pCloud: A Distributed System for Practical PIR

pCloud: A Distributed System for Practical PIR

ABSTRACT:

Computational Private Information Retrieval (cPIR) protocols allow a client to retrieve one bit from a database, without the server inferring any information about the queried bit. These protocols are too costly in practice because they invoke complex arithmetic operations for every bit of the database. In this paper we present pCloud, a distributed system that constitutes the first attempt towards practical cPIR. Our approach assumes a disk-based architecture that retrieves one page with a single query. Using a striping technique, we distribute the database to a number of cooperative peers, and leverage their computational resources to process cPIR queries in parallel. We implemented pCloud on the PlanetLab network, and experimented extensively with several system parameters. Our results indicate that pCloud reduces considerably the query response time compared to the traditional client/server model, and has a very low communication overhead. Additionally, it scales well with an increasing number of peers, achieving a linear speed-up.

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS: 

  • System : Pentium Dual Core.
  • Hard Disk : 120 GB.
  • Monitor : 15’’ LED
  • Input Devices : Keyboard, Mouse
  • Ram :

SOFTWARE REQUIREMENTS: 

  • Operating system : Windows 7.
  • Coding Language : NET,C#.NET
  • Tool : Visual Studio 2008
  • Database : SQL SERVER 2005

REFERENCE:

Stavros Papadopoulos, Spiridon Bakiras, and Dimitris Papadias, “pCloud: A Distributed System for Practical PIR”, IEEE 2012.

Distributed Detection in Mobile Access Wireless Sensor Networks under Byzantine Attacks

Distributed Detection in Mobile Access Wireless Sensor Networks under Byzantine Attacks

ABSTRACT:

This paper explores reliable data fusion in mobile access wireless sensor networks under Byzantine attacks. We consider the q-out-of-m rule, which is popular in distributed detection and can achieve a good tradeoff between the miss detection probability and the false alarm rate. However, a major limitation with it is that the optimal scheme parameters can only be obtained through exhaustive search, making it infeasible for large networks. In this paper, first, by exploiting the linear relationship between the scheme parameters and the network size, we propose simple but effective sub-optimal linear approaches. Second, for better flexibility and scalability, we derive a near-optimal closed-form solution based on the central limit theorem. Third, subjecting to a miss detection constraint, we prove that the false alarm rate of q-out-of-m diminishes exponentially as the network size increases, even if the percentage of malicious nodes remains fixed. Finally, we propose an effective malicious node detection scheme for adaptive data fusion under time-varying attacks; the proposed scheme is analyzed using the entropy-based trust model, and shown to be optimal from the information theory point of view. Simulation examples are provided to illustrate the performance of proposed approaches under both static and dynamic attacks.

PROJECT OUTPUT VIDEO: (Click the below link to see the project output video):

EXISTING SYSTEM:

  • WIRELESS sensor networks have received significant attention from the research community due to their impact on both military and civilian applications. Limited by the processing capability and power supply of the sensor nodes, incorporating security into wireless sensor networks has been a challenging task.
  • A serious threat to wireless sensor networks is the Byzantine attack, where the adversary has full control over some of the authenticated nodes and can perform arbitrary behavior to disrupt the system

DISADVANTAGES OF EXISTING SYSTEM:

  • In many cases, due to bandwidth and energy limitations, the sensors quantize their sensing result into a single bit.
  • The MA receives the sensing reports and applies the fusion rule to make the final decision.

PROPOSED SYSTEM:

  • In this paper, we consider reliable data fusion in wireless sensor networks with mobile access points (SENMA) under both static and dynamic Byzantine attacks, in which the malicious nodes report false information with a fixed or time-varying probability, respectively. In SENMA, the mobile access point (MA) traverses the network and collects the sensing information from the individual sensor nodes.
  • The main contributions of the paper can be summarized as follows: First, we propose a simplified, linear q-out-of-m scheme that can be easily applied to large size networks. The basic idea is to find the optimal scheme parameters at relatively small network sizes through exhaustive search, and then obtain the fusion parameters for large network size by exploiting the approximately linear relationship between the scheme parameters and the network size.
  • Second, in an effort to search for an easier and more flexible distributed data fusion solutions that can easily adapt to unpredictable environmental changes and cognitive behavior of malicious nodes, we derive a closed-form solution for the q-out-of-m fusion scheme based on the central limit theorem.
  • Third, we perform theoretical analysis for both the linear approach and the closed-form solution. We show that under a fixed percentage of malicious nodes, the false alarm rate for both approaches diminishes exponentially as the network size increases.

ADVANTAGES OF PROPOSED SYSTEM:

  • The major advantage of the SENMA architecture is that it ensures a line of sight path to the access point within the power range of the sensor nodes, allowing the information to be conveyed without routing. This feature makes it a resilient, scalable and energy efficient architecture for wireless sensor networks.
  • The proposed approach is analyzed using an entropy-based trust model. We show that under the same system settings, the proposed malicious node detection approach is optimal from the information theory point of view

MODULES:

  • Service provider
  • IDS Router
  • Attackers
  • Receiver

MODULES DESCSRIPTION:

  • Service provider

In this module, the service provider transfer the data over the networks. With this transmission, Separate MAC address was generated for the transferring data. MAC address is the unique ID for transferable data’s generated for security purposes and intrusion among attacks. In SENMA (sensor networks with mobile access points), the mobile access point traverses the network and collects the sensing information from the individual sensor nodes. The major advantage of the SENMA architecture is that it ensures a line of sight path to the access point within the power range of the sensor nodes, allowing the information to be conveyed without routing.

  • IDS Router

In this module, the IDS Router (Intrusion detection system) monitors each and every node over the network. The process to find the attacks during transmission process. If it founds malicious node detection, it prevents from the detection of intrusion happened. On distributed detection, helps achieve a good trade-off between the miss detection probability and the false alarm rate rises over network. IDS Router verified the MAC address, Allotted time, Attackers and Log details of the transmission.

  • Attackers

In this module, there are different attack strategies that could be adopted by the malicious sensors. Let attackers be the probability that each malicious node intentionally reports the opposite information to its actual sensing decision. It is assumed that all malicious nodes have the same probability of attack in a particular sensing period. Two categories are:

1) Static Attack: In this strategy, the malicious nodes send opposite data with an arbitrary probability that is fixed.

2) Dynamic Attack: In this strategy, the malicious nodes change after each attacking block, which is composed of one or more sensing periods.

  • Receiver

After removing malicious node detection, receiver ready to receive the data over networks from each node. Then the transmitted data received by the Receiver and collect the data.

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS: 

  • System :         Pentium IV 2.4 GHz.
  • Hard Disk :         40 GB.
  • Floppy Drive : 44 Mb.
  • Monitor : 15 VGA Colour.
  • Mouse :
  • Ram : 512 Mb.

SOFTWARE REQUIREMENTS: 

  • Operating system : Windows XP/7.
  • Coding Language : C#.NET
  • IDE : VISUAL STUDIO 2008
  • Database : SQL SERVER

REFERENCE:

Mai Abdelhakim, Leonard E. Lightfoot, Jian Ren, Senior Member, IEEE , and Tongtong Li, “|Distributed Detection in Mobile Access Wireless Sensor Networks under Byzantine Attacks”, IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 25, NO. 4, APRIL 2014.

Differentiated Virtual Passwords, Secret Little Functions, and Codebooks for Protecting Users From Password Theft

Differentiated Virtual Passwords, Secret Little Functions, and Codebooks for Protecting Users From Password Theft

ABSTRACT:

In this paper, we discuss how to prevent users’ passwords from being stolen by adversaries in online environments and automated teller machines. We propose differentiated virtual password mechanisms in which a user has the freedom to choose a virtual password scheme ranging from weak security to strong security, where a virtual password requires a small amount of human computing to secure users’ passwords. The tradeoff is that the stronger the scheme, the more complex the scheme may be. Among the schemes, we have a default method (i.e., traditional password scheme), system recommended functions, user-specified functions, user-specified programs, and so on. A function/program is used to implement the virtual password concept with a tradeoff of security for complexity requiring a small amount of human computing. We further propose several functions to serve as system recommended functions and provide a security analysis. For user-specified functions, we adopt secret little functions in which security is enhanced by hiding secret functions/algorithms.

PROJECT OUTPUT VIDEO: (Click the below link to see the project output video):

EXISTING SYSTEM:

The secure protocol SSL/TLS for transmitting private data over the web is well-known in academic research, but most current commercial websites still rely on the relatively weak protection mechanism of user authentications via a plaintext password and user ID. Meanwhile, even though a password can be transferred via a secure channel, this authentication approach is still vulnerable to the attacks.

Phishing Attacks: Phishers attempt to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an electronic communication.

Password Stealing Trojan: This is a program that contains or installs malicious code. There are many such Trojan codes that have been found online today, so here we just briefly introduce two types of them. Key loggers capture keystrokes and store them somewhere in the machine, or send them back to the adversary. Once a key logger program is activated, it provides the adversary with any strings of texts that a person might enter online, consequently placing personal data and online account information at risk.

Shoulder Surfing: Shoulder surfing is a well-known method of stealing other’s passwords and other sensitive personal information by looking over victims’ shoulders while they are sitting in front of terminals.

DISADVANTAGES OF EXISTING SYSTEM:

As a consequence of increasing concerns over such risks, protecting users’ passwords on the web has become increasingly critical.

PROPOSED SYSTEM:

In this paper, we present a password protection scheme that involves a small amount of human computing in an Internet-based environment or a ATM machine, which will be resistant to phishing scams, Trojan horses, and shouldersurfing attacks. We propose a virtual password concept involving a small amount of human computing to secure users’ passwords in online environments. We propose differentiated security mechanisms in which a user has the freedom to choose a virtual password scheme ranging from weak security to strong security. The tradeoff is that stronger schemes are more complex. Among the schemes, we have a default method (i.e., traditional password scheme), a system recommended function, a user-specified function, a user-specified program, and so on. A function/program is used to implement the virtual password concept by trading security for complexity by requiring a small amount of human computing.

We further propose several functions to serve as system recommended functions and provide a security analysis. We analyze how the proposed schemes defend against phishing, key logger, shoulder-surfing, and multiple attacks. In user-specified functions, we adopt secret little functions in which security is enhanced by hiding secret functions/algorithms. To the best of our knowledge, our virtual password mechanism is the first one which is able to defend against all three attacks

ADVANTAGES OF PROPOSED SYSTEM:

  • We propose differentiated security mechanisms in which a user has the freedom to choose a virtual password scheme ranging from weak security to strong security.
  • We proposed a virtual password concept involving a small amount of human computing to secure users’ passwords in online environments. We proposed differentiated security mechanisms in which a user has the freedom to choose a virtual password scheme ranging from weak security to strong security.

SYSTEM ARCHITECTURE:

MODULES:

  • Virtual Password
  • Differentiated Security via a VPF
  • User-Specified Functions/Programs
  • VPF With a Helper-Application

MODULES DESCSRIPTION:

Virtual Password

To authenticate a user, a system (S) needs to verify a user (U) using the user’s password (X) and ID (also denoted as U) which the user provides. It is reasonable that a password should be constant so that it can be easily remembered. However, the price of being easily remembered is that the password can be stolen by others and then used to access the victim’s account. At the same time, we cannot put X in a randomly variant form because it would be impossible for a user to remember the password. To confront such a challenge, we propose a scheme using the new concept of virtual password. A virtual password is a dynamic password that is generated differently each time from a virtual password scheme and then submitted to the server for authentication.

Differentiated Security via a VPF

We have introduced the concept of the virtual password; next, we detail how to apply it in an Internet-based environment. We propose a differentiated security mechanism for system registration in which the system allows users to choose a registration scheme ranging from the simplest one (default) to a relatively complex one, where a registration scheme includes a way to choose a virtual password function. The more complex the registration, the more secure the system is, and the more user involvement is required.

User-Specified Functions/Programs

The strongest security approaches let the user define a user specified function or program. Since the chosen function is only known by the server and the user and the key space of functions are infinite with high-order, these approaches are very secure for even simple functions. The reason for using secret encryption algorithms (i.e., user-specified VPFs) is that secrets are very personal to a particular user and should not be known by others except the server.

VPF With a Helper-Application

If a helper-application is available for the user, the user needs to type the random salt into the helper-application; subsequently, the virtual password is generated by the helper application. The user then types the generated virtual password in the login screen. In this way, the extra time required is very small and the precision will be 100% correct as long as the user types the correct random salt displayed on the login screen. This works when the user has a mobile device, such as a cellular phone, PDA, smart phone, or iphone. However, such mobile devices are not able themselves to communicate with the server to which the user wants to login. No matter how complex the VPF is, the helper-application can always generate the correct virtual password for the user. This case is the most sophisticated one, and it is also the most convenient approach for the user.

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS: 

  • System :         Pentium IV 2.4 GHz.
  • Hard Disk :         40 GB.
  • Floppy Drive : 44 Mb.
  • Monitor : 15 VGA Colour.
  • Mouse :
  • Ram : 512 Mb.

SOFTWARE REQUIREMENTS: 

  • Operating system : Windows XP/7.
  • Coding Language : C#.NET
  • IDE : VISUAL STUDIO 2008
  • Database : SQL SERVER

REFERENCE:

Yang Xiao, Senior Member, IEEE, Chung-Chih Li, Ming Lei, and Susan V. Vrbsky, “Differentiated Virtual Passwords, Secret Little Functions, and Codebooks for Protecting Users From Password Theft”, IEEE SYSTEMS JOURNAL, VOL. 8, NO. 2, JUNE 2014.

Tweet Segmentation and Its Application to Named Entity Recognition

Tweet Segmentation and Its Application to Named Entity Recognition

ABSTRACT:

Twitter has attracted millions of users to share and disseminate most up-to-date information, resulting in large volumes of data produced everyday. However, many applications in Information Retrieval (IR) and Natural Language Processing (NLP) suffer severely from the noisy and short nature of tweets. In this paper, we propose a novel framework for tweet segmentation in a batch mode, called HybridSeg. By splitting tweets into meaningful segments, the semantic or context information is well preserved and easily extracted by the downstream applications. HybridSeg finds the optimal segmentation of a tweet by maximizing the sum of the stickiness scores of its candidate segments. The stickiness score considers the probability of a segment being a phrase in English (i.e., global context) and the probability of a segment being a phrase within the batch of tweets (i.e., local context). For the latter, we propose and evaluate two models to derive local context by considering the linguistic features and term-dependency in a batch of tweets, respectively. HybridSeg is also designed to iteratively learn from confident segments as pseudo feedback. Experiments on two tweet data sets show that tweet segmentation quality is significantly improved by learning both global and local contexts compared with using global context alone. Through analysis and comparison, we show that local linguistic features are more reliable for learning local context compared with term-dependency. As an application, we show that high accuracy is achieved in named entity recognition by applying segment-based part-of-speech (POS) tagging.

PROJECT OUTPUT VIDEO: (Click the below link to see the project output video):

EXISTING SYSTEM:

  • Many existing NLP techniques heavily rely on linguistic features, such as POS tags of the surrounding words, word capitalization, trigger words (e.g., Mr., Dr.), and gazetteers. These linguistic features, together with effective supervised learning algorithms (e.g., hidden markov model (HMM) and conditional random field (CRF)), achieve very good performance on formal text corpus. However, these techniques experience severe performance deterioration on tweets because of the noisy and short nature of the latter.
  • In Existing System, to improve POS tagging on tweets, Ritter et al. train a POS tagger by using CRF model with conventional and tweet-specific features. Brown clustering is applied in their work to deal with the ill-formed words.

DISADVANTAGES OF EXISTING SYSTEM:

  • Given the limited length of a tweet (i.e., 140 characters) and no restrictions on its writing styles, tweets often contain grammatical errors, misspellings, and informal abbreviations.
  • The error-prone and short nature of tweets often make the word-level language models for tweets less reliable.

PROPOSED SYSTEM:

  • In this paper, we focus on the task of tweet segmentation. The goal of this task is to split a tweet into a sequence of consecutive n-grams, each of which is called a segment. A segment can be a named entity (e.g., a movie title “finding nemo”), a semantically meaningful information unit (e.g., “officially released”), or any other types of phrases which appear “more than by chance”
  • To achieve high quality tweet segmentation, we propose a generic tweet segmentation framework, named HybridSeg. HybridSeg learns from both global and local contexts, and has the ability of learning from pseudo feedback.
  • Global context. Tweets are posted for information sharing and communication. The named entities and semantic phrases are well preserved in tweets.
  • Local context. Tweets are highly time-sensitive so that many emerging phrases like “She Dancin” cannot be found in external knowledge bases. However, considering a large number of tweets published within a short time period (e.g., a day) containing the phrase, it is not difficult to recognize “She Dancin” as a valid and meaningful segment. We therefore investigate two local contexts, namely local linguistic features and local collocation.

ADVANTAGES OF PROPOSED SYSTEM:

  • Our work is also related to entity linking (EL). EL is to identify the mention of a named entity and link it to an entry in a knowledge base like Wikipedia.
  • Through our framework, we demonstrate that local linguistic features are more reliable than term-dependency in guiding the segmentation process. This finding opens opportunities for tools developed for formal text to be applied to tweets which are believed to be much more noisy than formal text.
  • Helps in preserving Semantic meaning of tweets.

ALGORITHM EXPLANATION:

  • As an application of tweet segmentation, we propose and evaluate two segment-based NER algorithms. Both algorithms are unsupervised in nature and take tweet segments as input.
  • One algorithm exploits co-occurrence of named entities in targeted Twitter streams by applying random walk (RW) with the assumption that named entities are more likely to co-occur together.
  • The other algorithm utilizes Part-of-Speech (POS) tags of the constituent words in segments.

SYSTEM ARCHITECTURE:

MODULES:

  • Admin
  • Search History
  • Request & Response
  • Tweet segmentation Topic Messages
  • User
  • Search Users
  • Messages
  • Followers

MODULES DESCSRIPTION:

Admin

In this module, the Admin has to login by using valid user name and password. After login successful he can do some operations such as search history, view users, request & response, all topic messages and topics.

Search History

This is controlled by admin; the admin can view the search history details. If he clicks on search history button, it will show the list of searched user details with their tags such as user name, searched user, time and date.

Request & Response

In this module, the admin can view the all the friend request and response. Here all the request and response will be stored with their tags such as Id, requested user photo, requested user name, user name request to, status and time & date. If the user accepts the request then status is accepted or else the status is waiting.

Tweet segmentation Topic Messages

In this module, the admin can view the messages such as emerging topic messages and Anomaly emerging topic messages. Tweet segmentation topic messages means we can send a message to particular user

User

In this module, there are n numbers of users are present. User should register before doing some operations. And register user details are stored in user module.  After registration successful he has to login by using authorized user name and password. Login successful he will do some operations like view or search users, send friend request, view messages, send messages, Tweet segmentation  messages and followers.

Search Users

The user can search the users based on users and the server will give response to the user like User name, user image, E mail id, phone number and date of birth. If you want send friend request to particular receiver then click on follow, then request will send to the user.

Messages

User can view the messages, send messages and send anomaly messages to users. User can send messages based on topic to the particular user, after sending a message that topic rank will be increased. Then again another user will also re- tweet the particular topic then that topic rank will increases. The anomaly message means user wants send a message to all users.

Followers

In this module, we can view the followers’ details with their tags such as user name, user image, date of birth, E mail ID, phone number and ranks.

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS: 

  • System :         Pentium IV 2.4 GHz.
  • Hard Disk :         40 GB.
  • Floppy Drive : 44 Mb.
  • Monitor : 15 VGA Colour.
  • Mouse :
  • Ram : 512 Mb.

SOFTWARE REQUIREMENTS: 

  • Operating system : – Windows XP/7.
  • Coding Language : NET, C#.NET
  • Data Base :  MS SQL SERVER 2005

REFERENCE:

Chenliang Li, Aixin Sun, Jianshu Weng, and Qi He, “Tweet Segmentation and Its Application to Named Entity Recognition”, IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING, VOL. 27, NO. 2, FEBRUARY 2015.

Secure and Reliable Routing Protocols for Heterogeneous Multihop Wireless Networks

Secure and Reliable Routing Protocols for Heterogeneous Multihop Wireless Networks

ABSTRACT:

In this paper, we propose E-STAR for establishing stable and reliable routes in heterogeneous multihop wireless networks. E-STAR combines payment and trust systems with a trust-based and energy-aware routing protocol. The payment system rewards the nodes that relay others’ packets and charges those that send packets. The trust system evaluates the nodes’ competence and reliability in relaying packets in terms of multi-dimensional trust values. The trust values are attached to the nodes’ public-key certificates to be used in making routing decisions. We develop two routing protocols to direct traffic through those highly-trusted nodes having sufficient energy to minimize the probability of breaking the route. By this way, E-STAR can stimulate the nodes not only to relay packets, but also to maintain route stability and report correct battery energy capability. This is because any loss of trust will result in loss of future earnings. Moreover, for the efficient implementation of the trust system, the trust values are computed by processing the payment receipts. Analytical results demonstrate that E-STAR can secure the payment and trust calculation without false accusations. Simulation results demonstrate that our routing protocols can improve the packet delivery ratio and route stability.

PROJECT OUTPUT VIDEO: (Click the below link to see the project output video):

EXISTING SYSTEM:

Reputation-based schemes attempt to identify the malicious nodes that drop packets with a rate more than a pre-defined threshold in order to avoid them in routing. When a node A sends a packet to the next node in the route (B) to relay to C, A has to overhear the channel to check whether B forwards the packet. If A does not overhear the packet transmission, it assumes that B has dropped the packet. Each node measures the frequency by which the other nodes drop packets in terms of reputation values. A increases the reputation value of  B when it observes a packet transmission; otherwise, decreases the reputation value of B. Once the reputation value degrades to a threshold, A identifies B as malicious.

DISADVANTAGES OF EXISTING SYSTEM:

  • It Identifies only the Malicious Nodes
  • Most of the existing trust systems in multihop wireless networks compute a single trust value for each node. However, a single measure may not be expressive enough to adequately depict a node’s trustworthiness and competence.

PROPOSED SYSTEM:

In this paper, we propose E-STAR, a secure protocol for Establishing STAble and reliable Routes in HMWNs. E-STAR integrates trust and payment systems with a trust-based and energy aware routing protocol. The payment system uses credits (or micropayment) to charge the nodes that send packets and reward those relaying packets. Since a trusted party may not be involved in the communication sessions, an offline trusted party (TP) is required to manage the nodes’ credit accounts. The nodes compose proofs of relaying packets, called receipts, and submit them to TP. The payment system can stimulate the selfish nodes to relay others’ packets to earn credits. It can also enforce fairness by rewarding the nodes that relay more packets such as those at the network center. However, the payment system is not sufficient to ensure route stability. It can stimulate the rational nodes to not break routes to earn credits, but the routes can be broken due to other reasons.

ADVANTAGES OF PROPOSED SYSTEM:

  • It includes low resources, node failure, and malicious attacks.
  • Our Proposed trust system that maintains multi-dimensional trust values for each node to evaluate the node’s behavior from different perspectives.
  • ESTAR aims to identify the good nodes and select them in routing.

MODULES:

1) Network Model

2) Data transmission

3) Update Credit Account and Trust Values Phase

4) Route Establishment Phase

MODULES DESCRIPTION:

Network Model :

The considered HMWN has mobile nodes and offline trusted party (TP) whose public key is known to all the nodes. The mobile nodes have different hardware and energy capabilities. The network is used for civilian applications, its lifetime is long, and the nodes have long relation with the network. Thus, with every interaction, there is always an expectation of future reaction. Each node has a unique identity and public/private key pair with a limited-time certificate issued by TP. Without a valid certificate, the node cannot communicate nor act as an intermediate node. TP maintains the nodes’ credit accounts and trust values. Each node contacts TP to submit the payment receipts and TP updates the involved nodes’ payment accounts and trust values. This contact can occur via cellular networks or Internet.

 Data transmission:

Let the source node S send messages to the destination node D through a route with the intermediate nodes X, Y, and Z. The route is established by the routing protocols. For the ith data packet, S computes the signature S(i) = {H(H(mi), ts, R, i)}KS+ and sends the packet <R, ts, i, mi, S(i)> to the first node in the route. R, ts, and mi are the concatenation of the identities of the nodes in the route (R = IDS, IDX, IDY, IDZ, IDD), the route establishment time stamp, and the ith message, respectively. H(d) is the hash value resulted from hashing the data d using the hash function H(). {d}KS+ is the signature of d with the private key of S. The purpose of the source node’s signature is to ensure the message’s authenticity and integrity and secure the payment by enabling TP to ensure that S has sent i messages. Each intermediate node verifies S(i) and stores S(i) and H(mi) for composing the receipt. It also removes the previous ones (S(i-1) and H(mi-1)) because S(i) is enough to prove transmitting i messages. Signing H(mi) instead of mi can reduce the receipt size because the smaller-size H(mi) is attached to the receipt instead of mi.

Update Credit Account and Trust Values Phase:

Once TP receives a receipt, it first checks if the receipt has been processed before using its unique identifier (R, ts). Then, it verifies the credibility of the receipt by computing the nodes’ signatures (S(i) and Auth_Code) and hashing them. The receipt is valid if the resultant hash value is identical to the receipt’s cryptographic token. TP verifies the destination node’s hash chain by making sure that hashing hi i times produces h0. TP clears the receipt by rewarding the intermediate nodes and debiting the source and destination nodes. The number of sent messages (i) is signed by the source node and the number of delivered messages can be computed from the number of hashing operations to obtain h0 from hi.

Route Establishment Phase:

In this section, we present two routing protocols called the Shortest Reliable Route (SRR) and the Best Available Route (BAR). SRR establishes the shortest route that can satisfy the source node’s trust, energy, and route-length requirements, but the destination node selects the best route in the BAR protocol. The routing protocols have three processes: i) Route Request Packet (RREQ) delivery; ii) Route selection; and iii) Route Reply Packet (RREP) delivery.

The SRR Routing Protocol

To establish a route to the destination node D, the source node S broadcasts RREQ packet and waits for RREP packet. The source node embeds its requirements in the RREQ packet, and the nodes that can satisfy these requirements broadcast the packet. The destination node establishes the shortest route that can satisfy the source node’s requirements. The rationale of the SRR protocol is that the node that satisfies the source node’s requirements is trusted enough to act as a relay. The protocol is useful to establish a route that avoids the low-trusted nodes.

The BAR Routing Protocol

BAR allows each node to broadcast the RREQ more than once if the route reliability or lifetime of the recently received packet is greater than the last broadcasted packet. The route lifetime is the minimum number of packets the intermediate nodes commit to relay, e.g., if the commitments of  the intermediate nodes are Er(X) = 10, Er(Y) = 8, and Er(Z) = 17, the route lifetime is 8 packets.

SYSTEM ARCHITECTURE:

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS: 

  • System : Pentium IV 2.4 GHz.
  • Hard Disk     : 40 GB.
  • Floppy Drive : 1.44 Mb.
  • Monitor : 15 VGA Colour.
  • Mouse : Logitech.
  • Ram : 512 Mb. 

SOFTWARE REQUIREMENTS: 

  • Operating system : – Windows XP.
  • Coding Language : C#.NET
  • Data Base :  MS SQL SERVER 2005

REFERENCE:

Mohamed M. E. A. Mahmoud, Xiaodong Lin, and Xuemin (Sherman) Shen, Fellow, IEEE, “Secure and Reliable Routing Protocols for Heterogeneous Multihop Wireless Networks”, IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS 2015.

Real-Time Detection of Traffic From Twitter Stream Analysis

Real-Time Detection of Traffic From Twitter Stream Analysis

ABSTRACT:

Social networks have been recently employed as a source of information for event detection, with particular reference to road traffic congestion and car accidents. In this paper, we present a real-time monitoring system for traffic event detection from Twitter stream analysis. The system fetches tweets from Twitter according to several search criteria; processes tweets, by applying text mining techniques; and finally performs the classification of tweets. The aim is to assign the appropriate class label to each tweet, as related to a traffic event or not. The traffic detection system was employed for real-time monitoring of several areas of the Italian road network, allowing for detection of traffic events almost in real time, often before online traffic news web sites. We employed the support vector machine as a classification model, and we achieved an accuracy value of 95.75% by solving a binary classification problem (traffic versus non-traffic tweets). We were also able to discriminate if traffic is caused by an external event or not, by solving a multiclass classification problem and obtaining an accuracy value of 88.89%.

PROJECT OUTPUT VIDEO: (Click the below link to see the project output video):

EXISTING SYSTEM:

  • Recently, social networks and media platforms have been widely used as a source of information for the detection of events, such as traffic congestion, incidents, natural disasters (earthquakes, storms, fires, etc.), or other events.
  • Sakaki et al. use Twitter streams to detect earthquakes and typhoons, by monitoring special trigger-keywords, and by applying an SVM as a binary classifier of positive events (earthquakes and typhoons) and negative events (non-events or other events).
  • Agarwal et al. focus on the detection of fires in a factory from Twitter stream analysis, by using standard NLP techniques and a Naive Bayes (NB) classifier.
  • Li et al. propose a system, called TEDAS, to retrieve incident-related tweets. The system focuses on Crime and Disaster-related Events (CDE) such as shootings, thunderstorms, and car accidents, and aims to classify tweets as CDE events by exploiting a filtering based on keywords, spatial and temporal information, number of followers of the user, number of retweets, hashtags, links, and mentions.

DISADVANTAGES OF EXISTING SYSTEM:

  • Event detection from social networks analysis is a more challenging problem than event detection from traditional media like blogs, emails, etc., where texts are well formatted.
  • SUMs are unstructured and irregular texts, they contain informal or abbreviated words, misspellings or grammatical errors.
  • SUMs contain a huge amount of not useful or meaningless information

PROPOSED SYSTEM:

  • In this paper, we propose an intelligent system, based on text mining and machine learning algorithms, for real-time detection of traffic events from Twitter stream analysis.
  • The system, after a feasibility study, has been designed and developed from the ground as an event-driven infrastructure, built on a Service Oriented Architecture (SOA).
  • The system exploits available technologies based on state-of-the-art techniques for text analysis and pattern classification. These technologies and techniques have been analyzed, tuned, adapted, and integrated in order to build the intelligent system.
  • In particular, we present an experimental study, which has been performed for determining the most effective among different state-of-the-art approaches for text classification. The chosen approach was integrated into the final system and used for the on-the-field real-time detection of traffic events.
  • In this paper, we focus on a particular small-scale event, i.e., road traffic, and we aim to detect and analyze traffic events by processing users’ SUMs belonging to a certain area and written in the Italian language. To this aim, we propose a system able to fetch, elaborate, and classify SUMs as related to a road traffic event or not.
  • To the best of our knowledge, few papers have been proposed for traffic detection using Twitter stream analysis. However, with respect to our work, all of them focus on languages different from Italian, employ different input features and/or feature selection algorithms, and consider only binary classifications.

ADVANTAGES OF PROPOSED SYSTEM:

  • Tweets are up to 140 characters, enhancing the real-time and news-oriented nature of the platform. In fact, the life-time of tweets is usually very short, thus Twitter is the social network platform that is best suited to study SUMs related to real-time events.
  • Each tweet can be directly associated with meta-information that constitutes additional information.
  • Twitter messages are public, i.e., they are directly available with no privacy limitations. For all of these reasons, Twitter is a good source of information for real-time event detection and analysis.
  • Moreover, the proposed system could work together with other traffic sensors (e.g., loop detectors, cameras, infrared cameras) and ITS monitoring systems for the detection of traffic difficulties, providing a low-cost wide coverage of the road network, especially in those areas (e.g., urban and suburban) where traditional traffic sensors are missing.
  • It performs a multi-class classification, which recognizes non-traffic, traffic due to congestion or crash, and traffic due to external events
  • It detects the traffic events in real-time; and iii) it is developed as an event-driven infrastructure, built on an SOA architecture.

SYSTEM ARCHITECTURE:

MODULES:

  • Fetch of SUMs and Pre-Processing
  • Elaboration of SUMs
  • Classification of SUMs
  • Setup Of the System

MODULES DESCSRIPTION:

Fetch of SUMs and Pre-Processing

The first module, “Fetch of SUMs and Pre-processing”, extracts raw tweets from the Twitter stream, based on one or more search criteria (e.g., geographic coordinates, keywords appearing in the text of the tweet). Each fetched raw tweet contains: the user id, the timestamp, the geographic coordinates, a retweet flag, and the text of the tweet. The text may contain additional information, such as hashtags, links, mentions, and special characters. In this paper, we took only Italian language tweets into account. However, the system can be easily adapted to cope with different languages. After the SUMs have been fetched according to the specific search criteria, SUMs are pre-processed. In order to extract only the text of each raw tweet and remove all meta-information associated with it, a Regular Expression filter is applied. More in detail, the meta-information discarded are: user id, timestamp, geographic coordinates, hashtags, links, mentions, and special characters. Finally, a case-folding operation is applied to the texts, in order to convert all characters to lower case. At the end of this elaboration, each fetched SUM appears as a string, i.e., a sequence of characters.

Elaboration of SUMs

The second processing module, “Elaboration of SUMs”, is devoted to transforming the set of pre-processed SUMs, i.e., a set of strings, in a set of numeric vectors to be elaborated by the “Classification of SUMs” module. To this aim, some text mining techniques are applied in sequence to the pre-processed SUMs. In the following, the text mining steps performed in this module are described in detail:  tokenization is typically the first step of the text mining process, and consists in transforming a stream of characters into a stream of processing units called tokens (e.g., syllables, words, or phrases). stop-word filtering consists in eliminating stop-words, i.e., words which provide little or no information to the text analysis. Common stop-words are articles, conjunctions, prepositions, pronouns, etc. Other stop-words are those having no statistical significance, that is, those that typically appear very often in sentences of the considered language (language-specific stop-words), or in the set of texts being analyzed (domain-specific stop-words), and can therefore be considered as noise. stemming is the process of reducing each word (i.e., token) to its stem or root form, by removing its suffix. The purpose of this step is to group words with the same theme having closely related semantics.

Classification of SUMs

The third module, “Classification of SUMs”, assigns to each elaborated SUM a class label related to traffic events. Thus, the output of this module is a collection of N labeled SUMs. To the aim of labeling each SUM, a classification model is employed. The parameters of the classification model have been identified during the supervised learning stage. Actually, as it will be discussed, different classification models have been considered and compared. The classifier that achieved the most accurate results was finally employed for the realtime monitoring with the proposed traffic detection system. The system continuously monitors a specific region and notifies the presence of a traffic event on the basis of a set of rules that can be defined by the system administrator. For example, when the first tweet is recognized as a traffic-related tweet, the system may send a warning signal. Then, the actual notification of the traffic event may be sent after the identification of a certain number of tweets with the same label.

Setup Of the System

As stated previously, a supervised learning stage is required to perform the setup of the system. In particular, we need to identify the set of relevant stems, the weights associated with each of them, and the parameters that describe the classification models. We employ a collection of Ntr labeled SUMs as training set. During the learning stage, each SUM is elaborated by applying the tokenization, stop-word filtering, and stemming steps.  Finally, the tweets were manually labeled with two possible class labels, i.e., as related to road traffic event (traffic), e.g., accidents, jams, queues, or not (non-traffic). More in detail, first we read, interpreted, and correctly assigned a traffic class label to each candidate traffic class tweet.

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS: 

  • System :         Pentium IV 2.4 GHz.
  • Hard Disk :         40 GB.
  • Floppy Drive : 44 Mb.
  • Monitor : 15 VGA Colour.
  • Mouse :
  • Ram : 512 Mb.

SOFTWARE REQUIREMENTS: 

  • Operating system : Windows 7.
  • Coding Language : NET,C#.NET
  • Tool :         Visual Studio 2008
  • Database : SQL SERVER 2005

REFERENCE:

Eleonora D’Andrea, Pietro Ducange, Beatrice Lazzerini, Member, IEEE, and Francesco Marcelloni, Member, IEEE, “Real-Time Detection of Traffic From Twitter Stream Analysis”, IEEE TRANSACTIONS ON INTELLIGENT TRANSPORTATION SYSTEMS, VOL. 16, NO. 4, AUGUST 2015.

Effective Key Management in Dynamic Wireless Sensor Networks

Effective Key Management in Dynamic Wireless Sensor Networks

ABSTRACT:

Recently, wireless sensor networks (WSNs) have been deployed for a wide variety of applications, including military sensing and tracking, patient status monitoring, traffic flow monitoring, where sensory devices often move between different locations. Securing data and communications requires suitable encryption key protocols. In this paper, we propose a certificateless-effective key management (CL-EKM) protocol for secure communication in dynamic WSNs characterized by node mobility. The CL-EKM supports efficient key updates when a node leaves or joins a cluster and ensures forward and backward key secrecy. The protocol also supports efficient key revocation for compromised nodes and minimizes the impact of a node compromise on the security of other communication links. A security analysis of our scheme shows that our protocol is effective in defending against various attacks.We implement CL-EKM in Contiki OS and simulate it using Cooja simulator to assess its time, energy, communication, and memory performance.

PROJECT OUTPUT VIDEO: (Click the below link to see the project output video):

EXISTING SYSTEM:

  • Existing System Techniques use: symmetric key encryption and asymmetric key based approaches have been proposed for dynamic WSNs.
  • Asymmetric key based approaches found the security weaknesses of existing ECC-based schemes that these approaches are vulnerable to message forgery, key compromise and known-key attacks. Also, we analyzed the critical security flaws of that the static private key is exposed to the other when both nodes establish the session key. Moreover, these ECC-based schemes with certificates when directly applied to dynamic WSNs, suffer from the certificate management overhead of all the sensor nodes and so are not a practical application for large scale WSNs. The pairing operationbased ID-PKC schemes are inefficient due to the computational overhead for pairing operations.

DISADVANTAGES OF EXISTING SYSTEM:

  • Sensor devices are vulnerable to malicious attacks such as impersonation, interception, capture or physical destruction, due to their unattended operative environments and lapses of connectivity in wireless communication
  • Security is one of the most important issues in many critical dynamic WSN applications.
  • Symmetric key encryption suffers from high communication overhead and requires large memory space to store shared pairwise keys. It is also not scalable and not resilient against compromises, and unable to support node mobility. Therefore symmetric key encryption is not suitable for dynamic WSNs.
  • Asymmetric key based approaches suffer from the certificate management overhead of the entire sensor nodes and so are not a practical application for large scale WSNs.

PROPOSED SYSTEM:

  • In this paper, we present a certificateless effective key management (CL-EKM) scheme for dynamic WSNs. In certificateless public key cryptography (CL-PKC), the user’s full private key is a combination of a partial private key generated by a key generation center (KGC) and the user’s own secret value. The special organization of the full private/public key pair removes the need for certificates and also resolves the key escrow problem by removing the responsibility for the user’s full private key. We also take the benefit of ECC keys defined on an additive group with a 160-bit length as secure as the RSA keys with 1024-bit length.
  • In order to dynamically provide both node authentication and establish a pairwise key between nodes, we build CL-EKM by utilizing a pairing-free certificateless hybrid signcryption scheme (CL-HSC)

ADVANTAGES OF PROPOSED SYSTEM:

  • To support node mobility, our CL-EKM also supports lightweight processes for cluster key updates executed when a node moves, and key revocation is executed when a node is detected as malicious or leaves the cluster permanently.
  • CL-EKM is scalable in case of additions of new nodes after network deployment. CL-EKM is secure against node compromise, cloning and impersonation, and ensures forward and backward secrecy. The security analysis of our scheme shows its effectiveness.

MODULES:

  • Network Model
  • Pairwise Key Generation
  • Cluster Formation
  • Key Update

MODULES DESCSRIPTION:

Network Model

In the first module, we develop network deployment module. We consider a heterogeneous dynamic wireless sensor network. The network consists of a number of stationary or mobile sensor nodes and a BS that manages the network and collects data from the sensors. Sensor nodes can be of two types: (i) nodes with high processing capabilities, referred to as H-sensors, and (ii) nodes with low processing capabilities, referred to as L-sensors. Nodes may join and leave the network, and thus the network size may dynamically change. The H-sensors act as cluster heads while L-sensors act as cluster members. They are connected to the BS directly or by a multi-hop path through other H-sensors. H-sensors and L-sensors can be stationary or mobile.

After the network deployment, each H-sensor forms a cluster by discovering the neighboring L-sensors through beacon message exchanges. The L-sensors can join a cluster, move to other clusters and also re-join the previous clusters. To maintain the updated list of neighbors and connectivity, the nodes in a cluster periodically exchange very lightweight beacon messages. The H-sensors report any changes in their clusters to the BS, for example, when a L-sensor leaves or joins the cluster. The BS creates a list of legitimate nodes, M, and updates the status of the nodes when an anomaly node or node failure is detected.

Pairwise Key Generation

After the network deployment, a node may broadcast an advertisement message to its neighborhood to trigger the pairwise key setup with its neighbors. The advertisement message contains its identifier and public key. At first, two nodes set up a long-term pairwise master key between them, which is then used to derive the pairwise encryption key. The pairwise encryption key is short-term and can be used as a session key to encrypt sensed data.

Cluster Formation

Once the nodes are deployed, each H-sensor discovers neighboring L-sensors through beacon message exchanges and then proceeds to authenticate them. If the authentication is successful, the H-sensor forms a cluster with the authenticated L-sensors and they share a common cluster key. The H-sensor also establishes a pairwise key with each member of the cluster. To simplify the discussion, we focus on the operations within one cluster and consider the j th cluster.

Key Update

In order to protect against cryptanalysis and mitigate damage from compromised keys, frequent encryption key updates are commonly required. In this section we provide the pairwise key update and cluster key update operations.

1) Pairwise Key Update: To update a pairwise encryption key, two nodes which shared the pairwise key perform a Pairwise Encryption Key Establishment process. On the other hand, the pairwise master key does not require periodical updates, because it is not directly used to encrypt each session message. As long as the nodes are not compromised, the pairwise master keys cannot be exposed. However, if a pairwise master key is modified or needs to be updated according to the policy of the BS, the Pairwise Master Key Establishment process must be executed.

2) Cluster Key Update: Only cluster head H-sensors can update their cluster key. If a L-sensor attempts to change the cluster key, the node is considered a malicious node.

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS: 

  • System :         Pentium IV 2.4 GHz.
  • Hard Disk :         40 GB.
  • Floppy Drive : 44 Mb.
  • Monitor : 15 VGA Colour.
  • Mouse :
  • Ram : 512 Mb.

SOFTWARE REQUIREMENTS: 

  • Operating system : Windows XP/7.
  • Coding Language : C#.NET
  • IDE : VISUAL STUDIO 2010

REFERENCE:

Seung-Hyun Seo, Member, IEEE, Jongho Won, Student Member, IEEE, Salmin Sultana, Member, IEEE, and Elisa Bertino, Fellow, IEEE, “Effective Key Management in Dynamic Wireless Sensor Networks”, IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, VOL. 10, NO. 2, FEBRUARY 2015.

Privacy-Preserving Detection of Sensitive Data Exposure

Privacy-Preserving Detection of Sensitive Data Exposure

ABSTRACT:

Statistics from security firms, research institutions and government organizations show that the number of data-leak instances have grown rapidly in recent years. Among various data-leak cases, human mistakes are one of the main causes of data loss. There exist solutions detecting inadvertent sensitive data leaks caused by human mistakes and to provide alerts for organizations. A common approach is to screen content in storage and transmission for exposed sensitive information. Such an approach usually requires the detection operation to be conducted in secrecy. However, this secrecy requirement is challenging to satisfy in practice, as detection servers may be compromised or outsourced. In this paper, we present a privacy-preserving data-leak detection (DLD) solution to solve the issue where a special set of sensitive data digests is used in detection. The advantage of our method is that it enables the data owner to safely delegate the detection operation to a semihonest provider without revealing the sensitive data to the provider. We describe how Internet service providers can offer their customers DLD as an add-on service with strong privacy guarantees. The evaluation results show that our method can support accurate detection with very small number of false alarms under various data-leak scenarios.

SYSTEM ARCHITECTURE:

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS: 

  • System : Pentium Dual Core.
  • Hard Disk : 120 GB.
  • Monitor : 15’’ LED
  • Input Devices : Keyboard, Mouse
  • Ram : 1 GB

SOFTWARE REQUIREMENTS: 

  • Operating system : Windows 7.
  • Coding Language : NET,C#.NET
  • Tool : Visual Studio 2008
  • Database : SQL SERVER 2005

REFERENCE:

Xiaokui Shu, Danfeng Yao, Member, IEEE, and Elisa Bertino, Fellow, IEEE, “Privacy-Preserving Detection of Sensitive Data Exposure”, IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, VOL. 10, NO. 5, MAY 2015.

Continuous and Transparent User Identity Verification for Secure Internet Services

Continuous and Transparent User Identity Verification for Secure Internet Services

ABSTRACT:

Session management in distributed Internet services is traditionally based on username and password, explicit logouts and mechanisms of user session expiration using classic timeouts. Emerging biometric solutions allow substituting username and password with biometric data during session establishment, but in such an approach still a single verification is deemed sufficient, and the identity of a user is considered immutable during the entire session. Additionally, the length of the session timeout may impact on the usability of the service and consequent client satisfaction. This paper explores promising alternatives offered by applying biometrics in the management of sessions. A secure protocol is defined for perpetual authentication through continuous user verification. The protocol determines adaptive timeouts based on the quality, frequency and type of biometric data transparently acquired from the user. The functional behavior of the protocol is illustrated through Matlab simulations, while model-based quantitative analysis is carried out to assess the ability of the protocol to contrast security attacks exercised by different kinds of attackers. Finally, the current prototype for PCs and Android smartphones is discussed.

PROJECT OUTPUT VIDEO: (Click the below link to see the project output video):

EXISTING SYSTEM:

  • Once the user’s identity has been verified, the system resources are available for a fixed period of time or until explicit logout from the user. This approach assumes that a single verification (at the beginning of the session) is sufficient, and that the identity of the user is constant during the whole session.
  • In existing, a multi-modal biometric verification system is designed and developed to detect the physical presence of the user logged in a computer.
  • The work in another existing paper, proposes a multi-modal biometric continuous authentication solution for local access to high-security systems as ATMs, where the raw data acquired are weighted in the user verification process, based on i) type of the biometric traits and ii) time, since different sensors are able to provide raw data with different timings. Point ii) introduces the need of a temporal integration method which depends on the availability of past observations: based on the assumption that as time passes, the confidence in the acquired (aging) values decreases. The paper applies a degeneracy function that measures the uncertainty of the score computed by the verification function.

DISADVANTAGES OF EXISTING SYSTEM:

  • None of existing approaches supports continuous authentication.
  • Emerging biometric solutions allow substituting username and password with biometric data during session establishment, but in such an approach still a single verification is deemed sufficient, and the identity of a user is considered immutable during the entire session.

PROPOSED SYSTEM:

  • This paper presents a new approach for user verification and session management that is applied in the context aware security by hierarchical multilevel architectures (CASHMA) system for secure biometric authentication on the Internet.
  • CASHMA is able to operate securely with any kind of web service, including services with high security demands as online banking services, and it is intended to be used from different client devices, e.g., smartphones, Desktop PCs or even biometric kiosks placed at the entrance of secure areas. Depending on the preferences and requirements of the owner of the web service, the CASHMA authentication service can complement a traditional authentication service, or can replace it.
  • Our continuous authentication approach is grounded on transparent acquisition of biometric data and on adaptive timeout management on the basis of the trust posed in the user and in the different subsystems used for authentication. The user session is open and secure despite possible idle activity of the user, while potential misuses are detected by continuously confirming the presence of the proper user.

ADVANTAGES OF PROPOSED SYSTEM:

  • Our approach does not require that the reaction to a user verification mismatch is executed by the user device (e.g., the logout procedure), but it is transparently handled by the CASHMA authentication service and the web services, which apply their own reaction procedures.
  • Provides a tradeoff between usability and security.

SYSTEM ARCHITECTURE:

MODULES:

  • System Model
  • Authentication Server
  • CASHMA Certificate
  • Continuous Authentication

MODULES DESCRIPTION:

System Model:

  • In this module, we create the System model to evaluate and implement our proposed system. CASHMA can authenticate to web services, ranging from services with strict security requirements as online banking services to services with reduced security requirements as forums or social networks. Additionally, it can grant access to physical secure areas as a restricted zone in an airport, or a military zone (in such cases the authentication system can be supported by biometric kiosk placed at the entrance of the secure area). We explain the usage of the CASHMA authentication service by discussing the sample application scenario, where a user u wants to log into an online banking service.
  • “User Id” refers to the identity of the user obtained from the Bank for the purpose of logging into the Internet Banking facility provided by the Bank.
  • “Login Password” is a unique and randomly generated password known only to the customer, which can be changed by the user to his/her convenience. This is a means of authenticating the user ID for logging into Internet Banking.
  • “Transaction Password” is a unique and randomly generated password known only to the customer, which can be changed to his/her convenience. This is a means of authentication required to be provided by the customer for putting through the transaction in his/her/their/its accounts with Bank through Internet Banking. While User ID and Password are for valid access into the internet application, giving valid Transaction Password is for authentication of transaction/requests made through internet.

Authentication Server: 

  • In Internet banking as with traditional banking methods, security is a primary concern. Server will take every precaution necessary to be sure your information is transmitted safely and securely. The latest methods in Internet banking system security are used to increase and monitor the integrity and security of the system.
  • The Server maintains the functionality: 
  • Customer Details
  • Activation of Beneficiary
  • Transaction Details
  • Activate Blocked Account 

CASHMA Certificate

  • In this module, we present the information contained in the body of the CASHMA certificate transmitted to the client by the CASHMA authentication server, necessary to understand details of the protocol. Time stamp and sequence number univocally identify each certificate, and protect from replay attacks. ID is the user ID, e.g., a number.
  • Decision represents the outcome of the verification procedure carried out on the server side. It includes the expiration time of the session, dynamically assigned by the CASHMA authentication server. In fact, the global trust level and the session timeout are always computed considering the time instant in which the CASHMA application acquires the biometric data, to avoid potential problems related to unknown delays in communication and computation. 

Continuous Authentication: 

  • A secure protocol is defined for perpetual authentication through continuous user verification. The protocol determines adaptive timeouts based on the quality, frequency and type of biometric data transparently acquired from the user. The use of biometric authentication allows credentials to be acquired transparently, i.e., without explicitly notifying the user or requiring his/her interaction, which is essential to guarantee better service usability.
  • The idea behind the execution of the protocol is that the client continuously and transparently acquires and transmits evidence of the user identity to maintain access to a web service. The main task of the proposed protocol is to create and then maintain the user session adjusting the session timeout on the basis of the confidence that the identity of the user in the system is genuine.

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS: 

  • System :         Pentium IV 2.4 GHz.
  • Hard Disk :         40 GB.
  • Floppy Drive : 44 Mb.
  • Monitor : 15 VGA Colour.
  • Mouse :
  • Ram : 512 Mb.

SOFTWARE REQUIREMENTS: 

  • Operating system : Windows XP/7.
  • Coding Language : NET, C#.NET
  • IDE : VISUAL STUDIO 2010
  • Database : SQL SERVER 2005

REFERENCE:

Andrea Ceccarelli, Leonardo Montecchi, Francesco Brancati, Paolo Lollini, Angelo Marguglio, and Andrea Bondavalli, Member, IEEE, “Continuous and Transparent User Identity Verification for Secure Internet Services”, IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, VOL. 12, NO. 3, MAY/JUNE 2015.

AN EFFICIENT ADAPTIVE DEADLOCK-FREE ROUTING ALGORITHM FOR TORUS NETWORKS

AN EFFICIENT ADAPTIVE DEADLOCK-FREE ROUTING ALGORITHM FOR TORUS NETWORKS

 

ABSTRACT:

A deadlock-free minimal routing algorithm called clue is first proposed for VCT (virtual cut-through)-switched tori. Only two virtual channels are required. One channel is applied in the deadlock-free routing algorithm for the mesh sub network based on a known base routing scheme, such as, negative-first or dimension-order routing. The other channel is similar to an adaptive channel. This combination presents a novel fully adaptive minimal routing scheme because the first channel does not supply routing paths for every source-destination pair. Other two algorithms named flow controlled clue and wormhole clue are proposed. Torus is a topology which has n-dimensional grid structure with k nodes in each dimension.

EXISTING SYSTEMS

A deadlock-free routing algorithm can be generated for arbitrary interconnection networks using the concept of virtual channels. A necessary and sufficient condition for deadlock-free routing is the absence of cycles in a channel dependency graph. Given an arbitrary network and a routing function, the cycles of the channel dependency graph can be removed by splitting physical channels into groups of virtual channels. This method is used to develop deadlock-free routing algorithms for k-ary n-cubes, for cube-connected cycles, and for shuffle-exchange networks. The previous methods which can’t be implemented on mesh networks. And it did not support for creating virtual network channels. The methods are adapted to the previous experiments that could not apply load balancing.

PROPOSED SYSTEMS:

Here we proposed two new approaches called flow controlled clue and wormhole clue. Both are using for getting the network deadlock free. Flow controlled clue is proposed for VCT-switched tori, which is fully adaptive minimal deadlock-free with no virtual channel. Each input port requires at least two buffers, each of which is able to keep a packet. A simple but well-designed flow control function is used in the proposed flow controlled clue routing algorithm to avoid deadlocks. Wormhole clue is proposed for wormhole-switched tori. It is partially adaptive because we add some constraints to the adaptive channels for deadlock avoidance. It is shown that clue and flow controlled clue work better than the bubble flow control scheme under several popular traffic patterns in 3-dimensional (3D) torus. In wormhole-switched tori, the advantage of wormhole clue over Duato’s protocol is also very apparent. In wormhole switching, every packet is divided into several flow control digits or flits. The first flit of a packet (called the header flit) contains the information for routing and the routing algorithm determines the sequence of channels for a packet to traverse from source to destination.

ADVANTAGES OF PROPOSED SYSTEM:

  1. The routing function block is not complex.
  2. A deadlock-free routing algorithm can be generated for arbitrary interconnection networks using the concept of virtual channels.

MODULES:

  1. GENERAL ROUTING ALGORITHM.
  2. ROUTING ALGORITHM FOR 2D TORI.
  3. FLOW CONTROLLED CLUE METHOD.
  4. DEADLOCK-FREEDOM METHOD.

MODULE DESCRIPTION:

GENERAL ROUTING ALGORITHM:

All links in an n _ D torus are classified into mesh sub network links and wraparound links. In clue, two virtual channels (R1 and R2) are enough to provide deadlock-free fully adaptive minimal routing in a VCTswitched n _ D torus.

 Rule 1: A packet can request R1 channels at any time.

 Rule 2: If a packet need not traverse any wraparound link from the current node to the destination, it can request R2 channels of the mesh sub network links. If a packet is routed on R2 channels, it must conform to deadlock-free minimal routing restrictions for meshes such as by negative-first or Dimension-order routing.

 Rule 3: If the next hop of a packet can traverse a wraparound link of dimension d and d is the lowest of the dimensions in which the packet needs to traverse, the packet can request the R2 channel of that wraparound link.

ROUTING ALGORITHM FOR 2D TORI:

The dimension-order routing algorithm is applied on R2 channels of the mesh sub network links. When a packet traverses from the source A to the destination H. The routing algorithm in a 2D torus is stated as follows: Because this algorithm is fully adaptive, packets can be routed along any minimal routing path. We just arbitrarily specifies a routing path and states in this path which channel or channels can be requested.

 A -> B, the packet need traverse two wraparound links from the source A to the destination H, where dimension x is the lowest dimension along which the packet need traverse a wraparound link. From Rule 1 and Rule 3, either R1 or R2 can be selected;

 B -> C, the packet need traverse a wraparound link from B to H, while dimension y is the lowest dimension along which the packet need traverse a wraparound link. From Rule 1 and Rule 3 we know that, either R1 or R2 can be selected.

 C -> E; F -> G; G -> H, the packet need traverse no wraparound link from the current SqlConnection con = new SqlConnection(“Data Source=.;Initial Catalog=emp;Integrated Security=True”);node to the destination H. These hops follow the dimension order algorithm. As stated in Rule 2, R2 channels can be selected in these cases. R1 can also be selected. Therefore, either R1 or R2 can be selected;

E -> F, the packet need traverse no wraparound link from E to H. This hop does not follow the dimension-order algorithm. From Rule 1 and Rule 2,

R2 channel cannot be selected in this hop; only R1 channel can be selected.

 DEADLOCK-FREEDOM METHOD:

A packet is delivered in the mesh sub network when it need not traverse any wraparound link from the current node to the destination. Only at this time it could request R2 channels of the mesh sub network links. A deadlock-free routing algorithm for the mesh sub network is applied on R2 channels with the dimension order routing, the west-first routing, or the negative-first routing scheme. Therefore, the packet would not be blocked forever. The packet could always be delivered along R2 channels until reaching the destination.

FLOW CONTROLLED CLUE:

To propose a new fully adaptive routing algorithm, named flow controlled clue, for n _ D tori. The input buffers of flow controlled clue are organized as dynamically allocated multi queues. Two queues instead are needed to avoid deadlocks. Its performance is even better. Two classes of packets, safe and unsafe packets, are defined in flow controlled clue. Based on a routing algorithm R for the mesh sub network of an n _ D torus, a packet is safe to the downstream node in either one of the following conditions:

 The next hop of the packet is to traverse a wraparound link along dimension d, and d is the lowest of the dimensions along which the packet need traverse wraparound links. The packet does not need to traverse any wraparound link from the current node to the destination. The next hop is to reserve a link in the mesh sub network according to the routing function R.

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS:

  • System : Pentium IV 2.4 GHz.
  • Hard Disk     : 40 GB.
  • Floppy Drive : 1.44 Mb.
  • Monitor : 15 VGA Colour.
  • Mouse : Logitech.
  • Ram : 512 Mb.

SOFTWARE REQUIREMENTS:

  • Operating system : – Windows XP.
  • Coding Language : C#.NET
  • TOOL USED : VISUAL STUDIO 2008.

REFERENCE:

Wei Luo and Dong Xiang, “An Efficient Adaptive Deadlock-Free Routing Algorithm for Torus Networks”, IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 23, NO. 5, MAY 2012.