Distributed Detection in Mobile Access Wireless Sensor Networks under Byzantine Attacks

Distributed Detection in Mobile Access Wireless Sensor Networks under Byzantine Attacks

ABSTRACT:

This paper explores reliable data fusion in mobile access wireless sensor networks under Byzantine attacks. We consider the q-out-of-m rule, which is popular in distributed detection and can achieve a good tradeoff between the miss detection probability and the false alarm rate. However, a major limitation with it is that the optimal scheme parameters can only be obtained through exhaustive search, making it infeasible for large networks. In this paper, first, by exploiting the linear relationship between the scheme parameters and the network size, we propose simple but effective sub-optimal linear approaches. Second, for better flexibility and scalability, we derive a near-optimal closed-form solution based on the central limit theorem. Third, subjecting to a miss detection constraint, we prove that the false alarm rate of q-out-of-m diminishes exponentially as the network size increases, even if the percentage of malicious nodes remains fixed. Finally, we propose an effective malicious node detection scheme for adaptive data fusion under time-varying attacks; the proposed scheme is analyzed using the entropy-based trust model, and shown to be optimal from the information theory point of view. Simulation examples are provided to illustrate the performance of proposed approaches under both static and dynamic attacks.

PROJECT OUTPUT VIDEO: (Click the below link to see the project output video):

EXISTING SYSTEM:

  • WIRELESS sensor networks have received significant attention from the research community due to their impact on both military and civilian applications. Limited by the processing capability and power supply of the sensor nodes, incorporating security into wireless sensor networks has been a challenging task.
  • A serious threat to wireless sensor networks is the Byzantine attack, where the adversary has full control over some of the authenticated nodes and can perform arbitrary behavior to disrupt the system

DISADVANTAGES OF EXISTING SYSTEM:

  • In many cases, due to bandwidth and energy limitations, the sensors quantize their sensing result into a single bit.
  • The MA receives the sensing reports and applies the fusion rule to make the final decision.

PROPOSED SYSTEM:

  • In this paper, we consider reliable data fusion in wireless sensor networks with mobile access points (SENMA) under both static and dynamic Byzantine attacks, in which the malicious nodes report false information with a fixed or time-varying probability, respectively. In SENMA, the mobile access point (MA) traverses the network and collects the sensing information from the individual sensor nodes.
  • The main contributions of the paper can be summarized as follows: First, we propose a simplified, linear q-out-of-m scheme that can be easily applied to large size networks. The basic idea is to find the optimal scheme parameters at relatively small network sizes through exhaustive search, and then obtain the fusion parameters for large network size by exploiting the approximately linear relationship between the scheme parameters and the network size.
  • Second, in an effort to search for an easier and more flexible distributed data fusion solutions that can easily adapt to unpredictable environmental changes and cognitive behavior of malicious nodes, we derive a closed-form solution for the q-out-of-m fusion scheme based on the central limit theorem.
  • Third, we perform theoretical analysis for both the linear approach and the closed-form solution. We show that under a fixed percentage of malicious nodes, the false alarm rate for both approaches diminishes exponentially as the network size increases.

ADVANTAGES OF PROPOSED SYSTEM:

  • The major advantage of the SENMA architecture is that it ensures a line of sight path to the access point within the power range of the sensor nodes, allowing the information to be conveyed without routing. This feature makes it a resilient, scalable and energy efficient architecture for wireless sensor networks.
  • The proposed approach is analyzed using an entropy-based trust model. We show that under the same system settings, the proposed malicious node detection approach is optimal from the information theory point of view

MODULES:

  • Service provider
  • IDS Router
  • Attackers
  • Receiver

MODULES DESCSRIPTION:

  • Service provider

In this module, the service provider transfer the data over the networks. With this transmission, Separate MAC address was generated for the transferring data. MAC address is the unique ID for transferable data’s generated for security purposes and intrusion among attacks. In SENMA (sensor networks with mobile access points), the mobile access point traverses the network and collects the sensing information from the individual sensor nodes. The major advantage of the SENMA architecture is that it ensures a line of sight path to the access point within the power range of the sensor nodes, allowing the information to be conveyed without routing.

  • IDS Router

In this module, the IDS Router (Intrusion detection system) monitors each and every node over the network. The process to find the attacks during transmission process. If it founds malicious node detection, it prevents from the detection of intrusion happened. On distributed detection, helps achieve a good trade-off between the miss detection probability and the false alarm rate rises over network. IDS Router verified the MAC address, Allotted time, Attackers and Log details of the transmission.

  • Attackers

In this module, there are different attack strategies that could be adopted by the malicious sensors. Let attackers be the probability that each malicious node intentionally reports the opposite information to its actual sensing decision. It is assumed that all malicious nodes have the same probability of attack in a particular sensing period. Two categories are:

1) Static Attack: In this strategy, the malicious nodes send opposite data with an arbitrary probability that is fixed.

2) Dynamic Attack: In this strategy, the malicious nodes change after each attacking block, which is composed of one or more sensing periods.

  • Receiver

After removing malicious node detection, receiver ready to receive the data over networks from each node. Then the transmitted data received by the Receiver and collect the data.

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS: 

  • System :         Pentium IV 2.4 GHz.
  • Hard Disk :         40 GB.
  • Floppy Drive : 44 Mb.
  • Monitor : 15 VGA Colour.
  • Mouse :
  • Ram : 512 Mb.

SOFTWARE REQUIREMENTS: 

  • Operating system : Windows XP/7.
  • Coding Language : C#.NET
  • IDE : VISUAL STUDIO 2008
  • Database : SQL SERVER

REFERENCE:

Mai Abdelhakim, Leonard E. Lightfoot, Jian Ren, Senior Member, IEEE , and Tongtong Li, “|Distributed Detection in Mobile Access Wireless Sensor Networks under Byzantine Attacks”, IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 25, NO. 4, APRIL 2014.

Differentiated Virtual Passwords, Secret Little Functions, and Codebooks for Protecting Users From Password Theft

Differentiated Virtual Passwords, Secret Little Functions, and Codebooks for Protecting Users From Password Theft

ABSTRACT:

In this paper, we discuss how to prevent users’ passwords from being stolen by adversaries in online environments and automated teller machines. We propose differentiated virtual password mechanisms in which a user has the freedom to choose a virtual password scheme ranging from weak security to strong security, where a virtual password requires a small amount of human computing to secure users’ passwords. The tradeoff is that the stronger the scheme, the more complex the scheme may be. Among the schemes, we have a default method (i.e., traditional password scheme), system recommended functions, user-specified functions, user-specified programs, and so on. A function/program is used to implement the virtual password concept with a tradeoff of security for complexity requiring a small amount of human computing. We further propose several functions to serve as system recommended functions and provide a security analysis. For user-specified functions, we adopt secret little functions in which security is enhanced by hiding secret functions/algorithms.

PROJECT OUTPUT VIDEO: (Click the below link to see the project output video):

EXISTING SYSTEM:

The secure protocol SSL/TLS for transmitting private data over the web is well-known in academic research, but most current commercial websites still rely on the relatively weak protection mechanism of user authentications via a plaintext password and user ID. Meanwhile, even though a password can be transferred via a secure channel, this authentication approach is still vulnerable to the attacks.

Phishing Attacks: Phishers attempt to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an electronic communication.

Password Stealing Trojan: This is a program that contains or installs malicious code. There are many such Trojan codes that have been found online today, so here we just briefly introduce two types of them. Key loggers capture keystrokes and store them somewhere in the machine, or send them back to the adversary. Once a key logger program is activated, it provides the adversary with any strings of texts that a person might enter online, consequently placing personal data and online account information at risk.

Shoulder Surfing: Shoulder surfing is a well-known method of stealing other’s passwords and other sensitive personal information by looking over victims’ shoulders while they are sitting in front of terminals.

DISADVANTAGES OF EXISTING SYSTEM:

As a consequence of increasing concerns over such risks, protecting users’ passwords on the web has become increasingly critical.

PROPOSED SYSTEM:

In this paper, we present a password protection scheme that involves a small amount of human computing in an Internet-based environment or a ATM machine, which will be resistant to phishing scams, Trojan horses, and shouldersurfing attacks. We propose a virtual password concept involving a small amount of human computing to secure users’ passwords in online environments. We propose differentiated security mechanisms in which a user has the freedom to choose a virtual password scheme ranging from weak security to strong security. The tradeoff is that stronger schemes are more complex. Among the schemes, we have a default method (i.e., traditional password scheme), a system recommended function, a user-specified function, a user-specified program, and so on. A function/program is used to implement the virtual password concept by trading security for complexity by requiring a small amount of human computing.

We further propose several functions to serve as system recommended functions and provide a security analysis. We analyze how the proposed schemes defend against phishing, key logger, shoulder-surfing, and multiple attacks. In user-specified functions, we adopt secret little functions in which security is enhanced by hiding secret functions/algorithms. To the best of our knowledge, our virtual password mechanism is the first one which is able to defend against all three attacks

ADVANTAGES OF PROPOSED SYSTEM:

  • We propose differentiated security mechanisms in which a user has the freedom to choose a virtual password scheme ranging from weak security to strong security.
  • We proposed a virtual password concept involving a small amount of human computing to secure users’ passwords in online environments. We proposed differentiated security mechanisms in which a user has the freedom to choose a virtual password scheme ranging from weak security to strong security.

SYSTEM ARCHITECTURE:

MODULES:

  • Virtual Password
  • Differentiated Security via a VPF
  • User-Specified Functions/Programs
  • VPF With a Helper-Application

MODULES DESCSRIPTION:

Virtual Password

To authenticate a user, a system (S) needs to verify a user (U) using the user’s password (X) and ID (also denoted as U) which the user provides. It is reasonable that a password should be constant so that it can be easily remembered. However, the price of being easily remembered is that the password can be stolen by others and then used to access the victim’s account. At the same time, we cannot put X in a randomly variant form because it would be impossible for a user to remember the password. To confront such a challenge, we propose a scheme using the new concept of virtual password. A virtual password is a dynamic password that is generated differently each time from a virtual password scheme and then submitted to the server for authentication.

Differentiated Security via a VPF

We have introduced the concept of the virtual password; next, we detail how to apply it in an Internet-based environment. We propose a differentiated security mechanism for system registration in which the system allows users to choose a registration scheme ranging from the simplest one (default) to a relatively complex one, where a registration scheme includes a way to choose a virtual password function. The more complex the registration, the more secure the system is, and the more user involvement is required.

User-Specified Functions/Programs

The strongest security approaches let the user define a user specified function or program. Since the chosen function is only known by the server and the user and the key space of functions are infinite with high-order, these approaches are very secure for even simple functions. The reason for using secret encryption algorithms (i.e., user-specified VPFs) is that secrets are very personal to a particular user and should not be known by others except the server.

VPF With a Helper-Application

If a helper-application is available for the user, the user needs to type the random salt into the helper-application; subsequently, the virtual password is generated by the helper application. The user then types the generated virtual password in the login screen. In this way, the extra time required is very small and the precision will be 100% correct as long as the user types the correct random salt displayed on the login screen. This works when the user has a mobile device, such as a cellular phone, PDA, smart phone, or iphone. However, such mobile devices are not able themselves to communicate with the server to which the user wants to login. No matter how complex the VPF is, the helper-application can always generate the correct virtual password for the user. This case is the most sophisticated one, and it is also the most convenient approach for the user.

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS: 

  • System :         Pentium IV 2.4 GHz.
  • Hard Disk :         40 GB.
  • Floppy Drive : 44 Mb.
  • Monitor : 15 VGA Colour.
  • Mouse :
  • Ram : 512 Mb.

SOFTWARE REQUIREMENTS: 

  • Operating system : Windows XP/7.
  • Coding Language : C#.NET
  • IDE : VISUAL STUDIO 2008
  • Database : SQL SERVER

REFERENCE:

Yang Xiao, Senior Member, IEEE, Chung-Chih Li, Ming Lei, and Susan V. Vrbsky, “Differentiated Virtual Passwords, Secret Little Functions, and Codebooks for Protecting Users From Password Theft”, IEEE SYSTEMS JOURNAL, VOL. 8, NO. 2, JUNE 2014.

Balancing Performance, Accuracy, and Precision for Secure Cloud Transactions

Balancing Performance, Accuracy, and Precision for Secure Cloud Transactions

ABSTRACT:

In distributed transactional database systems deployed over cloud servers, entities cooperate to form proofs of authorizations that are justified by collections of certified credentials. These proofs and credentials may be evaluated and collected over extended time periods under the risk of having the underlying authorization policies or the user credentials being in inconsistent states. It therefore becomes possible for policy-based authorization systems to make unsafe decisions that might threaten sensitive resources. In this paper, we highlight the criticality of the problem. We then define the notion of trusted transactions when dealing with proofs of authorization. Accordingly, we propose several increasingly stringent levels of policy consistency constraints, and present different enforcement approaches to guarantee the trustworthiness of transactions executing on cloud servers. We propose a Two-Phase Validation Commit protocol as a solution, which is a modified version of the basic Two-Phase Validation Commit protocols. We finally analyze the different approaches presented using both analytical evaluation of the overheads and simulations to guide the decision makers to which approach to use.

EXISTING SYSTEM:

To provide scalability and elasticity, cloud services oftenmake heavy use of replication to  ensure consistent performance and availability. As a result, many cloud services rely on the notion of eventual consistency when propagating data throughout the system. This consistency model is a variant of weak consistency that allows data to be inconsistent among some replicas during the update process, but ensures that updates will eventually be propagated to all replicas.

DISADVANTAGES OF EXISTING SYSTEM:

  • Consistency problems can arise as transactional database systems are deployed in cloud environments and use policy-based authorization systems to protect sensitive resources.
  • The system may suffer from policy inconsistencies during policy updates.
  • It is possible for external factors to cause user credential inconsistencies over the lifetime of a transaction.

PROPOSED SYSTEM:

  • We formalize the concept of trusted transactions.
  • We define several different levels of policy consistency constraints and corresponding enforcement approaches that guarantee the trustworthiness of transactions executing on cloud servers.
  • We propose a Two-Phase Validation Commit (2PVC) protocol that ensures that a transaction is safe by checking policy, credential, and data consistency during transaction execution.
  • We carry out an experimental evaluation of our proposed approaches.

ADVANTAGES OF PROPOSED SYSTEM:

  • Identifies transactions that are both trusted and conform to the ACID properties of distributed database systems.
  • Guarantee the trustworthiness of transactions executing on cloud servers.
  • A transaction is safe by checking policy, credential, and data consistency during transaction execution.
  • Most suitable in various situations.

SYSTEM ARCHITECTURE:

MODULES:

  1. Server Module.
  2. Cloud User Module.
  3. Transaction Manager.
  4. Certificate Authorities.

MODULES DESCRIPTION:

Server Model

In this Module, We design a cloud infrastructure consisting of a set of servers, where each server is responsible for hosting a subset of all data items belonging to a specific application domain.

Cloud User Module

  • In this Module, Users interact with the system by submitting queries or update requests encapsulated in ACID transactions.
  • Since transactions are executed over time, the state information of the credentials and the policies enforced by different servers are subject to changes at any time instance, therefore it becomes important to introduce precise definitions for the different consistency levels that could be achieved within a transaction’s lifetime. These consistency models strengthen the trusted transaction definition by defining the environment in which policy versions are consistent relative to the rest of the system. Before we do that, we define a transaction’s view in terms of the different proofs of authorization evaluated during the lifetime of a particular transaction.

Transaction Manager

  • A transaction is submitted to a Transaction Manager(TM) that coordinates its execution. Multiple TMs could be invoked as the system workload increases for load balancing, but each transaction is handled by only one TM.
  • A common characteristic of most of our proposed approaches to achieve trusted transactions is the need for policy consistency validation at the end of a transaction. That is, in order for a trusted transaction to commit, its TM has to enforce either view or global consistency among the servers participating in the transaction.

Certificate Authorities

  • We use the set of all credentials, which are issued by the Certificate Authorities (CAs) within the system. We assume that each CA offers an online method that allows any server to check the current status of credentials that it has issued.
  • In this module, we provide a Safe transaction. A safe transaction is a transaction that is both trusted (i.e., satisfies the correctness properties of proofs of authorization) and database correct (i.e., satisfies the data integrity constraints).
  • In this module, also develop Two Phase Validation system. As the name implies, 2PV operates in two phases: collection and validation. During collection, the TM first sends a Prepare-to-Validate message to each participant server. In response to this message, each participant 1) evaluates the proofs for each query of the transaction using the latest policies it has available and 2) sends a reply back to the TM containing the truth value (TRUE/FALSE) of those proofs along with the version number and policy identifier for each policy used

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS: 

  • System :         Pentium IV 2.4 GHz.
  • Hard Disk :         40 GB.
  • Floppy Drive : 44 Mb.
  • Monitor : 15 VGA Colour.
  • Mouse :
  • Ram : 512 Mb.

SOFTWARE REQUIREMENTS: 

  • Operating system : Windows XP/7.
  • Coding Language : JAVA/J2EE
  • IDE : Netbeans 7.4
  • Database : MYSQL

REFERENCE:

Marian K. Iskander, Tucker Trainor, Dave W. Wilkinson, Adam J. Lee, and Panos K. Chrysanthis, “Balancing Performance, Accuracy, and Precision for Secure Cloud Transactions”, VOL. 25, NO. 2, FEBRUARY 2014.

Hiding in the Mobile Crowd: Location Privacy through Collaboration

Hiding in the Mobile Crowd: Location Privacy through Collaboration

ABSTRACT:

Location-aware smartphones support various location-based services (LBSs): users query the LBS server and learn on the fly about their surroundings. However, such queries give away private information, enabling the LBS to track users. We address this problem by proposing a user-collaborative privacy-preserving approach for LBSs. Our solution does not require changing the LBS server architecture and does not assume third party servers; yet, it significantly improves users’ location privacy. The gain stems from the collaboration of mobile devices: they keep their context information in a buffer and pass it to others seeking such information. Thus, a user remains hidden from the server, unless all the collaborative peers in the vicinity lack the sought information. We evaluate our scheme against the Bayesian localization attacks that allow for strong adversaries who can incorporate prior knowledge in their attacks. We develop a novel epidemic model to capture the, possibly time-dependent, dynamics of information propagation among users. Used in the Bayesian inference framework, this model helps analyze the effects of various parameters, such as users’ querying rates and the lifetime of context information, on users’ location privacy. The results show that our scheme hides a high fraction of location-based queries, thus significantly enhancing users’ location privacy. Our simulations with real mobility traces corroborate our model-based findings. Finally, our implementation on mobile platforms indicates that it is lightweight and the cost of collaboration is negligible.

PROJECT OUTPUT VIDEO: (Click the below link to see the project output video):

EXISTING SYSTEM:

Among other increasingly powerful mobile computing devices, offer various methods of localization. Integrated GPS receivers, or positioning services based on nearby communication infrastructure (Wi-Fi access points or base stations of cellular networks), enable users to position themselves fairly accurately, which has led to a wide offering of Location-based Services (LBSs). Such services can be queried by users to provide real-time information related to the current position and surroundings of the device, e.g., contextual data about points of interest such as petrol stations, or more dynamic information such as traffic conditions. The value of LBSs is in their ability to obtain on the fly up-to-date information. Although LBSs are convenient, disclosing location information can be dangerous. Each time an LBS query is submitted, private information is revealed. Users can be linked to their locations, and multiple pieces of such information can be linked together. They can then be profiled, which leads to unsolicited targeted advertisements or price discrimination.

DISADVANTAGES OF EXISTING SYSTEM:

  • Can be inferred from a user’s whereabouts. This could make user the target of blackmail or harassment.
  • A stalker can also exploit the location information.
  • Misuse their rich data by, e.g., selling it to advertisers or to private investigators.

PROPOSED SYSTEM:

We propose a novel location-privacy preserving mechanism for LBSs. To take advantage of the high effectiveness of hiding user queries from the server, which minimizes the exposed information about the users’ location to the server, we propose a mechanism in which a user can hide in the mobile crowd while using the service. The rationale behind our scheme is that users who already have some location-specific information (originally given by the service provider) can pass it to other users who are seeking such information. They can do so in a wireless peer-to-peer manner. Simply put, information about a location can “remain” around the location it relates to and change hands several times before it expires. Our proposed collaborative scheme enables many users to get such location-specific information from each other without contacting the server, hence minimizing the disclosure of their location information to the adversary

ADVANTAGES OF PROPOSED SYSTEM:

  • The System is attached to the information and protected with the digital signature.
  • Malicious users cannot mislead others into receiving fake information, because messages are digitally signed by the LBS.
  • A user’s query becomes hidden from the server due to MobiCrowd protocol.

MODULES

  • Mobile Users
  • Location Based Server (LBS)
  • User Query
  • Check authenticity
  • User privacy

MODULES DESCRIPTION:

MOBILE USERS

Consider N users who move in an area split into M discrete regions/locations. The mobility of each user u is a discrete-time Markov chain on the set of regions: The probability that user u, currently in region ri, will next visit region rj is denoted by pu(rj |ri). Let πu(ri) be the probability that user u is in region ri. Each user possesses a location-aware wireless device, capable of ad hoc device-to-device communication and of connecting to the wireless infrastructure (e.g., cellular and Wi-Fi networks).

 LOCATION BASED SERVER (LBS)

As users move between regions, they leverage the infrastructure to submit local-search queries to LBS. The information that the LBS provides expires periodically, in the sense that it is no longer valid. Note that information expiration is not equivalent to the user accessing the LBS: A user accesses the LBS when her information has expired and she wishes to receive the most up-to-date version of it.

 USER QUERY

A seeker, essentially a user who does not have the sought information in her buffer, first broadcasts her query to her neighbors through the wireless ad hoc interface of the device. This a local query. Each user with valid information about a region is termed informed user for that region. Users interested in getting location-specific information about a region are called information seekers of that region.

CHECK AUTHENTICITY

The information the LBS provides is self-verifiable, i.e., users can verify the integrity and authenticity of the server responses. This can be done in different ways; in our system, the user device verifies a digital signature of the LBS on each reply by using the LBS provider’s public key. As a result, a compromised access point or mobile device cannot degrade the experience of users by altering replies or disseminating expired information.

 USER PRIVACY

In essence, a subset of users in every region has to contact the LBS to get the updated information, and the rest of the users benefit from the peer-to-peer collaboration. Intuitively, the higher the proportion of hidden user queries, the higher her location privacy is.

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS: 

  • System :         Pentium IV 2.4 GHz.
  • Hard Disk :         40 GB.
  • Floppy Drive : 44 Mb.
  • Monitor : 15 VGA Colour.
  • Mouse :
  • Ram : 512 Mb.
  • MOBILE : ANDROID

SOFTWARE REQUIREMENTS: 

  • Operating system : Windows XP/7.
  • Coding Language : JAVA/J2EE
  • IDE : Netbeans 7.4
  • Database : MYSQL

REFERENCE:

Reza Shokri, George Theodorakopoulos, Panos Papadimitratos, Ehsan Kazemi, and Jean-Pierre Hubaux, Fellow, IEEE “Hiding in the Mobile Crowd: Location Privacy through Collaboration” IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, VOL. 11, NO. 3, MAY-JUNE 2014

Approximate Shortest Distance Computing: A Query-Dependent Local Landmark Scheme

Approximate Shortest Distance Computing: A Query-Dependent Local Landmark Scheme

ABSTRACT:

Shortest distance query is a fundamental operation in large-scale networks. Many existing methods in the literature take a landmark embedding approach, which selects a set of graph nodes as landmarks and computes the shortest distances from each landmark to all nodes as an embedding. To answer a shortest distance query, the pre-computed distances from the landmarks to the two query nodes are used to compute an approximate shortest distance based on the triangle inequality. In this paper, we analyze the factors that affect the accuracy of distance estimation in landmark embedding. In particular, we find that a globally selected, query independent landmark set may introduce a large relative error, especially for nearby query nodes. To address this issue, we propose a query-dependent local landmark scheme, which identifies a local landmark close to both query nodes and provides more accurate distance estimation than the traditional global landmark approach. We propose efficient local landmark indexing and retrieval techniques, which achieve low offline indexing complexity and online query complexity. Two optimization techniques on graph compression and graph online search are also proposed, with the goal of further reducing index size and improving query accuracy. Furthermore, the challenge of immense graphs whose index may not fit in the memory leads us to store the embedding in relational database, so that a query of the local landmark scheme can be expressed with relational operators. Effective indexing and query optimization mechanisms are designed in this context. Our experimental results on large-scale social networks and road networks demonstrate that the local landmark scheme reduces the shortest distance estimation error significantly when compared with global landmark embedding and the state-of-the-art sketch-based embedding

EXISTING SYSTEM:

Querying shortest paths or shortest distances between nodes in a large graph has important applications in many domains including road networks, social networks, communication networks, the Internet, and so on. For example, in road networks, the goal is to find shortest routes between locations; in social networks, the goal is to find the closest social relationships such as friendship or collaboration between users; while in the Internet, the goal is to find the nearest server to reduce access latency for clients. Although classical algorithms like breadth-first search (BFS), Dijkstra’s algorithm, can compute the exact shortest  paths in a network, the massive size of modern information networks and the online nature of such queries make it infeasible to apply the classical algorithms online. On the other hand, it is space inefficient to pre compute and stores the shortest paths between all pairs of nodes. Recently, there have been many different methods for estimating the shortest distance between nodes based on graph embeddings. A commonly used embedding technique is landmark embedding, where a set of graph nodes is selected as landmarks and the shortest distances from a landmark to all the other nodes in a graph are pre-computed. Such pre-computed distances can be used online to provide an approximate distance between two graph nodes based on the triangle inequality.

PROPOSED SYSTEM:

In this project, this project revisits the landmark embedding approach. According to the findings in the literature, the problem of selecting the optimal landmark set is NP-hard, by a reduction from the classical NP-hard problems such as vertex cover or minimum K-center. As a result, the existing studies use random selection or graph measure-based heuristics such as degree between’s centrality, closeness centrality, coverage, and so on. Despite various heuristics that try to optimize landmark selection, all the existing methods follow the triangulation based distance estimation, which estimates the shortest distance between a pair of query nodes as the sum of their distances to a landmark. As the landmark selection step is query independent, the landmark set provides a single global view for all possible queries that could be diameter apart or close by. Thus, it is hard to achieve uniformly good performance on all queries. As a consequence, the landmark embedding approach may introduce a large relative error, especially when the landmark set is distant from both nodes in a query but the two nodes themselves are nearby.

ADVANTAGES OF PROPOSED SYSTEM:

We propose a query depended

MODULES:

  1. Local Landmark Embedding Module
  2. Local Search Module
  3. Graph Compression Module
  4. Query Optimization Module

MODULES DESCSRIPTION:

  1. Local Landmark Embedding Module

Given a pair of query nodes, to efficiently estimate an approximate shortest distance between a and b, a commonly adopted approach is landmark embedding. Consider a set of nodes V which are called landmarks. For each li 2 S, we compute the shortest distances to all nodes in V. Then, for every node v 2 V, we can use a k-dimensional vector D to represent its distances to the k landmarks. This is called landmark embedding, which can be used to compute an approximate shortest distance between nodes a and b based on the triangle. This general embedding approach has been widely used in many existing methods in the literature.

 

  1. Local Search Module

In this section, we propose an online local search technique that performs a limited scope local search on the graph and may find a shortcut with a smaller distance than that based on LLS. The shortest path between a query node and a local landmark can also be obtained from the corresponding SPT Tl. If we trace the shortest paths from a to all the LCAs (similarly from b to all the LCAs), we can form two partial shortest path trees rooted at a and b, respectively, for example, Ta and Tb. A leaf node in such trees must be an LCA; while it is also possible an LCA is an intermediate node, if it lies on the shortest path from a query node to another LCA.

  1. Graph Compression Module

In this section, we propose two additional techniques, graph compression and local search (LS) to further optimize the performance of our local landmark scheme. Graph compression aims to reduce the embedding index size by compressing the graph nodes, and local search performs limited scope online search to improve the distance estimation accuracy.

Graph embedding techniques have been widely used to estimate the distance between two nodes in a graph in many applications including road networks social networks and web graphs as well as the Internet. London, and Robinovich (LLR) embedding to estimate the distance between two nodes. Propose a hierarchical reference node embedding approach that organizes reference nodes in multiple levels for a better scalability. Formulate the reference node selection problem to selecting nodes with high between’s centrality. Propose architecture, called IDMaps, which measures and disseminates distance information on the global Internet. Define a notion of slack—a certain fraction of all distances that may be arbitrarily distorted as a performance guarantee based on randomly selected reference nodes.

  1. Query Optimization Module

Here, we briefly discuss the factors that affect the performance of landmark embedding. A globally selected query-independent landmark set. Most existing methods select a single set of global landmarks that are independent of queries. Such a query-independent landmark set provides a single global view for all possible queries that could be diameter apart or close by, thus it cannot achieve uniformly good performance on all queries. The landmark set can only provide very rough distance estimation for a query, especially when it is distant from both query nodes, and the two query nodes are close by. The number of landmarks k. In general, increasing the number of landmarks k will improve the performance of landmark embedding. An extreme case that leads to zero estimation error. This actually corresponds to computing all pair shortest paths as an embedding. As a side effect, increasing k will cause an increase of the query processing time and the index size, as the query complexity and the index space complexity. Thus, increasing k is not an efficient or scalable solution to improve the embedding performance.

 REFERENCE:

Miao Qiao, Hong Cheng, Lijun Chang, and Jeffrey Xu Yu, Senior Member, IEEE, “Approximate Shortest Distance Computing: A Query-Dependent Local Landmark Scheme”, IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING, VOL. 26, NO. 1, JANUARY 2014.

Fast nearest Neighbor Search with Keywords

Fast nearest Neighbor Search with Keywords

ABSTRACT:

Conventional spatial queries, such as range search and nearest neighbor retrieval, involve only conditions on objects’ geometric properties. Today, many modern applications call for novel forms of queries that aim to find objects satisfying both a spatial predicate, and a predicate on their associated texts. For example, instead of considering all the restaurants, a nearest neighbor query would instead ask for the restaurant that is the closest among those whose menus contain “steak, spaghetti, brandy” all at the same time. Currently, the best solution to such queries is based on the IR2 -tree, which, as shown in this paper, has a few deficiencies that seriously impact its efficiency. Motivated by this, we develop a new access method called the spatial inverted index that extends the conventional inverted index to cope with multidimensional data, and comes with algorithms that can answer nearest neighbor queries with keywords in real time. As verified by experiments, the proposed techniques outperform the IR2 -tree in query response time significantly, often by a factor of orders of magnitude.

PROJECT OUTPUT VIDEO: (Click the below link to see the project output video):

EXISTING SYSTEM:

  • Spatial queries with keywords have not been extensively explored. In the past years, the community has sparked enthusiasm in studying keyword search in relational databases.
  • It is until recently that attention was diverted to multidimensional data. The best method to date for nearest neighbor search with keywords is due to Felipe et al.. They nicely integrate two well-known concepts: R-tree, a popular spatial index, and signature file, an effective method for keyword-based document retrieval. By doing so they develop a structure called the IR2 -tree, which has the strengths of both R-trees and signature files.
  • Like R-trees, the IR2 – tree preserves objects’ spatial proximity, which is the key to solving spatial queries efficiently. On the other hand, like signature files, the IR2 -tree is able to filter a considerable portion of the objects that do not contain all the query keywords, thus significantly reducing the number of objects to be examined.

DISADVANTAGES OF EXISTING SYSTEM:

  • Fail to provide real time answers on difficult inputs.
  • The real nearest neighbor lies quite far away from the query point, while all the closer neighbors are missing at least one of the query keywords.

PROPOSED SYSTEM:

  • In this paper, we design a variant of inverted index that is optimized for multidimensional points, and is thus named the spatial inverted index (SI-index). This access method successfully incorporates point coordinates into a conventional inverted index with small extra space, owing to a delicate compact storage scheme.
  • Meanwhile, an SI-index preserves the spatial locality of data points, and comes with an R-tree built on every inverted list at little space overhead. As a result, it offers two competing ways for query processing.
  • We can (sequentially) merge multiple lists very much like merging traditional inverted lists by ids. Alternatively, we can also leverage the R-trees to browse the points of all relevant lists in ascending order of their distances to the query point. As demonstrated by experiments, the SI-index significantly outperforms the IR2 -tree in query efficiency, often by a factor of orders of magnitude.

ADVANTAGES OF PROPOSED SYSTEM:

  • Distance browsing is easy with R-trees. In fact, the best-first algorithm is exactly designed to output data points in ascending order of their distances
  • It is straight forward to extend our compression scheme to any dimensional space

MODULES:

  • System Model
  • Map View
  • Distance Search
  • Neighbor Search

MODULES DESCRIPTION

System Model

  • In this module a User have to register first, then only he/she has to access the data base.
  • In this module, any of the above mentioned person have to login, they should login by giving their email id and password.
  • In this module Admin registers the location along with its famous place. Also he measures the distance of the corresponding place from the corresponding source place by using spatial distance of Google map
  • It means that the user can give the key in which place that the city/location is famous for .This results in the list of menu items displayed.

Map View:

  • The User can see the view of their locality by Google Map (such as map view, satellite view).
  • As our goal is to combine keyword search with the existing location-finding services on facilities such as hospitals, restaurants, hotels, etc., we will focus on dimensionality 2, but our technique can be extended to arbitrary dimensionalities with no technical obstacle.
  • Note that the list of each word maintains a sorted order of point ids, which provides considerable convenience in query processing by allowing an efficient merge step. For example, assume that we want to find the points that have words c and d. This is essentially to compute the intersection of the two words’ inverted lists.

Distance Search:

  • The User can measure the distance and calculate time that takes them to reach the destination by giving speed. Chart will be prepared by using these values. These are done by the use of Google Maps.
  • Traditional nearest neighbor search returns the data point closest to a query point.
  • We consider that the data set does not fit in memory, and needs to be indexed by efficient access methods in order to minimize the number of I/Os in answering a query

Neighbor Search

  • In this module we implement our neighbor Search. The other problem with this search algorithm is that the indexing information has to be replicated in the broadcast cycle to enable twice scanning.
  • The first scan is for deciding the search range, and the second scan is for retrieving k objects based on the search range.
  • Therefore, we propose the Nearest Neighbor query approach to improve the preceding on-air query algorithm.
  • The system attempts to verify the validity of k objects by processing results obtained from several peers.

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS: 

  • System :         Pentium IV 2.4 GHz.
  • Hard Disk :         40 GB.
  • Floppy Drive : 44 Mb.
  • Monitor : 15 VGA Colour.
  • Mouse :
  • Ram : 512 Mb.

SOFTWARE REQUIREMENTS: 

  • Operating system : Windows XP/7.
  • Coding Language : Java 1.7
  • Tool Kit : Android 2.3 ABOVE
  • IDE : Eclipse

REFERENCE:

Yufei Tao and Cheng Sheng “Fast Nearest Neighbor Search with Keywords”  IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING, VOL. 26, NO. 4, APRIL 2014.

The Places of Our Lives: Visiting Patterns and Automatic Labeling from Longitudinal Smartphone Data

The Places of Our Lives: Visiting Patterns and Automatic Labeling from Longitudinal Smartphone Data

ABSTRACT:

The location tracking functionality of modern mobile devices provides unprecedented opportunity to the understanding of individual mobility in daily life. Instead of studying raw geographic coordinates, we are interested in understanding human mobility patterns based on sequences of place visits which encode, at a coarse resolution, most daily activities. This paper presents a study on place characterization in people’s everyday life based on data recorded continuously by smartphones. First, we study human mobility from sequences of place visits, including visiting patterns on different place categories. Second, we address the problem of automatic place labeling from smartphone data without using any geo-location information. Our study on a large-scale data collected from 114 smartphone users over 18 months confirm many intuitions, and also reveals findings regarding both regularly and novelty trends in visiting patterns. Considering the problem of place labeling with 10 place categories, we show that frequently visited places can be recognized reliably (over 80 percent) while it is much more challenging to recognize infrequent places.

PROJECT OUTPUT VIDEO: (Click the below link to see the project output video):

EXISTING SYSTEM:

Previous works on human mobility understanding differ from our work on the variables under study. Besides seminal works on individual mobility, there are recent works which focus on urban environments. In existing system, it was shown that social relationships can explain a significant fraction of all human movement on data from LBSNs. In another system, location data were transformed into activity data to study daily activity patterns. Using a continuous sensing framework, Eagle was an early proponent of the identification of daily mobility patterns from simplified cell-tower data, in which each cell-tower ID was mapped to three semantic categories: home, work, and other. Similar tasks were also addressed by other authors

DISADVANTAGES OF EXISTING SYSTEM:

  • The lack of continuous mobility traces due to the fact that location is only available either when connections to a cellular network are made (through voice, text, or data) or when users explicitly check-in within a LBSN.
  • We face multiple challenges such as noisy data recorded in real-life conditions; obtaining human annotation of places and self-reports of place visits; and performing automatic place recognition without knowing the geographic location.

PROPOSED SYSTEM:

This paper presents a study on 1) characterization of real-life place visiting patterns from smartphone data; and 2) automatic place labeling in a location privacy-sensitive setting.

Our paper has three contributions. We first conduct an analysis of place visits in daily life, where places are inferred continuously from phone sensor data. We demonstrate that in practice, beyond the few places that represent an individual’s routine structure, people tend to visit new places on a regular basis, resulting in large number of places that are visited infrequently. In the second place, we demonstrate that this aspect of human behavior has key implications, showing (through an experiment involving manual labeling of visited places) that infrequently visited places are significantly harder to remember and label accurately. In the third place, we addressed the problem of automatic place labeling without using raw geolocation coordinates.

ADVANTAGES OF PROPOSED SYSTEM:

Our system achieves an accuracy of 75 percent in a privacy-preserving setting, and further analysis shows that the accuracy is bounded by the frequency with which a place is visited: while the few frequently visited places in phone users’ daily life can be recognized reliably, the largest fraction of places are more challenging to label.

SYSTEM ARCHITECTURE:

MODULES:

  • Data Collection
  • Place Extraction
  • Place annotation process
  • Place Visiting Patterns

MODULES DESCRIPTON:

Data Collection

In this module, we collect the user location data. The recording software is designed to run in the background, uploading recorded data automatically once a day via a user-defined WiFi connection. Since activating all sensors will wipe out the battery within a few hours, the sensing software was optimized with a state machine, which allows dynamic sampling rates. At the end, users can record data continuously with the only restriction of charging the phone once a day.

Place Extraction

In this module, it retrieves the user’s current geological coordinates. The raw location traces were represented as sequences of geographic coordinates obtained from GPS sensors or localized WiFi access points (based on co-occurrence of the AP and GPS data). In our framework, a place is defined as a small circular region (radius ¼ 100 meters) that has been visited for a significant amount of time. Our choice of region size was motivated by the existence of noisy data at some places. If a smaller radius (e.g., 50 meters) is used, then actual visits risk being segmented into multiple short visits. Note that the chosen region size is similar to the one reported in previous work on place recognition with GPS data

Place annotation process

In this module, automatic place annotation process is developed, where it shows the places which visited from the logs. Due to the large number of discovered places, annotation was obtained for only a small subset of discovered places.

Place Visiting Patterns

This is an evaluation module, where we show the evaluation results in Graph. The graph shows the number of times the places visited. Our analysis starts with basic statistics of places and their dynamics. Using the evaluation results, we address the following questions: How many places do people go to in everyday life? How often are these places visited? How often do people visit new places? What are the effects of demographics and calendar in the dynamics of place visits?

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS: 

  • System :         Pentium IV 2.4 GHz.
  • Hard Disk :         40 GB.
  • Floppy Drive : 44 Mb.
  • Monitor : 15 VGA Colour.
  • Mouse :
  • Ram : 512 Mb.
  • MOBILE : ANDROID

SOFTWARE REQUIREMENTS: 

  • Operating system : Windows XP/7.
  • Coding Language : Java 1.7
  • Tool Kit : Android 2.3 ABOVE
  • IDE : Eclipse

REFERENCE:

Trinh Minh Tri Do and Daniel Gatica-Perez, Member, IEEE, “The Places of Our Lives: Visiting Patterns and Automatic Labeling from Longitudinal Smartphone Data,” IEEE TRANSACTIONS ON MOBILE COMPUTING, VOL. 13, NO. 3, MARCH 2014.

Security Threats to Mobile Multimedia Applications: Camera-Based Attacks on Mobile Phones

Security Threats to Mobile Multimedia Applications: Camera-Based Attacks on Mobile Phones

ABSTRACT:

Today’s mobile smartphones are very power ful, and many smartphone applications use wireless multimedia communications. Mobile phone security has become an important aspect of security issues in wireless multimedia communications. As the most popular mobile operating system, Android security has been extensively studied by researchers. However, few works have studied mobile phone multimedia security. In this article, we focus on security issues related to mobile phone cameras. Specifically, we discover several new attacks that are based on the use of phone cameras. We implement the attacks on real phones, and demonstrate the feasibility and effectiveness of the attacks. Furthermore, we propose a lightweight defense scheme that can effectively detect these attacks.

PROJECT OUTPUT VIDEO: (Click the below link to see the project output video):

EXISTING SYSTEM:

Several video-based attacks targeted at keystrokes have been proposed. The attacks can obtain user input on touch screen smartphones. Maggi et al. [4] implement an automatic shoulder surfing attack against modern touch-enabled smartphones. The attacker deploys a video camera that can record the target screen while the victim is entering text. Then user input can be reconstructed solely based on the keystroke feedback displayed on the screen. However, this attack requires an additional camera device, and issues like how to place the camera near the victim without catching an alert must be considered carefully.

DISADVANTAGES OF EXISTING SYSTEM:

Moreover, it works only when visual feedback such as magnified keys are available.

PROPOSED SYSTEM:

In this article, we first conduct a survey on the threats and benefits of spy cameras. Then we present the basic attack model and two camera-based attacks: the remote-controlled real-time monitoring attack and the passcode inference attack. We run these attacks along with popular antivirus software to test their stealthiness, and conduct experiments to evaluate both types of attacks. The results demonstrate the feasibility and effectiveness of these attacks. Finally, we propose a lightweight defense scheme.In this work, we are able to hide the whole camera app in Android. Moreover, we implement advanced forms of attacks such as remote-controlled and real-time monitoring attacks. We also utilize computer vision techniques to analyze recorded videos and infer passcodes from users’ eye movements.

ADVANTAGES OF PROPOSED SYSTEM:

The main challenge is to make the attacks run stealthily and silently so that they do not cause a user alert.

SYSTEM ARCHITECTURE:

MODULES:

  1. Remote-Controlled Real-Time Monitoring Attack
  2. Video-Based Passcode Inference Attack
  3. Application-Oriented Attack
  4. Video-Based Eye Tracking

MODULES DESCRIPTION:

Remote-Controlled Real-Time Monitoring Attack:

We discuss the remote-con-trolled real-time monitoring attack, which could pose a big threat to a phone user’s privacy: daily activities and surrounding environment are all under the eye of the attacker. Camera-based attacks can be detected when multiple apps request the camera device at the same time or if the camera is being used by another app. But this can easily be avoided by selecting the time to launch attack. The malicious camera app can periodically check the screen status and run the stealthy video recording only when the screen is off, which means that the user is not using the phone and the camera device is idle. The status of the phone screen can be obtained by registering two broadcast receivers, ACTION_SCREEN_ON and ACTION_ SCREEN_OFF.

Video-Based Passcode Inference Attack:

When typing, users tend to keep a short distance to the screen, which allows the phone (front) camera to have a clear view of a user’s eye movements. A user’s eyes move along with the keys being touched, which means that tracking the eye movement could possibly tell what the user is entering. Thus, it is of great importance to investigate whether an attacker could obtain a phone user’s passcode by tracking the eye movements. As computer vision techniques are advancing and becoming more accurate, an offline processing of the video can extract the eye position in each frame and draw the path of eye movements, which means that an attacker could infer the passcode based on the video captured by a spy camera app. In this section, we discuss two types of camera attacks for inferring passcodes. We also discuss the computer vision techniques for eye tracking that can be utilized in the attacks.

Application-Oriented Attack:

First, the detection service of a spy camera app must be launched beforehand, by either tempting the user to run the app or registering an ACTION_BOOT_COMPLETED receiver to launch when booting is finished. The

RECEIVE_BOOT_COMPLETED permission is a commonly requested permission that would not be considered dangerous. Second, polling task lists frequently leads to extra consumption of energy resource. To improve the efficiency of scanning, the detection service is active only when a user is using the phone. As mentioned before, this can be determined by screen status. The detection service will cease when the screen is off and continue when the screen lights up again. Moreover, the scanning frequency should be set properly. In a phishing attack, a malicious app needs to poll the running task list every 5 ms to prevent the user from noticing that a new window (the fake app) has replaced the original one. In our phone camera attack, the view is totally translucent to users, so that worry is unnecessary. However, we still need to keep the frequency at around two scanning’s per second; otherwise, the attack may happen after the user starts entering the passcode (which makes the attack unsuccessful).

Video-Based Eye Tracking Method:

In the eye tracking field, two types of imaging approaches are commonly used: visible and infrared spectrum imaging. Visible spectrum imaging passively utilizes the ambient light reflected from the eye, while infrared spectrum imaging is able to eliminate uncontrolled specular reflection with active infrared illumination. Although infrared spectrum eye tracking is more accurate, most smartphones today are not equipped with infrared cameras. Hence, we focus on visible spectrum eye tracking. For images captured by visible spectrum imaging, often the best feature to track is the contour between iris and sclera known as the limbus.

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS: 

  • System :         Pentium IV 2.4 GHz.
  • Hard Disk :         40 GB.
  • Floppy Drive : 44 Mb.
  • Monitor : 15 VGA Colour.
  • Mouse :
  • Ram : 512 Mb.
  • MOBILE : ANDROID

SOFTWARE REQUIREMENTS: 

  • Operating system : Windows XP/7.
  • Coding Language : Java 1.7
  • Tool Kit : Android 2.3 ABOVE
  • IDE : Eclipse

REFERENCE:

Longfei Wu and Xiaojiang Du, Temple University Xinwen Fu, University of Massachusetts Lowell, “Security Threats to Mobile Multimedia Applications: Camera-Based Attacks on Mobile Phones,IEEE Communications Magazine, March 2014

MOSES: Supporting and Enforcing Security Profiles on Smartphones

MOSES: Supporting and Enforcing Security Profiles on Smartphones

ABSTRACT:

Smartphones are very effective tools for increasing the productivity of business users. With their increasing computational power and storage capacity, smartphones allow end users to perform several tasks and be always updated while on the move. Companies are willing to support employee-owned smartphones because of the increase in productivity of their employees. However, security concerns about data sharing, leakage and loss have hindered the adoption of smartphones for corporate use. In this paper we present MOSES, a policy-based framework for enforcing software isolation of applications and data on the Android platform. In MOSES, it is possible to define distinct Security Profiles within a single smartphone. Each security profile is associated with a set of policies that control the access to applications and data. Profiles are not predefined or hardcoded, they can be specified and applied at any time. One of the main characteristics of MOSES is the dynamic switching from one security profile to another. We run a thorough set of experiments using our full implementation of MOSES. The results of the experiments confirm the feasibility of our proposal.

PROJECT OUTPUT VIDEO: (Click the below link to see the project output video):

EXISTING SYSTEM:

A solution could be implemented by means of virtualization technologies where different instances of an OS can run separately on the same device. Although virtualization is quite effective when deployed in full-fledged devices (PC and servers), it is still too resource demanding for embedded systems such as smartphones. Another approach that is less resource demanding is paravirtualization. Unlikely full virtualization where the guest OS is not aware of running in a virtualised environment, in paravirtualization it is necessary to modify the guest OS to boost performance. Paravirtualization for smartphones is currently under development and several solutions exist (e.g.,Trango, VirtualLogix, L4 microkernel, L4Android).

DISADVANTAGES OF EXISTING SYSTEM:

  • All the virtualization solutions suffer from having a coarse grained approach(i.e., the virtualisedenvironments are completely separated, even when this might be a limitation for interaction).
  • Other limitation is the hardcoding of the environment specification. Environments cannot be defined by the user/company according to their needs but they are predefined and hardcoded in the virtual machine.
  • Furthermore, the switching among environments always require user interactions and it could take a significant amount of time and power. While researchers are improving some of these aspects, the complete separation of virtual machines and the impossibility to change or adapt their specifications remain an open issue.

PROPOSED SYSTEM:

In this paper, we propose MOSES provides an abstraction for separating data and apps dedicated to different contexts that are installed in a single device. For instance, corporate data and apps can be separated from personal data and apps within a single device. Our approach provides compartments where data and apps are stored. MOSES enforcement mechanism guarantees data and apps within a compartment are isolated from others compartments’ data and apps. These compartments are called Security Profiles in MOSES. Generally speaking, a SP is a set of policies that regulates what applications can be executed and what data can be accessed.

ADVANTAGES OF PROPOSED SYSTEM:

  • One of the features introduced in MOSES is the automatic activation of SP depending on the context, in which the device is being used.
  • MOSES can be used for realising a Mobile Device Management solution to manage remotely the security settings of a fleet of mobile devices.

SYSTEM ARCHITECTURE:

MODULES:

  1. Context Detection
  2. File system Virtualization
  3. Dynamic Application Activation
  4. Attribute-Based Policies
  5. Security Profile Management

MODULES DESCRIPTION:

Context Detection:

One of the contributions of MOSES is that it can automatically switcSPs based on the current Context. The Context-Detector System is responsible for monitoring Context definitions and for notifying the listeners about the activation or deactivation of a Context. The Security Profile Manager component, which is one of these listeners, is notified about the change through the callback functions on True (context_id)andonFalse(context_id), which correspond to activation and deactivation of a Context respectively. The context_id parameter represents a Context identifier. So as MOSES context detection functionality is decoupled from the rest of the system, it may be easily extended by integrating other context detection solutions.

File system Virtualization:

To separate data between different SPs, we use a technique called directory polyinstantiation. A polyinstantiated directory is a directory that provides different instances of itself according to some system parameters. In brief, for each SPMOSES creates a separate mount namespace. The Android file system structure is quite stable, i.e., the system forces an application to store its files in the application’s “home” directory that is /data/data/<package_name>/(<package_name>is the package name of the application). During the installation of an application, Android creates this “home” folder and assigns it Linux file permissions to allow only the owner of the directory (in this case the application) to access the data stored in it. To provide applications with different data depending on a currently running SPs, poly-instantiation of “data” folder may be used, i.e., for each SP a separate mount name-space, which points to different “physical” data folder depending on the identifier of aSP, may be created. In MOSES the described approach is used with two modifications. The first modification let the system to store all “physical” data directories under one parent directory (/data/moses_private/). The second modification creates the bindings not between the whole data folder and its “physical” counterpart, but bindings for separate application folders. The former modification allows MOSES to control direct access to the “physical” directories, while the latter permits to decrease storage overhead, because the usage of some apps is prohibited in some SPs.

Dynamic Application Activation:

Each SP is assigned with a list of application UIDs that are allowed to be run when this profile is active. Each application during the installation receives its own UID. MOSES uses these identifiers to control which applications can be activated for each SP. It should be mentioned that some packages can share the same UID. This happens if the developer of these applications have explicitly assigned the same value to shared User Id property in the manifest files of the applications, and signed these packages with the same certificate. Thus, during the installation of these applications, the Android system assigns them the same UID. In this case, MOSES cannot distinguish these applications and if one of them is allowed in one profile the other will be allowed as well.

Attribute-Based Policies:

Within each SP, MOSES enforces an attribute based access control (ABAC) model. The idea is that within each SP, users can define fine-grained access control policies to constraint application behaviour. For instance, the user may want to deny an application to read the files on an external storage. In this case, the user may write a policy which will still let the application to run within the profile but the access of this application to files on an external storage will be limited. For defining and editing policies, MOSES provides an activity shown. We have defined a simple policy language using the ABAC model. These are Subject, Operation, Taint, Target, and SP-Name. It is possible that two or more rules may be defined for the same attribute values. To resolve these conflicts, the user should assign a priority value to each rule. In this case, the decision of the rule with the highest priority will have precedence over the decisions of other rules; in the case of equal priorities, then the last inserted rule takes priority. For some combinations of attribute values, it might be the case when no rules apply. In this case, our system uses a default decision value (either allow or deny), which is assigned to the SP.

Security Profile Management:

To give a user the ability to manage the SPs in her device, the Moses Policy GUI application is developed. This is a sys-tem application signed with a system key and assigned with a special permission. This allows Moses Policy GUI application to communicate with the Moses Policy Manager and manage the SPs. The user specifies the name of a Context and the parameters of the sensors used to detect the context around the device.

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS: 

  • System :         Pentium IV 2.4 GHz.
  • Hard Disk :         40 GB.
  • Floppy Drive : 44 Mb.
  • Monitor : 15 VGA Colour.
  • Mouse :
  • Ram : 512 Mb.
  • MOBILE : ANDROID

SOFTWARE REQUIREMENTS: 

  • Operating system : Windows XP/7.
  • Coding Language : Java 1.7
  • Tool Kit : Android 2.3 ABOVE
  • IDE : Eclipse

REFERENCE:

Yury Zhauniarovich, Giovanni Russello, Member, IEEE, Mauro Conti, Member, IEEE, Bruno Crispo, Senior Member, IEEE, and Earlence Fernandes, Member, IEEE, “MOSES: Supporting and Enforcing Security Profiles on Smartphones,” IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, VOL. 11, NO. 3, MAY-JUNE 2014.

How Long to Wait? Predicting Bus Arrival Time With Mobile Phone Based Participatory Sensing

How Long to Wait? Predicting Bus Arrival Time With Mobile Phone Based Participatory Sensing

ABSTRACT:

The bus arrival time is primary information to most city transport travelers. Excessively long waiting time at bus stops often discourages the travelers and makes them reluctant to take buses. In this paper, we present a bus arrival time prediction system based on bus passengers’ participatory sensing. With commodity mobile phones, the bus passengers’ surrounding environmental context is effectively collected and utilized to estimate the bus traveling routes and predict bus arrival time at various bus stops. The proposed system solely relies on the collaborative effort of the participating users and is independent from the bus operating companies, so it can be easily adopted to support universal bus service systems without requesting support from particular bus operating companies. Instead of referring to GPS-enabled location information, we resort to more generally available and energy efficient sensing resources, including cell tower signals, movement statuses, audio recordings, etc., which bring less burden to the participatory party and encourage their participation. We develop a prototype system with different types of Android-based mobile phones and comprehensively experiment with the NTU campus shuttle buses as well as Singapore public buses over a 7-week period. The evaluation results suggest that the proposed system achieves outstanding prediction accuracy compared with those bus operator initiated and GPS supported solutions. We further adopt our system and conduct quick trial experiments with London bus system for 4 days, which suggests the easy deployment of our system and promising system performance across cities. At the same time, the proposed solution is more generally available and energy friendly.

PROJECT OUTPUT VIDEO: (Click the below link to see the project output video):

EXISTING SYSTEM:

When travelling with buses, the travellers usually want to know the accurate arrival time of the bus. Excessively long waiting time at bus stops may drive away the anxious travellers and make them reluctant to take buses. Nowadays, most bus operating companies have been providing their timetables on the web freely available for the travellers. The bus timetables, however, only provide very limited information (e.g., operating hours, time intervals, etc.), which are typically not timely updated. Other than those official timetables, many public services (e.g., Google Maps) are provided for travelers. Although such services offer useful information, they are far from satisfactory to the bus travelers

DISADVANTAGES OF EXISTING SYSTEM:

1) The schedule of a bus may be delayed due to many unpredictable factors (e.g., traffic conditions, harsh weather situation, etc)

2) However, usually requires the cooperation of the bus operating companies (e.g., installing special location tracking devices on the buses), and incurs substantial cost.

PROPOSED SYSTEM:

In this paper, we present a novel bus arrival time prediction system based on crowd-participatory sensing. We interviewed bus passengers on acquiring the bus arrival time. Most passengers indicate that they want to instantly track the arrival time of the next buses and they are willing to contribute their location information on buses to help to establish a system to estimate the arrival time at various bus stops for the community. This motivates us to design a crowd-participated service to bridge those who want to know bus arrival time (querying users) to those who are on the bus and able to share the instant bus route information (sharing users). To achieve such a goal, we let the bus passengers themselves cooperatively sense the bus route information using commodity mobile phones. In particular, the sharing passengers may anonymously upload their sensing data collected on buses to a processing server, which intelligently processes the data and distributes useful information to those querying users.

ADVANTAGES OF PROPOSED SYSTEM:

  • Through directly bridging the sharing and querying users in the participatory framework, we build our system independent of the bus operating companies or other third-party service providers.
  • Based on the commodity mobile phones, our system obviates the need for special hardware or extra vehicle devices.

      3)  Automatically detecting ambient environments and generating bus route related reports, our approach does not require the explicit human inputs from the participants

SYSTEM ARCHITECTURE:

MODULES:

  1. System Overview
    • Querying User
    • Sharing User
    • Backend server
  2. Pre-Processing Cell Tower Data
  3. Bus Detection
  4. Bus Classification
  5. Arrival Time Prediction

MODULE DESCRIPTION:

  • Querying User:

A querying user queries the bus arrival time by sending the request to the backend server. The querying user indicates the interest bus route and bus stop to receive the predicted bus arrival time.

  • Sharing user:

The sharing user on the other hand contributes the mobile phone sensing information to the system. After a sharing user gets on a bus, the data colllection module starts. The collected data is transmitted to the server. Since the sharing user may travel with different means of transport, the mobile phone needs to first detect whether the current user is on a bus or not. The mobile phone periodically samples the surrounding environment and extracts identifiable features of transit buses. Once the mobile phone confirms it is on the bus, it starts sampling sequences and sends the sequences to the backend server. Ideally, the mobile phone of the sharing user automatically performs the data collection and transmission without the manual input from the sharing user.

  • Backend server:

We shift most of the computation burden to the backend server where the uploaded information from sharing users is processed and the requests from querying users are addressed. Two stages are involved in this component. In order to bootstrap the system, we need to survey the corresponding bus routes in the offline pre-processing stage. We construct a basic database that associates particular bus routes to cell tower sequence signatures. Since we do not require the absolute physical location reference, we mainly war-drive the bus routes and record the sequences of observed cell tower IDs, which significantly reduces the initial construction overhead. The backend server processes the cell tower sequences from sharing users in the online processing stage. Receiving the uploaded information, the backend server first classifies the uploaded bus routes primarily with the reported cell tower sequence information. The bus arrival time on various bus stops is then derived based on the current bus route statuses.

Pre-Processing Data:

The backend server needs to maintain a database that stores sequences of cell IDs that are experienced along different bus routes. War driving along one bus route, the mobile phone normally captures several cell tower signals at one time, and connects to the cell tower with the strongest signal strength. We subsequently record the each sub-route. Such a sequence of cell ID sets identifies a bus route in our database. By war-driving along different bus routes, we can easily construct a database of cell sequences associated to particular bus routes.

Bus Detection:

During the on-line processing stage, we use the mobile phones of sharing passengers on the bus to record the cell tower sequences and transmit the data to the backend server. As aforementioned, the mobile phone should intelligently detect whether it is on a public transit bus or not and collect the data only when the mobile phone is on a bus. Some works study the problem of activity recognition and context awareness using various sensors. Such approaches, however, cannot be used to distinguish different transport modes (e.g., public transit buses and non-public buses). In this section, we explore multi-sensing resources to detect the bus environment and distinguish it from other transport modes. We seek a lightweight detection approach in terms of both energy consumption and computation complexity.

Bus Classification:

When a sharing user gets on the bus, the mobile phone samples a sequence of cell and reports the information to the backend server. The backend server aggregates the inputs from massive mobile phones and classifies the inputs into different bus routes. The statuses of the bus routes are then updated accordingly.

Arrival Time Prediction:

After the cell tower sequence matching, the backend server classifies the uploaded information according to different bus routes. When receiving the request from querying users the backend server looks up the latest bus route status, and calculates the arrival time at the particular bus stop. The server needs to estimate the time for the bus to travel from its current location to the queried bus stop. Suppose that the sharing user on the bus is in the cover-age of cell, the backend server estimates its arrival time at the bus stop according to both historical data as well as the latest bus route status.

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS: 

  • System :         Pentium IV 2.4 GHz.
  • Hard Disk :         40 GB.
  • Floppy Drive : 44 Mb.
  • Monitor : 15 VGA Colour.
  • Mouse :
  • Ram : 512 Mb.
  • MOBILE : ANDROID

SOFTWARE REQUIREMENTS: 

  • Operating system : Windows XP/7.
  • Coding Language : Java 1.7 / PHP
  • Tool Kit : Android 2.3 ABOVE
  • IDE : Eclipse

REFERENCE:

Pengfei Zhou, Student Member, IEEE, Yuanqing Zheng, Student Member, IEEE, and Mo Li, Member, IEEE “How Long to Wait? Predicting Bus Arrival Time With Mobile Phone Based Participatory Sensing” IEEE TRANSACTIONS ON MOBILE COMPUTING, VOL. 13, NO. 6, JUNE 2014.