calculated and shown in Table 6. A candidate frequent time-interval 3-sequence whose support is greater than or equal to suppmin − is called as a frequent time-interval 3-sequence. Therefore, we can obtain the set of all the frequent time-interval 3-sequences,

,{ 13 sFTIS <=

,,,, 61

6,2212,1 >sTsT ,,,,, 6

16,33

13,11 >< sTsTs ,,,,, 7

17,33

13,11 >< sTsTs

,,,,, 71

7,6616,11 >< sTsTs }.,,,, 7

17,66

16,33 >< sTsTs

Table 6: Supports of sequences in 3CTIS

3CTIS support < 1s , 1

2,1T , 2s , 16,2T , 6s > 0.3

< 1s , 12,1T , 2s , 2

6,2T , 6s > 0.1

< 1s , 12,1T , 2s , 1

7,2T , 7s > 0.1

< 1s , 13,1T , 3s , 1

6,3T , 6s > 0.4

< 1s , 13,1T , 3s , 1

7,3T , 7s > 0.3

< 1s , 16,1T , 6s , 1

7,6T , 7s > 0.4


20

< 2s , 16,2T , 6s , 1

7,6T , 7s > 0.1

< 2s , 26,2T , 6s , 1

7,6T , 7s > 0.2

< 3s , 16,3T , 6s , 1

7,6T , 7s > 0.3

< 5s , 12,5T , 2s , 1

7,2T , 7s > 0

< 5s , 16,5T , 6s , 1

7,6T , 7s > 0.1

The candidate set of frequent time-interval 4-sequences, ,4CTIS is generated by jointing 3FTIS .3FTIS× Here, only

one sequence, < 1s , 13,1T , 3s , 1

6,3T , 6s , 17,6T , 7s >, is generated.

The support of the sequence < 1s , 13,1T , 3s , 1

6,3T , 6s , 17,6T , 7s > is

0.3, thus < 1s , 13,1T , 3s , 1

6,3T , 6s , 17,6T , 7s > is also a frequent

time- interval 4-sequences, and we obtain =4FTIS < 1s , 1

3,1T , 3s , 16,3T , 6s , 1

7,6T , 7s >. Because no

next 5CTIS can be generated, the algorithm stops here. In addition, the time-interval of any subsequence of < 1s , 1

3,1T , 3s , 16,3T , 6s , 1

7,6T , 7s > can be obtained by using the operator introduced in subsection 3.2.

From the above example, we can clearly see that the suitable time-intervals for every pair of successive itemsets are different and overlap, therefore, it is more reasonable to generate the suitable time-intervals directly from the real sequence data for every pair of successive itemsets when mining time-interval sequential patterns.

5. Conclusion In this paper, we present an adoptive algorithm for mining time-interval sequential patterns. A sequential pattern with the time-intervals between successive itemsets is more valuable than a traditional sequential pattern without any time information. Most proposed algorithms reveal the time- intervals between itemsets by using some predefined non- overlap time partitions, but this way, in fact, may not be suitable for every pair of successive itemsets. To solve this problem, the proposed algorithm uses clustering analysis to automatically generate the suitable time-intervals between frequent occurring pairs of successive itemsets, and then uses these generated time-intervals to extend typical algorithms to discover the time-interval sequential patterns without pre- defining any time partitions. In addition, a useful operator for computing the time-interval of a subsequence of a frequent time-interval sequential pattern is also introduced in this paper. From the result of the example, we can conclude that because the time-intervals between successive itemsets are quite different and overlap, it is more reasonable to generate the suitable time-intervals directly from the real sequence data when mining time-interval sequential patterns.

References [1] R. Agrawal, R. Srikant, “Mining sequential patterns,”

In Proceedings of the International Conference on Data Engineering, pp. 3-14, 1995.

[2] Y. L. Chen, M. C. Chiang, M. T. Ko, “Discovering time-interval sequential patterns in sequence databases,” Expert Systems with Applications, 25(3), pp. 343-354, 2003.

[3] M. S. Chen, J. Han, P. S. Yu, “Data mining: An overview from a database perspective,” IEEE Transactions on Knowledge and Data Engineering, 8(6), pp. 866-883, 1996.

[4] M. S. Chen, J. S. Park, P. S. Yu, “Efficient data mining for path traversal patterns,” IEEE Transactions on Knowledge and Data Engineering, 10(2), pp. 209-221, 1998.

[5] M. H. Dunham, Data mining, Introductory and Advanced Topics, Pearson Education Inc., 2003.

[6] J. Han, G. Dong, Y. Yin, “Efficient mining of partial periodic patterns in time series database,” In Proceedings of the 1999 International Conference on Data Engineering, pp. 106-115, 1999.

[7] J. Han, M. Kamber, Data mining: Concepts and Techniques, Academic Press, 2001.

[8] H. Mannila, H. Toivonen, A. Inkeri Verkamo, “Discovery of frequent episodes in event sequences,” Data Mining and Knowledge Discovery, 1(3), pp. 259-289, 1997.

[9] J. Pei, J. Han, H. Pinto, Q, Chen, U. Dayal, M.-C. Hsu, “PrefixSpan: Mining sequential patterns efficiently by prefix-projected pattern growth,” In Proceedings of 2001 International Conference on Data Engineering, pp. 215-224, 2001.

[10] R. Srikant, R. Agrawal, “Mining sequential patterns: Generalizations and performance improvements,” In Proceedings of the 5th International Conference on Extending Database Technology, pp. 3-17, 1996.

[11] P. H. Wu, W. C. Peng, M. S. Chen, “Mining sequential alarm patterns in a telecommunication database,” In Proceedings of Workshop on Databases in Telecommunications (VLDB 2001), pp. 37-51, 2001.

Authors Profile

Hao-En Chueh received the Ph.D. in Computer Science and Information Engineering from Tamkang University, Taiwan, in 2007. He is an Assistant Professor of Information Management at Yuanpei University, Hsinchu, Taiwan. His research interests include data dining, fuzzy set theory, probability theory, statistics, database system and its applications.

Yo-Hsien Lin received the Ph.D. in information management from the National YunLin University of Science and Technology, Taiwan, in 2008. He is an Assistant Professor of Information Management at the Yuanpei University, Hsinchu, Taiwan. His research interests include bio-inspired systems, neural networks, evolutionary computation, evolvable hardware, intelligence system chip, biocomputing, pattern recognition, and medical information management.


21

Adaptive Dual Threshold Multi-Class Scheduling for Packet Switch

A. A. Abdul Rahman1, K. Seman2, K. Saadan3 and A. Azreen4

1 Telekom Research & Development, System Technology Unit,

TM Innovation Center, Lingkaran Teknokrat Timur, 63000 Cyberjaya, Selangor, Malaysia

[email protected]

2, 3 Universiti Sains Islam Malaysia,Faculty of Science & Technology, Bandar Baru Nilai, 71800 Nilai, Negeri Sembilan, Malaysia

[email protected] [email protected]

4 Universiti Putra Malaysia, Multimedia Department, Faculty of Computer Science and Information Technology,

43400 Serdang, Selangor [email protected]

\

Abstract: Multimedia applications such as video conferencing, VoIP and data streaming require specified QoS to guarantee their performance. Multi-class switch has been introduced to handle different QoS requirement. In this research, a new way of handling multi-class traffic is presented. The analysis is done on N × N switch with two traffic classes; high priority for delay sensitive cells (class 1) and low priority for loss sensitive cells (class 0). In order to avoid starvation problem and to improve total mean delay in loss sensitive class, a novel approach has been introduced in the scheduling technique. The controller in the scheduler will adjust the threshold value adaptively based on the mean queue length and traffic load condition. By adjusting these parameters adaptively the best possible mean delay and throughput for class 0 can be achieved without degrading the QoS requirement for class 1.The proposed method has been simulated to show the performance of adaptive threshold as compared to priority queue(PQ) and Weighted Fair Queue(WFQ) in term of total mean delay and throughput. The results show that the proposed architecture has achieved better performance as compared to PQ and WFQ.

Keywords: multi-class switch, Quality of Service (QoS), adaptive threshold, switching.

1. Introduction In modern communication network, the desire of having multiple traffic services in a single stream has created problem especially in achieving the desired QoS requirement for each services. The multi-class switch [1]-[5], [8]-[11] is used to classify the multiple traffic streams based on QoS requirements. The use of priority provides the means to give different classes of service a different type of traffic [4]. This requires new scheduling algorithms for packet transmission.

Scheduling algorithm plays a key role in obtaining a high performance in multi-class switch. Unfortunately, most of the existing scheduling algorithm [1],[3]-[5] only strive to maximize the QoS level in delay sensitive class for each arrival cell without considering the adaptability, which may result in poor QoS for lost sensitive class when the system is in heavy load. Scheduling algorithm for a single priority

class may not perform well when it is applied to a multi-class scheduling [3]. Scheduling algorithm that is normally used in two traffic classes only considers one parameter, either only in priority packet setting or only on probability of serving loss sensitive classes.

Priority buffer in multi-class switch will give more priority to delay sensitive packets such as video, voice and online game as compared to loss sensitive packet. In other words, by using the priority buffer, real time applications will be served first while non-real time applications will be queued in the buffer waiting to be served. Many studies have been done to reduce the waiting time for the loss sensitive cells with less consideration on the degradation of performance for the delay sensitive cells [1]-[4].

In [4], the performance of packet switch with two priorities has been evaluated using heuristic adjustment. Then it is improved by using the approximation technique of the flow conservation rule [1]. Both techniques are using priority buffer without any threshold control on the loss sensitive class. This will lead to the starvation problem in the loss sensitive class during high traffic load condition.

In [3], a reservation based scheduling approach has been proposed to handle the QoS requirements for the delay sensitive class and the loss sensitive class. This method uses input-output queue that requires internal speedup which will increase the complexity.

In Weighted Fair Queue (WFQ), traffic classes are served based on the fixed weight assigned to the related queue [10, 11]. The weight is determined according to the QoS parameters, such as service rate or delay. This technique is not suitable under high traffic load because of the fixed weight that is assigned to the queue.

Designing a high speed packet switching with classes will create a few problems such as starvation in the loss sensitive class (class 0) and packet dropped due to long waiting time in class 0. This research is expected to minimize the waiting time in class 0 without affecting QoS requirements for delay sensitive cells in class 1.

To achieve the stated objective, separate buffer for each individual class is used to accommodate different traffic


22

classes. This will eliminate the head of line (HoL) of different classes blocking effects. For different port, Virtual Output Queue (VOQ) [6] [7] is used in order to eliminate the HoL of different destination port blocking.

In this paper, we propose adaptive hybrid scheduling method by combining two thresholds setting and able to adjust the priority level of scheduling according to the mean queue length of the delay sensitive class. In addition, the scheduling technique is non-preemptive, which is more efficient and less complex than preemptive approaches due to reducing the overhead needed for switching among cells.

2. Proposed Model The proposed multi-class switch and the scheduling technique used in controlling the flows of the cells in the switch is described below.

2.1 System model The proposed multi-class switch architecture with N

ports serving C-1 classes of traffics is shown in Figure 1. Priority switch is used to forward delay sensitive packet (class C-1) faster than loss sensitive packet (class 0).

Figure 1. Multi-class switch architecture

The delay requirement for class j cells is defined by Dj where j = 0, 1, 2… C-1 and D0 > D1 > D2 >……> DC-1. In other words, the delay requirement for Class 1 is more stringent than Class 0 for system shown in Figure 1. Thus, cells that queue in Class 0 have the lowest priority and cells that queue in Class C-1 have the highest priority. These delay requirements are set based on the QoS requirement for different type of applications.

Time slot is used to represent the time of one cell arrival at the input port or cell departure at the output port. The period of time slot Ts, where s = 0, 1, 2, … is set to be equal to the time to process a single cell when the server is idle.

The class j cells arrive at the input port in every time slot according to Bernoulli distributions with mean λj. The cell is classified based on its delay requirement. In this architecture the class of the cell is stored in the header. An arrival cells for Class j (λj) is queued in First-In-First-Out (FIFO) buffer while waiting to be served.

Figure 2. Head of Line Scheduler.

At each time slot, the switch attempts to serve the cells at

Head of Line (HoL) of each input queue as shown in Figure 2. In the case when there are cells from different classes are waiting at HoL, the HoL scheduler (HoL Sch) will select the cell with high priority to be served. The losing cells in the contention must wait in the queue. The numbers of queue cells will increase when there are new incoming cells to the queue.

The threshold setting is introduced in order to give some privileges to cells in lower priority class. The threshold parameter used in this architecture are the number of queue cell, Nbj and the probability of serving low priority cell, PTSCj; j = 0, 1, 2, …., C-1. Nbj parameter is chosen because of the limited buffer size available in practical design. The need to adjust the Nbj parameter is necessary to reduce the packet loss due to buffer full. This parameter is adjusted based on the size of buffer used to store cells in Class j. PTSCj is the probability to serve the Class j when the Nbj parameter threshold is met. The PTSCj parameter is chosen in order to control the variation of delay between high priority and low priority cells based on the high priority QoS requirements. This is necessary in order to achieve better performance for Class j cells. In the case where both threshold values are met, the switch will select the cell from the class which the threshold is triggered even in the present of higher priority cells.

2.1 Simulation model A simulation model is developed to simulate the performance of the proposed switch under dual thresholds setting. In this simulation, the architecture uses 16 x 16 switch with two classes for every input port. Class 0 is used to classify the low priority buffer for non-real-time data. At the same time, Class 1 represents high priority buffer for real-time data.

The design of the switch architecture for input queue multi-class switch is using separate buffer for each class. Arrival cells are stored in different FIFO based on their classes. The HoL scheduler will choose one cells from HoL FIFO classes at every port to be forwarded to switch fabric. The cells will contend with each other to gain access for departure.

The proposed switch operates in time slotted transmission to process each cells. Each time slot consists of three phases which are arrival, scheduler and departure.

In the arrival phase, the incoming packet are segmented into fixed size packet called cells and are aligned for synchronization. The number of maximum cells, Pmax which is generated in one time slot depends on the traffic load, λ and the number of port, N, used. The relationship is shown in (1). The traffic load is the total of λHi and λLi.

Low priority

High priority

HoL

HoL Sch


23

(1) The cells are generated randomly and uniformly for all

destination port. For uniform traffic, the maximum arrival rate at any queue is always less than 1/N of the traffic load. Figure 3 shows the address packet generation in arrival process.

Figure 3. Address Packet Generation in Arrival Process

Figure 4 shows the packet format for input buffer multi-

class switch. There are 20 bits in this cell. The first 8 bits is the header which contains the destination address (7 bits) and class (1 bit). The others 12 bits are for data.

Figure 4. Cell format

In the class segment, bit ‘1’ indicates that the cell belongs to the delay sensitive class and bit ‘0’ is for the loss sensitive class. This bit is classified based on the type of packet received and the QoS requirement for its applications. Each generated cell is classified either to the delay sensitive class or the loss sensitive class based on the traffic type. High priority cell is tagged with 1 and low priority cell with 0. Then, the cell is sent to FIFO waiting to be served. The Class 1 cell is sent to FIFO_H1 and Class 0 cell to FIFO_L1. The HoL for Class 1 and Class 0 must wait until it is served. In general, the HoL scheduler will choose the cell in Class 1 since it has the high priority cells. In the case when both threshold values are achieved, the HoL scheduler will choose the Class 0 cells even in a presence of Class 1 cells.

The pseudo code for the input buffer with HoL output scheduling is shown in Figure 5. When HoL for class 1 is not empty and the threshold value setting is applicable for both parameters, the HoL output will choose HoL packet from class 0 instead of class 1.

Figure 5. Pseudo code for HoL scheduler

After HoL is selected, it will compete with other cells from the other input port. The scheduler is using round robin policy with priority to select the cell in HoL for departure.

In departure phase, delays for Class 1 and Class 0 cells are calculated to measure the switch performance.

2.1.1 HoL scheduler with fixed thresholds value HoL Scheduler is used to select HoL cell from delay

sensitive class (FIFOH) and/or loss sensitive class (FIFOL). Figure 6 shows the HoL scheduler design for two class switch. Mux1 will transfer cell from FIFOH if dual threshold setting (Nb0 and PTSC0) does not meet its limit and there are cells in FIFOH. Cell from FIFOL will be transfered by Mux1 if there are no cell in FIFOH or when both thresholds setting reach its limit. Mux2 will transfer cell from FIFOL when the destination address for high class (AddrH) is different than destination address for low class (AddrL). Mux2 will eliminate the HoL blocking effect for loss sensitive class and will increase the switch performance.

Figure 6. HoL scheduler design Figure 7 illustrates the cell flow at the HoL scheduler under three situations which are based on threshold condition and destination address of class 1 and class 0.

Figure 7. Example of success and failure of cell flow at HoL Scheduler

FOR (port = 1 to N) DO { IF (random number < traffic load) THEN Destination address = random number * N; ELSE No destination address; ENDIF }

If (HoL class1 not empty) If (Nb0 > TN) && (PTSC0 >TP)

HoL_out = HoL class0; else HoL_out = HoL class1;

else HoL_ out = HoL class0;

√

√

√

×

× √

HoL scheduler

Different destination

address

Same destination

address, Nb & PTSC0 = 0

Same destination

address, Nb & PTSC0 = 1

WAIT

WAIT

Class1

Class0


24

2.2.2 HoL scheduler with adaptive thresholds value.

In order to improve the mean delay of the delay sensitive class traffic in high traffic load condition, a HoL scheduler with adaptive thresholds value is introduced. The idea is to give absolute priority to the delay sensitive class in high traffic load condition so that the high priority cell can be transfer efficiently and meet its QoS requirements. Meanwhile, when the traffic load is low or moderate, some level of priority is given to the loss sensitive class. Figure 8 shows the architecture of HoL scheduler with adaptive threshold.

HoL Sch 1

λ1

λ0Class 0

Class 1

16 X 16Nonblocking

SwitchFabric

Controller

Thresholds value

Figure 8. Architecture of HoL scheduler with adaptive

threshold. The controller is used to set the threshold value based on the traffic load condition. The controller uses the class 1 HoL waiting time to determine the traffic condition. Under a uniform traffic condition the best possible setting of the threshold value PTSC0 is based on the average of minimum different waiting time (DW) in HoL between class 1 (WB1) and class 0 (WB0), and QoSclass1 and WB1. The WB0 and WB1

values are normalized based on the QoS value for class 1. The relationship is shown in (2) and (3). Meanwhile Nb0

value is based on the average of occupied buffer in class 0 (FIFO0, i) with number of ports in the switch (N) at the border of classified traffic load (low, moderate or high). The relationship is shown in (4).

(2)

(3)

(4)

Equation (2), (3) and (4) are graphically shown in Figure 9, where the graphs of waiting time under uniform traffic without any threshold setting for class 1 and class 0, noted WB1 and WB0 respectively are used to obtain the optimum threshold setting.

Figure 9. Example of the optimal threshold setting under uniform traffic.

Under a uniform traffic condition, the measurement of traffic load classification is defined as in Table 1 for VoIP and video conferencing.

Table 1: Traffic load classification for VoIP and video conferencing.

Traffic load Waiting time (time slot)

LOW < 20

MODERATE 20 - 50

HIGH > 50 Figure 10 shows the pseudo code for controller threshold setting. The different level of serving probability is given based on the percentage of QoS requirement of class 1.

Figure 10. Pseudo code for controller threshold setting.

If (waiting time <20% of QoS) Equal probability of serving class 1 and class 0 by not setting any thresholds or priority for both classes.

Else if (20% of QoS < waiting time <50% of QoS) Increase probability of serving class1 to 75% by increasing the threshold level setting of serving class0.

Else if (waiting time > 50% of QoS) Increase probability of class1 to 100% by giving absolute priority to class1.


25

Hardware design is developed to evaluate the performance of the proposed architecture. Figure 11 shows the hardware timing simulation of incoming and outgoing cells in multi-class switch. It can be seen that there are new incoming cell at every time slots. After the cells have been processed, only the successful cell is allowed to depart. The rest of the cells must waiting for their turns. The output cell timing is used to calculate the total means delay for Class 1 and Class 0.

Figure 11. Timing simulation of multi-class switch

3. Performance Results In order to compare switching capabilities, the following performance metrics are considered:

• Throughput: a normalized value of the cell delivered correctly to its destination.

• Total Mean delay: the average end-to-end delay of cells, including the waiting time and serving time.

• Cell arrival ratio: the ratio of cell class 0 over class

1. This will measure the efficiency of the switching technique as the input of class 0 increase.

Figure 12. Throughput in multi-class switch with equal

distribution of λ1 and λ0.

Figure 13. Total mean delay in multi-class switch with

equal distribution of λ1 and λ0.

Figure 14. Ratio versus Mean delay in multi-class switch

with λ1 fixed to 0.5 These graphs show the performance of multi-class switch in term of throughput and total mean delay. Figure 12 shows the throughput of cell in the switch under three environments for both classes.

a) Priority buffer. b) WFQ. c) Adaptive threshold.

As shown in Figure 12, throughput with adaptive threshold for class 0 increases at load 0.8 and then decreases as the load increases to 1. The class 1 throughput with adaptive threshold remains near to the class 1 throughput in PQ. But the class 1 in WFQ tends to drop as the load increase to 1. Figure 13 shows the total mean delay with equal distribution of λ1 and λ0. The mean delay for adaptive threshold for class 1 is better as compared to mean delay in WFQ at high traffic load. Figure 14 shows the mean delay of ratio distribution of λ1 and λ0. The mean delay for class 1 adaptive threshold is lower as compared to class 1 in WFQ as the load increases. This effect is because of the adaptive controller threshold setting, which decrease the class 0 serving properties as the load increases.

4. Conclusions In this paper, the multi-class switch with adaptive dual threshold is proposed to optimize the performance of class 0 traffic without affecting the QoS requirement for class 1. The simulation results show that the mean delay and throughput using adaptive threshold is better than WFQ. In adaptive threshold, the PTSC0 and Nb parameter are adjusted automatically based on condition of the traffic load. By adjusting these parameters adaptively the optimum of mean delay and throughput for class 0 can be achieved without degrading the QoS requirement for class 1.

References [1] Choi, J. S. and C. K. Un, "Delay Performance of an

Input Queueing Packet Switch with Two Priority Classes". Communications, IEE Proceedings- Vol. 145 (3): pp. 141-144, 1998.

[2] Warde, W. and P. A. Ivey, "Input Queueing Multicast Atm Packet Switch with Two Priority Classes Using a

0.9 1 0.2 0.3 0.4 0.5 0.6 0.7 0.8

100

101

102

103

(i) Class 0 (PQ) (ii) Class 0 (adaptive threshold) (iii) Class 0 (WFQ) (iv) Class 1 (WFQ) (v) Class 1 (adaptive threshold) (vi) Class 1 (PQ)

(i)

(ii)

(iii) (iv)

(v)

(vi)

Total Mean Delay

(time slot)

Ratio (r)

0. 0.65 0. 0.75 0.10

-1

10 0

10 1

10 2

(i) Class 0 (PQ) (ii) Class 0 (adaptive threshold) (iii) Class 0 (WFQ) (iv) Class 1 (WFQ) (v) Class 1 (adaptive threshold) (vi) Class 1 (PQ)

(i) (ii)

(iii) (iv)

(v)

(vi)

Total Mean Delay

(time slot)

Load

(ii)

Load 0.5 0.55 0.6 0.65 0.7 0.75 0.8 0.85 0.9 0.95 1

0.30

0.35

0.40

0.45

0.50

Throughput (i)

(iii)

(iv)

(v) (vi)

(i) Class 1 (PQ) (ii) Class 1 (WFQ) (iii) Class 1 (adaptive threshold) (iv) Class 0 (adaptive threshold) (v) Class 0 (WFQ) (vi) Class 0 (PQ)

(ii)


26

Priority Scheme with a Window Policy". Electronics Letters Vol. 32 (20): pp. 1854-1855, 1996.

[3] Pao, D. C. W. and S. P. Lam, "Cell Scheduling for Atm Switch with Two Priority Classes". ATM Workshop Proceedings, IEEE: pp. 86-90,1998.

[4] Chen, J. S. C. & R. Guerin, "Performance Study of an Input Queueing Packet Switch with Two Priority Classes". Communications, IEEE Transactions on Vol. 39 (1): pp. 117-126, 1991.

[5] A.A. Abdul Rahman, K.Seman and K.Saadan, “Multi-class Scheduling Technique using Dual Threshold,” APSITT, Sarawak, Malaysia, 2010.

[6] N. McKeown, V. Anantharam, and J. Walrand, “Achieving 100% throughput in an input-queued switch,” in Proc. IEEE INFOCOM ‘96, San Francisco, CA, pp. 296–302, 1996.

[7] A. Mekkittikul and N. McKeown, “A practical scheduling algorithm for achieving 100% throughput in input-queued switches,” in Proc. INFOCOM ‘98, San Francisco, CA, vol. 2, pp. 792–799, 1998.

[8] Lemin, L., H. Caijun & L. Pu. "Maximum Throughput of an Input Queueing Packet Switch with Two Priority Classes". Communications, IEEE Transactions on Vol. 42 (12): pp. 3095-3097, 1994.

[9] Lim, Y. & J. E. Kobza.. "Analysis of a Delay-Dependent Priority Discipline in an Integrated Multiclass Traffic Fast Packet Switch". Communications, IEEE Transactions on Vol. 38 (5): pp. 659-665, 1990.

[10] Al-Sawaai, A., I. Awan & R. Fretwell.. "Analysis of the Weighted Fair Queuing System with Two Classes of Customers with Finite Buffer". Advanced Information Networking and Applications Workshops, 2009. WAINA '09. International Conference on: pp. 218-223, 2009.

[11] Al-Sawaai, A., I. U. Awan & R. Fretwell. "Performance of Weighted Fair Queuing System with Multi-Class Jobs". Advanced Information Networking and Applications (AINA), 24th IEEE International Conference on: pp. 50-57, 2010.

Authors Profile

A. A. Abdul Rahman received his Bachelor of Engineering (Electrical – Electronics) and Master of Engineering (Electrical) from Universiti Teknologi Malaysia, Johor in 2002 and 2004. He is currently pursuing the PhD degree at Universiti Sains Islam Malaysia (USIM). He is also an Associate Senior Researcher in Telekom Research and Development. His research interests are in hardware system

design, high speed switching, networking and software engineering.

K. Seman obtained B.Elec.Eng (2nd Class Upper) from Universiti Teknologi Malaysia (UTM) in 1985, MSc in Telematics from Essex University, UK 1986, and PhD in Electrical Engineering (Communication Networks) from Strathclyde University UK in 1994. He served as an academician at the Faculty of Electrical Engineering, UTM from 1985

till 2002. He was promoted as a full professor in Telecommunication Engineering in 2000. From 2003 till 2005, he worked at Telekom Malaysia R&D working in numerous network research projects. In Dec 2005 he joined Universiti Sains Islam Malaysia as Professor in Network Technology and Security. His research interests are network performance modeling and analysis, cryptography, and switching technology.

K. Saadan is a Senior Fellow (Computer Science) in Information Security and Assurance Programme in the Faculty of Science, Universiti Sains Islam Malaysia. Currently he is the Director of Centre for Information Technology in USIM. He holds a Bachelor of Science degree in Mathematics, Master of Science in Computer Science and PhD in Systems

Science Management. His areas of research interest are in Intelligent Decision Support Systems, Software Quality Assurance and Knowledge Management. His expertise is in Software Engineering and Software Quality Assurance. So far he has published more than 35 papers and technical reports in the area of Computer Science and Information Technology. In the last fifteen years he has been actively involved in various systems development activities and research; and ICT project planning and management.

A. Azman received his B.IT from Universiti Multimedia in 1999, PhD in Information Retrieval form University of Glasgow in 2007.From 1999 till 2002; he worked as System Engineer at ON Semiconductor (M) Sdn. Bhd. From 2008 till 2009, he worked as lecturer in Universiti Sains Islam Malaysia (USIM). In May 2009, he joins Universiti Putra Malaysia as Senior

Lecturer. His research interests are in information retrieval, relevance feedback learning, data mining and knowledge discovery.


27

Low Budget Honeynet Creation and Implementation for Nids and Nips

Aathira K. S1, Hiran V. Nath2, Thulasi N. Kutty3, Gireesh Kumar T4

1 TIFAC CORE in Cyber Security Centre, Amrita Vishwa Vidyapeetham, Coimbatore, India

[email protected] 2 TIFAC CORE in Cyber Security Centre,

Amrita Vishwa Vidyapeetham, Coimbatore, India





[email protected]

Abstract: This paper describes Honeynet, a system for automated generation of attack signatures for network intrusion detection and prevention systems. A honeypot is a security resource whose value lies in being probed, attacked or compromised. We examine different kinds of honeypots, honeypot concepts, and approaches to their implementation. Our system applies pattern detection techniques and protocol based classification on the traffic captured on a honeypot system. Softwares like Sun virtual box-VMware were used for this purpose so that it was not required to buy large number of high end systems for implementing this setup and thereby cost was reduced in a great extend. While running Honeynet on a WAN environment, the system successfully created precise traffic signatures and updates the firewall that otherwise would have required the skills and time of a security officer. Keywords: IDS, IPS, Honeypot, Honeynet, Snort.

1. Introduction A honeypot is tough to define because it is a new and changing technology, and it can be involved in different aspects of security such as prevention, detection, and information gathering. It is unique in that it is more general technology, not a solution, and does not solve a specific security problem. Instead, a honeypot is a highly flexible tool with applications in such areas as network forensics, vulnerability analysis and intrusion detection. A honeypot is a security resource, whose value lies in being probed, attacked, or compromised. Currently, the creation of NIDS signatures is a tedious manual process that requires detailed knowledge of the traffic characteristics of any phenomenon that is supposed to be detected by a new signature. Simplistic signatures tend to generate large numbers of false positives; overly specific ones cause false negatives. To address these issues, we present Honeynet, a system that generates signatures for malicious network traffic automatically. Our system applies pattern detection techniques and protocol based classification on the traffic

captured on honeypots. Honeypots are computer resources set up for the purpose of monitoring and logging activities of entities that probe, attack or compromise them. Honeypots are closely monitored network decoys serving several purposes. They can distract attackers from more valuable machines on a network; they can provide early warning about new attack and exploitation trends; and they allow in-depth examination of adversaries during and after exploitation of a honeypot. Honeypots are a technology whose value depends on the "bad guys" interacting with it. All honeypots work on the same concept: nobody should be using or interacting with them, therefore any transactions or interactions with a honeypot are, by definition, unauthorized. “Honeynet” is a term that is frequently used where honeypots are concerned. A honeynet is simply a network that contains many honeypots and the traffic to each honeypots is controlled using honeywall. More precisely, it is a high-interaction honeypot that is designed to capture extensive information on threats and provides real systems, applications, and services for attackers to interact with. Redhat Linux machine is used for routing packets between honeypots and actual servers. It is really expensive to buy an actual router. A firewall had been built to filter packets in the gateway using Linux machine so that its rules could be updated and its not required to buy more number of firewalls. VMware software which serves the purpose of virtual machine is used so that there is no need to buy large server configuration machines. Even a single machine resource can be shared by many hosts which are used for making honeypots. This paper is organized as follows: In Section 2 we examine different types of honeypots and honeywall. In Section 3 we provide an overview of the system architecture. Section 4 presents implementation part. Section 5 shows our findings. We then conclude and provide our opinion on the future of honeypots in section 6.


28

Figure 1. Honeypot Setup using Virtualization

2. Types of Honeypots Honeypots can be classified based on their purpose (production, research) and level of interaction (low, medium, and high). We examine each type in more detail below.

2.1. Purpose of Honeypots

2.1.1. Research Honeypot A research honeypot is designed to gain information about the blackhat community and does not add any direct value to an organization [4]. They are used to gather intelligence on the general threats organizations may face, allowing the organization to better protect against those threats. Its primary function is to study the way in which the attackers progress and establish their lines of attack, it helps understand their motives, behavior and organization Research honeypots are complex to both deploy and maintain and capture extensive amounts of data. They can be very time extensive. Very little is contributed by a research honeypot to the direct security of an organization, although the lessons learned from one can be applied to improve attack prevention, detection, or response. They are typically used by organizations such as universities, governments, the military or large corporations interested in learning more about threats research. Research honeypots add tremendous value to research by providing a platform to study cyberthreats. Attackers can be watched in action and recorded step by step as they attack and compromise the system. This intelligence gathering is one of the most unique and exciting characteristics of honeypots [7]. It is also a beneficial tool in aiding in the development of analysis and forensic skills. Sometimes they can even be instrumental in discovering new worms.

Figure 2. Honeypots in a production environment

2.1.2. Production Honeypot A production honeypot is what most people think of when discussing honeypots. A production honeypot is one used within an organization’s environment to protect the organization and help mitigate risk [4]. It has value because it provides immediate security to a site’s production resources. Since they require less functionality then a research honeypot, they are typically easier to build and deploy. Although they identify attack patterns, they give less information about the attackers than research honeypots. You may learn from which system attackers are coming from and what exploits are being launched, but may be not who they are, how they are organized, or what tools they are using. Production honeypots tend to mirror the production network of the company (or specific services), inviting attackers to interact with them in order to expose current vulnerabilities of the network. Uncovering these vulnerabilities and alerting administrators of attacks can provide early warning of attacks and help reduce the risk of intrusion [3]. The data provided by the honeypot can be used to build better defenses and counter measures against future threats. It should be pointed out that as a prevention mechanism, production honeypots have minimal value. Best practices should be implemented involving the use of Firewalls, IDS’s, and the locking down and patching of systems. The most common attacks are done using scripts and automated tools. Honeypots may not work well against these since these attacks focus on many targets of opportunity, not a single system. Their main benefit is in the area of detection. Due to its simplicity it addresses the challenges of IDS’s – there are minimal false positives and false negatives. There are several situations where an IDS may not issue an alert: the attack is too recent for your vendor, the rule matching it caused too many false positives or it’s seeing too much traffic and is dropping packets. False Positives occur when an untuned IDS alerts way too much on normal network traffic. These alerts soon get ignored or the rules triggering them are modified, but then real attacks may be missed. In addition, there is a serious problem with the volume of data to analyze with IDS’s. They can’t cope with the network traffic on a large system. Honeypots address these challenges because since honeypots have no production activity, all the traffic sent to a honeypot is almost certainly unauthorized – meaning no false positives, false negatives or large data sets to analyze. Also, once an attack has been detected the machine can be pulled offline and thorough forensics performed something that is often difficult if not impossible with a production system. In general, commercial organizations derive the most direct benefit from production honeypots. These categorizations of honeypots are simply a guideline to identify their purpose, the distinction is not absolute. Sometimes the same honeypot may be either a production or research honeypot. It is not as much how it is built but how it is used [6]. 2.2. Level of Interaction In addition to being either production or research honeypots,


29

honeypots can also be categorized based on the level of involvement allowed between the intruder and the system. These categories are: low-interaction, medium-interaction and high interaction. What you want to do with your honeypot will determine the level of interaction that is right for you. 2.2.1. Low-interaction Honeypots A low-interaction honeypot simulates only services that cannot be exploited to gain total access to the honeypot [5]. On a lowinteraction honeypot, there is no operating system for the attacker to interact with [2] (pp. 19). They can be compared to passive IDS since they do not modify network traffic in any way, and do not interact with the attacker. Although this minimizes the risk associated with honeypots, it also makes low interaction honeypots very limited. However, they can still be used to analyze spammers and can also be uses as active countermeasures against worms [5]. Low-interaction honeypots are easy to deploy and maintain. An example of a commercial low-interaction honeypot is honeyd. Honeyd is a licensed daemon that is able to simulate large network structures on a single network host [3, 13]. Honeyd works by imitating computers on the unused IP address of a network, and provides the attacker with only a façade to attack. Another example of a low-interaction honeypot is Specter, which is developed and sold by NetSec. Specter has functionality like an enterprise version of BOF and only affects the application layer. 2.2.2. Medium-Interaction Honeypots Medium-interaction honeypots are slightly more sophisticated than low interaction honeypots, but less sophisticated than high interaction honeypots [8]. Like low-interaction honeypots they do not have an operating system installed, but the simulated services are more complicated technically. Although the probability that the attacker finding a security vulnerability increases, it is still unlikely that the system will be compromised [2] (pp. 20). Medium-interaction honeypots provide the attacker with a better illusion of an operating system since there is more for the attacker to interact with. More complex attacks can therefore be logged and analyzed. Some examples of medium-interaction honeypots include mwcollect, nepenthes and honeytrap. Mwcollect and nepenthes can be used to collect autonomously spreading malware. These daemons can log automated attacks, and extract information on how to obtain the malware binaries so that they can automatically download the malware. Honeytrap dynamically creates port listeners based on TCP connection attempts extracted from a network interface stream, which allows the handling of some unknown attacks. 2.2.3. High-interaction honeypots These are the most advanced honeypots. They are the most complex and time-consuming to design, and involve the highest amount of risk because they involve an actual operating system [2] (pp. 20 – 21). The goal of a high-interaction honeypot is to provide the attacker with a real operating system to interact with, where nothing is simulated or restricted [8]. The possibilities for collecting large amounts of information are therefore greater with this

type of honeypot, as all actions can be logged and analyzed. Because the attacker has more resources at his disposal, a high interaction honeypot should be constantly monitored to ensure that it does not become a danger or a security hole [2]. A honeynet is an example of a high-interaction honeypot, and it is typically used for research purposes. 2.3. Free and commercial honeypot solutions 2.3.1 Nepenthes Honeypot Nepenthes Honeypot is developed by SPARSA's for its ongoing viral research project. It is freely available for download and use as VM from http://www.sparsa.org/node/23 2.3.1.1. Features Nepenthes Ampullaria acts like a honeypot to feign vulnerability to, and download viruses / worms /Intrusions into hexdumps which can be reversed. A collection of 30,000 attacks is growing each day the nepenthes computer is online, gathering data to submit to anti-virus companies about what is in the wild. Currently SPARSA operates a centralized Nepenthes server out of their office in RIT's CIMS building. A Virtual Machine running Nepenthes is available here for download and use by public. We need VMware Player, VMware Server, or VMware workstation in order to run these Virtual Machines. VMware Player and VMware Server are free to all. RIT also has a site license for VMware workstation you may inquire about. The Virtual Machines are to be used either on their own unprotected box serving VMware images, or placed on the DMZ of a firewalled environment. This gives the best opportunity to catch attack and exploits in the wild. It is SPARSA's goal to set up a centralized submission and analysis cluster with help from folks like you. All VMs submit to the SPARSA server where results will be analyzed and submitted to major AV companies and the Norman Sandbox. A copy is also kept for the local user to tinker with. Using this tactic the Security Practices and Research Student Association hopes to analyze viruses and malware in the wild by allowing everyone to participate in collection and analysis. Future versions will pare down the known malware on the vm-clients so submission to the server is only unknown malware. 2.3.2. BackOfficer Friendly: A free win32 based honeypot solution by NFR Security (a separate Unix port is available but has restricted functionality). It is able to emulate single services such as telnet, ftp, smtp and to rudimentary log connection attempts. 2.3.3. Deception toolkit (DTK): A free and programmable solution intending to make it appear to attackers as if the system running DTK has a large number of widely known vulnerabilities (http://www.all.net/dtk/dtk.html). 2.3.4. HOACD: This is a ready-to-run honeyd+OpenBSD+arpd on a bootable CD (http://www.honeynet.org.br/tools) 2.3.5. Honeyd In Honeyd, They expect adversaries to interact with honeypots only at the network level. Instead of simulating


30

every aspect of an operating system, they decided to simulate only its network stack. The main drawback of this approach is that an adversary never gains access to a complete system even if he compromises a simulated service. On the other hand, we are still able to capture connection and compromise attempts. For that reason, Honeyd is a low-interaction virtual honeypot that simulates TCP and UDP services. Honeyd must be able to handle virtual honeypots on multiple IP addresses simultaneously. This allows us to populate the network with a number of virtual honeypots that can simulate different operating systems and services. Furthermore, Honeyd must be able to simulate different network topologies.

Figure 3. Honeyd receives traffic for its virtual honeypots via a router or Proxy ARP. For each honeypot, Honeyd can simulate the network stack behavior of a different operating system.

2.3.5.1. Architecture When the Honeyd daemon receives a packet for one of the virtual honeypots, it is processed by a central packet dispatcher. The dispatcher checks the length of the IP packet and verifies its checksum. The daemon knows only three protocols: ICMP, TCP and UDP Packets for other protocols are discarded.

Figure 4. Overview of Honeyd’s architecture.

Incoming packets are dispatched to the correct protocol handler. For TCP and UDP, the configuredservices receive new data and send responses if necessary.All outgoing packets are modified by the personality engine to mimic the behavior of the configured

network stack. 2.3.6. HYW – Honeyweb An in-depth simulation of an IIS 6.0 webserver that enables you to use your web content (perfect choice for capturing worms). 2.3.7. Mantrap / Decoy Server (commercial) Symantec Decoy Server sensors deliver holistic detection and response as well as provide detailed information through its system of data collection modules. 2.3.8. Specter SPECTER offers common Internet services such as SMTP, FTP, POP3, HTTP and TELNET. They appear to be normal to the attackers but are in fact traps for them to mess around and leave traces without even knowing they are connected to a decoy system. It does none of the things it appears to but instead logs everything and notifies the appropriate people.

2.4. Installing your own honeypot Depending on the type of technology used there are different things to consider when installing and deploying a honeypot. 2.4.1. Low-interaction honeypot: Make sure an attacker can’t access the underlying operating system (especially when using plugins). If possible make use of the honeypot’s features to emulate a more realistic environment (e.g. traffic shaping).Make sure to use the latest versions available. 2.4.2. Medium-interaction honeypot: Make sure an attacker can’t escape the jailed environment. Be aware of SUID or SGID files. 2.4.3. High-interaction honeypot: Use advanced network techniques to control the honeypot (e.g. firewalls, intrusion detection systems) and make sure it can’t be used to harm third parties (e.g. legal issues of an open relay). If possible, poison the honeypot. Use software that actually has vulnerabilities or your honeypot might never be exploited successfully. Use tripwire or AIDE to get a snapshot of the system.

2.5. Virtual Honeywall It's implemented in a virtual machine which has 3 network cards. One is for the connection to the firewall, the second to the internal network and the third is for remote management of the honeywall itself.

2.6. Honeynet A honeynet is made by networking these honeypots (explained above) and the traffic to each honeypots will be controlled with help of honeywall.

3. System Architecture

Figure 5. Small Model of our Architecture


31

Here the traffic will be entering the Network through the Linux firewall. Then all the traffic will be going through the honeywall. From there, honeywall will redirect the traffic from each section to each honeywall. This is done since there can be tremendous connections which comes to the web server. Some of these may be an attack and some may be normal ones. Here the redirected traffic which reaches the honeywall will be examined separately and those found to be malicious would be spotted, their source IP address is send to the firewall by which the rules stored in the firewall can be updated. The outer firewall will be initially setup in a Redhat Linux machine, by updating its IPTables via network messages. Some groups of Honeypots were created inside a single machine using virtualisation techniques. Softwares like Sun virtual box-VMWare were used for this purpose so that it was not required to buy large number of high end systems for implementing this setup and thereby cost was reduced in a great extend.

4. Implementation

Figure 6. Communication Architecture

Figure 7. Implemented Routing of packets

We are using two types of attack detection techniques – one is Threshold based classification and another one is protocol based classification. The first one mainly monitors the traffic and if the traffic exceeds the defined threshold for a particular Source IP address. The occurrence of each source IP in a flow is determined and the total number of unique destinations and unique ports accessed by the IP is determined. The ratio of the number of destination IPs to the number of destination ports is determined (IP/Port ratio). This IP/Port ratio is compared with the threshold value and if the value is far greater than or far less than the threshold

value then the source IP is tagged as a suspicious. The same process above is then done in multiple time intervals and if the same source IP shows a similar behaviour, it will be confirmed as a suspicious IP. The IP address would be updated in the iptables in the Linux firewall so that further communication from the same IP Address would be blocked. In the second module, the monitored traffic is classified based on protocol. Some features have been done with help of honeyd. Here the whole traffic would be classified based on protocols and will be logged for further analysis. Here using the dynamically generated signatures, the snort database is updated in a real-time basis.

5. Findings By implementing this system, we could implement a cost effective Intrusion detection and prevention system. Here, since the signatures for snort database is updated in a real time basis, it would also work as a prevention system. Since these VMware’s are running on a single hardware, we were able to setup different honeypots with different interaction. So that some would be good in capturing network attacks and some others could be used for preventing the spread of worms in the network.

6. Conclusions and Future Outlook In this paper we have provided a brief overview of what honeynet are, and they are useful in NIDS and NIPS. We have discussed the different types of honeypots, honeywall and how to combine and set up a honeynet. We also looked at factors that should be considered when implementing a honeypot. Here we have used it along with a firewall and an IPS module which updates the rules in firewall. VMware software which serves the purpose of virtual machine is used so that there is no need to buy large server configuration machines. Even a single machine resource can be shared by many hosts which are used for making honeypots thereby bringing out cost effectiveness. We are planning to use the honeypots or honeynet for vulnerability analysis in a network to find out both host based vulnerability and network based vulnerability. Also these honeynets could be used to find out the spread of worm in a network and prevent it from spreading to the entire network by creating and updating the signature automatically.

References [1] I. Mokube, M. Adams. “White paper: Honeypots:

Concepts, Approaches, and Challenges,” ACMSE 2007, March 23-24, 2007,Winston-Salem, North Carolina, USA

[2] R. Baumann, C. Plattner, “White Paper: Honeypots, Swiss,” Federal Institute of Technology, Zurich, 2002.

[3] K. Gubbels “Hands in the Honeypot,” GIAC Security Essentials Certification (GSEC), 2002.

[4] Karthik S, Samudrala B, Yang AT. “Design of Network Security Projects Using Honeypots,” Journal of

IPTABLES FIREWALL

OUTPUTCHAIN

INPUTCHAIN

FORWARDCHAIN

Internet

Honeywall

Honeypot

Honeypot

No Restrictions

Connections Limited Packet Scrubbed


32

Computing Sciences in Colleges, 20(4), pp. 282-293. 2005

[5] N. Provos, “Honeypot Background, ” http://www.honeyd.org/background.php.

[6] L. Spitzner, “Honeypots: Tracking Hackers,” Addison- Wesley Pearson Education, Boston, MA, 2002.

[7] L. Spitzner, “The Value of Honeypots, Part One: Definitions and Values of Honeypots,” Security Focus, 2001.

[8] Jr, Sutton, R.E. DTEC 6873 “Section 01: How to Build and Use a Honeypot.”.

Authors Profile Aathira K S received B.Tech in Computer Science and Engineering from Kerala University. Currently pursuing M.Tech. in Cyber Security from Amrita School of Engineering Coimbatore. Her research interests are Intrusion Detection and Prevention Systems, Malware detection.

Hiran V Nath received B.Tech in Information Technology from Kerala University. During 2007-2009, he worked in VSSC/ISRO, Govt of India, on contract basis through Hi-Rel Fabs, Trivandrum. Currently pursuing M.Tech. in Cyber Security from Amrita School of Engineering Coimbatore. His research interests are Intrusion Detection and Prevention Systems,

Malware detection. Thulasi N. Kutty received B.Tech in Computer Science and Engineering from Kerala University. Currently pursuing M.Tech. in Cyber Security from Amrita School of Engineering Coimbatore. Her research interests are Intrusion Detection and Prevention Systems, Malware detection.

Gireesh Kumar T received B.Tech degree in Mechanical Engineering from N.S.S.college, Palghat,Kerala in 1998 .He attained his MTech degree in Computer and Information Science from Cochin University of Science and Technology, Cochin, Kerala in 2002. He is currently pursuing PhD.in Artificial Intelligence at Anna University, Chennai. He was Senior Lecturer with Department of Computer Science and

Engineering at VLB Janakiammal College of Engineering, Coimbatore, Tamilnadu from 2004 to 2008.He is now an Assistant Professor (Sr.Grade) with Centre for Cyber at Amrita Vishwa Vidyapeetham, Ettimadai, Tamilnadu. His research interests are in the field of artificial Intelligence, Machine. Learning and Algorithms. He has about 20 publications to his credit.


33

Spatial Cluster Coverage of Sensor Networks G.N. Purohit, Megha Sharma

1Department of Mathematics, AIM & ACT, Banasthali University,

Banasthali-304022 [email protected]

2Department of Computer Science, AIM & ACT, Banasthali University,

Banasthali-304022 [email protected]

Abstract: The availability of wireless Sensor Networks (WSN’s) offers the opportunity to approach practical problems in a different way, sensing the environment and collecting data dynamically. Since sensor nodes are deployed in a large region, the objective is to achieve complete coverage of the region that is every location in the region lies in the observation field of at least one sensor node. However, the initial placement of sensors may not achieve this goal for various reasons. In this paper, we study the coverage phase transition in sensor networks. Given a three dimensional Region of Interest (R.O.I) we study the transition from small fragmented regions to a single large covered region.

Keywords: critical density, covered components, percolation, spherical shell.

1. Introduction A sensor is an equipment which has the capability to perceive the environment where it is established or the phenomenon that justified its implementation. It must also be able to transmit the perceived data. There has been a growing interest to study and build systems of mobile sensor networks. It is envisaged that in the near future, very large scale networks consisting of both mobile and static nodes will be deployed for various applications, ranging from environment monitoring to emergency search-and-rescue operations [12], [3]. Some issues such as location, deployment and tracking are the fundamental issues, because many applications such as battlefield surveillance, environmental monitoring and biological detection rely on them.

In this paper, we address one of the fundamental problems of WSN’s i.e., coverage. Coverage is a metric of the quality of service that reflects how well a target field is monitored under the base station .The coverage problem can be studied under different objectives and constraints imposed by the applications such as, worst-case coverage [6], deterministic coverage [6], [1] or stochastic coverage [2], [6], [1], and [4], [9]. The coverage provided by sensor networks is very crucial to their effectiveness [8]. We wish to track the transition of the Region of Interest (R.O.I) from partially covered to fully covered. As more and more sensors are continuously deployed, the degree of sensing coverage provided by a WSN and/ or the size of covered region increases. We compute the probability of the change from small covered fragments to a single large connected component, and we study such transition of phase in network coverage through percolation theory.

The remainder of this paper is organized as follows. Section 2 defines the percolation approach for coverage. In

Section 3 the coverage problem at critical percolation is solved. Section 4 concludes the paper. 2. Coverage in a Three-Dimensional region at

critical percolation We propose a probabilistic approach to compute the covered volume fraction at critical percolation for the phase transition of coverage. We try to solve the coverage problem using a Poisson distribution for computing covered volume fraction. We consider a set of homogeneous sensing spheres whose centers represent the location of sensors and are randomly distributed in three dimensional space according to Poisson distribution of density ( )λ . In percolation based

approach, we find out the critical density cdλ . This density

cdλ represents the density of sensors for the first minimum required coverage such that we say percolation surely occurs when λ > cdλ .

2.1 Models and Terminology In this section we describe the percolation model and introduce some relevant terminology. We first give some definitions related to the model. 2.1.1 Definitions Def 1. (Sensing Range). The sensing range ( )rSi of a

sensor iS is a sphere of radius r centered at iξ and defined by

( ) ,S

≤−∈= rjξiξ:3I Rξri

where ji ξξ − stands for the euclidian distance between iξ and jξ .

Def 2. (Covered Volume Fraction). The covered volume fraction of a Poisson Boolean model ( ( ){ } )1i:rS,X iλ ≥ given by ( ) ( )vλexp1rV −−= is the mean fraction of volume covered by sensing spheres Si (r), for i≥1, in a region of unit volume where 3πr

34

=v is the volume of the sensing disk and λ is the density of Poisson point process λX . Def 3. (Collaborating Sensor). Two sensors iS and jS are said to be collaborating if and only if the Euclidian distance between the centres if their spheres satisfies 2rξξ ji ≤− . The collaborating set of the sensors iS and jS , denoted by Col(Si), include all of the sensors it can collaborate with , i.e.

( ) { }2rξξ:SSCol jiji ≤−=


34

Def 4. (Collaboration Path). A collaborating path between two sensors Si and Sj is the sequence of sensors

iS , 1iS + ,..., 1-jS , jS such that any pair of sensors lS and 1lS + for i≤l≤j-1 are collaborating.

Let { }1i:ξX iλ ≥= be a three dimensional homogeneous Poisson point process of densityλ , where iξ represents the location of the sensor iS . Def 5. (Spatial Poisson Point Process). Let ( )VXλ be a random variable representing the number of points in a volume (region) V. The probability that there are k points inside V is computed as

( ) ( )vλ-expk!Vλ

k(V)XPkk

λ == (1)

For all k ≥ 0 V is the volume of region V.

2.2 Percolation Model A Percolation model can be viewed as an ensemble of points distributed in space, where some pairs are adjacent [B]. We consider a Boolean model which is defined by two components

(i) Point process λX , and

(ii) Connection function h

The set { }1i:ξX iλ ≥= is a homogeneous Poisson point process of density λ in a three dimensional Euclidian plane of 3R I , where the element of λX are the locations of the sensors used to cover a field.

The connection function h is defined such that two points iξ and jξ are adjacent independently of all other points,

with probability ( )ji ξξh − given by

( )

≤−=−

otherwise 0

dξξ if 1ξξh ji

ji

where ji ξξ − is the Euclidian distance between iξ and jξ

We consider a continuum percolation model that consists of homogeneous spheres whose centers (representing locations of spheres) are randomly distributed in 3R I according to a spatial Poisson point process of density λ . In percolation theory we are interested in the critical density

cdλ at which infinite cluster of overlapping spheres first appears. The density cdλ is the critical value for density λ such that there exists no infinite cluster of overlapping spheres almost surely when λ < cdλ , but there is an infinite cluster of overlapping spheres, almost surely when λ > cdλ , and we say percolation occurs.

3. Phase Transition from Scattered Sensing Clusters to Single Percolation Coverage

In this problem we are interested in finding probability of first appearance of an infinite (or single large) coverage component that spans the entire network. Def 6. (Covered k-Component). A set of sensing spheres

( ){ }mi1:rSi ≤≤ is said to be a covered component if and only if it is maximal, and there exists a collaboration path between any pair of sensors iS and jS , for all

j1 ≤ , ml ≤ and lj ≠ . A covered K-component, denoted by kC is a covered component having k sensing spheres. Def 7. (Critical Covered Volume Fraction). The critical covered volume fraction of ( ){ }( ),1i:rS,X iλ ≥ computed as ( )cc vλexp1V −−= , is the fraction of volume covered at critical percolation, where cdλ is the associated density of Xλ.

Here, we compute the probability of the occurrence of first minimum required coverage that appears at critical density cdλ . We assume that λ is not constant as the sensors are deployed randomly. We want to compute the critical density, cdλ at critical percolation, such that when λ > cdλ , the Boolean model ( ){ }( )1i:rS,X iλ ≥ is said to be percolating.

3.3 Approximation of the Shape of Covered Components

(a)

(b)

Figure 1. (a) Diagramatic representation of overlapping spheres. (b) Shape of a covered component

The centers of all covered k-components represented by

kξ also form a Poisson process with density ( )kλ .i.e., the covered components are randomly and independently distributed according to a Poisson process with a density of

( )kλ centers per unit volume. If we assume the geometric form that encloses a covered k-component is a spherical shell, then let kR be the radius of the spherical shell

denoted by ( )k,RS kp and there is no other sensing sphere

overlapping with the boundary of the spherical shell. Thus the cocentric spherical band of thickness r, denoted by

( )rCCb , which surrounds the spherical shell should not include any other sical sensing sphere. Hence the annulus between radii kR and rkR + around the center ( )kξ must be empty. Let ( )kP is the probability that the concentric spherical shell encloses only one covered k-componenet. This probability is given by


35

( )kP = ( ) ( )[ ]empty is rCCk,RSProb bkp ,

where, ( )rCCb - cocentric spherical shell; ( )k,RSp k

which encloses a covered k-component ; kR - radius of sphere. To ensure, that the circle encloses only one covered k-component, annulus between radii Rk and Rk+r around the center ( )kξ must be empty.

( ) ( ) ( )[ ]( )[ ]emptyrCCProb

emptyrandCCk,RSProbkP

b

bkp= (2)

Where, ( ) ( )[ ]emptyrandCCk,RSProb bkp is the

probability that the spherical shell of thickness

rkR + encloses only one covered k-component. Thus, ( ) ( )[ ]emptyrandCCk,RSProb bkp = ( )[ ]k,RS Prob rkp + From (1)

( )[ ]( )

−

=++

3k

k3

rk

sp πR34λexp

k!

Rπ34λ

k,rRSProb

and

( )[ ]

( )( )

−+

=

3k

3k

b

RrRπ34λ-exp

emptyrCCProb

Therefore,

( )

−

=+

3k

k3

rk

πR34λexp

k!

Rπ34λ

p(k) (3)

3.4 Density at Critical Percolation for covered component

The average distance between sensors is the average of the minimum distance between all sensing spheres, each from one covered component. Two covered components can be merged together into a single one if and only if, there is a pair of sensing spheres, such that the distance between their centers is at most equal to 2r. At critical percolation, the average distance between two neighboring covered components is given by:

(4)

( )kλc =density of Ck at critical percolation Also the average distance between two neighboring covered components is given by

( )c

r4λλcc

avg2

λ2reλ-4rλ2erf

d2ππ −

= (5)

erf(x) is the error function [9]

( ) ( ) dtt-expπ2xerf

x

0

2∫=

From (4) and (5) we get,

( )( )( )2r 4λλc

cc

cc 2

reλ-4r πλ2erf

λkλ

−= (6)

3.5 Radius at Critical Percolation of Covered

Components Critical radius of a covered component is a particular value of the radius kR of the spherical region enclosing a covered component that surely guarantees the formation of a special class of covered k-components. Regardless of the number of sensing spheres of radius r, located in sphere of radius 2r , these sensing spheres should definitely form a covered k-component (i.e., when kR = 2r , the critical radius, ensures covered k-component).

At critical percolation, the density of covered k-components, which are enclosed in spheres whose radii (critical radius) are equal to 2r , is given as

3πR34

Nλ = (7)

where, N is number the number of sensing spheres randomly deployed in a spherical region of radius R , an density λ The mean number of covered k-components,

( ) 3k πR

34kλω =

( )3

k

πr34ωkλ = From (7) ( )

Nω

λkλ k= (8)

Nωk can be approximated by probability

( )[ ]2rCradP k =

Hence, ( )[ ]Nω

2rCradP kk == (9)

From (8) and (9)

( )[ ]2rCradλPλ(k) k == (10)

Substituting kR = r2 in (3)

( ) ( )

= 3

c

k3cc

c πrλ3

32-expk!

πr36λλkλ (11)

3.6 Identification of critical percolation

We generate an equation that identifies critical percolation for a set of covered k-components

(k)λ21d

c

1 =avg


36

From (5) and (6)

( )( ) ( )( ) ( )01e

k!27μr 4πλ-reλ4r πλ2erf

k,rVg 8μ-k22

cccc1 =−

−= (12)

where, ( )( )k,rVg c1 is the equation for percolation. Since we are interested in computing the covered volume fraction for critical fraction

( ) 3cc r λ

34-e1V π−=r

Hence, ( )( ) µπ =−−= rV1log 34λ c

3c r

Therefore, substituting ( )rcV in (7)

( )( )k,rVg c1

( )( ) 018μ-exp

k!

27μr3-exp

π2r3μ4

2r3μ

2erf k

2

=−

−

=

µ

(13)

3.7 Numerical Results

The function ( )( )k,rVg c1 described in equation (8), which

varies with ( )rVc is represented in Figs. 2(a), 2(b), 2(c). for different values of k=2,k=3,k=4 respectively. We observe that the function ( )( )k,rVg c1 does not attain the value 0 for k=2, Fig. 2(a). However, it attains the value 0 for k=3 Thus percolation occurs first at k=3 and for k=4, Figs. 2(b) and 2(c).Since, we are interested in the covered volume fraction. The percolation will be complete when value of

( )rVc is greater than equal to 0. Analyzing the results we

obtain that critical percolation occurs at ( )rVc =0.23 and Vc(r) =0.26 for k=3 and k=4, respectively.

(a)

(b)

(c)

Figure 2. Critical percolation at k=3 and k=4 for Vc(r) = 0.23 and Vc(r)=0.26 respectively

4. Conclusion In this paper we have discussed the problem of Phase Transition from Scattered Sensing Clusters to single Percolation Coverage in WSN’s using a probabilistic approach. We determined, when an infinite covered component could take place for the first time. For achieving this objective, we have taken the covered volume fraction metric for calculating the critical percolation.

References [1] B. Liu, and D. Towsley, “A Study of the Coverage of

Large-scale Sensor Networks,” In Proceedings of MASS ’04, 2004.

[2] C. Huang, and Y. Tseng, “The Coverage Problem in a Wireless Sensor Network,” In Proceedings of WSNA ’03, pp. 115-121, 2003. (Conference proceedings)

[3] D. Estrin, D. Culler, K. Pister, and G. S. Sukhatme, “Connecting the physical world with pervasive networks,” IEEE Pervasive Computing, vol. 1, no. 1, pp. 59.69, 2002.

[4] D. Miorandi, and E. Altman, “Coverage and Connectivity of Ad Hoc Networks in Presence of Channel Randomness,” In Proceedings of the IEEE INFOCOM 05, March 2005, pp. 491–502. 2005.


37

[5] F. Koushanfar, S. Meguerdichian, M. Potkonjak, and M. Srivastava, “Coverage Problems in Wireless Ad-Hoc Sensor Networks,” In Proceedings of the IEEE INFOCOM 01, pp. 1380–1387, 2001.

[6] G. Vendhan.S1and S.V Manisekaran2, “A Survey on Hybrid Mobile Sensor Networks,” International Journal of Recent Trends in Engineering, Vol. 1, No. 2, 2009.

[7] G. Xing, X. Wang, Y. Zhang, C. Lu, R. Pless and C. Gill, “Integrated Coverage and Connectivity Configuration for Energy Conservation in Sensor Networks,” ACM Transactions on Sensor Networks, Vol. 1, No. 1, pp. 36–72, 2005.

[8] http://mathworld.wolfram.com/Erf.html, 2008. [9] J.W. Essam, “Percolation theory, “Reports on Progress

in Physics, vol. 43, pp. 833-912, 1980. [10] S. Poduri and G. S. Sukhatme, “Constrained Coverage

for Mobile Sensor Networks,” In IEEE International Conference on Robotics and Automation, pp. 165-172, 2004.

Authors Profile

Prof. G. N. Purohit is a Professor in Department of Mathematics & Statistics at Banasthali University (Rajasthan). Before joining Banasthali University, he was Professor and Head of the Department of Mathematics, University of Rajasthan, Jaipur. He had been Chief-editor of a journal.His present interest is in O.R., Discrete

Mathematics and Communication networks. He has published around 40 research papers in various journals.

Megha Sharma received the B.C.A and M.C.A degree from I.G.N.O.U in 2004 and 2008, respectively. She is currently working towards a Ph.D degree in computer Science at the Banasthali University of Rajasthan. Her research interests include wireless sensor networks with a focus on the coverage of wireless sensor networks.


38

A New Approach to Measure Quality of Image Encryption

Alireza Jolfaei1 and Abdolrasoul Mirghadri2

1Faculty and Research Center of Communication and Information Technology, IHU, Tehran, Iran

[email protected]

2Faculty and Research Center of Communication and Information Technology, IHU, Tehran, Iran [email protected]

Abstract: Image encryption techniques are applied widely in the digital world today to assure information security. Although more and more encryption algorithms appear, they lack a method to evaluate the encryption quality. Visual inspection is not enough on judging the quality of encrypted images. So, we propose three classes of measurements based on the pixel’s position changing, value changing and both value-position changing. In order to evaluate the efficiency of methods, measurements were applied on three different chaotic image encryption algorithms based on the baker’s map, Arnold cat map and standard map. Experimental results indicate the performance of the measurement techniques in terms of producing results that are consistent with the judgment by visual inspection.

Keywords: encryption quality, chaotic image encryption,

baker’s map, Arnold cat map, standard map

1. Introduction Nowadays, along with the development of digital technologies and telecommunication networks, there is a substantial increase in the demand for private and secure movement of highly confidential imagery data over public channels. The concern for protection of information is increasing at an alarming rate. It is important to protect the confidentiality of imagery data from unauthorized access. Security breaches may affect user’s privacy and reputation. So, data encryption is widely used to confirm security in open networks such as the internet.

Digital image is a massive two-dimensional data. The smallest unit of an image is a pixel. In a digital image, each pixel represents a different level of color intensity. According to the capacity of human visual perception in distinguishing different levels of intensity, the entire range of intensity is divided into 256 levels. Thus, the level of intensity in each pixel has a value between 0 and 255. This range is demonstrated by a byte (8 bits). Therefore, each pixel is equal to one byte. For example, a gray scale image with size of 256×256 pixels is approximately 65 KB. So, an image with a small size has a large data volume. However, due to large data size and real time requirement, it is not reasonable to use conventional encryption methods. Thus, a major recent trend is to minimize the computational requirements for secure multimedia distribution.

During last two decades, chaotic dynamical systems have attracted the attention of cryptographers due to their definable and pseudo-random behavior. In consequence of increased interest in this field, a large number of chaos based image encryption schemes have been proposed [1, 2, 3]. Designing good image encryption schemes has become a focal research topic since the early 1990s. So far a number of image encryption quality measures have been proposed [4, 5, 6]. However, Most of the previous studies on image encryption were based on visual inspection to judge the effectiveness of the encryption techniques. Unfortunately, there are no classified measures to justify and compare the effectiveness of proposed schemes. However, in [7], Elkamchouchi and Makar presented quantitative measures of the encryption quality based on maximum deviation and correlation. Afterwards, they proposed an improved version of maximum deviation measure and named it as irregular deviation measurement. In this paper, we present new classified tests for encryption quality measurement and implement these tests on three common encryption schemes based on baker’s map, Arnold cat map and standard map and compare the results.

This paper is organized as follows. In the next section three image encryption schemes based on chaotic maps are briefly overviewed. In Section 3, the new classified measures of encryption quality are introduced. Experimental results for presented encryption schemes are reported in section 4. Finally, some conclusions are given in Section 5.

2. Chaotic Image Encryption Algorithm The increasing interests in utilizing chaotic dynamics in various cryptographic applications have ignited tremendous demands for chaos generators with complex dynamics but simple designs. The mixing property of chaotic maps is of particular interests for cryptographic designs. Due to the differences in formulations, the nature of the generated chaotic maps may not be the same and hence their characteristics are different. Among chaotic maps, 2D baker’s map, Arnold cat map and standard map attract much attention. These prevalent maps are described as follows.

2.1 Baker’s Map The baker’s map, invented by Eberhard Hopf in 1937, is an intuitively accessible, two-dimensional chaos-generating


39

discrete dynamical system [8]. This is a simple example of a map similar to a horseshoe, although it is a discontinuous map [9]. Consider the map F for the half-open square [0,1) [0,1)× onto itself where

( , ) ( ( ), ( , , ))F x y x g a x yσ= (1)

1mod2)( xx =σ , 1)(0 <≤ xσ (2)

1 102 2( , , ) mod 1,0 1.1 1( 1) 12 2

ay xg a x y g

ay x

≤ < = ≤ < + ≤ <

(3)

We show F(S) in Fig. 1, where S is the unit square. The geometrical nature of the map is equivalent to a horizontal stretching and vertical contraction, followed by a vertical cutting and stacking. This resembles the preparation of dough, so F is often called the baker’s transformation.

Since an image is defined as a 2D matrix with finite pixels, a correspondingly discretized form of the baker’s map needs to be derived. In fact, a discretized map is required to assign a pixel to another pixel in bijective manner. In [10], Pichler and Scharinger suggested an approach for the discretized generalized baker’s map as follows:

1( ,..., ) ( , ) ( ( ) mod , ( mod ) ).k

in n i i

i i i

nN N NB x y x N y y y Nn n N n

= − + − + (4)

Considering a N×N square image, 1( ,..., )kn nB denotes the

discretized generalized baker’s map with 1i i iN x N n +≤ < + and 0 y N≤ < . The sequence of k

integers, n1,…, nk, is chosen such that each integer ni divides N and n1+…+ni = Ni.

(a)

(b)

Figure 1. Baker’s map: (a) geometrical nature of the baker’s map, (b) area contraction by the map F.

2.2 Arnold Cat Map The Arnold cat map is a discrete system that stretches and folds its trajectories in phase space. Vladimir Arnold

discovered the ACM in the 1960s and he used the image of a cat while working on it [11]. Assume that the dimension of the original grey scale image is N×N. Arnold cat map is described as follows:

1

1

1mod mod ,

1n n n

n n n

x x xpA N N

y y q pq y+

+

= = +

(5)

where p and q are positive integers and det (A) = 1, which makes the map area-preserving. The (xn+1, yn+1) is the new position of the original pixel position (xn, yn) when Arnold cat map is performed once. The period T of the Arnold cat map depends on the parameters p, q and the size N of the original image. After iterating this map m times, we have

mod .n m nm

n m n

x xA N

y y+

+

=

(6)

An interesting property of the ACM is the Poincaré Recurrence Theorem [12]. The Poincaré Recurrence Theorem states that certain systems will, after a sufficiently long time, return to a state very close to the initial state. This means that after a certain number of iterations the ACM will return to its original state.

2.3 Standard Map The 2D standard map illustrates the motion of a simple mechanical system called the kicked rotator [13]. This map is an area-preserving chaotic map from [0, 2π)×[0, 2π) onto itself and is described by

1

1 1

( )mod 2( sin )mod 2 ,

n n n

n n n

x x yy y k x

π

π+

+ +

= + = +

(7)

where ( , ) [0,2 )n nx y π∈ , and the constant 0k > is the control parameter. In order to map image pixels to another in a bijective manner, the discretized version of standard map is required. In [14], Fridrich stated the criterion for continuous map discretization. So, the discretized standard map is attained by substituting

, ,2 2 2N N NX x Y y K kπ π π

= = = , which maps from [0,

2π)×[0, 2π) to N×N. The discretized map is as follows

1

11

( )mod ,2

( sin( ))mod .

n n n

nn n

x x y Nx

y y k NN

π+

++

= +

= + (8)

This map reduces the computational complexity by operating in integer domain. So, it is more suitable for real-time data encryption.

3. Measurement of Encryption Quality Image encryption quality measures are figures of merit used for the evaluation of image encryption techniques. We classify these measures into three categories: methods based on the pixel’s position changing, methods based on the pixel’s value changing and methods based on both pixel’s value and position changing. We present these measures as follows.


40

3.1 Measurement Based on the Position Changing Here, we propose a method to justify the confusion property of a chaotic map. That is to test the average distance change (ADC) among indices of closed pixels in plain-image and indices of relocated pixels in cipher-image. If an H×W image is permuted by chaotic map, then for the four neighbor pixels in the plain-image {(i–1, j), (i+1, j), (i, j–1), (i, j+1): (i = 1, 2,…, H–2), (j = 1, 2 ,…, W–2)}, the average distance change is defined as

1( , ) [ (( 1, ),( 1, )) (( 1, ), ( 1, ))4

(( , 1),( , 1)) (( , 1), ( , 1))],

ADC i j D i j i j D i j i j

D i j i j D i j i j

′ ′ ′ ′= − − + + +

′ ′ ′ ′+ − − + + +

(9)

2 2(( , ), ( , )) ( ) ( ) ,D i j i j i i j j′ ′ ′ ′= − + − (10)

where (i', j') is the location of the pixel permuted from the one (i, j). Thus, the average distance change in the whole image is

2 2

1 1

1 ( , ).( 2)( 2)

H W

i jADC ADC i j

H W

− −

= =

=− − ∑ ∑ (11)

Seen from Eq. (11), the average distance change is always bigger than 0, unless the permuted image is the same as the original one. The bigger ADC, the more confused the original image. The ADC is in relation with iteration time.

3.2 Measurement Based on the Value Changing Plain-image pixels values change after image encryption as compared to their original values before encryption. Such change may be irregular. This means that the higher the change in pixels values, the more effective will be the image encryption and hence the encryption quality. So the encryption quality may be expressed in terms of the total changes in pixels values between the plain-image and the cipher-image. Ahmed et al. proposed a measure for encryption quality that is expressed as the deviation between the original and encrypted image [4]. This method is determined as follows:

Let P, C denote the original image (plain-image) and the encrypted image (cipher-image) respectively, each of size W×H pixels with L grey levels.

( , ), ( , ) {0,..., 1}P x y C x y L∈ − are the grey levels of the images P, C at position (x, y), 0 <x < W–1, 0 <y < H–1. We will define HL(P) as the number of occurrence for each grey level L in the original image (plain-image), and HL(C) as the number of occurrence for each grey level L in the encrypted image (cipher-image). The encryption quality represents the average number of changes to each grey level L and it can be expressed mathematically as:

255

0| ( ) ( ) |

.256

L LL

H C H P

EQ =

−

=∑

(12)

Another measurement is proposed by Luo et al. by computing the relative error [5], which for an image of H×W is defined as

1 1

0 0

1 | ( , ) ( , ) |,| ( , ) |

H W

i j

P i j C i jAREHW P i j

− −

= =

−= ∑ ∑ (13)

which gives the average relative error of a pixel.

3.3 Measurement Based on the Value and Position Changing

In [6], Yu et al. presented a new method of evaluating scrambling degree through judging the relativity of closed pixels. Their method for evaluating scrambling degree for an image of H×W is as follows:

1 1

0 02 ,

255

H W

iji j

R

SH W

− −

= ==× ×

∑ ∑ (14)

1 2 3 4( , ) ( , ) ( , ) ( , ),ijR F i j F i j F i j F i j= + + + (15)

2 21

2 22

2 23

2 24

( , ) | [ ( 1, ) ( , )] [ ( 1, ) ( , )] |

( , ) | [ ( 1, ) ( , )] [ ( 1, ) ( , )] |

( , ) | [ ( , 1) ( , )] [ ( , 1) ( , )] |

( , ) | [ ( , 1) ( , )] [ ( , 1) ( , )] |,

F i j C i j C i j P i j P i j




= − − − − − = + − − + −

= − − − − −

= + − − + −

(16)

where S is scrambling degree, (0,1)S ∈ , Rij is the relativity of each pixel and its closed pixels. ( , ) : {1, 2,3, 4}kF i j k ∈ , is the relativity of each pixel and 4 pixels around it, C(i, j) is the pixel of the cipher-image and P(i, j) is the pixel of the plain-image. A problem exists in Yu et al.'s measurement method that occurs at the edge of the image. The pixels that fall off the image matrix are not defined. So, there is a problem in computing ( , )kF i j for {( , ) : 0, 1 &i j i H= +

0, 1}j W= + . Yu et al. probably performed zero padding for the pixels that fall off the image to calculate ( , )kF i j . We redefine the space of scrambling degree function to (H–2)×(W–2) to omit zero padding and improve scrambling degree measurement as follows:

2 2

1 12 .

255 ( 2) ( 2)

H W

iji j

R

SH W

− −

= ==× − × −

∑ ∑ (17)

Not only this method can evaluate the change of each pixel’s position, but also evaluate the change of adjacent pixel’s value.

4. The Analysis of Simulation Experiment

In order to further confirm the feasibility and validity of the presented measures, we select the classical image of 256×256 Lena with 256 gray levels as the original image and adopt the discretized generalized baker’s map, Arnold cat map and discretized standard map to be the encryption algorithm.


41

Fig. 2 shows the original image. Fig. 3 shows the results of applying the generalized discretized baker map with the sequence of 9 divisors of 256: (8, 8, 8, 64, 128, 16, 16, 4, 4), once, 9 and 20 times, respectively. By comparing the original and the encrypted images in Figs. 2 and 3, there is no visual information observed in the encrypted images, and the encrypted images are visually indistinguishable. The cipher-images of Figs. 3(b) and 3(c) are almost the same and seem to have uniform pixel distribution. Uniformity caused by an encryption function is justified by the chi-square test. For more information about uniform distribution, we recommend taking a look at [15]. Fig. 4 demonstrates the results of applying the ACM once, 9 and 20 times, respectively. The fluctuations in the cipher image are visually inspected along with the iteration times. The cipher-image of iterated 9 times is almost distinguishable from the 20 times. Fig. 5 depicts the results of applying the discretized standard map with k = 2010 as the control parameter once, 9 and 20 times, respectively. The cipher-images of Fig. 5 are visually more uniform than cipher-images of Fig. 4. Figs. 3, 4 and 5 draw a conclusion that there is a small fluctuation in cipher-image along with the iteration times. However, there are some differences in cipher-images and it is difficult to judge the quality by visual inspection. Also, it is observed that discretized generalized baker’s map and discretized standard map generate more uniform cipher-images in comparison with ACM.

Figure 2. Original image.

(a) (b) (c)

Figure 3. The test image after applying the discretized generalized baker’s map: (a) once, (b) 9 times and (c) 20

times.

(a) (b) (c)

Figure 4. The test image after applying the ACM: (a) once, (b) 9 times and (c) 20 times.

(a) (b) (c)

Figure 5. The test image after applying the discretized standard map: (a) once, (b) 9 times and (c) 20 times.

According to the property of chaotic map, the confusion property is in relation with iteration time. We tested the confusion property of baker’s map, Arnold cat map and standard map by computing the average distance change. Table 1 shows the average distance change of chaotic maps for one, 9 and 20 iterations. The resulting curves are shown in Fig.6, which show the relationship between the ADC and number of iteration. The chaotic algorithms are iterated 192 times for this test. Seen from the figure, curves are fluctuating as the number of iteration increases. However, the curve of the baker’s map oscillates much more than the one of ACM and the one of standard map. Moreover, by comparing Figs. 6(a), 6(b) and 6(c), it is seen that ACM permutation period is smaller than the discretized generalized baker’s map and the discretized standard map. The ADC curve of ACM is symmetric for 192 iterations. By contrast, there is no symmetry in baker and standard map’s ADC curve within 192 iterations. After 192 times of iterating ACM, the pixels of test image return to their original locations. This return to the original image makes it proportionately easier for the attackers to decipher the message through a simple brute force attack.

(a)

(b)


42

(c)

Figure 6. Test Result of average distance change (ADC) for the discretized generalized baker’s map, Arnold cat map and discretized standard map. Here, Figs. (a), (b) and (c) correspond to baker, Arnold and standard map, respectively. In each figure, the curves show the relationship between ADC and iteration time.

Table 1: ADC measurement

Chaotic Map Number of iteration

1 9 20

Discretized generalized baker’s map 100.5775 131.4606 126.9832

ACM 138.5058 132.9395 132.9348

Discretized standard map 136.5355 132.5094 132.8694

Test results based on the image Value Changing for one, 9 and 20 iterations are listed in table 2. Table 2 illustrates that Ahmed et al.’s proposed method is not efficient for computing encryption quality of permutation algorithms realized by chaotic maps. This method is based on computing the average changes in the number of occurrence for each grey level. The chaotic maps under study do not change the number of occurrence for each grey level. So, result of Ahmed et al.’s method of encryption quality is zero. From the listed data in table 2 we can see that the average relative error between pixels of plain-image and cipher-image changes as the number of iteration increases. It is not easy to compare the results by simply observing them in the table. So, for a better comparison, we computed the average relative error of chaotic maps for 192 iterations and depicted the results in Fig. 7. By comparing Figs. 7(a), 7(b) and 7(c), it is seen that baker’s and standard’s curve contain large sharp rises followed by sharp declines, as opposed to ACM’s curve that is steadier. Also, baker’s oscillation range is larger than standard map’s oscillation range. Along with iteration time increment, the change in pixel values realized by the discretized standard map varies less than the changes caused by the discretized generalized baker’s map realization.

(a)

(b)

(c)

Figure 7. Test Result of average relative error between pixels of plain-image and cipher-image for the discretized generalized baker’s map, Arnold cat map and the discretized standard map. Here, Figs. (a), (b) and (c) correspond to baker, Arnold and standard map, respectively. In each figure, the curves show the relationship between average relative error and iteration time.

The improved scrambling degree was computed By Applying equation (17) on the test image and its corresponding cipher-images. The measurement of scrambling degree for one, 9 and 20 iterations is shown in table 3. Table 3 illustrates that there is a fluctuation between scrambling degree of the chaotic maps under study. It is not easy to compare the results by simply observing them in the table. So, for a better comparison, we have computed the scrambling degree of each chaotic map for 192 iterations and depicted the results in Fig. 8. The highest and the


43

lowest degree are distinguished from the figure. Fig. 8 indicates that baker’s scrambling degree resultant curve has the least deviation among curves. Also, the resultant curve of scrambling degree of standard map is smoother than ACM’s. The higher the scrambling degree, the better the encryption security.

(a)

(b)

(c)

Figure 8. Test Result of improved scrambling degree for the discretized generalized baker’s map, Arnold cat map and the discretized standard map. Here, Figs. (a), (b) and (c) correspond to baker, Arnold and standard map, respectively. In each figure, the curves show the relationship between scrambling degree and iteration time.

Table 2: Measurement based on the value changing

Chaotic Map Ahmed et al.

Luo et al.

Number of iteration

1 9 20

Discretized generalized baker map 0 0.1456 0.1471 0.1437

ACM 0 0.1382 0.1469 0.1469

Discretized standard map 0 0.1526 0.1458 0.1456

Table 3: Measurement based on scrambling degree

Chaotic Map Number of iteration

1 9 20

Discretized generalized baker’s map 0.0535 0.2731 0.2770

ACM 0.0508 0.2845 0.2794

Discretized standard map 0.2476 0.2786 0.2773

5. Conclusion

A new classification in the field of image encryption’s quality measurement is introduced in this paper. The new approach is based on the pixel’s position changing, value changing and both value and position changing. We applied these measures on the ciphers based on discretized generalized baker’s map, ACM and discretized standard map. Experimental simulations showed the performance of the developed quality measurement techniques in terms of producing results that are consistent with the judgment by visual inspection. We showed that Ahmed et al.’s method of quality measurement is inefficient for the permutation only image ciphers. According to the test results of ADC, relative error and improved scrambling degree, encryption schemes based on discretized generalized baker’s map and discretized standard map generate more uniform cipher-images compared to ACM. Besides, resulting curves demonstrate that ACM permutation period is smaller than discretized baker and standard map. Moreover, by comparing these curves, we can find the iteration time that maximum encryption quality occurs. Finally, we suggest using a combination of the three classified quality measurement techniques when judging a certain encryption algorithm.

Acknowledgments This research was supported by the Iran Telecommunication Research Center (ITRC) under Grant no. 18885/500.

References [1] A. Akhshani, S. Behnia, A. Akhavan, H. Abu Hassan, and Z.

Hassan, “A Novel Scheme for Image Encryption Based on 2D Piecewise Chaotic Maps,” Optics Communications 283, pp. 3259–3266, 2010.

[2] A. Jolfaei and A. Mirghadri, “An Applied Imagery Encryption Algorithm Based on Shuffling and Baker's Map,” Proceedings of the 2010 International Conference on Artificial Intelligence and Pattern Recognition (AIPR-10), Florida, USA, pp. 279–285, 2010.


44

[3] A. Jolfaei and A. Mirghadri, “A Novel Image Encryption Scheme Using Pixel Shuffler and A5/1,” Proceedings of The 2010 International Conference on Artificial Intelligence and Computational Intelligence (AICI10), Sanya, China, 2010.

[4] H.H. Ahmed, H.M. Kalash, and O.S. Farag Allah, “Encryption Quality Analysis of RC5 Block Cipher Algorithm for Digital Images,” Journal of Optical Engineering, vol. 45, 2006.

[5] R.C. Luo, L.Y. Chung, and C.H. Lien, “A Novel Symmetric Cryptography Based on the Hybrid Haar Wavelets Encoder and Chaotic Masking Scheme,” IEEE Transactions on Industrial Electronics, vol. 49, no. 4, 2002.

[6] X.Y. Yu, J. Zhang, H.E. Ren, S. Li, and X.D. Zhang, “A New Measurement Method of Iimage Encryption,” Journal of Physics: Conference Series, vol. 48, pp. 408–411, 2006.

[7] H.M. Elkamchouchi and M.A. Makar, “Measuring Encryption Quality for Bitmap Images Encrypted With Rijndael and KAMKAR Block Ciphers,” Proceedings of The Twenty Second National Radio Science Conference (NRSC 2005), Cairo, Egypt, pp. 111–118, 2005.

[8] F. Han, X. Yu and S. Han, “Improved Baker Map for Image Encryption,” proceedings of the first International Symposium on Systems and Control in Aerospace and Astronautics (ISSCAA), pp. 1276–1279, 2006.

[9] A.J. Lichtenberg and M.A. Lieberman, Regular and Chaotic Dynamics, New York: Springer, 1992.

[10] F. Pichler and J. Scharinger, “Ciphering by Bernoulli shifts in finite Abelian groups,” in Contributions to General Algebra, Proc. Linz-Conference, pp. 465–476, 1994.

[11] G. Peterson, “Arnold’s Cat Map,” Fall 1997, http: online.redwoods.cc.ca.us/instruct/darnold/maw/catmap.htm

[12] W.H. Steeb, Y. Hardy, and R. Stoop, The Nonlinear Workbook, 3rd edition, World Scientific Publishing Co. Pte. Ltd, ISBN: 981-256-278-8, 2005.

[13] E. Ott, Chaos in Dynamical Systems, Cambridge University Press, New York, 2002.

[14] J. Fridrich, “Symmetric Ciphers Based on Two-Dimensional Chaotic Maps,” Int J Bifurcat Chaos, vol. 8, no. 6, pp. 1259–1284, 1998.

[15] P. L'ecuyer and R. Simard, “TestU01: A C Library for Empirical Testing of Random Number Generators,” ACM Transactions on Mathematical Software, vol. 33, no. 4, Article 22, 2007.

Authors Profile

Alireza Jolfaei received the Bachelor’s degree in Biomedical Engineering in the field of Bio-electric with the honor degree from Islamic Azad University, Science and Research branch, Tehran, Iran in 2007 and Master’s degree in Telecommunication in the field of Cryptography with the honor degree from IHU, Tehran, Iran in 2010. He was a chosen student in the first meeting of

honor students of Islamic Azad University, Science and Research Branch in 2005. Currently, he is a teacher assistant at the faculty and research center of communication and information technology, IHU, Tehran, Iran. His research interest includes: Cryptography, Information Systems Security, Network Security, Image Processing and Electrophysiology.

Abdolrasoul Mirghadri received the B.Sc., M.Sc. and PHD degrees in Mathematical Statistics, from the faculty of Science, Shiraz University in 1986, 1989 and 2001, respectively. He is an assistant professor at the faculty and research center of communication and information technology, IHU, Tehran, Iran since 1989.

His research interest includes: Cryptography, Statistics and Stochastic Processes. He is a member of ISC, ISS and IMS.


45

Improved User-Centric ID Management Model for Privacy Protection in Cloud Computing

Moonyoung Hwang1, Jin Kwak2

1Dept. of Information Security Engineering, Soonchunhyang University,

Asan si, Chunghcheongnam-do, Korea [email protected]

2Dept. of Information Security Engineering, Soonchunhyang University,

Asan si, Chunghcheongnam-do, Korea

Abstract: The development of the Internet has caused many different Internet services to appear, including cloud computing, which is getting a lot of attention recently. Users of cloud computing services must give personal information to get services. However, users can still experience privacy infringement because users cannot have direct control over the exchange of personal information between service providers.

Keywords: Security, Privacy Protection, Cloud Computing, ID management

1. Introduction Due to the rapid growth in popularity of new computing environments, cloud computing [1] has become an important research issue. Cloud computing is Internet-based computing whereby shared resources, software, and information are provided to computers and other devices on demand, similar to the function of the electricity grid.

Almost every cloud computing system uses ID Federation for ID management. ID Federation [2] provides secure access to user data, a Single Sign On (SSO) that functions as both access control and ID creation and management. However, business partners can only exchange Federated ID information with each other by prior consultation. Because all rights are transferred to service providers, users cannot control their own information. Therefore, users need a new model that can give them control of their own information and prevent privacy infringement [3] or the piracy of a user’s data.

In this paper, we propose a user-centric ID management model that provides the security and rights to control a person’s own information in a cloud computing environment.

2. Related work

2.1 Summary of Cloud Computing Cloud service providers build an imaginary resource pool from diffuse physical infrastructure and efficiently divide up virtual resources according to a user’s workload in a cloud computing environment. Users request cloud services through a catalog and a service provider’s system administration module supplies the necessary resources

through an imaginary server network. In the cloud computing system, users can authenticate and use the services they need, but do not know detailed information about these services.[4]

The structure of cloud computing is depicted in Figure 1.

Figure 1. Structure of cloud computing

To use cloud services, a user must supply credentials to a

service provider each time. Therefore most users of cloud services much manage many different Ids in order to connect to many different cloud services.

The general procedure of cloud services is depicted in Figure 2..

Figure 2. Cloud service procedure


46

2.2 ID Management 2.2.1 SAML Protocol

SAML is eXtensible Markup Language (XML) framework developed by the Organization for the Advancement of Structured Information Standards (OASIS). Transaction partners of a platform were designed so that disparate systems can exchange certification information, grant privileges, and safely profile analysis information. This system offers a Single Sign-On between enterprises, and is not subject to base security infrastructure. SAML is derived from Security Services Markup Language (S2MLs) and Authorization XML (AuthXML).

These days SAML 2.0 has been selected for many ID management systems and access control solutions. Google is using SAML 2.0 to authenticate customers in Google Apps, and NTT developed SASSO in which users are individual ID offerers who can achieve SSO and take advantage of certification functions of their mobile phone with a PC using SAML 2.0. SAML offers the following functions in different environments..

- Single Sign-on SSO is a connection technology that does all certifications in a system. With this technology a user logs in once and gains access to all systems without being prompted to log in again for each independent software system.

- Identity Federation

SAML 2.0 can connect an existing ID of a user from a service provider (SP) to an identity provider (IDP). This method can connect a user's name or attribute information or connect creating a pseudonym that consists of random numbers for privacy protection.

- Single Logout

The end user's certification session of IDP and SP by logging out once through the SSO function.

- Securing Web Service

Uses SAML 2.0 assertions by method that define and protect web service messages in the SAML Token Profile.

2.2.2 CardSpace

Information Cards are personal digital identities that people can use online. Visually, each Information Card has a card-shaped picture and a name associated with it that enables people to organize their digital identities and to easily select the one that they want to use for any given interaction. It has an IDP’s position and actual user information. In other words, CardSpace does not play the IDP role by actually issuing a user’s ID information, and achieves the role of an informing ID meta-system for IDP.[5] First, if user requests services from a service provider, the service provider delivers logs on a page that have special tags that can run CardSpace in a user's web browser. The user’s browser confirms user ID information required from the service provider through tag information and displays that

information included in the ID card. The user selects a suitable ID card on the screen, and user information is requested from the IDP which is the relevant ID offerer according to selected card information. If IDP passes user information to CardSpace, CardSpace passes this information to the service provider again.

CardSpace offers high security because it acts in a system environment that is not a general user environment and has the advantage of reducing phishing attacks since the function that displays information about ID cards includes IDP information

2.2.3 OpenID OpenID is a way to log into all web sites using one ID. In other words, it embodies the concept of SSO technology. Internet users do not need to depend on one service provider to manage their own ID information and can log in to any services with an ID which is a type of web address. Since they do not need to input their name and personal address information continuously, it is no danger to lose a user’s ID information. Therefore, a user manages one account only.[6]

OpenID - User-centric ID management technology - authenticates a user using IDP, therefore it authenticates the user with a URL only, without additional information.

OpenID has some characteristics in common with general ID management engineering. First, it’s not a centralized system but a distributed processing system. Everybody involved in OpenID becomes an IDP, and does not need permission or registration from any central authority. Furthermore, users can select the IDP that they wish to use, and in case of a change in IDP, a user can keep their own ID. Second, the service area is expanded by using OpenID at any web site that uses OpenID. Third, OpenID achieves user certification using existing web browsers on-line without the request of additional ID information. 2.3 ID management in cloud computing The ID management systems in cloud computing are depicted in Figure 3. Cloud service providers construct a relationship of mutual trust through prior consultations and provide a service by Federated ID.[6]

Each cloud service provider takes charge of creation of ID and stores personal information like an independent service provider. Users can use web service providers who construct a relationship of mutual trust by agreeing to a mutual exchange of information without special certification formality. In other words, a registered user of a web service provider can use other web services with a relationship of mutual trust.

Therefore it is called the Circle of Trust (CoT).


47

Figure 3. Federated ID in cloud computing

2.4 Problem Analysis 2.4.1 Absence of right to control own information Service providers almost always require more personal information than is necessary when offering services to users. But a user must give all the information to a service provider even if they do not want to. Furthermore, if users enter their own private information into the system individually they can no longer control own personal information, because of the characteristics of the cloud computing environment.

Therefore users do not know where their own personal information was stored, which can lead to an invasion of privacy or the theft of user information without noticing. 2.4.2 Centralized ID information Cloud service providers such as Google, Microsoft, Amazon and Facebook provide cloud services to general users. Therefore, the amount of personal information about a user that each service provider collects is increasing. This means that privacy infringement outside of a user’s control is possible because of the centralized storage system.

3. Proposed model

3.1 TERMINOLOGY Table 1. Terminology

composition explanation

User Someone who uses cloud

computing services using UCIDP and controls the UCIDP

User-Centric ID

Provider (UCIDP)

Manages authentication information and personal

information between users and cloud service providers

Certificate Authority Authorizes the UCIDP

Personal ID information

Unique information for user authentication

such as social security number, PIN

Authentication ID Information

Required information from user for cloud service provider such as an

id or password

Common ID information

Additional information for cloud services such as address, age, e-

mail, or phone number

3.2 Composition and concept In this subsection, we explain the composition and concept. The proposed model consists of a UCIDP that provides an ID management service, a user who controls the UCIDP, a cloud service provider, and the assumption that there exists a certificate authority (CA) who is responsible for issuing certificates to ensure the UCIDP.

The composition of the proposed model is depicted in Figure 4.

Figure 4. Concept of proposed model

3.3 Service process of the proposed model In this subsection, we explain the simple service process of the proposed model, which is also depicted in Figure 5.

Figure 5. The service process of the proposed model

Step 1: user selects UCIDP in the UCIDP list and creates an ID Step 2: user requests cloud computing services Step 3: cloud service provider asks user for an ID and PW Step 4: user transmits ID and PW to cloud service provider Step 5: cloud service provider requests personal information

for the service Step 6: user confirms and transmits required information Step 7: cloud service provider offers service


48

3.4 Management function of ID information The proposed model provides ID management of all ID information. The functions offered are as follows. (a) Issuance of ID

Figure 6. The process of ID issuance

Step 1 : user selects UCIDP in the UCIDP list and requires

an ID to UCIDP Step 2 : UCIDP requires a user’s personal ID information Step 3 : user transmits a Personal ID to UCIDP Step 4 : UCIDP issues ID to user (b) Federated ID

Step 1 : UCIDP creates intermediate information for

Federated ID from user's certificate information Step 2: UCIDP transmits created intermediation information

to each service provider Step 3 : Service provider verifies information and stores

information after verification ends Step 4 : Service provider transmits verification sequence to

UCIDP Step 5 : All processes for Federated ID are ended (c) SSO(Single Sign-On)

Step 1 : User authenticates to UCIDP Step 2 : UCIDP delivers certification confirmation

information to user Step 3 : UCIDP delivers IDP certification confirmation

information to each service provider Step 4 : Service provider verifies certification confirmation

information and publishes service provider's certification information

Step 5 : User has possible SSO function with certification information from the service provider

(d) Change of common ID information

Figure 7. The process of change common ID information

Step 1 : user changes a common ID in UCIDP Step 2 : UCIDP requires that the common ID change is

reflected to the cloud service provider Step 3 : Cloud service provider requires authentication ID

information from UCIDP Step 4 : UCIDP transmits authentication ID information to

cloud service provider Step 5 : Cloud service provider confirms authentication ID I

nformation and if it’s correct, reflects the changed common ID information.

4. Comparison The proposed model differs from existing ID management systems in the areas of ID information management and control. In the proposed model, users can choose the UCIDP


49

and control personal ID information, authentication ID information, and common ID information. Furthermore, the user has the authority to offer, alter, or discard his or her own ID information.

The comparison of the proposed model with other systems is depicted in Table 2.

Table 2. Comparison with other system

SAML 2.0

[8]

OpenID

[6][9]

Card

Space UCIDP

Certification

Method

Agreement

between

IDP and SP

User

chooses

the IDP

and SP

Existing

Model

integration

User

chooses

the IDP

and SP

ID federation o x o o

ID information

offer x x o o

Change of

ID information x x x o

SSO o o o o

5. Conclusion The appearance of the cloud computing environment has become an issue to all users who use services through a network environment. However, users can’t control their own personal ID information, authentication ID information, or common ID information. This problem can result in the infringement of user privacy. Therefore we have proposed a new user-centric ID management model. This model offers another ID management system and controls user information naturally.

6. References

[1] G.H. Nam “trend of cloud computing technology”

ETRI, 2009 [2] Y.S. Cho, S.H. Jin, P.J. Moon, K.I. Chung, “Internet

ID management System based ID Federation”, the institute of electronics engineers of korea, Vol. 43, No. 7, pp. 104-113, 2006

[3] Salmon, J. “Clouded in uncertainty – the legal pitfalls of cloud computing”, Computing magazine, September 24, 2008.

[4] Rich Maggiani, "Cloud Computing Is Changing How We Communicate" Professional Communication Conference, pp.1-4, 2009.

[5] AlrodhanW.A,MitchelC.J,”Addressing privacy issues in CardSpace”, Information Assurance and Security, 2007. IAS 2007. Third International Symposium on, pp.285-291,2007.

[6] H.K.Oh,S.H.Jin,”The Security Limitations of SSO in OpenID”, Advanced Communication Technology, 2008. ICACT 2008. 10th International Conference on, pp.1608-1611, 2008

[7] Juniper Networks, "Identity Federation in a hybrid cloud computing environment solution guide", JuniperNetworks, pp.1-6. 2009

[8] Y.S Cho, S.H. Jin, “Practical use and investigation of OASIS SAML(Security Assertion Markup Language) v2.0”, korea multimedia society, Vol.10, No. 1, pp.59-70, 2006.

[9] http://en.wikipedia.org/wiki/OpenID Authors Profile

Moonyoung Hwang was received the B.S. degrees from Department of Information Security Engineering, Soonchunhyang University, Asan, Korea in 2008. Now he is a student of M.S.course in Department of Information Security Engineering, Soonchunhyang University, Korea.

Jin Kwak was received the BE, ME and PhD degrees from Sungkyun-Kwan University, Seoul, Korea in 2000, 2003, and 2006 respectively. He has joined Kyushu University in Japan as a visiting scholar at the Graduate School of Information Science and Electrical Engineering. After that, he joined MIC(Ministry of Information and Communication, Korea) as a

Deputy Director. Now he is a professor and Dean of Department of Information Security Engineering, and also Director of SCH BIT Business Incubation Center, Soonchunhyang University, Korea. His main research areas are Cryptology, Information security applications includes Cloud computing security, Multimedia security, Embedded System security, and IT product evaluation(CC). He is a member of the KIISC, KSII, KKITS, and KDAS.


50

Stock Market Forecasting using Artificial Neural Network and Statistical Technique:

A Comparison Report K S Vaisla1 and Dr. Ashutosh Kumar Bhatt2, Dr. Shishir Kumar3

1Deptt. of Computer Science & Engineering,

VCT Kumaun Engineering College, Dwarahat, District –Almora (Uttarakhand), INDIA,

Email - [email protected]

2Deptt. Of Computer Science, Birla Institute of Applied Sciences,

Bhimtal, Post- Bhimtal, Distt-Nainital (Uttarakhand), INDIA E-mail - [email protected]

3Head, Department of Computer Science & Engineering,

Jaypee University of Engineering & Technology, Raghogarh , District – Guna (MP), India,

Email - [email protected]

Abstract: Stock price prediction is one of the hot areas in neural network applications. This paper presents the Neural Networks’ ability to forecast the Stock Market Prices. Predicting the stock market is very difficult since it depends on several known and unknown factors. In recent years, one of the techniques that have been used popularly in this area is artificial neural network. The power of neural network is its ability to model a nonlinear process without a priori knowledge about the nature of the process. In this paper, Neural Networks and Statistical techniques are employed to model and forecast the stock market prices and then the results of these two models are compared. The forecasting ability of these two models is accessed using MAPE, MSE and RMSE. The results show that Neural Networks, when trained with sufficient data and proper inputs, can predict the stock market prices very well. Statistical technique though well built but their forecasting ability is reduced as the series become complex. Therefore, Neural Networks can be used as an alternative technique for forecasting the stock market prices.

Keywords: Foreign Investors Inflow (FII), Wholesale Price Index (WPI), Money Supply Broad Money (MSBM), Money Supply Narrow Money (MSNM), Exchange Rate (ER).

1. Introduction Artificial neural network models are based on the neural structure of the brain. The brain learns from experience and so do artificial neural networks. Previous research has shown that artificial neural networks are suitable for pattern recognition and pattern classification tasks due to their nonlinear nonparametric adaptive-learning properties. As a useful analytical tool, ANN is widely applied in analyzing the business data stored in database or data warehouse nowadays. Customer behavior patterns identification and stock price prediction are both hot areas of neural network researching and applying. One critical step in neural network application is network training. Generally, data in

company's database or data warehouse is selected and refined to form training data sets. Artificial Neural Network are widely used in various branches of engineering and science and their property to approximate complex and nonlinear equations makes it a useful tools in econometric analysis. A number of statistical model and Neural Network model have been developed for forecasting stock market. The study of financial data is of great importance to the researchers and to business world because of the volatile nature of the series. Statistical tools like Multiple Regression Techniques [1] and Time Series Analysis are the very well built methodologies used for forecasting the series, but as the series become complex their forecasting ability is reduced, [2]. Regression models have been traditionally used to model the changes in the stock markets. Multiple regression analysis is the process of finding the least squares prediction equation, testing the adequacy of the model, and conducting tests about estimating the values of the model parameters, [3]. However, these models can predict linear patterns only. The stock market returns change in a nonlinear pattern such that neural networks are more appropriate to model these changes. Neural Network have become popular in the world of forecasting because of their non-parametric approach [4], as well as their ability to learn the behavior of the series, when properly trained. Many researches [5, 6] have been made to compare Neural Networks with statistical tools. Neural Networks have been successfully applied to loan evaluation, signature recognitions, time series forecasting and many other difficult pattern recognition problems [2, 4, 5, 6 and 7]. If stock market return fluctuations are affected by their recent historic behavior, neural networks which can model such temporal stock market changes can prove to be better


51

predictors, the changes in a stock market can then be learned better using networks which employ a feedback mechanism to cause sequence learning.

2. Literature Review In general, the approaches to predict stock market could be classified into two classes, fundamental analysis and technical analysis. Fundamental analysis is based on macroeconomic data and the basic financial status of companies like money supply, interest rate, inflationary rates, dividend yields, earnings yield, cash flow yield, book to market ratio, price-earnings ratio, lagged returns[8,9]. Technical analysis is based on the rationale that history will repeat itself and that and the correlation between price and volume reveals market behavior. Prediction is made by exploiting implications hidden in past trading activities and by analyzing patterns and trends shown in price and volume charts[10]. Using neural networks to predict financial markets has been an active research area in both methods, since the late 1980's [11, 12, 13, 14, 15]. Most of these published works are targeted at US stock markets and other international financial markets. In this article our Prediction is made by exploiting implications hidden in past trading activities and by analyzing patterns and trends shown in monthly stock price and Industrial Production, Wholesale Price Index, Exchange Rate, Net Investment by FIIs, Export, Import, Money Supply Narrow Money, and Money Supply Broad Money.

Training a Neural Network To experiment with neural networks, we used NeuralWare, NeuralWorks Predict, [16] which provides the tools to implement and test various configurations of neural networks and learning algorithms.

3. Objective of Study The objective of this study is to model the Stock Prices data using the Statistical Technique and the Neural Networks, and then to compare the results of these two techniques.

4. Neural Networks Artificial Neural Network is an artificial representation of the human brain that tries to simulate its learning process. To train a network and measure how well it performs, an objective function must be defined. A commonly used performance criterion function is the sum of squares error function.

( )2

1

1

21 ∑∑

==

−=N

iipip

p

pytE (1)

Where, p represents the patterns in the training set, yp is the output vector (based on the hidden layer output), tp is the training target. The above equation represents the output nodes, tpi and ypi are, respectively, the target and actual network output for the ith output unit on the pth pattern. The network learns the problem at hand by adjusting

weights. The process of adjusting the weights to make the Neural Network learn the relationship between the inputs and the targets is known as learning or training. There are several methods of finding the weights of which the gradient descent method is most common.

5. Statistical Technique

Multiple Regression Analysis is a Multivariate Statistical technique used to examine the relationship between a single dependent variable and a set of independent variables. The objective of the multiple regression analysis is to use independent variables whose values are known to predict the single dependent variable.

6. Data and Methodology

6.1 Data Set Used The data is obtained from the RBI site (www.rbi.org.in), NSE site [17], SEBI site (www.sebi.gov.in). The NIFTY data (closing Nifty Index), Industrial Production, Wholesale Price Index, Exchange Rate, Net Investment by FIIs, Export, Import, Money Supply Narrow Money, Money Supply Broad Money is from April, 1994 to March , 2007. All above data taken on monthly basis. The stock market can display varying characteristics for Industrial Production, Wholesale Price Index, Exchange Rate, Net Investment by FIIs, Export, Import, and Money Supply. So it is necessary to develop model for predicting monthly stock return of NIFTY. The data for the study comprises the monthly stock returns of NIFTY, monthly Industrial Production, monthly Wholesale Price Index, monthly Exchange Rate, monthly Net Investment by FIIs, monthly Export & Import, monthly Money Supply from April, 1994 to March , 2007 creating a series of 156 observations which were collected from the Reserve Bank of India website (www.rbi.org.in) , NSE site(www.nseindia.com), SEBI site(www.sebi.gov.in). To build the Neural Network forecasting models monthly data (156 observations) is used to for the measurement of forecasting accuracy. An important first step in the analysis of the data is to determine if the series is stationary, as all other calculations of invariants presume stationarity in both linear and nonlinear. A time series is said to be stationary if there is no systematic change in mean (no trend), in variance, and, if so, periodic variations have to be removed. To detect nonstationarity, the study uses a stationary test, called the unit root test (Augmented Dickey Fuller Test and Philip Perron Test). The null hypothesis tested here is “the series is non-stationary”. If the absolute value of the statistic is greater than the critical Value, then the null hypothesis is rejected and hence the series is stationary.


52

Figure 1. .Monthly stock closing for period April 1994 to

March 2007

Figure 2. .Monthly Closing alternate series

Figure 3. .Monthly Industrial production for period April

1994 to March 2007

Figure 4. .Monthly Industrial Production alternate series

Figure 5. .Monthly Wholesale Price Index for period April

1994 to March 2007

Figure 6.Wholesale Price Index alternate series

Figure 7. .Monthly Exchange Rate for period April 1994 to

March 2007

Figure 8. Exchange Rate alternate series

Figure 9. .Monthly Export for period April 1994 to March

2007

Figure 10. Export alternate series

Figure 11. Monthly Import for period April 1994 to March

2007

Figure 12. Import alternate series

Figure13. .Monthly Money Supply Narrow Money for

period April 1994 to March 2007

Figure 14. Money Supply Narrow Money alternate series

Figure 15. .Monthly Money Supply Broad Money for period

April 1994 to March 2007

Figure 16. .Money Supply Broad Money alternate series


53

7. Design Methodology It is difficult to design a Neural Network Model for a particular forecasting problem. Modeling issues must be considered carefully because it affects the performance of an ANN. One critical factor is to determine the appropriate architecture, that is, the number of layers, number of nodes in each layer. Other network design decisions include the selection of activation functions of the hidden and output nodes, the training algorithm, and performance measures. The design stage involves in this study to determine the input nodes and output nodes, selecting the performance metrics etc. The number of input nodes corresponds to the number of variables in the input vector used to forecast future values. However currently there is no suggested systematic way to determine this number. Too few or too many input nodes can affect either the learning or prediction capability of the network. For this study the output is the forecasted monthly stock return.Monthly Closing NIFTY is taken as dependent variable(Output) and Industrial Production, Wholesale Price Index, Exchange Rate, Net Investment by FIIs, Export, Import, Money Supply Narrow Money, Money Supply Broad Money are taken as independent variable (Inputs).

Figure 17. Neural Network Model.

Hear Noisy Data has been taken for Neural Network forecasting and Data Transformation level is moderate. The variable selection for the network is comprehensive. Adaptive Gradient Learning Rule is applied hear, the output Layer Function is taken Sigmoid for the forecasting.

Table 1 : Using Neural Network No of

Obs. MAE MSE RMSE

Neural Network

156 0.05007

0.00419

0.06475

Modelling & Forecasting using Multiple Regression

Technique:- Closing nifty is taken as dependent variable and Industrial Production, Wholesale Price Index, Exchange Rate, Net Investment by FIIs, Export, Import, Money Supply were taken as independent variables. The variables (closing nifty, Industrial Production, Wholesale Price Index, Exchange Rate, Export, Import, Money Supply) were transformed using natural log to achieve normality and linearity.

Dependent Variable: Closing Nifty Method: Least Squares Sample (adjusted): 3 156 Included observations: 154 after adjusting endpoints Variable Coefficient Std. Error t-Statistic Prob.

C 0.010347 0.006730 1.537532 0.1263

Exchange Rate(-1) -0.426087 0.364542 -1.168830 0.2444

Export(-1) -0.042306 0.064830 -0.652570 0.5151

Foreign Investors Inflow(-1)

6.25E-06 2.06E-06 3.039389 0.0028

Import(-1) -0.044457 0.061156 -0.726940 0.4684

Industrial Production(-1) 0.269663 0.154961 1.740202 0.0839

Money Supply broad money(-1)

0.119117 0.286181 0.416230 0.6779

Money Supply narrow money(-1)

-0.017499 0.333083 -0.052538 0.9582

Wholesale Price Index(-1) -0.833971 0.963889 -0.865215 0.3884

R-squared 0.121900 F-statistic 2.516168

Adjusted R-squared 0.073454 Prob (F-statistic) 0.013663

From the above observation only Foreign Investors Inflow is found significant. It means if we increase the Foreign Investors Inflow by 1% the stock return will increase by 6.25E-06. Prob (F-statistics) also not showing significant result. Hear Adjusted R-squared is 0.073454 it means we can predict only 0.07% and rest 0.93% is unpredictable. This Model is chosen for forecasting the next one year values of Nifty closing. The following table gives the forecasting results using Regression Model.

Table 2: Using Regression No of

Obs. %

Error MAPE MAE MSE RMSE

Regression 156 0.017077 0.000552 0.023492

Comparison of the Models:-

The Stock Market Monthly closing values were forecasted using Neural Networks and Regression technique. The comparison between the two models is done on the basis of the MAPE, MSE and RMSE values obtained for the forecasted values of the two models. An accuracy measure is often defined in terms of the forecasting error, which is the difference between the actual (desired) and predicted value. The ultimate and the most important measure of performance is the prediction accuracy. The following table gives the table of comparison:-

Table 3: Comparison of Models No of Obs. MAE MSE RMSE

Regression 156 0.066 0.007 0.082

Neural Network

156 0.05007

0.00419

0.06475


54

Where formulae for the statistics are: MAE = abs (Actual –Forecast)/n. MSE = 1/n * [Actual –Forecast] 2. RMSE = SQRT (MSE).

From the above Table, Neural Networks performs well than compared to Statistical forecasting of monthly closing Nifty values. The following figures shows the MAE, MSE and RMSE calculated for the forecast period using the above two forecasting techniques

Figure 18. MAE of Neural Network and Statistical Method

Figure 19. MSE of Neural Network and Statistical Method

Figure 20. RMSE of Neural Network and Statistical Method

The experiments illustrate a varying degree of predictability of the monthly stock returns. For Example based on the values of RMS, MAE, RMSE and other statistics. The above comparision of Neural Network and Statistical model clearly shows that the Neural Networks prediction is better than the Statistical technique.

8. Conclusion In this paper, two techniques for modeling and forecasting stock market prices have been shown: Neural Network and Statistical Technique. The forecasting ability of models is accessed on the basis of MSE, MAE and RMSE. This

clearly depicts the fact that Neural Networks outperform Statistical technique in forecasting stock market prices. The effectiveness of neural network can be measured using the hit rate, which may be a better standard for determining the quality of forecast instead of the traditional measures like RMSE, SSE, and MAE. The field of neural networks is very diverse and opportunities for future research exist in many aspects, including data preprocessing and representation, architecture selection, and application. The logical next step for the research is to improve further the performance of NNs, for this application, perhaps through better training methods, better architecture selection, or better input.

References [1] E. M. Azoff. “Neural network time series forecasting of

financial market.” JohnWiley & Sons Ltd. 1994. [2] C.M. Bishop, “Neural Networks for Pattern

Recognition,” Oxford University press. 1995. [3] Fama, F. Eugene & French, R. Kenneth, “Dividend

yields and expected stock returns,” Journal of Financial Economics, Elsevier, vol. 22(1), pp. 3-25. 1988.

[4] Hair, Anderson, Tatham, Black, “Multivariate Data Analysis,” Pearson Education press. 1998.

[5] Kalyani Dacha “Causal Modeling of Stock Market Prices using Neural Networks and Multiple Regression: A Comparison Report,” Finance India, Vol. xxi , No.3, pp. 923-930. 2007.

[6] Lakonishok et al. “The Journal of Finance,” Volume 49, Issue 5, pp. 1541-1578. Dec. 1994.

[7] Mendenhall and Beaver, “Introduction to Probability and Statistics,” Ninth Edition, International Thomson Publishing, 1994.

[8] National Stock Exchange (NSE), Available: www.nse-india.com.

[9] NeuralWare, NeuralWorks Predict, Available: http://www.neuralware.com.

[10] H.P. PAN, “A joint review of technical and quantitative analysis of the financial markets towards a unified science of intelligent finance,” Proc.2003 Hawaii International Conference on Statistics and Related Fields, June 5-9, Hawaii, USA, 2003.

[11] R. Sharda, and R. Patil, “Neural Networks as forecasting experts: an empirical test,” Proceedings of the 1990 International Joint Conference on Neural Networks, Vol-I, pp. 491-494, Washington DC, USA. 1990.

[12] Smirlock Michael and Starks, T. Laura, “A Further Examination of Stock Price Changes and Transactions Volume,” Journal of Financial Research 8, pp. 217-225. 1985.

[13] G.S. SWALES, and Y.YOON, “Applying artificial neural networks to investment analysis,” Financial Analysts Journal, 48(5). 1997.

[14] Tang, Almeida and Fishwick, Simulation, “Time series forecasting using neural networks vs. Box-Jenkins methodology,” pp. 303-310. November 1991.

[15] P.C.Verhmf, P.N. Spnng, J.C. Hmksb, “The commercial use of segmentation and predictive


55

modeling techniques for database marketing in the Netherlands,” Decision Support Systems, 34(4), pp. 471-481. 2003.

[16] Wong B.K., Bodnovich T.A., Selvi, Y., “A bibliography of neural networks business application research”: 1988-September 1994”, Expert Systems, 12(3), pp. 253-262. 1995.

[17] Yao J.T., Tan C.L., “Time dependent directional profit model for financial time series forecasting”. In proceeding of the IJCNN, Como, Italy, Vol. 5, pp. 291 - 296, 2000.

Authors Profile

K. S. Vaisla received the Graduation in Science (B. Sc.) and Master (MCA) degrees in Computer Applications from University of Rajasthan, Jaipur in 1994 and 1998, respectively. Presently working as Associate Professor (Computer Science & Engineering) in Kumaon Engineering College (A Govt. Autonomous College), Dwarahat (Almora) – Utarakhand. Interested field of research are

ICT impact on G2C of e-Governance, Data Warehouse and Mining, Complex / Compound Object Mining, IBIR. Authored many research papers in International / national journals/conferences in the field of computer science and also many books in reputed publishing house.

Dr. Ashutosh Kumar Bhatt is Ph.D. in (Computer Science) from Kumaun University Nainital (Uttrakhand). He received the MCA in 2003. Presently he is working as Assistant Professor in Dept of Computer Science, at Birla Institute of Applied Sciences, Bhimtal, Nainital (Uttrakhand). His area of interest is including Artificial Neural Network, JAVA Programming, Visual Basic. He has a

number of research publications in National journals, Conference Proceeding. He is running project entitled “Automated Analysis for Quality Assessment of Apples using Artificial Neural Network” under the Scheme for Young Scientists and Professional (SYSP) Govt. of India, Department of Science and Technology (DST) New Delhi for 3 year.

Dr. Shishir Kumar is currently working as Head in Dept. of Computer Science & Engineering, Jaypee University of Engineering & Technology, Guna, India. He has completed his PhD in the area of Computer Science in 2005.He is having around 12 year teaching experience. His

area of Interest is Image Processing & Network Security.


56

The Effect of Image Compression on Face Recognition Algorithms

Qeethara Kadhim Al-Shayea1, Muzhir Shaban Al-Ani2 and Muna Suliman Abu Teamah3

1Al-Zaytoonah University, Department of Management Information Systems,

Amman-Jordan, 11733 [email protected]

2Amman Arab University, Department of Computer Science,


3Amman Arab University, Department of Computer Science,


Abstract: Face recognition becomes an important field via the revolution in technology and computer vision. This paper concentrated on recognition rate of face recognition algorithms. The algorithms examined are: Principal Component Analysis, Two Dimensional Principal Component Analysis in Column Direction, Two Dimensional Principal Component Analysis in Row Direction and Two Dimensional Two Directional Principal Component Analysis. All these algorithms are implemented into two environments: training environment and recognition environment. Then a comparison between these four algorithms with respect to recognition rate is implemented. The proposed algorithm is implemented via Discrete Wavelet Transform (DWT) that minimizes the images size. A complexity reduction is achieved by optimizing the number of operations needed. This optimization does not increase the recognition rate only, but also reduce the execution time. A recognition rate improvement of 4% to 5% is achieved by introducing DWT through PCA algorithms.

Keywords: Face Recognition, Recognition Rate, Image

Compression, Principal Component Analysis and Wavelet Transform.

1. Introduction Face recognition becomes more popular via the fast growth in information and communication technology. It has been introduced in many applications especially in access control and information security that can be applied in building access, internet access, medical records, car license plate number, identification number, face recognition and surveillance system and so on [1]. Face recognition system can be organized into two major areas; the first one called face detection in which the algorithms focus on finding the face in an image, and the second one called face recognition, in which the algorithm focus on recognizing the face. Recently, face recognition becomes more important area, and many algorithms have been developed to implement face recognition, also researchers have spent more effort on enhancing the performance of these algorithms in terms of quality and recognition rate. This work aims to compare the recognition rate between the four indicated algorithms, and also study the effects of using DWT as compression approach via these algorithms.

2. Literature Reviews There are many researches related to face recognition algorithms such as: Wang [1] presented a structural two dimensional principal component analysis for image recognition, which is a subspace learning method that identifies the structural information for discrimination. Norouzi, Ahmadabadi and Araabi [2] presented a new method for handling occlusion in face recognition. In this method the faces are partitioned into blocks and a sequential recognition structure was developed, that increase the correct classification rate. Sevcenco and Lu [3] presented an enhanced principal component analysis algorithm for improving rate of face recognition, in which modified the histogram to match a Gaussian shaped tonal distribution in the face images. Choudhury [4] proposed a 3D human face recognition, the face correlation task is completed by carrying out cross correlation between the signature functions and of the faces and analyzing the correlation peaks, where high correlation peak signifies true class recognition and low or no peak signifies false class rejection. Wang, Ding, Ding and Fang [5] developed a 2D face fitting assisted 3D face reconstruction algorithm that aims at the recognizing faces of different poses when each face class has only has only one frontal training sample. This algorithm so called Random forest Embedded active shape model, which embeds random forest learning into the framework of active shape model. Sokolov et al. [6] constructed a face recognition system using preliminary training based on sample images of object and non objects, where the images are represented by separate points in multidimensional space of features. Bourlai, Kittler and Messer [7] investigated different optimization strategies by considering both image compression and image resolution and demonstrate that both the system performance and speed of access can be improved by the jointly optimized parameter setting and the level of probe compression. Ebrahimpour et al. [8] proposed a face models were processed according to the human vision pathology. Three


57

Calculate projection

matrix

Calculate

feature extraction

Projection matrix

Feature vector

Store feature

vector in database

Face

images as input of training phase

different sets of anthropometric points were used for asymmetry estimations and the resulting asymmetry measure was calculated by averaging these estimations. Grgic, Delac and Grgic [9] described a database of static images of human faces that proposed a tested protocol. A simple baseline principal component analysis face recognition algorithm was tested following the proposed protocol, which proving their robustness and efficiency. Zhan et al. [10] presented an evolutionary classifier fusion method inspired by biological evolution is presented to optimize the performance of a face recognition system. Different illumination environments are modeled as multiple contexts using unsupervised learning and then the optimized classifiers are searched. Saleh et al. [11] proposed a shift invariant pattern recognition mechanism using a feature-sharing hypercolumn model. In this work a share mape is constructed to improve the recognition rate and to reduce the memory requirements of the hypercolumn model. Guoxing et al. [12] a local binary pattern (LPB) has been proved to be successful for face recognition. A new LPB-based multi-scale illumination preprocessing method was proposed, in which this method performs better than the existing LPB-based methods. Sing, Thakur, Basu, Nasipuri and Kundu [13] proposed a self adaptive radial basis function neural network based method for high speed recognition of human faces. It has been seen that the variations between the images of a person, under varying pose, facial expirations, illumination, etc. were quite high. Kumar et al. [14] presented a PCA memetic algorithm approach for feature selection of face recognition. PCA has been extended by memetic algorithm, where the former was used for feature extraction reduction and the later exploited for feature selection. Banerjee et al. [15] studied the performance of frequency domain correlation filter for face recognition by considering only the phase part of the face images, in which the dimensions of the phase spectra were reduced by using frequency domain principal component analysis. Zhangand and Qiao [16] represented a new gradient Gabor filter to extract multi-scale and multi-orientation features to represent and classify faces. An efficient kernel fisher analysis method was proposed to find multiple subspaces based on both gradient Gabor magnitude and phase features, which is a local kernel mapping method to capture the structure information in faces. Huang, Yi and Pu [17] proposed a new mean shifting incremental PCA method based on the autocorrelation matrix, which required lower computational time and storage capacity owing to the two transformation design. Chougdali, Jedra and Zahid [18] proposed kernel relevance weighted discriminant analysis for face recognition which has several interesting characteristics. Two novel kernel functions were introduced o improve the performance of the proposed algorithm.

3. Face Recognition Algorithms Face recognition algorithms are implemented in many forms to perform high efficiency of recognition. They are affected by many factors such as recognition rate, execution time and

recognition accuracy. In general, face recognition algorithms have two major phases; the training stage and the recognition stage.

3.1 Training Phase Training phase represents the first phase where the database of images for known people is used, and at least one image per known person is available at the database. In this phase the features for each known face image are extracted and stored in the database. There are three main steps in the training phase that shown in Figure 1, including calculating a projection matrix from the trained images, then extracting features from the images and finally storing these features to be used in the recognition phase. First step concerns with the calculation of the projection matrix, in which Face recognition algorithm use the training images to calculate the projection matrix. For example in Principal Component Analysis (PCA) the projection matrix consists of eigenvectors of the covariance matrix, where the covariance matrix is derived from the trained images. The second step deals with the extraction of the features from images. In PCA each image is multiplied by the projection matrix to formulate the eigenfaces. The eigenfaces represent the principal component of the images, or in other words it represents the features of the image. Finally the last step in the training phase is to store the features that are extracted from the trained images [1], [3].

Figure 1. Training phase of general face recognition algorithm.

3.2 Recognition Phase Recognition phase represents the second phase, in which each new unknown face image is analyzed to obtain its features, and then a comparison between its features and the stored features from the training stage is performed to identify the unknown face image. Many algorithms for face recognition have both a training stage and a recognition stage. This phase consists of two main steps that shown in Figure 2, including extracting the features for the unknown image and comparing it with the stored features. The calculated projection matrix in the training phase is used to extract the features of the unknown image. So in order to extract the features from the unknown image applying PCA algorithm, multiply the unknown elements of images by the projection matrix which is derived from the training stage. When the feature of the unknown image is extracted, a comparison process is performed between the extracted features and the stored features from the training stage. There are many methods to do such a comparison, such as the Euclidean distance measure. The distance between the features of the unknown image and the stored features is computed, and then the minimum distance corresponding to the closest face features is selected as the matched face [17].


58

Calculate

feature extraction

Comparing the result with the stored

features

Feature vector

Decision making

Identifying the

unknown face images

Face

images as input of

recognition phase

Figure 2. Recognition stage of general face recognition algorithm.

4. Proposed System The proposed system based on discreet wavelet transforms (DWT) algorithm to minimize image size, then PCA algorithm is applied for face recognition. DWT is used to decomposed the original image into four sub images each one contains some of the information of the original image. The most important components of the original image are stored in one part, which is the low low (LL) sub image that represents identical features of the original image. This will increase the recognition rate even so it uses images of smaller size. Second level DWT is implemented to achieve more reduction in image size, i.e. more reduction in comparisons operations required. In addition this improvement in recognition rate cases some reduction in image resolution as shown in Figure 3.

Figure 3. Decomposing an image using DWT (second

level).

For each new image after applying feature extraction process, then comparing the extracted features with the features stored from the training stage. Two possibilities will appear: the extracted features are matched one of the stored images, so this leads to a matching decision, other possibility the extracted features are not matched one of the stored images, so this leads to a mismatching decision, in this case the features of the new image are added as a new features to the database, as shown in Figure 4.

Figure 4. Flow chart of the face recognition algorithm.

5. Results and Discussion A different algorithm are implemented to present the recognition rate for the PCA algorithm before and after applying DWT. Applying DWT indicates that the recognition rate increases and also the size of the feature matrix is reduced. DWT can be implemented via different types of DWT filters such as Harr, Mallet, Daubechies and other types. Figure 5-a shows the comparison between the recognition rate of PCA, PCA using first level DWT and PCA using second level DWT. The results shows that the recognition rate increase by 1.4% by using first level DWT and increase by 4.2% by using second level DWT. Figure 5-b shows the comparison between the recognition rate of 2D-PCA-C, 2D-PCA-C using first level DWT and 2D-PCA-C using second level DWT. The results shows that the recognition rate increase by 1.6% by using first level DWT and increase by 4.8% by using second level DWT. Figure 5-c shows the comparison between the recognition rate of 2D-PCA-R, 2D-PCA-R using first level DWT and 2D-PCA-R using second level DWT. The results shows that the recognition rate increase by 1.0% by using first level DWT and increase by 4.2% by using second level DWT. Figure 5-d shows the comparison between the recognition rate of (2D)2-PCA, (2D)2-PCA using first level DWT and (2D)2-PCA using second level DWT. The results shows that the recognition rate increase by 1.8% by using first level DWT and increase by 4.6% by using second level DWT.

1 1.5 2 2.5 3 3.5 4 4.5 560

65

70

75

80

85

90

95(a) Recognition rate of PCA before and after applying DWT

number of images per person

-.-. befor applying DWT---- after applying 1st level DWT.... after applying 2nd level DWT

perc

enta

ge o

f the

reco

gniti

on ra

te

1 1.5 2 2.5 3 3.5 4 4.5 565

70

75

80

85

90

95(b) Recognition rate of 2D - PCA - C before and after applying DWT


-.-. befor applying DWT

---- after applying 1st level DWT

.... after applying 2nd level DWT

perc

enta

ge o

f the

reco

gniti

on ra

te

Input of new

image

Identify matching

vector

Add the new image

to the database

Trained images

Feature extraction

It is matched

the feature

Yes

No


59

1 1.5 2 2.5 3 3.5 4 4.5 565

70

75

80

85

90

95(c) Recognition rate of 2D - PCA - R before and after applying DWT





perc

enta

ge o

f the

reco

gniti

on ra

te

1 1.5 2 2.5 3 3.5 4 4.5 565

70

75

80

85

90

95(d) Recognition rate of (2D)2 - PCA before and after applying DWT





perc

enta

ge o

f the

reco

gniti

on ra

te

Figure 5. Comparison of recognition rate for different

algorithms.

6. Conclusion This work examines the four algorithms of face recognition: Principle Component Analysis, Two Dimensional Principle Component Analysis in Column direction, Two Dimensional Principle Component Analysis in Row Direction and Two Dimensional Two Directional Principal Analysis. An algorithm is proposed to reduce the execution time of the face recognition algorithms and improve the face recognition rate. The execution rate of an algorithm depends mainly on the number of operations needed to recognize the indicated face image. Introducing DWT through PCA algorithms improved the recognition rate up to 5%, also we can conclude that there are no effective effects on applying the 2nd level DWT.

References

[1] H. Wang, "Structural Two Dimensional Principal Component Analysis for Image Recognition", Machine Vision and Applications, Jan. 2010.

[2] E. Norouzi, M. N. Ahmadabadi and B. N. Araabi, "Attention Control with Reinforcement Learning for Face Recognition under Partial Occlusion", Machine Vision and Applications, Jan. 2010.

[3] A. Sevcenco and W. Lu, "Perfect Histogram Matching PCA for Face Recognition", Multidimensional System and Signal Processing, 14 Jan. 2010.

[4] T. Choudhury, "Three Dimensional Human Face Recognition", Optical Society of India, Vol. 38, No. 1, pp. 16-21, 2009.

[5] L. Wang, L. Ding, X. Ding and C. Fang, "2D Face Fitting-Assisted 3D Face Reconstruction for Pose-Robust Face Recognition", Soft Computing, 8 Nov. 2009.

[6] M. Sokolov et al., "Face Recognition Using Lateral Inhibition Function Features", Optical Memory and Neural Networks, Vol. 18, No. 1, pp. 1-5, 2009.

[7] T. Bourlai, J. Kittler and K. Messer, "On Design and Optimization of Face Verification Systems that are Smart-Card Based", Machine Vision and Applications, 10 Feb. 2009.

[8] Ebrahimpour et al., "Applying Computer Stereovisio Algorithms to Study of Correlation between Face Asymmetry and Human Vision Pathology", Pattern Recognition and Image Analysis, Vol. 19, No. 4, pp. 679-686, 2009.

[9] M. Grgic, K. Delac and S. Grgic, "SCface – Surveillance Cameras Face Database", Multimedia Tools and Applications, 30 Oct. 2009.

[10] Y. Zhan et al., "Evolutionary Fusion of Multi-Classifier System for Efficient Face Recognition",International Journal of Control, Automation, and Systems, Vol. 7, No. 1, pp. 33-40, 2009.

[11] A. Saleh et al., "Feature Map Sharing Hypercolumn Model for Shift Invariant Face Recognition", Artificial Life Robotics, 5-9 Feb. 2009.

[12] Guoxing et al., "An LPB-Based Multi-Scale Illumination Processing Method for Face Recognition", Journal of Electronics (China), Vol. 26, No. 4, Jul. 2009.

[13] J. K. Sing, S. Thakur, D. K. Basu, M. Nasipuri and M. Kundu, "High Speed Face Recognition Using Self Adaptive Radial Basis Function Neural Networks", Neural Computing and Applications, 24 Feb. 2009.

[14] Kumar et al., "Feature Selection for Face Recognition: A Memetic Algorithm Approach", Journal of Zhejiang University Science A, Vol. 10, No. 8, pp. 1140-1152, 2009.

[15] Banerjee et al., "Illumination and Noise Tolerant Phase Recognition Based on Eigen Phase Correlation Filter Modified by Mexican Hat Wavelet", Journal of Optical Society, Vol. 38, No. 3, pp. 160-168, 2009.

[16] B. Zhangand and Y. Qiao, "Face Recognition Based on Gradient Gabor Feature and Efficient Kernel Fisher Analysis", Journal of Neural Computing and Applications, 4 Nov. 2009.

[17] D. Huang, Z. Yi and X. Pu, "A New Incremental PCA Algorithm with Application to Visual Learning and Recognition", Neural Process Letter, Vol. 30, pp. 171-185, 2009.

[18] K. Chougdali, M Jedra and N. Zahid, "Kernel Relevance Weighted Discriminant Analysis for Face Recognition", Pattern Analysis Applications, 9 Apr. 2009.


60

Authors Profile Qeethara Kadhim Abdul Rahman Al-Shayea, has received Ph. D. in Computer Science, Computer Science Department, University of Technology, Iraq, 2005. She received her M.Sc. degree in Computer Science, Computer Science Department from University of Technology, Iraq, 2000. She has received her High Diploma degree in information Security from Computer Science Department, University of Technology, Iraq, 1997. She has received B. Sc. Degree in Computer Science Department from University of Technology, Iraq, 1992. She joined in September (2001-2006), Computer Science Department, University of Technology, Iraq as assistant professor. She joined in September 2006, Department of Management Information Systems Faculty of Economics & Administrative Sciences Al-Zaytoonah University of Jordan as assistant professor. She is interested in Artificial intelligent, image processing, computer vision, coding theory and information security. Muzhir Shaban Al-Ani has received Ph. D. in Computer & Communication Engineering Technology, ETSII, Valladolid University, Spain, 1994. Assistant of Dean at Al-Anbar Technical Institute (1985). Head of Electrical Department at Al-Anbar Technical Institute, Iraq (1985-1988), Head of Computer and Software Engineering Department at Al-Mustansyria University, Iraq (1997-2001), Dean of Computer Science (CS) & Information System (IS) faculty at University of Technology, Iraq (2001-2003). He joined in 15 September 2003 Electrical and Computer Engineering Department, College of Engineering, Applied Science University, Amman, Jordan, as Associated Professor. He joined in 15 September 2005 Management Information System Department, Amman Arab University, Amman, Jordan, as Associated Professor, then he joined computer science department in 15 September 2008 at the same university.

Muna Suliman Abu-Teamah has received M.Sc in Computer Science, Amman Arab University. (Oct 1998 to Oct 1999) Lab Assistance in Zarqa Private University. (Oct 1999 to May 2000) Technical & Administrator in Zarqa Private University.(Sep 2000 to Jan 2007) Teacher in Um Al-Drda'a School. (Dec 2002 to March 2003) Teacher in Al-Dwali Center. (Dec 2008 pld assistent in UNRWA HQA Amman. (Jan 1998 to Jan 2010) Teacher in Al Huda-Wl-Nour Center.


61

An Exploration of Ad-hoc Network in a Real World builds in a Laboratory Environment

Nitiket N Mhala1 and N K Choudhari 2

1Associate Professor, Head, Department of Electronics Engg., BDCOE, Sevagram,India

[email protected]

2Principal, Bhagwati Chadurvedi COE, Nagpur,India [email protected]

Abstract: A mobile ad-hoc network is a collection of mobile nodes forming an ad-hoc network without the assistance of any centralized structures. These networks introduced a new art of network establishment and well be suited for an environment whether either the infrastructure is lost or deploy an infrastructure is not very cost effective. The paper focuses briefly on whole life cycle of adhoc networks .We discuss the open problems related to the ad-hoc network. The contribution of this paper is the exploration of ad-hoc network in a small laboratory environment based on IEEE 802.11 standardized medium access protocol under Linux at a relatively very low cost. Keyword: Ad-hoc network, PCMCIA, MAC, ICMP,ARP, Linux

1. Introduction One of the most vibrant and active “new” fields today is that of adhoc networks. Significant research in this area has been ongoing for nearly 30 years, also under the names of packet radio or multihop networks. Within the past few years, though, the field has seen a rapid expansion of visibility and work due to the proliferation of inexpensive, widely available wireless devices and the network community’s interest in mobile computing. An adhoc network is a (possibly mobile) collection of communication devices (nodes) that wish to communicate, but have no fixed infrastructure available ,and have no pre-determined organization of available links. Individual nodes are responsible for dynamically discovering which other nodes they can directly communicate with. A key assumption is that not all nodes can directly communicate with each other, so nodes are requested to delay packets on behalf of other node in order to deliver data across the network. A significant feature of adhoc network is that rapid changes in connectivity and link characteristics are introduced due to node mobility and power control practices. Ad hoc networks can be built around any wireless technology, including infrared and radio frequency. Ad hoc networks are suited for use in situations where infrastructure is either not available, not trusted, or should not be relied on in times of emergency. A few examples include: military solders in the field, sensors scattered throughout a city for biological detection, an infrastructure less network of notebook of computers in a conference or campus setting, the forestry or lumber industry, rare animal tracking, space exploration,

undersea operation and temporary offices such as campaign Headquarters.

2. Related Background The whole life-cycle of ad-hoc networks could be categorized into the first, second, and the third generation ad-hoc networks systems. Present ad-hoc networks systems are considered the third generation. The first generation goes back to 1972. At the time, they were called PRNET (Packet Radio Networks). In conjunction with ALOHA (Areal Locations of Hazardous Atmospheres) and CSMA approaches for medium access control and a kind of distance-vector routing PRNET were used on a trial basis to provide different networking capabilities in a combat environment. The second generation of ad-hoc networks emerged in 1980s, when the ad-hoc network systems were further enhanced and implemented as a part of the SURAN (Survivable Adaptive Radio Networks) program.[1] This provided a packet-switched network to the mobile battlefield in an environment without infrastructure. This program proved to be beneficial in improving the radios' performance by making them smaller, cheaper, and resilient to electronic attacks. In the 1990s, the concept of commercial ad-hoc networks arrived with notebook computers and other viable communications equipment. At the same time, the idea of a collection of mobile nodes was proposed at several research conferences.[2,3]. The IEEE 802.11 subcommittee had adopted the term "ad-hoc networks" and the research community had started to look into the possibility of deploying ad-hoc networks in other areas of application. Meanwhile, work was going on to advance the previously built ad-hoc networks. GloMo (Global Mobile Information Systems) and the NTDR (Near-term Digital Radio) are some of the results of these efforts. GloMo was designed to provide an office environment with Ethernet-type multimedia connectivity anywhere and anytime in handheld devices. NTDR is the only "real" non-prototypical ad-hoc network that is in use today. It uses clustering and link-state routing, and is self-organized into a two-tier ad-hoc network. Development of different channel access approaches now in the CSMA/CA and TDMA molds, and several other routing and topology control mechanisms were some of the other inventions of that time. Later on in mid-


62

1990s, within the Internet Engineering Task Force (IETF), the Mobile Ad-Hoc Networking working group was formed to standardize routing protocols for ad-hoc networks. The development of routing within the working group and the larger community resulted in the invention of reactive and proactive routing protocols [4] .Soon after, the IEEE 802.11 subcommittee standardized a medium access protocol that was based on collision avoidance and tolerated hidden terminals, making it usable for building mobile ad-hoc networks prototypes out of notebooks and 802.11 PCMCIA cards. HYPERLAN and Bluetooth were some other ad-hoc network standards that addressed and benefited ad-hoc networking. Open Problems Adhoc networks designed for military, scalability is one of the most important open problems. Scalability in adhoc network can be broadly defined as whether the network is able to provide an acceptable level of service to packets even in the presence of large number of nodes in the network. As in wired network, this capability is closely related as how quickly network protocol control overhead increases a function of increase in the number of nodes and link changes. In proactive networks the scalability is often accomplished by introducing routing and or location hierarchy in the network [5],or by limiting the scope of control updates to location close to the changes [6,7].In reactive adhoc networks, dynamically limiting the scope of route request and attempting local repairs to broken routes are often used. Since adhoc networks do not assume the availability of fixed infrastructure, it follows that individual nodes may have to rely on portable limited power source. The idea of energy –efficiency therefore becomes an important problem in an adhoc network. Most existing solutions for saving energy in an adhoc network resolve around the reduction of power used by radio transceiver. At the MAC level and above, this is often done by relatively sending the receiver into sleep mode or by using a transmitter with variable output power and selecting routes that require many short hops, instead of few longer hops [8]. The ability of fixed, wireless networks to satisfy quality of service (QoS) requirement is another open problem.Adhoc network further complicates the known QoS challenges in wire line networks with RF channel characteristics that often change unpredictly, along with the difficulty of sharing the channel medium with many neighbours, each with its own set of potentially changing QoS requirement. Reflecting the multilayer nature of adhoc network, there are numerous attempts to improve the QoS problems from the service contracts [9] to the MAC layer. Similarly the security issue in adhoc networks [10].Since nodes uses the shared medium in a potentially insecure environment; they are susceptible to Deniol of Service (DoS) attacks that are harder to track down than in wired network. Finally, a problem that overarches all these others is the lack of well defined and widely accepted models for RF path attenuation, mobility and traffic. These tightly interrelated models are needed for quantityfying and comparing adhoc system performance to a common baseline.

3. Ad hoc network in a our Laboratory Environment Our Approach is based on IEEE802.11 standardized medium access protocol based on collision avoidance and tolerated hidden terminals usable for building mobile adhoc network using notebooks and 802.11 PCMCIA cards. The Basic purpose is to constitute an adhoc network under Linux in a laboratory environment for the academic research purpose.

Figure 1. Logical Implementation of Ad hoc Network on

each Node

The physical layer must adapt to rapid changes in link characteristics. The Multiple Access control (MAC) layer needs to minimize collisions, allow fair access and semi reliably transports data over the short wireless links in the presence of rapid changes and hidden or exposed terminals. The network layer needs to determine and distribute information used to calculate paths in a way that maintains efficiency when links change often and bandwidth is at premium. It also needs to integrate smoothly with traditional, non adhoc-aware internet works and perform functions such as auto configuration in this changing environment. The Transport layer must be able to handle delay and packet loss statistics that are very different than wired networks. Finally; applications need to be designed to handle frequent connection and disconnection with peer applications as well as widely varying delay and packet loss characteristics

3.1 Challenges in a Laboratory Environment Testing adhoc network in a laboratory environment presents a number of challenges. The most obvious challenge is being able to test the effects of node mobility [11] on the adhoc routing protocols and adhoc applications. Moreover,


63

configuring individual nodes, installing patches, monitoring log files, updating software and debugging beta releases of experimental software distributions on a modest size of adhoc network can be very time consuming. Recreating realistic environmental conditions and signal transmission characteristics using off-the-shelf computing nodes and wireless cards in a laboratory setting is also very difficult.

3.2 Hardware and Software requirements

3.2.1 Laptops/Desktops At least three nodes with Intel Pentium or higher Server: Linux system (ix86) with one wired and one wireless interface Clients: Any Linux system with one wired and one wireless interface

3.2.2 Wireless LAN Card Ad hoc network needs wireless LAN cards (IEEE 802.11) which should be configured to Adhoc mode. Our Choice is Netgear [12] NETGEAR WG511T 108 Mbps Wireless PC Card NETGEAR WG311T 108 Mbps Wireless PCI Card (With Chip set Atheros 5212)

3.2.3 Madwifi Driver (madwifi-0.9.4) A Linux kernel driver for Atheros –based wireless LAN devices. The driver support ad hoc mode of operation. The three important modules we need

(a) ath_pci Supports PCI,MiniPCA,Cardbus devices

(b) ath_hal It contains Atheros Hardware Access Layer (HAL)

(c) ath_wlan Contains 802.11 state machines, protocol support and other device-independent support needed by any 802.11 device.

3.2.4 Operating System Linux with kernel 2.6 Our choice is FedoraCore7 Linux kernel version 2.6.21 [13]

4. Formation of Ad hoc network

4.1 Installation of Wireless Cards After physical installation of wireless cards, they are configured as below to generate wireless interface as ath0 under Linux on each node with different IP Addresses 1) Vi /etc/modprobe.conf file Add a line alias ath0 ath_pci 2) Vi /etc/sysconfig/network-scripts/ifcfg-ath0 Add DEVICE =ath0

BOOTPROTO=static- WIRELESS=yes RATE=54Mb/s Set Mode =Ad-hoc ESSID=Prit IPV6INIT=No ONBOOT=Yes USERCTL=No PEERDNS=No CHANNEL=1 IPADDR=192.168.0.96 NETMASK=255.255.0.0 3) ifconfig ath0 up 4) ifup ath0 5) vi /etc/resolve.conf Add name server 192.168.1.1

4.2 Installation of madwifi driver [14] in order to activate wireless interface cd madwifi-0.9.4 make make install /sbin/modprobe wlan /sbin/modprobe ath_hal /sbin/modprobe ath_pci

4.3 Creation of actual Ad hoc mode in real field We constitute the adhoc network for four nodes physically available in laborotory on each wireless interface ath0. Node A 192.168.0.91 MAC address (00:14:6c:8d:2b:a8), Node B 192.168.0.96 MAC address (00:18:48:71:5e:17) Node C 192.168.0.99 MAC adress (00:18:4d:9c:4cd9) , Node D 192.168.0.92 MAC adress (00:18:4d:71:5d:f4) If ath0 wireless interface already exist for instance, we have to destroy it by issuing following command

Wlanconfig ath0 destroy

Inorder to create an interface (called ath0) in adhoc mode, following command is issued on each node Wlanconfig ath0 create wlandev wifi0 wlanmode adhoc The connectivity with each node is tested by the use of simple ping command. The ping statistics conferred that the Node A, Node B and Node C are communicating with each other except than node D.


64

Figure 2. capturing of packets on ath0

Figure 3. capturing of packets on ath0

The Above Figures illustrate the capturing [15] of the packets on the interface ath0. Node C (192.168.0.99) communicate with Node B (192.168.0.96) using ICMP protocol.The packet number 31 and 49 are obsreved as Malformed packet. Packet Number 40 and 41 resolve the concept of Adress Resolution protocol (ARP).They attempt Full Duplex communication among the two MAC adresses .The same is the case for packet number 55 and 57.Similarly Node A

(192.168.0.91) and Node B (192.168.0.96) are connected using ICMP proocol.

Figure 4. Identification of AODV protocol

Figure 5. Flow graph


65

The graph analysis indicate the packets flooding from source Node A (192.168.0.91) only Broadcast to the destination (255.255.255.255) using UDP protocol on port 654 signifying AODV route reply from destination port. Here, we are not applying any external AODV routing daemon either in user space or kernel space.

5. Conclusion The dynamical nature of an ad hoc network is very interesting. The strength of the connection can change rapidly in time or even disappear completely. Nodes can appear, disappear and re-appear as the time goes on and all the time the network connection should work between the nodes that are part of it. As one can easily imagine, the situation in adhoc networks with respect to ensuring connectivity and robustness is much more demanding than in the wired case. Generally researchers traditionally use simulations because they easily allow for a large number of nodes and reproducible environment conditions. In simulation, the developer controls the whole system, which is in effect only a single component. But on the other hand, here, our submission is for an implementation in real world, which needs to interoperate with a large, complex system. Some components of this system are operating systems, network interfaces and suitable wireless drivers. This paper throws a light on challenges to be faced in a laboratory environment. Here, we practically explored the creation of adhoc network which uses ix86 architecture and Linux can run even in 80386 machines (at least requirement is Pentium II), so we can gather all those old PCs intended thrown away, adding a PCMCIA wireless card on each of them and set up adhoc network in a laboratory at a very low cost suitable for the academic researcher.

References [1] J.Freebersyer and B.Leiver, “A DoD Perseptive on

Mobile Ad hoc networks,” Ad hoc Networking,Ed. C.E. perkins,Addisson-Wesley,2001, pp-29-51

[2] C.E Perkins and P. Bhagwat, “highly dynamic destination Sequenced Distance vector routing (DSDV) for Mobile Computers,” proc. ACM SIGCOMM’94, oct, 1994.

[3] D.B Johnson, “routing in ADHOC Networks of Mobile hosts”, Proc. ACM Mobicomm, 94, Dec.1994.

[4] E.Royer and C.K.toh,a, “A Review of Current routing ptotocols for Adhoc Mobile Wireless Networks”, IEEE Pers. Commun,Vol6,no.4,Aprl,1999,pp-46-55.

[5] R.Ramnathan and M.Steenstrup, “Hierarchically-organised Multi-hop mobile wireless Networks for Quality of service support,”Baltzer Mobile Networks & Appicications, 1998

[6] C.Santivaneez, R.Ramnathan and I.Stavrakakis, “Making link state routing scale for Adhoc Networks”, Proc.ACM Mobile 2001, Long Beach, CA.

[7] A.Iwatta, C.C.Chiang, G.Pei,MGerla and T.W.chen, “Scalable Routing Stratgies for adhoc wireless

Networks,” IEEE JSAC,Vol 17,no.8,Aug 1999,pp-1369-79

[8] S.singh,M.Woo and C.S.Raghavendra, “Pwer Aware Routing in Mobile Adhoc Networks”, Proc. ACM, Mobicomm 1998

[9] S.B.Lee, G.S.Ahn and A.T.Campbell,” improving UDP & TCP performance in mobile adhoc networks with INSIGNIA,”IEEE Communications mag, Vol.39, no 6, June 2001.

[10] L.Zhou and Z.J.Haas,”Securing Adhoc networks,” IEEE Network, Vol13, no 6, Nov-Dec.1999,pp. 24-30.

[11] Nitiket N Mhala and N K Choudhari,’’ An Envision of low cost mobile ad-hoc network test bed in a lab environment emulating an actual ANET”,IJCNC,Vol 2,No.3,May2010,pp 52-63

[12] Wireless Network cards available at http://www.netgear.co.uk/wireless_networkcard_

wg511t.php and http:uk.farnell.com/netgear/wg311t/ card-pci-w-wn-108mbps-netgear/.

[13] Fedoracore7 (FC7) Linux is available: http://mirrors.fedoraproject.org/publiclist/fedora7/i386/

[14] Madiwi-0.9.4 drivers are available for downloaded on http://linux.softpedia.com/progdownload/madwifi-download-12546.html

15] Etheral GUI network protocol analyzer using tcpdump’s capture format available on http://www.ethereal.com. Authors Profile

Mr. Nitiket N. Mhala is PhD student and also working as Associate Professor in the Department of Electronic Engineering, Sevagram, India. He received his ME Degree from RM Institute of Research and Technology, Badnera, Amravati University and BE Degree from Govt. College of Engineering, Amravati, Amravati University. He published

a Book Entitled PC Architecture and Maintenance and many research paper at International and Nationl level. He is a member of Institute of Electronics and Telecommunication Engineer (IETE). His area of interest spans Data communication, Computer network and Wireless Ad hoc networks.

Dr. N. K. Choudhari is a Professor and completed his Ph.D degree in Electronics Engineering from J.M.I., New Delhi and received his M.Tech in Electronics Engineering from visveswaraya regional Engineering College, Nagpur. He received his BE in Power Electronics from B.D.C.O.E., Sevagram. Presently he is Principal at

Smt.Bhagwati Chaturvedi COE, Nagpur, India. He is guiding few research scholars for persuing Ph.D degree in RTM Nagpur University, Nagpur, India. He has worked as members of different advisory committees and was a member of Board of Studies, Electronics Engg. of Nagpur University, Nagpur, India.


66

The Electronic Intermediary and the Effect on this For Developing E-Commerce

Sahar Kosari1, Mohammadreza Banan2, Hadi Fanaee Tork3 and Ali Broumandnia4

1 Payam-E-Noor University of Tehran, Department of Management,

Tehran, Iran [email protected]

2 Young Researchers Club, Islamic Azad University Qazvin Branch, Qazvin, Iran

[email protected]

3 Researches & Development Department, Kasbarg, Information Technology Company Mashad, Iran

[email protected]

4 Islamic Azad University-South Tehran Tehran, Iran

[email protected] Abstract: In export marketing, an electronic intermediary serves as a business-to-business (B2B) electronic marketplace, which allows trade parties achieve cost-efficient international trade. Previous studies have not paid enough consideration to the electronic intermediary. Instead, they have accent a direct Internet-based exchange, which was yielded to decrease transaction costs. This research suggests an electronic intermediary as a hybrid-exporting channel, combining a traditional intermediary and a direct Internet-based exchange. A direct Internet-based exchange is attending the most efficient exporting channel to reduce cost, but it involves high risk. A traditional intermediary may be an effective exporting channel to reduce risk, but it accompanies high cost such as commissions and agent fees. This research suggests that an electronic intermediary is an alternative to balance between profit and risk. This research examines determinants and effects of electronic intermediary use in export marketing. The results indicate that electronic intermediary use is influenced by some IT and marketing determinants. Electronic intermediary use also has a positive impact on export performance. Particularly, high entrepreneurial or low bureaucratic exporters may use an electronic Intermediary more effectively in export marketing.

Keywords: electronic intermediary, performance, E-commerce, customer, IT, industries, B2B, payment.

1. Introduction This research investigates the use of an electronic

intermediary in international commerce. Specifically, this research aims to provide a comprehensive understanding of an electronic intermediary regarding the growth of electronic commerce in export marketing. An electronic intermediary is a typical form of electronic commerce. Electronic export intermediary is an electronic marketplace of sources in which qualified members simply post requests to buy or sell and its sales representatives will search around the global for companies to supply or purchase the posted products. The popularity of electronic commerce allows market intermediaries to connect between Manufacturers

and customers around the world using advantage of a computer network’s capacity to reduce transaction costs [1].

2. E-commerce & E-Intermediary The emergence of an electronic intermediary is an

outcome of the development of electronic commerce [2]. Considering its characteristics, an electronic intermediary is an appropriate market intermediary for small and medium exporters who lack the necessary knowledge and resources to engage in international commerce. This research aims at better understanding an electronic intermediary in export marketing by investigating determinants and effects of electronic intermediary use. The Internet is often considered to be fundamentally changing the business paradigm [3]. In market transactions, the Internet has also become an important medium [4]. A typical by-product of the Internet’s development is electronic commerce, defined as “any transaction completed over a computer-mediated network that transfers ownership of, or rights to use, goods or services” [5] .Electronic commerce is a way of doing real-time business transactions via telecommunication networks, when the customer and the merchant are in different geographical places. Also, electronic commerce is a commercial transaction with business partners, including buyers or sellers, over the net [6]. According to [7], electronic commerce includes the support of markets, inter-firm coordination, and information exchange via electronic means. Electronic commerce is also a broad concept that includes virtual browsing of goods on sale, selection of goods to buy, and payment methods. The Internet has become an important medium for business transactions [4]. The Internet allows customers and manufacturers in different geographical places to conduct real-time market transactions. Furthermore, the Internet has motivated firms to participate in electronic commerce, because it can reduce costs in market transactions. Previous research on electronic Commerce insisted that a direct


67

exchange via the Internet might lower transaction costs Incurred [8], [9]. In international commerce, an exporter in one country can theoretically trade directly with customers in other countries via its online catalogs or Internet exchange at a much lower transaction cost than incumbent distributors could match [8]. If this were the case, market intermediaries who connect between manufacturers and customers would have disappeared. In electronic international commerce, however, there are still various market intermediaries.

2.1 Information Technology (IT) Information technology (IT) adoption is critical to the

growth of an economy [10]. Although IT adoption has been researched by academics for more than a decade and many theories attempt to explain IT adoption in different domains, there are still several critical components related to IT adoption that have not yet been thoroughly investigated. First, among studies that focus on technology adoption, only a small percentage is devoted to the adoption and use of electronic commerce (e-commerce) in small- and medium-sized enterprises (SMEs). The contribution of SMEs is extremely important to the economy and rapid growth of developing countries. In addition, small businesses differ from large businesses in terms of IT adoption patterns [11]. For example, SMEs often find technology difficult to implement due to resource constraints. Second, there is a need to validate existing theories in different contexts. The majority of IT adoption research focuses on the technologically developed world, mostly because the majority of research/academic institutions are located in developed countries.

3. Effects of Electronic Intermediary use on Performance

Figure 1 illustrates the effects of electronic intermediary use on export performance. An Export intermediary is a specialist firm that functions as the export department of several manufactures in noncompetitive lines as a transaction channel for exporters [2]. Despite scarce theoretical and empirical research, export intermediaries have played a major role in export marketing [12]. An electronic intermediary is an alternative export-oriented market intermediary in electronic international commerce [1]. An electronic intermediary allows exporters to enhance their access to decision-making information by exploiting the use of contemporary technology [13]. An electronic intermediary has various roles, benefits, and even costs. Roles identified by the literature include providing market information, connecting between exporters and foreign customers, and serving as an electronic marketplace. Also, an electronic intermediary provides many benefits, such as accelerating the internationalization of SMEs, making market transactions efficient, and overcoming time and geographical barriers [14].

Figure1. Effects of electronic intermediary use on export performance

However, lack of credibility, unestablished payment systems, and language and Cultural barriers are presented as costs of electronic intermediary use in the literature [18].

4. Roles of Electronic Intermediaries

4.1 Connecting between Exporters and Foreign Customers

Electronic intermediaries play an important role in connecting between exporters and foreign customers effectively. An exporter of one country could trade efficiently with customers of other countries via an electronic intermediary at much lower transaction costs [8]. Since they participate in transactions with different customers, different suppliers, and potentially in different industries, electronic intermediaries can analyze consumer preferences across products, suppliers, and industries [4].

4.2 Providing Market Information An electronic intermediary assists exporters in identifying

and taking full advantage of Business opportunities [18]. Through their global networks and Drawing on their experience in carrying out international trade transactions, electronic Intermediaries are able to gather and analyze information quickly and accurately [18].

Figure 2. Connecting between customers and suppliers Moreover, electronic intermediaries provide updates on business trends, market conditions and individual commodities, and products [13]. Electronic intermediaries also provide advice on legal matters and local business customers to assist exporters in realizing the potential of their products [1].

4.3 Serving as an Electronic Marketplace An electronic intermediary provides an electronic

marketplace of sources. An electronic Intermediary serves as


68

B2B electronic marketplace in which qualified members can post Requests to buy or sell [15]. An electronic intermediary provides the collection of many demands from buyers and many products from sellers effectively via the Internet [19]. The decision of channel type belongs to exporters. Exporters can trade directly with foreign customers who are introduced by the electronic intermediary. Also, exporters who have insufficient resources and knowledge regarding the direct foreign exchange can trade indirectly with foreign customers via the electronic intermediary. Furthermore, exporters can introduce / identify uniqueness of services and products, provide detailed product specifications, and make available a forum for advertising and marketing new or existing products in the electronic marketplace [19].

5. Benefit of Electronic Intermediaries Finding the ideal buyer or supplier in the electronic

marketplace can be extremely time Consuming and costly [18]. Moreover, an Inding relevant source in the “virtual jungle” is a hard challenge for non-experienced users [16]. Small and medium exporters usually do not have sufficient resources or experiences regarding foreign markets [12]. Small and medium exporters also face significant uncertainty in electronic international commerce. E-commerce arguably has a potential to add a higher value to businesses and consumers in developing countries than in developed countries. Yet most developing country-based enterprises have failed to reap the benefits offered by modern information and communications technologies. A fundamental motive for using an electronic intermediary is to reduce transaction costs, which is theorized from the transaction cost analysis. An electronic intermediary allows exporters to meet customer’s need, increase customers’ accessibility, and provide variety of their products or services, which correspond to the roles of a marketing strategy [9]. An electronic intermediary may make market transactions easier and more efficient, which may decrease transaction costs. Also, using an electronic intermediary may play a role of a marketing strategy for exporters to penetrate the global market. Firm resources are usually strengths that firms can use to conceive of and implement their marketing strategies [17]. Therefore, the transaction cost analysis and resource-based view may be appropriate for explaining theoretically the electronic intermediary in export marketing.

5.1 Accelerating the Internationalization of SMEs An electronic intermediary is originated and developed

from electronic commerce, which is the fastest growing facet of the Internet. An electronic intermediary is thus closely associated with the Internet. The Internet’s provision of low-cost and efficient interconnectivity has had a dramatic influence on the way in which business is being conducted [14]. The Internet offers Small and Medium-Sized Enterprises (SMEs) a level playing field in relation to their larger competitors [3].

5.2 Reducing Transaction Costs Reduced transaction costs from easier and more efficient

market transactions may be the typical benefit of an

electronic intermediary [8]. In export marketing, an electronic intermediary’s functions that benefit buyers include assistance in search and evaluation, need assessment and product matching, risk reduction, and product distribution/delivery [1]. Buyers execute transactions based on electronic information without inspecting products, thus encountering risks of uncertain product quality for the buyers [1]. An electronic intermediary’s functions that benefit exporters include creating and disseminating Product information and creating product awareness, influencing consumer purchases, providing customer information, reducing exposure to risk, and reducing costs of distribution through transaction scale economies [9].

6. Cost of Electronic Intermediaries

6.1 Lack of Credibility Credibility is a very important factor in channel working

relationships in international Commerce, credibility is especially important. In an electronic international relationship, face-to- face communication is rare, which may induce a lack of credibility. As a consequence, exporters may be exposed to the opportunistic behaviors of foreign participants regarding electronic intermediary use [4]. It is difficult for exporters to monitor or safeguard against opportunistic behaviors of foreign customers; therefore, much cost may be incurred to prevent the problem.

6.2 Unestablished Payment System Payment is another concern in electronic intermediary use

in export marketing. In the Trading world, there are several types of payment terms, such as cash in advance, letter of credit (L/C), drafts, and open accounts [18]. Among them, L/C is the most frequently used. In general, a traditional export intermediary offers full service to assist buyers and sellers regarding this payment issue. Opening an L/C through the Internet is already possible by connecting electronic intermediaries to banks that offer exporting services. Nevertheless, use of L/C is still limited and rare in an electronic intermediary due to cultural, practical, and technical limitations [1].

6.3 Other Costs Exporters pay some commissions, such as transaction fees

or membership fees for exporting via an electronic intermediary. As a result, exporters may lose part of their profit margins by using an electronic intermediary [4]. Also, language and cultural barriers can further contribute to the cost of using an electronic intermediary in export marketing, because exporters usually bargain without assistance with unfamiliar foreign customers from different countries and cultures.

7. Conclusion The advent of the Internet has generated significant

interest in electronic commerce. Development of electronic commerce is expected to bring changes in the economics of Marketing and distribution channels by creating a new


69

generation of market intermediary called an electronic intermediary. This study highlights how an electronic intermediary will allow small and medium exporters to effectively participate in the global market. An Electronic intermediary is expected to bring significant changes to the economics of marketing channels and the structure of distribution in export marketing.

References [1] H. Theodore Clark, and H. Geun Lee “Electronic

Intermediaries: Trust Building and Market Differentiation”, Proceeding Of the 32nd Hawaii International conference On System Science, Http://Www.computer.Org/Proceedings, 1999.

[2] H. Trabold, “Export Intermediation: An Empirical Test of Pang and Ilinitch”, Journal of International Business Studies, 33(2), pp. 327-344, 2002.

[3] V. Kanti. Prasad, K. Ramamurthy, and G. M. Naidu, “The Issuance of Internet-Marketing Integration on Marketing competencies and Export Performance”, Journal of International Marketing, 9(4), pp.82-110, 2001.

[4] J. P. Bailey, and Y. Bakos,”An Exploratory Study of the Emerging Role of Electronic Intermediaries”, International Journal of Electronic Commerce, pp. 7-20, 1997.

[5] B.K. Atrostic, john Gates, and Ron Jarmin, “Measuring the Electronic Economy: current Status and next Steps”, U.S. census Bureau, http://www.census.gov/eos/www/papers/G.pdf, 2000.

[6] B. Mahadevan, “Business Models for Internet-Based E-commerce: An Anatomy”, California Management Review, 42(4), pp. 55-69, 2000.

[7] J. W. Palmer, “Electronic commerce: Enhancing Performance in Specialty Retailing”, Electronic Markets, pp. 6-8, May. 1995.

[8] D. Narayandas, M. Caravella, and J. Deighton, “The Impact of Internet Exchange on Business-To-Business Distribution”, Journal of the Academy of Marketing Science, pp. 500-505, 2002.

[9] M. B. Sarkar, B. Butler, and C. SteinIeld, “Intermediaries and cybermediaries: A continuing Role for Mediating Players in the Electronic Marketplace”, Journal of Computer-Mediated Communication, 1995.

[10] K. E. Kendall, J. E. Kendall, M. O. Kah, “Formulating information and communication technology (ICT) policy through discourse: how internet discussions shape policies on ICTs for developing countries”, 12(1), pp. 25-43, Dev 2006.

[11] J. lee, J. Runge, “Adoption of information technology in small business: testing drivers of adoption for entrepreneurs”, The Journal of Computer Information Systems, 42(1), pp. 44-57, 2001.

[12] M. W. Peng, and A. Y. Ilinitch, “Export Intermediary Firms: A note on Export Development Research”, Journal of International Business Studies, pp. 609-620, 1998.

[13] D. Chrusciel, And F. Zahedi, “Seller-Based Vs. Buyer-Based Internet Intermediaries: A Research Design”, AMCIS 1999 Proceedings, Paper 86, August 1999.

[14] J. T. Goldsby, and J. A. Eckert, “Electronic Transportation Marketplaces: A Transaction cost Perspectives”, Industrial Marketing management, 32: pp. 187-198, 2003.

[15] M. G. Martinsons, “Electronic commerce in china: Emerging Success Stories”, Information and Management, 39(7), pp. 571-579, 2000.

[16] B. Ancel, “Using the Internet: Exploring International markets”, International Trade Forum, PP. 1-14, 1999.

[17] A. S. Bharadwaj, “A Resource-Based Perspective on Information Technology capability and Firm Performance: An Empirical Investigation”, MIS Quarterly, pp. 169-196, 2000.

[18] H. Lee and D. Danusutedjo,”Export Electronic Intermediaries”, American University: Washington D.C.

[19] D. Chrusciel, "The Internet Intermediary: Gateway to Internet Commerce opportunities", Journal of Internet Banking and Commerce, 2000.


70

Pairwise Key Establishment in Hierarchical WSN Cluster Network

G.N.Purohit 1 , Asmita Singh Rawat2

1Department of Mathematics, Banasthali University AIM & ACT, Banasthali-304022, INDIA

[email protected]

2 Department of Computer Science, AIM & ACT, Banasthali University, Banasthali-304022, INDIA

[email protected]

Abstract: Key establishment in sensor networks is a challenge in problem because asymmetric key cryptosystem are unsuitable for use in resource constraint sensor nodes and also because the nodes could be physically compromised by an adversary. We present a mechanism for key establishment using the framework of pre distributing a random set of keys to each node. We consider a hierarchical network model of sensor network consisting a three tier system having a base station, cluster heads and sensing nodes. There is a large number of sensor nodes scattered in different clusters. All sensor nodes in particular cluster are identical, however, in different clusters there may be nodes of different strength. Each cluster has a cluster head of much stronger strength. The base station contains a large pool of keys and nodes selects randomly key chains for themselves which are recorded in base station. In this paper we basically calculate the probabilities of connectivity between two nodes in its own cluster, between two nodes in different clusters, between nodes.

Keywords: Wireless Sensor Network, Key pre-distribution, Secured Connectivity.

1. Introduction Recent advances in wireless communications and electronics have enabled the development of low cost, low power, multi-functional sensor nodes that are small in size and commincate untethered in short distances. These tiny sensor nodes whose performance consists of sensing, data processing and communicating components, leverage the idea of sensor networks. Thus, the sensor networks give a significant improvement over the traditional sensors .Large scale sensor networks are composed of a large number of low powered sensor devices. According to [1],the number of sensor nodes deployed to study a phenomenon may be on the order of hundreds or thousands. Within network sensors communicate among themselves to exchange data and routing information. Because of the wireless nature of communication among sensors. These networks are vulnerable to various active and passive attacks on the communication protocols and devices. This demands secure communication among sensors. Due to inherent storage constraints, it is infeasible for sensor devices to store a shared key value for every other sensor in the network .Moreover, because of the lack of post deployment geographic configuration information of sensors; keys cannot be selectively stored in sensor devices. Although a simple solution would be to use a common key

between every pair of sensors to overcome the storage constraints. Random key pre-distribution(RKP) schemes [2],[3],[4],[5] have been proposed to provide flexibility for the designers of sensors network to tailor the network deployment to the available storage and the security requirement .The RKP schemes propose to randomly select a small number of keys from a fixed key pool for each sensor. Sensors then share keys with each other with a probability proportional to the number of keys stored in each sensor and using this scheme, one can achieve a known probability of connectivity within a network. There are instances, as per requirement of the landscapes in which sensor nodes segregate themselves into exclusive neighborhoods and these neighborhoods are separated from each other for number of reasons. For example there may be signal blocking terrians like hills, buildings, walls between clusters. Each cluster contains a certain number of nodes and one strong node of much higher strength and working as cluster head. In the present paper we consider a sensor distribution of this nature . The sensor nodes are deployed in different clusters along with a cluster head in each cluster. This paper is organized as follows: Section -2 includes a brief description of related work. In Section -3 the model is described, connection probabilities are calculated. In section-4 numerical evaluations and verification of results is included in Section 5. 2.Related Work. Security services, such as authentication and confidentiality, are critical to secure the communication between sensors in hostile environments. For these security services, key management is a fundamental building block. To solve the problem Eschenhauer and Gligor [5] , first proposed a random key predistribution scheme, which let each sensor node randomly pick a set of keys from a key pool P before deployment such that two sensor nodes share a common key with certain probability after deployment. Since this original work, several other variations of this scheme have suggested to strengthen this method . Du et.al [7], Liu et.al [9] and Zhu et.al[ 14] extended this scheme to further strengthen the security or improve the efficiency. Du et.al[7] and Liu et.al[9] provide a random random key key pre-distribution scheme using deployment knowledge which reduces memory size significantly. Since the RKP schemes necessitate only a limited number of keys to be preinstalled in sensors, a sensor may not share keys with of


71

its neighbour nodes. In this case a Pairwise key Establishment (PKE)scheme is required to set up shared keys with required fraction of neighbour nodes. Traynor et.al[13] proposed a random key distribution scheme based on the .Instead of a homogeneous compositon of nodes ,this kind of network now consists of a mix of nodes with different capabilities and missions. Patrik et.al[13] established pairwise keys in heterogeneous sensor networks. They demonstrated that a probabilistic unbalanced distributions of keys throughout the network that leverage the existence of a small percentage of more capable sensor nodes can not only provide an equal level of security but also reduce the consequences of nodes compromise. 3. The Model In the most of recent studies the sensor network is considered either as a grid or a very large random graph arrangement such that all neighbors within the transmission radius of a given node can have communication. In the case of random key pre deployment, in such networks, the communication between adjacent nodes (within communication range) is therefore limited only by key matching. However this model is not always realistic for many reasons. The sensor node is deployed randomly by air dropping or other means on landscape that segregates nodes into different exclusive neighborhoods. There may be signal blocking barriers in the landscape including hills, walls, and high rising buildings. Sometime it is needed to deploy the sensor nodes in different clusters e.g. in the battle fields, controlled by a common base station. We consider a similar scenario in this paper. 3.1. Model Setup In our model we consider three different clusters C1,C2, C3 (there can be any number of clusters) of nodes controlled by single base station. The schematic diagram of the Models given in Fig.1.Each cluster contains nodes of identical hardware, however, nodes in different clusters may have different sensing strength and of different hardware.

Figure1. The schematic diagram of the Models

Sensor nodes are organized in a hierarchical structure. They are grouped into a number of clusters, each cluster containing strong sensor nodes having a large sensing, data gathering and communicating strength. This particular node is called the cluster header and plays the following roles controlled by part of nodes playing a particular role:

• Collecting and analysing the data from the nodes in their clusters and communicating to the base station. • Having secured communication with every other cluster header. Member nodes in a cluster are connected with the cluster header via a one-hop or multi-hop link and these member nodes perform sensing and forwarding the data to the cluster head. After gathering or aggregating localized sensing information from their cluster member’s nodes, the cluster header sends packets to the base station. The nodes in a cluster adopt the following protocol for communicating among them. If two nodes lying between there sensing range and share in a common key can communicate directly. In order to securely communicate with the nodes in which a particular node i does not directly share an encryption key with another node j, the message is routed via multiple hops in the following manner: 1. To securely communicate with node j, node i first Encrypts the message using the encryption key it shares with node l that is closest to the destination and with which it (node i ) has a direct connection and sends the encrypted message to node l. 2. Node l then decrypts the message, and checks if node j is its direct contact. If it is, then node l encrypts the message using the encryption key it shares with node j and sends the message to node j directly. However, if j is not one of l ’s direct contacts, then node l locates the next node, m , that is closest to node q , among its direct contacts, and encrypts the message with the encryption key its shares with node m and sends the encrypted message to it. 3. Node m repeats step 2, and so on until the message reach’s node j. However, since the cluster has limited number of nodes, we have a threshold of 3 hops i.e. every node can have a link with cluster header within 3 hops. 3.2. Keys Distribution in the Network There are three (related to number of clusters) large key pools, each of size of P keys in the base station. Each cluster header receives mi keys and each node in a cluster Ci receives a ki keys, i=1, 2, 3… (mi >> ki ).The information of distributed keys lies with the base station. We further assume that nodes in cluster C1 can have communication if they share at least one common key. Since clusters C2 and C3 can be compromised by a hacker. The nodes in C2 and C3 can communicate each other if they share at least 2 and 4 keys, respectively. The same is true for any node in a cluster to communicate with their respective cluster header. In the next section we calculate probabilities for having communication to their respective header directly or indirectly by the encrypted path with multi hops limited to 3. It is assumed that the headers are securely connected to each other having multiple common keys and also with the base station.

4. Mathematical Formulation In this section, we calculate the probabilities for the hierarchical sensor network. The base station which is the key distributor centre consist of a large key pool of size 3P, a pool of size P for each cluster, with random symmetric keys .Each cluster header


72

C i (i=1,2,3) draws a key pool of size m i from the key

pool at base station. Each node in cluster C i also draws a

key chain of size k i (k i << m i ) from the key pool meant

for cluster C i and maintained at base station. Now we can calculate the different probabilities for sharing a common key (at least one in cluster C1, at least 2 in cluster C 2 and at least 4 in cluster C 3 ),between two nodes, between a node and its corresponding cluster head , between two nodes in different clusters. Since in cluster the nodes are of different harwares and have different protocols for communicating within the cluster, we consider the communicating for probability for each each cluster separately.

4.1 Cluster C1 .

• The probability that two nodes in cluster C1 share at least one common key.

We are given a key pool of size P and each each sensor node in C1 is loaded with k1 keys.The probability that two nodes share at least one common key is 1-(probability that two nodes share no keys) Following Eschenauer et.al [5], we can calculate probability for sharing key between two nodes. The number of possible ways of selecting k 1 keys for a node (say n 1 ) from the pool is

)!(!!

11 kPkP

−

Similarly, the number of possible ways of selecting k 1 keys for another node (say n2), from the pool

)!2(!

)!(

11

1

kPkkP

−−

The probability that no key is shared between these two rings is the ratio of the number of rings with no match to the total number of possible rings is given by:

= )!2(!

)!(

11

1

kPkkP

−− ÷

)!(!!

11 kPkP−

=

)!2(!)!(

1

21

kPPkP

−−

Therefore the probability that at least one key being shared between two nodes (at one hop distance).

p 11 =1-)!2(!

)!(

1

21

kPPkP

−− (1)

Figure 2. illustrates probability for connectivity

Probability of sharing at least one common key between two nodes Fig.2 illustrates probability of sharing at least one common key for connectivity for the function (Eq.1) for various values of P. Probability therefore the probability that at least one key being shared between two nodes (at one hop distance). = 1-

)!2(!)!(

1

21

kPPkP

−−

• Probability that two nodes are connected at one

hops p 11 = 1 - (

)!2(!)!(

1

21

kPPkP

−− )

• Probability that two nodes are connected at two hops

p 12 = 1 - 2

1

21 )

)!2(!)!((kPP

kP−

− (2)

• Probability that two nodes are connected at three hops.

p 13 = 1 - 3

1

21 )

)!2(!)!((kPP

kP−

− (3)

From the above equation one can calculate probability at different hops for the value of n. Probability at two hop and at three hop can be calculated from the above equation.

P robability at d ifferent hops

0

0.2

0.4

0.6

0.8

1

1.2

1 2 3

Numbe r of hop s (h)

pro

bab

ilit

y at

dif

fere

nt

ho

ps

k=15

k=25

k=35

Figure 3. That the probability of at different hops

The network connectivity probabilities for 1-hop path key establishment are plotted in Fig. 4 for various values .It is clear from the figure that one can achieve significantly better connectivity after executing this phase even if the network is initially disconnected with high probability.

• Probability that two nodes share exactly one key in common.

Therefore the probability that at least one key being shared between two nodes (at one hop distance).

p 11 = 1- )!2(!

)!(

1

21

kPPkP

−−

• Probability that cluster header and node share a common key.


73

P robability b etween th e nodes and c lu s ter header

0

0.2

0.4

0.6

0.8

1

1.2

2000 4000 6000 8000 10000 100000

K e y P ool siz e (P )

pro

bab

ility

m= 125,k = 15

m= 150,k = 20

m= 175,k = 25

m= 200,k = 30

Figure 4. That the probability between the nods and cluster

header Let hp1 be the probability that an sensor nodes and cluster header share at least one common key in their respective key ring. The number of possible key ring assignments for node . The probability has been calculated for m=250 and k=15 and the value of pool P and key ring size for connectivity.

)!(!

!11 kPk

P−

The number of possible key ring assignment for the cluster header is

)(!

)!(

111

1

kmPmmP

−−

−

The equation for the probability of a node and cluster header is connected by following equation. The probability that no key is shared between a node and the cluster head is

=)(!

)!(

111

1

kmPmmP

−−

− ÷)!(!

!11 kPk

P−

[Where m i >> k i ] =

!)!(!!)!()!(

111

111

mkmPPkmPkP

−−−−

Hence, the probability that a node in C 1 and the cluster head shares at least one common key is

p h1 = 1 – ( !)!(!!)!()!(

111

111

mkmPPkmPkP

−−−−

) (4)

The probability that a node in the cluster head share common keys can be calculated with the Chan et.al[3 ] connectivity equation. 4.2. Cluster C 2

• Probability that two nodes share exactly a key in common.

.Therefore the probability that at least one key being shared between two nodes. p

22 = 1-

)!2(!)!(

2

22

kPPkP

−− (5)

• Probability sharing common key between cluster header and node.

p h2 = 1 – ( !)!(!!)!()!(

222

222

mkmPPkmPkP

−−−− (6)

• Probability that two nodes are connected at one

hops

p 21 = 1 - ()!2(!

)!(

2

22

kPPkP

−− ) (7)

• Probability that two nodes are connected at two hops

p 22 = 1 - 2

2

22 )

)!2(!)!((kPP

kP−

− (8)

• Probability that two nodes are connected at three hops.

p 23 = 1 - 3

2

22 )

)!2(!)!(

(kPP

kP−

− (9)

So, we can calculate probabilities for different hops from the above equations.

• Probability that two nodes share exactly two key in common .

With the Chan et al.[3] equation ,we can calculate probability that two nodes have i keys in common. There

are (P

i ) ways to pick i and (P- i) is the number of remaining. Keys in the key pool after i is picked .The number of ways in which a key ring of size k and one of

size m can be chosen from a pool P are )( Pk and

)( Pm respectively , total number of ways for both nodes to

pick m. Thus the equation

P ( i ) =))((

))()(( )()()()(

Pk

Pm

ikimim

iPikim

pi

−+−−

−−+−

(10)

Thus the probability for sharing two common keys can be calculated from the following equation. )1()0([121 ppp +−= ] 4.3 Cluster C 3 .

• Probability sharing common key between cluster header and node.

p h3 = 1 – ( !)!(!!)!()!(

333

333

mkmPPkmPkP

−−−− (11)

• Probability that two nodes share exactly three key in common.

For the cluster C 3 the probability value decreases as the distance increases. In following table we have calculated probabilities at different hop values. With the Chan et al.[3] Equ.10. we have plotted graph for key value (1,2,4). The following fig .5. Illustrates probabilities for the key values.

Figure 5. Illustrates probabilities for the key values


74

Fig.5 Probability that two nodes containing key rings of differing sizes share exactly i keys is for the above Eq. Rest all probabilities we left out because the value vanishes as the size of distance increases .Thus in the cluster C 3 the

probability value is very low as compared to the cluster C 2

and C 1 . Table 1: probability of connectivity of node with its cluster header has been calculated for key ring size and having common keys between the nodes and cluster headers. Probability is calculated at one-hop, two –hop and three-hop distances for the key values.

Node

connectivity

Probability of connectivity of node with its cluster head.

cluster(C 1 )

Probability of connectivity of node with its cluster head

cluster(C 2 )

Probability of connectivity of node with its cluster head

cluster(C 3 )

Node directly connected to header

0.9887 0.8948 0.7998

Node connected by one intermediate node

0.9809 0.8372 0.6885

Node connected by two intermediate nodes(2-hop)

0.7928 0.6821 0.4763

Node connected by three intermediate nodes (3-hop

0.6099 0.4499 0.3098

4.4. Probability of node in cluster header with a node in another cluster header. Any node in cluster can have connection with any other node in another cluster. The probability of connectivity is obtained as described below. We introduce some notations the purpose only. n 0 : originating node.

n d : destination node.

C 0 : originating cluster.

C d : destination cluster.

op : Probability of connectivity between n 0 and C 0 .

dp : Probability of connectivity between C d and n d .

p ( n 0 is connected to n d )= probability ( n 0 connected to

C 0 ) . Probability (C 0 connected to C d ). Probability (C d is

connected to n d ) = op .1. dp

Since C 0 and C d have secured connectivity with probability 1.

5. Connectivity discussion Let p denote the probability for two neighboring nodes sharing at least one key. To achieve a high connectivity, we need to increase P(pool). Fig.2. illustrates probability for connectivity for the above function for various values of (P, k) under our proposed scheme, the key pre distribution scheme. One can see that as the pool size increases the probability values increases (For Pool size 10,000, probability is 0.9989 for different keys). As the size of the pool become larger, the number of key requirement increases. The proposed scheme offers a much better resilience property while requiring a much smaller key ring size when compared with Eschenauer and Gligor’s.

Similarly, Fig.3.shows that the probability of key sharing among nodes and cluster header increases by a very little increase in the number of preloaded keys in nodes. If preloaded keys are increased from 20 to 50, the key sharing probability increases from 0.5 to 0.8 approximately, for 120 key ring size. The probability calculated between the nodes and the cluster header is calculated for various values of (P, k , m ). Keys are drawn from the pool at different levels. In Fig.3 we illustrate the probability between the nodes and the cluster header for sharing a common key. According to the proposed scheme, there are several nodes and cluster headers. As discussed in section. 4. The sensor nodes in the clusters are classified into one-hop neighbors, 2-hop neighbors and 3-hop neighbors depending on how they share keys with the cluster headers. The probability that for one-hop neighbor for the cluster is given in Eq.2. To be a 2-hop neighbor, a node should share at least one key with the with one two nodes being able two establish a secured link is at p=0.3329.Thus we conclude that the probability that two nodes and cluster header are within range can communicate via a 1-hop,2-hop and 3-hop and for other values we consider that the range vanishes. The probability range is high when at least one common key is shared between node and cluster header. Probability range decreases as number of keys increases. Probability is lesser for sharing at least two common keys between node and cluster header and much lesser probability for sharing at least four common keys. References [1].Camtepe, S.A.; Yener, B.” Key Distribution Mechanisms

for Wireless Sensor Networks: a Survey; “Technical Report TR-05-07; Department of Computer Science, Rensselaer Polytechnic Institute:Troy, NY, USA, March 2005.

[2] Y. Cheng and D. P. Agrawal. “Efficient pairwise key establishment and management in static wireless sensor networks.” In Second IEEE International Conference on Mobile ad hoc and Sensor Systems, 2005.

[3] H. Chan, A. Perrig, and D. Song, “Random key predistribution schemes for sensor networks” , In IEEE Symposium on Security and Privacy, Berkeley, California, May 11-14 2003, pp. 197-213.

[4] I. F. Akyildiz, W. Su, Y. Sankarasubramaniam, and E. Cayirci, “A survey on sensor networks,” IEEE


75

Communications Magazine, vol. 40, pp. 102 – 114, August 2002.

[5] L Eschenauer, V. D. Gligor. “A key-management scheme for distributed sensor networks” , In Proceedings of the 9th ACM Conference on Computer and Communications Security, Washington, DC, USA, November 18-22 2002, pp. 41-47.

[6] D. Huang, M. Mehta, D. Medhi, and H. Lein, “Location-aware key management scheme for wireless sensor networks,” in Proceedings of ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN ’04), October 2004, pp. 29–42.

[7] M. Mehta, D. Huang, and L. Harn, “RINK-RKP: “A scheme for key pre distribution and shared-key discovery in sensor networks,” in Proceedings of 24th IEEE International Performance Computing and Communications Conference, 2005.

[8] X. Du, Y. Xiao, M. Guizani, and H.-H. Chen. “An effective key management scheme for heterogeneous sensor networks” . Ad Hoc Networks, 5(1):24–34, 2007.

[9] W. R. Heinzelman, A. Chandrakasan, and H. Balakrishnan. “Energy-efficient communication protocol for wireless microsensor networks” . In IEEE Hawaii Int. Conf. on System Sciences, pages 4–7, 2000.

[10] K. Lu, Y. Qian, and J. Hu. “A framework for distributed key management schemes in heterogeneous wireless sensor networks.” In IEEE International Performance Computing and Communications Conference, pages 513–519, 2006.

[11] S. Zhu, S. Xu, S. Setia, and S. Jajodia. “Establishing pairwise keys for secure communication in ad hoc for wireless microsensor networks” . In IEEE Hawaii Int. Conf. on System Sciences, pages 4–7, 2000.

[12] L. B. Oliveira, H. C. Wong, M. Bern, R. Dahab, and A. A. F. Loureiro. Sec leach: “A random key distribution solution for securing clustered sensor networks.” In 5th IEEE international symposium on network computing and applications, pages 145–154, 2006.

[13] K. Ren, K. Zeng, and W. Lou. “A new approach for random key pre-distribution in largescale wireless sensor networks.” Wireless communication and mobile computing, 6(3):307– 318, 2006.

[14].Traynor P, Kumar R, Bin Saad H, Cao G, La Porta T (2006) Establishing pair-wise keys in heterogeneous sensor networks. In: INFOCOM 2006. 25th IEEE international conference on computer communications. Proceedings, pp 1–12.

[15]. W. Du, J. Deng, Y. S. Han, and P. K. Varshney, “A pairwise key predistribution scheme for wireless sensor networks,” in Proceedings of the 10th ACM Conference on Computer and Communications Security (CCS), Washington, DC, USA, October 27-31 2003, pp. 42–51.

[16] D. Liu and P. Ning, “Establishing pairwise keys in distributed sensor networks,” in Proceedings of the 10th ACM Conference on Computer and Communications Security (CCS), Washington, DC, USA, October 27-31 2003, pp. 52–61.

[17]. D. Liu, P. Ning, and R. Li. “Establishing Pairwise Keys in Distributed Sensor Networks.” ACM

Transactions on Information and System Security, 8(1):41–77, 2005.

Authors Profile

Prof. G. N. Purohit is a Professor in Department of Mathematics & Statistics at Banasthali University (Rajasthan). Before joining Banasthali University, he was Professor and Head of the Department of Mathematics, University of Rajasthan, Jaipur. He had been

Chief-editor of a research journal and regular reviewer of many journals. His present interest is in O.R., Discrete Mathematics and Communication networks. He has published around 40 research papers in various journals.

Asmita Singh Rawat received the BSc degree from University Of Lucknow and M.C.A degree from U.P Technical University in 2006 and 2009, respectively. She is currently working towards a PhD degree in computer Science at the Banasthali University of

Rajasthan. Her research interests include wireless sensor network security with a focus on the elliptic curve cryptography.


76

Performance Evaluation of MANET Routing Protocols Under Black Hole Attack

M.Umaparvathi1 and Dr. Dharmishtan K Varughese2

1SNS College of Engineering, Coimbaotre, India

[email protected]

2Professor, Karpagam College of Engineering, Coimbatore, India Abstract:- Mobile Ad hoc Networks (MANETs) are open to a wide range of attacks due to their unique characteristics like dynamic topology, shared medium, absence of infrastructure, multi-hop scenario and resource constraints. In such a network, each mobile node operates not only as a host but also as a router, forwarding packets for other nodes that may not be within direct wireless transmission range of each other. Thus, nodes must discover and maintain routes to other nodes. . Data packets sent by a source node may be reached to destination node via a number of intermediate nodes. In the absence of a security mechanism, it is easy for an intermediate node to insert, intercept or modify the messages thus attacking the normal operation of MANET routing. One such attack is Black hole attack. Black hole is a type of routing attack where a malicious node advertise itself as having the shortest path to all nodes in the environment by sending fake route reply. By doing this, the malicious node can attract the traffic from the source nodes. And then all the packets will be dropped. This paper analyzes the performance evaluation of Ad hoc on-demand Distance Vector (AODV) and its multipath variant Ad hoc On-demand Multi-path Distance Vector (AOMDV) routing protocols under black hole attack. Their performances were evaluated through simulations using network simulator (NS-2). The performance of these two protocols were analyzed and compared based on packet delivery ratio (%), throughput (kbps), average end to end delay (ms), and average jitter (ms).

Keywords: MANET, Black hole attack, AODV, AOMDV

1. Introduction Mobile ad hoc networks consist of a collection of wireless mobile nodes which dynamically exchange data among themselves without the reliance on a fixed base station or a wired backbone network. These nodes generally have a limited transmission range and so, each node seeks the assistance of its neighboring nodes in forwarding packets and hence the nodes in an ad-hoc network can act as both routers and hosts, thus a node may forward packets between other nodes as well as run user applications. MANETs have potential use in a wide variety of disparate situations. Such situations include moving battle field communications to disposable sensors which are dropped from high altitudes and dispersed on the ground for hazardous materials detection. Civilian applications include simple scenarios such as people at a conference in a hotel where their laptops comprise a temporary MANET to more complicated scenarios such as highly mobile vehicles on the highway which form an ad hoc network in order to provide vehicular traffic management.

In a mobile ad hoc network, all the nodes co-operate amongst each other to forward the packets in the network and hence, each node is effectively a router. Several routing protocols have been proposed for ad hoc networks. The protocols AODV and AOMDV are the on-demand routing protocols, in which the protocols discover routes as needed. Due to the inherent characteristics of dynamic topology and lack of centralized management, MANET is vulnerable to various kinds of attacks [1]. One such attack is the Black hole attack. In this attack, a malicious node sends a forged Route REPly (RREP) packet to a source node that initiates the route discovery in order to pretend to be a destination node. Use of reply from an intermediate node rather than the destination reduces the route establishment time and also the control traffic in the network. This, however, leads to vulnerabilities such as black holes [2]. Sequence numbers used in RREP messages serve as time stamps and allow nodes to compare how fresh their information on the other node is. When a node sends any type of routing control message, RREQ, RREP etc., it increases its own sequence number. Higher sequence number is assumed to be more accurate information and whichever node sends the highest sequence number, its information is considered most up to date and route is established over this node by the other nodes.

This paper analyses the effect of black hole attack on the reactive routing protocol, AODV and its variant AOMDV via simulation. The paper is organized as follows: Section 2 describes the background of the protocol AODV, section 3 describes the multipath on-demand routing protocol AOMDV, and section 4 discusses the characteristics of black hole attack. Section 5 analyses the effects of black hole attack in the two routing protocols AODV and AOMDV through simulations followed by conclusions in section 6.

2. AODV Routing Protocol Ad-hoc On-Demand Distance Vector (AODV) [3] is a reactive routing protocol in which the network generates routes at the start of communication. AODV uses traditional routing tables. This means that for each destination exist one entry in routing table and uses sequence number, that this number ensure the freshness of routes and guarantee the loop-free routing. It uses control messages such as Route Request (RREQ), and Route Reply (RREP) for establishing a path from the source to the destination. When the source node wants to make a connection with the destination node, it broadcasts an RREQ message. This RREQ message is


77

propagated for the source, and received by neighbors of the source node. Then these nodes broadcast the RREQ message tot heir neighbors.

This process goes on until the packet is received by destination node or an intermediate node that has a fresh enough means that the intermediate has a valid route to the destination established earlier than a time period set as a threshold. Use of reply from an intermediate node rather than the destination reduces the route establishment time and also the control traffic in the network. This, however, leads to vulnerabilities such as black holes [2]. Sequence numbers used in RREP messages serve as time stamps and allow nodes to compare how fresh their information on the other node is. When a node sends any type of routing control message, RREQ, RREP etc., it increases its own sequence number. Higher sequence number is assumed to be more accurate information and whichever node sends the highest sequence number, its information is considered most up to date and route is established over this node by the other nodes.

3. Overview of AOMDV The main idea in AOMDV [5] is to compute multiple paths during route discovery. It is designed primarily for highly dynamic ad hoc networks where link failures and route breaks occur frequently. When single path on-demand routing protocol such as AODV is used in such networks, a new route discovery is needed in response to every route break. Each route discovery is associated with high overhead and latency. This inefficiency can be avoided by having multiple redundant paths available. Now, a new route discovery is needed only when all paths to the destination break. To keep track of multiple routes, the routing entries for each destination contain a list of the next-hops along with the corresponding hop counts. All the next hops have the same sequence number. For each destination, a node maintains the advertised hop count, which is defined as the maximum hop count for all the paths. This is the hop count used for sending route advertisements of the destination. Each duplicate route advertisement received by a node defines an alternate path to the destination. To ensure loop freedom, a node only accepts an alternate path to the destination if it has a lower hop count than the advertised hop count for that destination. AOMDV can be used to find node-disjoint or link-disjoint routes. To find node-disjoint routes, each node does not immediately reject duplicate RREQs. Each RREQ arriving via a different neighbor of the source defines a node-disjoint path. This is because nodes cannot broadcast duplicate RREQs, so any two RREQs arriving at an intermediate node via a different neighbor of the source could not have traversed the same node. In an attempt to get multiple link-disjoint routes, the destination replies to duplicate RREQs regardless of their first hop. To ensure link-disjoint ness in the first hop of the RREP, the destination only replies to RREQs arriving via unique neighbors. After the first hop, the RREPs follow the reverse paths, which are node disjoint and thus link-disjoint. The trajectories of each RREP may intersect at an intermediate node, but each takes a different reverse path to the source to ensure link-disjoint ness.

The performance study of AOMDV relative to AODV under a wide range of mobility and traffic scenarios reveals that AOMDV offers a significant reduction in delay, often more than a factor of two. It also provides reduction in the routing load and the end to end delay.

4. Black Hole Attack In black hole attack, a malicious node injects false route replies to the route requests it receives advertising itself as having the shortest path to a destination [6]. These fake replies can be fabricated to divert network traffic through the malicious node for eavesdropping, or simply to attract all traffic to it in order to perform a denial of service attack by dropping the received packets.

In AODV, the sequence number is used to determine the freshness of routing information contained in the message from the originating node. When generating RREP message, a destination node compares its current sequence number, and the sequence number in the RREQ packet plus one, and then selects the larger one as RREPs sequence number. Upon receiving a number of RREP, the source node selects the one with greatest sequence number in order to construct a route. But, in the presence of black hole [8] when a source node broadcasts the RREQ message for any destination, the black hole node immediately responds with an RREP message that includes the highest sequence number and this message is perceived as if it is coming from the destination or from a node which has a fresh enough route to the destination. The source assumes that the destination is behind the black hole and discards the other RREP packets coming from the other nodes. The source then starts to send out its packets to the black hole trusting that these packets will reach the destination. Thus the black hole will attract all the packets from the source and instead of forwarding those packets to the destination it will simply discard those [9]. Thus the packets attracted by the black hole node will not reach the destination.

5. Simulation Methodology The performances of AOMDV and AODV routing protocols under the presence of black holes were evaluated using NS-2 simulator. The simulations have been carried out under a wide range of mobility and traffic scenarios. The goal is to study how AOMDV outperforms with AODV, particularly in terms of end-to-end delay, jitter, through-put and packet delivery ratio. 5.1. Network Simulator The entire simulations were carried out using NS-2.34 network simulator which is a discrete event driven simulator developed at UC Berkeley [4] as a part of the VINT project. The goal of NS-2 is to support research and education in networking. It is suitable for designing new protocols, comparing different protocols and traffic evaluations. NS2 is developed as a collaborative environment. It is distributed as open source software. The propagation model used in this simulation study is based on the two-ray ground reflection model. The simulation also includes an accurate model of the IEEE802.11 Distributed Coordination Function (DCF) wireless MAC protocol.


78

Here the black hole attack takes place after the attacking node receives RREQ for the estimation node that it is going to impersonate. To succeed in the black hole attack, the attacker must generate its RREP with sequence number greater than the sequence number of the destination [6]. Upon receiving RREQ, the attacker set the sequence number of REP as a very high number, so that the attacker node can always attract all the data packets from the source and then drop the packets [7].

For the performance analysis of the network, a regular well-behaved AODV network [AODV] was used as a reference. Then black holes were introduced into the network. Simulations were carried out for the MANET with one and more black holes. Then using the same set of scenarios, the simulation was carried out with the variant protocol AOMDV. The simulation parameters are tabulated in Table 1.

Table 1: Simulation Parameters

Parameter Value Simulator NS-2 (ver 2.34)

Simulation Time 500 sec Number of mobile nodes 50

Topology 1000 m X 1000 m Transmission range 250 m

Routing Protocol AODV & AOMDV Maximum bandwidth 1Mbps

Traffic Constant Bit Rate Maximum Speed 5 m/s

Source destination pairs 22 The sample screen shot of a scenario of 50 mobile nodes with five black holes is shown in the figure Fig.1.

Figure 1. Sample simulation scenario with 5 black holes

The following figures show the performance comparison of the two routing protocols AODV and AOMDV based on the routing parameters packet delivery ratio, average throughput, average delay and average jitter.

Packet Delivery ratio

0

20

40

60

80

100

0 1 2 3 4 5

Number of block holes

PDR(

%)

AODVAOMDV

Figure 2. Comparison of Packet Delivery ratio

Throughput - AODV & AOMDV

0

2

4

6

8

10

0 1 2 3 4 5

Number of black holes

Thro

uphp

ut

AODVAOMDV

Figure 3. Comparison of Throughput

End-to-end Delay - AODV & AOMDV

0

50

100

150

200

250

300

350

0 1 2 3 4 5


End-

to-e

nd D

elay

AODVAOMDV

Figure 4. Comparison of End-to-end Delay

Jitter - AODV & AOMDV

020406080

100120140160

0 1 2 3 4 5


Jitte

r AODVAOMDV

Figure 5. Comparison of Average Jitter


79

The performance study of AOMDV relative to AODV under a wide range of mobility and traffic scenarios reveals that AOMDV offers better through-put, better packet delivery ratio, reduction in jitter and significant reduction in delay even with the presence of black hole nodes.

6. Conclusion This paper analyses the effect of black hole in an AODV and AOMDV network. For this purpose, a MANET with AODV and AOMDV routing protocol with black holes were implemented in NS-2. Using fifteen different scenarios each with 50 nodes and with five different speeds, the parameters packet delivery ratio, throughput, end-to-end delay and jitter were measured. Having simulated, it is seen that, the packet loss is more with the presence of black hole in AODV than in AOMDV. And also AOMDV produced more throughput, less end-to end-delay and jitter when compared with AODV. In general, AOMDV always offers a superior immune routing performance against black hole attack than AODV in a variety of mobility and traffic conditions. Thus, it is better to consider the defense mechanism against the black hole attack in MANET based on AOMDV than that of AODV.

References [1] Y.C.Hu and A.Perrig, “A survey of secure wireless ad

hoc routing,” IEEE Security &Privacy Magazine, vol.2, no.3, pp. 28-39, May/June 2004.

[2] Y.A. Huang and W.Lee, “Attack analysis and detection for ad hoc routing protocols,” in Proceedings of 7th International Symposium on Recent Advances in Intrusion Detection (RAID’04), pp. 125-145, French Riviera, Sept. 2004.

[3] Perkins CE, Belding-Royer E, Das SR. Ad hoc on-demand distance vector (AODV) routing. http://www.ietf.org/rfc/rfc3561.txt, July 2003. RFC 3561.

.[4] The Network Simulator, NS-2, Available from www. isi.edu/ nsnam/ ns. [5] Mahesh K. Marina and Samir R. Das, "On- Demand

Multipath Distance Vector Routing in Ad Hoc Networks", in proceedings of 9th IEEE International Conference on Network Protocols, 11- 14 November 2001, pp: 14- 23.

[6] Shideh Saraeian, Fazllolah Adibniya, Mohammed GhasemZadeh and SeyedAzim Abtahi, “Performance Evaluation of AODV Protocol under DDoS Attacks in MANET,” in the Proceedings of World Academy of Science, Engineering and Technology, Volume 33, September 2008, ISSN 2070-3740.

[7] Dokurer, S.; Ert, Y.M.; Acar, C.E., “Performance analysis of ad hoc networks under black hole attacks,” In the proceedings of IEEE SoutheastCon 2007, 22-25 March 2007 Page(s):148 – 153 D.O.I 10.1109 / SECON.2007.342872.

[8] Mohammad Al-Shurman and Seong-Moo Yoo, Seungjin Park, “Black hole Attack in Mobile Ad Hoc Networks” Proceedings of the 42nd annual Southeast regional conference ACM-SE 42, APRIL 2004, pp. 96-97.

[9] Deng, H., Li, W., Agrawal, D., “Routing Security in Wireless Ad Hoc Networks” IEEE Communication Magazine (October 2002) pp. 70-75.

Authors Profile

Ms.Umaparvathi completed her B.E.(ECE) from Madras University in the year 1995. She completed her M.Tech (Communication Systems) from NIT, Trichirapalli in the year 2005. Currently she is doing Ph.D in

Anna University of Technology, Coimbatore. Her research interests are wireless networks, Information security and Digital Signal Processing.

Dr. Dharmishtan K Varughese completed his B.Sc.(Engg.) from College of Engineering, Trivandrum in the year 1972. He completed his M.Sc.(Engg.) from College of Engineering, Trivandrum in the year 1981. He completed his Ph.D from

Indian Institute of Science, Bangalore in the year 1988. He was working as Senior Joint Director from the year 2003 to 2007. Currently he is working as a Professor in Karpagam College of Engineering, Coimbatore. His research interests are Microstrip Antennas, Microwave Theory, Information Theory and Optical fiber Communication.


80

A Survey and Comparison of Various Routing Protocols of Wireless Sensor Network (WSN) and a Proposed New TTDD Protocol Based on LEACH

Md. Habibe Azam1, Abdullah-Al-Nahid2, Md. Abdul Alim3, Md. Ziaul Amin4

1Khulna University, School of Science, Engineering and technology

Electronics and Communication Engineering Discipline Bangladesh

[email protected]

2Khulna University, School of Science, Engineering and technology Lecturer, Electronics and Communication Engineering Discipline

Bangladesh [email protected]

3Khulna University, School of Science, Engineering and technology

Assistant Professor, Electronics and Communication Engineering Discipline Bangladesh

[email protected]

4Khulna University, School of Science, Engineering and technology Lecturer, Electronics and Communication Engineering Discipline

Bangladesh [email protected]

Abstract: In wireless sensor network, the lifetime of a sensor node depends on its battery. By energy efficient routing protocol, it can increase the lifetime of the network by minimizing the energy consumption of each sensor node. Some energy efficient protocols have been developed for this purpose. Among those, we have made a survey on TTDD, LEACH, PEGASIS, SPIN and TEEN on the basis of some basis of some important evaluation matrix. Beside this, in this paper we have proposed new Two Tier Data Dissemination (TTDD) based on LEACH. Keywords: WSN, Cluster, Protocol, TTDD, LEACH. 1. Introduction Wireless sensor network (WSN) [1], [6] consists of small tiny devices called sensor nodes distributed autonomously to monitor physical or environmental conditions at different locations. These sensor nodes sense data in the environment surrounding them and transmit the sensed data to the sink or the base station. To transmit sensed data to the base station affects the power usage of sensor node. Typically, wireless sensor network (WSN) contain a large number of sensor nodes and these sensor nodes have the ability to communicate with either among each other or directly to the base station. For this reason energy plays a vital role in WSN and as much as possible less consumption of energy of each node is an important goal that must be considered when designing a routing protocol for WSN. Many routing protocol have been developed for this purpose. In this paper, we have made a survey among some selected protocols and made a comparative list of those protocols which will help to develop the new energy

efficient routing protocol. Moreover, our proposed new TTDD protocol will save the lifetime of the sensing node. The reminder of this paper is organized as follows, in section 2, we briefly discuss the selected protocols, among which we have done the survey and made the comparative list. Section 3 represents the comparative list. we introduce my proposed new TTDD protocol and its advantage in section 4. Finally, concluding remarks are given in section 5. 2. Selected Protocols 2.1 TTDD Two-Tier Data Dissemination (TTDD) approach is used to address the multiple mobile sink problems. TTDD design uses a grid structure so that only sensors located at grid points need to acquire the forwarding information such as query and data [2]. When a node sense an event than the source node proactively forms a grid structure throughout the sensor field and sets up the forwarding information at the sensors closest to grid points. After forming this grid structure, a query from a sink traverses two tiers to reach a source. The lower tier is within the local grid square of the sink's current location and the higher tier is made of all the dissemination nodes at grid points from source to sink. The sink floods its query within a cell. Fig.1 shows the total procedure. It is assumed that in TTDD’s design sensor nodes are both stationary and location-aware. For the static sensor’s locations TTDD can use simple greedy geographical forwarding to construct and maintain the grid structure with low overhead and their locations awareness TTDD can tag the sensing data [3], [4], [5].


81

Figure 1. TTDD protocol. When a sink moves more than a cell size away from its previous location, it performs another local flooding of data query which will reach a new dissemination node. Along its way toward the source this query will stop at a dissemination node that is already receiving data from the source. This dissemination node then forwards data downstream and finally to the sink. In this way, even when sinks move continuously, higher-tier data forwarding changes incrementally and the sinks can receive data without interruption. Thus TTDD can effectively scale to a large number of sources and sinks. 2.2 LEACH Low Energy Adaptive Clustering Hierarchy (LEACH) is the first hierarchical cluster-based routing protocol for wireless sensor network. In LEACH the nodes are partitions into clusters and in each cluster there is a dedicated node with extra privileges called Cluster Head (CH). This CH creates and manipulates a TDMA (Time division multiple access) schedule for the other nodes (cluster member) of that cluster. Those CHs aggregate and compress the sensing data and send to base Station (BS) [7]. Thus it extends the lifetime of major nodes as shown in Fig. 2.

Figure 2. LEACH protocol.

This protocol is divided into rounds [6]; each round consists of two phases. Set-up Phase

(1) Advertisement Phase (2) Cluster Set-up Phase

Steady-state Phase (1) Schedule Creation (2) Data Transmission

Set-up Phase CH selection is done by considering two factors. First, the desired percentage of nodes in the network and second the history of node that has served as CH. This decision is made by each node n based on the random number (between 0 and 1) generated. If the generated random number is less than a threshold value T (n), then the corresponding nodes becomes CH for that round. The threshold value T (n) is calculated from equation 1as

(1)

Where P is the desired percentage of cluster-head, r is the number of round and G is the set of nodes that have not been cluster-heads in the last 1/P rounds. Nodes that have been cluster heads cannot become cluster heads again for P rounds. Thereafter, each node has a 1/p probability of becoming a cluster head in each round. In the following advertisement phase, the CHs inform their neighborhood with an advertisement packet that they become CHs. Non-CH nodes pick the advertisement packet with the strongest received signal strength. In the next cluster setup phase, the member nodes inform the CH that they become a member to that cluster with "join packet" contains their IDs using CSMA. After the cluster-setup sub phase, the CH knows the number of member nodes and their IDs. Based on all messages received within the cluster, the CH creates a TDMA schedule, pick a CSMA code randomly, and broadcast the TDMA table to cluster members. After that steady-state phase begins. Steady-state phase Nodes send their data during their allocated TDMA slot to the CH. This transmission uses a minimal amount of energy (chosen based on the received strength of the CH advertisement). The radio of each non-CH node can be turned off until the nodes allocated TDMA slot, thus minimizing energy dissipation in these nodes. When all the data has been received, the CH aggregate these data and send it to the Base Station (BS). LEACH is able to perform local aggregation data in each cluster to reduce the amount of data that transmitted to the BS.

2.3 PEGASIS Power Efficient Gathering in Sensor Information System (PEGASIS) is an energy efficient protocol and it is guaranteed by two characteristics [8], only one node communicates at a time with the base station, and the rest of the nodes communicate locally only with their neighbours. Each node communicates only with the closest neighbour by adjusting its power signal. By using signal strength, each node measure the distance to neighbourhood nodes in order to locate the closest nodes. After chain formation PEGASIS elects a leader from the chain in terms of residual energy in every round. The leader collects data from the neighbours to transmit to the base station. For this reason, the average energy spent by each node per round is reduced. Unlike LEACH, PEGASIS avoids cluster formation and uses only

Base Station

Cluster-head

Cluster

Cluster member


82

one leader in a chain to transmit to the BS instead of multiple CHs. This approach reduces the overhead and lowers the bandwidth requirements from the BS. Fig. 3 shows that only one leader node forward the data to the BS.

Figure 3. PEGASIS protocol.

2.4 SPIN Sensor Protocol for Information via Negotiation (SPIN) [7] is one of the first data-centric dissemination protocols for wireless network. The target scenario is a network where one, several, or possibly all nodes have data that should be disseminated to the entire network. This negotiation replaces the simple sending of data in a flooding protocol by a three step process. First, a node that has obtained new data either by local measurements or from some other nodes, advertises the name of this data to its neighbours. Second, the receiver of the advertisement can compare it with its local knowledge and if the advertised data is as yet unknown, the receiver can request the actual data. If the advertisement describes already known data (for example, because it has been received via another path or another node has already reported data about the same area), the advertisement is simply ignored. Third, only once a request for data is received, the actual data is transmitted. Fig. 4 represents the working procedure of SPIN protocol.

Figure 4. SPIN protocol. 2.5 TEEN Threshold sensitive Energy Efficient sensor Network protocol (TEEN) [9] is targeted at reactive networks. In this scheme, at every cluster change time, in addition to the attributes, the cluster-head broadcasts to its members. Hard Threshold (HT): This is a threshold value for the sensed attribute. It is the absolute value of the attribute beyond which, the node sensing this value must switch on its transmitter and report to its CH. Soft Threshold (ST): This is a small change in the value of the sensed attribute which triggers the node to switch on its transmitter and transmit.

The nodes sense their environment continuously. The first time a parameter from the attribute set reaches its hard threshold value; the node switches on its transmitter and sends the sensed data. The sensed value is stored in an internal variable in the node, called the sensed value (SV). The nodes will next transmit data in the current cluster period, only when both the following conditions are true.

1. The current value of the sensed attribute is greater than the hard threshold.

2. The current value of the sensed attribute differs from SV by an amount equal to or greater than the soft threshold.

Whenever a node transmits data, SV is set equal to the current value of the sensed attribute. Thus, the hard threshold tries to reduce the number of transmissions by allowing the nodes to transmit only when the sensed attribute is in the range of interest. The soft threshold further reduces the number of transmissions by eliminating all the transmissions which might have otherwise occurred when there is little or no change in the sensed attribute once the hard threshold. 3. Comparison In this section we present the comparison among the above protocol based on their various evaluation matrices [10].

Table 1. Comparison among the protocols

4. Proposed new TTDD Main Features Our proposed routing protocol includes the following features:

• Sensor nodes are homogeneous and energy constrained.

• Sensor nodes are stationary, the BS is mobile and located near from the sensing area.

• Each node periodically senses its nearby environment and would like to send its data to the base station.

• A server is used for building a location database of sensor node.

• At first the total area is divided into grid when a node senses any event and then there form a cluster keeping that node as CH.

• Data fusion or aggregation is used to reduce the number of messages in the network. Assume that

Routing Protocol

Power Usage

Data Aggre-gation

Scala- bility

Query Based

Over hade

TTDD Ltd No Ltd Yes Low

LEACH High Yes Good No High

PEGASIS Max No Good No Low

SPIN Ltd Yes Ltd Yes Low

TEEN High Yes Good No High


83

combining n packets of size k results in one packet of size k instead of size nk.

• Using TDMA, cluster sends their data to the CH.

The routing process can be organized into two phases, grid construction phase and cluster construction phase. Grid Construction Phase The sensing node builds a grid structure throughout the sensor field. The grid size as R×R, where R is a sensor node’s radio range. All sensor nodes in a grid are within their radio range. It sets up the forwarding information at the sensors closest to grid points. The sink floods its query within a cell. When the nearest dissemination node for the requested data receives the query, it forwards the query to its upstream dissemination node toward the source as like as TTDD. This query forwarding process provides the information of the path to the sink, to enable data from the source to traverse the query but in the reverse order. Location of all grid point through which the data is disseminated for the first time are stored in server. Cluster Construction Phase After the grid construction phase, server will receive the location of first time data dissemination grid point. Now the node which first create the grid structure, form cluster containing a cluster head whose role is considerably more energy intensive than the rest of the nodes. For this reason, nodes rotate roles between CH and ordinary sensor throughout the lifetime of the network. At the beginning of each round every node chooses a random number. If this random number is less than calculated thresholds then the node become a CH, else it does not (according to LEACH). Once a node becomes a CH, it cannot become a CH for a certain number of rounds. The threshold value depends upon the percentage of nodes wanted as CH and the number of rounds elapsed. Fig. 5 represents the total protocol.

Figure 5. Proposed new TTDD based on LEACH.

5. Advantage Advantages of the proposed protocol

• Lifetime of sensing node is greater than TTDD. • Node consumes less energy than TTDD by aggregating

the sensing data. • Data quality is batter than TTDD.

6. Conclusion Every protocol has some advantages and disadvantages but if we classify protocol according to their application and design those protocols only for specific purpose, then it will be energy efficient otherwise not.

References [1] J. M. Kahn, R. H. Katz, and K. S. J. Pister, "Next

Century challenges: Mobile networking for smart dust.”

[2] Haiyun Luo, Fan Ye, Jerry Cheng, Songwu Lu, Lixia Zhang, “TTDD: A Two-tier Data Dissemination Model for Large-scale Wireless Sensor Networks”, UCLA computer science depertment, Los Angeles, CA 900095-1596.

[3] S.Bassgni, “Distributed clustering for Ad Hoc Networks”International Symposium on parallel Architechtures, Algorithms and Networks. (I-SPAN’99).

[4] J. Hightower and G. Borriello, “Location Systems for Ubiquitous Computing”. IEEE Computer Magazine, 34(8):57{66, 2001}.

[5] A. Ward, A. Jones, and A. Hopper, “A New Location Technique for the Active Oce”. IEEE Personal Communications, 4(5):42{47, 1997}.

[6] Wendi Beth Heinzelman, “Application-specific protocol architechtures for wireless networks” Massachusetts Institute of Tchnology, June, 2000.

[7] Mark A. Perillo and Wendi B. Heinzelman, “Wireless Sensor Network Protocols”.

[8] Laiali Almzaydeh, Eman Abdelfattah, Manal Al-zoor and Amer Al-Rahayfeh, “Performance evaluation of routing protocols in wireless sensor networks” International Journal of computer Science and Information Techonology , Volume 2, Number 2, April 2010.

[9] Arati Manjeshwar and Dharma P.Agrawal, “TEEN: A routing protocol for enhanced efficiency in wireless networks” Uniersity of Cincinnati, Cincinnati, OH 45221-0030.

[10] P.T.V. Bhuvaneswari and V.Vaidehi, “Enhancement techniques incorporated in LEACH- a survey”, Indian Journal of Science and technology, Vol. 2, No. 5 (May 2009), ISSN: 0974-6846.


84

Mathematical Models on Interaction between Computer Virus and Antivirus Software inside a

Computer System

Bimal Kumar Mishra1 and Gholam Mursalin Ansari2

1Department of Applied Mathematics

Birla Institute of Technology, Mersa, Ranchi, India – 835 215 Email: [email protected]

2 Department of Computer Science University Polytechnic, Birla Institute of Technology, Mesra, Ranchi, India- 835 215

Email: [email protected] Abstract: In this paper an attempt has been made to develop mathematical models on interaction between computer virus and antivirus software inside a computer system. The basic reproductive ratio in the absence and presence of the immune system has been found and the criterion of spreading the computer virus is analyzed in Models 1 and 2. An analysis is also made for the immune response to clear the infection. Effect of new or updated antivirus software on such viruses which are suppressed (quarantine) or not completely recovered by the lower version of installed antivirus software in the system is studied in model 3 and it has been shown that the number of infected files falls exponentially when new or updated antivirus software is run. Reactivation of computer virus when they are in the latent class is mathematically formulated and basic reproductive ratio is obtained in Model 4. A mathematical model has also been developed to understand the recent attack of the malicious object Backdoor.Haxdoor.S and Trojan. Schoeberl.E and its removal by newly available tool FixSchoeb-Haxdoor in Model 5. Keywords: Prey-predator model; Computer virus; antivirus software; quarantine; latency time; self-replication.

1. Introduction A year or two ago, most malware was spread via e-mail attachments, which resulted in mass outbreaks like Bagle, Mydoom and Warezov. Nowadays sending .EXE attachments in e-mail doesn't work so well for the criminals because almost every company and organization is filtering out such risky attachments from their e-mail traffic. The criminals’ new preferred way of spreading malware is by drive-by downloads on the Web. These attacks often still start with an e-mail spam run but the attachment in the e-mail has been replaced by a web link, which takes you to the malicious web site. So instead of getting infected over SMTP, you get infected over HTTP. It is important to be aware of this shift from SMTP to HTTP infections, which can be exploited by the criminals in many ways. It is predicted that the total number of viruses and Trojans will pass the one million mark by the end of 2008 [12]. Transmission of malicious objects in computer network is epidemic in nature. Malicious object is a code that infects computer systems. There are different kinds of malicious

codes such as: Worm, Virus, Trojan etc., which differ according to the way they attack computer systems and the malicious actions they perform. Some of them erase hard disks; some others clog the network, while some others sneak into the computer systems to steal away confidential and valuable information. A virus, worm or Trojan horse can (like HIV) be latent, only to become active after a certain period. This is called a 'logic bomb'. These three classes of computer malware can also have hundreds of variants or several slightly modified versions, with parallel microbial diversity [2, 9]. The study of computer malware may help to control infectious disease emergence. Among the two main approaches: behavioral and content-based to automate the detection of malicious executable, a knowledge-based approach will be more appropriate, because we use the knowledge acquired from the disassembly of executables to extract useful features like common instruction sequences, DLL calls etc. [11]. Conventional antivirus systems are knowledge-based, so if the system doesn't recognize a piece of code as malware, it won't block it. If you let in a virus or a piece of malware, it can run amok. The vast majority of computer viruses have been designed specifically for IBM-based PCs running the DOS and Windows operating systems. The malicious code (machine language program) which has the ability to spread through various sources may spread in any one or all of the following ways: • The spreading medium may be a malicious attachment

to an email • Malware medium may constitute a USB pen drive, a

floppy disk, a CD or any secondary media which is commonly used by almost all computer professionals.

An acute epidemic occurs due to infectious malcode designed to actively spread from host to host over a network. When the user executes an infected program, the virus may take control of the computer and infect additional files. After the virus completed its mischief, it would transfer control to the host program and allow it to function


85

normally. This type of virus is called a “parasitic” computer virus, since it does not kill its host; instead, the host acts. This malicious code when tries to enter into a protected (secured system) system installed with an Intrusion Detection System (IDS), it analyzes the unknown binary code whether it is malicious or not. An IDS, enabled with signature analysis and an ad-on security alarm is deployed to monitor the network and host system activities [5, 6]. IDS’s are supported by a knowledge-based evaluation system to focus on real threatening alerts and assist in post attack forensics. The job done by such knowledge-based systems is to filter out false positives and rank the severity of attacks. The Knowledge base stores all well known exploits and system vulnerability information together with the corresponding security solutions. It tunes the IDS with the known signatures and sends the proper action to the Artificial Immune system (AIS). This AIS attempts to classify network traffic as either self (normal file or uninfected file) or non-self (malicious or infected file) and provide a proactive protection via negative selection [7]. All the above information along with vulnerability knowledge is stored in an information asset database or knowledge base. The intelligent host with proper anti-malicious installed on it then characterizes this vulnerability identifications based on the evaluation process or actions. The immune system dynamically looks for the security reference into the knowledge base. If the referred signature is found to be unknown or a high priority alert an associated action is fired on the target system on the demand of its expert system engine. With great insight into the virus signature, the immune system disinfects the infected files verifying the occurrence of the attack, or otherwise it issues an isolated alert and quarantines the infected data into its blind spots. Therefore, by correlating these alerts, the quarentined data is kept under a latency period. During this period the antivirus update is incorporated and finally, the data kept under latency is recovered to its original normal form. Figure 1 describes a generic conceptual framework of malware transmission through various sources and its interaction with the Intrusion Detection System.

Figure 1. Virus attack cyber defense analysis

Mishra et al [1, 2, 9] has developed various epidemic

models on the transmission of malicious objects in computer network as per the spreading behaviors and nature of the malicious objects. Predicting virus outbreaks is extremely difficult due to human nature of the attacks but more importantly, detecting outbreaks early with a low probability of false alarms seems quiet difficult . By developing models it is possible to characterize essential properties of the attacks [1].

2. Basic Terminologies i. Computer virus is a program that can "infect" other programs by modifying them to include a possibly evolved version of it. With this infection property, a virus can spread to the transitive closure of information flow, corrupting the integrity of information as it spreads. Additionally most computer viruses have a destructive payload that is activated under certain conditions [1]. Self replicating virus may be defined as “A software program capable of reproducing itself and usually capable of causing great harm to files or other programs on the same computer; "a true virus cannot spread to another computer without human assistance. ii. Antivirus (or "anti-virus") software is a class of program that searches your hard drive and floppy disks for any known or potential viruses. This is also known as a "virus scanner." As new viruses are discovered by the antivirus vendor, their binary patterns are added to a signature database that is downloaded periodically to the user's antivirus program via the web. iii. Quarantine: To move an undesired file such as a virus-infected file or spyware to a folder that is not easily accessible by regular file management utilities. The quarantine option is available in antivirus software so that companies can keep a record of which users have been infected, where the file came from and to possibly send the virus to the antivirus vendor for inspection. Spyware blockers quarantine files so that they can be restored.

3. Development of the model As we know an instruction on its own does absolutely nothing, it’s the set of instructions (program) developed by software personnel intensely written to harm the computer system said to be virus which plays an active role to attack the files in the computer node. Some of the viruses have the characteristic of self-replicating and some of them get enter in the latent class and reactivate after certain duration. When a system gets attacked by the virus, antivirus software is run to immune the system. During this process some of the infected files get fully recovered, whereas, some of them are quarentined (or suppressed), may be due to the lower version of the antivirus software installed. Then for this situation a higher version or new antivirus software is run to get a full recovery. We try to develop Mathematical models for these situations [8]. Assumptions: 1. Virus is replicated by the infected files. 2. Viruses die at a specific rate b. Death of a virus

equivalently mean to say the complete recovery of


86

infected files from virus when antivirus software is run in the computer node for a specific session.

3. The uninfected files are constantly being produced or developed by the users at a rate c.

4. Uninfected files die at a constant rate d (natural death). Death of a file equivalently mean to say that the file become irrelevant (garbage) after a certain interval of time.

5. Infected files die at a specific rate def += , where d is natural death rate and e the death rate of the file (files get damaged and unable to be recovered after the run of antivirus software)due to infection from the virus.

6. Death of antivirus software equivalently mean to say the present version of the software is incapable of identifying the attack of new viruses.

3.8 Model 1: Primary phase of an Infection Viruses get entry to the computer node via various means (emails, infected disks etc.) and hijack various files (command files, executable files, kernel.dll, etc.) in the node for its own replication. It then leaves a specific file and the process is repeated. Viruses may be of different nature and as per their mode of propagation; they target different file types of the attacked computer for this purpose. As per the assumptions, the model is described by the system

fYXVddY

XVdXcddX

bVaYddV

−=

−−=

−=

βτ

βτ

τ

(1)

The relationship between the computer virus and uninfected file is analogous to the relationship between predator and prey as given in the classical work of Lotka-Volterra [3, 4]. Let X be the number of uninfected files (prey) and V be the number of computer virus (predators) [8]. Then, {Rate of change of X}= {net rate of growth of X without predation}-{rate of loss due of X to predation, and {Rate of change of V}= {net rate of growth of V due to predation}-{net rate of loss of V without prey} Let, R0 be the basic reproductive ratio for the computer virus; defined to be the expected number of viruses that one virus gives rise to an uninfected file population. A virus

gives rise to infected files at a rate βX for a time b1 , and

each infected file gives rise to a virus(self-replication) at a

rate a for a time f1 . Since d

cX = for an uninfected

population,

dbfcaR β

=0 (2)

The criterion for the spread of the computer virus is 10 >R . We non-dimensionalise the system (1) by defining

τdtVacbfvY

cdyX

cdx ==== ,,, (3)

The non-dimensionalisation for X arises from its steady state in the absence of infection, that for Y is chosen to be the same, and that for V arises from its steady state value We choose one of the time scales τ to non-dimensionalise with d. The system (1) thus becomes

yxvRdtdy

xvRxdtdx

vydtdv

α

αε

−=

−−=

−=

0

01 (4)

Where df

bd

== αε , (5)

For typical parameter values .1<<ε The steady states of the non-dimensionalised system (4) are )0,1,0(0 =S , the uninfected steady state, and

*)*,*,(* yxvS = , where

)11(1*,1*,11*000 R

yR

xR

v −==−=α

(6) For 10 >R , the normal situation,

∞→→ tasyxvtytxtv *)*,*,())(),(),(( . The susceptible population X (uninfected files) is reduced by the attack until each virus is expected to give rise to exactly one new virus, 1*0 =xR . This we assume as the primary phase of an infection.

3.9 Model II: Secondary Phase of Infection (Effect of Immune system)

We assume the response of the immune in the computer system due to antivirus software Z which are run at a constant rate g and h being the death rate of antivirus software (which mean to say that the antivirus software is incapable to identify the attack of new viruses). The antivirus software cleans the infected files at a rate YZγ . There is an analogy here of Z antivirus software as predators and Y infected files as prey. We take linear functional response of Z to Y. Our system thus becomes

hZgddZ

YZfYXVddY

XVdXcddX

bVaYddV

−=

−−=

−−=

−=

τ

γβτ

βτ

τ

(7)

The non-dimensionalisation of the system is done as what

we have done in Model 1, with g

hZz = in addition, we get,


87

)1(

1

0

0

zdtdz

yzyxvRdtdy

xvRxdtdx

vydtdv

−=

−−=

−−=

−=

λ

κα

αε

(8)

Where dhg

dh γ

κλ == , (9)

The steady states of the non-dimensionalised system (8) are )1,0,1,0(0 =S , the uninfected steady state, and

*)*,*,*,(* zyxvS = , where

1*

)11(1*

1*

)11(*

'0

'0

'0

=

−+

=

=

−+

=

zR

y

Rx

Rv

κα

καα

(10)

Let '0R be the basic reproductive ratio in the presence of the

immune system defined by

0'0 RR

καα+

= (11)

Then we observe that if the infection persists then 1'0 =xR

and the infection persists as long as 1'0 >R .

In order for the immune response to clear the infection we need the immune response parameterκ to satisfy

)1( 0 −> Rακ (12)

3.10 Model III: Effect of new antivirus software on such viruses which are suppressed (quarantine)

We assume a case where the viruses are not completely cleaned (quarantine) from the infected files on run of installed antivirus software on the computer node. For the complete recovery of infected files from viruses, updated version of antivirus has to be run. Further we assume that such updated antivirus software is available and is 100% efficient. This antivirus software switches β to zero and thus the equations for the subsequent dynamics of the infected files and free virus from equation (1) is expressed as

fYddY

dXcddX

bVaYddV

−=

−=

−=

τ

τ

τ

(13)

We further assume that the half-life of the virus is much less than that of the virus producing files. Then,

)()(0

0

fbfebeV

V

eYYbtft

ft

−−

=

=−−

−

(14)

From equation (14) we are able to say that the number of infected files falls exponentially. The behavior of V follows from the assumption on half-lives, so that bf << , that is, the amount of free virus falls exponentially after a shoulder phase.

3.11 Model IV: Reactivation of computer virus after they are in latent class

When computer virus attacks the computer node, some of them enter a latent class on their infection. While in this class they do not produce new viruses, but may later be reactivated to do so. Only the files in the productive infected class Y1 produce viruses, and files at latent infected class Y2 leave for Y1 at a per capita rate δ. Thus our system becomes:

22222

21111

1

YYfXVqddY

YYfXVqddY

XVdXcddX

bVaYddV

δβτ

δβτ

βτ

τ

−−=

+−=

−−=

−=

(15)

Infected files at class Y2 produce viruses in class Y1 at a rate

δ for a time2

1f+δ

.Thus adding the contribution of both

the classes, the reproductive ratio R0 is expressed as

12210 )(

fa

fqq

dbcR

++=

δδβ

(16)

3.12 Model V: Recent Attack by malicious object Backdoor.Haxdoor.S and Trojan.Schoeberl.E and its Mathematical approach

On January 9, 2007 Backdoor.Haxdoor.S and Trojan.Schoeberl.E malicious object of type Trojan Horse having infection length of 56,058 bytes affected Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP. Backdoor.Haxdoor.S is a Trojan horse program that opens a back door on the compromised computer and allows a remote attacker to have unauthorized access. It also logs keystrokes, steals passwords, and drops rootkits that run in safe mode. It has been reported that the Trojan has been spammed through email as an email attachment. The tool FixSchoeb-Haxdoor.exe is designed to remove the infections of Backdoor.Haxdoor.S and Trojan.Schoeberl.E. [10]. FixSchoeb-Haxdoor.exe tool meant to remove the deadly Backdoor.Haxdoor.S and Trojan.Schoeberl.E prevent infected files from producing infectious virus. We assume that W are the un- infectious virus which start to be


88

produced from the infected files Y after the tool FixSchoeb-Haxdoor.exe is run. Infectious virus are still present, and die as before, but are no longer produced. Under this assumption the system can be modeled as

bWaYddW

fYddY

dXcddX

bVddV

−=

−=

−=

−=

τ

τ

τ

τ

(17)

We assume that the uninfected file population X remains roughly constant for a given time-scale, that is,

βabfXX == * and that bf << System (17) becomes a

linear system which is integrated to have

))((

,

0

0

0

τττ

ττ

τ

τ bbf

fb

b

efeefb

bfb

bWW

bfwhenbfbefeYY

eVV

−−−

−−

−

−−−−

=

<<−−

=

= (18)

From (18) it is clear that the total amount WV + of free virus falls exponentially after a shoulder phase.

4. Discussion and Conclusion The threshold parameter obtained in (2) for primary phase of infection discusses the criterion for the spread of the computer virus, that is, 10 >R . The susceptible population X (uninfected files) is reduced by the attack until each virus is expected to give rise to exactly one new virus, 1*0 =xR . The basic reproductive ratio in the presence of the immune system is defined by (11) and in order for the immune response to clear the infection we need the immune response parameterκ to satisfy )1( 0 −> Rακ . For the viruses which are quarentined by the installed antivirus software, we assume that updated antivirus software is available and is 100% efficient. When this updated antivirus software is run, from equation (14) we are able to say that the number of infected files falls exponentially. The behavior of V follows from the assumption on half-lives, so that bf << , that is, the amount of free virus falls exponentially after a shoulder phase. Discussion is also made for those viruses which enter a latent class on their infection and in this class they do not produce new viruses, but may later be reactivated to do so. Infected files at class Y2 produce viruses

in class Y1 at a rate δ for a time2

1f+δ

and the

reproductive ratio is also obtained. Nomenclature V: number of viruses in the computer X: number of uninfected target files Y: number of infected files

a: Replicating factor b: Death rate of a virus c: Birth of uninfected files by users d: Natural Death of an uninfected file e: Death rate of infected files f = e + d β: Infectious contact rate, i.e., the rate of infection per susceptible and per infective R0: Threshold parameter Z: Response of antivirus software, which immunes the system g: Rate at which antivirus software is run, which is constant h: Death rate of antivirus software YZγ : Rate at which antivirus software cleans the infected

files κ : Immune response parameter Y1: productive infected class Y2: latent infected class q1: Probability of entering productive infected class q2: Probability of entering latent infected class

References [1] Bimal Kumar Mishra, D.K Saini, SEIRS epidemic

model with delay for transmission of malicious objects in computer network, Applied Mathematics and Computation, 188 (2007) 1476-1482

[2] Bimal Kumar Mishra, Dinesh Saini, Mathematical models on computer viruses, Applied Mathematics and Computation, 187 (2007) 929-936

[3] Lotka, A. J., Elements of Physical Biology, Williams and Wilkins, Baltimore, 1925; Reissued as Elements of Mathematical Biology, Dover, New York, 1956.

[4] Volterra, V., Variazioni e fluttazioni del numero d’individui in specie animali conviventi, Mem. Acad. Sci. Lincei, 1926, 2:31-13

[5] Jones, A.K. and Sielken, R.S., Computer System Intrusion detection: a survey, Technical report, Computer Science Department, University of Virginia, 2000

[6] Yu, J., Reddy, R., Selliah, S., Reddy, S., Bharadwaj, V. and Kankanahalli S., TRINETR: An Architecture for Collaborative Intrusion Detection and Knowledge-Based Alert Evaluation, In Advanced Engineering Informatics Journal, Special Issue on Collaborative Environments for Design and Manufacturing. Editor: Weiming Shen. Volume 19, Issue 2, April 2005. Elsevier Science, 93-101

[7] Jinqiao Yu, Y.V.Ramana Reddy , Sentil Selliah, Srinivas Kankanahalli, Sumitra Reddy and Vijayanand Bhardwaj, A Collaborative Architecture for Intrusion Detection Systems with Intelligent Agents and Knowledge based alert Evaluation, In the Proceedings of IEEE 8th International Conference on Computer Supported Cooperative work in Design, 2004, 2: 271-276

[8] Nicholas F. Britton, Essential Mathematical Biology, Springer-Verlag, London, 2003

[9] Bimal Kumar Mishra , Navnit Jha, Fixed period of temporary immunity after run of anti-malicious objects


89

software on computer nodes, Applied Mathematics and Computation, 190 (2007) 1207-1212

[10] http://www.symantec.com/smb/security_response/writeup.jsp?docid=2007-011109-2557-99

[11] Masud, Mohammad M., Khan, Latifur and Thuraisingham, Bhavani, A Knowledge-based Approach to detect new Malicious Executables. In the proceedings of the Second Secure Knowledge Management Workshop (SKM) 2006, Brooklyn, NY, USA

[12] http://www.f-secure.com/f- secure/pressroom/news/fsnews_20080331_1_eng.html, March 31, 2008

Authors Profile

Bimal Kumar Mishra is a faculty member in the Department of Applied Mathematics, Birla Institute of Technology, Mesra, Ranchi, India – 835215. He received his Master degree in Operational Research from University of Delhi, Delhi and Masters in Mathematics also. He earned his Ph. D. degree from Vinoba Bhave

University, Hazaribag, Jharkhand, India and D.Sc. degree from Berhampur University, Berhampur, Orissa, India. His research area is in the field of population dynamics and flow of blood in human body. He is presently working in the area of Mathematical models and Simulation on Cyber attack and Defense.

Gholam Mursalin Ansari is the faculty member of University Polytechnic, BIT Mesra, Ranchi. He had his MCA degree from BIT, Mesra Ranchi. He is pursuing his PhD degree from BIT, Mesra Ranchi and his research topic is " Cyber attack and defense ".


90

A Low Power High Gain Folded-Cascode CMOS Op-Amp with Slew Rate Enhancement Circuit for 100mW 10-bit 50MS/s High Speed ADC Designed

in 0.18um CMOS Technology

Bhanu pratap singh dohare1, D.S.Ajnar2 and P.K.Jain3

1 Electronics & Instrumentation Engineering Department, S.G.S.I.T.S. 23, Park Road, Indore, M.P. India-452003

[email protected]

2 Electronics & Instrumentation Engineering Department S.G.S.I.T.S. 23, Park Road, Indore, M.P. India-452003

[email protected]

3 Electronics & Instrumentation Engineering Department S.G.S.I.T.S. 23, Park Road, Indore, M.P. India-452003

[email protected]

Abstract: This work describes the design and Simulation of high speed, high gain and low power fully differential op-amp with specifications 110dB DC open loop Gain, Phase margin 72 deg and Unity Gain Bandwidth 822MHz .Input referred noise is about 8nV/Hz@10MHz. Folded-cascode op-amp with positive slew rate 35V/ns & negative slew rate 28V/ns .The settling time is 3.5ns and the op-amp power consumption 2.8mW with supply voltage +1.2/-1.2,This design has been implemented in 0.18um UMC mixed signal CMOS Technology using Cadence. The op-amp is designed for sample-and-hold stage of 100mW 10-bit, 50MS/s high speed ADC. With speed optimization the 0.488% settling time is 3.5ns. This design utilizes Gain-Boosting Technique, which is suitable for low supply voltage applications, has been used to achieve high gain. Common mode feedback (CMFB) is used to stable the designed op-amp against temperature. Three fully differential folded cascode op-amps have been used in this designing, one for main op-amp and others for gain-boosting techniques. The two fully differential folded-cascode. Op-Amp have continuous time with CMFB which is used as Gain-Boosting techniques to increase the open loop gain of the main Gain-Boosting. A slew rate enhancement circuit is introduced for improving the non symmetric slew rate of the output stages.

Keywords: Gain-Boosting, slew rate enhancement, CMFB.

1. Introduction In high performance analog integrated circuits, such as switch-capacitor filters, delta-sigma modulators and pipeline A/D converters, op amps with very high dc gain and high unity-gain frequency are needed to meet both accuracy and fast settling requirements of the systems. In application of pipelined analog-to-digital (A/D) converters, the requirement for high speed and high accuracy operational amplifiers (op-amps) are essential. The speed and accuracy criteria are determined by the settling behavior of the op-amps. Fast settling mainly depends on the unity gain frequency while high settling accuracy is due to high DC

gain. The realization of high speed and high accuracy op-amps has proven to be very challenging task. Optimizing the circuit design for both requirements leads to conflicting demands [1]. A single-stage folded cascode topology is a popular approach in designing high speed op-amps. Besides large unity gain frequency, it offers large output swing. However, it has limitation to provide high DC gain which is required for high settling accuracy. In 1990, Bult and Geelen proposed the folded cascode op-amp with gain boosting technique [3]. This technique help to increase the op-amp DC gain without sacrificing the output swing of a regular cascade structure [3]. The pushing up the doublet can raise stability problem [5], [6]. Based on that, this paper presents a simple but robust optimization design method; a sample fully differential gain-boosted folded-cascode op amp was also designed in 0.18um mix-signal CMOS process with 1.2V power supply. Purpose of this paper is to discuss design consideration when utilizing gain boost cascade op-amp in the sample-and-hold (SHA) stage of 100mW 10-bit 50Ms/s Pipeline A/D converter. This paper is divided into three additional sections. The gain boosting technique is explained in section 4. And the circuit frequency behavior is analyzed in section 5. In section 2, the circuit implementation with 0.18um CMOS Process is presented. The simulation results are given and discussed in section 6. Finally, the conclusions are drawn in section 7. 2. Design of Gain Boosted Folded Cascode Op-Amp In this section, the implementations of the main op-amp and the gain enhancement stages are discussed. A general method of designing a pipeline A/D converter for minimum power consumption was performed at the system level. This results in a set of specifications for each stage in pipelined A/D converter. The selected system architecture has a SHA stage followed by eight 1.5bit residue gain stages and a 2-bit flash stage. The op-amp has to meet the specifications for


91

the SHA as shown in Table 1. Since regular cascode device can not meet these specifications, gain boost cascode topology has been chosen to meet both the high gain and high bandwidth requirements. Fully differential folded-cascode op-amps have been adopted in this design, one for main op amp, and the others for auxiliary op amps. The complete implementation is shown in Figure.2.Because the gain-boosted op amp will be used in a closed-loop configuration, in order to minimize the virtual ground parasitic that reduces feedback factor, a NMOS differential pair is chosen as input stage in the main op-amp. As for the two auxiliary op amps, there is not any difference except their input stages. The auxiliary op amp A2 is shown in Figure.3 and Al is not shown again for its similarity to A2. The ideal effect of the auxiliary op amp is to increase the output impedance of the main op amp by auxiliary times so as to improve the dc gain of the main op amp by the same times. At the same time, the dominant pole of the main op amp is pushed down by auxiliary times, where auxiliary is the dc gain of the auxiliary op amp. As long as the unit-gain bandwidth of the auxiliary op amp is designed to be larger than the -3dB bandwidth of the main op-amp the high-frequency performance of the main op amp will be unchanged, i.e. the gain-boosted op amp has the same high-frequency performance as that of the main op amp. In fact, the gain-boosting technique can potentially raise two significant problems for the time-domain performance of the gain-boosted op amp, i.e. doublet and instability. Table 1: Op-amp specification for SHA stage

Parameters Specifications Stage capacitor(Cf) 1.2Pf

Load capacitor 1.9Pf Feedback factor 0.9

Settling time 3.5ns DC gain 72dB

Gain bandwidth(GBW) 326MHz Phase margin(PM) 70degree

Input transistor current 0.72mA 3. Optimum Technology OTA Architecture Several fundamental issues exist when selecting an optimal architecture for the operational transconductance amplifier. This choice aimed both at large gain and large bandwidth performances. The folded cascode OTA is shown in Figure. 3 [2 - 4]. The name “folded cascode” comes from folding down n-channel cascode active loads of a diff-pair and changing the MOSFETS to p-channels. This OTA, like all OTAs, has good PSRR compared to the operational amplifier. To understand the operation of the folded cascode OTA, this last has a differential stage consisting of PMOS transistors M9 and M10 intend to charge Wilson mirror. MOSFETS M11 and M12 Provide the DC bias voltages to M5- M6-M7-M8 transistors. The open-loop voltage gain is given by:

Where gm9, gm4 and gm6 are respectively the transconductances of transistors M9, M4 and M6. ID is the bias current flowing in MOSFETS M4, M6, and M9. Like, CL is the capacitance at the output node. λN and λP are the

parameters related to channel length modulation respectively for NMOS and PMOS devices. Taking the complementarily between the transistors M4 and M6 into account: The gain expression becomes:

The unity gain frequency of the OTA is given by the expression: Table 2: Design parameters and specifications

Specifications Values f(MHz) 340 ID(μA) 30

Channel length(μm) 0.18 AV(dB) 82 CL(Pf) 0.1

Vdd +1.2/-1.2 Parameters Values

gm9,10/ID(V-1) 8 ID(W/L)9,10(μA) 0.86

g,m4/ID(V-1) 6 ID(W/L)4(μA) 1.65

W9,10(μm) 35 W1,2,3,4(μm) 18

W5,6,7,8,11,12(μm) 6 4. Gain Boosting Technique Figure 1 illustrates a gain boost cascade topology where transistor MI is an input device, M2 a cascode device and M3 a gain boost device. M3 drives the gates of M2 and forces the voltage at nodes X and Y to be equal. As a result, voltage variations at the drain of M2 will affect the voltage at node X to a lesser extent because the gain boost device regulates this voltage [3]. Figure. 1 Gain Boost cascode topology The addition of gain boost device with open loop gain, Afb, provides a small signal output resistance approximately Afb times larger than that of a regular cascode [4]. Through this technique, the output resistance and gain can be increased by the gain of the gain boost device without adding more cascade devices. However, transient response from such an op-amp is degraded by the presence of pole-zero

Figure 1. Gain boosting cascode topology

doublet [5]. This doublet appears as a slow exponential term in the step response of the op-amp, thus degrading the total settling time drastically and will discussed further in the analysis section.


92

Figure 2. Fully differential gain-boosted folded-cascode op

amp with CMFB

Figure 3. Fully differential folded-cascode amplifier A2 with

CMFB 5. Settling Response Analysis To understand the effect of pole zero doublets on slow settling behavior, the transfer function of the gain-boosting technique is derived using small signal model as shown in Figure 4.

Figure 4. Small signal model

Figure 4. Small signal model the capacitors C1 through C3 are the equivalent parasitic capacitance of the MOS transistors at nodes X and Y. Meanwhile CL is the load capacitance at output node. To simplify the analysis, parasitic drain-to-gate capacitor C4 of M2 is broken into its Miller equivalent at node X and at output node. This Miller capacitance is included in the value of parasitic capacitor C2 at node X and value of capacitor CL at output node.

Figure 5. Pole and zero locations

CMFB circuit is indispensable in fully differential operational amplifier. Conventional dynamic SC-CMFB circuit, which is shown in Figure. 2, is adopted in the main op amp, for this CMFB circuit can save static power consumption and the common mode voltage sense circuit does not limit the output swing of the op amp. However, the capacitors in SC-CMFB should be elaborately selected such that these capacitors will not over-load the main op amp or be affected by the charge injection of the switches. Although the SC-CMFB circuit has many advantages described above, it is not appropriate for the two auxiliary op amps. On the one hand, the load capacitances of the two auxiliary op amps are small, as a result, the capacitors in SC-CMFB will smaller than them, and the charge injection of the switches will decrease the accuracy of the circuit. One the other hand, the output of each auxiliary op amp does not need high swing. Therefore, two continuous-time CMFB circuits are used. The CMFB circuit for A2 is shown in Figure. 3. The CMFB circuit of Al is not shown, for it is similar to the one of A2. 6. The Simulation Results With the design process described above, a single stage fully differential gain-boosted folded-cascode op amp was designed and implemented in UMC 0.18um mix-signal process with 1.2V power supply. The step response is simulated by a closed-loop configuration Shown in Fig. 5. Here, both input capacitor C1 and feedback capacitor Cf are l pF, while load capacitor CL is 4pF. The Cp represents parasitic capacitances at the input of the op amp, which is 0.185pF.

Figure 6. Frequency Response (bode plot)

Figure 7. Slew rate performance


93

Figure 8. Relationship between settling time &Cc

Figure 9. Differential output DC swing versus input voltage

(vin+ only) under different power supplies.

Table 3: Simulated Performance

Parameters Simulated results

DC gain 110 dB

Unity gain frequency 821 MHz Phase margin 70 degree Power dissipation 7.8 mW Settling time 3.7 ns Slew rate 35V/ns,28V/ns Differential output swing 2 Vp-p

7. Conclusions A single-stage folded cascode gain-boosted CMOS OTA has been designed and simulated using 0.18um CMOS technology. In this design, a single-transistor was applied as gain-boost device. Care has been taken in selection of the current values in both the cascode device and the gain boost device to ensure good settling time performance while maintaining the gain and bandwidth of the op-amp. The designed op-amp fulfills the stringent specifications of SHA stage of pipelined A/D converter with minimal additional power consumed. References

[1] K. Bult and G Geelen, "A fast-settling CMOS op amps

for SC circuits with 90-dB DC gain", IEEE Joumal o Solid-State Circuits, Vol. 25, No. 6, Dec. 1990, p.1379-1384.

[2] B.Y. Kamath, R. G Meyer and P. R. Gray, "Relationship Between Frequency Response and Settling Time of Operational Amplifiers", IEEE Journal of Solid-State Circuits, Vol. SC-9, No. 6, Dec. 1974, p. 347-352..

[3] Mrinal Das, "Improved Design Criteria of Gain-Boosted CMOS OTA with High-Speed Optimizations", IEEE Trans. on Circuits and Systems II Vol. 49, No. 3, March 2002, p. 204-207.

[4] K. Bult and G Geelen, "The CMOS gain-boosting technique", Analog Integrated Circuits and Signal Processing, Vol. 1, No. 2, Oct. 1991, p. 119-135.

[5] European Industry Association (EICTA) MBRAI-02- 16 v1.0 (2004-01): “Mobile and Portable DVB –T Radio Access Interface Specification”, 2004.

[6] P. Bogner, “A 28mW 10b 80MS/s pipelined ADC in0.13μm CMOS”, Proc. ISCAS’04, vol. 1, pp. 17-20,2004

Authors Profile

Bhanu Pratap Singh Dohare received the B.E. degree in Electronics and Communication Engineering from R.G.P.V. Bhopal in 2008 and M.Tech in Microelectronics and VLSI Design from S.G.S.I.T.S. Indore, India in 2010. Recently he is working with a analog filter design and analysis.

D.S.Ajnar received the B.E. degree in Electronics and Communication Engineering from D.A.V.V. University, India in 1993 and M.E. Degree in Digital Techniques & Instrumentation Engineering from Rajiv Ghandhi Technical University Bhopal, India in 2000. He has been working in teaching and research profession since

1995. He is now working as Reader in Department of Electronics & Instru. Engineering of S.G.S.I.T.S. Indore India. His interested field of research is to Design the analog filter and Current-Conveyor.

P.K.Jain received the B.E. degree in Electronics and Communication Engineering from D.A.V.V. University, India in 1987 and M.E. Degree in Digital Techniques & Instrumentation Engineering from Rajiv Ghandhi Technical University Bhopal, India in 1993. He has been working in teaching and research profession

since 1988. He is now working as Reader in Department of Electronics & Instru. Engineering of S.G.S.I.T.S. Indore India. His interested field of research is analog cicuit design.

vol2 no8

Documents

Transcript of vol2 no8