Communication and Networking, Part II

Communications in Computer and Information Science

120

Tai-hoon Kim Thanos Vasilakos Kouichi Sakurai Yang Xiao Gansen Zhao ´ ˛zak (Eds.) Dominik Sle

Communication and Networking International Conference, FGCN 2010 Held as Part of the Future Generation Information Technology Conference, FGIT 2010 Jeju Island, Korea, December 13-15, 2010 Proceedings, Part II

13

Volume Editors Tai-hoon Kim Hannam University, Daejeon, South Korea E-mail: [email protected] Thanos Vasilakos University of Western Macedonia, Kozani, Greece E-mail: [email protected] Kouichi Sakurai Kyushu University, Fukuoka, Japan E-mail: [email protected] Yang Xiao The University of Alabama, Tuscaloosa, AL, USA E-mail: [email protected] Gansen Zhao Sun Yat-sen University, Guangzhou, China E-mail: [email protected] ´ ˛zak Dominik Sle University of Warsaw & Infobright, Poland E-mail: [email protected]

Library of Congress Control Number: 2010940170 CR Subject Classification (1998): C.2, H.4, I.2, D.2, H.3, H.5 ISSN ISBN-10 ISBN-13

1865-0929 3-642-17603-8 Springer Berlin Heidelberg New York 978-3-642-17603-6 Springer Berlin Heidelberg New York

This work is subject to copyright. All rights are reserved, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, re-use of illustrations, recitation, broadcasting, reproduction on microfilms or in any other way, and storage in data banks. Duplication of this publication or parts thereof is permitted only under the provisions of the German Copyright Law of September 9, 1965, in its current version, and permission for use must always be obtained from Springer. Violations are liable to prosecution under the German Copyright Law. springer.com © Springer-Verlag Berlin Heidelberg 2010 Printed in Germany Typesetting: Camera-ready by author, data conversion by Scientific Publishing Services, Chennai, India Printed on acid-free paper 06/3180

Preface

Welcome to the proceedings of the 2010 International Conference on Future Generation Communication and Networking (FGCN 2010) – one of the partnering events of the Second International Mega-Conference on Future Generation Information Technology (FGIT 2010). FGCN brings together researchers from academia and industry as well as practitioners to share ideas, problems and solutions relating to the multifaceted aspects of communication and networking, including their links to computational sciences, mathematics and information technology. In total, 1,630 papers were submitted to FGIT 2010 from 30 countries, which includes 150 papers submitted to the FGCN 2010 Special Sessions. The submitted papers went through a rigorous reviewing process: 395 of the 1,630 papers were accepted for FGIT 2010, while 70 papers were accepted for the FGCN 2010 Special Sessions. Of the 70 papers, 6 were selected for the special FGIT 2010 volume published by Springer in LNCS series. Fifty-one papers are published in this volume, and 13 papers were withdrawn due to technical reasons. We would like to acknowledge the great effort of the FGCN 2010 International Advisory Board and Special Session Co-chairs, as well as all the organizations and individuals who supported the idea of publishing this volume of proceedings, including SERSC and Springer. Also, the success of the conference would not have been possible without the huge support from our sponsors and the work of the Organizing Committee. We are grateful to the following keynote speakers who kindly accepted our invitation: Hojjat Adeli (Ohio State University), Ruay-Shiung Chang (National Dong Hwa University), and Andrzej Skowron (University of Warsaw). We would also like to thank all plenary speakers for their valuable contributions. We would like to express our greatest gratitude to the authors and reviewers of all paper submissions, as well as to all attendees, for their input and participation. Last but not least, we give special thanks to Rosslin John Robles and Maricel Balitanas. These graduate school students of Hannam University contributed to the editing process of this volume with great passion.

December 2010

Tai-hoon Kim Thanos Vasilakos Kouichi Sakurai Yang Xiao Gansen Zhao Dominik ĝlĊzak

Organization

General Co-chairs Alan Chin-Chen Chang Thanos Vasilakos MingChu Li Kouichi Sakurai Chunming Rong

National Chung Cheng University, Taiwan University of Western Macedonia, Greece Dalian University of Technology, China Kyushu University, Japan University of Stavanger, Norway

Program Co-chairs Yang Xiao Charalampos Z. Patrikakis Tai-hoon Kim Gansen Zhao International

University of Alabama, USA National Technical University of Athens, Greece Hannam University, Korea Sun Yat-sen University, China

Advisory Board

Wai-chi Fang Hsiao-Hwa Chen Han-Chieh Chao Gongzhu Hu Byeong-Ho Kang Aboul Ella Hassanien

National Chiao Tung University, Taiwan National Sun Yat-sen University, Taiwan National Ilan University, Taiwan Central Michigan University, USA University of Tasmania, Australia Cairo University, Egypt

Publicity Co-chairs Ching-Hsien Hsu Houcine Hassan Yan Zhang Damien Sauveron Qun Jin Irfan Awan Muhammad Khurram Khan

Chung Hua University, Taiwan Polytechnic University of Valencia, Spain Simula Research Laboratory, Norway University of Limoges, France Waseda University, Japan University of Bradford, UK King Saud University, Saudi Arabia

Publication Chair Maria Lee

Shih Chien University, Taiwan

VIII

Organization

Special Session Co-chairs Hong Kook Kim Young-uk Chung Suwon Park Kamaljit I. Lakhtaria Marjan Kuchaki Rafsanjani Dong Hwa Kim

Gwangju Institute of Science and Technology, Korea Kwangwoon University, Korea Kwangwoon University, Korea Atmiya Institute of Technology and Science, India Shahid Bahonar University of Kerman, Iran Hanbat University, Korea

Table of Contents – Part II

Congestion Avoidance and Energy Efficient Routing Protocol for WSN Healthcare Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Babak Esmailpour, Abbas Ali Rezaee, and Javad Mohebbi Najm Abad

1

An Efficient Method for Detecting Misbehaving Zone Manager in MANET . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Marjan Kuchaki Rafsanjani, Farzaneh Pakzad, and Sanaz Asadinia

11

Query Answering Driven by Collaborating Agents . . . . . . . . . . . . . . . . . . . . Agnieszka Dardzinska

22

Attribute-Based Access Control for Layered Grid Resources . . . . . . . . . . . Bo Lang, Hangyu Li, and Wenting Ni

31

A Local Graph Clustering Algorithm for Discovering Subgoals in Reinforcement Learning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Negin Entezari, Mohammad Ebrahim Shiri, and Parham Moradi

41

Automatic Skill Acquisition in Reinforcement Learning Agents Using Connection Bridge Centrality . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Parham Moradi, Mohammad Ebrahim Shiri, and Negin Entezari

51

Security Analysis of Liu-Li Digital Signature Scheme . . . . . . . . . . . . . . . . . Chenglian Liu, Jianghong Zhang, and Shaoyi Deng An Optimal Method for Detecting Internal and External Intrusion in MANET . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Marjan Kuchaki Rafsanjani, Laya Aliahmadipour, and Mohammad M. Javidi SNMP-SI: A Network Management Tool Based on Slow Intelligence System Approach . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Francesco Colace, Massimo De Santo, and Salvatore Ferrandino Intrusion Detection in Database Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . Mohammad M. Javidi, Mina Sohrabi, and Marjan Kuchaki Rafsanjani

63

71

83 93

A Secure Routing Using Reliable 1-Hop Broadcast in Mobile Ad Hoc Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Seungjin Park and Seong-Moo Yoo

102

A Hybrid Routing Algorithm Based on Ant Colony and ZHLS Routing Protocol for MANET . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Marjan Kuchaki Rafsanjani, Sanaz Asadinia, and Farzaneh Pakzad

112

X

Table of Contents – Part II

Decision-Making Model Based on Capability Factors for Embedded Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Hamid Reza Naji, Hossein Farahmand, and Masoud RashidiNejad

123

Socio-Psycho-Linguistic Determined Expert-Search System (SPLDESS) Development with Multimedia Illustration Elements . . . . . . . . . . . . . . . . . . Vasily Ponomarev

130

A Packet Loss Concealment Algorithm Robust to Burst Packet Loss Using Multiple Codebooks and Comfort Noise for CELP-Type Speech Coders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Nam In Park, Hong Kook Kim, Min A. Jung, Seong Ro Lee, and Seung Ho Choi

138

Duration Model-Based Post-Processing for the Performance Improvement of a Keyword Spotting System . . . . . . . . . . . . . . . . . . . . . . . . Min Ji Lee, Jae Sam Yoon, Yoo Rhee Oh, Hong Kook Kim, Song Ha Choi, Ji Woon Kim, and Myeong Bo Kim Complexity Reduction of WSOLA-Based Time-Scale Modification Using Signal Period Estimation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Duk Su Kim, Young Han Lee, Hong Kook Kim, Song Ha Choi, Ji Woon Kim, and Myeong Bo Kim A Real-Time Audio Upmixing Method from Stereo to 7.1-Channel Audio . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Chan Jun Chun, Young Han Lee, Yong Guk Kim, Hong Kook Kim, and Choong Sang Cho Statistical Model-Based Voice Activity Detection Using Spatial Cues and Log Energy for Dual-Channel Noisy Speech Recognition . . . . . . . . . . Ji Hun Park, Min Hwa Shin, and Hong Kook Kim 3D Sound Techniques for Sound Source Elevation in a Loudspeaker Listening Environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Yong Guk Kim, Sungdong Jo, Hong Kook Kim, Sei-Jin Jang, and Seok-Pil Lee Integrated Framework for Information Security in Mobile Banking Service Based on Smart Phone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Yong-Nyuo Shin and Myung Geun Chun A Design of the Transcoding Middleware for the Mobile Browsing Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Sungdo Park, Hyokyung Chang, Bokman Jang, Hyosik Ahn, and Euiin Choi

148

155

162

172

180

188

198

Table of Contents – Part II

A Study of Context-Awareness RBAC Model Using User Profile on Ubiquitous Computing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Bokman Jang, Sungdo Park, Hyokyung Chang, Hyosik Ahn, and Euiin Choi Challenges and Security in Cloud Computing . . . . . . . . . . . . . . . . . . . . . . . . Hyokyung Chang and Euiin Choi 3D Viewer Platform of Cloud Clustering Management System: Google Map 3D . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Sung-Ja Choi and Gang-Soo Lee Output Current-Voltage Characteristic of a Solar Concentrator . . . . . . . . Dong-Gyu Jeong, Do-Sun Song, and Young-Hun Lee Efficient Thread Labeling for Monitoring Programs with Nested Parallelism . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Ok-Kyoon Ha, Sun-Sook Kim, and Yong-Kee Jun A Race Healing Framework in Simulated ARINC-653 . . . . . . . . . . . . . . . . . Guy Martin Tchamgoue, In-Bon Kuh, Ok-Kyoon Ha, Kyong-Hoon Kim, and Yong-Kee Jun

XI

205

214

218 223

227 238

A K-Means Shape Classification Algorithm Using Shock Graph-Based Edit Distance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Solima Khanam, Seok-Woo Jang, and Woojin Paik

247

Efficient Caching Scheme for Better Context Inference in Intelligent Distributed Surveillance Environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Soomi Yang

255

A System Implementation for Cooperation between UHF RFID Reader and TCP/IP Device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Sang Hoon Lee and Ik Soo Jin

262

Study of Host-Based Cyber Attack Precursor Symptom Detection Algorithm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Jae-gu Song, Jong hyun Kim, Dongil Seo, Wooyoung Soh, and Seoksoo Kim Design of Cyber Attack Precursor Symptom Detection Algorithm through System Base Behavior Analysis and Memory Monitoring . . . . . . Sungmo Jung, Jong hyun Kim, Giovanni Cagalaban, Ji-hoon Lim, and Seoksoo Kim The Improved 4-PSK 4-State Space-Time Trellis Code with Two Transmit Antennas . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Ik Soo Jin

268

276

284

XII

Table of Contents – Part II

A Study on Efficient Mobile IPv6 Fast Handover Scheme Using Reverse Binding Mechanism . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Randy S. Tolentino, Kijeong Lee, Sung-gyu Kim, Miso Kim, and Byungjoo Park A Software Framework for Optimizing Smart Resources in the Industrial Field . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Dongcheul Lee and Byungjoo Park

291

301

Automatic Image Quality Control System . . . . . . . . . . . . . . . . . . . . . . . . . . . Jee-Youl Ryu, Sung-Woo Kim, Seung-Un Kim, and Deock-Ho Ha

311

Programmable RF System for RF System-on-Chip . . . . . . . . . . . . . . . . . . . Jee-Youl Ryu, Sung-Woo Kim, Dong-Hyun Lee, Seung-Hun Park, Jung-Hoon Lee, Deock-Ho Ha, and Seung-Un Kim

316

Development of a Mobile Language Learning Assistant System Based on Smartphone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Jin-il Kim, Young-Hun Lee, and Hee-Hyol Lee Implementation of the Sensor Node Hardware Platform for an Automatic Stall Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Yoonsik Kwak, Donghee Park, Jiwon Kwak, Dongho Kwak, Sangmoon Park, Kijeong Kil, Minseop Kim, Jungyoo Han, TaeHwan Kim, and SeokIl Song A Study on the Enhancement of Positioning Accuracy Performance Using Interrogator Selection Schemes over Indoor Wireless Channels . . . . Seungkeun Park and Byeong Gwon Kang A Fully Parallel, High-Speed BPC Hardware Architecture for the EBCOT in JPEG 2000 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Dong-Hwi Woo, Kyeong-Ryeol Bae, Hyeon-Sic Son, Seung-Ho Ok, Yong Hwan Lee, and Byungin Moon Implementating Grid Portal for Scientific Job Submission . . . . . . . . . . . . . Arun D. Gangarde and Shrikant. S. Jadhav A Comprehensive Performance Comparison of On-Demand Routing Protocols in Mobile Ad-Hoc Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Jahangir khan and Syed Irfan Hayder

321

330

335

343

347

354

Preserving Energy Using Link Protocol in Wireless Networks . . . . . . . . . . Anita Kanavalli, T.L. Geetha, P. Deepa Shenoy, K.R. Venugopal, and L.M. Patnaik

370

Trust Based Routing in Ad Hoc Network . . . . . . . . . . . . . . . . . . . . . . . . . . . Mikita V. Talati, Sharada Valiveti, and K. Kotecha

381

Table of Contents – Part II

XIII

Routing in Ad Hoc Network Using Ant Colony Optimization . . . . . . . . . . Pimal Khanpara, Sharada Valiveti, and K. Kotecha

393

Non-repudiation in Ad Hoc Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Purvi Tandel, Sharada Valiveti, K.P. Agrawal, and K. Kotecha

405

The Vehicular Information Space Framework . . . . . . . . . . . . . . . . . . . . . . . . Vivian Prinz, Johann Schlichter, and Benno Schweiger

416

Effectiveness of AODV Protocol under Hidden Node Environment . . . . . . Ruchi Garg, Himanshu Sharma, and Sumit Kumar

432

Prevention of Malicious Nodes Communication in MANETs by Using Authorized Tokens . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . N. Chandrakant, P. Deepa Shenoy, K.R. Venugopal, and L.M. Patnaik

441

Performance Evaluation of FAST TCP Traffic-Flows in Multihomed MANETs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Mumajjed Ul Mudassir and Adeel Akram

450

Fault Tolerant Implementation of Xilinx Vertex FPGA for Sensor Systems through On-Chip System Evolution . . . . . . . . . . . . . . . . . . . . . . . . . S.P. Anandaraj, R. Naveen Kumar, S. Ravi, and S.S.V.N. Sharma

459

Author Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

469

Table of Contents – Part I

Multiple Object Tracking in Unprepared Environments Using Combined Feature for Augmented Reality Applications . . . . . . . . . . . . . . . Giovanni Cagalaban and Seoksoo Kim

1

Study on the Future Internet System through Analysis of SCADA Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Jae-gu Song, Sungmo Jung, and Seoksoo Kim

10

A Novel Channel Assignment Scheme for Multi-channel Wireless Mesh Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Yan Xia, Zhenghu Gong, and Yingzhi Zeng

15

Threshold Convertible Authenticated Encryption Scheme for Hierarchical Organizations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Chien-Lung Hsu, Yu-Li Lin, Tzong-Chen Wu, and Chain-Hui Su

23

An Active Queue Management for QoS Guarantee of the High Priority Service Class . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Hyun Jong Kim, Jae Chan Shim, Hwa-Suk Kim, Kee Seong Cho, and Seong Gon Choi A Secured Authentication Protocol for SIP Using Elliptic Curves Cryptography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Tien-ho Chen, Hsiu-lien Yeh, Pin-chuan Liu, Han-chen Hsiang, and Wei-kuan Shih New Mechanism for Global Mobility Management Based on MPLS LSP in NGN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Myoung Ju Yu, Kam Yong Kim, Hwa Suk Kim, Kee Seong Cho, and Seong Gon Choi A Fault-Tolerant and Energy Efficient Routing in a Dense and Large Scale Wireless Sensor Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Seong-Yong Choi, Jin-Su Kim, Yang-Jae Park, Joong-Kyung Ryu, Kee-Wook Rim, and Jung-Hyun Lee

37

46

56

66

Network Management Framework for Wireless Sensor Networks . . . . . . . . Jaewoo Kim, HahnEarl Jeon, and Jaiyong Lee

76

FDAN: Failure Detection Protocol for Mobile Ad Hoc Networks . . . . . . . Haroun Benkaouha, Abdelkrim Abdelli, Karima Bouyahia, and Yasmina Kaloune

85

XVI

Table of Contents – Part I

Interference Avoiding Radio Resource Allocation Scheme for Multi-hop OFDMA Cellular Networks with Random Topology . . . . . . . . . . . . . . . . . . Sunggook Lim and Jaiyong Lee

95

Topology Control Method Using Adaptive Redundant Transmission Range in Mobile Wireless Sensor Network . . . . . . . . . . . . . . . . . . . . . . . . . . . MyungJun Youn, HahnEarl Jeon, SeogGyu Kim, and Jaiyong Lee

104

Timer and Sequence Based Packet Loss Detection Scheme for Efficient Selective Retransmission in DCCP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . BongHwan Oh, Jechan Han, and Jaiyong Lee

112

Transposed UL-PUSC Subcarrier Allocation Technique for Channel Estimation in WiMAX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Maged M. Khattab, Hesham M. EL-Badawy, and Mohamed A. Aboul-Dahab Load Performance Evaluation of the SSD According to the Number of Concurrent Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Seung-Kook Cheong and Dae-Sik Ko Experimental Investigation of the Performance of Vertical Handover Algorithms between WiFi and UMTS Networks . . . . . . . . . . . . . . . . . . . . . . Stefano Busanelli, Marco Martal` o, Gianluigi Ferrari, Giovanni Spigoni, and Nicola Iotti

121

132

137

Next Generation RFID-Based Medical Service Management System Architecture in Wireless Sensor Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . Randy S. Tolentino, Kijeong Lee, Yong-Tae Kim, and Gil-Cheol Park

147

A Study on Architecture of Malicious Code Blocking Scheme with White List in Smartphone Environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Kijeong Lee, Randy S. Tolentino, Gil-Cheol Park, and Yong-Tae Kim

155

An Authentication Protocol for Mobile IPTV Users Based on an RFID-USB Convergence Technique . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Yoon-Su Jeong and Yong-Tae Kim

164

Design of a Software Configuration for Real-Time Multimedia Group Communication; HNUMTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Gil-Cheol Park

172

Recognition Technique by Tag Selection Using Multi-reader in RFID Environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Bong-Im Jang, Yong-Tae Kim, and Gil-Cheol Park

180

UWB-Based Tracking of Autonomous Vehicles with Multiple Receivers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Stefano Busanelli and Gianluigi Ferrari

188

Table of Contents – Part I

Information System for Electric Vehicle in Wireless Sensor Networks . . . Yujin Lim, Hak-Man Kim, and Sanggil Kang Maximizing Minimum Distance to Improve Performance of 4-D PSK Modulator for Efficient Wireless Optical Internet Access and Digital Modulation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Hae Geun Kim Implementation of the Vehicle Black Box Using External Sensor and Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Sung-Hyun Back, Jang-Ju Kim, Mi-Jin Kim, Hwa-Sun Kim, You-Sin Park, and Jong-Wook Jang Implementation of a SOA-Based Service Deployment Platform with Portal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Chao-Tung Yang, Shih-Chi Yu, Chung-Che Lai, Jung-Chun Liu, and William C. Chu A Mobile GPS Application: Mosque Tracking with Prayer Time Synchronization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Rathiah Hashim, Mohammad Sibghotulloh Ikhmatiar, Miswan Surip, Masiri Karmin, and Tutut Herawan Author Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

XVII

199

207

217

227

237

247

Congestion Avoidance and Energy Efficient Routing Protocol for WSN Healthcare Applications Babak Esmailpour1, Abbas Ali Rezaee2, and Javad Mohebbi Najm Abad1 1

2

Islamic Azad University-Quchan Branch, Iran Faculty of Payame Noor University, Mashhad, Iran [email protected], [email protected], [email protected]

Abstract. Recent advances in wireless sensor technology facilitate the development of remote healthcare systems, which can significantly reduce the healthcare cost. The use of general and efficient routing protocols for Healthcare wireless sensor networks (HWSN) has crucial significance. One of the critical issues is to assure the timely delivery of the life-critical data in the resource-constrained WSN environment. Energy, and some other parameters for HWSN are considered here. In this paper, a data centric routing protocol which considers end to end delay, reliability, energy consumption, lifetime and fairness have been taken into account. The Proposed protocol which is called HREEP (Healthcare REEP) provides forwarding traffics with different priorities and QoS requirements based on constraint based routing. We study the performance of HREEP using different scenarios. Simulation results show that HREEP has achieved its goals. Keywords: Clustering, Healthcare Application, Congestion Avoidance, Routing Protocol, Wireless Sensor Networks.

1 Introduction Healthcare aware wireless sensor networks (HWSN) following wireless sensor networks have received great attention nowadays. Additive applications of these networks lead to an increase in their importance. Accessibility to low cost hardware such as CMOS cameras and microphones has caused the expansion of healthcare aware wireless sensor networks. HWSN consists of wireless nodes which can transmit healthcare relevant traffic in addition to sensing healthcare relevant events. By developing hardware, equipping small nodes with necessary devices is possible now [1,2]. Protocols which are designed for WSN lose a proportion of their efficiency if directly used for HWSN. But they still have so many similar characteristics. With respect to HWSN characteristics, their protocols should be designed in cross layer manner [3]. Many of those characteristics are mentioned below: -

Application dependency: Designing HWSN protocols is completely depended on its application. Application characteristics determine goals and crucial parameters.

T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 1–10, 2010. © Springer-Verlag Berlin Heidelberg 2010

2

B. Esmailpour, A.A. Rezaee, and J.M.N. Abad

-

-

-

Energy consumption efficiency: like wireless sensor networks nodes, nodes which are designed for healthcare aware wireless sensor networks also have limited primary energy resources and they mostly can’t be recharged (or recharging node’s energy is not economically commodious) so energy consumption is still considered as a fundamental parameter. Capability of forwarding data with different real time requirements: for different reasons traffics with different priorities are forwarded in healthcare aware wireless sensor networks. Protocols should be capable of sending the traffics simultaneously and as a result each traffic achieves its own real time requirements. The ability of sending data with different reliabilities: healthcare aware wireless sensor networks’ traffics need different reliabilities. These networks protocols should be capable of sending these traffics.

In this paper, we focus only on the issue of Routing in healthcare WSNs. In particular, we focus on large-scale medical disaster response applications. The Proposed protocol HREEP (Healthcare REEP) which is a data centric routing protocol takes end to end delay, reliability, energy consumption, network lifetime and fairness into consideration. As is known, all of the aforementioned parameters are not independent; for example energy consumption and network lifetime are inversely related. The main goal of the proposed protocol is to control these parameters using constraint based routing process. Parameters which are important for HREEP are also important for wireless sensor networks, too. But with respect to the fact that HWSNs are a subset of WSNs, parameters are more commensurate with HWSN [4]. Depending on their application, the delay parameter has different importance for HWSNs. In real time applications, information should reach destination in an appropriate time otherwise its importance decreases (in hard real time application receiving data out of legal interval is valueless). Another point worth mentioning is that different data types have different delay thresholds; therefore network reaction should be commensurate with data types. Energy consumption, lifetime and fairness are relevant parameters to protocol’s energy efficiency. Indeed life time increment is the essential goal; however two main elements for increasing lifetime is consuming energy efficiently and performing fairness. The aim to perform fairness is consuming energy of network nodes fairly. When network node’s energy has less variance, network lifetime will be prolonged. To perform fairness, nodes’ energy should be used equally. If one part of a network is used more than other parts, its energy will decrease sooner than others and then the network will be partitioned. If a network is partitioned, its energy consumption increases severely. Using different paths to send data to sink makes the fairness performance better. When network lifetime is prolonged, apparently we can use its services longer [5]. The Proposed protocol is composed of the following 4 phases; request dissemination, event occurrence report, route establishment and data forwarding. The rest of the paper is organized as follows: in section 2 related works will be discussed. In section 3, HREEP is presented in detail. In section 4, we will evaluate proposed protocol efficiency and finally in section 5 we conclude the paper.

Congestion Avoidance and Energy Efficient Routing Protocol

3

2 Related Works HREEP is a data centric protocol. Data centric protocols are a major part in different routing protocols in wireless sensor networks [2, 3]. Many successful routing protocols are presented for WSNs and HWSNs hitherto. Directed Diffusion and SPIN are two famous routing protocols for WSNs, which have received attention. In both, requests are disseminated in network and routing is done based on data type. Each of the aforementioned protocols is improved many times, as they are known as family; for example [7]. SPIN has many flows; for example it is not scalable, it is not energy efficient and etc. Healthcare aware wireless sensor networks routing protocols uses different methods to perform their tasks. HREEP makes routes based on network conditions and traffic requirements at the same time. The Proposed protocol has used many of ideas which are pointed to in REEP [8]. REEP protocol has different phases like other data centric protocols. The Mentioned phases are: Sense event propagation, Information event propagation and Request event propagation. In Sense event propagation phase sink sends its requests to all of the network nodes. In Information event propagation phase each node sends its sensed data to the sink. In next phase which is entitled Request event propagation sink responses to all of the nodes which send their sensed data and during this communications routes are established. This plan phasing is almost similar to data centric routing protocols [9][10][11].

3 The Proposed Protocol Data centric protocol HREEP is composed of the following 5 different phases: Request Propagation dissemination, event occurrence report, route establishment, data forwarding and route recovery. The Proposed protocol structure is shown in fig.1. In phase 1, sink floods its request to entire network nodes. Phase 1 will be discussed in section 3.1. Then four other phases, event occurrence report, route establishment, data forwarding and route recovery, are presented in details in sections 3.2, 3.3, 3.4 and 3.5 respectively. We have designed the proposed protocol based on healthcare aware wireless sensor networks characteristics. These networks are used for different applications [6]. Using one network for different applications is economical, because different applications are performed using one hardware infrastructure and this leads to a decrease in cost. Proposed protocol can send traffics with different QoS requirements. For more tangible Phase1: Request Propagation

Phase2: Event Report

Phase3: Route Establishing

Phase5: Route Recovery

Phase4: Data Transmission

Fig. 1. Proposed protocol structure

4

B. Esmailpour, A.A. Rezaee, and J.M.N. Abad

discussion, we will present an example. Assume that HWSN is used to monitor one patient. There are two traffics in the mentioned network. To monitor vital limbs, high priority report should send to sink through network. But for other events (for example periodical events to monitor other limbs), network nodes use low priority traffic. 3.1 Request Dissemination Phase In this phase sink should flood its requests to entire network nodes. Following points should be considered for this phase packets: -

-

Priority of used application; in HWSN a network may be used for forwarding more than one traffic with different characteristics. Therefore, traffic priority should be specified before forwarding. Time; it is possible that many packets which belong to one application are propagated through network in different times. Therefore, forwarding time should be specified in all packets. Furthermore, many of request have lifetime; when lifetime expires the aforementioned request is not valuable any more. Destination nodes geographical confine; this field is not vital for application that the requests should be sent to the entire network nodes. Request specification; each request contains destination nodes task and the way they should react to the event.

3.2 Event Occurrence Report Phase When Request dissemination phase is done, the entire network nodes know their task. When a node senses an event relevant to its task, it should report the sensed event features to the sink. Node should necessarily regard all the specifications which are outlined in task characteristics in its report so that the sink can react properly. In this phase the relevant information to the occurred event will be sent to the sink but sending of the fundamental information relevant to the event will be done in the data sending phase. Furthermore the very phase paves the way for providing packet routing. With this end in mind a packet will be created by a node and the relevant data to the sensed event will be located there. Through sending the packet to the sink the necessary routing tables will be provided for the aim of data routing in the nodes. The final routing will be executed in the route establishment phase. Indeed in the second phase in each node the completion of the final routing will be done by gathering all the essential information in each node in the form of permanent routing table. This act will end in the creation of routing tables for each specific node in the third phase. When an event is sensed by a node, according to its task it should be reported to the sink. The node will send the packet to all its neighbors by the time it is created (this packet is called the second phase packet). If the nodes are aware of their situations the packet will be sent to the neighbors who are far closer than the sending node to the sink. Although this matter leads to a decrease in the protocol’s energy consumption, considering the need for localization process, it can’t be implemented everywhere. It is to be noted that in the application which the request should be sent to one part of the network the nodes are certainly aware of their situations.

Congestion Avoidance and Energy Efficient Routing Protocol

5

By receiving the second phase packet each node creates a record in a routing table which is titled the second phase table. In this record the packet’s priority (compatible with traffic priority and the specified event), source node, sending node, the length of the traversed path, the numbers of traversed hops are kept. In the proposed protocol each node owns an ID which is located in the entire sent packet. The traversed route is the sum of the routes the packet has taken from the source node to the current node. After inserting a record, the node will send a packet to all its neighbors. This procedure will continue until the packet reaches the sink. We have to bear in mind having more than one record is more likely from one certain source node in the second phase table. This is due to the different routes which a node can be reached by the second phase packet but the packets which have the same field will be ignored. At the end of the second phase each node owns a routing table named the second phase table which will be used for determining the final route in the third phase. The records of the second phase table dictate the possible ways between the specified node and the event sensor source node. 3.3 Route Establishment Phase After the sink received all the second phase packets, it sends back and acknowledge packet (this packet is called the third packet phase) to the source node announcing to send all its gathered data to the sink. It is possible for an event to be sensed by more than a sensor node. At this stage according to the sent data by the source node, the sink chooses one or more nodes for the final data sending. In the second phase packet, each packet specifies its own sensing accuracy. For instance, in the healthcare applications, the received vital signals specify the sensing accuracy. According to mentioned notes a sensor should be chosen for reporting the sensed events. After choosing the source node, the third phase packet will be sent to its destination. As the third phase packet traverses the path, it creates the third phase table in the middle nodes. The third phase routing table is the final routing table which made the sent data routing possible from the source node. The sending acknowledgement depends on the sensed event priority. Two different acknowledgements are considered, acknowledgement for high priority (real time traffic) and acknowledgement for low priority (non real time traffic). The sink evaluates the second phase routing table for sending the acknowledgement with high priority. The first record will be chosen for the sending acknowledgement. The second phase packets will be located in the second phase routing table according to the time. Whenever a node receives the second type packet, it will locate it in the first available record. In fact the order of records´ numbers in the second phase routing table specifies the order of the time which they were received. Due to the great importance of time for real time applications the first record of the second phase table will be chosen. It is worth mentioning that the first record was first created in terms of time. But records selection in the source node is always of great importance. The only records will be considered that their source node is the very node which is chosen by the sink. Every node constitutes two tables in the second phase. Phase three routing table, for high priority traffics and routing table for low priority traffics. During this phase, these two tables are completed. When a node in phase three receives a packet with

6

B. Esmailpour, A.A. Rezaee, and J.M.N. Abad

high priority, a record for that in the routing table of phase with a high priority is created. In this table the following parameters are placed: The sending node, the receiving node, the source node and the type of function. According to what was mentioned, every node chooses the first record from the routing table in phase two as the next hop for the packet in phase three with high priority. This process continues until the packet arrives at its source. In fact, at the end of the third phase in the third phase non real time routing table, for every source one record is placed. Concepts which were mentioned in current section concerned traffic with a high priority. In the rest of the section finding low priority table in phase three will be elucidated. The sink considers the records relating to the source, among the routing records of phase two. For each of the records the probability of Pi is calculated through the formula (1):

TD = Pi HC

(1)

TD is the field which includes the length of the record path and HC is the number of the path hops of the record. Pi is the probability of record selection as the next hop, for the third phase packet with low priority. After determining Pi for each record with the specified source node, two records will be chosen randomly (according to the probability) then the third phase packet with low priority will be sent for them. Selecting different ways is to achieve fairness in energy consumption of network nodes. Without considering the priority all the traffic will be sent via one fixed path; similar to mechanism which is used in REEP protocol. This prevents the fairness from being achieved in energy consumption of network nodes. Each node registers the node in the routing table with low priority and in the next stage by the use of the same procedure with the sink the next two hops will be chosen and the third phase packet will be sent to them. In the record of non real time third phase table all the packet characteristics will be registered. In the following picture the relevant pseudo code to the third phase is presented. 3.4 The Data Forwarding Phase At the end of the third phase the real time and non real time routing table will be created. Each node owns a real time and non real time third phase routing table. The source node (the event sensor node) depending on the type of event sensed can send its data to the sink once it has received real time acknowledgement (the real time third phase packet) and non real time acknowledgement (the non real time acknowledgement). As was mentioned earlier, all the nodes including the source nodes have both types of routing tables. The third phase real time routing table is used to send real time data and the third phase non real time routing table to send non real data. For every source in the third phase real time routing table in the direction of the sink, there is only one record. Every node by receiving the real time traffic from the specified node sends the data to the next hop using that record. However, in the non real time routing table of phase three for every source there will be more than one

Congestion Avoidance and Energy Efficient Routing Protocol

7

record in the table. Every record has one Pj , the choice of the next hop depends on the Pj . The larger the Pj of a record is, the higher the chances of its selection are. Ultimately, one record will be selected as the next hop and the data will be sent to it. 3.5 Route Recovery Phase During data transmission phase congestion may happen especially near sink (near sink nodes are those nodes close to the sink). We use a simple strategy on the nearsink nodes to save energy and avoid congestion at the same time. We use field hop_count in every packet as our specific label field. Hop count indicates how far away this packet is from the sensing field (patient body). Every forwarding node updates the label field by increasing one (hop_count = hop_count +1). As our packets and command are going in the same tout, so in an intermediate node we use this parameter in the algorithm below in upstream data packet and downstream commands to change path. If(upstream_pk_hopcount > downstream_pk_hopcount ) * Node is more near sink If(node_energy < threshold) Change_path() To change path, node sends a control packet for its neighbors. If its neighbor energy is above threshold and has other path it changes the path. This saves energy in near sink nodes and avoids congestion. As a result network life time get better.

4 The Evaluation of the Performance of the Proposed Protocol In this section the performance of the proposed protocol HREEP is examined. The protocol REEP is a known protocol in the area of wireless sensor networks. Both the protocols HREEP and REEP have been implemented in the Opnet [12] simulator and their performance depending on various scenarios were investigated. In Figure 2 network topology is shown. As observable in fig.2 we have considered each body as a cluster. In each cluster a cluster head is determined. Cluster head has higher amount of resources rather than other cluster members. Firstly we will examine two protocols in terms of the performance of energy. In figure 3 the lifetime of the network for different rates has been drawn. The rates of the horizontal axis relate to the production rate by the source node. In other words, in the fourth phase the sending rate of data is taken to be different and for every rate the lifetime of the network has been calculated. As can been seen in figure 3, for the rates under 50(packet/sec) the difference between the lifetimes of the protocols is noteworthy. For example the life time of the network using HREEP for data rate 10 equals 7 time unit and while using REEP equals 1.5 time unit. This means prolonging the lifetime of the network by more than 100 percent.

8

B. Esmailpour, A.A. Rezaee, and J.M.N. Abad

In figure 4, fairness in the consumption of energy of the network nodes is examined. The horizontal axis is the sending rate of data and the horizontal axis is the parameter which calculates the variance of the energy of network nodes through formula 2. n

Dev = ∑ (Energyi − Ave )

2

(2)

i =1

Fig. 2. Network Topology

The higher the amount of the Dev for a protocol, the less success the protocol has achieved success in maintaining balance in the energy consumption of nodes since the variance of energy nodes has increased. As can be seen in figure 4 the HREEP has a lower variance. The nodes the variance of HREEP shows a 25 percent variance decrease. The parameters of network lifetime and variance are in some way dependent. If we can keep better balance in the energy consumption of nodes the lifetime of the network increases under the same conditions. Another fundamental parameter which is considered in this protocol is the end to end delay. Delay is a parameter which is crucially important for the healthcare aware wireless sensor networks. In figures 5 and 6, HREEP and REEP are compared in terms of delay. The delay presented in figures 5 and 6 concerning this section are related to the sensed data delay and do not include control data. As can be seen in the figures 5 the end to end delay for real time traffic in HREEP (HREEP_RT) is less than the end to end delay for non real time traffic (HREEP_NRT). By comparing numbers in figures 5 and 6 we can easily conclude that delay for HREEP-RT is less than REEP; and REEP delay and HREEP-NRT delay are almost similar. The reaction of protocols in the beginning of the graphs of figures 5 and 6 show the marked increase of delay for HREEP-RT, HREEP-NRT and REEP. The reason for this is congestion in routers for the purpose of sending the remaining packets of phase two. When all the packets of phase two sent, the delay approaches stability. In a stable

Congestion Avoidance and Energy Efficient Routing Protocol

Fig. 3. Lifetime comparison between HREEP and REEP

Fig. 5. Delay comparison between HREEPNRT and HREEP-RT

Fig. 4. Comparison HREEP and REEP

fairness

9

between

Fig. 6. Delay for REEP

condition the delay of REEP and HREEP-NRT are seen to be very close. And the delay of HREEP-RT is significantly lower than them. RT or real time traffic is the kind of traffic which requires low delay. But NRT traffic has considerably lower sensitivity to delay than. The goal of the protocol is to send the real time traffic with as low delay as possible and to send the non real time traffic with an acceptable level of delay. The vertical axis relates to delay and the horizontal axis to the time of packets generation.

5 Conclusion In this article a Congestion Avoidance routing protocol for the healthcare wireless sensor networks was presented. The proposed protocol was data-driven and event driven when a sensor in patient body alarm and comprised several various phases. The first phase of HREEP was designed to disseminate the demands of the sink. The other phases of HREEP are respectively event occurrence report, the route establishment, data forwarding and route recovery. Generally, the proposed protocols have taken into account several parameters including the parameters of end to end delay, reliability, energy consumption, the lifetime of the network and fairness in energy consumption. Finally, utilizing simulation, the performance of HREEP protocol was evaluated. The results of the simulation show that Proposed routing protocol

10

B. Esmailpour, A.A. Rezaee, and J.M.N. Abad

conscious of the proposed service quality has achieved its ends, which were to control the aforementioned parameters.

References 1. Tubaishat, M., Madria, S.: Sensor Networks: An Overview. IEEE Potentials, 20–23 (2003) 2. Akyildiz, I.F., Su, W., Sankarasubramaniam, W., Cayirci, E.: A Survey On Sensor Networks. IEEE Communication Magazine, 102–114 (2002) 3. Al-Karajki, J.N.: Routing Techniques in Wireless Sensor Networks: A Survey. IEEE , The Hashemite University Ahmed E. Kamal, Lowa State University (2004) 4. Stankovic, J.A., Cao, Q., Doan, T., Fang, L., He, Z., Kiran, R., Lin, S., Son, S., Stoleru, R., Wood, A.: Wireless sensor networks for in-home healthcare: Potential and challenges. In: Proc. High Confidence Medical Device Software Systems (HCMDSS) Workshop (2005) 5. Baker, C.R., Armijo, K., Belka, S., Benhabib, M., Waterbury, A., Leland, E.S., Pering, T., Wright, P.K.: Wireless sensor networks for home health care. In: Proc. 21st International Conf. Advanced Information Networking Applications Workshops, AINAW 2007 (2007) 6. Aziz, O., Lo, B., King, R., Yang, G.Z., Darzi, A.: Pervasive body sensor network: An approach to monitoring the post-operative surgical patient. In: Proc. IEEE International Workshop Wearable Implantable Body Sensor Networks, pp. 13–18 (2006) 7. Akkaya, K., Younis, M.: A Survey on Routing Protocols for Wireless Sensor Networks. Department of Computer Sciences and Electrical Engineering University of Maryland, Annual ACM/IEEE (2000) 8. Zabin, F., Misra, S., Woungang, I., Rashvand, H.F.: REEP: data-centric, energy-efficient and reliable routing protocol for wireless sensor networks. IET Commun. 2(8), 995–1008 (2008) 9. Gharavi, H., Kumar, S.P.: Special Issue on Sensor Networks and Applications. Proceedings of the IEEE 91(8) (2003) 10. Shnayder, V., Chen, B.R., Lorincz, K., Thaddeus, R.F., Jones, F., Welsh, M.: Sensor Networks for Medical Care. Harvard Univ., Tech. Rep. TR-08-05 (2005) 11. Wood, A., Virone, G., Doan, T., Cao, Q., Selavo, L., Wu, Y., Fang, L., He, Z., Lin, S., Stankovic, J.: ALARM-NET: Wireless Sensor Networks for Assisted-Living and Residential Monitoring. Dept. Computer Science, Virginia Univ., Tech. Rep. CS-2006-11 (2006) 12. http://www.opnet.com

An Efficient Method for Detecting Misbehaving Zone Manager in MANET Marjan Kuchaki Rafsanjani1, Farzaneh Pakzad2, and Sanaz Asadinia3 1

Department of Computer Engineering, Islamic Azad University Kerman Branch, Kerman, Iran [email protected] 2 Islamic Azad University Tiran Branch, Tiran, Iran [email protected] 3 Islamic Azad University Khurasgan Branch, Young Researchers Club, Khurasgan, Iran [email protected]

Abstract. In recent years, one of the wireless technologies increased tremendously is mobile ad hoc networks (MANETs) in which mobile nodes organize themselves without the help of any predefined infrastructure. MANETs are highly vulnerable to attack due to the open medium, dynamically changing network topology, cooperative algorithms, lack of centralized monitoring, management point and lack of a clear defense line. In this paper, we report our progress in developing intrusion detection (ID) capabilities for MANET. In our proposed scheme, the network with distributed hierarchical architecture is partitioned into zones, so that in each of them there is one zone manager. The zone manager is responsible for monitoring the cluster heads in its zone and cluster heads are in charge of monitoring their members. However, the most important problem is how the trustworthiness of the zone manager can be recognized. So, we propose a scheme in which “honest neighbors” of zone manager specify the validation of their zone manager. These honest neighbors prevent false accusations and also allow manager if it is wrongly misbehaving. However, if the manger repeats its misbehavior, then it will lose its management degree. Therefore, our scheme will be improved intrusion detection and also provide a more reliable network. Keywords: Collaborative algorithm, Honest neighbors, Intrusion detection, Zone manager, Mobile Ad hoc Network (MANET).

1 Introduction A mobile ad hoc network is a wireless network with the characteristics of selforganization and self-configuration, so that it can quickly form a new network without the need for any wired network infrastructure. Nodes within radio range of each other can communicate directly over wireless links, and those that are far apart use other nodes as relays. The network topology frequently changes due to the mobility of mobile nodes as they move in, or move out of their network vicinity [1],[2]. Thus, a T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 11–21, 2010. © Springer-Verlag Berlin Heidelberg 2010

12

M.K. Rafsanjani, F. Pakzad, and S. Asadinia

MANET is a collection of autonomous nodes that form a dynamic multi-hop radio network with specific purpose in a decentralized manner [1]. Due to this special characteristic, MANETs experience more vulnerability that brings more security concerns and challenges compared to other networks. Moreover due to their open medium, dynamically changing network topology and lacking central monitoring and absence of a clear line of defense, MANET is particularly vulnerable to several types of attacks like passive eavesdropping, active impersonation and denial of services. An intruder that compromises a mobile node in MANET can destroy the communication between the nodes by broadcasting false routing information, providing incorrect link state information and overflowing other nodes with unnecessary routing traffic information. One way of securing a mobile ad hoc network is to apply prevention method such as encryption and authentication, but past experiments have shown that encryption and authentication as intrusion prevention are not sufficient. So, the need arises for a second wall of defense as intrusion detection system [2],[3]. The idea is that when a MANET being intruded, if an intrusion detection system is existed, it could be detected as early as possible, and the MANET could be protected before any extensive harm can be done. Research efforts are going on to develop Intrusion Detection Systems (IDS) to detect intrusion, identify the misbehaving nodes, and isolate them from the rest of the network. Moreover, the presence of a detection system will discourage misbehaving nodes from attempting intrusion in future. Although, it is likely that the intruder will think twice before he attempts to break in it, again in future [4]. However, in most of IDSs, monitoring nodes or cluster heads is supposed to be valid nodes in order to initiate IDS and response systems. But in real world this idea is different and we can face to misbehaving or malicious monitoring nodes or cluster heads. (We consider malicious node as misbehavior node.) In this paper, we focus on finding misbehaving monitoring node or malicious cluster heads. So, if these nodes have been misbehavior nodes then they can send false information to other nodes or report an innocent node as destructive. In our proposed scheme, The network is partitioned to zones with one zone manager which is responsible to monitor on cluster heads in its zone, but the most important problem is how can specify the integrity of zone manager which is done by “honest neighbors” of zone manager. Also we detect compromised nodes in a cluster based on Algorithm for Detection in a Cluster (ADCLU) which is also used by zone manager for detecting malicious cluster heads [4]. The rest of this paper is organized as follows: In the next section, we review some related work in intrusion detection for MANETs. In Section 3, we present and explain our intrusion detection scheme. In Section 4, we conclude this paper with a discussion on future work.

2 Preliminaries There are three typical architectures for an intrusion detection system (IDS): standalone, distributed and cooperative, and hierarchical IDS architecture [5]. Moreover, there exists another classification which is combination of these architectures called hybrid architecture.

An Efficient Method for Detecting Misbehaving Zone Manager in MANET

13

In the stand-alone IDS architecture every node runs an intrusion detection system agent and every decision made is based only on information collected at local node, since there is no cooperation among nodes in the network like Watchdog technique [6]. The merits of this architecture have no network overhead for the intrusion detection process such as audit data exchange. Moreover, this system could reduce the risk where attackers accuse legitimate nodes misbehaving in purpose to have those nodes excluded from the network [7]. However, this architecture has limitations to be implemented in real environment because in most types of attacks, information on each individual node might not be enough to detect intrusions. In addition, since every node runs IDS, resources are required in every node. Therefore, this scheme is not suitable for nodes with limited resources. Furthermore, due to the lack of node cooperation, this scheme may fail to detect a misbehaving node in the presence of (a) ambiguous collision, (b) receiver collision, (c) limited transmission power, (d) false misbehavior, (e) collusion, and (f) partial dropping [6]. Finally, this scheme hasn’t security protection. The second type of architecture is a distributed and cooperative model. Zhang and Lee [8] have proposed the intrusion detection system in MANETs should also be distributed and cooperative. Similar to stand-alone architecture, every node participates in intrusion detection and response by having an IDS agent running on them. An IDS agent is responsible for detecting and collecting local events and data to identify possible intrusions, as well as initiating a response independently. However, neighboring IDS agents cooperatively participate in global intrusion detection actions when the evidence is inconclusive through voting mechanism [2]. The merits of this architecture are such as follow: Network overhead can be reduced by exchanging data only when it is needed. The lack of completeness of the local audit data can also be compensated by asking the intrusion status in neighboring nodes. Although the IDS can overcome some limitations presented in the stand-alone IDS, it has the following problems. First, cooperative intrusion detection may lead to heavy communication and calculation between nodes, causing degradation in network performance. Second, the sharing data between trusted nodes is not in general true since there are a lot of possible threats in a wireless network environment [7]. Hierarchical intrusion detection systems architectures have been designed for multi-layered ad hoc network infrastructures where the network is are divided into smaller sub-networks (clusters) with one or more cluster heads that are responsible for the intrusion detection in the networks. Therefore, these cluster heads act as manage points which are similar to switches, routers, or gateways in traditional wired networks. Each IDS agent runs on every node. Also it is responsible for detecting intrusion locally by monitoring local activities. A cluster head is responsible locally for its node as well as globally for its cluster, e.g. monitoring network packets and initiating a global response when network intrusion is detected [2],[3],[7]. This type of architecture is the most suitable architecture in term of information completeness. Moreover, the idea of reducing the burden of hosting IDS agent in some nodes helps the system to conserve overall energy. However, this has to be paid for the network overhead to form clusters and audit data exchange, not to mention the relatively long detection time as the data exchange is needed to perform the detection.

14

M.K. Rafsanjani, F. Pakzad, and S. Asadinia

Moreover, malicious nodes that are elected as cluster heads could result to the devastation of the networks. In the zone-based IDS proposed in [9], the network is partitioned into nonoverlapping zones. Every node in a zone (intra-zone node) sends an alert message to a gateway node (inter-zone node) with alert flooding and the gateway node will send out an alarm message at a fixed interval representing the zone. Zone-based IDS cannot detect intrusion in real time because its gateway generates alarms only at a fixed interval. Furthermore, in MANET intrusion detection system there are two types of decision making including collaborative decision making and independent decision making. In collaborative decision making, each node participates actively in the intrusion detection procedure. Once one node detects an intrusion with strong confidence, this node can start a response to the intrusion by starting a majority voting to determine whether attack happens [8]. On the other hand, in the independent decision making framework, certain nodes are assigned for intrusion detection [10]. These nodes collect intrusion alerts from other nodes and decide whether any node in the network is under attack. These nodes do not need other nodes’ participation in decision making [2],[3].

3 The Proposed Scheme Our scheme is inspired form the collaborative techniques for intrusion detection in mobile ad hoc networks, which use collaborative efforts of nodes in a neighborhood to detect a malicious node in that neighborhood [4]. The first step of our scheme is based on Marchang et al.’s technique (ADCLU algorithm) [4] which is designed for detection of malicious nodes in a neighborhood of nodes, in which each pair of nodes may not be in radio range of each other, but where there is a node among them which has all the other nodes in its one hop vicinity. This neighborhood is identical to a cluster [11]. This technique uses message passing between the nodes. A node called the monitoring node initiates the detection process. Based on the messages that it receives during the detection process, each node determines the nodes it suspects to be malicious and send votes to the monitoring node. The monitoring node upon inspecting the votes determines the malicious nodes from among the suspected nodes [4]. In this scheme, authors assumed that the initiating node of this algorithm i.e., the monitoring node is not malicious and when the monitoring node initiates the detection process by sending out a message to the other nodes, the malicious nodes have no way of knowing that a detection algorithm is in progress. So, if these nodes have been misbehavior nodes then they can send false information to other nodes, report an innocent node as destructive or do not initiate the detection process. Therefore, it is important that a monitoring node has been a valid node. This shortcoming also viewed in many distributed or hierarchical or hybrid intrusion detection systems. In our scheme, the network is divided to zones with one zone manager in each zone which is responsible to monitor cluster heads in its zone. Zone manager is the heart of the controlling and coordinating with every node in the zone. It maintains the configuration of the node, record the system status information of each component, and make

An Efficient Method for Detecting Misbehaving Zone Manager in MANET

15

the decisions. Also monitoring of cluster heads can be done by zone manager via expanding the ADCLU algorithm. The second step of our scheme is allocated for detecting a misbehaving zone manager in which zone manager neighbors should control its activity and report any misbehaving. This scheme creates reciprocal term between nodes in multi level hierarchical. 3.1 Detecting Malicious Cluster Heads Based on ADCLU The ADCLU algorithm [4] can be used to detect malicious nodes in a set of nodes, which forms a cluster, which is defined as a neighborhood of nodes in which there a node, which has all the other nodes as its 1-hop neighbors as shown in Fig 1. To present the algorithm we make the following assumptions: The wireless links between the nodes are bi-directional. When the monitoring node initiates the detection process, the malicious nodes have no way of knowing that a detection algorithm is in progress. 0

2 1

4

3

Fig. 1. A neighborhood (cluster) in a MANET consisting of 5 nodes: an edge between two nodes denotes they are within radio range of each other

Step 1: The monitoring node, M broadcasts the message RIGHT to its neighbor nodes asking them to further broadcast the message in their neighborhood. M broadcast: (RIGHT) Step 2: Upon receiving the message RIGHT, each neighbor, B of M further broadcast the message in its neighborhood B broadcast: (X) (X = RIGHT if B is not malicious, X ≠ RIGHT if B is malicious) Step 3: The monitoring node, M then broadcasts a MALICIOUS-VOTEREQUEST message in its neighborhood. M broadcast: (MALICIOUS-VOTE-REQUEST) Step 4: On receipt of a MALICIOUS-VOTE-REQUEST message from M, each neighbor, B of M does the following: Let PA be the message node B received from node A in step 2 (if node B does not receive any message from A or if it receives a message different from RIGHT, PA is assigned default message WRONG). If PA≠ RIGHT, then B sends a vote for node A being a suspected node to M. B M: (VOTE; A) Step 5: On receipt of the votes in step 4, the monitoring node does the following: I. Accept only distinct votes from each of the nodes (By distinct votes, we mean that the monitoring node can accept at most one vote about a suspected node from any node).

16

M.K. Rafsanjani, F. Pakzad, and S. Asadinia

II. Let NA be the number of votes received for node A. If NA ≥ k, mark node A as malicious. (The monitoring node also gives its vote. k is the threshold value.) Zone manager also can use this algorithm for detecting the cluster heads work properly or not. But for detecting a validation of zone manager we propose a distributed scheme to controls the zone manager, investigate its operation, the zone manger is isolated if any misbehaving has been observed and selection of new zone manager is accomplished. 3.2 Detecting Valid Monitoring Zone Manager The first zone manager can be selected randomly or by consideration the routing table in DSR. Then an IDS agent would be installed on the neighboring nodes of zone manager and each node runs an IDS independently. However, nodes would cooperate with each other to detect some ambiguous intrusions. Neighboring nodes must know each other and trust to each other to identify the precision of their decisions. The creation of a trusted community is important to ensure the success of MANET operations. A special mechanism needs to be deployed to enable nodes to exchange security associations between them. In addition, this mechanism is able to speed up the creation process of a trusted community in the network. Each node needs to meet and establish mutual trust with other nodes which requires a lot of time and effort. The reliance concept proposed in this study makes this process simpler and faster by providing a secure platform for nodes to exchange their security associations. This ongoing trust exchange process between nodes without doubt could lessen the amount of anonymous communication, and thus lead to the creation of a trusted community in the networks [12]. A secure platform must be provided in which each node needs to build its own trusted neighbors lists. In fact, this module is created first by virtual trust between nodes and based on the good reputation of other nodes through experiences. Each node promiscuously listen to its neighbors transmissions which is located in its one hop vicinity and also it is a neighbor of zone manger. These nodes decrease its neighbor reputation degree if it has seen any misbehaving such as dropping packets, modifying messages and the reputation will be increased if it forwards packets without any modification. In addition, each activity of their neighbors can be viewed form routing tables. After the neighbor`s node reputation degree gain the threshold value it will be registered in “honesty neighbors” list. In addition, these direct neighbors would be exchanged their “honesty neighbors” to create a new set of associate nodes, namely indirect honesty neighbors (implicit trust). So, a ring of “honest neighbors” can surround the zone manager and control its activity as shown in Fig 2. It is clear evidently zone manager also exists in their trusted neighbors. If each of these nodes misbehaves or acts maliciously the reputation degree will be degraded and then it will be omitted from “honest neighbors” list if this degree is lower that threshold value. This process has not been required that all IDSs of neighboring nodes were active and in fact some of them can go to sleep mode. If one node detects that zone manager is misbehaving, it will send an alert to its honest neighbors, the modules in the sleeping state will be activated, changing from the sleeping state to the running state to initiate their IDSs and cooperate in zone manager intrusion detection. If they also

An Efficient Method for Detecting Misbehaving Zone Manager in MANET

17

observed zone manager misbehavior send warning to altogether and cut off their communications with zone manager, simultaneously, the warning will be send to the cluster heads. Then cluster heads can run ADCLU to dismiss zone manager with strong evidence.

Legend: Zone manager Honest neighbors Communication link

 A B

G

Ring of honest neighbors A sample of indirect trust between nodes

C F E

D

Fig. 2. Honest neighbors model for detecting misbehaving zone manager

After the removal of zone manager, new manager should be selected; the simpler and faster process is the honesty neighbors select a node which has lower misbehaving or higher reputation rate as zone manager.

4 Simulation Results Our algorithm was simulated using the GloMoSim Simulator. In the base scenario, 250 nodes are placed in an area of 2000 m ×2000 m with 4 sections1000 m×1000 m and 16 clusters. In this model, each node selects a random destination within the simulation area and the nodes move uniformly according to the waypoint mobility model with a maximum speed of 10 m/s. The time of simulation was 300s and the used routing protocol was DSR. The data traffic was generated by 10 constant bit rate (CBR) sources, with sending rates of single 1024 bytes every second. We use the 802.11 protocol at the MAC layer. The radio propagation range is set to 250m and the data rate is 2 Mbit/s. Message loss was considered by random selection of messages at various steps of the algorithm. 20 percentages of nodes considered malicious nodes. The malicious nodes were selected at random and were made to drop or modify all the messages that they were to forward. In view of our algorithm, they send WRONG messages. Figs. 3–5 show the end to end delay, delivery ratio and overhead respectively once the nodes have no mobility. Fig.3 shows the end to end delay of our algorithm in comparison to ADCLU and DSR protocol. Our algorithm produces higher end to end delay results than the other protocols. In general, DSR protocol runs better than other algorithms in simple environments. Although this protocol doesn’t operate any detection and response process so the delay is less than others.

18

M.K. Rafsanjani, F. Pakzad, and S. Asadinia

On the other hand, our protocol is more complicated than ADCLU, so the higher delay is clear. Consider Fig.4, the delivery ratio of our proposed scheme is better than the other two protocols. If maximum number of messages are passed and received successfully it has two meanings, whether there exist no attacks in the networks or the attack has been identified and fixes. Considering 20 percent of simulated nodes are malicious and this indicates the correct functioning of our algorithm to deal with invaders. Fig.5 shows the overhead per true received packets between our proposed algorithm, ADCLU and DSR. Our proposed method has a lower level rather than ADCLU. This shows that despite of existence of attacks, our algorithm can deliver more packets to destination. In general, packet delivery ratio and overhead have an inverse relationship. So when the overhead is higher the delivery ratio will be lower, and the lower overhead results in higher delivery ratio.

end to end delay ADCLU

the proposed method

DSR

delay(sec)

0.02 0.015 0.01 0.005 0 100

150

200 number nodes

Fig. 3. End to end delay without mobility

Fig. 4. Packet delivery ratio without mobility

250

An Efficient Method for Detecting Misbehaving Zone Manager in MANET

19

Fig. 5. Overhead per true received packets without mobility

Figs. 6–8 show the end to end delay, delivery ratio and overhead respectively when nodes move with maximum speed of 10m/s. According to figures, our proposed scheme has better functioning despite of movement of nodes. end to end delay ADCLU

the proposed method

DSR

delay(sec)

0.02

0.015

0.01 100

150

200 number nodes

Fig. 6. End to end delay with maximum speed 10m/s

Fig. 7. Packet delivery ratio with maximum speed 10m/s

250

20

M.K. Rafsanjani, F. Pakzad, and S. Asadinia

Fig. 8. Overhead per true received packets with maximum speed 10m/s

5 Conclusion and Future Work In this paper, we have proposed a scheme to improve IDS for MANET. This scheme aims to minimize the overheads and maximize the performance of network and to provide a degree of protection against the intruder. In our proposed scheme, we focus on reliability of zone manager which is done by its honesty neighbors. As follow, the development of the scheme is: the network is divided to zones with one zone manager which is the monitor of the cluster heads in its zone. The validation of zone manager is accomplished by its honesty neighbor that is neglected in many IDS techniques. In most of these techniques, monitoring node is a valid node, but if monitoring node be a misbehaving node, it can refuse initiating intrusion detection algorithm or accuse an innocent node as destructive. So, these honest neighbors prevent false accusations, and also allow zone manager to be a manager if it is wrongly misbehaving. However, if manger repeats its misbehavior, it will lose its management degree. Our scheme can apply for developing a sophisticated intrusion detection system for MANET. This experiment emphasizes the importance of validation of zone manager for running IDS algorithms, which is neglected in latest researches. Our simulation results show that the algorithm works well even in an unreliable channel where the percentage of loss of packages is around 20%.

References 1. Xiao, H., Hong, F., Li, H.: Intrusion Detection in Ad hoc Networks. J. Commu. and Comput. 3, 42–47 (2006) 2. Farhan, A.F., Zulkhairi, D., Hatim, M.T.: Mobile Agent Intrusion Detection System for Mobile Ad hoc Networks: A Non-overlapping Zone Approach. In: 4th IEEE/IFIP International Conference on Internet, pp. 1–5. IEEE Press, Tashkent (2008)

An Efficient Method for Detecting Misbehaving Zone Manager in MANET

21

3. Fu, Y., He, J., Li, G.: A Distributed Intrusion Detection Scheme for Mobile Ad hoc Networks. In: 31st Annual International Computer Software and Applications Conferences (COMPSAC 2007), vol. 2, pp. 75–80. IEEE Press, Beijing (2007) 4. Marchang, N., Datta, R.: Collaborative Techniques for Intrusion Detection in Mobile Adhoc Networks. J. Ad Hoc Networks 6, 508–523 (2008) 5. Brutch, P., Ko, C.: Challenges in Intrusion Detection for Wireless Ad hoc Networks. In: Symposium on Applications and the Internet Workshops (SAINT 2003 Workshops), pp. 368–373. IEEE Press, Florida (2003) 6. Marti, S., Giuli, T.J., Lai, K., Baker, M.: Mitigating Routing Misbehavior in Mobile Ad hoc Networks. In: 6th Annual International Conference on Mobile Computing and Networking, pp. 255–265. ACM, New York (2000) 7. Arifin, R.M.: A Study on Efficient Architecture for Intrusion Detection System in Ad hoc Networks. M.SC. Thesis, repository.dl.itc.u-okyo.ac.jp/dspace/bitstream/2261/../K01476.pdf, pp. 1–53 (2008) 8. Zhang, Y., Lee, W., Huang, Y.: Intrusion Detection Techniques for Mobile Wireless Networks. J. Wireless Networks 9, 545–556 (2003) 9. Sun, B., Wu, K., Pooch, U.W.: Alert Aggregation in Mobile Ad hoc Networks. In: 2nd ACM Workshop on Wireless Security (WiSe 2003), pp. 69–78. ACM, New York (2003) 10. Anantvalee, T., Wu, J.: A Survey on Intrusion Detection in Mobile Ad hoc Networks. In: Xiao, Y., Shen, X., Du, D.Z. (eds.) Wireless/Mobile Network Security, vol. 2, pp. 159– 180. Springer, Heidelberg (2007) 11. Huang, Y., Lee, W.: A Cooperative Intrusion Detection System for Ad hoc Networks. In: ACM Workshop on Security in Ad Hoc and Sensor Networks (SASN 2003), pp. 135–147. ACM, New York (2003) 12. Razak, A., Furnell, S.M., Clarke, N.L., Brooke, P.J.: Friend-Assisted Intrusion Detection and Response Mechanisms for Mobile Ad hoc Networks. J. Ad Hoc Networks 6, 1151– 1167 (2008)

Query Answering Driven by Collaborating Agents Agnieszka Dardzinska Bialystok University of Technology, ul. Wiejska 4C, 15-351 Bialystok Poland [email protected]

Abstract. We assume that there is a group of collaborating agents where each agent is defined as an Information System coupled with a Query Answering System (QAS). Values of attributes in an information system S form atomic expressions of a language used by the agent associated with S to communicate with other agents. Collaboration among agents is initiated when one of the agent's, say the one associated with S and called a client, is asked by user to resolve a query containing nonlocal attributes for S. Then, the client will ask for help other agents to have that query answered. As the result of this request, knowledge in the form of defnitions of locally foreign attribute values for S is extracted at information systems representing other agents and sent to the client. The outcome of this step is a knowledge-base KB created at the client site and used to answer the query. In this paper we present a method of identifying which agents are semantically the closest to S and show that the precision and recall of QAS is getting increased when only these agents are ask for help by the client. Keywords: query, information system, agent, knowledge base.

1 Introduction We assume that there is a group of collaborating agents where each agent is defined as an Information System (can be incomplete) coupled with a Query Answering System (QAS) and a knowledge base which is initially empty. Incompleteness is understood as a property which allows to use a set of weighted attribute values as a value of an attribute. Additionally, we assume that the sum of these weights has to be equal 1. The defnition of an information system of type λ given in this paper was initially proposed in [9]. The type λ was introduced with a purpose to monitor the weights assigned to values of attributes by Chase algorithm. If a weight is less than λ, then the corresponding attribute value is ruled out as a possible value and weights assigned to the remaining attribute values are equally adjusted so its sum is equal again to one. Semantic inconsistencies are due to different interpretations of attributes and their values among sites (for instance one site can interpret the concept young differently than other sites). Different interpretations are also implied by the fact that each site may differently handle null values. Null value replacement by a value suggested either by statistical or some rule-based methods is quite common before a query is T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 22–30, 2010. © Springer-Verlag Berlin Heidelberg 2010

Query Answering Driven by Collaborating Agents

23

answered by QAS. Ontologies ([5], [6], [11], [12], [13], [1], [2], [14], [4]) are widely used as a part of semantical bridge between agents built independently so they can collaborate and understand each other. In [8], the notion of the optimal rough semantics and a method of its construction was proposed. The rough semantics can be used to model and nicely handle semantic inconsistencies among sites due to different interpretations of incomplete values. As the result of collaborations among agents, a knowledge base of any agent is updated and it contains rules extracted from information systems representing other agents. Although the names of attributes can be the same among information systems, their granularity levels may differ. As the result of these differences, the knowledge base has to satisfy certain properties in order to be used by Chase. Also, the semantic differences between agents may influence the precision and recall of a query answering system. We will show that it is wise to use the knowledge obtained from agents which are semantically close to the client agent when solving a query. This way, the precision and recall is getting improved.

2 Query Processing with Incomplete Data In real life, data are often collected and stored in information systems residing at many different locations, built independently, instead of collecting and storing them at a single location. In this case we talk about distributed (autonomous) information systems or about agents. It is very possible that an attribute is missing in one of these systems and it occurs in many others. Assume now that user submits a query to one of the agents (called a client), which can not answer it because some of the attributes used in a query do not exist in the information system representing the client site. In such case, the client has to ask other agents for definitions of these unknown attributes. All these new definitions are stored in the knowledge base of a client and then used to chase these missing attributes. But, before any chase algorithm, called rule-based chase, can be applied, semantic inconsistencies among sites have to be somehow resolved. For instance, it can be done by taking rough semantics [3], [9] as mentioned earlier. Defnition 1 We say that S(A) = (X; A; V) is an incomplete information system of type λ, if S(A) is an incomplete information system introduced by Pawlak in [7] and the following two conditions hold: , ∑

:1

,

for any

1, and

Now, let us assume that S1(A), S2(A) are incomplete information systems, both of type λ. The same set X of objects is stored in both systems and the same set A of attributes is used to describe them. The meaning and granularity of values of attributes from A in both systems S1 and S2 is also the same. Additionally we assume that:: ,

:1

and

,

:1

.

24

A. Dardzinska

We say that containment relation ψ holds between S1 and S2, if the following two conditions hold:

Instead of saying that containment relation holds between S1 and S2, we can equivalently say that S1 was transformed into S2 by containment mapping ψ. This fact can be presented as a statement or Similarly, we can either say that containment relation ψ holds between

was transformed into and .

by ψ or that

So, if containment mapping ψ converts an information system S1 to S2, then S2 is more complete than S1. Saying another words, for a minimum one pair , or the average , either ψ has to decrease the number of attribute values in difference between confidences assigned to attribute values in has to be increased by ψ. To give an example of a containment mapping ψ, let us take two information systems S1, S2 both of the type λ, represented as Table 1 and Table 2. Table 1. Information System S1 X x1 x2

a 1 , , 3 1 , , 4

2 , 3 3 , 4

b 2 , , 3 1 , , 3

c

1 , 3 2 , 3

x3

,

1 , 2

d

,

,

2 , 3

,

1 2

,

2 , 3

,

1 3

,

1 , 3

,

2 3

1 3

x6 x7

,

1 2

x4 x5

e 1 , , 2

,

1 , 4

,

3 4

,

1 , 3

,

2 3

x8

It can be easily checked that the values assigned to e(x1), b(x2), c(x2), a(x3), e(x4), a(x5), c(x7), and a(x8) in S1 are different than the corresponding values in S2. In each of these eight cases, an attribute value assigned to an object in S2 is less general than the value assigned to the same object in S1. It means that ψ(S1) = S2.

Query Answering Driven by Collaborating Agents

25

From now on, an agent will be denoted by AG(S;K), where S is an incomplete information system of type λ and K is a knowledge base containing rules extracted from information systems of other agents collaborating with AG(S;K). Table 2. Information System S2 X x1 x2

a 1 , , 3 1 , , 4

2 , 3 3 , 4

b 2 , , 3

1 , 3

,

3 , 4

,

1 , 3 1 , , 2 ,

x3 x4 x5

c

d 2 3 1 , 2

,

2 3

1 , 3

,

2 3

,

1 4

x6

,

x7 x8

e 1 , , 3

, ,

2 , 3

,

1 3

1 , 4

,

3 4

3 Query Processing Based on Collaboration and Chase Assume that we have a group G of collaborating agents and user submits a query q(B) to an agent AG(S(A);K) from that group, where S(A) = (X; A; V), K = , B are the attributes used in q(B), and . All attributes in \ are called foreign for AG(S(A);K). Since AG(S(A);K) can collaborate with other agents in G, definitions of foreign attributes for AG(S(A);K) can be extracted from information systems associated with agents in G. In [8], it was shown that agent AG(S(A);K) can answer the query q(B) assuming that definitions of all values of attributes from \ can be extracted at the remote sites for S and used to answer q(B). Foreign attributes for S, can be seen as attributes with only null values assigned to all objects in S. Assume now that we have three collaborating agents: AG(S;K), AG(S1;K1), AG(S2;K2), where S=(X;A;V), S1=(X1;A1;V1), S2=(X2;A2;V2), and K = K1 = K2 = . If the consensus between AG(S;K) and AG(S1;K1) on the knowledge extracted from S(A∩A1) and S1(A∩A1) is closer than the consensus between AG(S;K) and AG(S2;K2) on the knowledge extracted from S(A∩A2) and S2(A∩A2), then AG(S1;K1) is chosen by AG(S;K) as the agent to be asked for help in solving user queries. Rules defining foreign attribute values for S are extracted at S1 and stored in K. Assuming that systems S1, S2 store the same sets of objects and use the same attributes to describe them, system S1 is more complete than system S2, if ψ(S2) = S1. The question remains, if the values predicted by the imputation process are really correct, and if not, how far they are (assuming that some distance measure can be set up) from the correct values which clearly are unknown? Classical approach, to this

26

A. Dardzinska

kind of problems, is to start with a complete information system and remove randomly from it, e.g. 10 percent of its values and next run the imputation algorithm on the resulting system. The next step is to compare the descriptions of objects in the system which is the outcome of the imputation algorithm with descriptions of the same objects in the original system. But, before we can continue any further this discussion, we have to decide on the interpretation of functors “or” and “and”, denoted in this paper by “+” and “*”, correspondingly. We will adopt the semantics of terms proposed in [10] since their semantics preserves distributive property, which means: t1* (t2 + t3) = (t1* t2) + (t1* t3), for any queries t1, t2, t3. So, let us assume that S = (X; A; V ) is an information system of type λ and t is a term constructed in a standard way from values of attributes in V seen as constants and from two functors + and *. By NS(t), we mean the standard interpretation of a term t in S defined as (see [10]): •

,

:

,

, for any

• • ,

where for any

,

,

we have:

• , •

\

,

\

,

, max

,

·

Assume that AG(S;K) is an agent, where S = (X; A; V) and K contains definitions of attribute values in B. Clearly . The null value imputation algorithm Chase, given below, converts information system of type λ to a new more complete information system Chase( ) of the same type. Initially NULL values are assigned to all attributes in B for all objects in . The proposed algorithm is new in comparison to known strategies for chasing NULL values in relational tables because of the assumption about partial incompleteness of data (sets of weighted attribute values can be assigned to an object as its value). Algorithm ERID [3]) is used by Chase algorithm to extract rules from this type of data. Algorithm Chase converts the incomplete information system to a new information system of type λ which is more complete. Now, let us assume that agent AG(S;K) represents the client site, where S is a partially incomplete information system of type λ. When a query q(B) is submitted to AG(S(X;A;V);K), its query answering system QAS will replace S by Chase(S) and next will solve the query using, for instance, the strategy proposed in [10]. Clearly, we can argue why the resulting information system obtained by Chase can not be stored aside and reused when a new query is submitted to AG(S;K)? If AG(S;K) does not have many updates, we can do that by keeping a copy of Chase(S) and next reuse that copy when a new query is submitted to AG(S;K). System Chase(S), if stored aside, can not be reused by QAS when the number of updates in the original S and/or K exceeds a given threshold value.

Query Answering Driven by Collaborating Agents

27

4 In Search for the Best Agent Assume again that agent AG(S;K) represents the client site. As we already pointed out, the knowledge base K, contains rules extracted from information systems representing other agents. Our goal is to find optimal i-agent AG(Si;K) for client AG(S;K), where by optimal we mean an agent of maximal precision and recall. The distance between two agents is calculated using the formula: ∑ ∑ sup

,

∑ ∑

·

·

where sup · max sup

sup · max sup

,1

,1

From all the agents we have, we choose the agent with the minimal value of , which corresponds to the closest agent to the client. The definition of d discovered at the closest agent to the client and stored in KB of the client will guarantee that Query Answering System connected with the client has maximal precision and recall in group of agents having d. Example Let us assume we have three information systems S, S1, S2, as represented as Table3, Table4 and Table5. Information system S has no information about attribute d, which appears in other systems such as S1 and S2. Our goal is to choose one of the system (the Agent AG(S,K)), from which we will be able to predict values of d in system S. Table 3. Information System S Z z1 z2 z3 z4 z5 z6

a 1 1 2 0 2 0

b 2 1 1 2 2 3

c L H H H L L

d

Table 4. Information System S1 X x1 x2 x3 x4 x5 x6 x7

a 0 0 1 1 0 1 2

b 1 2 3 1 2 3 1

c H L L H L L H

d 3 3 3 3 1 1 3

e + + + + -

28

A. Dardzinska Table 5. Information System S2 Y y1 y2 y3 y4 y5 y6

a 1 1 0 0 2 2

b 1 1 2 3 2 3

c H H L L L H

d 1 3 1 3 1 3

Because attributes a, b, c are common in all of the systems, first we extract rules describing them. For each rule we calculate support and confidence in a standard way. For system S1 we have: 1 , sup 1, 3 1 , sup 1, 3 1 , sup 1, 3 , sup 2, 1 , sup 2, 1 1 , sup 1, 3 1 , sup 1, 3 1 , sup 1, 3 1 , sup 1, 3 ... , sup 1, 1 , sup 2, 1 ... For system S2 we have: , sup 2, 1 , sup 2, 1 1 , sup 1, 2 1 , sup 1, 2 1 , sup 1, 2 1 , sup 1, 2 2 , sup 2, 3 1 , sup 1, 3

Query Answering Driven by Collaborating Agents

, sup

2,

, sup

1,

29

2 3 1 3 1 2

, sup 1, ... , sup 1, , sup 1, ...

1 1

We do the same for system S. The distance between S and S1 is calculated:

. .

.

. .

0.83

0.85 and the distance between S and S2: . Because the distance between S and S1 is smaller than between S and S2, we choose S1 as the better agent for contact with S. Next, the chosen- closest agent S1 contacts with information system S, to improve it, using the containment relation described earlier.

5 Conclusion We proposed the method of finding and identifying the closest agent (from semantical point of view) to the given client. Tests are very promising. To improve our strategy, we can look for additional hidden slots taking into consideration. We can chose this attribute randomly, but also we can identify which attribute the highest support. Acknowledgments. This paper is sponsored by W/WM/11/09.

References 1. Benjamins, V.R., Fensel, D., Prez, A.G.: Knowledge management through ontologies. In: Proceedings of the 2nd International Conference on Practical Aspects of Knowledge Management (PAKM 1998), Basel, Switzerland (1998) 2. Chandrasekaran, B., Josephson, J.R., Benjamins, V.R.: The ontology of tasks and methods. In: Proceedings of the 11th Workshop on Knowledge Acquisition, Modeling and Management, Banff, Alberta, Canada (1998) 3. Dardzinska, A., Ras, Z.W.: On Rules Discovery from Incomplete Information Systems. In: Lin, T.Y., Hu, X., Ohsuga, S., Liau, C. (eds.) Proceedings of ICDM 2003 Workshop on Foundations and New Directions of Data Mining, Melbourne, Florida, pp. 31–35. IEEE Computer Society, Los Alamitos (2003) 4. Fensel, D.: Ontologies: a silver bullet for knowledge management and electronic commerce. Springer, Heidelberg (1998) 5. Guarino, N. (ed.): Formal Ontology in Information Systems. IOS Press, Amsterdam (1998) 6. Guarino, N., Giaretta, P.: Ontologies and knowledge bases, towards a terminological clarification. In: Towards Very Large Knowledge Bases: Knowledge Building and Knowledge Sharing. IOS Press, Amsterdam (1995)

30

A. Dardzinska

7. Pawlak, Z.: Information systems - theoretical foundations. Information Systems Journal 6, 205–218 (1981-1991) 8. Ras, Z.W., Dardzinska, A.: Ontology Based Distributed Autonomous Knowledge Systems. Information Systems International Journal 29(1), 47–58 (2004) 9. Ras, Z.W., Dardzinska, A.: Solving Failing Queries through Cooperation and Collaboration. World Wide Web Journal 9(2), 173–186 (2006) 10. Ras, Z.W., Joshi, S.: Query approximate answering system for an incomplete DKBS. Fundamenta Informaticae Journal 30(3/4), 313–324 (1997) 11. Sowa, J.F.: Ontology, metadata, and semiotics. In: Ganter, B., Mineau, G.W. (eds.) ICCS 2000. LNCS (LNAI), vol. 1867, pp. 55–81. Springer, Heidelberg (2000) 12. Sowa, J.F.: Knowledge Representation: Logical, Philosophical, and Computational Foundations. Brooks/Cole Publishing Co., Pacific Grove (2000b) 13. Sowa, J.F.: Ontological categories. In: Albertazzi, L. (ed.) Shapes of Forms: From Gestalt Psychology and Phenomenology to Ontology and Mathematics, pp. 307–340. Kluwer Academic Publishers, Dordrecht (1999a) 14. Van Heijst, G., Schreiber, A., Wielinga, B.: Using explicit ontologies in KBS development. International Journal of Human and Computer Studies 46(2/3), 183–292 (1997)

Attribute-Based Access Control for Layered Grid Resources* Bo Lang, Hangyu Li, and Wenting Ni State Key Lab of Software Development Environment, Beihang University, Beijing 100191, China [email protected], [email protected], [email protected]

Abstract. Attribute-Based Access Control (ABAC) is a fine-grained and flexible authorization method. In this paper, considering the layered structure of Grid resources, an ABAC model named Grid_ABAC is presented, and the implementation architecture of Grid_ABAC basing on XACML is proposed. The paper also describes the method for integrating Grid_ABAC seamlessly into the authorization framework of the Globus Tloolkit. The test result shows that Grid_ABAC is efficient and provides a more flexible and open access control method for grid computing. Keywords: Attribute based access control, Grid computing, Globus, XACML, SAML.

1 Introduction Grid systems are virtual organizations whose users and resources are dynamically changeable [1]. Traditional access control models, such as DAC, RBAC, are basing on static user information and are not very suitable for this kind of systems. Attributed-Based Access Control (ABAC) which makes decisions relying on attributes of requestors, resources, environment and actions is fine-grained and scalable, and is regarded as a promising access control method for grid computing. EXtensible Access Control Markup Language (XACML) is an OASIS standard [2]. It is a policy description language of ABAC and also provides an authorization framework. Several ABAC systems such as Gridship[3] have been used in grid computing at present, and the research of XACML-based ABAC system is attracting more and more attentions[4][5]. In this paper, we present a model named Grid_ABAC based on the layered structure of Grid resources and existing ABAC models [6][7]. We also proposed implementation architecture of Grid_ABAC based on XACML, and finally integrated the Grid_ABAC system with GT4(Globus Tloolkit 4.0.5). *

The work was supported by the Hi-Tech Research and Development Program of China under Grant No.2007AA010301, the Foundation of the State Key Laboratory of Software Development Environment under Grant No.SKLSDE-2009ZX-06, and the National Important Research Plan of Infrastructure Software under Grant No.2010ZX01042-002-001-00.

T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 31–40, 2010. © Springer-Verlag Berlin Heidelberg 2010

32

B. Lang, H. Li, and W. Ni

The paper is organized as follows. Section 2 analyses the features of Grid_ABAC and gives its definition. Section 3 introduces the implementation mechanism of Grid_ABAC. Section 4 describes how to integrate the model with GT4. Section 5 gives efficiency tests of Grid_ABAC authorization in GT4. Section 6 summarizes our work.

2 The Grid_ABAC Model 2.1 The Layered Resource and Policy Structure in Grid Resources in Gird are usually constructed as a tree for management, as shown in Fig1. The resource is identified and located by a URL which is composed of the path from the root of the tree to the resource node.

Fig. 1. The structure of resources and policies in Grid

Each resource in the tree has a specific policy. Policies of resources in upper layer should be applied to the resources in lower layer. This relation is similar to the relation between parent class and subclass in object oriented programming. Subclasses not only inherit the properties of their parents but can also define their own properties. Therefore, the policy of a resource node is a policy set which contains the policies of its parent nodes and its own, and the access control decision is made by combining the decision results of all the policies. In Fig 1, each resource Rn owns its specific policy Pn. The policy set of Rn includes the policy Pn owned by Rn and the policies owned by its ancestral nodes. For example, the policy set of resource R2.2.2 is {P2.2.2,P2.2,P2}. The decision of a request to R2.2.2 would be make by evaluating all the policies in {P2.2.2,P2.2,P2}.

Attribute-Based Access Control for Layered Grid Resources

33

2.2 The Definition of Grid_ABAC We propose an attribute based access control model for the layered grid resources. The definition of Grid_ABAC has the following parts: (1) Attribute Type (AT): An attribute type is composed of a unique identifier, the name and the data type of the attribute. Each AT must be related to one kind of entity, such as subject, resource and environment. (2) Basic Attribute Set, there are four types of Attribute Set: z Subject Attribute Set Attr(sub)={SubjectAttri|i [0,n]} z Resource Attribute Set Attr(res)={ ResourceAttri|i [0,n]} z Action Attribute Set Attr(act)={ActionAttri|i [0,n]} z Environment Attribute Set Attr(env)={EnviromentAttri|i [0,n]} (3) The Xth Grid resource in layer ln, which is denoted by Rl1l2…ln.X. (4) Specific policy for a resource Rl1l2…ln.X denoted by Grid_P_Rl1l2…ln.X Grid_P_Rl1l2…ln.X is the specific policy owned by Rl1l2…ln.X and indicates the special security requirement of this resource. Grid_P_Rl1l2…ln.X is defined as a 4-tuple: Grid_P_Rl1l2…ln.X(S, R, A, E), where S, R, A, E represent Subject, Resource, Action, Environment respectively. (5) Policy set of a resource Rl1l2…ln.X denoted by Grid_PolicySet_Rl1l2…ln.X: The policy set owned by Rl1l2…ln.X includes its specific policy Grid_P_Rl1l2…ln.X and the specific policies owned by the upper layer nodes, i.e. Grid_P_Rl1, , Grid_P_Rl1l2…ln. Each policy set has a combining algorithm for making a final decision basing on the decision resultsof the policies in the policy set. (6) Grid_ABAC policy evaluation Grid_ABAC_authz_Rl1l2…ln(Attr (sub), Attr (res), Attr (act), Attr (env)) is the evaluation function of a policy set. It evaluates each policy and makes a decision on these evaluation results using a combination algorithm combine_alg:

∈ ∈ ∈

∈

：

……

Grid_ABAC_authz_Rl1l2…ln.X (Attr(sub),Attr(res),Attr(act),Attr(env) ) =combine_alg(abac_authz_pl1 (Attr (sub), Attr (res), Attr (act), Attr (env)),abac_authz_pl1l2 (Attr (sub), Attr (res), Attr (act), Attr (env)) …… abac_authz_pl1l2…ln.X (Attr (sub), Attr (res), Attr (act),Attr (env))

PERMIT = DENY

3 The Implementation Framework of Grid_ABAC XACML defines a common access control description language and a policy framework used to standardize request/response decision flow [2]. This paper proposes an implementation framework of Grid_ABAC in Grid platform based on

34

B. Lang, H. Li, and W. Ni

XACML as shown in Fig2. The framework is divided into the requestor domain and the server domain. The requestor domain contains the requestor and the SAML( Security Assertion Markup Language) attribute authority. The Grid_ABAC decision mechanism is in the server domain, which is made up of the ABAC decision function and the attribute administration module. When the requestor sends a request to the server, the request is intercepted by the authorization engine and is sent to the ABAC decision function, which makes authorization evaluation using the attributes of the requestor obtained from the attribute administration module. Finally, the ABAC decision function returns the authorization decision to the authorization engine where the decision is enforced.

Fig. 2. Grid_ABAC implementation framework

3.1 The ABAC Decision Function ABAC decision function is the core of the implementation mechanism of Grid_ABAC. It is consisted of the ABAC Policy Decision Point ABACPDP, the ABAC Policy Administration Point ABACPAP, and the ABAC Policy Information Point ABACPIP. The main function of ABACPDP is to make decision according to the policies. ABACPAP is used to find policies from policy database in the local grid service, and ABACPIP is responsible for finding attribute values of the requestor needed during policy evaluation. 3.2 Attribute Administration Attribute administration is designed to manage and find attributes for ABAC decision function. Most of the attributes of the requestor are declared in an Attribute Certificate (Attribute Cert.) released by the attribute authority of the requestor

Attribute-Based Access Control for Layered Grid Resources

35

domain. Considering the changeability of the attributes, we provide another real time method for getting the attributes dynamically from the attribute authority of the requestor domain by using SAML. The attribute requests and responses are constructed in SAML assertions to guarantee secure message transmission. As shown in Fig2, attribute administration is composed of the attribute certificate management function and the attribute procurement function. The attribute certification management is responsible for managing and maintaining the attribute certificates of users, therefore ABACPDP needs not to connect to the remote attribute authority each time when it wants to get the attributes of a requestor. Attribute certificate management has two services, that is, the attribute certificate download service and the attribute certificate submission service. The users can submit their attribute certificate to the attribute certificate management module before sending the first request. The certificate download service will be called by the attribute procurement function to get attributes. The attribute procurement function provides interfaces for ABACPIP to get attributes by using attribute certificates or SAML remote connections.

4 Integrating Grid_ABAC with GT4 4.1 The GT4 Authorization Framework and Its Extension GT4 [8] uses WSRF framework and implements stateful Web Services. In GT4 authorization framework, shown in Fig3, authorization engine fills the role of PEP in XACML. It is responsible for intercepting user’s request and carrying out access control decisions. MasterPDP is a special component of the Globus authorization framework. As the topmost PDP of common PDPs and PIPs in GT4, MasterPDP manages all the PDPs and PIPs. By using the authorization configuration file, MasterPDP can support multiple policies. The authorization configuration file points out which kinds of PDP or PIP would be used, and MasterPDP instantiates these PDP or PIP to implement attributes collection or authorization evaluation. Finally, MasterPDP combines all the authorization results returned by each PDP according to the combining algorithm configured in the authorization configuration file and returns the authorization result to the authorization engine. GT4 authorization framework provides two interfaces for authorization extension, including PIP and PDP extensions. The new authorization policy can be integrated into GT4 by implementing these interfaces. On the base of analyzing the structure of the GT4 authorization framework, we put forward two methods for integrating Grid_ABAC with GT4. One is the built-in ABAC authorization which can rapidly response to ABAC authorization request. The other is delegating the ABAC authorization function to a remote authorization service by sending a SAML authorization request, which reduces the load of the local grid service and needs less modification to the authorization framework than the built-in manner; however the message transmission and processing delay will decrease the authorization efficiency. The extended GT4 authorization framework is shown in Fig.3.

36

B. Lang, H. Li, and W. Ni

Fig. 3. Grid_ABAC-extended Authorization Framework of GT4

As shown in Fig3, ABACMasterPDP is the built-in ABAC authorization, which implements the PDP interface in GT4. ABACMasterPDP connects the built-in ABACPDP and the MasterPDP of the GT4 authorization framework. It accepts user’s request from MasterPDP, packages and sends information needed such as resource attributes to the built-in ABACPDP and finally returns authorization decisions to MasterPDP. The implementation of the remote ABAC authorization service relies on a built-in PDP in GT4 named SamlCalloutPDP. SamlCalloutPDP creates and sends SAML request to the remote ABAC authorization service, and then gets SAML authorization response which contains the authorization result from the remote service. 4.2 The Built-in Grid_ABAC in GT4 On receiving an authorization request from the authorization engine, MasterPDP creates an ABACMasterPDP instance. Then ABACMasterPDP collects attributes and sends them to ABACPDP. ABACPAP finds policy for ABACPDP basing on the URI of the requested resource. In the process of evaluation, ABACPIP firstly finds attributes from attribute certificate. If the attribute cannot be found in any attribute certificate, ABACPIP would get it from the remote attribute authority by calling SAML attribute procurement interface. When the authorization evaluation completes, the result would be returned to the authorization engine of GT4.

Attribute-Based Access Control for Layered Grid Resources

37

Resources in GT4 conform to the WSRF standard. The security policy of resources is constructed by using the Grid_ABAC policy structure introduced in section 2.1. The URI structure of resources is Protocol:// IP address/wsrf standard/services / ****. This URI indicates the resource is WSRF standardized and its catalog is /wsrf/services/****. Based on this structure, the resource layer begins from directory “wsrf”. Policies in “wsrf” layer should be applied to all the resources below “wsrf” layer, and the policy in the last part of the URI can only be used by the specific resources in this layer. ABACPAP finds policy according to the URI of the resource. 4.3 SAML Callout Grid_ABAC SAML callout Grid_ABAC is an independent authorization service which can act as an authorization gateway used by all the grid services in the domain. As shown in Fig3, Authorization Engine calls Grid_ABAC authorization service through SamlCalloutPDP which implements the PDP Interface. As a built-in PDP, SamlCalloutPDP is created by MasterPDP of GT4, and it can send SAML authorization request to remote Grid_ABAC authorization service. A SAML authorization request includes the requested service URI and the identifier of the attribute certificate of the requestor. Grid_ABAC authorization service parses the SAML authorization request and carries out authorization evaluation using the information of the request and the policies. Authorization decision is returned in a SAML authorization assertion to the SamlCalloutPDP, where the decision will be extracted from the assertion and forwarded to the MasterPDP.

5 Testing and Efficiency Analysis In our testing example, we build a grid service named the “SecureCounterServices” and deploy our Grid_ABAC mechanisms in the authorization framework of this service. The policy for this resource is “Only professor from Beihang University can access this resource.” The main part of the policy in XACML is as follows: Beihang …… <SubjectMatch MatchId=”…:function:string-equal”> professor …… wsrf/services/SecureCounterService

38

B. Lang, H. Li, and W. Ni

The test result shows that the authorization can return expected decisions. Fig.4 shows the authorization process information and attributes procurement information on server. Two attributes of the user, that is, “Beihang” and “professor” which are expected in the policy all can be found, so the authorization result is “Permit”.

Two attributes found

Authorization Result

Fig. 4. ABAC Authorization Process

We also do efficiency test in this example. We record the time duration from the point when ABACMaseterPDP is created to the point when the authorization result is retuned. Tests are divided into three groups. Each group changes an influence factor. The three factors are policy complexity, the length of the attribute certificate and the number of SAML attribute procurements. The hardware and software environment is as follows: CPU: Intel Pentium4 2.66G Memory: 512MB Operation System: Linux FedoraCore5 Grid platform: GlobusTloolkit4.0.5 The test results are shown in Table1, Table 2, and Table 3.The data used in the test is chosen according to the possible situation in practice. As shown in the tables, because of network delay, SAML remote attribute procurement has the longest running time. In the real application, the number of attribute needed in a policy is less than twenty. Most of them can be found in the attribute certificate, therefore the SAML remote attribute procurement may be rarely invoked. As shown in Table3, invoking SAML

Attribute-Based Access Control for Layered Grid Resources

39

Table 1. Evaluation tests with different policies complexity Number of rules in Policy

Evaluation time cost(ms)

10 50 100 500

163 166 172 190

Table 2. Evaluation tests with different attribute certification complexity Number of attributes in the attribute certification

Evaluation time cost(ms)

10 50 100 500

206 249 291 373

Table 3. Evaluation tests with different SAML attribute procurement invocations Number of invocations

Evaluation time cost(ms)

1 10 20 30

294 403 530 656

remote attribute procurement 30 times costs 656ms, which means that the time cost of Grid_ABAC keeps within millisecond even in the worst situation. The running results also show that the time cost doesn’t increase sharply with the increase of the complexity of policies and attribute certificates.

6 Conclusions Basing on the current ABAC model and the layered resource management structure in grid system, we put forward a Grid_ABAC model and also present its XACML-based implementation structure. We analyzes the authorization framework of GT4 platform, provides two methods for integrating Grid_ABAC with the GT4 authorization framework. Compared with the original built-in authorization policy in GT4, Grid_ABAC is more flexible and can support fine-grained authorization.

References 1. 2.

Foster, I., Kesselman, C., Tuecke, S.: The Anatomy of the Grid: Enabling Scalable Virtual Organizations. International J. Supercomputer Applications 15(3), 200–222 (2001) OASIS: eXtensible Access Control Markup Language (XACML) Version 2.0. (2003), http://www.oasis-open.org/committees/xacml

40 3.

4.

5. 6.

7.

8.

B. Lang, H. Li, and W. Ni Barton, T., Basney, J., Freeman, T., Scavo, T., Siebenlist, F., Welch, V., Ananthakrishnan, R., Baker, B., Goode, M.: Keahey. K.: Identity Federation and Attribute-based Authorization through the Globus Toolkit, Shibboleth, Gridshib, and MyProxy. In: 5th Annual PKI R&D Workshop (2006) Demchenko, Y., Gommans, L., de Laat, C.: Using SAML and XACML for complex resource provisioning in grid based applications. In: IEEE Workshop on Policies for Distributed Systems and Networks 2007, Bologna, Italy, pp. 183–187 (2007) Shen, H.: A Semantic- and Attribute-Based Framework for Web Services Access Control. In: 2nd International Workshop on Intelligent Systems and Applications, ISA 2010 (2010) Yuan, E., Tong, J.: Attribute based access control (ABAC) for Web services. In: The 3rd International Conference on Web Services, pp. 561–569. IEEE Computer Society, Orlando (2005) Lang, B., Foster, I., Siebenlist, F., Ananthakrishnan, R., Freeman, T.: A Flexible Attribute Based Access Control Method for Grid Computing. Journal of Grid Computing 7, 169– 180 (2009) GT 4.0: Security: Authorization Framework (2004), http://www.globus.org/toolkit/docs/4.0/security/authzframe

A Local Graph Clustering Algorithm for Discovering Subgoals in Reinforcement Learning Negin Entezari, Mohammad Ebrahim Shiri, and Parham Moradi Department of Computer Science Amirkabir University of Technology Tehran, Iran {negin.entezari,shiri,pmoradi}@aut.ac.ir

Abstract. Reinforcement Learning studies the problem of learning through interaction with the unknown environment. Learning efficiently in large scale problems and complex tasks demands a decomposition of the original complex task to simple and smaller subtasks. In this paper a local graph clustering algorithm is represented for discovering subgoals. The main advantage of the proposed algorithm is that only the local information of the graph is considered to cluster the agent state space. Subgoals discovered by the algorithm are then used to generate skills. Experimental results show that the proposed subgoal discovery algorithm has a dramatic effect on the learning performance. Keywords: Hierarchical Reinforcement Learning, Option, Skill Acquisition, Subgoal Discovery, Graph Clustering.

1 Introduction Reinforcement Learning (RL) [1] is an approach that studies the problem faced by an intelligent agent that must learn behavior through interactions with an unknown environment. In each step of interaction, the agent selects an action that causes a change in the state of the environment and then receives a scalar reinforcement signal called reward. The agent’s objective is to learn a policy that maximizes the longterm reward. Large state space and lack of immediate reward are crucial problems in the area of reinforcement learning. Two approaches which have been proposed to tackle these problems are function approximation [2] and task decomposition [3-6]. The main idea of Hierarchical Reinforcement Learning (HRL) methods is decomposition of the learning task into simple and smaller subtasks that increase the agent’s learning performance. One common way to decompose the complex task to the set of simple subtasks is identifying important states known as subgoals and then learn sub-policies to reach these subgoals [7-14]. These sub-policies are called temporally extended actions or skills or macro actions. A macro-action or a temporally extended action is a sequence of actions chosen from the primitive actions. A suitable set of skills can accelerate learning. It is desirable to devise methods by which an agent is T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 41–50, 2010. © Springer-Verlag Berlin Heidelberg 2010

42

N. Entezari, M.E. Shiri, and P. Moradi

automatically able to discover skills and construct high-level hierarchies of reusable skills [8-19]. There are a variety of approaches to discover subgoals automatically. Some approaches introduce highly visited states as subgoals [7-9]. Another group of approaches are graph based methods that introduce the border states between densely connected regions as subgoals [10-13]. In these approaches, the agent’ transition history is mapped to a graph and each observed state is considered as a node in the graph and each transition between states is mapped to an edge in the graph. Graph nodes indicate the state space and the edges represent the state transitions. Menache et al. [10] discovered bottleneck states by performing Max-Flow/Min-Cut algorithm on the transition graph. In [12], the N-Cut algorithm is utilized to find landmark states of the local transition graph. In addition, recently researchers have shown interest in graph centrality measures to identify important states. To this aim Şimşek and Barto in [9] utilized betweenness centrality. In this paper we present a local graph clustering algorithm to provide an appropriate partitioning of the input graph. The main characteristic of our clustering algorithm is that it only uses local information of the graph. Other methods proposed earlier, use global information of graph and they are inapplicable for large graphs. Şimşek et al. in [12] addressed this problem by considering a local scope of the transition graph. They perform the Normolized-cut algorithm on the local transition graph which requires setting many parameters for different domains, while our local graph clustering algorithm is suitable for large graphs without setting any adjustable parameters. The rest of the paper is organized as follows. The reinforcement learning and it’s extension to use macro-actions is described in section 2. In section 3, the proposed method is described. The benchmark tasks, simulation and results are described in section 4, and section 5 contains the final discussion and the concluding remarks

2 Reinforcement Learning with Option In RL, the environment is usually formulated as a finite-state Markov Decision Process (MDP). Due to the Markov property of the environment, the probability distribution of new state and reward after executing an action depends only on the previous state and action, not on the entire history of states. An MDP consists of a set of states S , a set of actions A , a reward function R ( s, a ) , and a transition function P ( s ′ | s, a) . In each step of interaction, in each state s ∈ S , the agent chooses an action a ∈ A . The value of this state transition is communicated to the agent through a scalar reinforcement signal called reward, R ( s, a ) and with the probability of P ( s ′ | s, a) , the agent observes a new state s′ ∈ S . Theagent’s task is to optimize the

action choices in such away that it maximizes the expected discounted return: ∞

R t = ∑ γ k rt + k +1 , k =0

(1)

A Local Graph Clustering Algorithm

43

where γ is the discount rate, 0 ≤ γ ≤ 1 . Q-Learning is the most commonly used algorithm in RL. Macro Q-Learning is the hierarchical form of Q-Learning including options. To represent skills, we use option framework [4]. Options are a generalization of primitive actions including temporally extended courses of actions. Even if adding options to primitive actions offers more choices to the agent and makes decision making more complicated, the decomposition of the original task provided by options can simplify the task and facilitate learning. An option is a tuple < I , π , β > , where I ⊆ S is an initiation set consisting of all the states in which the option can be initiated. π : S × O → [0,1] , is an option policy where O is the set of all possible options and β : S → [0,1] is a termination condition that is the probability of terminating an option in each state. Macro Q-Learning updates the value of one-step options (primitive actions) and multi-step options. The update rule is: Q (s , o ) → Q (s , o ) + α ⎡ r + γ k max Q (s ′, o ′) − Q (s , o ) ⎤ , ⎢⎣ ⎥⎦ o ′∈O s ′

(2)

where k is the number of time steps that the option o is executing, and r is the k

cumulative discounted reward over this time, r = ∑ γ i rt + i +1 . i =0

3 Proposed Method In this paper we utilize a local graph clustering algorithm to indicate strongly connected components of the agent’s transition graph and consider the border states of highly intra-connected regions as subgoals. A local graph clustering algorithm only uses local information to generate a clustering of the input graph. Local clustering algorithms address the complexity drawbacks of global clustering algorithms and are suitable for clustering large graphs. Given a graph G = (V , E ) where V is the set of vertices and E is the set of edges, the main goal of the clustering algorithm is finding a set of clusters X i ( i ∈1,...,k ) which maximizes the intra-cluster connectivity and

minimizes the inter-cluster connectivity. To this aim the ratio R( X ) is defined according to definition 1. The outline of the proposed algorithm is shown in Fig. 1. Definition 1. If X ⊆ V , the ratio R(X) is defined as follows:

R( X ) =

∑

i∈ X , j∈b ( X )

∑

aij

i∈n ( X ), j∈b ( X )

aij

(3)

where b( X ) is the border nodes of X , n( X ) indicates the neighbors of border nodes that are not a member of X and aij denotes the proper element of the adjacency matrix of G , that is:

44

N. Entezari, M.E. Shiri, and P. Moradi

⎧1, if i and j are connected through an edge , aij = ⎨ ⎩ 0, if not .

(4)

Neighbors that maximize the ratio R ( X ) will be added to X while there are no more such neighbors. Definition 2. The set of candidate nodes C ( X ) is defined as follows:

C ( X ) := arg max R (X + v ) v ∈n ( X )

(5)

Definition 3. the set of final candidate nodes that can be added to X is defined as follows:

C f ( X ) := arg max

u ∈C ( X )

∑a

uv

v ∈n ( X )

(6)

Local graph clustering algorithm foreach v ∈ V do X := {v} ; while | n( X ) |> 0 do C ( X ) := arg max R (X + v ) ; v ∈n ( X )

C f ( X ) := arg max u∈C ( X )

∑

v∈n ( X )

auv ;

if R ( X U C f ( X )) ≥ R ( X ) then X := X U C f ( X ) ; else break; end end merge overlapping clusters; Fig. 1. The outline of the proposed local graph clustering algorithm

Nodes to be added to X are selected in two steps: 1. Define candidate nodes C (X ) that can be added to X according to definition 2. 2. To ensure that the intra-cluster connectivity is maximized in the future, according to definition 3, nodes of C (X ) that have maximum connectivity with neighbor nodes form final candidates. All members of C f ( X

)

are then added to X if the following condition is

satisfied:

R (X +Cf (X

) ) ≥ R (X )

(7)

A Local Graph Clustering Algorithm

45

Fig. 2 shows different steps of the algorithm on a sample graph. The original graph is represented in Fig. 2(a).

(a) The original graph

(b) Maximal cluster for node 1

(c) Soft clustering of the original graph

(d) Result of merging overlapping clusters

Fig. 2. Different steps of the proposed graph clustering algorithm on a sample graph

Initially, each graph node v ∈ V (v = 1,...,12) is considered as a cluster and in this sample graph there are 12 clusters in the beginning. For each node v , all neighbors of v are examined and candidates nodes are then selected according to (6) and are then inserted to X . Repeatedly neighbors of new set X are searched for candidates until the maximal set X is achieved. Let v = 1 , initially we have X = {1} . In this step, neighbors of X are nodes 2 and 3. According to equation (3), R( X + 2) = 1 and R( X + 3) = 2 , so node 2 is the only candidate node and will be inserted in 3 X = {1} . It can be seen that X = {1, 2} is a maximal set for v = 1 and adding nodes 3 or 4 to X will decrease the ratio R( X ) . Fig. 2(b) shows tha maximal set X for node 1. These steps are repeated for all other nodes of V . As can be seen in Fig. 2(c), The result of this step is a soft clustering of the given graph. Overlapping clusters in Fig. 2(c) are then merged into one cluster. The final non-overlapping clusters as shown in Fig. 2(d), are our desirable clusters. Finally Border nodes of clusters are identified as subgoals. In our example, nodes 4 and 9 are the border nodes of clusters. Fig. 3 also shows the result of clustering on the transition graph of a four-room gridworld.

46

N. Entezari, M.E. Shiri, and P. Moradi

Fig. 3. Result of clustering the transition graph of a four-room gridworld. Black nodes are border nodes of clusters.

4 Experimental Results We experimented with the proposed algorithm in two domains: a four-room gridworld and a soccer simulation test bed. In our experimental analysis, the agent used an ε greedy policy, where the ε was set to 0.1. The learning rate α and discount rate γ were set to 0.1 and 0.9 respectively. The generated options terminated with probability one at corresponding subgoal states indicated by the algorithm. The options also terminated with the same probability at the goal state and outside the initiation set; at all other states they terminated with probability zero. 4.1 Four-Room Gridworld

The four-room gridworld [4] is shown in Fig. 4(a). From any state the agent is able to perform four actions, up, down, left and write. There is a reward of -1 for each action and a reward of 1000 for actions directing the agent to the goal state. We performed 100 randomly selected episodic tasks (random start and goal states) and each task consists of 80 episodes. 4.2 Soccer Simulation Test Bed

Soccer domain shown in Fig 4(b) is a 6 × 9 grid. At each episode the ball is randomly located at one of two positions B1 and B 2 . Two agents try to find and own the ball and score a goal. To score a goal, each player owning the ball must reach to the opponent goal (represented with red line in the Fig. 4(b)). Each agent has five primitive actions: North, East, South, West and Hold. The hold action does not change the position of agent. Agents receive a reward of -1 for each action and a reward of +100 for action causing the agent find and own the ball. Action that leads scoring a goal gives the reward of +1000 to the agent. If the agent owing the ball is going to enter the other

A Local Graph Clustering Algorithm

47

agent’s location, the ball owner will change and agents stay in their locations. If the agent is going to enter the same location as other agent owing the ball, with probability 0.8, owner of the ball does not change and agents stay in their location.

(a)

(b)

Fig. 4. (a) Four-room gridworld (b) Soccer simulation test bed

4.3 Results

The transition graph of each domain was clustered by the proposed clustering algorithm and the border states of clusters were identified as subgoals. In the four-room gridworld, as illustrated in Fig. 4(a), cells labeled with 1,2,…,8 are identified as subgoals by our clustering algorithm.

Fig. 5. Comparison of Q-Learning and Q-Learning with options generated based on the subgoals extracted by the proposed algorithm in a four-room gridworld. Average number of steps to reach the goal is shown.

48

N. Entezari, M.E. Shiri, and P. Moradi

Fig. 5 shows the average steps to reach the goal. Compared to the Q-Learning with only primitive actions, the skills improved performance remarkably. In addition, as can be seen in Fig. 6, average reward obtained by the learning agent is significantly increased.

Fig. 6. Average reward obtained by the agent, comparing Q-Learning with primitive actions and with skills

The same experiments were implemented in soccer simulation domain and similar results were achieved. Fig. 7 compares the number of goals scored by the agent while learning with primitive actions with the case of learning with additional generated options. As expected, options speed up the learning process and as a result the agent is able to score a larger number of goals.

Fig. 7. The number of goals scored by the agent. Comparing Q-Learning with Q-Learning with options generated based on the subgoals extracted by the proposed algorithm in soccer simulation test bed.

A Local Graph Clustering Algorithm

49

5 Conclusion This paper presents a graph theoretic method for discovering subgoals by clustering the transition graph. The proposed algorithm is a local clustering algorithm that solely uses local information to generate an appropriate clustering of the input graph. Global clustering algorithms have time complexity O(N3), where N is the total number of visited states. The L-Cut algorithm [12] which is a local graph partitioning method is of complexity O(h3), with h as the number of states in local scope of the transition graph. One drawback of the L-cut algorithm is that the local cut may not be a global cut of the entire transition graph. Another disadvantage of the L-Cut algorithm is that it demands setting a lot of parameters. The proposed algorithm uses the local information to generate a global clustering of the transition graph and comparing to global graph clustering algorithms has less time complexity. In addition, no parameter setting is needed in the algorithm. Our Experiments in two benchmark environments show that discovering subgoals and including policies to achieve these subgoals in the action set can significantly accelerate learning in other, related tasks.

References 1. Kaelbling, L.P., Littman, M.L.: Reinforcement Learning: A Survey. J. Artificial Intelligence Research 4 (1996) 2. Bertsekas, D.B., Tsitsiklis, J.N.: Neuro-dynamic programming. Athena Scientific (1995) 3. Parr, R., Russell, S.: Reinforcement learning with hierarchies of machines. In: Proc. the 1997 Conference on Advances in Neural Information Processing Systems, Cambridge, MA, USA, pp. 1043–1049 (1997) 4. Sutton, R., Precup, D., Singh, S.: Between MDPs and semi-MDPs: a framework for temporal abstraction in reinforcement learning. J. Artificial Intelligence 112, 181–211 (1999) 5. Dietterich, T.G.: Hierarchical reinforcement learning with the MAXQ value function decomposition. J. Artificial Intelligence 13, 227–303 (2000) 6. Barto, A.G., Mahadevan, S.: Recent Advances in Hierarchical Reinforcement Learning. Discrete Event Dynamic Systems 13, 341–379 (2003) 7. Şimşek, Ö., Barto, A.G.: Learning Skills in Reinforcement Learning Using Relative Novelty, pp. 367–374 (2005) 8. Digney, B.L.: Learning hierarchical control structures for multiple tasks and changing environments. In: Proc. the Fifth International Conference on Simulation of Adaptive Behavior on From Animals to Animals 5, Univ. of Zurich, Zurich, Switzerland (1998) 9. McGovern, A., Barto, A.G.: Automatic Discovery of Subgoals in Reinforcement Learning using Diverse Density. In: Proc. the Eighteenth International Conference on Machine Learning, pp. 361–368 (2001) 10. Menache, I., Manno, S., Shimkin, N.: Q-Cut - Dynamic Discovery of Sub-goals in Reinforcement Learning. In: Elomaa, T., Mannila, H., Toivonen, H. (eds.) ECML 2002. LNCS (LNAI), vol. 2430, p. 295. Springer, Heidelberg (2002) 11. Mannor, S., Menache, I., Hoze, A., Klein, U.: Dynamic abstraction in reinforcement learning via clustering. In: Proc. the Twenty-First International Conference on Machine Learning, Banff, Alberta, Canada (2004)

50

N. Entezari, M.E. Shiri, and P. Moradi

12. Şimşek, Ö., Wolfe, A.P., Barto, A.G.: Identifying useful subgoals in reinforcement learning by local graph partitioning. In: Proc. The 22nd International Conference on Machine Learning, Bonn, Germany (2005) 13. Jing, S., Guochang, G., Haibo, L.: Automatic option generation in hierarchical reinforcement learning via immune clustering. In: 1st International Symposium on Systems and Control in Aerospace and Astronautics, ISSCAA 2006, p. 4, p. 500 (2006) 14. Şimşek, Ö., Barto, A.G.: Skill Characterization Based on Betweenness. In: Advances in Neural Information Processing Systems, vol. 21, pp. 1497–1504 (2009) 15. Jonsson, A., Barto, A.G.: Automated state abstraction for options using the u-tree algorithm. In: Advances in Neural Information Processing Systems: Proceedings of the 2000 Conference, pp. 1054–1060 (2001) 16. Elfwing, S., Uchibe, E., Doya, K.: An Evolutionary Approach to Automatic Construction of the Structure in Hierarchical Reinforcement Learning. In: Genetic and Evolutionary Computation, pp. 198–198 (2003) 17. Jonsson, A., Barto, A.: A causal approach to hierarchical decomposition of factored MDPs. In: Proc. the 22nd International Conference on Machine Learning, Bonn, Germany ( 2005) 18. Jonsson, A., Barto, A.: Causal Graph Based Decomposition of Factored MDPs. J. Machine Learning, Res. 7, 2259–2301 (2006) 19. Mehta, N., Ray, S., Tadepalli, P., Dietterich, T.G.: Automatic discovery and transfer of MAXQ hierarchies. In: Proc. of the 25th International Conference on Machine Learning, Helsinki, Finland (2008)

Automatic Skill Acquisition in Reinforcement Learning Agents Using Connection Bridge Centrality Parham Moradi, Mohammad Ebrahim Shiri, and Negin Entezari Faculty of Mathematics & Computer Science, Department of Computer Science, Amirkabir University of Technology, Tehran, Iran {pmoradi,shiri,negin.entezari}@aut.ac.ir

Abstract. Incorporating skills in reinforcement learning methods results in accelerate agents learning performance. The key problem of automatic skill discovery is to find subgoal states and create skills to reach them. Among the proposed algorithms, those based on graph centrality measures have achieved precise results. In this paper we propose a new graph centrality measure for identifying subgoal states that is crucial to develop useful skills. The main advantage of the proposed centrality measure is that this measure considers both local and global information of the agent states to score them that result in identifying real subgoal states. We will show through simulations for three benchmark tasks, namely, “four-room grid world”, “taxi driver grid world” and “soccer simulation grid world” that a procedure based on the proposed centrality measure performs better than the procedure based on the other centrality measures. Keywords: Reinforcement Learning, Hierarchical Reinforcement Learning, Option, Skill, Graph Centrality Measures, Connection Bridge Centrality.

1 Introduction Reinforcement learning (RL)[1] is appropriate machine learning technique when intelligent agents need to learn to act with delayed reward in unknown stochastic environments. It is well known that the state space in RL generally grows exponentially with the number of state variables. Approaches to contain the state space explosion include function approximation and state abstraction in hierarchical reinforcement learning (HRL) [2]. More recent approaches to HRL include Options [3], MAXQ [4] and HAM [5]. The main idea of HRL methods is to decompose the learning task into set of simple subtasks. This decomposition simplifies the learning task by reducing the size of state space since every subtask considers only a smaller number of relevant states. Moreover the learning is accelerated since every separate task is easier to learn. A popular approach to define subtasks is to identify important states which are useful to reach. These key states called “subgoals” and the agent learns “skills” to reach them. The skill, or temporally extended action, is a closed-loop policy over one step actions. A suitable set of skills can help improve the agent’s efficiency in learning to solve difficult problems. We represent skills using the options framework [3]. T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 51–62, 2010. © Springer-Verlag Berlin Heidelberg 2010

52

P. Moradi, M.E. Shiri, and N. Entezari

A number of methods have been suggested to identify subgoals automatically. The first one is frequency based which observes either how often a state has been visited by the agent during successful trials or how much reward a state has gained [6-9]. A difficulty with the frequency based approach is that the agent may need excessive exploration of the environment in order to distinguish between “important” and “regular” states. The second approach is policy based where the agent initially learns a task and then analyzes the learned policy for certain structural properties [10-11]. This approach may not prove useful in domains with delayed reinforcement. Finally, the third one is graph theoretic where the agent's transition history is mapped to a graph, and then the states within densely connected regions are identified as subgoals[1221]. In this approach subgoal states are identified using max flow-mincut algorithm[20], while in [18-19, 21-22] the state space is partitioned using some graph clustering algorithms. Moreover In [16] the data mining algorithm is used to discover strongly connected regions in the graph. On the other hand, graph centrality measures are used as an effective measure not only to find subgoals but also for evaluate them [13-15, 17]. In [17] betweenness centrality measure is used to find and ranking subgoals. In the previous work[13] we propose a new centrality measure called connection graph stability to identify subgoal states. While in [14] co-betweenness centrality measure is used to identify subgoals. Moreover in [15] we incorporate prior knowledge using complex network measures to expedites the agents learning performance. The main advantage of graph theoretic approach is that the agent transition graph can be constructed without using of reward information signals. Therefore, this approach can be used for domains with delayed reinforcement. On the other hand, graph for partitionclustering methods suffer from the computational complexity of ing the transitions graph and finding subgoal states, where is the number of nodes in the graph. Moreover the shortest paths graph centrality measures can be computed in , where are the number of nodes and edges in the graph, respectively. for sparse graphs[23]. Alternatively, this This complexity can be reduced to measure can be computed using approximation methods with less computational efforts. The previous graph centrality measures such as betweenness, conection graph stability and co-betweenness, that have been used to identifying subgoal states in RL [13-15, 17] consider only the global information of nodes in the graph to rank them. It is well known that bottleneck states not only have global properties but also have some local properties. In this paper we presented a new graph centrality measure called Connection Bridge Centrality (CBC) to identify potential subgoals that considers both local and global information of the states to score them. We will show through simulation on some benchmarks that CBC centrality measure performs better than the other graph centrality measures. The rest of the paper is organized as follows: In section 2 we describe reinforcement learning basics and its extension to use option. The proposed centrality measure (CBC) is described in section 3. In section 4 the skill acquisition algorithm is described. The benchmark tasks, simulation and results are described in section 5, and section 6 contains the final discussion and the concluding remarks.

Automatic Skill Acquisition in Reinforcement Learning Agents

53

2 Reinforcement Learning with Option The interaction of the agent and the environment can be represented using Markov Decision Process (MDP) framework. A finite MDP is a tuple , , , , where S is a finite set of states, A is a finite set of actions, T: S A S 0 1 is a state transition probability function and R: S A is a reward function. At each decision stage, the agent observes a state s S and executes an action a A with probability T which results in a state transition to s S and the agent obtains a scalar reward r . The agent’s goal is to find a map from states to actions, called policy, which maximizes the expected discounted reward over time, E ∑ γ r , where γ 1 is a discount factor and r is the reward obtained at time t. To represent skills, we use the options framework [3]. A (Markov) option is a temporally-extended action or macro action, specified by a triple , , where I denotes the option’s initiation set, i.e., the set of states in which the option can be invoked; π is the option’s policy, mapping states belonging to I to a sequence of actions; β denotes the option’s termination condition, which β s denotes the probability that the option terminates in state s. In this paper, Macro-Q-Learning algorithm [3] is used to optimize policies for both primitive actions and options. The Q-function that maps every state-action pair to the expected reward for taking this action at that state is updated as follow: Q s ,o

1

α Q s ,o

α γ max Q s

,o

r

γ

(1)

where τ is the actual duration of the option o , α is the learning rate. The update rule for a primitive action is similar with τ = 1.

3 Connection Bridge Centrality Measure One can find different centrality measures in the literature including: betweenness, closeness, degree, eigenvector centrality and information centrality. In this paper we extend the previous work[13] and propose a new centrality measure called Connection Bridge Centrality(CBC) that considers both local and global information of the nodes in the graph to score them. Consider a graph , with set of nodes and set of edges. We use and to show the number of nodes and edges in the graph respectively and we use denotes the length of shortest paths connecting s and t, presents the length of shortest path connecting s and node t while passing through . Moreover is the u denotes the number of total number of shortest paths between s and t and shortest paths connecting s and t while passing throughu. The following are common graph centrality measures: Closeness Centrality [23] Betweenness Centrality [23]

∑

,

(2) (3)

54

P. Moradi, M.E. Shirri, and N. Entezari

(4)

Node Connection Graph Sta ability [13]

Most subgoal states are botttleneck states in the corresponding graphs. These states not only have global properties but also have some local properties that specify them frrom the other states. For examp ple the degree distribution of these states is differing frrom their neighboring states. Acccording to this fact we propose a bridge coefficient that considers the local informatiion of the node. The bridge coefficient is defined as follow ws: ∑

(5)

where represents the neighborss of denotes the deegree of the node and the node and 0 is a constant value, in this paper we set ∑

.

The proposed bridge co oefficient considers the local information of the nodee to score it. To consider the global g information of the node, we can use closeness (1), betweenness (2) or node co onnection graph stability (3) centrality measures respectiively. It has been shown thatt NCGS centrality measure detect bottleneck states m more precisely than other presen nted centrality measures in RL environments[13]. Speccifically, the Concept Bridge Centrality(CBC) C measure is defined as follows: (6) where he node connection graph stability measure of node (3) denotes th and shows the bridg ge coeffitiont of node (4). To show the effectiveness of proposed centrality measure, this measure was tessted on a small network. Figure 1 and table 1 show the essence of concept bridge centraality measure. If we want to select the top ranked nodes- those nodes scored more thaan a predefined threshold - by setting the threshold to t=0.5, NCGS selects nodes A5, A6 and A7 nodes while CBC only o select node A6 as top rank node. Moreover if wee set the threshold to t=0.2 the NCGS N identifies nodes A1, A3, A4, A5, A6, A7 and A88 as the top rank nodes while the t CBC measure selects only A5 and A6 as top rannked nodes. These results show that considering local information of the node resultss in identify bottleneck nodes prrecisely.

Fig. 1. A small network example

Automatic Skill Acquisition in Reinforcement Learning Agents

55

Table 1. Centrality values of Figure 1 graph nodes including node degrees, Bridge Coefficient , normalized Node Connection Graph Stability and normalized Connection Bridge Centrality

Node A1 A2 A3 A4 A5 A6 A7 A8 A9

Degree(u) 3 2 2 2 4 2 3 2 2

BR(u) 1.09 3.62 1.34 1.94 1.27 3.62 1.25 1.35 1.35

NCGS(u) 0.24 0.17 0.21 0.256 0.74 1 0.55 0.22 0.22

CBC(u) 0.07 0.17 0.07 0.138 0.26 1 0.18 0.08 0.08

4 Skill Acquisition Algorithm The simplest approach to creating useful skills is to search by generating many new skills and letting the agent test them by adding them to its set of actions. However, due to the great size of the state space and the many actions and skills to select, such approach will inevitably suffer from inefficiency. So it is necessary to find small quantity yet high quality subgoals. To find the correct skills with reasonable cost, this paper focuses on discovering useful subgoals first, and then creates potential skills to accomplish the subgoals. In this section our proposed method for automatic skill acquisition in reinforcement learning by autonomous agents will be described. This method score and identify subgoals using graph centrality measures. The outline of the learning procedure is described in the algorithm 1. First of all the environment is explored by the agent and then the agent’s state transition history is mapped to a graph. Each new states visited by the agent becomes a node in the graph and each s s , s S is translated to an arc i, j in the graph. Then observed transition s the top k scored nodes in the graph identified as candidate subgoals. Then the new skills for the agents will be created to reach the discovered subgoals based on option framework [3]. Moreover these skills will be added to agent’s action space. Algorithm 1. Skill acquisition algorithm Repeat (1). Interacts with the environment and learn using Macro-Q-Learning. (2). Save state transition history. (3). If stop conditions are met then (3.1). Translate the state transition history to a graph representation. (3.2). Score graph nodes using concept bridge centrality measure. (3.2). Identify top k high scored nodes as subgoal. (3.3). Learn options to reach identified subgoals. (3.4). Add new options to agent’s action space. until no new states was found by agent

56

P. Moradi, M.E. Shiri, and N. Entezari

The complexity of computing the concept bridge centrality (CBC) measure is equal to the complexity of node connection graph stability centrality measure, because the computational complexity of bridge coefficient ( is and the NCGS centrality may be computed in time and O n m space on unweighted graphs, where and are the number nodes and edges in the corresponding graph of explored states respectively. On weighted graphs the space requirements remains same but the time requirement increases to O nm n log n [23]. Because of the MDP properties and limitation of number of actions, in the most environments the corresponding agent’s transition graph is sparse, so the time complexity of concept and log on unweighted and weighted bridge centrality will reduce to graphs respectively and the space complexity reduces to in both weighted and unweighted graphs.

5 Environment Benchmarks We present an empirical evaluation of proposed algorithm aimed at understanding whether proposed method is effective in identifying the subgoal states in an environment and whether the skills it generates are useful. We present results in three environments: a four-room grid world [3] , the taxi grid world [4] and soccer simulation[16] that is more complex than four-room and taxi grid world. Complementary details and results about these domains are described in corresponding subsections. 5.1 Four Room Grid World The four room grid world is shown in figure 2.a consists of four rooms connected to each other through four doors. The agent is located at a randomly selected start point and asked to find a randomly selected goal point. The agent has four primitive actions, namely to move up, down, left and right. Then, we randomly select 60 tasks (namely 60 pairs <start, goal> locations). Each task is performed 100 times (episodes). The agent receives a reward of 1000 at the goal state and a reward -1 for all other states. The agent uses ε-greedy policy to selects actions with ε 0.1. The learning rate α and the discount factor γ are set to 0.1 and 0.9 respectively. 5.2 Taxi Driver Grid World The taxi task has been a popular illustrative problem for RL algorithms since its introduction by Dietterich [4]. This domain is shown in figure 2.b, consists of a 5x5 grid with 4 special cells (RGBY). A passenger should be picked up from a cell and then dropped off in a destination cell, where the pickup and drop off nodes are two randomly chosen cells from the set of RGYB nodes. In each episode, the location of the taxi is chosen randomly. The taxi must pick up the passenger and deliver him, using the primitive actions up, down, left, right, Pickup and Putdown. For each iteration, a sequence of 300 episodes was considered. The taxi receives a reward of +20 for successfully delivering the passenger, -10 for attempting to pickup or drop off the passenger at incorrect locations and -1 for other actions. The other parameters were set the same as in the four-room grid problem.

Automatic Skill Acquisition in Reinforcement Learning Agents

(a)

57

(b)

Fig. 2. (a ) Four room grid world domain (b) Taxi driver domain

5.3 Soccer Simulation Grid World The soccer simulation domain proposed by kheradmandian[16] to evaluate skill discovery methods in RL. As can be seen in figure 6.a, it consists of a 6*10 grid environment, two goals, a ball and two agents. At each episode one agent tries to own the ball and move to the opponent’s goal and score. The other agent tries defending and owning the ball. Each agent has five primitive actions: MoveLeft, MoveRight, MoveUp, MoveDown and Hold. The hold action causes the agent to hold the ball and remain in its location. To score a goal an agent must hold the ball and move to one of two states in front of the opponent’s goal and perform a MoveRight (MoveLeft) action if the opponent’s goal is in the right(left) side of the field. When an agent scores a goal, the opponent owns the ball and two players are placed at specified location in front of their gate. The ball will be changed between player agents according to the following rules, a) If the agent which does not hold the ball is going to enter the other agent’s location, then with the probability of 0.8 the owning of the ball does not change and the locations of the players remain unchanged. b) If the agent that holds the ball is going to enter the location of the other with no moving player, then owning of the ball is changed and the locations of the players remain unchanged. The agents receive -1 reward for each action, +10 for owing the ball, -10 for missing the ball and +20 for scoring a goal. The agent uses an ε-greedy policy with ε 0.1. The learning rate α and the discount factor γ are set to 0.1 and 0.9 respectively.

6 Performance and Evaluation In the first step, the corresponding graph of states was scored based on three different mentioned centrality-based scoring methods. Figure 3 reports the scores assigned for the four-room grid task based on closeness(CC), betweenness (BC) and concept bridge centrality (CBC) methods respectively. Because of symmetry only the scores of the first 65 nodes have been shown in the figure 5. It can be seen that for the four room grid task, the CBC measure assigns high scores to the door points (e.g. Nodes labeled with 25, 51, 62 and 78) distinctly comparing to two other measures. All the four doors

58

P. Moradi, M.E. Shiri, and N. Entezari

are detected using the proposed method for a threshold larger than 96% but the other methods are not able to find the doors alone and they also assign high scores to door neighbors (eg. Nodes labeled with 24,26, 43, 54, 70 , 77 and 79) and either face false acceptance, e.g. for threshold of 95%, CC found 10 additional nodes, or false rejection, e.g. BC discards the main doors for the thresholds larger than 82%. These results show that the concept bridge centrality (CBC) assigns high scores to the bottleneck nodes comparing with the closeness(CC) and betweenness(BC) centrality measures.

Fig. 3. Normalized assigned scores to the nodes using closeness(CC), betweenness(BC) and concept bridge (CBC) cenrality measures for four room grid world

As it was expected, the nodes around main subgoals, e.g. neighbors of hallway doors in the four-room grid world, have also high centrality scores. By varying the threshold, different numbers of nodes are extracted as subgoals. Figure 4.a compares the number of candidate subgoals that identified in four-room grid world by different methods for different threshold values. When the threshold is set to 0.15, there are 104,26 and 14 candidate subgoals extracted while using CC, BC and CBC. When threshold is set to 0.3, the CBC identified real bottelnecs while BC and CC identified 104 and 13 candidate subgoals respectively. If we consider the redundant subgoals for creating skills we may create some complexity and additional penalties to an agent while obtaining no benefits. The experiments were repeated for taxi grid world and the same qualitative results are reported. Figure 4.b compares the number of candidate subgoals that identified in taxi grid world by different methods when the threshold value slides from zero, i.e. extract all nodes, to one. It should be noted that our proposed centrality measure has effectively reduced the sensitivity of appropriate threshold selection. To show the effectiveness of the proposed subgoal discovery algorithm, we repeat the experiments for the case that the agent extracts the subgoals by setting a threshold on CC, BC and CBC scores or. Figures 5.a and 5.b show the average obtained reward in four room grid and taxi-worlds respectively when the threshold was set to 0.8 for four room grid world and 0.4 for taxi driver respectively. Skills are created in both domains based on subgoals extracted by applying proposed algorithm or setting the threshold on three mentioned centrality measures scores. The results are compared

Automatic Skill Acquisition in Reinforcement Learning Agents

59

with the case that the agent uses the standard RL without using skill. In this experiment, for the four-room (taxi driver) world, while using CBC, BC and CC the agent identifies 12(6), 16(10) and 72(152) subgoals respectively and this point is reached after 23 (25), 28 (31) and 39 (50) episodes respectively. The agent also reached this point after 41(152) episodes using “without skill” approach.

(a)

(b)

Fig. 4. The number of identified subgoals by applying closeness(CC), betweenness(BC) and concept bridge centrality(CBC) as the function of the threshold values for (a) four-room grid and (b) taxi grid world

The experiments were repeated for the soccer simulation grid world and the same qualitative results were reported. Figure 12 shows the number of goals obtained by the agent for the different mentioned skill acquisition approaches comparing the situation that the agent uses standard Q-learning without using any skill. In these experiments the agent was able to gain 200 goals after 730 time steps when the subgoals were extracted using CBC centrality measure, while using BC and CC when the threshold is set to 0.5 the agent gained the same goals after 848 and 1332 time steps respectively and using “without skill” approach the agent gained the same goals after 1484 time steps.

(a)

(b)

Fig. 5. Average reward obtained in a (a) four room grid world and (b) taxi grid world, when the agent use standard RL, i.e. without Skill, use skills generated from subgoals extracted by connection bridge centrality (CBC), betweenness centrality( BC) and closeness centrality(CC) measures.

60

P. Moradi, M.E. Shiri, and N. Entezari

(a)

(b)

Fig. 6. (a) soccer simulation grid world and (b) Avegarge scored goals in soccer simulation when the agent use standard RL, i.e. without Skill, use skills generated from subgoals extracted by Proposed Algorithm and concept bridge centrality (CBC), betweenness centrality (BC) and closeness centrality(CC) measures.

7 Conclusion In this paper, a graph theoretic based skill acquisition algorithm was presented. In brief, the main contributions of the proposed method are to utilize complex network theory measures for improving the subgoal identification process. In particular, the concept bridge centrality was defined and applied for ranking agent states and extract candidate subgoals. Applying proposed centrality measure on three benchmark problems, results in improving the results of the skill acquisition process. Here we report that the proposed method is also able to create skills incrementally. To do so, some temporary skills will be built based on explored states and in the next episodes by exploring more states, some new skills can be identified and then redundant skills or weaker ones will be removed. Further investigation on this issue and utilization of the proposed approach in more challenging environments are under progress. From a computational complexity point of view, the proposed method run time is O nm , where n and m are the number of nodes and edges in the corresponding graph of explored states, respectively. This complexity will be reduced to O n for sparse graphs. This result is the same as [17] and comparable with the method proposed in [20] with O n complexity, where n is the number of states, and [18] with O n complexity, where n is the number of states observed in the last episode. The proposed method has a few numbers of adjustable parameters. While other methods such as L-Cut [18] and Relative Novelty [8] include manually tuned parameters, the proposed method does not have any adjustable parameters.

References 1. 2.

Kaelbling, L.P., Littman, M.L., Moore, A.W.: Reinforcement learning: a survey. Journal of Artificial Intelligence Research 4, 237–285 (1996) Barto, A.G., Mahadevan, S.: Recent Advances in Hierarchical Reinforcement Learning. Discrete Event Dynamic Systems 13, 341–379 (2003)

Automatic Skill Acquisition in Reinforcement Learning Agents 3. 4. 5.

6.

7.

8. 9.

10.

11.

12.

13.

14.

15.

16. 17.

18.

61

Sutton, R., Precup, D., Singh, S.: Between MDPs and semi-MDPs: a framework for temporal abstraction in reinforcement learning. Artif. Intell. 112, 181–211 (1999) Dietterich, T.G.: Hierarchical reinforcement learning with the MAXQ value function decomposition. J. Artif. Int. Res. 13, 227–303 (2000) Parr, R., Russell, S.: Reinforcement learning with hierarchies of machines. In: Conference Reinforcement Learning with Hierarchies of Machines, pp. 1043–1049. MIT Press, Cambridge (1998) Digney, B.L.: Learning hierarchical control structures for multiple tasks and changing environments. In: Proceedings of the Fifth International Conference on Simulation of Adaptive Behavior on From Animals to Animats 5, pp. 321–330. MIT Press, Univ. of Zurich, Zurich, Switzerland (1998) McGovern, A., Barto, A.G.: Automatic Discovery of Subgoals in Reinforcement Learning using Diverse Density. In: Conference Automatic Discovery of Subgoals in Reinforcement Learning using Diverse Density, pp. 361–368. Morgan Kaufmann, San Francisco (2001) Şimşek, Ö., Barto, A.G.: Learning Skills in Reinforcement Learning Using Relative Novelty, pp. 367–374 (2005) Shi, C., Huang, R., Shi, Z.: Automatic Discovery of Subgoals in Reinforcement Learning Using Unique-Dreiction Value. In: IEEE International Conference on Cognitive Informatics, pp. 480–486 (2007) Goel, S., Huber, M.: Subgoal Discovery for Hierarchical Reinforcement Learning Using Learned Policies. In: Conference Subgoal Discovery for Hierarchical Reinforcement Learning Using Learned Policies, pp. 346–350. AAAI Press, Menlo Park (2003) Asadi, M., Huber, M.: Autonomous subgoal discovery and hierarchical abstraction for reinforcement learning using Monte Carlo method. In: Proceedings of the 20th National Conference on Artificial Intelligence, vol. 4, pp. 1588–1589. AAAI Press, Pittsburgh (2005) Kazemitabar, S., Beigy, H.: Automatic Discovery of Subgoals in Reinforcement Learning Using Strongly Connected Components. In: Proceedings of the 15th International Conference on Advances in Neuro-Information Processing, pp. 829–834 (2009) Ajdari Rad, A., Moradi, P., Hasler, M.: Automatic Skill Acquisition in Reinforcement Learning using Connection Graph Stability Centrality. In: Conference The IEEE International Symposium on Circuits and Systems, ISCAS 2010 (2010) Moradi, P., Ajdari Rad, A., Khadivi, K., Hasler, M.: Automatic Discovery of Subgoals in Reinforcement Learning using Betweeness Centrality Measures. In: Conference 18th IEEE Workshop on Nonlinear Dynamics of Electronic Systems, NDES 2010 (2010) Moradi, P., Ajdari Rad, A., Khadivi, A., Hasler, M.: Automatic Skill Acquisition using Complex Network Measures. In: Conference International Conference on Artificial Intelligence and Pattern Recognition, AIPR 2010 (2010) Kheradmandian, G., Rahmati, M.: Automatic abstraction in reinforcement learning using data mining techniques. Robotics and Autonomous Systems 57, 1119–1128 (2009) Şimşek, Ö., Barto, A.G.: Skill Characterization Based on Betweenness. In: Koller, D., Schuurmans, D., Bengio, Y., Bottou, L. (eds.) Advances in Neural Information Processing Systems, vol. 21, pp. 1497–1504 (2009) Şimşek, Ö., Wolfe, A.P., Barto, A.G.: Identifying useful subgoals in reinforcement learning by local graph partitioning. In: Proceedings of the 22nd International Conference on Machine Learning, pp. 816–823. ACM, Bonn (2005)

62 19.

20.

21.

22.

23.

P. Moradi, M.E. Shiri, and N. Entezari Mannor, S., Menache, I., Hoze, A., Klein, U.: Dynamic abstraction in reinforcement learning via clustering. In: Proceedings of the Twenty-First International Conference on Machine Learning, p. 71. ACM, Banff (2004) Menache, I., Mannor, S., Shimkin, N.: Q-Cut - Dynamic Discovery of Sub-goals in Reinforcement Learning. In: Elomaa, T., Mannila, H., Toivonen, H. (eds.) ECML 2002. LNCS (LNAI), vol. 2430, pp. 295–306. Springer, Heidelberg (2002) Jing, S., Guochang, G., Haibo, L.: Automatic option generation in hierarchical reinforcement learning via immune clustering. In: Conference Automatic Option Generation in Hierarchical Reinforcement Learning Via Immune Clustering, p. 4, p. 500 (2007) Kazemitabar, S., Beigy, H.: Using Strongly Connected Components as a Basis for Autonomous Skill Acquisition in Reinforcement Learning. In: Yu, W., He, H., Zhang, N. (eds.) ISNN 2009. LNCS, vol. 5551, pp. 794–803. Springer, Heidelberg (2009)

Brandes, U.: A faster algorithm for betweenness centrality. Journal of Mathematical Sociology 25, 163–177 (2001)

Security Analysis of Liu-Li Digital Signature Scheme Chenglian Liu1,4, , Jianghong Zhang2, and Shaoyi Deng3 1

Department of Mathematics, Royal Holloway, University of London [email protected] 2 College of Sciences, North China University of Technology [email protected] 3 Department of Communication Engineering, Henan Polytechnic University [email protected] 4 Department of Mathematics and Computer Science, Fuqing Branch of Fujian Normal University

Abstract. In 2008, Liu and Li proposed a digital signature scheme without using one-way hash function and message redundancy. They claimed their scheme are more efficient in computation and communication for small device. In this paper, we will point out an new attack to certain the Liu-Li scheme is insecure. Then we give an improvement, this scheme is suitable for low power computation and mobile device. Keywords: Forgery attack, Digital signature, Algebra structure.

1 Introduction Most internet applications need the help of digital signatures for authentication purposes, such as authenticating electronic tax reports, stock transactions, and electronic commerce deals. This is the real reason why digital signatures are very valuable in the modern digital data processing world. Several important works dealing with digital signatures have been proposed in [6] [7] [8] [9] [10] and [11]. Shieh et al. [5] firstly proposed a digital Multisignature scheme for authenticating delegates in mobile code system on July 2000. Hwang and Li [3] pointed out the issue of forgery attack on the Shieh et al. scheme. Wu and Hsu [4] demonstrated potential insider forgery attacks. In 2004, Chang and Chang [2] presented a new digital signature that did not use oneway hash functions or message redundancy, and claimed that their scheme modified the properties of Shieh et al. scheme. Later, Zhang [1] showed that Chang-Chang version was still vulnerable to forgery attacks. Chien [12], Kang and Tang [13], Liu and Li [14] also gave various attack version for these schemes. We enhance the Shieh et al. scheme and propose a new scheme without using one- way hash functions or message redundancy. In this article, we preserve the attributes of Liu-Li scheme to provide a safe environment. Section 2 briefly reviews Liu-Li digital signature scheme and our attack method. Section 3 improved to the scheme and carried out security analysis. A conclusion will be drawn in Section 4. 

Corresponding author.

T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 63–70, 2010. c Springer-Verlag Berlin Heidelberg 2010 

64

C. Liu, J. Zhang, and S. Deng

2 Review of Liu-Li Scheme 2.1 Liu-Li Scheme Setup two prime numbers p and q such that q|p − 1, where the typical size for these parameters are: |p| = 1024 and |q| = 160 bits. Setup an element g ∈ Zp∗ of order q. The xi is private key of the signer U , where xi ∈ [1, p − 1] and gcd(xi , p − 1) = 1. Yi is the corresponding public key such that Yi ≡ g xi

(1)

(mod p).

There are two phases described as below. A. Signature Generation Phase Suppose Ui wants to sign the message mi ∈ [1, p − 1], then Ui does the following: Step 1: Ui computes

si ≡ (Yi )mi

(mod q).

(2)

Step 2: Ui randomly selects an integer number ki where ki ∈ [1, p − 1] and computes ri ≡ mi · g −ki

(mod p).

(3)

Step 3: Ui computes ti , where ti ≡ x−1 i · (ki − ri · si ) (mod q).

(4)

Step 4: Ui sends the signature (si , ri , ti ) of mi to the verifier V . B. Verification Phase After receiving the signature (si , ri , ti ), V verifies the following: Step 1: V computes

m ≡ Yiti · ri · g ri ·si

Step 2: V computes

si ≡ (Yi )mi

(mod p).

(mod p).

(5) (6)

If it holds, V can be certain that (si , ri , ti ) is indeed the signature generated by Ui in the recovered message mi . Proof mi ≡ (yi )(si +ti ) · ri · αri

(mod p)

≡ (α)xi (si +ti ) · mi · α−ki · αri (ki −ri )

≡α ≡ mi

Q.E.D

(−ki +ri )

· mi · α (mod p)

(mod p)

(mod p)

Security Analysis of Liu-Li Digital Signature Scheme

65

2.2 Forgery Attacks on Liu-Li Scheme Most of algorithm for protocol scheme exist algebra structure leakage. Our method is a kind of algebra attack on finite computation, we can attack success in polynomial time. An attacker Eve performs the follow steps to forge the signature (si , ri , ti ). Step 1: Eve randomly chooses integer ti , ti ∈ [1, q]. Step 2: Eve randomly chooses α, α ∈ [1, p/q] and computes r = αq. Step 3: Eve computes

t

mi ≡ Yi i ri Step 4: Eve computes si ≡ (Yi )m



(7)

(mod p).

(8)

(mod p).

(9)

The signature is forged after Eve finished the above steps. She makes the forged signature (si , ri , ti ) of Ui . Verification of the forged signature (si , ri , ti ) in message m is shown below. Proof 

 

m ≡ Y ti r g ri si

(mod p)

≡

  Y ti ri g αqsi

≡

 Y ti ri (mod p) mi (mod p)

(mod p)

≡ Q.E.D

Then the message m will pass the verification 

si ≡ (Yi )mi

(mod q).

(10)

If Liu-Li’s Scheme changes to mi

si ≡ Yi

(mod p),

  ti ≡ x−1 i (ki − ri si ) (mod p − 1).

(11) (12)

Zp∗

and g ∈ of order (p − 1) Our attack changes to follow steps: Step 1: Eve computes

ri ≡ (p − 1)/2.

Step 2: Eve randomly chooses ti , ti ∈ [1, p − 1]. Step 3: Eve computes t mi ≡ Yi i ri (mod p).

(13)

(14)

66

C. Liu, J. Zhang, and S. Deng

Step 4: Eve computes si ≡ (Yi )m Step 5: If

si



(mod p).

(15)

≡ 1 (mod 2), return to Step 2.

The signature is forged after Eve finished the above steps. She makes the forged signature (si , ri , ti ) of Ui . Verification of the forged signature (si , ri , ti ) in message m is shown below. Proof 

 

m ≡ Y ti r g ri si ≡Y

(mod p)

ti  (p−1)si /2 ri g ti

≡ Y ri

(mod p)

(mod p)

≡ mi (mod p) Q.E.D Then the message mi will pass the verification mi

si ≡ Yi

(16)

(mod p).

If holds, Eve is certain that (si , ri , ti ) is indeed the signature generated by Ui in the recovered message mi . Thus, Liu-Li scheme underlying digital signature scheme is not secure.

3 Our Methodology 3.1 Our Improvement Let p be a large prime, and g ∈ Fp∗ is a random multiplicative generator element. Signer Ui chooses his/her private key xi , where xi ∈ [1, p − 1], gcd(xi , p − 1) = 1 and computes the public keys y1 ≡ g xi y2 ≡ g

x2i

(mod p),

(17)

(mod p)

(18)

Signature Generation Phate Step 1: Ui computes

si ≡ (y2 )mi

(mod p).

(19)

Step 2: Ui randomly selects an integer ki ∈ [1, p − 1] and computes ri ≡ (si + mi · y1−ki )

(mod p).

(20)

Step 3: Ui computes −1 ti ≡ x−1 i · (ki − ri − xi · si )

(mod p − 1).

Step 4: Ui sends the signature (si , ri , ti ) of mi to the verifier V .

(21)

Security Analysis of Liu-Li Digital Signature Scheme

67

Verification Phase: After receiving signature (si , ri , ti ), the receiver V can check the signature and recover message mi as follows: Step 1: V computes

mi ≡ y2ti · (ri − si ) · y1ri · g si

Step 2: V checks whether

si ≡ (y2 )mi

(mod p).

(22) (23)

(mod p).

If it holds, V can be convinced that (si , ri , ti ) is indeed the signature generated by Ui in the recovered message mi . Proof mi ≡ y2ti · (ri − si ) · y ri · g si −1 x−1 i (ki −ri −xi si )

≡ y2

· (ri − si ) · y1ri

−1 −1 x−1 i ki −xi ri −xi si

≡ y2 ≡

y1ki

·

y1−ri

·g

−s

(mod p) (mod p)

· mi · y1−ki · y1ri · g si

· mi ·

y1−ki

·

y1ri

·g

s

(mod p)

(mod p)

≡ mi (mod p) Q.E.D

3.2 Security Analysis and Simulation Attacks security analysis. Definition 1 (Discrete Logarithm Problem, DLP) Discrete Logarithm Problem DLP (p,g,y) is a problem that on input a prime p and integers g, y ∈ Zp∗ , outputs x ∈ Zp−1 satisfying g x ≡ y (mod p) if such an x exists. Otherwise, it outputs ⊥. The above function, which outputs ⊥ if there is no solution to the query, should be expressed as DLP and the notation DLP should be used only for a weaker function such that nothing is specified for the behavior of the function in the case when there is no solution to the query. Definition 2 (Computational Square-Root Exponent, CSRE) Computational Square-Root Exponent CSRE(p, g, y) is a problem that on input a 2 ∗ prime p and integers g, y ∈ Zp∗ , outputs g x (mod p) for x ∈ Zp−1 satisfying y ≡ g x (mod p) if such an x exists. Otherwise, it outputs ⊥. According to the notation used in [15], the above function, which outputs ⊥ if there is no solution to the query, should be expressed as CSRE. and the notation CSRE should be used only for a weaker function such that nothing is specified for the behavior of the function in the case when there is no solution to the query. However, since we evaluate only stronger problems, we omit astarisk throughout the paper for the sake of simplicity.

68

C. Liu, J. Zhang, and S. Deng

Attack Scenarios. There are three simulated scenarios to discuss. According to public parameters in the network environment, an attacker can easily get hold of this information, may find any hole to do this. Scenario 1:An attacker Eve wants to get the signer Ui ’s private key xi from the valid signature (si , ri , ti ). As observed in section 3.1, it is known that −1 ti ≡ x−1 i · (ki − ri − xi si ) (mod p − 1);

that is,

−1 x−2 i si + xi · (ri − ki ) + ti ≡ 0

(mod p − 1).

(24)

(25)

If Eve wants to get xi , she has know the value of ki from ri ≡ (si + mi · y1−ki ) (mod p). She can calculate

(ri − si ) · (mi )−1 ≡ y1−ki

(mod p).

(26)

(27)

It is inconceivable for her to retrieve ki while she face discrete logarithm problems, even if ri , mi and si are known. So, Eve can not calculate Ui ’s private key xi from the valid signature (si , ri , ti ). Thus, this attack cannot succeed against our scheme. Scenario 2: Eve wants to impersonate Ui and generate a valid signature in the message mi . She can compute (28) si ≡ (y2 )mi (mod p), and

ri ≡ (si + mi · y1 )−ki ·si

(mod p).

(29)

Fortunately, Eve does not know xi to compute ti , where −1 ti ≡ x−1 i · (ki − ri − xi si ) (mod p − 1).

(30)

That is to say, she cannot generate a valid signature (si , ri , ti ) for message mi . Scenario 3: Eve wants to perform forgery attack on the proposed scheme. If Eve forges a valid signature (si , ri , ti ) of Ui . She may compute as follow steps. Step 1: Eve randomly selects numbers mi , β ∈ [1, p − 1]. Step 2: Eve computes ri ≡ (y2β mi + si ) si

≡

m y2 i

(mod p),

(31) (32)

(mod p).

Step 3: Eve computes t

mi ≡ y2i · (ri − si ) · y1ri · g si ≡

mi y2ti +β y1ri g si

(mod p)

(mod p)

(33)

Security Analysis of Liu-Li Digital Signature Scheme

69

Step 4: Eve computes y t+β y r g s ≡ 1 t y2i

≡

(34)

(mod p),

 y2−β y1−ri g −si

(35)

(mod p).

Eve can not compute ti , she failed this attack. Step 1: Eve randomly selects numbers ti , β ∈ [1, p − 1], t

mi ≡ y2i y1β

(36)

(mod p).

Step 2: Eve computes 

ri ≡ (g −s y1δ + si ) (mod p),

(37)

si

(38)

≡

m y2 i

(mod p)

Step 3: Eve computes t

y2i y1β ≡ mi ≡ ≡ y1β

≡

β ≡ ri

≡

(mod p)

 t r y2i · (ri − si ) · y1i · g si (mod t r  +δ (mod p) y2i y1i ri +δ y1 (mod p)  ri + δ (mod p − 1)  r  −β (g −si y1i + si ) (mod p)

p) (39) (40) (41) (42)

Eve cannot compute ri , she failed this attack.

4 Conclusions We proposed an improvement to Liu-Li scheme which use neither one-way hash functions nor message redundancy. In our scheme, if attacker try to compute the private key, then he/she may face discrete logarithm problem. On the other hand, according to our simulation of three attack scenarios. The attacker obtained any public parameter such as triple signatures, he/she also can not infer secret key or value. Thus, our scheme is secure and more suitable in low power computation and mobile device.

Acknowledgments The authors would like to thank anonymous reviewers for their valuable comments. This research was supported in part by the National Natural Science Foundation of China (No. 60703044), the NOVA Programma (No. 2007B-001), the PHR fund and Program for New Century Excellent Talents in University (NCET-06-188) and the Fuqing Branch of Fujian Normal University of China under the contract number KY2010-030.

70

C. Liu, J. Zhang, and S. Deng

References 1. Zhang, F.: Cryptanalysis of Chang et al.’s signature scheme with message recovery. IEEE Communications Letters 9, 358–359 (2005) 2. Chang, C.-C., Chang, Y.-F.: Signing a digital signature without using one-way hash functions. IEEE Communications Letters 8, 485–487 (2004) 3. Hwang, S.-J., Li, E.-T.: Cryptanalysis of Shieh-Lin-Yang-Sun signature scheme. IEEE Communications Letters 7, 195–196 (2003) 4. Wu, R.-C., Hsu, C.-R.: Cryptanalysis of digital multisignature schemes for authenticating delegates in mobile code systems. IEEE Transactions on Vehicular Technology 52, 462–464 (2003) 5. Shieh, S.-P., Lin, C.-T., Yang, W.-B., Sun, H.-M.: Digital multisignature schemes for authenticating delegates in mobile code systems. IEEE Transactions on Vehicular Technology 49, 1464–1473 (2000) 6. Elgamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory 31, 469–472 (1985) 7. Harn, L.: New digital signature scheme based on discrete logarithm. Electronics Letters 30, 396–398 (1994) 8. Hwang, S.J., Chang, C.C., Yang, W.P.: An Encryption Signature Scheme with Low Message Expansion. Journal of the Chinese Institute of Engineers 18, 591–595 (1995) 9. Nyberg, K., Rueppel, A.: Message Recovery for Signature Schemes Based on the Discrete Logarithm Problem. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 182– 193. Springer, Heidelberg (1995) 10. Piveteau, J.M.: New signature scheme with message recovery. Electronics Letters 29, 2185 (1993) 11. Shao, Z.: Signature scheme based on discrete logarithm without using one-way hash function. Electronics Letters 34, 1079–1080 (1998) 12. Chien, H.-Y.: Forgery attacks on digital signature schemes without using one-way hash and message redundancy. IEEE Communications Letters 10, 324–325 (2006) 13. Kang, L., Tang, H.: Digital signature scheme without hash function and message redundancy. Journal on Communications 27, 18–20 (1006) (In China) 14. Liu, J., Li, J.: Cryptanalysis and Improvement on a Digital Signature Scheme without using One-way Hash and Message Redundancy. In: International Conference on Information Security and Assurance (ISA 2008), pp. 266–269. SERSC, Korea (2008) 15. Konoma, C., Mambo, M., Shizuya, H.: Complexity Analysis of the Cryptographic Primitive Problems through Square-Root Exponent. IEICE Transaxtions on Fundamentals of Electronics, Communications and Computer Sciences E87-A, 1083–1091 (2004)

An Optimal Method for Detecting Internal and External Intrusion in MANET Marjan Kuchaki Rafsanjani, Laya Aliahmadipour, and Mohammad M. Javidi Department of Computer Science, Shahid Bahonar University of Kerman, Kerman, Iran [email protected], [email protected], [email protected]

Abstract. Mobile Ad hoc Network (MANET) is formed by a set of mobile hosts which communicate among themselves through radio waves. The hosts establish infrastructure and cooperate to forward data in a multi-hop fashion without a central administration. Due to their communication type and resources constraint, MANETs are vulnerable to diverse types of attacks and intrusions. In this paper, we proposed a method for prevention internal intruder and detection external intruder by using game theory in mobile ad hoc network. One optimal solution for reducing the resource consumption of detection external intruder is to elect a leader for each cluster to provide intrusion service to other nodes in the its cluster, we call this mode moderate mode. Moderate mode is only suitable when the probability of attack is low. Once the probability of attack is high, victim nodes should launch their own IDS to detect and thwart intrusions and we call robust mode. In this paper leader should not be malicious or selfish node and must detect external intrusion in its cluster with minimum cost. Our proposed method has three steps: the first step building trust relationship between nodes and estimation trust value for each node to prevent internal intrusion. In the second step we propose an optimal method for leader election by using trust value; and in the third step, finding the threshold value for notifying the victim node to launch its IDS once the probability of attack exceeds that value. In first and third step we apply Bayesian game theory. Our method due to using game theory, trust value and honest leader can effectively improve the network security, performance and reduce resource consumption. Keywords: Mobile Ad hoc Network (MANET); Intrusion Detection System (IDS); Cluster leader; Trust value; Game theory.

1

Introduction

Mobile ad hoc networks (MANETs) and wireless is relatively new communication paradigm. MANETs do not require expensive base stations or wired infrastructure. Nodes within radio range of each other can communicate directly over wireless links, and those that are far apart use other nodes as relays [1]. For example, a MANET could be deployed quickly for military communications in the battlefield. Due to their communication type and constraint resources, MANETs are vulnerable to diverse types of attacks and intrusions [2]. Intrusion Detection Systems (IDS) are security tools that, like other measures such as antivirus software, firewalls and access control schemes, are intended to strengthen the security of information and communication T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 71–82, 2010. © Springer-Verlag Berlin Heidelberg 2010

72

M.K. Rafsanjani, L. Aliahmadipour, and M.M. Javidi

systems [3]. The cooperation among nodes is a crucial requirement for intrusion detection in Mobile Ad hoc Networks (MANETs) due to their autonomous nature [4].The cooperation usually requires all the nodes to launch their own IDSs to increase the detection capability and resource consumption. But nodes in MANET have only limited resources. A common approach for reducing the overall resource consumption of intrusion detection is for nodes to acquiesce in electing a leader to serve as the intrusion detection system (IDS) for a cluster of one-hop nodes [5]. For preventing of internal intrusion due to selfish or malicious nodes, first we must build trust relationship between each node. Trust is defined as “a set of relations among entities that participate in a protocol. These relations are based on the evidence generated by the previous interactions of entities within a protocol. In general, if the interactions have been faithful to the protocol, then trust will accumulate between these entities”. Trust has also been defined as the degree of belief about the behavior of other entities or agents [6]. Therefore, building trust relationship between nodes in MANET plays a significant role in improving the network security, performance and quality of service. We will introduce methods of calculating trust value and explain Bayesian game theory between neighboring nodes, based on [7]. This method is used because it converges quickly since trust relationships are only established among neighbor nodes. After this phase, we should elect a trustee leader with the least cost for each cluster of one-hop nodes. In the third phase we have a Bayesian game for detection external intruder based on [5] between cluster leader and external intruder to find the threshold value for notifying the victim node to launch its IDS once the probability of attack exceeds that value. In this paper due to use combination of Game Theory in various positions will lead to discussion types of intrusion. So increase network security and reduce resource consumption.

2 Our Proposed Method Our proposed method has three phase that is organized as follows: first we establish trust relationship between neighboring nodes to prevent internal intruder based on scheme that proposed by Jiang et al [7]; then we proposed our leader election scheme and in the last phase we present method for detecting external intruder based on game that proposed by Otrok et al [5]. 2.1 Trust Establishment Relationship Mobile ad hoc network due to lack of routing infrastructure, they have to cooperate to communicate. Nodes are rational; their actions are strictly determined by self interest. Therefore, misbehavior exists. Malicious nodes are the nodes that join the network with the intent of harming it by causing network partitions, denial of service, etc. While selfish nodes are the nodes that utilize services provided by others but do not reciprocate to preserve resources. To save battery and bandwidth, nodes should not forward packets for others. If this dominant strategy is adopted, however, all nodes are worse off. Therefore, an ideal scheme is needed to give nodes an incentive to cooperate [7]. In most existing research that works on the trust establishment in MANET, trustor ranks the trust level of trustee using evaluation model based on the direct and indirect evidences collected respectively [8],[9]. The advantage of this approach

An Optimal Method for Detecting Internal and External Intrusion in MANET

73

is that the trust value about trustee is computed based on comprehensive investigation in the whole network. Therefore, the trust value is more accurate and objective. On the other hand, in order to boot the process of trust establishment, existing approaches designate a default trust value to all trustees subjectively, such as 0.5, in the bootstrapping phase. That is, from the new node’s point of view, all other nodes have the same trust level. This may result in hidden danger for not distinguishing between favorable nodes and malicious ones. Authors in [7] propose a trust establishment scheme for MANET based on game theory. In their scheme, trust is regarded as a node’s private estimation about other nodes. Without using the indirect evidences which are often adopted in traditional approaches, their trust evaluation model is based on the game results and history interaction information. This method is used because it converges quickly since trust relationships are only established among neighbor nodes. At first, we introduce game theory then we present game for estimating trust value. Game Theory. Game theory [10] has been successfully applied to many disciplines including economics, political science, and computer science. Game theory usually considers a multi-player decision problem where multiple players with different objectives can compete and interact with each other. Game theory classifies games into two categorizes: Non-cooperative and cooperative. Non-cooperative games are games with two or more players that are competing with each other. On the other hand, cooperative games are games with multi-players cooperating with each other in order to achieve the greatest possible total benefits. A game consists of a set of players a set of moves (or strategy) available to those players, and a specification of payoffs for each combination of strategies. A player's strategy is a plan for actions in each possible situation in the game. A player's payoff is the amount that the player wins or loses in a particular situation in a game. A player has a dominant strategy if that player's best strategy does not depend on what other players do [11]. To predict the optimal strategy used by intruders to attack a network, the authors of [12] model a non-cooperative game-theoretic model to analyze the interaction between intruders and the IDS in a MANET. They solve the problem using a basic signaling game which falls under the gambit of multi-stage dynamic non-cooperative game with incomplete information. In [7] authors proposed Bayesian game between neighboring node for estimating trust value for each other. Otrok et al in [5] solve trade off security and resource consumption by A nonzerosum non cooperative game based on Bayesian Nash equilibrium is used to model the interaction between the leader and external intruder, in this game intruder has complete information about leader, but leader dosen,t have complete information about intruder. The solution of such a game guides the IDS to inform the victims to launch their IDS according to the game derived threshold. Network Model and Computation Trust Value. We use a undirected graph G =< V, E > to model a mobile ad hoc network, where V is the set of nodes, and E is the set of edges, in other words, the pair of nodes with a common edge are the neighbors of each other. We denote Ni as the set of all neighbors of node i and |Ni| represents the number of nodes in Ni, i.e., the degree of node i in the graph G. In [8] they assume that each node has a property set Θi=<Θi(t), Hi(t), |Ni|(t) > at time t, where Θi(t) is the

74

M.K. Rafsanjani, L. Aliahmadipour, and M.M. Javidi

energy utilization rate of vi at time t. Hi(t)={hj i (t)| j=1, ..., |Ni|} is the interaction history records such as packet forwarding behavior about all nodes in Ni. |Ni|(t) is the number of i’s neighbors. hji(t)=< f ij , Rji > is the interaction history record of node i on node j. f ij is the number of packets forwarded actually by vj on behalf of vi and Rji is the number of all packets that vi ask vj to forward at time t. Θi (t) is the private information for vi about which other nodes do not know. The information about nodes’ properties and history interaction records are indispensable for trust evaluation. Therefore, each node must have some storage space called as information base. Each entry of information base records one of all neighbor node’s information: node’s properties, value of trust, and interaction records; authors in [7] propose trust value of node i on node j; that is Tij. Tij = (1-α ) Ti j,g + α Ti j,o

(1)

j,g

In equation (1) Ti is predicted value of node i on node j by game analyzing based on the node’s properties. To obtain this value, node i must play games with its neighbor and estimate the optimal expected utility Uij brought to it by the neighbor node j and then we can compute Ti j,g = Ui j /∑(Ui j)

jє Ni

(2)

For the detail analysis, refer to [9]. Ti j,o= Fij/Rij

(3)

Ti j,o is observed value obtained by direct interaction history. α is the weight factor reflecting the preferences. If there is not history, α = 0, along with gathering of the interaction record, α increases gradually. The game is played between node i and node i’s neighbor. For estimation trust value node j by node i, according to equation (1) due to players don’t have complete information about each other, Bayesian game is used. Assume a two-player Bayesian game is : Γ =
∈N ; (A ) ∈N ; (u ) ∈N ; (p ) ∈N i

i

i

i

i

i

i>

N = {a, b} is the set of players. Θ is the set of player’s types. Ai is the action set of player i. Ui is the utility function set of player i. Each player chooses the action based on its own type. In this step we need Utility is the function of strategy and type, computation of Ti j,g and Ti j,o. Calculation of Ti j,g . In MANET, energy Ei of each node i is limited. Besides, allocating some energy to forward packet for others is called forward energy, a node must reserve some energy to handle its own business is called self-energy, such as numerical computation, data generation, etc. they assume that node i has the action space < ai1, ai2 > in the energy distribution game, where ai1 is the amount of self-energy and ai2 is the amount of forward-energy. Obviously, ai1 and ai2 satisfy the condition ai1 + ai2 ≤ Ei so that Ei is dynamic changing with the passing of time and the increasing of interaction numbers. The utility function of node i is ui=ui [(a01,a02),(a11,a12);θ]. Suppose the function of ui is: ( ) ( ) )))) (4) (4)

An Optimal Method for Detecting Internal and External Intrusion in MANET

75

Where j = 1 − i, β +γ = 1, xi and yj are constants, which mean the existing previous profits foundations at the areas of self-energy and forward-energy. The constraint condition is ai1+ai2≤ Ei. So we let Ti j,g = (

⁄∑

)

(5)

evaluation. Another method is to integrate more numbers of interaction records: ∑

( )

Ti j,o =∑

( )

(6)

in equation (6) c is the interactive numbers in history. Clearly, c=k−1 means to integrate all the history records into the estimation of Ti j,o (k). In the realistic environment, recording all history information is impossible for a node. Therefore, the value of c should be determined in accordance with the actual situation. Calculation of weight factor. The weight factor α is important for the weighted average value of Tij. Assume the number of interactions between node i and node j is δ(i,j). Then we can calculate weight factor as: α =∑

(,) (,)

(7)

Where ( ∑ ( , ) 0)0) if it is equal to 0, it means that there is no interaction between nodes). Obviously, the more δ(i,j) is, the larger α is. It shows that node i and node j have close relations, so the calculation of trust value should prefer relying on the direct observation. Therefore nodes find out behavior of their neighbors after estimating trust value about them. We define the threshold of trust value T0, it depends on network application; if network application is confidential then we let (T0>> 0.5) otherwise (T0 =0.5). When node i want to forward packets via its neighbor, at first look at Tij (jЄNi) in its information memory base and choose node j that has the most trust value. So selfish or malicious node be denied of network services. Described trust evaluation process is classified into three phases: initial phase, update phase and reestablish phase [13]. In this paper introduce initialization phase: when node i enter MANET for the first time, it should evaluate the trust value of all neighbors. This process is called trust relationship initialization. Before initialization, the information base of node i is empty. First, node i discovers all neighbors by broadcasting hello request within one-hop range. After that, node i evaluates the trust value of the neighbors using the equation (1) described in previous sections. So that, at this time in the first of initialization phase, node i has not any history information about its neighbors. Initialization of Trust Relationship Phase. Step 1: Update the neighbor set Ni; 1.1 Node i send hello(i) massage to the all nodes within its radio rang . 1.2 Node j which received the hello(i), sends the reply( j) to node i and add node i to its own neighbor set. 1.3 After a time delay node i according to received reply(j)s message makes Ni set. Step 2: Update the trust value Tij .

76

M.K. Rafsanjani, L. Aliahmadipour, and M.M. Javidi

2.1 Node i plays game with neighbor node j and calculates Ti j,g and Ui j . 2.2 Read the history records about node j and calculates Ti j,o 2.3 Integrate the and into the trust value Ti j. Step 3: Update the information base. In this section we apply trust establishment relationship phase, therefore nodes can have an estimate of their neighbors behavior. So if node be malicious or selfish then its neighbors estimate low trust value about it and it is denied of network services or is removed. But if malicious or selfish node has important role in network, for example bridge or gateway, we couldn’t remove it, since losing it will cause a partition in the network and nodes will not be able to communicate between the clusters. Therefore in the next section, we proposed leader-IDS election scheme to always examine behavior of malicious or selfish node. 2.2 Our Leader Election Scheme Related Work. In the most of existing researches work on the election cluster leader in MANET, the election process can be based on one of the following models: Random [14], in this model each node is equally likely to be elected regardless of its remaining resources and node’s type. Connectivity index [15], in this approach elects a node with high degree of connectivity even though the node with both election schemes, some nodes will die faster than others, leading to a loss in connectivity and potentially the partition of network. Weight-based model [16], in this model elects a node with the most remaining resources without consider the type of node (selfish or malicious).In hierarchical [18], cluster based protocol to elect a leader in a mobile ad hoc network, and last method is a scheme that proposed by Mohammed et al.; a mechanism design-based multi-leader election scheme [16]. We investigated the advantages and disadvantages of last method and then improved the proposed method by Mohammed et al. [16]. In this approach authors consider appropriate criteria for electing the leader as most cost efficient and normal type and punish malicious node. To motivate nodes in behaving normally in every election round, they relate the detection service to nodes’ reputation value. The design of incentives is based on a classical mechanism design model, namely, Vickrey,Clarke, and Groves (VCG) [19]. The model guarantees that truth-telling is always the dominant strategy for every node during each election. Authors justify the correctness of proposed method through analysis and simulation. Empirical results indicate that their mechanism can effectively improve the overall lifetime and effectiveness of IDSs in a MANET. Therefore nodes to behave normally during the leaders election mechanism. However, a malicious node can disrupt their election algorithm by claiming a fake low cost just to be elected as a leader. Once elected, the node does not provide IDS services, which eases the job of intruders. To catch and punish a misbehaving leader who does not serve others after being elected, authors have proposed a decentralized catch-and-punish mechanism using random checker nodes to monitor the behavior of the leader [16]. To improve the performance and reduce the false positive rate of checkers in catching the misbehaving leader, they have also formulated a cooperative game-theoretical model to efficiently catch and punish misbehaving leaders with less false positive

An Optimal Method for Detecting Internal and External Intrusion in MANET

77

rates. This scheme can certainly be applied to thwart malicious nodes by catching and excluding them from the network. However this method considers appropriate criteria for electing the leader but increases overhead on the network. In this paper we use trust value of each node for estimating node’s behavior in leader election process. We improve the scheme that proposed by Mohammed et al[16] with establishment trust relationship between neighboring nodes instead of using VCG and checkers node in leader electing. Our proposed method considers the leader has most cost efficient and normal behavior. The cost Calculation for Analyzing packet of each node is presented in [16]. In our paper, before leader election mechanism in MANET must establish trust relationship between nodes in order that reconnoiter selfish or malicious node. After a period of a lifetime network we can apply Trust establishment relationship and leader election mechanism at the same time. Authors in [16] design an election protocol based on two requirements. First, to protect all the nodes in a network; every node should be monitored by some leader nodes. Second, to balance the resource consumption of IDS services, we want the overall cost of analysis for protecting the whole network to be minimized and leader provided that normal behavior. We assume that every node knows its neighbors, and their trust value. Which is reasonable since nodes usually have information based storage about their neighbors for routing purposes. To start a new election, the protocol uses four types of messages. Begin-Election, used by every node to initiate the election process; Hello, used to announce the cost of a node; Vote, sent by every node to elect a leader; Acknowledge, sent by the leader to broadcast its payment, and also as a confirmation of its leadership. For describing the protocol, we need the following notations: Service - table(k): The list of all ordinary nodes, those voted for the leader node k. reputation-table(k): The reputation table of node k. Each node keeps the record of reputation of all other nodes. Neighbors (k) is the set of node k’s neighbors. Leader node (k): The ID of node k’s leader. If node k is running its own IDS then the variable contains k. leader (k): a boolean variable and set to TRUE if node k is a leader. Otherwise it is FALSE. Each node has information base memory to save its properties and neighbor trust value. Leader Election Algorithm. Initially, all nodes start the election procedure by sending Begin−Election (H(k, ck)) messages. This message contains the hash value of its unique identifier (ID) and cost of analysis. This message is circulated among two hops of every node. On receiving the Begin−Election from all neighbors, each node sends its respective cost of analysis. Each node k checks whether it has received all the hash values from its neighbors. Then it sends Hello (IDk, costk). Step 1: for all nodes participate in leader election when receive ’Begin-Election’ 1.1 if (received ’Begin-Election’ from all neighbors) send Hello(IDk,, costk) Upon receiving the Hello from a neighbor node n, the node k compares the hash value to the real value to verify the cost of analysis. Then node k calculates the least-cost value among its neighbors and compares Tkj (jєNk); if node k finds out Tkj >T0 then votes for node j, else Tkj
78

M.K. Rafsanjani, L. Aliahmadipour, and M.M. Javidi

out that it has the least cost among all its neighbors then it votes for itself. Thus, node with minimum cost and more truthful is elected. T0 is threshold of node’s trust value in the network and depends on network application. Step2: executed by every node) For (i=1 to i ≤│Nk│ && ni єNk) { If(node i has the least –cost value && un Mark(node i) { if ( Tki > T0 ) { Send Vote (k, i); Leader node(k)=i; } else Mark(node i) } } The elected node i then calculates its payment [16] and sends an Acknowledge message to all the serving nodes. The Acknowledge message contains the payment and all the votes the leader received. The leader then launches its IDS. Step 3 : executed by elected leader node k for (i=1 to i ≤│Nk│ && ni єNk) { Send Acknowledge message to node i Leader(k) := TRUE; Compute payment, Pi; Update service−table(k); Update reputation−table(k); Acknowledge = Pi + all the votes; Send Acknowledge(i); } By this election mechanism we are sure leader be trustee and has enough remaining resource and also has least cost without we use VCG mechanism for incentive nodes to participate in election process and checkers node to punish malicious node. 2.3 Detection External Intruder by Leader Cluster In this phase of our method, for detecting external intruder by cluster leader, we use the method that proposed by Otrok et al; [5], because they formalize the tradeoff between security and IDS resource consumption as nonzero-sum, non cooperative game between leader and intruder with complete information about leader. As a result of game, leader IDS find out the threshold that if probability of attack exceed threshold then notify to victim node to launch its own IDS. Game guides intruder to attack once the probability of stepping into the robust mode is low. The game will be repeated such that in every election round the leader-IDS will be monitoring via sampling the

An Optimal Method for Detecting Internal and External Intrusion in MANET

79

protected node’s incoming traffic and deciding according to the game solution whether to inform the victim node to launch its IDS or not. In previous sections we discuss about trust establishment relationship in MANET and then proposed our leader election scheme. Now, we consider a MANET that nodes cooperate with each other without threat of internal intruder and they elect a low cost trustee leader in the their cluster to detect external intruders. In order to detect an intrusion, the leader-IDS samples the incoming packets for a target node based on a sampling budget determined through that target node’s reputation. Once the probability of attack goes beyond a threshold, the leader-IDS will notify the victim node to launch its own IDS. First we introduce details of game then propose solution of game based on [5]. Each player has private information about his/her preferences. In our case, the leader-IDS type is known to all the players while the external node type is selected from the type set: Θ ={Malicious (M), Normal (N)}. And we have the intruder’s pure strategy as Aintruder ={Attack ,Not Attack}. On the other hand, leader-IDS strategy is selected from the strategy space AIDS = {Robust, Moderate }. Knowing that the external node type is a private information. Bayesian Equilibrium dictates that sender’s action depends on his/her type θ. By observing the behavior of the sender at time tk, the leader-IDS can calculate the posterior belief evaluation function μtk+1(θi|ai) using the following Bayes rule: μtk+1(θi|ai) =∑

(

) (

( )

|

)

(

|

(8)

)

Where μtk (θi) > 0 and Ptk (ai|θi) is the probability that strategy ai is observed at this phase of the game given the type θ of the node i. It is computed as follows: Ptk (Attack|θi = M) = Em × O + Fm(1 − O)

(9)

Ptk (Attack|θi = N) = Fm

(10)

Where O is the probability of attack determined by the IDS. Fm is the false rate generated by the leader-IDS due to sampling and Em is the expected detection rate via sampling in moderate mode. We can shows Competition between the leader-IDS and external intruder in this game following table. Table 1. Moderate to robust game Strategy

Moderate

Robust

Attack

Co(Em)V-ca; Em V- Cm

Co(Er)V-Ca ; Er V-Cr

Not-Attack

0 ;-Cm

0 ; - Cr

By solving this game using pure strategy, there is no Nash equilibrium. Thus, mixed strategy is used to solve the game where q is the probability to run in robust mode and p is the probability to attack by the attacker. In Table I, the game is defined where the utility function of the IDS by playing the Robust strategy while the attacker plays the Attack strategy is defined as Er V−Cr. It represents the payoff of protecting the monitored node, which values V, from being compromised by the attacker, where

80

M.K. Rafsanjani, L. Aliahmadipour, and M.M. Javidi

Er V >> Cr . On the other hand, the payoff of the attacker if the intrusion is not detected is defined as Co(Er)V−Ca. It is considered as the gain of the attacker for compromising the victim node. Additionally, they define EmV−Cm as the payoff of IDS, if strategy Moderate is played while the attacker strategy remains unchanged. Conversely, the payoff of the attacker if the intrusion is not detected is defined as Co(Em)V−Ca.. Now, if the attacker plays Not-Attack strategy and the IDS strategy is Robust then the losses of the IDS is Cr while the attacker gains/losses nothing. Moreover, the payoff of the attacker with the same strategy and IDS strategy is Moderate is 0 while the losses of the IDS is defined as Cm which is the cost of running the IDS in moderate mode. Where, Co(Er)=1−Er, and Er is the expected detection of an intrusion in the robust mode. Er= E leader +E victim, where E leader and Evictim are the expected detection by leader-IDS and monitored node (victim) respectively. Em=Eleader is the expected detection in the moderate mode; so that only the leaderIDS is running the IDS to detect intrusions. On the other hand, Co(Em) is equal to 1−Em. Cr is the cost of running the IDS in robust mode. We define the cost as the aggregation of the cost of monitoring by the leader Cleader and cost of monitoring by the victim Cvictim. Cm is the cost of running the IDS in moderate mode which is equal to Cleader. Ca is the cost of attack by the intruder. V is the value of the protected victim node (asset). The value of V could vary from one node to another according to its role in the cluster. For example, gateway nodes are valued more than regular nodes. To solve the game and find the optimal values of p and q, the IDS and attacker compute their corresponding utility functions followed by the first derivative of the functions. From Table I the IDS utility function UIDS is defined as follows: UIDS = [qp(Er V − Cr) + p(1 − q)(Em V − Cm) − q(1 − p)Cr

(11)

−(1−q)(1−p)Cm]μ(θ = M)−[qCr+(1−q)Cm](1−μ(θ = M)) The main objective of the IDS is to maximize this utility function by choosing for a fixed p*, a q* strategy that maximizes the probability of protecting the victim node and leads to equilibrium where the following holds: UIDS(p*,q)≤UIDS(p*,q*)

(12)

To attain this aim, the IDS will calculate the optimal value of p* by finding the first derivative with respect to q* and setting it to zero. This will result to the following: p*=

(13)

The value of p* is used by the leader-IDS to decide whether to inform the victim node to launch its own IDS or not. Knowing that the leader-IDS is monitoring and analyzing traffic via sampling to detect an intrusion launched by an external attacker i. The IDS is computing the belief μ, as in Equation (8); each node to check whether it is behaving maliciously or normally. If the sender type is malicious and decided to attack by launching an intrusion the expected probability to be detected by leader-IDS is Eleader. Since the intrusion could be launched iteratively and could be missed in the coming iterations, the IDS will decide to inform the victim node to launch its own

An Optimal Method for Detecting Internal and External Intrusion in MANET

81

IDS if the probability of attack is greater than p*. On the other hand, the utility function Ua of the attacker is defined as follows: Ua = qp(Co(Er )V − Ca) + p(1 − q)(Co(Em )V − Ca)

(14)

The main objective of the attacker is to maximize this utility function by choosing for a fixed q*, a p* that maximizes the probability of compromising the victim node. To maximize the utility function, it is sufficient to set the first derivative with respect to p to zero which will be equal to:

∗

q*=

(

)

(15)

From the solution of the game, the attacker best strategy is to attack once the probability of running the IDS by the victim node (robust mode) is less than q*. To achieve this, the attacker will observe the behavior of the IDS at time tk to determine whether to attack or not at time tk+1 by comparing its estimated observation with the derived threshold. In this paper, three phases order to be implemented namely trust establishment relationship between neighboring node, election leader and detection external intruder, increase security, performance and reduce resource consumption for intrusion detection.

3 Conclusion Our method detects internal and external intrusions. A trust relationship creates between neighboring nodes and causes each node in the game with its neighboring nodes and also observation of their behavior, estimates a trust value for each node. If the estimated trust value of a node be less than a threshold, then this node is detected as a misbehaving node. It is clear, if this misbehaving node (selfish or malicious) is a connecting bridge between different parts of the network, we can not remove it, but this node should be always monitored by cluster head in order to intrusion detection. So, in the next phase, when we want to elect a leader for these neighboring nodes, the chance of electing misbehaving nodes as a leader will be decreased. While we consider neighboring nodes in a cluster, therefore, after passing a time period from the beginning of the network function, can run both Trust Establishment Relationship algorithm and Leader Election algorithm synchronously. The selected leader in the proposed method will be the ideal leader, because it has enough energy resource for intrusions detection in its cluster; and has the lowest cost for packet analyzing and also the leader isn’t misbehaving node. For detecting external intrusions a game is introduced that creates high performance and has low consumption cost.

References 1. Sun, B., Osborne, A.: intrusion detection techniques in mobile ad hoc and wireless sensor network. IEEE Wireless Communications, 56–63 (2007) 2. Lima, M., Santos, A., Pujolle, G.: A Survey of Survivability in Mobile Ad Hoc Networks. IEEE Communications surveys & tutorials, 66–77 (2009)

82

M.K. Rafsanjani, L. Aliahmadipour, and M.M. Javidi

3. García-Teodoroa, G., Díaz-Verdejoa, J., Maciá-Fernándeza, G., Vázquezb, E.: Anomalybased network intrusion detection. Techniques, Systems and Challenges, pp. 18–28. Elsevier, Amsterdam (2009) 4. Hu, Y., Perrig, A.: A survey of secure wireless ad hoc routing. IEEE Security and Privacy, 28–39 (2004) 5. Otrok, H., Mohammed, N., Wang, L., Debbabi, M., Bhattacharya, P.: A Moderate to Robust Game Theoretical Model for Intrusion Detection in MANETs. In: IEEE International Conference on Wireless & Mobile Computing, Networking & Communication, WIMOB, pp. 608–612 (2008) 6. Seshadri Ramana I, K., Chari, A., Kasiviswanth, N.: A Survey on trust Management for mobile ad hoc networks. International Journal of Network Security & Its Applications (IJNSA), 75–85 (2010) 7. Jiang, X., Lin, C., Yin, H., Chen, Z., Su, L.: Game-based Trust Establishment for Mobile Ad Hoc Networks. In: IEEE International Conference on Communications and Mobile Computing, CMC, pp. 475–479 (2009) 8. Eschenauer, L., Gligor, V., Baras, J.: Trust establishment in mobile ad-hoc networks. In: Proceedings of the Security Protocols Workshop, Cambridge (2002) 9. Ren, K., Li, T., Wan, Z., Bao, F., Deng, R.H., Kim, K.: Highly reliable trust establishment scheme in ad hoc networks. Comput. Networks 45(6), 687–699 (2004) 10. Morris, P.: Introduction to Game Theory, 1st edn. Springer, Heidelberg (1994) 11. Ganchev, A., Narayanan, L., Shende, S.: Games to induce specified equilibriaI. Theoretical Computer Science, pp. 341–350. Elsevier, Amsterdam (2008) 12. Patchay, A., Min Park, J.: A Game Theoretic Approach to Modeling Intrusion Detection in Mobile Ad Hoc Networks. In: Proceedings of the 2004 IEEE Workshop on Information Assurance and Security, pp. 280–284 (2004) 13. Wang, K., Wu, M., Shen, S.: A Trust Evaluation Method for Node Cooperation in Mobile Ad Hoc Networks. In: IEEE 50th International Conference on Information Technology: New Generations 2008, pp. 1000–1005 (2008) 14. Huang, Y., Lee, W.: A cooperative intrusion detection system for ad hoc networks. In: Proceedings of the 1st ACM Workshop Security of Ad Hoc and Sensor Networks, pp. 135– 147 (2003) 15. Kachirski, O., Guha, R.: Effective intrusion detection using multiple sensors in wireless ad hoc networks. In: 36th Annual Hawaii International Conference on System Sciences, pp. 57.1 (2003) 16. Mohammed, N., Otrok, H., Wang, L., Debbabi, M., Bhattacharya, P.: A mechanism design-based multi-leader election scheme for intrusion detection in MANET. In: Wireless Communications and Networking Conference, WCNC, pp. 2816–2821 (2008) 17. Dagadeviren, O., Erciyes, K.: A Hierarchical Leader Election Protocol for Mobile Ad Hoc Network. In: Bubak, M., van Albada, G.D., Dongarra, J., Sloot, P.M.A. (eds.) ICCS 2008, Part I. LNCS, vol. 5101, pp. 509–518. Springer, Heidelberg (2008) 18. Mas-Colell, A., Whinston, M., Green, J.: Microeconomic Theory. Oxford University Press, New York (1995) 19. Otrok, H., Mohammed, N., Wang, L., Debbabi, M., Bhattacharya, P.: A game-theoretic intrusion detection model for mobile ad-hoc networks. Computer Communications. Elsevier Journal, 708—721 (2008)

SNMP-SI: A Network Management Tool Based on Slow Intelligence System Approach Francesco Colace1, Massimo De Santo1, and Salvatore Ferrandino2 1 DIIIE – Università degli Studi di Salerno, via Ponte Don Melillo 84084 Fisciano (Salerno), Italy {fcolace,desanto}@unisa.it 2 Ufficio Sistemi Tecnologici – Università degli Studi di Salerno, via Ponte Don Melillo 84084 Fisciano (Salerno), Italy [email protected]

Abstract. The last decade has witnessed an intense spread of computer networks that has been further accelerated with the introduction of wireless networks. Simultaneously with, this growth has increased significantly the problems of network management. Especially in small companies, where there is no provision of personnel assigned to these tasks, the management of such networks is often complex and malfunctions can have significant impacts on their businesses. A possible solution is the adoption of Simple Network Management Protocol. Simple Network Management Protocol (SNMP) is a standard protocol used to exchange network management information. It is part of the Transmission Control Protocol/Internet Protocol (TCP/IP) protocol suite. SNMP provides a tool for network administrators to manage network performance, find and solve network problems, and plan for network growth. SNMP has a big disadvantage: its simple design means that the information it deals with is neither detailed nor well organized enough to deal with the expanding modern networking requirements. Over the past years much efforts has been given to improve the lack of Simple Network Management Protocol and new frameworks has been developed: A promising approach involves the use of Ontology. This is the starting point of this paper where a novel approach to the network management based on the use of the Slow Intelligence System methodologies and Ontology based techniques is proposed. Slow Intelligence Systems is a general-purpose systems characterized by being able to improve performance over time through a process involving enumeration, propagation, adaptation, elimination and concentration. Therefore, the proposed approach aims to develop a system able to acquire, according to an SNMP standard, information from the various hosts that are in the managed networks and apply solutions in order to solve problems. To check the feasibility of this model first experimental results in a real scenario are showed. Keywords: Network Management, Ontology, Slow Intelligence System, SNMP.

1 Introduction Networks and distributed computing systems are becoming increasingly important and at the same time, more and more critical to the world of Information Technology. T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 83–92, 2010. © Springer-Verlag Berlin Heidelberg 2010

84

F. Colace, M. De Santo, and S. Ferrandino

This rash spread, however, resulted in increased difficulty in configuring and managing networks. In fact, there is an emergence of diverse network devices and it has become greatly difficult to configure those multifarious network devices with a manual work. The concept of network management is quite articulated. It involves activities such as the identification and management of various devices, monitoring their performance and much more. So efficient and intelligent configuration management techniques are urgently needed to configure these devices with automation or semiautomation [1]. A solution for this problem can be the adoption of the Simple Network Management Protocol (SNMP). The SNMP manages network hosts such as workstations or servers, routers, bridges and hubs to a central computer that runs the network management software. SNMP performs management services through a distributed architecture of systems and management agents. Since its introduction in the late 1980s the SNMP showed good performance in monitoring for fault and performance, but it is very hard to use in managing large networks. In fact, SNMP structure of management information (SMI) or Next Generation Structure of Management Information (SMIng) is insufficient to represent hierarchical network configuration data. SNMP, besides, supports with difficulties several high-level management operations required by network configuration tasks. On the other hand as previously said the network management is a hot topic and there is a real interest in the development of an effective methodology. In literature, ontology is considered a good way for supporting the network management and many papers deal with ontology based methodologies for network management. In particular, they propose ontology as a layer able to improve the interoperability among devices and operators. In this sense [2] proposes an ontology driven approach to the semantic interoperability problem in the management of enterprise service. Another interesting approach is in [3], which proposes an improvement of the current network management methods with the application of formal ontologies techniques. In particular, it introduces management information meta-model integrating all the information that currently belongs to different management model used to interoperate with the managed resource. Another advantage related to this approach is the ability to include basic semantic behavior for a manager to monitor and control these resources. This paper introduces a novel approach to the network management based on the use of the Slow Intelligence System methodologies [4] and ontology. The proposed approach aims to develop a system able to acquire, according to an SNMP standard, information from the various hosts that are in the managed networks and apply solutions in order to solve problems. In particular, the proposed system can handle multiple networks and adopt solutions that have proved successful in some other context. By the use of ontologies, the system will be able to choose the right action to take when some hosts send SNMP alerts. The use of the Slow Intelligence System approach will allow the system to automatically infer the actions to take. This paper is organized as follows. The next section introduces the slow intelligence systems approach. The second section describes the ontology. The third section explains why a Slow Intelligence System needs Ontology to work at his best while the third section describes the proposed system. The last section introduces the first experimental results.

SNMP-SI: A Network Management Tool Based on Slow Intelligence System Approach

85

2 What Is a Slow Intelligence System? We will first introduce the concept of Slow Intelligence and present a general framework for designing and specifying Slow Intelligence Systems (SIS). We view Slow Intelligence Systems as general-purpose systems characterized by being able to improve performance over time through a process involving enumeration, propagation, adaptation, elimination and concentration. A Slow Intelligence System continuously learns, searches for new solutions and propagates and shares its experience with other peers. A Slow Intelligence System differs from expert systems in that the learning is implicit and not always obvious. A Slow Intelligence System seems to be a slow learner because it analyzes the environmental changes and carefully and gradually absorbs that into its knowledge base while maintaining synergy with the environment. A slow intelligence system is a system that solves problems by trying different solutions, is context-aware to adapt to different situations and to propagate knowledge, and may not perform well in the short run but continuously learns to improve its performance over time. Slow Intelligence Systems typically exhibit the following characteristics: Enumeration: In problem solving, different solutions are enumerated until the appropriate solution or solutions can be found. Propagation: The system is aware of its environment and constantly exchanges information with the environment. Through this constant information exchange, one SIS may propagate information to other (logically or physically adjacent) SISs. Adaptation: Solutions are enumerated and adapted to the environment. Sometimes adapted solutions are mutations that transcend enumerated solutions of the past. Elimination: Unsuitable solutions are eliminated, so that only suitable solutions are further considered. Concentration: Among the suitable solutions left, resources are further concentrated to only one (or at most a few) of the suitable solutions. The sixth one, on the other hand, is rather unique for SIS: Slow decision cycle(s) to complement quick decision cycle(s): SIS possesses at least two decision cycles. The first one, defined as the quick decision cycle, provides an instantaneous response to the environment. The second one, defined as the slow decision cycle, tries to follow the gradual changes in the environment and analyze the information acquired by experts and past experiences. The two decision cycles enable the SIS to both cope with the environment and meet long-term goals. Sophisticated SIS may possess multiple slow decision cycles and multiple quick decision cycles. Most importantly, actions of slow decision cycle(s) may override actions of quick decision cycle(s), resulting in poorer performance in the short run but better performance in the long run. Now we can consider the structure of SIS by the introduction of the basic building block and advanced building block. Problem and solution are both functions of time, thus we can represent the time function for problem as x(t)problem, and the time function for solution as y(t)solution. The timing controller is also a time

86

F. Colace, M. De Santo, and S. Ferrandino

function timing-control(t). For the two-decision-cycle SIS, the basic building block BBB can be expressed as follows: if timing-control(t) == 'slow' then /* timing-control(t) is ‘slow’ */ y(t)solution = gconcentrate (geliminate (gadapt (genumerate(x(t)problem)))) else /* timing-control(t) is not ‘slow’ */ y(t)solution = fconcentrate (feliminate (fadapt (fenumerate(x(t)problem))))

where genumerate, gadapt, geliminate, and gconcentrate are the transform functions for enumeration, adaptation, elimination and concentration respectively during slow decision cycles, and fenumerate, fadapt, feliminate, and fconcentrate are the transform functions for enumeration, adaptation, elimination and concentration respectively during quick decision cycles. An Advanced Building Block can be a stand-alone system. The major difference between an ABB and a BBB is the inclusion of a knowledge base, further improving the SIS’s problem solving abilities.

3 Why a Slow Intelligence System Needs Ontology? The definition of ontology is still a challenging task [5]. The term ‘ontology’ has its origin in the Greek word ‘ontos’, which means ‘being’. Therefore, in this sense ontology could be defined as a branch of philosophy dealing with the order and structure of reality. In the 1970s ontology came to be of interest in the computer science field. In particular the artificial intelligence community started to use the concept in order to create a domain of knowledge and establish formal relationships among the items of knowledge in that domain for performing some processes of automated reasoning, especially as a means for establishing explicit formal vocabulary to be shared among applications. The term ‘ontology’ was first used in the computer science field by Gruber who used the term to refer to an explicit specification of a conceptualization [6]. The use of this term is rapidly growing due to the significant role it plays in information systems, semantic web and knowledge-based systems, where the term ‘ontology’ refers to “the representation of meaning of terms in vocabularies and the relationships between those terms” [7]. Also this kind of definition is still satisfactory for each field where ontology can be applied and so perhaps a good practical definition would be this: “an ontology is a method of representing items of knowledge (ideas, facts, things) in a way that defines the relationships and classification of concepts within a specified domain of knowledge” [5]. Following this point of view, ontologies are “content theories”, since their principal contribution lies in identifying specific classes of objects and the relations that exist in some knowledge domains [8]. Ontologies can be classified into lightweight and heavyweight ontologies [9]. Lightweight ontologies include concepts, concept taxonomies, simple relationships between concepts (such as specialization “is_a”) and properties that describes concepts. Heavyweight ontologies add axioms and constraints to lightweight ontologies. Axioms and constraints clarify the intended meaning of the terms gathered in the ontology. Commonly ontology is defined as O = {C, A, H, RT, R} where: • C is the concept set. c ∈ C expresses one concept and in each ontology there is ever a root concept marked as “Thing”. In particular for each c ∈ C there exist a descendant nodes set (CDN) containing all its under layer concepts and an ancestry nodes set (CAN) containing all upper layer concepts

SNMP-SI: A Network Management Tool Based on Slow Intelligence System Approach

87

• A is the concept attributes set. For c ∈ C its attributes set is expressed as AC = {a1, …, an} where n expresses the number of attributes related to c • H expresses the concept hierarchy set. The formalism (ci,cj) means that ci is the sub-concept of cj. In other words this set contains the is_a relations among the classes. • RT is the set of semantic relations type. RT = RTD U RTU. RTD means the set of predefined relation (same_as, disjoint_with, equivalent) while RTU means the set of user defined relation type. The formalism (ci,cj, r) with r ∈ R T means that between ci and cj there is the r relation. The set RelRT(ci,cj) contains the relation r between ci and cj • R is the set of non-hierarchical relations. The formalism (ci,cj, r) with r ∈ R means that between ci and cj there is the r relation. The set Rel(ci,cj) contains the relation r between ci and cj

4 Ontological Basic Operations In this section the basic ontological operations will be introduced and explained in details: Definition 1. Ontology Equality Operator (OEO): the ontology equality operator is a function OEO : O → O It is so defined: given the ontologies O1={C1,A1,H1,RT1,R1} O2=OEO(O1) the obtained ontology is defined as O2={C1,A1,H1,RT1,R1} Definition 2. Ontology Change Operator (OCO): an ontology change operator is a function OCO : O → O that modifies the structure and the relations of ontology. In particular three different kinds of changes can be considered: Atomic_Change, Entity_Change and Composite_Change. Definition 3. Atomic Change Ontology (ACO): the atomic changes are further classified into additive changes (Addition) and removal changes (Removal), which represent the minimal operations that can be performed in ontology. Definition 4. Add Operator (ADD): the ADD operation add a concept c as the sub concept of d: ADD(c,d). Definition 5. Add Relationship Operator (ADDRel): the ADDRel operation add a relation, hierarchical or not, r between two nodes c and f of an ontology: ADDRel(c, d, r). Definition 6. AddAttribute Operator (ADDAtt): the ADDAtt attribute a to a concept c: ADDAtt(c,a). Definition 7. Del Operator (DEL): the DEL operation delete a concept c in the ontology: DEL(c). This operation erase also all the relationships of c with the other nodes of the ontology and all its sub-concepts and their relationships with the other node of the ontology. Definition 8. Entity Change Operator (ECO): the entity change operator introduces changes in the properties of classes.

88

F. Colace, M. De Santo, and S. Ferrandino

Definition 9. Composite Change Ontology (CCO): The composite change includes a set of ACO e ECO changes. Definition 10. Ontology Merging Function (OMF): the ontology merging function is a function OMF : OxO → O and it is so defined: given the ontologies O1={C1,A1,H1,RT1,R1} and O2={C2,A2,H2,RT2,R2} the merged ontology is defined as O3={C3,A3,H3, RT3,R3} where C 3 = C1 ∪ C 2 In particular the building merged ontology process will be the following: 1. O3 = O1 2. ∀ci ∈ C 2 with CAN(ci) ={Thing} and ∉ C1 then in O3 execute the atomic operation add(ci,Thing) and ∀a j ∈ AC addAttr(ci, aj) j 2

3. ∀ci ∈ C 2 with CAN(ci) ={Thing} and ∈ C1 then in O3 ∀a j ∈ Ac 2 and ∀ a j ∉ Ac 1 i i

execute the atomic operation addAttr(ci, aj) 4. ∀ci ∈ C 2 with CAN(ci) ≠ {Thing} and ∉ C1 then in O3 execute the atomic operation add(ci, cj) ∀cj∈ CAN(ci) and ∀a j ∈ AC j 2 addAttr(ci, aj) 5. ∀ci ∈ C 2 with CAN(ci) ≠ {Thing} and addAttr(ci, aj) 6. ∀ci , c j ∈ C2 and

∈ C1 then in O3 ∀a j ∈ AC j 2 and ∉ AC

j 1

∈ C 3 execute in O3 Addrel(ci, cj, rij)

Definition 11. Ontology Simplification Function (OSF): the ontology simplification function is a function osf : OxO → O . It is so defined: given the ontologies O1={C1,A1,H1,RT1,R1} and O2={C2,A2,H2,RT2,R2} the simplified ontology is defined as O3={C3,A3,H3, RT3,R3} where:

• •

O3 = OMF(O1, O2) ∀c i ∈ C3 with CDN(ci) is empty and if ∀c j ∈ C 3 Rel(ci, cj) is empty del(ci)

All the previous functions and operations will be adopted by the various system modules in order to accomplish their various tasks. In particular each of these functions can guarantee the sharing of knowledge and the improvement of each system knowledge domain.

5 A Slow Intelligence Network Manager Based on SNMP Protocol As previously said the aim of this paper is the introduction of a LAN-based management system based on SNMP protocol and the Slow Intelligence approach. Suppose to have M different LANs to which may belong to N different types of hosts that have to be managed. Each of these LANs is dynamic and therefore allows the introduction of new hosts and the disappearance of some of them. The local servers are in principle able to solve the main problems in the LAN management, but thanks to the dynamism of the LANS may be faced with unexpected situations. The environmental conditions in which the LAN operates can influence the performance of various hosts and must

SNMP-SI: A Network Management Tool Based on Slow Intelligence System Approach

89

be taken into account. In this scenario a fundamental role is played by ontologies. In particular it is necessary to introduce and define the following ontologies: OSNMP = {CSNMP, ASNMP, HSNMP, RTSNMP, RSNMP}. This ontology aims to define the entire structure of SNMP protocol by analyzing the various messages and the relations between them OFault = {CFault, AFault, HFault, RTFault, RFault}. This ontology describes each kind of possible errors that can occur within a LAN OCause = {CCause, ACause, HCause, RTCause, RCause}. This ontology defines the causes of the faults that may occur in a LAN OSolution = {CSolution, ASolution, HSolution, RTSolution, RSolution}. This ontology defines the solutions that can be taken to recover from fault situations which occurred within a LAN OAction = {CAction, AAction, HAction, RTAction, RAction}. This ontology aims to identify the actions to be taken in order to recover from fault situations OComponent = {CComponent, AComponent, HComponent, RhComponent, RAction}. This ontology describes the components that may be present within a LAN OEnvironment = {CEnvironment, AEnvironment, HEnvironment, RhEnvironment, REnvironment}. This ontology describes the environment where the LAN works In order to allow the communication among the various hosts and servers that are in the various LAN the following messages have to be introduced: MCSl(SNMP, ID_Components) = this is the SNMP message that the client sends to the local server when an error has occurred. The ID_Componente used to identify the type of component that launched the message. MSlC({Action}) = this message, sent by local server, contains the actions that the client have to implement for the resolution of the highlighted fault. The local server has to implement the following functions: O’Fault = f(MCSl(SNMP), O’SNMP) = this function aims to build the ontology of faults from the analysis of received SNMP messages and SNMP ontology within the local server. It is important to underline how the SNMP ontology on the local server is only a part of that present in the central server and is built from time to time following the faults that occur within the LAN. O’Cause = g(MCSl(SNMP), O’SNMP) = this function aims to obtain the ontology of the causes that generated the received SNMP messages. O’Solution = h(O’Fault, O’Cause) = this function calculates the ontology of possible solutions that the local server can find for the solution of the fault situation O’Action = k(O’Solutiom) = this function calculates the ontology of possible solutions that the system can identify error to resolve the situation highlighted by the SNMP These functions can be considered as the enumeration phase of the Slow Intelligent. After the determination of these functions the system can adopt the Action to apply in the LAN by the use of the following function: {Action} = t(O’Action, O’Component, O’Environment) = this is the set of actions that the client, or the host involved in the fault, must implement in order to solve the problem identi-

90

F. Colace, M. De Santo, and S. Ferrandino

fied by the SNMP message. In practice, this involves defining, from ontologies of actions and components, the instances of actions to implement to resolve the faults that occurred. This function implements the Adaptation, Elimination and Concentration phases of a Slow Intelligence System. All these operations are carried out by involving the local server and hosts on the managed LAN. It is obviously the local server can not always perform operations that are asked, because it does not know the full SNMP ontology. In fact the managed LAN can change: for example new components can be added. So new messages, functions and actions have to be expected among local servers and central server. The messages are so defined: MCSlj(SNMP, ID_Component) = this message contains the SNMP signal, sent by a host, that the local server is unable to manage and that it sends to the central network. The central server sends this message to the other local servers local in order to obtain information on the management of the SNMP signal. MSljC(O’SNMP-i, O’Cause-i, O’Solution-i, O’Action-i , {Actioni}) = this message contains the information obtained from local servers about the SNMP signal management. downstream of question to which they have undergone. This message can be empty when no local servers ever managed in the past this kind of SNMP signal. Related to these messages there are the following functions: O’SNMP-i = F(MSliSlj(SNMP), SNMP-j) = this function expresses the subset of the SNMP ontology built in the local server j needed by the local server i. O’Cause-i = G(O’SNMP-i) = this function expresses the ontology representing the causes of the fault. This ontology is built in the j-th local server and can be empty when this server never faced this problem. O’Solution-i = H(O’Cause-i) = this function gives the ontology of the solutions that can be adopted in order to solve the fault related to the SNMP signal. This ontology is built in the j-th local server and can be empty when this server never faced this problem. O’Action-i = K(O’Solution-i) = this function gives the ontology representing the actions that can be adopted for the solutions of the faults related to the SNMP signal. This ontology is built in the j-th local server and can be empty when this server never faced this problem. The central server collects all the ontologies, obtained in the various local servers and previously described, and selects one of them according to an analysis based on ontology similarity. After this phase the central server can determine the action that have to be applied in the i-th LAN in order to solve the fault. So these actions can be sent to the i-th local server. In this way the following function can be introduced: {Actioni} = T(O’Action-i, O’Component-j) = this function calculates the set of actions that the client must adopt in order to solve the problem identified by the SNMP signal. The set of possible actions can of course be zero. In this case the support of an expert is needed. The previous messages and functions implement the propagation phase of the slow intelligence system approach. The operational workflow is the following: Step 1: a SNMP messages generated by the Client as a result of a fault and sent to the local server Step 2: The local server receives the SNMP message and tries to identify the problem through analysis of various ontologies.

SNMP-SI: A Network Management Tool Based on Slow Intelligence System Approach

91

Step 3: If the local server can identify the problem it generates the solutions and the actions that the various hosts in the LAN have to be apply. Step 3.1: The hosts get the actions and put them into practice Step 4: If the local server does not identify the problem sends the report to the central server. Step 5: The central server sends to all local servers received the message Step 5.1: Other local servers after receiving the message attempts to determine the possible actions and then send everything to the central server. Step 6: If the central server has received the possible actions by local servers then sends them to the local server that has requested it. If no action is received, however, the central server, based on the received message and its general ontologies determines the actions to be sent to the local server. Step 7: the local server send the actions to the various hosts that are in the LAN Step 7.1: The hosts get the actions and put them into practice

6 Experimental Results In order to test the performance of the proposed system an experimental campaign has been designed. First of all the working scenario has been settled (figure 3). Three different LANs have been monitored. The first one is composed by a Cisco switch and 30 personal computers equipped with Microsoft as Operative System and Microsoft Office as applicative software. These personal computers can surf in internet using various browsers. The second one is composed by a Cisco router, a Cisco switch, two application servers and 50 personal computers with various operative systems. The application servers offer e-learning services. The third LAN is composed by a Nortel switch, a web server, a mail server, a HP network printer and 50 personal computers. For each LAN a local server and SNMP ontology (faults and actions) have been introduced. Each ontology is able to cover about the 50% of the SNMP events that the LAN’s devices can launch. The experimental phase aimed to evaluate the following system’s parameters:

•

The system’s ability to identify the correct management actions to apply in the LAN after a SNMP signal. This parameter, named CA, is so defined: CA =

•

# Correct _ Action # Correct _ Action + # Wrong _ Action

The system’s ability to manage the introduction of a new component in a LAN. In particular the system has to recognize components that were previously managed in other LANs. This parameter, named KC, is so defined: KC =

# Correct _ Action _ NC # Correct _ Action _ NC + #Wrong _ Action _ NC

The previous indexes were calculated in the following way:

•

The CA index: this index was calculated after one, two, three, four and five hours with not variations in the configuration of the LANs

92

•

F. Colace, M. De Santo, and S. Ferrandino

The KC index was estimated after the introduction of new components in a LAN. In particular new devices that are in the other LANs has been introduced in the LAN and this index was evaluated after one, two, three, four and five hours with not variations in the configuration of the LANs.

In the next table the obtained results are showed: Table 1. Obtained Results. The KC has to be considered as average value. Index CA KC

1 hour 75,00% 59,00%

2 hours 87,40% 74,33%

3 hours 91,33% 82,66%

4 hours 94,20% 91,50%

5 hours 98,50% 93,33%

The indexes show the good performances of the system. In particular the CA index, that expresses the ability of the system in the recognition of the correct actions in the LAN after a SNMP signal, is very good. The KC index witnesses how the system uses at the best the SIS approach. In fact the system improves its performances sharing knowledge among the various local servers. At the beginning the index is very low but it increases after few iterations.

7 Conclusions In this paper a novel method for network management has been introduced. This method is based on, SNMP; Ontology and Slow Intelligence System approach. It has been tested in an operative scenario and the first experimental seems to be good. The future works aim to improve the system by the use of new and effective methodologies for the ontology management and the use of other network management approaches.

References [1] [2] [3] [4] [5] [6] [7] [8] [9]

Xu, H., Xiao, D.: A Common Ontology-based Intelligent Configuration Management Model for IP Network Devices. In: Proceedings of the First International Conference on Innovative Computing, Information and Control Yiu Wong, A.K., Ray, P., Parameswaran, N., Strassner, J.: Ontology Mapping for the Interoperability Problem in Network Management. IEEE Journal on Selected Areas in Communication 23(10) (2005) López de Vergara, J.E., Guerrero, A., Villagrá, V.A., Berrocal, J.: Ontology-Based Network Management: Study Cases and Lessons Learned. J. Network Syst. Manage. 17(3), 234–254 (2009) Chang, S.-K.: A General Framework for Slow Intelligence Systems. International Journal of Software Engineering and Knowledge Engineering 20(1), 1–15 (2010) Jepsen, T.: Just What Is an Ontology, Anyway? IT Professional 11(5), 22–27 (2009) Gruber, T.R.: Translation approach to portable ontology specification. Knowledge Acquisition 5, 199–220 (1993) OWL Web Ontology Overview, W3C Recommendation (February 10, 2004), http://www.w3.org/TR/2004/REC-owl-features-20040210/ Maedche, A., Staab, S.: Ontology Learning for the Semantic Web. IEEE Intelligent Systems 16(2), 72–79 (2001) Corcho, O.: A Layered Declarative Approach to Ontology Translation with Knowledge Preservation. Frontiers in Artificial Intelligence and Applications, vol. 116 (2005)

Intrusion Detection in Database Systems Mohammad M. Javidi, Mina Sohrabi, and Marjan Kuchaki Rafsanjani Department of Computer Science, Shahid Bahonar University of Kerman, Kerman, Iran [email protected], [email protected], [email protected]

Abstract. Data represent today a valuable asset for organizations and companies and must be protected. Ensuring the security and privacy of data assets is a crucial and very difficult problem in our modern networked world. Despite the necessity of protecting information stored in database systems (DBS), existing security models are insufficient to prevent misuse, especially insider abuse by legitimate users. One mechanism to safeguard the information in these databases is to use an intrusion detection system (IDS). The purpose of Intrusion detection in database systems is to detect transactions that access data without permission. In this paper several database Intrusion detection approaches are evaluated. Keywords: Database systems, Intrusion Detection System (IDS), Transaction.

1 Introduction Protecting data in network environments is a very important task nowadays. One way to make data less vulnerable to malicious attacks is to deploy an intrusion detection system (IDS). To detect attacks, the IDS is configured with a number of signatures that support the detection of known intrusions. Unfortunately, it is not a trivial task to keep intrusion detection signatures up to date because a large number of new intrusions take place daily. To overcome this problem, the IDS should be coupled with anomaly detection schemes, which support detection of new attacks. The IDSs cause early detection of attacks and therefore make the recovery of lost or damaged data simpler. Many researchers are working on increasing the intrusion detection efficiency and accuracy, but most of these efforts are to detect the intrusions at network or operating system level. They are not capable of detecting corruption data due to malicious transactions in databases. In recent years, researchers have proposed a variety of approaches for increasing the efficiency and accuracy of intrusion detection. Most of these efforts focus on detecting intrusions at the network or operating system level [1-6] and are not capable of detecting the malicious intrusion transactions that access data without permission. The corrupted data can affect other data and the damage can spread across the database very fast, which impose a real danger upon many real-world applications of databases. Therefore such attack or intrusions on the databases should be detected quickly and accurately. Otherwise it might be very difficult to recover from such damages. T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 93–101, 2010. © Springer-Verlag Berlin Heidelberg 2010

94

M.M. Javidi, M. Sohrabi, and M.K. Rafsanjani

There are many methodologies in database intrusion detection such as access patterns of users, time signatures, Hidden Markov Model, mining data dependencies among data items and etc. Researchers are working on using Artificial Intelligence and Data Mining to make the IDS more accurate and efficient. The rest of this paper is organized as follows: Section II presents the various approaches proposed for intrusion detection in database systems. In section III, we compare the approaches by giving their highlighting features and finally the performances of the approaches, which improve the previous ones, are evaluated in detail.

2 Approaches 2.1 Access Patterns of Users Chung et al. [7] proposed DEMIDS (DEtection of MIsuse in Database Systems) for relational database systems. This misuse detection system uses audit logs to build profiles, which describe the typical behavior of users working with the database systems by specifying the typical values of features audited in audit logs. These profiles can be used to detect both intrusion and insider abuse, but in particular DEMIDS detects malicious behavior by legitimate users who abuse their privileges. By a database schema and associated applications, some working scopes comprising certain sets of attributes, which are often referenced together with some values, will be formed by the access patterns of users. The idea of working scopes has been captured well by the concept of frequent item-sets, which are sets of features with certain values. DEMIDS defines a notion of distance measure, which measures the closeness of a set of attributes with respect to the working scopes, by integrity constraints (the data structure and semantics, which are encoded in the data dictionary) and the user behavior reflected in the audit logs. Distance measures are used for finding the frequent item-sets in the audit logs, which describe the working scopes of users by a novel data mining approach. Then misuse can be detected by comparing the derived profiles against the security policies specified or against new information (audit data) gathered about the users. 2.2 Time Signatures Lee et al. [8] proposed an intrusion detection system for real-time database systems via time signatures. Transactions often have time constraints in real time database systems (like in Stock Market applications). They exploit the real-time properties of data in intrusion detection. Their approach monitors the behavior at the level of sensor transactions, which are responsible for updating the values of real-time data. Sensor transactions have predefined semantics such as write-only operations and well defined data access patterns where as user transactions have wide varieties of characteristics. Real time database systems deal with temporal data objects, which should be updated periodically and their values change over time. Therefore a sensor transaction is generated in every period. They supposed that every sensor transaction consumes time e to complete the processing, where 0 < e < P, P is the time period to update the temporal data and there is only one transaction in a period P. By applying this

Intrusion Detection in Database Systems

95

signature, if a transaction attempts to update a temporal data, which is already being updated in that period, an alarm will be raised. 2.3 Hidden Markov Model The approach proposed by Barbara et al. [9] for database intrusion detection uses Hidden Markov Model (HMM) and time series to find malicious corruption of data. They used HMM to build database behavioral models, which capture the changing behavior over time and recognized malicious patterns with using them. 2.4 Mining Data Dependencies among Data Items Hu et al. [10] proposed a model for detecting malicious transactions that are targeted at corrupting data. They used data mining approach for mining data dependencies among data items, which are in the form of classification rules, i.e., what data items are most likely to be updated after one data item is updated and what other data items probably need to be read before this data item is updated in the database by the same transaction. The transactions not compliant to the data dependencies generated are identified as malicious transactions. Compared to the existing approaches for modeling database behavior [9] and transaction characteristics [7,8] for detecting malicious transactions, the advantage of their approach is that it’s less sensitive to the change of user behaviors and database transactions. It’s based on the fact that although the transaction program in real-world database applications changes often, the whole database structure and essential data correlations does not change a lot. 2.5 Role-Based Access Control (RBAC) Model Bertino et al. [11] proposed an intrusion detection system for database systems, which is conceptually very similar to DEMIDS. One important fact that they considered is that databases typically have very large number of users and therefore keeping a profile for each single user is not practical. Hence their approach is based on the wellknown role-based access control (RBAC) model. It builds a profile for each role and checks the behavior of each role with respect to that profile. Under an RBAC system, permissions are associated with roles rather than with single users. With using roles, the number of profiles to build and maintain is much smaller than when considering individual users. Therefore their approach is usable even for databases with large user population. “Other important advantages of RBAC are that it has been standardized (see the NIST model [12]) and has been adopted in various commercial DBMS products as well in security enterprise solutions [13]. This implies that an ID solution, based on RBAC, could be deployed very easily in practice.” [11] Moreover, the approach used by DEMIDS for building user profiles assumes domain knowledge about the data structures and semantics encoded in a given database schema, which can adversely affect the general applicability of their methods, but Bertino et al. built profiles using syntactic information from the SQL queries, which makes their approach more generic than others’ ones. They used Naïve Bayes Classifier to predict the role which the observed SQL command most likely belongs to, and

96

M.M. Javidi, M. Sohrabi, and M.K. Rafsanjani

compared it with the actual role. If the roles differ from each other, the SQL statement is considered illegal. 2.6 Weighted Data Dependency Rule Miner (WDDRM) Srivastava et al. [14] proposed an approach for database intrusion detection using a data mining technique, which improves the approach offered by Hu et al. [10]. With respect to the size of current databases being increased at the number of attributes, Srivastava et al. considered that it is very difficult for administrators to keep track of all attributes whether they are accessed or modified correctly or not so their approach takes the sensitivity of the attributes into consideration. Sensitivity of an attribute shows the importance of the attribute for tracking against malicious modifications. They divided the attributes into different categories based on their relative importance or sensitivity. Therefore the administrator checks only those alarms, which are generated due to malicious modification of sensitive data instead of checking all the attributes. If sensitive attributes are to be tracked for malicious modifications then generating data dependency rules for these attributes is essential because if there is not any rule for an attribute, the attribute cannot be checked. The approach proposed by Hu et al. [10] does not generate any rule for high sensitive attributes, which are accessed less frequently because it does not consider the sensitivity of attributes. The motivation of Srivastava et al. for dividing attributes in different sensitivity groups and assigning weights to each group is to bring out the dependency rules for possibly less frequent but more important attributes. Therefore they named their algorithm “weighted data dependency rule miner” (WDDRM). After generating the weighted data dependency rules, the algorithm marks the transactions, which do not follow the extracted data dependencies as malicious transactions. Srivastava et al. compared their work with the non-weighted dependency rule mining approach. They carried out several experiments and showed that WDDRM performs better than non-weighted dependency rule mining approach. 2.7 Dependencies among Data Items and Time-Series Anomaly Analysis Hashemi et al. [15] proposed an approach for identifying malicious transactions using a data mining technique, which detects malicious transactions more effectively than the approach proposed by Hu et al. [10]. They considered that the approach proposed by Hu et al. [10] has some major disadvantages. “It can only find malicious transactions that corrupt data items and cannot identify transactions that read data without permission. This results in a significant reduction in the detection rate when most malicious transactions only intend to read data items illegally. In addition, when a dependency rule is violated by a transaction, without considering the confidence of the rule, the transaction is always identified as an intrusion. This incurs a high false positive rate. Furthermore, sometimes consistency rules of a database do not allow users to execute any arbitrary transaction and hence dependency between data items is no longer violated. But there can be some abnormal variations in the update pattern of each data item.” [15]

Intrusion Detection in Database Systems

97

These types of intrusions that are not detected by the previous models are considered by Hashemi et al. By detecting these intrusions, their proposed approach is able to significantly improve the intrusion detection rate. Their approach has three advantages. First, dependency rules among data items are extended to not only detect transactions that write data without permission, but also to detect transactions that read data without permission. Second, a novel behavior similarity criterion is introduced to reduce the false positive rate of the detection. Third, time-series anomaly analysis is conducted to identify intrusion transactions, which update data items with unexpected pattern. They detected intrusion transactions in databases using two components. (1) The first component extracts dependency rules among data items, which are represented by the order in which these items are accessed (read or write). It is similar to the approach offered by Hu et al. [10], but the concept of malicious transactions is extended from those that corrupt data to those that either read data or write data or both without permission. Moreover, when a transaction t violates a dependency rule, it is not identified as malicious immediately. Their approach examine whether there exists any normal transaction, which violates t and has similar behavior to it. If such a transaction exists, t is not considered as intruder. This is desirable because, in reality, dependency rules are not always 100% correct. (2) The second component uses anomaly analysis of the time series corresponding to each data item. The anomaly analysis approach can detect intrusion transactions, which cannot be identified by first component. This component extracts the time series from the normal transaction log for each data item and divides it using clustering techniques. This component uses a suffix tree structure to efficiently discover normal update patterns and their frequencies for the corresponding data item based on the separated representation of each time series. The anomaly weight of each pattern is calculated by the difference between its occurrence frequency in the transaction in question and in the normal time series. Finally, using weighted output integration, the final decision is made by combining the outputs of the above two components. Hashemi et al. conducted several experiments for evaluating the performance of their proposed method comparing with the performance of the approach presented by Hu et al. [10], in terms of false positive and true positive rates and they showed that their proposed approach achieves better performance than the rival method in all experiments.

3 Comparison of Approaches We have reviewed existing approaches of database intrusion detection in this paper. The highlighting features of them are as follows: • Chung et al. [7] applied access patterns of users to detect intrusions. Their misuse detection system (DEMIDS) utilizes audit logs to build profiles which describe the typical behavior of users working with the database systems. The derived profiles are used to detect misuse behaviors.

98

M.M. Javidi, M. Sohrabi, and M.K. Rafsanjani

• Lee et al. [8] used time signatures to detect intrusions in real-time database systems. Time signatures are tagged to data items and security alarm is raised when a transaction attempts to write a temporal data item that has already been updated within a certain period. • Barbara et al. [9] utilized Hidden Markov Model to simulate users’ behavior for detecting malicious data corruption. • Hu et al. [10] detected malicious transactions that are targeted at corrupting data. They mined data dependencies among data items, which are in the form of classification rules. The transactions that do not follow the mined data dependencies are identified as intruders. • Bertino et al. [11] employed role-based access control to detect intrusions in database systems. Their approach is usable even for databases with large user population. It uses Naïve Bayes Classifier to predict the role which the observed SQL command most likely belongs to and compares it with the actual role. If the roles are different, the SQL statement is considered illegal. • Srivastava et al. [14] improved the approach offered by Hu et al. [10]. They proposed a novel weighted data dependency rule mining algorithm that considers the sensitivity of the attributes while mining the dependency rules so it generates rules for possibly less frequent but more important attributes. • Hashemi et al. [15] extended the approach presented by Hu et al. [10]. Their approach is based on (1) mining dependencies among data items, (2) finding abnormal update patterns in time series corresponding to each data item’s update history. The concept of malicious transactions is extended from those that corrupt data to those that either read data or write data or both without permission. As mentioned earlier, some of these approaches improved the approaches proposed before them. For instance Srivastava et al. [14] improved the approach offered by Hu et al. [10]. For studying relative performance, they have compared their work with the non-weighted dependency rule mining approach (Hu et al. [10]), which they call as DDRM. Fig.1 shows the loss suffered by the intrusion detection system in terms of weight unit using both approaches. It is observed that WDDRM outperforms DDRM. This is because WDDRM tracks the sensitive attributes in a much better way than DDRM and therefore overall loss is minimized.

Fig. 1. Comparison of DDRM and WDDRM [14]

Intrusion Detection in Database Systems

99

Another instance is the approach offered by Hashemi et al. [15], which extends the approach proposed by Hu et al. [10]. Several experiments were conducted for evaluating the performance of the proposed method in terms of false positive and true positive rates. The first experiment was devoted to the false positive rates of the rival algorithms. As it can be seen from Table 1, the false positive rate of Hashemi et al. method is desirably less than that of the offered method by Hu et al. [10]. This improvement is mainly because the behavior similarity measure that helps their algorithm avoids miss-identifying normal transactions as intruders. Second experiment assesses the true positive rates of the algorithms and focuses on dependency between data items regardless of the pattern by which the value of a particular data item changes. It can be observed from Table 2 that with an increase in the dependency between data items, both algorithms’ true positive rates increase, but the Hashemi et al. approach always performs better than the alternative method. This improvement is achieved using the read and write sequence sets, which take into account the variety of dependencies among read and write operations. They conducted the third experiment to compare true positive rate of their approach against the rival method based on both dependency rules and the pattern by which the value of every data item changes. It is observed from Table 3 that again the proposed approach achieves better performance than the rival method with different dependency factors. Their approach’s advantage results from the fact that it considers not only the dependency rules, but also the anomaly in update patterns. Table 1. False Positive Rates (FPR) of the proposed approaches by Hashemi et al. and Hu & Panda in the first experiment [15] Dependency factor

1

2

3

4

5

2

4

6

7

8

FPR (%)

1.5

1.8

1.9

1.7

1.8

No. of rules

1

2

3

4

4

FPR (%)

5.2

9.6

10.2

11.4

7.5

Hashemi et al.’s approach No. of rules

Hu & Panda’s approach

Table 2. True Positive Rates (TPR) of the proposed approaches by Hashemi et al. and Hu & Panda in the second experiment [15] Dependency factor Hashemi et al.’s approach

Hu & Panda’s approach

1

2

3

4

5

No. of rules

2

4

6

7

8

TPR (%)

44.8

70.8

82.6

87.3

90.7

No. of rules

1

2

3

4

4

TPR (%)

33.3

58.1

72.5

81.3

82.1

100

M.M. Javidi, M. Sohrabi, and M.K. Rafsanjani

Table 3. True Positive Rates (TPR) of the proposed approaches by Hashemi et al. and Hu & Panda in the third experiment [15] Dependency factor

1

2

3

4

5

2

4

6

7

8

TPR (%)

83.7

93.6

97

97.6

98.8

No. of rules

1

2

3

4

4

TPR (%)

26.2

58.7

75.3

78.8

83.9

Hashemi et al.’s approach No. of rules

Hu & Panda’s approach

4 Conclusion We have reviewed and compared current studies of intrusion detection in database systems. In particular, this paper reviews existing approaches which are between 2000 and 2008. The methodologies of the approaches are Access patterns of users, Time signatures, Hidden Markov Model, Mining data dependencies among data items, Role-based access control (RBAC) model, Weighted data dependency rule miner and finally Dependencies among data items and time-series anomaly analysis. As mentioned earlier, some of these approaches improved the approaches proposed before them. Srivastava et al. improved the approach proposed by Hu & Panda. They tracked the sensitive attributes in a much better way than & Panda and therefore their overall loss has been minimized. They showed that their method outperforms the rival method. Also Hashemi et al. extended the approach proposed by Hu & Panda. [10]. Their improvement is mainly because of three factors, which are as follows: • The behavior similarity measure that helps their algorithm avoids missidentifying normal transactions as intruders. • Using the read and write sequence sets, which take into account the variety of dependencies among read and write operations. • Considering not only the dependency rules, but also the anomaly in update patterns. Their experimental evaluations showed that their approach has a better performance than the rival method.

References 1. Forrest, S., Hofmeyr, S.A., Somayaji, A., Longstaff, T.A.: A Sense of Self for Unix Processes. In: IEEE Symposium on Security and Privacy, pp. 120–128. IEEE Computer Society Press, Los Alamitos (1996) 2. Javitz, H.S., Valdes, A.: The SRI IDES Statistical Anomaly Detector. In: IEEE Symposium on Security and Privacy (1991) 3. Frank, J.: Artificial Intelligence and Intrusion Detection: Current and Future Directions. In: 17th National Computer Security Conference (1994)

Intrusion Detection in Database Systems

101

4. Noel, S., Wijesekera, D., Youman, C.: Modern intrusion detection, data mining, and degrees of attack guilt. In: Applications of Data Mining in Computer Security. Kluwer Academic, Dordrecht (2002) 5. Ertoz, L., Eilertson, E., Lazarevic, A., Tan, P., Srivava, J., Kumar, V., Dokas, P.: The MINDS – Minnesota Intrusion Detection System. In: Next Generation Data Mining, MIT Press, Boston (2004) 6. Qin, M., Hwang, K.: Frequent episode rules for Internet traffic analysis and anomaly detection. In: IEEE Conference on Network Computing and Applications (NAC 2004). IEEE Press, New York (2004) 7. Chung, C.Y., Gertz, M., Levitt, K.: Demids: A Misuse Detection System for Database Systems. In: Integrity and Internal Control Information Systems: Strategic Views on the Need for Control, pp. 159–178. Kluwer Academic Publishers, Norwell (2000) 8. Lee, V.C., Stankovic, J., Son, S.H.: Intrusion Detection in Real-Time Database Systems via Time Signatures. In: 6th IEEE Real Time Technology and Applications Symposium (RTAS 2000), p. 124 (2000) 9. Barbara, D., Goel, R., Jajodia, S.: Mining Malicious Data Corruption with Hidden Markov Models. In: 16th Annual IFIP WG 11.3 Working Conference on Data and Application Security, Cambridge, England (2002) 10. Hu, Y., Panda, B.: A Data Mining Approach for Database Intrusion Detection. In: ACM Symposium on Applied Computing, pp. 711–716 (2004) 11. Bertino, E., Kamra, A., Terzi, E., Vakali, A.: Intrusion Detection in RBAC-administered Databases. In: 21st Annual Computer Security Applications Conference, pp. 170–182 (2005) 12. Sandhu, R., Ferraiolo, D., Kuhn, R.: The NIST Model for Role Based Access Control: Towards a Unified Standard. In: 5th ACM Workshop on Role Based Access Control. (2000) 13. Karjoth, G.: Access Control with IBM tivoli Access Manager. ACM Transactions on Information and Systems Security (TISSEC) 6(2), 232–257 (2003) 14. Srivastava, A., Sural, S., Majumdar, A.K.: Weighted Intra-transactional Rule Mining for Database Intrusion Detection. In: Ng, W.-K., Kitsuregawa, M., Li, J., Chang, K. (eds.) PAKDD 2006. LNCS (LNAI), vol. 3918, pp. 611–620. Springer, Heidelberg (2006) 15. Hashemi, S., Yang, Y., Zabihzadeh, D., Kangavari, M.: Detecting Intrusion Transactions in Databases Using Data Item Dependencies and Anomaly Analysis. Expert Systems J. 25(5) (2008)

A Secure Routing Using Reliable 1-Hop Broadcast in Mobile Ad Hoc Networks Seungjin Park1 and Seong-Moo Yoo2 1

Department of Management and Information Systems University of Southern Indiana Evansville, IN 47712, USA 2 Electrical and Computer Engineering Department The University of Alabama in Huntsville Huntsville, AL 35899, USA [email protected], [email protected]

Abstract. Among many ways to achieve security in wireless mobile ad hoc networks, the approach taken in this paper is to ensure that all nodes in the network receive critical information on security such as public keys. To achieve this, a reliable global broadcasting of the information must be accomplished, which in turn, relies on a reliable 1-hop broadcasting in which a message from the source node is guaranteed to be delivered to all nodes within the source node’s transmission range. This paper presents a MAC protocol that guarantees a reliable and efficient 1-hop broadcast. The unique feature of the proposed algorithm is that each node is able to dynamically adjust its transmission range depending on the node density around it. Simulation results show the effectiveness of the proposed algorithm. Keywords: Secure, routing, ad hoc network, 1-hop broadcasting.

1 Introduction A Mobile Ad Hoc Network (MANET) consists of a set of wireless mobile hosts (or nodes) that are free to move in any direction at any speed. A MANET does not require any preexisting fixed infrastructures, and therefore it can be built on the fly. However, due to its inherent properties such as lack of infrastructure, mobility of nodes, and absence of trusted centralized node, MANETs suffer significant security issues. Among many proposed algorithms on security in ad hoc networks, a group of researchers have taken routing as a main approach to attain the security in the network [17, 18, 19]. Note that those algorithms might not work properly if there were not a reliable 1-hop broadcast, since most of the algorithms are based on it. In this paper, a reliable 1-hop broadcast is proposed to support the security. Due to the nature of wireless networks, a transmission in the networks is basically a 1-hop broadcast, in which a signal transmitted from a node (source node) reaches all nodes within its transmission range (neighbors of the source node). Many important T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 102–111, 2010. © Springer-Verlag Berlin Heidelberg 2010

A Secure Routing Using Reliable 1-Hop Broadcast in Mobile Ad Hoc Networks

103

algorithms in MANETs heavily depend on the performance of 1-hop broadcasting [11, 12, 13, 14, 15]. These algorithms only work correctly provided that the 1-hop broadcasting is reliable, i.e., packet delivery from the source node to all its neighbor nodes is guaranteed. Otherwise, inaccurate and/or insufficient information may cause severe degradation of the algorithms and therefore result in an unsecure network. Although many algorithms have been developed based on a reliable 1-hop broadcasting, thus far not many reliable 1-hop broadcasting protocols actually have been proposed. Achieving a reliable 1-hop broadcast in wireless networks is not easy due to the collisions caused by a phenomenon known as Hidden Terminal Problem [1]. If a transmission is just between two nodes (i.e., point-to-point communication), then RTS-CTS protocol can be resolve the problem eventually [16]. However, point-topoint approach will be extremely inefficient and often useless if it is used for 1-hop broadcast in MANETs. Another degradation of network throughput occurs when nodes cannot explore possible simultaneous transmissions. An example of this type is the Exposed Terminal Problem [2] that prevents nearby nodes from successful simultaneous transmissions. Many communication algorithms proposed thus far are based on the single-channel MAC protocols. However, IEEE 802.11 standard for wireless LAN provides multiple channels for communication between nodes in the network [1]. Although using only one channel is simple to implement, utilizing multiple channels may allow simultaneous communication without causing any collision and contention. Therefore, higher network throughput can be achieved if the multiple channels are used carefully [2, 3, 4, 5]. This paper presents a reliable 1-hop broadcasting algorithm called Flexible Reliable 1-hop Broadcasting (FROB) that guarantees the delivery of broadcast message from the transmitting node to all nodes within its transmission range. Like EROB [6], FROB uses three different channels, one for data packets transmissions and two for control packet transmissions to prevent collisions. However, main difference between EROB and FROB is that EROB allows a node to use only two different levels of transmission ranges, whereas FROB uses many different transmission ranges for control and data transmission for further increase in the network throughput by allowing as many simultaneously transmissions as possible. Simulation results show that FROB outperforms naïve algorithm that does not provide any precaution on collisions, another algorithm that implements CSMA/CA [7], and EROB. The rest of the paper is organized as follows. Section 2 explains terminology and related works for the paper. New 1-hop broadcasting algorithm is presented in Section 3 followed by simulation result in Section 4. Finally, conclusion and discussion will be presented in Section 5.

2 Preliminary Basic knowledge, terminology, and related works that help understanding this paper will be presented in this section.

104

S. Park and S.-M. Yoo

B TRV S

D V

TRS C

Fig. 1. An illustration of Hidden Terminal Problem. Simultaneous transmissions from both V and S will cause a collision at nodes within the overlapped area of S’s and V’s transmission ranges, for example D. Note that V cannot detect S’s transmission since V is out of S’s transmission range.

2.1 Terminology When a node S in a wireless network transmits a signal, the signal propagates all directions to the distance usually proportional to the transmission power. The area covered by the signal is approximated by a circle centered at S and is called transmission range (or broadcast area) and is denoted as TRS. TRS is also used to denote the radius of the area, if there is no possibility of confusion. In this paper, it is assumed that every node has the same maximum transmission range, and can adjust its transmission range depending on the network density around it. If a node S transmits a packet type P, then the transmission range required for the transmission is denoted as TRS,P. If S uses its maximum transmission power, it is denoted as TRS,MAX or simply TRMAX. Figure 1 shows transmission ranges of S and V. A set of nodes in TRV is denoted as N(V). Any node P∈N(V) is called a 1-hop neighbor (or simply a neighbor) of V. Likewise, if the minimum number of links connecting nodes P and Q is n, they are n-hop neighbors each other. n the following, a neighbor implies a 1-hop neighbor, unless otherwise specified. n Figure 1, nodes B, C, D are the neighbors of S, and D is a neighbor of V. Note that transmission and 1-hop broadcast are synonymous in wireless networks, since when the source node transmits a packet, the packet actually reaches all nodes in the source’s transmission range (the same effect as 1-hop broadcast). An area is called broadcast threatening area of node V such that the transmission from a node, say W, in that area causes TRV ∩ TRW ≠ {}. Since it is assumed in this paper that every node has the same maximum transmission range, TRV = TRW =

A Secure Routing Using Reliable 1-Hop Broadcast in Mobile Ad Hoc Networks

105

TRMAX for every node. Therefore, the radius of the broadcast threatening area of V would be 2*TRV. In this paper, different channels are assigned to the different packet types. A channel that is used to transmit packet type P is denoted as CHP. 2.2 Related Works Among some related works [6, 8, 9, 10], most recently, Park and Yoo [6] have proposed an algorithm called Efficient Reliable 1-Hop Broadcasting (EROB) that is similar to the proposed algorithm FROB. Although EROB works with node mobility, here we present the version with static nodes. Two types of packets are used in EROB: control packets and data packets. Data packets contain the data to be 1-hop broadcast, and control packets are used to enhance the efficiency of the data packet transmission. Although control packets may not be essential, the network throughput is usually higher with them due to their control over packet collisions. For example, using RTS and CTS control packets may produce higher network throughput [16]. EROB uses only a single type of control packet called Broadcast-In-Progress (BIP in short) to prevent collisions for achieving reliable 1-hop broadcast. A BIP is produced and used in two cases. 1) Prior to 1-hop broadcast of a data packet, a node transmits a BIP to secure not only the broadcast area but also broadcast threatening area as well to prevent possible collisions. 2) On receiving a BIP, a node that is currently involved in any other communication generates and transmits a BIP to warn other nodes in its broadcast threatening area not to initiate data packet transmission. To prevent the data collisions, EROB uses three different channels. CHBIP and CHDATA are dedicated to control packet (i.e., BIPs) and data packet transmissions, respectively. The third channel CHCOL is also for BIPs only but is used to prevent the BIP Propagation Problem that will be explained shortly. Since different types of packets use different channels, collisions can occur only between the same type of packets in the same channel, not between different types. BIPs in FROB prevent data packet collisions as follows. Recall that BIPs are transmitted only along CHBIP and data packets are transmitted only along CHDATA. Suppose node S has a data packet to be 1-hop broadcast. Then, prior to data transmission, S prepares and transmits a BIP with TRMAX (= TRBIP) to inform the nodes in its transmission range with its intention of immediate data packet transmission. Then, on receiving the BIP, if a node is currently not involved in any communication, then the node remains silent. Otherwise, i.e., if the node is currently involved in any other communication, it transmits a BIP to warn S not to transmit data packet, since S’s transmission may cause collision at the node. On receiving either a BIP or a collision of BIPs, S refrains from transmitting data packet. Following two examples illustrate this case.

106

S. Park and S.-M. Yoo

Algorithm EROB At the broadcasting node S 1. S listens its surrounding for any ongoing transmission. If there is, S waits a random amount of time and starts step 1. Otherwise, goes to step 2. 2. S transmits a BIP via CHBIP and waiting for any response. If S detects a BIP or BIP collision during the transmission, it stops transmission, and goes to step 1.

At the receiving node D

3. D received either a BIP or a collision along CHBIP. Regardless of what it received, D performs one of the followings depending on its current status. Case 1: D is transmitting a data packet. D transmits a BIP along CHCOL with TRMAX. Case 2: D is receiving a data packet. D transmits a BIP along CHCOL with

TRMAX . 2

Case 3. D is not involved with data 4. If S hears any in CHCOL, it waits a packet transmission. D keeps silent. random amount of time, and goes to step 1. Otherwise, S starts transmitting data packet. If S hears a BIP or collision of BIPs along CHBIP during data transmission, it transmits BIP along CHCOL with TRMAX. Fig. 2. The summary of EROB

Case 1) Suppose there is a node, say D in S’s transmission range that is involved in data packet transmission. Then, D prepares and transmits a BIP to warn S not to transmit data packet, since if S does, it would cause data packet collision at D. If there are two or more nodes that are involved in data transmission in S’s transmission range, they all transmit BIPs to warn S. In this case, although S would hear a garbled message (i.e., garbled BIPs) that is not possible to decode correctly, S interprets the situation correctly and not to transmit data packet. Case 2) Suppose there is more than one node that has data for 1-hop broadcast. For example, suppose both S and V have data for 1-hop broadcast. Then, as described above, they transmit BIPs prior to data transmission to prevent collisions.

A Secure Routing Using Reliable 1-Hop Broadcast in Mobile Ad Hoc Networks

107

Although BIPs are very useful, they also may cause a serious problem, called BIP Propagation Problem, similar to Whistle Propagation Problem [9]. The approach FROB has taken to resolve the BIP Propagation Problem is to use additional channel CHCOL so that when a node receives either a BIP or a collision in CHBIP, it stops propagating the BIP. EROB is summarized in Figure 2.

3 Proposed Algorithm: Flexible Reliable 1-Hop Broadcasting (FROB) This section presents a new 1-hop broadcasting algorithm, called Flexible Reliable 1hop Broadcasting (FROB) that guarantees the completion of 1-hop broadcasting. Note that EROB may suffer a lot of collisions if the network density is high, because nodes in EROB have only two predefined transmission ranges of TRMAX and

TR MAX . Therefore, if a node suffers a lot of collisions due to the many simultane2 ous transmitting neighbor nodes, it should reduce its transmission range to avoid the collisions, which is not possible in EROB because nodes cannot reduce their transmission ranges further down below

TR MAX . On the other hand, the main improve2

ment of FROB over EROB is that the nodes in FROB have capability of adjusting their transmission ranges to any value. Therefore, networks implementing FROB may enhance their network throughput considerably. Our main focus in this section is to show how FROB finds the best transmission ranges for nodes when collision is detected. The nodes in FROB take following phases to accomplish the reliable 1-hop broadcasting. Phase 1) A node S that has a data packet transmits a BIP prior to sending data packet. Then, S enters Phase 2. Phase 2) If S does not hear any BIP or collision of BIPs along CHBIP, S enters Phase 4, because it indicates that it is safe to transmit a data packet. Otherwise, goes to Phase 3. Phase 3) S reduces its transmission range, transmits a BIP again, and enters Phase 2. Phase 4) S starts transmitting a data packet. In Phase 3, a node reduces its transmission range when it detects a BIP or a collision of BIP. The question is then how much it should be reduced. Possible approaches could be to reduce the transmission range to: 1) half of previous transmission range. This method has an advantage of fast approaching to the transmission range that does not suffer any collision. However, the disadvantage would be that it may not produce the best transmission range, that is, the largest transmission range that does not suffer collision. 2) various predefined values from sion range.

TR MAX TR MAX to to find out the best transmis6 3

This method may take more time to converge to the best transmission

108

S. Park and S.-M. Yoo

range, however, most of the time it would reach better transmission range than previous method. In our simulation, we implement both methods and try to discover the relationship between the number of active neighbor nodes and the best transmission range.

4 Simulation In our simulation, EROB and FROB have been tested and compared under the environment similar to EROB. The size of the network in our simulation is 2000×2500, and transmission range is 200. At the beginning of simulation, each node is assigned random starting and destination positions with randomly chosen speed of between 0 and 100. Once a node reaches its destination, the destination becomes a new starting point and the new destination is assigned with a new speed. Nodes move straight between starting and destination point. In our simulation, it is assumed that every node always tries to 1-hop broadcast to generate hostile environment. Data packet transmission duration is 5 unit times and BIP is 2 unit times, which seems reasonable since BIP size is much smaller than data packet. Each simulation lasts 200 unit times. The first simulation result on the number of packet collisions with CSMA, EROB, and FROB is presented in Figure 3, where x-axis represents the number of active nodes in the network. The result clearly shows the advantage of FROB over CSMA and EROB. Figure 4 shows the number of successes in transmitting data packets in CSMA, EROB, and FROB. Again, the figure clearly shows that FROB performs far better that the other two protocols. The success of FROB in 1-hop broadcast is mainly due

Fig. 3. he number of packet collisions in CSMA, EROB, and FROB. X-axis indicates the number of nodes that are currently involved in 1-hop broadcast in the network.

A Secure Routing Using Reliable 1-Hop Broadcast in Mobile Ad Hoc Networks

109

Fig. 4. The number of successful 1-hop broadcast in CSMA, EROB, and FROB. X-axis represents the number of nodes that are currently conducting 1-hop broadcasting.

to its flexibility of adjusting transmission range at each node, which not only does reduce the packet collisions but also improves the packet transmission rates. However, it should be pointed out that the transmission ranges of FROB are usually smaller than the transmission ranges of other two protocols. This implies that it takes more time for a source node to route a packet to the destination node that is not within the source node’s transmission range, because it may take more hops to reach the destination node in FROB than in the other two protocols.

5 Conclusion An algorithm that implements a reliable global broadcast (or simply a broadcast) in which information from the source node is guaranteed to be delivered to all nodes in the network is critical to achieve network security. For example, a public key should be delivered to all nodes in the network. Otherwise, security may not be assured. This paper proposes a reliable 1-hop broadcast algorithm called Flexible Reliable 1-Hop Broadcasting (FROB) that guarantees the source node delivers its packet to all nodes in its transmission range. Note that reliable 1-hop broadcasting is the first step to achieve global broadcasting. A reliable 1-hop broadcast is very useful in almost all networks, especially in wireless networks where every transmission is a 1-hop broadcast by nature. Despite the importance of it, 1-hop broadcast is hard to accomplish in wireless networks due to the collisions caused by Hidden Terminal Problem.

110

S. Park and S.-M. Yoo

This paper presents an algorithm, called Flexible Reliable 1-Hop Broadcast (FROB in short), that guarantees the completion of 1-hop broadcast in wireless mobile ad-hoc networks. In addition to data packets, FROB uses a single type of control packets, Broadcast In Progress (BIP), to prevent collisions. FROB also implements three different channels, one for data packets and the other two for BIPs to prevent collisions further. Another unique feature of EROB is to allow each node to adjust its transmission range so that as many simultaneous 1-hop broadcasts be explored as possible to enhance the network throughput. Other advantages obtained from the adjustment of transmission ranges include 1) power saving due to smaller transmission range, 2) less number of collisions because the smaller the transmission range, the less number of nodes it contains, and 3) longer network lifespan. Simulation results support the significant improvement of the proposed algorithm over EROB.

References 1. Allen, D.: Hidden Terminal Problems in Wireless LAN’s. IEEE 802.11 Working Group paper 802.11/93-xx 2. Bharghavan, V., et al.: MACAW: A Media Access Protocol for Wireless LAN’s. In: Proc. ACM SIGCOMM (1994) 3. IEEE 802.11 Working Group.: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications (1997) 4. Deng, J., Haas, Z.: Dual Busy Tone Multiple Access (DBTMA): A New Medium Access Control for Packet Radio Networks. In: Proc. of IEEE ICUPC (1998) 5. Tang, Z., Garcia-Luna-Aceves, J.J.: Hop-Reservation Multiple Access (HRMA) for AdHoc Networks. In: Proc. of IEEE INFOCOM (1999) 6. Park, S., Yoo, S.: An Efficient Reliable 1-Hop Broadcast in Mobile Ad Hoc Networks (submitted for publication) 7. Kleinrock, L., Tobagi, F.: Packet Switching in Radio Channels: Part I – Carrier Sense Multiple-Access Modes and Their Throughput-Delay Characteristics. IEEE Transactions on Communications 23, 1400–1416 (1975) 8. Park, S., Palasdeokar, R.: Reliable One-Hop Broadcasting (ROB) in Mobile Ad Hoc Networks. In: 2nd ACM International Workshop on Performance Evaluation of Wireless Ad Hoc, Sensor, and Ubiquitous Networks (PE-WASUN 2005), pp. 234–237 (2005) 9. Lembke, J., Ryne, Z., Li, H., Park, S.: Collision Avoidance in One-Hop Broadcasting for Mobile Ad-hoc Networks. In: IASTED International Conference on Communication, Internet, and Information Technology, pp. 308–313 (2005) 10. Park, S., Anderson, R.: Guaranteed One-Hop Broadcasting in Mobile Ad-Hoc Networks. In: The 2008 International Conference on Parallel and Distributed Processing Techniques and Applications (PDPTA 2008) (July 2008) 11. Wu, J., Dai, F.: Broadcasting in Ad Hoc Networks Based on Self-Pruning. In: INFOCOM (2003) 12. Li, Y., Thai, M.T., Wang, F., Yi, C.-W., Wan, P.-J., Du., D.-Z.: On greedy construction of connected dominating sets in wireless networks. In: Wireless Communications and Mobile Computing (WCMC), vol. 5(8), pp. 927–932 (July 2005) 13. Wan, P.-J., Alzoubi, K.M., Frieder, O.: Distributed construction on connected dominating set in wireless ad hoc networks. Mobile Networks and Applications 9(2), 141–149 (2004)

A Secure Routing Using Reliable 1-Hop Broadcast in Mobile Ad Hoc Networks

111

14. Haas, J.: A new routing protocol for the reconfigurable wireless networks. In: Proc. of IEEE 6th International Conference on Universal Personal Communications 1997, pp. 562– 566 (1997) 15. Lim, H., Kim, C.: Multicast tree construction and flooding in wireless ad hoc networks. In: Proceedings of the Third ACM International Workshop on Modeling, Analysis and Simulation of Wireless and Mobile Systems, MSWiM (2000) 16. Karn, P.: MACA - A New Channel Access Method for Packet Radio. In: ARRL/CRRL Amateur Radio 9th Computer Networking Conference (1990) 17. Ding, Y., Chim, T., Li, V., Yiu, S.M., Hui, C.K.: ARMR: Anonymous Routing Protocol with Multiple Routes for Communications in Mobile Ad Hoc Networks. Ad Hoc Networks 7, 1536–1550 (2009) 18. Kim, J., Tsudik, G.: SRDP: Secure Route Discovery for Dynamic Source Routing in MANETs. Ad Hoc Networks 7, 1097–1109 (2009) 19. Qian, L., Song, N., Li, X.: Detection of Wormhole Attacks in Multi-Path Routed Wireless Ad Hoc Networks: Statistical Analysis Approach. Journal of Network and Computer Applications 30, 308–330 (2007)

A Hybrid Routing Algorithm Based on Ant Colony and ZHLS Routing Protocol for MANET Marjan Kuchaki Rafsanjani1, Sanaz Asadinia2, and Farzaneh Pakzad3 1

Department of Computer Science, Shahid Bahonar University of Kerman, Kerman, Iran [email protected] 2 Islamic Azad University Tiran Branch, Tiran, Iran [email protected] 3 Islamic Azad University Khurasgan Branch, Young Researchers Club, Khurasgan, Khurasgan, Iran [email protected]

Abstract. Mobile Ad hoc networks (MANETs) require dynamic routing schemes for adequate performance. This paper, presents a new routing algorithm for MANETs, which combines the idea of ant colony optimization with Zone-based Hierarchical Link State (ZHLS) protocol. Ant colony optimization (ACO) is a class of Swarm Intelligence (SI) algorithms. SI is the local interaction of many simple agents to achieve a global goal. SI is based on social insect for solving different types of problems. ACO algorithm uses mobile agents called ants to explore network. Ants help to find paths between two nodes in the network. Our algorithm is based on ants jump from one zone to the next zones which contains of the proactive routing within a zone and reactive routing between the zones. Our proposed algorithm improves the performance of the network such as delay, packet delivery ratio and overhead than traditional routing algorithms. Keywords: Zone based Hierarchical Link State (ZHLS); Ant Colony Optimization (ACO); Swarm Intelligence (SI); Mobile Ad hoc Networks (MANETs).

1 Introduction Mobile ad hoc network (MANET) is an infrastructure-less multi-hop network where each node communicates with other nodes directly or indirectly through intermediate nodes. Thus, all nodes in a MANET basically function as mobile routers participating in some routing protocol required for deciding and maintaining the routes. Since MANETs are infrastructure-less, self-organizing, rapidly deployable wireless networks, they are highly suitable for applications communications in regions with no wireless infrastructure, emergencies and natural disasters, and military operations [1,2]. Routing is one of the key issues in MANETs due to their highly dynamic and distributed nature. Numerous ad hoc routing algorithms exist to allow networking under various conditions. They can be separated into three groups, proactive, reactive and hybrid algorithms. In proactive routing algorithms maintain continuously updated T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 112–122, 2010. © Springer-Verlag Berlin Heidelberg 2010

A Hybrid Routing Algorithm Based on Ant Colony and ZHLS Routing Protocol

113

state of the network and the existing routes; however, in some cases it may generate an unnecessary overhead to maintain the routing tables and then may be better to create routes only on demand, the case of reactive routing algorithms. In reactive routing algorithms require time-consuming route creations that may delay the actual transmission of the data when sources have no path towards their destination and then, in this case may be better to use a proactive routing algorithm. In hybrid protocols try to profit the advantages of both reactive and proactive protocols and combine their basic properties into one. These protocols have the potential to provide higher scalability than pure reactive or proactive protocols thanks to the collaboration between nodes with close proximity to work together and therefore reduce the route discovery overhead [3]. Recently, a new family of algorithms emerged inspired by swarm-intelligence, which provides a novel approach to distributed optimization problems. The expression “Swarm Intelligence” defines any attempts to design algorithms inspired by the collective behavior of social insect colonies and other animal societies. Ant colonies, bird flocking, animal herding and fish schooling are examples in nature that use swarm intelligence. Several algorithms which are based on ant colony were introduced in recent years to solve the routing problem in mobile ad hoc networks. This paper provides the description of a hybrid routing scheme based on both an Ant Colony Optimization (ACO) and a Zone based Hierarchical Link State (ZHLS) protocol that pretends to profit the advantages of both reactive and proactive algorithms. Ant Colony Optimization (ACO) is a family of optimization algorithms based on real ants' behavior in finding a route to food nest. It has been observed available routes, ants find shortest route to food nest. To achieve this, ants communicate through deposition of a chemical substance called pheromone along the route. Shortest path has highest concentration leading to more and more ants using this route [4]. There are some successful ant-based algorithms for the network that we will introduce them in next section.

2 Related Work Routing in MANETs has traditionally used the knowledge of the connectivity of the network with emphasis on the state of the links. To overcome the problems associated with the link-state and distance vector algorithms, numerous routing protocols have been proposed. The routing protocols proposed for MANETs are generally categorized into three groups: table driven (also called proactive) and on-demand (also called reactive) and hybrid protocols which are both proactive and reactive in nature [3]. 2.1 Routing in Mobile ad Hoc Networks In Proactive routing protocols, each node continuously maintains up-to-date routes to every other node in the network. Routing information is periodically transmitted throughout the network in order to maintain routing table. Thus, if a route has already existed before traffic arrives, transmission occurs without delay. Otherwise, traffic packets should wait in queue until the node receives routing information corresponding to its destination. However, for highly dynamic network topology, the proactive

114

M.K. Rafsanjani, S. Asadinia, and F. Pakzad

schemes require a significant amount of resources to keep routing information up-todate and reliable. Proactive protocols suffer the disadvantage of additional control traffic that is needed to continually update stale route entries. Since the network topology is dynamic, when a link goes down, all paths that use that link are broken and have to be repaired. This protocol is appropriate for a network with low mobility. Certain proactive routing protocols are Destination-Sequenced Distance Vector (DSDV) [5], Wireless Routing Protocol (WRP) [6] and so on. The main differences among them are the number of used tables, the information that is kept and the forward packet police to maintain the tables updated. Reactive Routing Protocols in contrast to proactive approach, a node initiates a route discovery throughout the network, only when it wants to send packets to its destination. For this purpose, a node initiates a route discovery process through the network. This process is completed once a route is determined or once a route has been established, it is maintained by a route maintenance process until either the destination becomes inaccessible along every path from the source or until the route is no longer desired. In reactive schemes, nodes maintain the routes to active destinations. A route search is needed for every unknown destination. Therefore, theoretically the communication overhead is reduced at expense of delay due to route research. Furthermore, the rapidly changing topology may break an active route and cause subsequent route searches. Reactive strategies are suitable for networks with high mobility and relatively small number of flows. Some reactive protocols are Ad hoc On-Demand Distance Vector (AODV) [7], Dynamic Source Routing (DSR) [8], Temporally Ordered Routing Algorithm (TORA) [9] and Associativity-Based Routing (ABR) [10]. Hybrid Protocols, each node maintains both the topology information within its zone and the information regarding neighboring zones that means proactive behavior within a zone and reactive behavior among zones. Thus, a route to each destination within a zone is established without delay, while a route discovery and a route maintenance procedure is required for destinations that are in other zones. The Zone Routing Protocol (ZRP) [11], Zone-based Hierarchical Link State (ZHLS) routing protocol [12] and Distributed Dynamic Routing algorithm (DDR) [13] are three hybrid routing protocols. The hybrid protocols can provide a better trade-off between communication overhead and delay, but this trade-off is subjected to the size of a zone and the dynamics of a zone. The hybrid approach is an appropriate candidate for routing in a large network. JoaNg et al. [12] proposed a hybrid routing protocol is called Zone-based Hierarchical Link State (ZHLS) routing protocol in the effort to combine the features of proactive and reactive protocols. In ZHLS routing protocol, the network is divided into nonoverlapping zones. Unlike other hierarchical protocols, there is no zone-head. ZHLS defines two levels of topologies - node level and zone level. A node level topology tells how nodes of a zone are connected to each other physically. A virtual link between two zones exists if at least one node of a zone is physically connected to some node of the other zone. Zone level topology describes how zones are connected together. There are two types of Link State Packets (LSP) as well - node LSP and zone LSP. A node LSP of a node contains its neighbor node information and is propagated with the zone where as a

A Hybrid Routing Algorithm Based on Ant Colony and ZHLS Routing Protocol

115

zone LSP contains the zone information and is propagated globally. So, each node has full node connectivity knowledge about the nodes in its zone and only zone connectivity information about other zones in the network. So given the zone id and the node id of a destination, the packet is routed based on the zone id till it reaches the correct zone. Then in that zone, it is routed based on node id. A of the destination is sufficient for routing so it is adaptable to changing topologies. In ZHLS, Zone LSPs are flooded throughout the network so that all nodes know both zone level and node level topologies of the network. This simplifies the routing but introduces communication overhead [12]. 2.2 Ant-Based Routing Algorithms for MANETs There exist some successful ant-based algorithms to network control, being the most prominent AntNet [14], and Ant-based Control (ABC) [15], which have a number of properties desirable in MANETs. AntNet and ABC use two ants, forward and backward ants to find the shortest route from the source to the destination. AntNet [14] is a proactive ACO routing algorithm for packet switch networks. In this algorithm, a forward ant is launched from the source node at regular intervals. A forward ant at each intermediate node selects the next hop using the information stored in the routing table of that node. The next node is selected with a probability proportional to the goodness of that node which is measured by the amount of pheromone deposited on the link to that node. When a forward ant reaches the destination, it generates a backward ant which takes the same path as the corresponding forward ant but in opposite direction. The backward ant updates pheromone values as it moves on its way to the source node. ARA (Ant colony based Routing Algorithm) proposed by Gunes et al. [16] is a reactive ACO routing algorithm for mobile ad hoc networks. ARA has two phases: route discovery, and route maintenance. In route discovery phase, the sender broadcasts a forward ant. The ant is relayed by each intermediate node until reaches the destination. After receiving a forward ant in the destination, the ant is destroyed and a backward ant is sent back to the sender. The backward ant increases the pheromone value corresponding to the destination in each intermediary node until it reaches the sender. When the sender receives a backward ant, the route maintenance phase starts by sending data packets. Since the pheromone track is already established by the forward and backward ants, subsequent data packets will perform the route maintenance by adjusting the pheromone values. ARAMA (Ant Routing Algorithm for Mobile Ad hoc networks) proposed by Hossein and Saadawi [17] is a proactive routing algorithm. The main task of the forward ant in other ACO algorithms for MANETs is collecting path information. However, in ARAMA, the forward ant takes into account not only the hop count factor, as most protocols do, but also the links local heuristic along the route such as the node’s battery power and queue delay. ARAMA defines a value called grade. This value is calculated by each backward ant, which is a function of the path information stored in the forward ant. At each node, the backward ant updates the pheromone amount of the node’s routing table, using the grade value. The protocol uses the same grade to update pheromone value of all links. The authors claim that the route discovery and maintenance overheads are reduced by controlling the forward ant’s generation rate. However, they do not clarify how to control the generation rate in a dynamic environment.

116

M.K. Rafsanjani, S. Asadinia, and F. Pakzad

AntHocNet is a hybrid ant based routing protocol proposed by Di Caro [18] in the effort to combine the advantages from both AntNet and ARA. AntHocNet reactively finds a route to the destination on demand, and proactively maintains and improves the existing routes or explore better paths. In AntHocNet, ant maintains a list of nodes it has visited to detect cycles. The source node sends out forward ants and when it receives all the backward ants, one generation is completed. Each node i keeps the identity of the forward ants, the path computation, number of hops, number of the ant from the source to node i, and the time the ant visited node i. Note that more than one ant may have reached node i and therefore the identity of the ant is important. When an ant arrives at a node, the node checks the ant’s path computation and the time it reached node i. If the path computation and time are within a certain limit of those produced by another ant of the same generation then the ant is forwarded. Otherwise, the ant is discarded. In case of a link failure at a node and no alternative paths are available, the node sends a reactive forward ant to repair the route locally and to determine an alternative path. If a backward ant is received for the reactive forward ant, the data packets are sent along the newly found path and all its neighbors are notified about the change in route. Otherwise, the node sends a notification to all its neighbors of the lost destination paths which in turn initiate forward ants from the neighbors. In the next section, we present the main ideas of our algorithm.

3 The Our Proposed Routing Scheme Our algorithm uses the ZHLS protocol which consists of the proactive routing within a zone and reactive routing between the zones. The network is divided into zones which are the node’s local neighborhood. The network divides into non-overlapping zones; a node is only within a zone. The zone size depend on node mobility, network density, transmission power and propagation characteristics. Each node knows its physical location by geo-location techniques such as Global Positioning System (GPS). The nodes can be categorized as interior and gateway nodes. Zone5

N

P

M

Zone6 Zone7

E

B

A S

F C

Zone1

I Zone3

L

H

D G

Zone2

Fig. 1. Example of our scheme structure

K Zone4

A Hybrid Routing Algorithm Based on Ant Colony and ZHLS Routing Protocol

117

In Fig 1 for node S, nodes C, D, and E are gateway nodes, and nodes A, B are interior nodes. All other nodes are exterior nodes (outside the zone). To determining gateway and interior nodes, a node needs to know its local neighbors. This is achieved by a detection process based on replies to hello messages transmitted by each node. Each node only knows the connectivity within its zone and the zone connectivity of the whole network. 3.1 Routing Table The algorithm has two routing tables, Intrazone Routing Table (IntraRT) and Interzone Routing Table (InterRT). IntraRT is a routing table maintained proactively. A node can determine a path to any node within its zone immediately. InterRT is a routing table for storing routes to a destination out of its zone. The gateway nodes of the zone are used to find routes between zones. 3.2 ANTs The defined ants in our scheme are same with HOPNET algorithm [19] that classified in 5 types: internal forward ant, external forward ant, backward ant, notification ant and error ant. The internal forward ant is the responsible for maintaining the proactive routing table continuously within its zone. The external forward ant performs the reactive routing to nodes beyond its zone. When an external forward ant is received at the destination, it is converted to a backward ant and sent back along the discovered route. If a new route is reactively discovered, then a notification ant will be sent to source node and to all nodes on the route to update their reactive routing table. The error ant is utilized to warn some changes in the network topology and to restart a new search by the destination if the source still needs a route. 3.3 Route Discovery We use ACO algorithm for finding the shortest route between two nodes (Vi,Vj) in network. Each communication link has two values, , represents pheromone value per link and , represents time which the links may be in connection. The pheromone value gets updated by the ants as they move the links. The ants change the concentration of the pheromone value on their path to the destination and on their route back to the source. Route discovery occurs by Intrazone and Interzone routing. The IntraRT basic structure is a matrix whose rows are its neighbors and the columns are all identified nodes within its zone. In route discovery within a zone (Intrazone routing), each node periodically sends internal forward ants to its neighbors to maintain the Intrazone routing table updated. When the source node wants to transmit a data packet to a node within its zone, it first searches the columns of its IntraRT to see if the destination exists in its zone. If it finds the destination in its IntraRT, then Route discovery phase is done. At the current node, the ant verifies the pheromone amount for each neighbor which has a route to destination. The neighbor which has the biggest pheromone amount is chosen to next hop. After selecting a node as next hop increase pheromone concentration selected link and along all other links the pheromone is decremented. Pheromone concentration on a link (Vi,Vj) along consists considering the path from current node Vi to source node Vs, the pheromone value on link (Vi,Vs) in Vj’s

118

M.K. Rafsanjani, S. Asadinia, and F. Pakzad

routing table is reinforced. The amount of pheromone on a link (Vi,Vs) is increased by following equation[19]: ,

,

,

1

,

That has to be chosen appropriately to avoid fast or slow evaporation and T (Vs,Vi) represents the total time required to traverse from Vs to Vi. The pheromone concentration on all other entries not equal to Vi in the same column Vs in Vj’s routing table is decremented using the evaporation equation below: ,

1

,

2

Where is the evaporation coefficient provided by the user [19]. On its path back to the source, an ant again updates the pheromone concentration. The pheromone concentration update for entry (Vb, Vd) is [19]: ,

,

,

,

3

If not found the destination in its IntraRT, then Route discovery between zones is done. In route discovery between zones (Interzone routing), When a node wants to send a data packet to a destination node, it verifies the Interzone routing table to discover an existent route. If the route exists and has not expired, then the node transmits the data packet. Otherwise, the node starts a search process to find a new path to destination. When a source node will to transmit a data packet to a node thither its zone, the node sends external forward ants to search a path to the destination. The external forward ants are first sent by the node to its gateway nodes. The gateway nodes check to see if the destination is within its zone. If the destination is not within its zone and the path has expired, the ants jump between the border zones via the other gateway nodes until an ant localizes a zone with the destination. This ant propagation through the border zones is called bordercast. At the destination, forward ant is converted to a backward ant and is sent to the source. Then, the data packet is transmitted. Use bordercast and routing tables process reduces the delay, because intraRT proactively maintains all the routes within its zone and interRT stores the path to the destination that the ants recently visited. These tables contribute to fast end to end packet transmission since the paths are readily accessible. An example of the route discovery between zones is given below using Fig 1. Assume the source I want a route to the destination L. Since L does not belong to I’s zone, node I will send external forward ants to gateway nodes its neighbor zones, namely F and H. Nodes H and F look through the IntraRT table to check if L is within its zones. In this example, L will not be in the tables. Therefore, H will send the ant to its gateway node G. Node G will send external forward ants to gateway nodes of its neighbor zones, D and K. D cannot find L in its zone. Therefore, Node D sends the ant to its gateway nodes. Node K finds the destination node L within their zone. K then send forward ants with their attached addresses to node L via the path indicated in IntraRT table. The backward ant traverses in the reverse direction, for example, to source I from destination T.

A Hybrid Routing Algorithm Based on Ant Colony and ZHLS Routing Protocol

119

3.4 Route Maintenance In mobile ad-hoc network, the flexible mobility and communication interference will lead to the invalidation of some route. There are two reasons which an intermediate node will not be able to deliver packets: i) the pheromone concentration along the neighboring links is zero, in this case the ants cannot select any links to travel if all their links, up and down are zero and the data packet is failed at that node, ii) damaged route. If the damaged route is within a zone, it will recover after a period because the IntraRT is proactively maintained. If the damaged route is between zones, the up node of the broken link will conduct a local repair process and then search an alternative path to the destination while buffering all the packets it receives. If the node finds a new path to the destination, it will send all the buffered packets to the destination; then a notification ant will be sent to the source to allow the source node knows the change of route. If a new path cannot be found instead failed path, an error ant will be sent to the source node. Hence packet delivery ratio will be increased [19].

4 Simulation Results Our algorithm is implemented in GloMoSim simulator. The simulation environment includes 200 mobile nodes working with IEEE 802.11, the area is 1000 m × 1000 m, they move according to the random way point mobility model (RWP). Each node moves with maximal 10 m/s, the whole time of simulation is 300s. The data rate is 2 packets per second (1024 bytes). Fig. 2 shows the end to end delay of our proposed algorithm in comparison to AODV protocol and HOPNET algorithm. Our proposed algorithm produces better end to end delay results than AODV. This is attributed to the zone framework and the local intrazone routing table and interzone routing table. The intrazone table proactively maintains all the routes within its zone and interzone stores the path to the destination that the ants recently visited.

Fig. 2. End to end delay

120

M.K. Rafsanjani, S. Asadinia, A and F. Pakzad

These tables contribute to fast end to end packet transmission since the paths are usting the evaporation rate of pheromone on the links, the readily accessible. By adju ants can traverse on the liinks or ignore the links by decrementing the pherom mone concentration. The evaporaation rate helps in discarding links that are broken. Thhese reasons allow our proposed d algorithm to produce better end to end delay results. Fig 3 shows the delivery y ratio for our proposed algorithm, HOPNET and AOD DV. Since the network has dense ants can find multiple paths, because the ants can chooose t a single path like AODV. from multiple paths rather than

Fig. 3. Packet delivery ratio

Fig. 4 shows the control ov verhead of our proposed algorithm, HOPNET and AOD DV. AODV is a pure reactive prrotocol. Proposed algorithm is proactive within a zone. T The control packets are periodiically sent out within a zone to maintain the routes in the zone. This is a major factorr for the overhead in proposed algorithm.

Fig. 4. Overhead per true received packets

A Hybrid Routing Algorithm Based on Ant Colony and ZHLS Routing Protocol

121

5 Conclusion In this work, Ant Colony Optimization algorithm and Zone-based Hierarchical Link State protocol are used for routing in MANETs. In fact, it is a hybrid routing algorithm that has the potential to provide higher scalability than pure reactive or proactive protocols. Our algorithm contains the proactive routing within a zone and reactive routing between the zones. The scheme that we presented in this paper only represents our initial effort for the development of routing algorithm for MANETs. In addition, although we have reasoned that our routing scheme is more advantageous over most previous schemes in terms of end to end delay and packets delivery ratio. As the network size increases, the overhead decreases and it is better than AODV.

References 1. Haas, Z.J., Gerla, M., Johnson, D.B., Perkins, C.E., Pursley, M.B., Steenstrup, M., Toh, C.K.: Mobile Ad-Hoc Networks. IEEE J. on Selected Areas in Communications, Special Issue on Wireless Networks 17(8), 1329–1332 (1999) 2. Mauve, M., Widner, J., Hartenstein, H.: A Survey on Position-based Routing in Mobile Ad-hoc Networks. IEEE Network J. 16, 30–39 (2001) 3. Abolhasan, M., Wysocki, T., Dutkiewicz, E.: A Review of Routing Protocols for Mobile Ad hoc Networks. Ad Hoc Networks J., Elsevier Computer Science 2, 1–22 (2004) 4. Dorigo, M., Di Caro, G., Gambardella, L.: Ant Colony Optimization: A New Metaheuristic. In: IEEE Congress on Evolutionary Computation, Washington, DC, vol. 2, pp. 1470–1477 (1999) 5. Perkins, C.E., Watson, T.J.: Highly Dynamic Destination Sequenced Distance Vector Routing (DSDV) for Mobile Computers. In: ACM Conference on Communications Architectures SIGCOMM 1994, London, UK (1994) 6. Murthy, S., Garcia-Luna-Aceves, J.J.: A routing protocol for packet radio networks. In: The 1st ACM/IEEE Annual International Conference on Mobile Computing and Networking, Berkeley, CA, pp. 86–95 (1995) 7. Das, S., Perkins, C., Royer, E.: Ad hoc on Demand Distance Vector (AODV) Routing. Internet Draft, draft-ietf-manetaodv-11.txt, work in progress (2002) 8. Johnson, D.B., Maltz, D.A.: The Dynamic Source Routing Protocol for Mobile Ad hoc Networks. Internet Draft, draft-ietf-manet-dsr-07.txt, work in progress (2002) 9. Toh, C.K.: Associativity-based Routing for Ad-hoc Mobile Networks. Wireless Personal Communications 4(2), 103–139 (1997) 10. Park, V.D., Corson, M.S.: A Highly Adaptive Distributed Routing Algorithm for Mobile Wireless Networks. In: The IEEE Conference on Computer Communications, Kobe, Japan, pp. 7–11 (1997) 11. Hass, Z.J., Pearlman, R.: Zone Routing Protocol for Ad-hoc Networks, Internet Draft, draft-ietf-manet-zrp-02.txt, work in progress (1999) 12. Joa-Ng, M., Lu, I.T.: A Peer-to-Peer Zone-based Two-level Link State Routing for Mobile Ad Hoc Networks. IEEE J. on Selected Areas in communications, Special Issue on AdHoc Networks, 1415–1425 (1999) 13. Nikaein, N., Laboid, H., Bonnet, C.: Distributed Dynamic Routing Algorithm (DDR) for Mobile Ad hoc Networks. In: 1st Annual Workshop on Mobile Ad Hoc Networking and Computing, MobiHOC 2000 (2000)

122

M.K. Rafsanjani, S. Asadinia, and F. Pakzad

14. DiCaro, G., Dorigo, M.: AntNet: Distributed Stigmergetic Control for Communications Networks. J. on Artificial Intelligence Research 9, 317–365 (1998) 15. Schoonderwoerd, R., Holland, O., Bruten, J., Rothkrantz, L.: Ant-based Load Balancing in Telecommunication Networks. Adaptive Behavior 5, 169–207 (1996) 16. Gunes, M., Sorges, U., Bouazzi, I.: ARA – The Ant Colony Based Routing Algorithm for MANETs. In: the International Conference on Parallel Processing Workshops (ICPPW 2002), Vancouver, BC, pp. 79–85 (2002) 17. Hossein, O., Saadawi, T.: Ant Routing Algorithm for Mobile Ad hoc Networks (ARAMA). In: 22nd IEEE International Performance, Computing, and Communications Conference, Phoenix, Arizona, USA, pp. 281–290 (2003) 18. DiCaro, G., Ducatelle, F., Gambardella, L.M.: AntHocNet: An Adaptive Nature Inspired Algorithm for Routing in Mobile Ad hoc Networks. European Transactions on Telecommunications (Special Issue on Self-Organization in Mobile Networking) 16(2) (2005) 19. Wang, J., Osagie, E., Thulasiraman, P., Thulasiram, R.K.: HOPNET: A Hybrid Ant Colony Optimization Routing Algorithm for Mobile Ad hoc Network. Ad Hoc Network J. 7(4), 690–705 (2009)

Decision-Making Model Based on Capability Factors for Embedded Systems Hamid Reza Naji1, Hossein Farahmand2, and Masoud RashidiNejad2 1

Computer Department, Islamic Azad University, Kerman Branch, Kerman, Iran Electrical Engineering Department, Shahid Bahonar University, Kerman, Iran

2

Abstract. In this paper a decision-making modelling concept based on the identification of capability factors and finding mathematical models to describe or to prescribe best choice for evaluation of embedded systems (ES) is presented. The techniques utilize a combination of subjective and qualitative assumptions and mathematical modelling techniques. The digital cell phone as a sample of ES is analyzed as case study to show the application of the proposed approach. The results show the high performance of this methodology for capability evaluation of such systems. Keywords: Capability Factors, Multiple Criteria Decision-Making, Embedded Systems.

1 Introduction Many systems utilize a combination of subjective and qualitative assumptions in order to present a decision support modelling [1,2]. Our method proposes a hybrid heuristic technique (HHT) for capability evaluation which is conducted by comparing and evaluating success factors associated with their risks. In this regards decision-making concepts are based on the identification of capability factors while introducing mathematical models. This technique tends to offer a generic tool for systems analysts to assess and compare industrial capability with respect to specified system features. It is therefore imperative to describe what is meant by a system and its capability. A system may be described as: “a complex and highly interlinked network of parts exhibiting synergistic properties”. Capability indices proposed in this paper are the product of utilizing fuzzy relations and analytic hierarchy process (AHP) techniques. Fuzzy relation is adopted to create a common quantitative measure to relate various factors and ESs relational concept of “capable” [3,4]. AHP technique is adopted to define a pair-wise comparison of different factors. This technique is implemented to assign weights to each factor based on the relative levels of importance for each factor in comparison with the others. Capability factors may vary due to the nature of the each system; the methodology discussed in this paper will be sufficiently flexible to accommodate systems’ diversity. A case study is introduced to illustrate the effectiveness of the proposed approach. T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 123–129, 2010. © Springer-Verlag Berlin Heidelberg 2010

124

H.R. Naji, H. Farahmand, and M. RashidiNejad

Many multi-objective approaches have been proposed in the literature [5,6,7,8]. Although they operate at different level of abstraction and deal with different optimization objectives, the overall goal is always the same. In section 2 capability evaluation of embedded systems is discussed. Section 3 explains mathematical modelling of fuzzy multi objective decision problem. Section 4 illustrates digital cell phones as a case study. Section 5 provides conclusions.

2 Capability Evaluation (CE) The proposed technique for capability evaluation of ESs will utilise a systems engineering approach to offer a tool to assist decision makers to quantify such qualitative judgements [9]. It will not completely replace knowledge-based judgements but it will offer a platform for a more robust and sound system analysis, while it uses expert system criteria. It may be argued that the best way to measure capability is to study the degree of success of delivering final result; true. In addition to constituent elements of a system, capability evaluation technique (CET) will consider the ability to deliver the final outcome as a feature. Measurement factors may vary due to the nature of the system but a generic algorithm will be introduced that can be flexible enough to accommodate the diversity of systems. A study is presented to illustrate the potential of the proposed approach, while the novelty of proposed evaluation technique can be based upon methodical and simple criterion to systems analysis from different perspectives. 2.1 Problem Definition For modelling simplification, this paper deals with the minimum requirements to determine the system capability (SC) among different agents that can be defined by equation 1. SCi = f ( xij ) , SCi : system capability for ith ES and

xij : jth element of the ith ES . (1)

In order to quantify qualitative elements crisp and fuzzy variables can be assigned. With regards to establish a fuzzy decision-making process, it is necessary to fuzzyfy the quantifiable elements. This can be achieved by defining the suitable membership functions, in which these functions should consider the properties and behaviour of respected variables. In the following section, a background to fuzzy sets is discussed. 2.1.1 Methodology The proposed technique for evaluation of systems’ capability and comparison will include Fuzzy Sets Theory (FST) and Analytic Hierarchy Process (AHP) procedures. CET being designed as a transparent strategic management decision support system adopts: • •

FST to conform to mainly qualitative nature of decisions factors. AHP for its special structure of intuitive way of problem solving and its novelty in handling Multiple Criteria Decision Making (MCDM) procedures.

Decision-Making Model Based on Capability Factors for Embedded Systems

125

2.1.2 Fuzzy Sets According to fuzzy set theory, each object x in a fuzzy set X is given a membership value using a membership function denoted by μ (x ) which corresponds to the characteristic function of the crisp set where the values range between zero and one. 2.1.3 Membership Function Membership functions can be mathematically described as linear or non-linear functions. A well-behaved membership function needs to be assigned for each fuzzyfied element. In most cases, linear membership functions are sufficient to explain the behaviour of the related value of elements. In cases where a linear membership function cannot satisfy the functional behaviour of the elements, a non-linear membership function is required. 2.1.4 Fuzzy Multi Objective Decision Fuzzy Multi Objective Decision (FMOD) can be mathematically simulated and analysed using fuzzy rules. FMOD can be defined as a combination of Fuzzy Sets, levels of importance of decision variables, and unequal importance levels of objectives and constraints. The proposed method utilises FMOD techniques to optimise an objective function with respect to constraints.

3 Mathematical Model of Fuzzy Multi Objective Decision Problem A fuzzy decision problem, D (x) , can be defined as a set of N o objectives and N c constraints with the intent to select the best alternative from a set of X possible alternatives. The level of satisfaction by x for given criteria can be described as μ i ( x) ∈ [0,1] where it can be represented by a membership function, in which the higher value of a membership implies a greater satisfaction as it is shown in Figure 1. μ fi (x i )

f imin

f imax

fi (x i )

Fig. 1. A Typical Membership Function

In order to determine the level to which x satisfies all criteria denoted by D ( x) , the following statements could be made:

1.

The fuzzy objective O is a fuzzy set on X characterised by its membership function: μ

O

( x ) : X

→

[ 0 ,1 ]

.

(2)

126

H.R. Naji, H. Farahmand, and M. RashidiNejad

2.

The fuzzy constraint C is a fuzzy set on X characterised by its membership function: μ C ( x ) : X → [ 0 ,1 ] .

3.

(3)

The fuzzy decision D , must be satisfied by a combination of fuzzy objectives and fuzzy constraints.

The following section will discuss how equal or unequal levels of importance of goals and constraints can be applied to the proposed FMOD [9]. 3.1 Goals and Constraints with Equal Importance

If the goals and constraints are of equal importance, relationships (4) or (5) are satisfied:

x is desired where mathematical

⎧ O 1 ( x ) & O 2 ( x ) & O 3 ( x ) & ....... O N O ( x ) ⎪ and ⎨ ⎪ C ( x ) & C ( x ) & C ( x ) & ....... C 1 2 3 NC (x) ⎩

(4)

D ( x ) = O1 ( x ) I O 2 ( x ) I ...... I O N O ( x ) I C 1 ( x ) I C 2 ( x ) I ..... I C N C ( x ) .

(5)

Where: N O ( x ) : Number of objectives , N C ( x ) : Number of constraints. Oi ( x) : Fuzzy value of the ith objective for alternative x. Ci ( x) : Fuzzy value associated with satisfaction of the ith constraints by alternative x. The fuzzy decision in this case is characterised by its membership function:

μ D ( x ) = min {μ O ( x )

,

μ C (x)

}.

(6)

The best alternative xopt can be determined by:

D ( x ) = max x∈ X ( D ( x )) . opt

(7)

Where xopt satisfies:

max x∈ X

μ D ( x) = =

max x∈ X

max x∈ X

(min {μ O ( x )

{

,

μ C ( x ) })

(min μ O1 ( x ),..., μ O N o ( x )

,

}

(8)

μ C ( x ),...., μ c ( x ) ) 1

Nc

3.2 Goals and Constraints with Unequal Importance

In case, where objective and constraints are of unequal importance it should be ensured that alternatives with higher levels of importance and consequently higher memberships are more likely to be selected. The positive impact of the levels of importance, wi, on fuzzy set memberships is applied through the proposed criterion. It can be realized by associating higher values of wi to objective and constraints. For example, the more important alternative the higher the value associated with it.

Decision-Making Model Based on Capability Factors for Embedded Systems

127

FMOD set D(x) can be represented as equation 9, where Ow(x) and Cw(x) are weighted objectives and constraints sets. N is the total number of objectives and constraints and K is the number of alternatives. D(x) =Ow (x) ∩ Cw (x) (9) Where, w= [w1, w2… wi…wN] and X=[x1, x2 …, xK] D(x) =min {Ow (x), Cw (x)}= N min{O1w 1 (x), O 2w 2 ( x),K, Oiw i (x), Ciw+1i+1 (x),K, Cw N (x )}

.

(10)

Where xopt should satisfy: w ( x ) = max (min{μ w ( x ) , μ w ( x )}) . max μ D o c x ∈X

(11)

x ∈X

This can be expressed as:

⎫ ⎧ w x opt = arg ⎨max μ D ( x )⎬ . x ∈X ⎭ ⎩ x

= org{ max (min{μ oi i ( x) , μ c j N o + j ( x)})} w

w

opt

x ∈X i = 1...N , o

j = 1...N

(12)

c

(13)

, N +N =N o c

3.3 Calculation of Exponential Weighing Values Using AHP

Analytical Hierarchy Process (AHP) is a method used to support complex decisionmaking process by converting qualitative values to numerical values. AHP’s main concept of priority can be defined as the level of strength of one alternative relative to another. This method assists a decision-maker to build a positive reciprocal matrix of pair-wise comparison of alternatives for each criterion. A vector of priority can be computed from the eigenvector of each matrix. The sum of all vectors of priorities forms a matrix of alternative evaluation. The final vector of priorities can be calculated by multiplying the criteria weighted vector by the matrix of alternative evaluation. The best alternative has the higher priority value. CET algorithm evaluates the relative importance of the decision variables using a pair-wise comparison matrix. The relative importance of each objective or constraints can be obtained using paired comparison of the elements taken two at a time. This method can be used to obtain the exponential weighing values that properly reflect the relative importance of the objective criteria and constraints concerning a decision problem. For the purpose of decision-making under variable importance, the paired comparison matrix P with the following properties is performed: • • •

A square matrix of order equal to the sum of the number of objectives and constraints. The diagonal elements are 1. 1 . (14) P ij = P ji

128

•

H.R. Naji, H. Farahmand, and M. RashidiNejad

The off-diagonal elements are specified by looking at the table of importance scale. For example, if object i is less important than object j then Pji = 3 , while if it

is absolutely more important, then Pji = 9 , and so on. To compare a set of N objects in pairs according to their relative weights, the pair-wise comparison matrix can be expressed as: ⎡w P = p ij = ⎢ i ⎣⎢ w j

[ ]

i = 1, 2 ,... N

j = 1, 2 ,... N

⎤ . ⎥ ⎦⎥

(15)

Where wi refers to the ijth entry of P which indicates how element i is compared to element wj

j. In order to find the vector of weights W = [w1 by the vector W to get: ⎡w PW = ⎢ i ⎣⎢ w j

⎤ ⎡ N ⎤ ⎥ [w i ] = ⎢ ∑ w i ⎥ = N [w i ] ⎣ i =1 ⎦ ⎦⎥

w2 .......wN ]T , we multiply matrix P

∴

PW = NW & ( P − NI ) = 0 (16)

In the above calculations if P is consistent, all eigenvalues are zero except a nonzero eigenvalue referred to λmax which is equal to N (the number of objects). The estimated weights can be found by normalizing the eigenvector corresponding to the largest eigenvalue. In the case where objectives and constraints have unequal importance, it should be ensured that alternatives with more importance are more likely to have higher impact.

4 Conclusion Evaluation and comparison of systems capabilities seems to be a desirable measurement tool for systems engineering and analysis. The achieved objective was to introduce a quantitative approach to address a qualitative matter. Application of a multi-objective optimisation via a heuristic technique is addressed in this paper. CET algorithm adopts fuzzy optimisation technique to evaluate and compare embedded systems (ECSs) capabilities. This paper utilises the advantages of fuzzy optimisation and AHP to address multi-objective optimisation with regard to equal/un-equal levels of importance. Relative priorities are assigned to the objectives/constraints using AHP. Acknowledgments. This paper is published based on the research fund from Islamic Azad University, Kerman, Iran.

References [1] Ossadnik, W., Lange, O.: Theory and Methodology, AHP-based evaluation of AHPSoftware. European Journal of Op. Research 118, 578–588 (1999) [2] Reddy, A., Naidu, M.: An Integrated approach of Analytical Hierarchy Process Model and Goal Model (AHP-GP Model). IJCSNS International Journal of Computer Science and Network Security 7(1), 108–117 (2007) [3] Zadeh, L.A.: Fuzzy Sets. Information and Control 8, 338–353 (1965)

Decision-Making Model Based on Capability Factors for Embedded Systems

129

[4] Lee, H., Chu, C., Chen, K., Chou, M.: A Fuzzy Multiple Creiteria Decision Making Model For Airline Competitiveness Evaluation. Proceedings of the Eastern Asia Society for Transportation Studies 5, 507–519 (2005) [5] Nuovo, A., Palesi, M., Patti, D.: Fuzzy Decision making in Embedded System Design. In: Proceedings of the 4th International Conference on Hardware/Software Codesign and System Synthesis, Seoul, Korea, October 22-25, pp. 223–228 (2006) [6] Ascia, G., Catania, V., Palesi, A.M.: Multi-objective genetic approach for system-level exploration in parameterized systems-on-a-chip. IEEE Trans. on Computer-Aided Design of Integrated Systems 24(4), 635–645 (2005) [7] Eisenring, M., Thiele, L., Zitzler, E.: Conflicting Criteria in Embedded System Design. IEEE Design & Test 17(2), 51–59 (2000) [8] O’Hagan, M.: A fuzzy Decision Maker, Technical Report in Fuzzy Logic (2000), http://wwwfuzzysys.com/fdmtheor.pdf [9] Mousavi, A., Bahmanyar, M., Sarhadi, M., Rashidinejad, M.: A technique for advanced manufacturing systems capability evaluation and comparison. Int. Journal of Advanced Manufacturing Tech. 31(9-10), 1044–1048 (2007)

Socio-Psycho-Linguistic Determined Expert-Search System (SPLDESS) Development with Multimedia Illustration Elements Vasily Ponomarev NPP “RUMB”, Research and Development Department, Rabochaya 29, 142400 Moscow region Noginsk, Russia {Vasily.Ponomarev moshimik}@gmail.com

Abstract. SPLDESS development with the elements of a multimedia illustration of traditional hypertext search results by Internet search engine provides research of information propagation innovative effect during the public access information-recruiting networks of information kiosks formation at the experimental stage with the mirrors at the constantly updating portal for Internet users. Author of this publication put the emphasis on a condition of pertinent search engine results of the total answer by the user inquiries, that provide the politically correct and not usurping socially-network data mining effect at urgent monitoring. Development of the access by devices of the new communication types with the newest technologies of data transmission, multimedia and an information exchange from the first innovation line usage support portal is presented also (including the device of social-psycho-linguistic determination according the author's conception). Keywords: Data mining; expert systems; knowledge engineering; multimedia; search engine; information propagation.

1 Introduction Now, according to design decisions, SPLDESS has been develop at the present time by the international collective in the framework of author's conceptual model [1] that should carry out the retrieval of images, storage of images and delivery of the relevant formats of data search, storage and search engine results of relevant formats images according to the set user communicative intention in the Internet of community private, public and state information resources by knowledge bases system of below-mentioned structure that is corresponded to the subject structure of " KMTZ" portal, that is automatically everyday updating at mirrors: http://www.kmtz.info and http://www.kmtz.biz. The described below procedures of data processing and knowledge, according the mentioned below illustrated specification should represent the content and multimedia images, that in turn render active the estimation of the given search order, by the search engine results pertinent criterion and by semantic[8], pragmatical and discourse structure of the communicative package SPL-stratification account of due type that is described in a below-mentioned part of the present publication. T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 130–137, 2010. © Springer-Verlag Berlin Heidelberg 2010

Socio-Psycho-Linguistic Determined Expert-Search System

131

2 Idea of the Multimedia Specifications in the Technical Project 2.1 The Primary Specification 1. Socializing types of polythematic information 2. The polythematic information about municipal infrastructure 3. The information about business commercial subjects 2.2 The Secondary Specification 1. The most frequent subject chains, that are in correspondence with ratings of social-psycho-linguistic determined illustrations prestigiousness and templateness 2. Polysemantic spectrum of influence scale generation at the set subjects communicative intention perception unification by standard and multimedia means. To each saturation spectrum of the answer search image is set a correspondence in the form of a multimedia illustration at the final screen format of the search query processing result and interactive specified motivations in the restricted thematic category are set. Innovation. It is necessary to notice that the stock of hierarchically - easy to recognize illustrations is provided to be received as a result of indisputable participants of world hierarchy historical events animation (at the scale like "the Big explosion epoch of dinosaurs - the ice age - ancient history of Middle east - history of Africa ancient history of Asia - ancient history of Europe - history of Pre-Columbian era in America - history of continents in average centuries - history of continents in new time - history of continents in the newest - modern history of fashion and the hi-tech spheres of services, or industry (with references to current price-lists)", for example by image style like in Fig. 1:

Vacancies\description standard\: Duties Requirements Conditions

The accessible normal variant

The accessible high rating variant

1.Participation in the project of the informationanalytical system development, that is created by the employer company (the

I. Business requirements development II. Specifications execution III.Techniques and standards, instructions, regulations preparation

The favourable high rating variant

Very valuable high rating variant

Fig. 1. Hierarchy historical events animation image style

132

V. Ponomarev

The information on the employer The contact person Site of the employer Preferences

box decision and Internet service) 2.Gathering' analysis' documenting producing ' and the coordination of requirements to system at the basis of interaction with potential customers and experts 3.Drawing up the specifications of technical projects on existing functional completion and development of new system modules 4.The functional implementation control by criteria of correspondence to the technical project' carrying out of business testing of the implemented functionality' developers and experts of the testing consultation group 5.User documentation producing

IV.Primary testing, correction of errors V. Service, development of clearing settlements maintenance systems … … …

Fig. 1. (continued)

Socio-Psycho-Linguistic Determined Expert-Search System

… .

… .. …

The resume …

The educational centres … Persons are interested in the demanded kinds of training … Tourism …

The recreational centres …. Welfare & legal consultations …

Fig. 1. (continued)

133

134

V. Ponomarev

3 Scale of Ambitions It is necessary to notice, that author designed SPLDESS usage as superstructures in user interface in the framework of multilanguage project "Experimental stage" of SPLDESS - Information System of Public Access at the basis of 2 university centres in European and Asian countries, with the assistance of several university centres in countries-scientific cooperation partners provides research of innovative effect from formation of Experimental stage is information - recruiting networks of information kiosks in public access with the mirrors at the constantly updating portal for Internet users (including strong support of access from mobile phones [4] and other portable devices [3] of constantly updated types of communication devices with the usage of new front end data transmission, multimedia and information interchange technologies). At the basis of long-term researches and the expert analysis [5], it is established that the most actual types of information, that are necessary for harmonious development and a successive susceptibility of new generation for all socially valuable kinds of activity, and that are also simply daily required for individual or socio-cultural activity, should be united in Information System of Public Access with public access terminals (information kiosks with the touch screen) [2] to demanded authentic, not commercialised information resources. These resources are united by economic platform, but protected from criminal influences by special Internet, WAN and LAN security technologies in a popular databank on subjects: Training (vocational training of new generations to acquire a professions, that are claimed at the modern labour market) Recreation and Leisure (possibilities of new generations for cultural, individualised, non-criminal leisure, sports, etc.) Jobs (employment of new generations for work with a sufficient wage level, including creation and development of family) Social Law Protection (for the new generations first of all) The above-named terminals with the touch screen for public access to demanded authentic, not commercialised information resources are necessary for placing information kiosks and corresponding portal mirrors in the above-named university centres according to the certain feasibility report. In parallel with an information resource in the Internet the project provides the annual edition on hard copiers and DVD as the "Special directory-navigator for the different regions for new generations" contains the information about what to do for new generations in that case when traditional communications or mass media do not provide with their operative, authentic, timely and updated information about the socialization ways in a modern international global and local societies . The directorynavigator, contains information resources which will allow to new generations to be guided freely in the problems of employment, training, education, recreation, leisure, and also social and legal protection. Besides, during the formation of SPLDESS experimental stage Information System of with terminals (information kiosks with the touch screen) public access to demanded authentic, not commercialised information resources, it was planned to development and to research the adaptive marcetological demands of its special module of preventive protection of the information created by the expense of the state from

Socio-Psycho-Linguistic Determined Expert-Search System

135

illegitimate concealments commercialization completeness as regards of its most socially significant address components. The mentioned module should provide the transformation of the above-named terminals user natural language inquiry, or their Internet versions to query system search engine in corresponding language with accent on search engine results of the government agencies, that are authorised for execution of control-allowing functions [7] in the framework of monitoring competency for commercially-unlimited order of the socially significant information corresponding types distribution in all its completeness at subjects that are set forth above contact phones and addresses (at the final stage of the present research probably to provide experimental development and marketing [6] demands approbation of the described module expansion , that should carry out pertinent electronic statements of claim with digital sign support and possibility of conclusion to the printer with the subsequent automated packing an envelope and dispatch to all appropriate instances for execution of the full spectrum resulted national users of the states under which jurisdiction spends the present research information requirements generation). In case of users rights infringement by cause of relevant information absence, that is financed by the expense of national, city, municipal or any other type local budgets information resources, it should conduct to automated generation of claim or claims statements about no-purpose use of state resources and the subsequent collecting from the guilty costs established in a judicial order for put damage to property and moral damage in the corresponding size.

4 Summaries and Conclusions In conclusion during the summarising all aforesaid, it is necessary to notice, that the purpose of this research paper is of the script - frame production knowledge model concept presentation for social psycho linguistic determined communication streams in human computer natural language processing of toolkit, that is limited by above mentioned subjects. The most part of the considered project, as opposed to the pure theoretic approach in various branches of an artificial intelligence, applies for the software development problem definition. This approach is aimed to supersets of public access networks that are capable to communicate with any type of information systems only by a restricted natural language dialog mode, or often only by restricted colloquial dialect. In spite of the fact, that some aspects of the offered methodology are tightly related to the traditional technologies of machine translation systems, but the main resolution of the problem is given in the traditional structure of the knowledge engineering, that is inherited from classic expert systems that involve the paradigm of further application development and the original toolkit of knowledge presentation. The information streams have frame knowledge representations and substantiations that are included in the considered conceptual model. The resulting matrix toolkit interprets the generation and production script, that is in the dependence of user's socio-linguistic, sociopsychological and psycho-linguistic attributes, that are mentioned at our knowledge base subject structure prototypes at http://www.kmtz.info.

136

V. Ponomarev

The author's strategic purpose is the development of a knowledge presentation model for a similar class of existing infrastructure systems with the assistance of special multimedia hardware (information kiosks public access network) means. This simple approach to implementation of demonstrated significant technological decisions easily supports some opportunities of the visual output (multimedia, video, speech processing and traditional terminals with menu selections) for massive reduction of the excessive text information. The development of an expert search system with elements of socio-psycho linguistic determinations, adaptations, verifications and now the special multimedia toolkits, that suppose to break through the industry of gradual development of the artificial intelligence tools, highly demanded by some perspective segments of national and international software market [6]. These tools are very significant from the investment point of view. Today some institutions in private, and in the state-public status are concerned in the prompt arms by the above described information-communication technologies, as existing specialized establishments in this area, and even in the public control international organizations, that is carrying out the highly technological, but the democratic information protection policy of the international-recognized rights for each person-user of data transmission global networks joint establishment by the expense of the faster account infrastructure. This new generation infrastructure should be able to monitor the content providing politically correct not usurping socially-network effect evolution of dynamics regarding the urgency of priority changes to glocalisation, preventive maintenance of extremist tendencies in conditions of non-selectiveness and anonymity of popular special and educational services in Internet communications and mass media. Acknowledgments. I am grateful to my colleague Yuri Natchetoi for the care with which he reviewed the former version of this manuscript, that was reflected in style of finishing works on joint software design and especially to incumbent Director of my company for the care with which my chief reviewed the last version of this manuscript and for conversations that clarified my thinking on this and other matters. His friendship and professional collaboration meant a great deal to me.

References 1.

2.

3.

4.

Ponomarev, V.V.: Conceptual Model of the linguistic software complex of the expert search system with elements of the socio-psycho linguistic determination. Dialog MEPhI, Moscow (2004) (in Russian) Ponomarev, V.V.: Implementation of the new approach to automated reporting from the terminal stations of the municipal information system “Youth”. In: New software technologies, Moscow, MGIEM, pp. 44–51 (2005) (in Russian) Ponomarev, V., Natchetoi, Y.: Semantic Content Engine for E-business and E-Government with Mobile Web support. In: Proceedings of the Third International Conference on Internet Technologies and Applications, Wrexham, UK, pp. 702–710 (2009) Kaufman, V., Natchetoi, Y., Ponomarev, V.: On Demand Mobile CRM Applications for social marketing. In: Proceedings of ICE-B, Porto, Portugal, pp. 397–404 (2008)

Socio-Psycho-Linguistic Determined Expert-Search System 5.

6. 7. 8.

137

Ponomarev, V.V., Gorelov, Y.K.: Independent Moscow Regional Ecological Monitoring and Recultivation Center on the Base of Expert Social-Informational Technological Integrated Data Bank as Experience of Adequatization. In: Program of People to people International, Moscow City Council, Intel Service Center, Russian Ministry for the Protection of the Environment and Natural Resources, Moscow (1994) Webber, Y.: Marketing to the Social Web: How Digital Customer Communities Build Your Business. Wiley, Chichester (2007) Ponomarev, V.V.: Composition, structure and functional extension of linguistic support for Applications. 3 – 5, Mashinostroitel, Number 11, (2006) (in Russian) ISSN 00025 – 4568 Yu, L.: Semantic Web and Semantic Web services. Chapman and Hall/CRC, Boca Raton (2007)

A Packet Loss Concealment Algorithm Robust to Burst Packet Loss Using Multiple Codebooks and Comfort Noise for CELP-Type Speech Coders Nam In Park1, Hong Kook Kim1, Min A. Jung2, Seong Ro Lee3 , and Seung Ho Choi4 1

School of Information and Communications Gwangju Institute of Science and Technology (GIST), Gwangju 500-712, Korea {naminpark,hongkook}@gist.ac.kr 2 Department of Computer Engineering, 3 School of Information Engineering Mokpo National University, Jeollanam-do 534-729, Korea {majung,srlee}@mokpo.ac.kr 4 Department of Electronic and Information Engineering Seoul National University of Science and Technology, Seoul 139-743, Korea [email protected]

Abstract. In this paper, a packet loss concealment (PLC) algorithm for CELPtype speech coders is proposed to improve the quality of decoded speech under burst packet loss. A conventional PLC algorithm is usually based on speech correlation to reconstruct decoded speech of lost frames by using the information on the parameters obtained from the previous frames that are assumed to be correctly received. However, this approach is apt to fail to reconstruct voice onset signals since the parameters such as pitch, LPC coefficient, and adaptive/fixed codebooks of the previous frames are almost related to silence frames. Thus, in order to reconstruct speech signals in the voice onset intervals, we propose a multiple codebook based approach which includes a traditional adaptive codebook and a new random codebook composed of comfort noise. The proposed PLC algorithm is designed as a PLC algorithm for G.729 and its performance is then compared with that of the PLC algorithm employed in G.729 by means of perceptual evaluation of speech quality (PESQ), a waveform comparison, and an A-B preference test under different random and burst packet loss conditions. It is shown from the experiments that the proposed PLC algorithm provides significantly better speech quality than the PLC of G.729, especially under burst packet loss and voice onset conditions. Keywords: Speech coding, G.729, packet loss concealment (PLC), comfort noise, burst packet loss, voice onset.

1 Introduction With the increasingly popular use of the Internet, IP telephony devices such as voice over IP (VOIP) and voice over WiFi (VoWiFi) phones have attracted wide attention for speech communications. In order to realize an IP phone service, speech packets T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 138–147, 2010. © Springer-Verlag Berlin Heidelberg 2010

A Packet Loss Concealment Algorithm Robust to Burst Packet Loss

139

are transmitted using a real-time transport protocol/user datagram protocol (RTP/UDP), but RTP/UDP does not check it out whether or not the transmitted packets are correctly received [1]. Due to the nature of this type of transmission, the packet loss rate would become higher as the network becomes congested. In addition, depending on the network resources, the possibility of burst packet losses also increases, potentially resulting in severe quality degradation of the reconstructed speech [2]. In this paper, a new packet loss concealment (PLC) algorithm for CELP-type speech coders is proposed as a means of improving the quality of decoded speech under burst packet losses, especially when the packet loss occurs during voice onset intervals. The proposed PLC algorithm is based on speech correlation to reconstruct decoded speech corresponding to lost packets. CELP-type speech coders decompose speech signals into vocal track parameters and excitation signals. The former is reconstructed by repeating the parameters of the previous speech frame that is assumed to be correctly received. On the other hand, excitation signals are reconstructed by combining voiced and random excitations. In other words, voice excitation is obtained from the adaptive codebook excitation scaled by a voicing probability, while random excitation is generated by permuting the previous decoded excitation in order to compensate for an undesirable amplitude mismatch under burst packet loss conditions. However, this approach is apt to fail to reconstruct voice onset signals since the parameters such as a pitch period, linear predictive coding (LPC) coefficients, and adaptive/fixed codebooks of the previous frames are almost related to silence frames [3]. The proposed PLC algorithm can mitigate this problem by a multiple codebook using comfort noise. The performance of the proposed PLC algorithm is evaluated by implementing it on the G.729 speech decoder and compared with that of the PLC algorithm already employed in the G.729 speech decoder. The remainder of this paper is organized as follows. Following this introduction, Section 2 describes a conventional PLC algorithm that is employed in the G.729 decoder [7]. After that, Section 3 describes the proposed PLC algorithm and implements it on the G.729 decoder. Section 4 then demonstrates the performance of the proposed PLC algorithm, and this paper is concluded in Section 5.

2 Conventional PLC Algorithm The PLC algorithm employed in the G.729 standard reconstructs speech signals of the current frame based on previously received speech parameters. In other words, the PLC algorithm replaces the missing excitation with an equivalent characteristic from a previously received frame, though the excitation energy gradually decays. In addition, it uses a voicing classifier based on a long-term prediction gain. During the frame error concealment process, a 10 ms frame is declared as voiced if at least a 5 msec subframe of the 10 ms frame has a long-term prediction gain of more than 3 dB; otherwise, the frame is declared as unvoiced. A lost frame inherits its class from the previous speech frame. The synthesis filter in the lost frame uses the linear predictive coding (LPC) coefficients of the last good frame. In addition, the gains of the adaptive and fixed codebooks are attenuated by a constant factor, and the pitch period of the lost frame uses the integer part of the pitch period from the previous frame. To avoid repeating the same periodicity, the pitch period is increased by one for each subsequent subframe.

140

N.I. Park et al.

3 Proposed PLC Algorithm Contrary to the conventional PLC algorithm described in the previous section, the proposed PLC algorithm consists of two blocks: a speech correlation based PLC (SCPLC) block and a multiple codebook based PLC (MC-PLC) block. The former includes voicing probability estimation, periodic/random excitation generation, and speech amplitude control. The latter incorporates comfort noise to construct multiple codebooks for reconstructing voice onset signals. Fig. 1(a) shows an overview of the proposed PLC algorithm. First of all, the multiple codebook, e2 ( n) , is updated every frame regardless of packet loss. If the current frame is declared as a lost frame, LPC coefficients of the previous good frame are first scaled down to smooth the spectral envelope. Next, a new excitation signal, eˆ(n) , is estimated by a speech correlation based PLC block. Here, the updated multiple codebook is used in order to achieve eˆ( n) . If consecutive frame losses occur, the signal amplitude estimate, Ai, for the lost frame is obtained prior to the excitation estimation described above. Finally, decoded speech corresponding to the lost frame is obtained by filtering the estimated new excitation by using the smoothed LPC coefficients. Packet loss occurrence Multiple codebook based PLC Previous frame

Packet loss occurrence

e2 (n)

Burst packet loss ? Previous frame

No Burst packet loss ?

Excitation

e(n)

Yes Signal amplitude control

Pitch

Excitation No

LPC

Computation of Voicing probability

pv

P

Pitch

e(n)

LPC

P

puv

Yes

Speech correlation based PLC

ai Signal amplitude control

eˆ(n)

Ai

e~ (n)

r

LPC smoothing

Ai (n )

Periodic excitation generation

eˆ(n)

r i ai

Synthesis filter Decoded speech for lost packet

(a)

Random excitation generation

e~(n) Synthesis filter

r

ai

LPC smoothing

r i ai

Decoded speech for lost packet

(b)

Fig. 1. Overviews of (a) the proposed PLC algorithm and (b) the speech correlation based PLC algorithm [3]

3.1 Speech Correlation Based PLC 3.1.1 Generation of Periodic and Random Excitation Using the Voicing and Unvoicing Probability Fig. 1(b) shows an overview of the speech correlation based PLC (SC-PLC) block. This block tries to estimate a new excitation signal, eˆ(n) , for a lost frame by combining the periodic excitation obtained from the estimated voicing probability, and the random excitation obtained by permuting the previously decoded excitation signal. Note here that the updated multiple codebook is used in order to generate the periodic and random excitations, which will be explained in Section 3.2.

A Packet Loss Concealment Algorithm Robust to Burst Packet Loss

141

Pv Periodic excitation

Random excitation

Puv

Fig. 2. Example of generating excitation signals by the speech correlation block

The SC-PLC algorithm generates the excitation of a lost frame by a weighted sum of the voiced and unvoiced excitations, which in turn is based on the pitch and the excitation of the previous frame, as shown in Fig 2. In particular, voiced excitation is first generated from an adaptive codebook by repeating the excitation of the previous frame during the pitch period, referred to as periodic excitation in this paper. That is, the periodic excitation, e p (n) , is given by e p ( n ) = e( n − P )

(1)

where e(n) is the excitation of the previous frame and P is the pitch period estimate of the current frame. Next, to generate unvoiced excitation, referred to as random excitation, temporal excitation is produced based on a random permutation of the excitation of the previous frame, such as et (n) = Pπ (e(n))

(2)

where et (n) is the temporal excitation, Pπ is a permutation matrix, and n is generated by a random sequence in the range of P. An excitation sample is selected randomly from within a selection range having the same length of pitch period. To select the next excitation sample, P is increased by one to prevent the same excitation sample from being selected. In addition, assuming that the fixed codebook has some degree of contribution to the periodicity of the speech signal as an adaptive codebook [4], we can compute the maximum cross-correlation between the periodic excitation and the temporal excitation as ⎛ N −1 ⎞ ⎜ e p ( n ) ⋅ et ( n − m ) ⎟ ⎜ ⎟ i=0 ⎠ m * = arg max ⎝ N −1

∑

0 ≤ m ≤ N −1

2

(3)

∑ e (n − m) 2 t

i =0

where N is the frame size and set to 80 for G.729. The best random excitation that contributes to the speech signal periodicity is then defined as er ( n) = et ( n − m* )

(4)

where er (n ) is the random excitation. As shown in Fig. 2, to recover the lost frame, we can obtain the reconstructed excitation by a weighted sum of the periodic and random excitation as

142

N.I. Park et al. eˆ( n ) = pve p ( n ) + puv er ( n )

(5)

where eˆ(n), pv , and puv are the reconstructed excitation, the voicing probability, and the unvoicing probability, respectively. In Eq. (5), pv and puv are required to obtain the excitation. To this end, we first compute a correlation coefficient, r , between the excitation decoded in the previous frame and its delayed version up to the estimated pitch period of the current frame, P . In other words, we have N −1

r=

∑ e( n )e (n − P ) n=0

N −1

∑e

.

(6)

N −1

2

(n)

n=0

∑e

2

(n − P )

n =0

Using the correlation coefficient, pv and puv are estimated as ⎧1, ⎪ ⎪ ⎪ r − 0.03 pv = ⎨ ⎪ 0.3 ⎪0, ⎪⎩

if r > 0.33 if 0.03 ≤ r ≤ 0.33

(7)

otherwise

and puv = 1 − pv .

(8)

The above probabilities are finally applied to Eq. (5) to obtain the reconstructed excitation. 3.1.2 Speech Amplitude Control Using Linear Regression The SC-PLC algorithm described in Section 3.1.1 tends to reconstruct speech signals with relatively flat amplitudes, resulting in unnatural quality of decoded speech. To overcome this problem, we introduce a smoothing method for controlling the amplitude of decoded speech by using a linear regression technique. Fig. 3 shows an example of the amplitude control. Assuming that i is the current frame and g i is the original speech amplitude, the PLC employed in G.729 estimates the amplitude, gi′′, by attenuating the codebook gain, whereas the speech correlation based PLC estimates the amplitude, gi*, using linear regression. In the figure, the amplitude obtained by linear regression provides a better estimate than the amplitude obtained by attenuating the codebook gain. Here, the linear regression based on the linear model is g i′ = a + b i

(9)

A Packet Loss Concealment Algorithm Robust to Burst Packet Loss 600

■

500

◆

400

g i −3

◆

◆

300

g i*

◆ gi

gi− 2

200 100

g i −1

143

g i′ = a + bi

● g i′′

◆

0 i-4

i-3

i-2

i-1

i

Current frame

Fig. 3. Amplitude prediction using linear regression

where g i′ is the newly predicted current amplitude, a and b are coefficients for the first order linear function, and i is the frame number [6]. Assuming that measurement errors are normally distributed and the past four amplitude values are used, we find a and b such that the difference between the original speech amplitude and the speech amplitude estimated from the figure is minimized. In other words, a* and b* are the optimized parameters with respect to a and b . Based on these parameters, the amplitude estimate for the i-th frame is denoted as gi* = a* + b* i .

(10)

To obtain the amplitude of a lost frame, the ratio of amplitude of the i-th current frame and that of the (i-1)-th frame is first defined as σi =

g i* g i −1

(11)

where σ i is the amplitude ratio of the i-th frame. Moreover, the number of consecutive lost frames is taken into account by observing that if consecutive frames losses occur, the speech amplitude also decreases. We define a scale factor, si , as ⎧ 1.1, ⎪ ⎪ 1.0 , si = ⎨ ⎪0.9 , ⎪⎩ 0 ,

if li = 1,2 if li = 3,4

(12)

if li = 5 ,6 otherwise

where li is the number of consecutive lost frames until the i-th frame. Then, the estimated amplitude, A′i , can be determined by using the equation of Ai′ = si σ i .

(13)

For the continuous amplitude attenuation, A′i , is smoothed with the estimated amplitude of the (i-1)-th frame, Ai′−1, as Ai′( n) = -

Ai-′ 1 − Ai′ ⋅ n + Ai-′ 1, N

n = 0 ,L ,N − 1

(14)

144

N.I. Park et al.

where Ai′(n) is the smoothed amplitude of the n-th sample for the i-th frame. Finally, we multiply Ai′(n) to the excitation eˆ(n) to obtain the amplitude adjusted excitation. That is, e~ ( n) = Ai′( n)eˆ(n) and it is applied to the synthesis filter. 3.2 Multiple Codebook Based PLC The SC-PLC block is apt to fail to reconstruct voice onset signals. When the current frame is a voice onset, the previous frames are silent or noise frames. Thus, if the current frame is lost, then the coding parameters such as pitch period, LPC coefficients, and excitation codebooks are not enough to reconstruct the current frame. To overcome this problem, we propose a multiple codebook based PLC (MC-PLC) approach. Random pitch

Random grid

Random adaptive codebook

Random positions and pulse signs

Random fixed codebook

g rf

g ra ecng (n)

Adaptive codebook II

e2 (n)

1

SC-PLC

e~ ( n)

FI 0

ga Adaptive codebook I

1

e(n)

1 0

FI 0

Speech synthesis filter FI

Fixed codebook I

gf

Reconstructed speech signals

Fig. 4. Structure of the proposed multiple codebook generation based on comfort noise, where FI means a frame erasure indicator

Fig. 4 shows a structure of the MC-PLC block. In this block, comfort noise is incorporated to make a secondary adaptive codebook for the excitation generation of a CELP-type coder. As shown in the figure, the adaptive codebook II excitation, e2 (n), is used every frame without regarding to frame loss. If there is no frame loss, i.e., the frame indicator (FI) is set to 0, speech signals are reconstructed by filtering e(n) . Simultaneously, the adaptive codebook II is updated as the sum of e(n) and ecng (n). Otherwise, the previous excitation of SC-PLC is substituted with e2 ( n). After applying e2 (n) to SC-PLC, speech signals are reconstructed by filtering ~e (n) . In this case, the adaptive codebook II is only updated by using the excitation the sum of ~e (n) by SC-PLC and ecng (n) by the comfort noise. Here, ecng (n) is defined as ecng ( n) = g ra era (n) + g rf erf (n)

(15)

where g ra and g rf are the gains of the random adaptive codebook excitation, era (n), and the random fixed codebook excitation, erf (n) , respectively [11].

A Packet Loss Concealment Algorithm Robust to Burst Packet Loss

145

In Eq. (15), ecng (n) should be small enough, compared to the excitation, e(n). In this paper, the squared sum of ecng (n) over a subframe is set below the squared sum of e(n), such as 39

∑

39

( g ra era ( n ) + g rf erf ( n )) 2 = α

n=0

∑ (e( n))

2

(16)

n=0

where α is a scale factor and is set adaptively depending on g a , the gain of the adaptive codebook I as shown in Fig. 5. In other words, we have if g a ≥ 0.6 ⎧0.48, ⎪⎪ α = ⎨0.8 g a , if 0.12 ≤ g a < 0.6 . ⎪ ⎪⎩0.108, if g a < 0.12

(17)

Before solving Eq. (16), we randomly choose g ra according to the rule that is already applied to generate the comfort noise in ITU-T Recommendation G.729 Annex B [11]. Finally, g rf is also finally obtained from Eq. (16).

4 Performance Evaluation To evaluate the performance of the proposed PLC algorithm, we replaced the PLC algorithm employed in G.729 [7] with the proposed PLC algorithm, and then we measured perceptual evaluation of speech quality (PESQ) scores according to ITU-T Recommendation P.862 [8]. For the PESQ test, 96 speech sentences, composed of 48 males and 48 females, were taken from the NTT-AT speech database [9] and processed by G.729 with the proposed PLC algorithm under different packet loss conditions. The performance was also compared with that using the PLC algorithm employed in G.729, which is called G.729-PLC. In this paper, we simulated two different packet loss conditions, including random and burst packet losses. During these simulations, packet loss rates of 3, 5, and 8% were generated by the Gilbert-Elliot model defined in ITU-T Recommendation G.191 [10]. Under the burst packet loss condition, the burstiness of the packet losses was set to 0.66, thus the mean and maximum consecutive packet losses were measured at 1.5 and 3.7 frames, respectively. Figs. 5(a) and 5(b) compare PESQ scores when the proposed MC-PLC and G.729PLC were employed in G.729 under single packet loss conditions and burst packet loss conditions, respectively. As shown in the figure, the MC-PLC algorithm had higher PESQ scores than the G.729-PLC algorithm for all the conditions. In particular, the effectiveness of the proposed PLC algorithm was investigated when packet losses occurred in voice onset intervals. Fig. 5(c) shows the PESQ scores for G.729PLC, SC-PLC, and MC-PLC under this simulated condition. It was shown from the figure that MC-PLC provided lowest PESQ scores for any number of consecutive packet losses during the voice onset.

146

N.I. Park et al.

3.8

3.8 3.7 MC-PLC (Proposed PLC)

3.6 3.5 3.4 3.3

G.729-PLC

G.729 PLC

2.9

MC-PLC (Proposed PLC)

2.8

SC-PLC

2.7

MC-PLC (Proposed PLC)

PESQ (MOS)

3.6

PESQ (MOS)

PESQ (MOS)

3

G.729 PLC

3.7

3.5 3.4 3.3

2.6 2.5 2.4 2.3

3.2

3.2

3.1

3.1

3

3 No loss

3

5

8

2.2 2.1 2 No loss

Single packet loss rate (%)

0

0.33

0.66

Burstiness

(a)

(b)

1

2

3

Number of Consecutive Frame Losses (c)

Fig. 5. Comparison of PESQ scores of MC-PLC and G.729-PLC under (a) single packet loss conditions and (b) burst packet loss conditions (c) of G.729-PLC, SC-PLC, and MC-PLC according to different number of consecutive packet losses occurred in voice onset intervals

Fig. 6. Waveform comparison; (a) original waveform, (b) decoded speech signal without any packet loss, and reconstructed speech signals using (c) packet error patterns (d) G.729-PLC, (e) SC-PLC, and (f) MC-PLC Table 1. A-B preference test results

Burstiness/ Packet loss rate 3% γ =0.0 5% (random) 8% 3% γ =0.66 5% 8% Average

Preference Score (%) G.729 PLC No difference 14.44 47.78 8.89 45.56 18.89 34.44 17.78 45.56 12.22 42.22 7.78 41.11 13.33 42.78

Proposed PLC 37.78 45.55 46.67 36.66 45.56 51.11 43.89

Fig. 6 shows waveform comparison of reconstructed speech by different PLC algorithms. Figs. 6(a) and 6(b) show the original speech waveform and the decoded speech waveform with no loss of the original signal, respectively. After applying the packet error pattern expressed as a solid box in Fig. 6(c), SC-PLC (Fig. 6(e)) and MCPLC (Fig. 6(f)) reconstructed speech signals better than G.729-PLC (Fig. 6(d)). However, SC-PLC was not enough to reconstruct the voice onset signal, as shown in a dotted box in Fig. 6(c). On the other hand, MC-PLC provided better reconstruction of voice onset signals than SC-PLC. Finally, in order to evaluate the subjective performance, we performed an A-B preference listening test, where 10 speech sentences including 5 males and 5 females were processed by both G.729-PLC and MC-PLC under random and burst packet loss conditions. It was shown from the table that MC-PLC was significantly preferred than G.729-PLC.

A Packet Loss Concealment Algorithm Robust to Burst Packet Loss

147

5 Conclusion In this paper, we proposed a packet loss concealment algorithm for a CELP-type speech coder for the performance improvement of speech quality when frame erasures or packet losses occurred in voice onset intervals. The proposed PLC algorithm combined a speech correlation PLC and a multiple codebook-based PLC algorithm. We evaluated the performance of the proposed PLC algorithm on G.729 under random and burst packet loss rates of 3%, 5%, and 8%, and then we compared it with that of the PLC algorithm already employed in G.729 (G.729-PLC). It was shown from PESQ tests, waveform comparison, and A-B preference tests that the proposed PLC algorithm provided better speech quality than G.729-PLC for all the simulated conditions. Acknowledgments. This work was supported in part by Mid-career Researcher Program through NRF grant funded by the MEST (No. 2010-0000135), and supported by the Ministry of Knowledge Economy (MKE), Korea, under the Information Technology Research Center (ITRC) support program supervised by the National IT Industry Promotion Agency (NIPA) (NIPA-2010-C1090-1021-0007).

References 1. Goode, B.: Voice over internet protocol (VoIP). Proceedings of the IEEE 90(9), 1495– 1517 (2002) 2. Jian, W., Schulzrinne, H.: Comparision and optimization of packet loss repair methods on VoIP perceived quality under bursty loss. In: Proceedings of NOSSDAV, pp. 73–81 (2002) 3. Cho, C.S., Park, N.I., Kim, H.K.: A packet loss concealment algorithm robust to burst packet loss for CELP-type speech coders. In: Proceedings of ITC-CSCC, pp. 941–944 (2008) 4. Kim, H.K., Lee, M.S.: A 4 kbps adaptive fixed code excited linear prediction speech coder. In: Proceedings of ICASSP, pp. 2303–2306 (1999) 5. Kondoz, A.M.: Digital Speech: Coding for Low Bit Rate Communication Syste, 2nd edn. Wiley, Chichester (2004) 6. Press, W., Teukolsky, S., Vetterling, W., Flannery, B.: Numerical Recipes The Art of Scientific Computing, 3rd edn. Cambridge University Press, Cambridge (2007) 7. ITU-T Recommendation G.729.: Coding of Speech at 8 kbit/s Using Conjugate-Structure Code-Excited Linear Prediction (CS-ACELP) (1996) 8. ITU-T Recommendation P.862.: Perceptual Evaluation of Speech Quality (PESQ), and Objective Method for End-to-End Speech Quality Assessment of Narrowband Telephone Networks and Speech Coders (2001) 9. NTT-AT.: Multi-Lingual Speech Database for Telephonometry (1994) 10. ITU-T Recommendation G.191.: Software Tools for Speech and Audio Coding Standardization (2000) 11. ITU-T Recommendation G.729 Annex B.: A Silence Compression Scheme for G.729 Optimized for Terminals Conforming to Recommendation V.20 (1996)

Duration Model-Based Post-processing for the Performance Improvement of a Keyword Spotting System Min Ji Lee1, Jae Sam Yoon1, Yoo Rhee Oh1, Hong Kook Kim1, Song Ha Choi2, Ji Woon Kim2, and Myeong Bo Kim2 1 School of Information and Communications Gwangju Institute of Science and Technology (GIST), Gwangju 500-712, Korea {minji,jsyoon,yroh,hongkook}@gist.ac.kr 2 Camcorder Business Team, Digital Media Business Samsung Electronics, Suwon-si, Gyenggi-do 443-742, Korea {songha.choi,jiwoon.kim,kmbo.kim}@samsung.com

Abstract. In this paper, we propose a post-processing method based on a duration model to improve the performance of a keyword spotting system. The proposed duration model-based post-processing method is performed after detecting a keyword. To detect the keyword, we first combine a keyword model, a non-keyword model, and a silence model. Using the information on the detected keyword, the proposed post-processing method is then applied to determine whether or not the correct keyword is detected. To this end, we generate the duration model using Gaussian distribution in order to accommodate different duration characteristics of each phoneme. Comparing the performance of the proposed method with those of conventional anti-keyword scoring methods, it is shown that the false acceptance and the false rejection rates are reduced. Keywords: Keyword spotting, post-processing method, duration model.

1 Introduction The latest smart phones and electronic devices require voice commands for fast and convenient usage. In order to activate voice commands automatically, a keyword spotting system can be adopted in such devices to detect predefined keywords from the continuous speech signals. Moreover, it can resolve the performance degradation of isolated word recognition or continuous speech recognition systems [1]. Generally, keyword spotting systems use hidden Markov models (HMMs) [2]; i.e., a keyword model, a non-keyword model, and a silence model are first modeled by each HMM. Then, input speech is decoded with the trained HMMs, combining the three HMMs to detect specified keywords. After detecting keywords, a post-processing technique can be applied to reduce detection errors in the system. Also, in practical applications, it is often better to let the user speak again rather than to provide the wrong result, which can be also done on the basis of the post-processing results. There have been several post-processing methods proposed. Among them, anti-keyword scoring methods are T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 148–154, 2010. © Springer-Verlag Berlin Heidelberg 2010

Duration Model-Based Post-processing for the Performance Improvement

149

commonly applied using the weighted Euclidean distance and the Kullback-Leibler distance [3]-[5]. On the contrary, we propose a duration model-based post-processing method in order to improve the performance of the keyword spotting system, especially in the case of one keyword. Before applying the proposed post-processing method, we first construct a baseline keyword spotting system to detect keywords. By using the information on the detected keyword, we then verify the detected keyword through the post-processing method. Finally, we compare the performance of the proposed postprocessing method with those of conventional post-processing methods. The remainder of this paper is organized as follows. Following this introduction, Section 2 explains the overall procedure for the baseline keyword spotting system and reviews several conventional post-processing methods. Section 3 presents the proposed duration model-based post-processing method that improves the performance of the keyword spotting system. Section 4 evaluates the performance of the proposed duration model-based post-processing method. Finally, we summarize our findings in Section 5.

2 Baseline Keyword Spotting System This section explains the baseline keyword spotting system and reviews several conventional post-processing methods used in keyword spotting systems. A general structure of a typical keyword spotting system is shown in Fig. 1. The system first extracts speech features from the input speech signal. Next, the system detects keywords via a keyword model, a non-keyword model, and a silence model. After that, in order to reduce errors and thus improve the recognition performance, a post-processing method can be applied. 2.1 Feature Extraction In this paper, speech features are extracted using the ETSI Advanced Front-end [6]. As a result, we use 39-dimensional feature vectors, which include 12 mel-frequency cepstral coefficients (MFCCs) and one log energy parameter with their deltas and delta-deltas.

Fig. 1. General structure of a keyword spotting system

150

M.J. Lee et al.

Fig. 2. Grammar network for the keyword spotting system combining a keyword, a nonkeyword, and a silence model

2.2 Keyword Detection Keywords are detected by using three acoustic models—a keyword model, a nonkeyword model, and a silence model, and they are combined by a finite state network. Fig. 2 shows the finite state network designed when there is only one keyword in each sentence. 2.2.1 Keyword Model The keyword spotting system uses a tri-phone HMM; each HMM has four states and four mixtures per state. The keyword model is trained using the clean speech database from the Speech Information Technology and Industry Promotion Center (SiTEC) [7] and the word database from the ETRI word database [8]. The keyword model is then adapted using speech sentences spoken by 6 female and 10 male speakers, which are recorded under five background noise conditions [9]. In this paper, the keyword is “Umsungmenu”; therefore, the keyword model consists of nine triphone models such as /sil-U+m/, /U-m+s/, /m-s+v/, /s-v+N/, /v-N+m/, /N-m+e/, /m-e+n/, /e-n+ju/, and /n-ju+sil/. 2.2.2 Non-keyword Model and Silence Model The keyword spotting system uses a filler model that is trained using non-keyword speeches and background noise such as classical music, pop music, TV drama, female speech, and male speech. Note here that the non-keyword model has 11 states and 8 mixtures per state. A silence model is trained with five states and four mixtures per state using speech features obtained from silent intervals. 2.2.3 Detection Rule As described above, we detect keywords by combining a keyword model, nonkeyword model, and silence model. Here, we denote the keyword model, non-keyword, and the silence model as λK, λNK, and λS, respectively. We then determine a keyword on a maximum likelihood criterion using λK, λNK, and λS. For a given sequence is S, a detection rule is described as where S* is the detected optimal sequence.

S * = arg max P ( S | λK , λ NK , λS ) S

(1)

Duration Model-Based Post-processing for the Performance Improvement

151

2.3 Post-processing Using Anti-keyword Scoring

A log likelihood scoring for an anti-keyword and an N-best decoding are widely used as a post-processing method. In this paper, we like to review anti-keyword scoring methods. Anti-keyword scoring methods actually use an anti-keyword model. There are two different ways of generating the anti-keyword model. The first one is to use a weighted Euclidean distance [3], while the second is based on the Kullback-Leibler distance [4][5]. Both methods calculate a distance between probability distributions, and the anti-keyword is generated from models whose distances are close to the target model. The distance is represented by 2 N ⎛ 1 V ( μ i ,d , s − μ j ,d ,s ) DE ( pi , p j ) = ∑ ⎜ ∑ ⎜ σ i , d , sσ j , d , s s =1 ⎝ V d =1

⎞ ⎟ ⎟ ⎠

(2)

where DE ( pi , p j ) is the distance between the probability distribution of the i-th and jth phonemes, pi and p j , N is the number of states, V is the dimension of feature vectors, and μi ,d , s and σ i ,d ,s indicate the mean and the standard deviation of the d-th component of the s-th state for the i-th phoneme, respectively. On the other hand, a symmetry Kullback-Leibler distance is given by N V 1 DKL ( pi , p j ) = ∑∑ ( KL( f i ,d ,s ( x), f j ,d ,s ( x) + KL( f j ,d ,s ( x), f i ,d ,s ( x))) s =1 d =1 2

(3)

where f i ,d ,s ( x) and f j ,d , s ( x) indicate the probability distributions of the d-th component of the s-th state for the i-th and j-th phoneme, and x in f i ,d , s ( x) and f j ,d , s ( x) is a random variable. In Eq. (3), KL( f i ,d ,s ( x), f j ,d , s ( x)) is given by KL ( f i , d , s ( x ), f j , d , s ( x )) =

2 1 ⎛⎜ σ j , d , s ln ⎜ 2 ⎝ σ i2, d , s

⎞ σ i2, d , s ( μ i,d ,s − μ j ,d , s ) 2 1 ⎟− + + 2 ⎟ σ 2j , d , s σ 2 , , j d s ⎠

.

(4)

Next, we detect the keyword using a network comprised of a filler model, a keyword model, and a silence model. Then, the detected keyword interval is passed to the antikeyword model network. Finally, we calculate the score as the difference between the detected keyword log likelihood and the log likelihood obtained by passing the antikeyword model, which is defined as

S=

1 [log P(O | WK ) − log P(O | WAK )] fe − f s

(5)

where S is the score, f s is the start frame, and f e is the end frame. The keyword is detected from the network over the interval from f s to f e . In addition, O indicates the observation vector sequence, WK is the keyword model, and WAK is the non-keyword model. This score is then compared to an appropriate threshold to determine whether the detected keyword is accepted or rejected.

152

M.J. Lee et al.

Fig. 3. Duration probabilities of nine phonemes obtained from a keyword

3

Proposed Duration Model Based Post-processing

This section proposes a new post-processing method, which uses a duration model. The proposed post-processing method is based on the fact that each phoneme has a different duration which is modeled by a Gaussian distribution. By using the training database, we obtain a Gaussian probability for each phoneme with the mean vector 2 and variance matrix, μ and σ2, which is denoted as f ( x) = 1 exp − ( x − 2μ ) , where 2σ 2πσ 2 x indicates the duration of each phoneme obtained from the input speech signal. Fig.3 shows duration probabilities of nine phonemes of “UmsungMenu.” Next, the probability f (x) is then compared with a threshold. In this paper, the threshold is set to f ( μ + 3σ ). The detected keyword is subsequently accepted as the accurate keyword if f ( x ) > f ( μ + 3σ ) for all phonemes of the keyword; otherwise, the detected keyword is rejected.

4 Performance Evaluation In this section, we evaluated the performance of the proposed method in terms of the false acceptance rate and the false rejection rate. To measure the false acceptance rate, we used data that did not contain the keyword. On the other hand, we used data containing the keyword for measuring the false rejection rate. Tables 1 and 2 show the performances of the anti-keyword scoring method using the weighted Euclidean and the Kullback-Leibler distance, respectively. On one hand, Table 3 shows the performance of the proposed duration model-based postprocessing method. As shown in Tables 1 and 2, the false rejection rate was inversely

Duration Model-Based Post-processing for the Performance Improvement

153

proportional to the false acceptance rate for the anti-keyword scoring method. The lowest false acceptance rate of anti-keyword scoring method was 34.86%. However, the false acceptance rate of the proposed method was 29.00%, as shown in Table 3. The lowest false rejection rate of anti-keyword scoring method was 18.50%, while the false acceptance rate was 95.90%. On the other hand, the false rejection rate of the proposed method was 37.50%. As a result, it was shown from the comparison of the tables that the false acceptance rate and false rejection rate were both reduced in the proposed method. Table 1. Performance comparison of an anti-keyword scoring method using the weighted Euclidean distance depending on different thresholds

Threshold 4.0 3.5 3.0 2.5 2.0 Average

False acceptance rate (%) 95.90 91.39 84.42 74.18 55.32 80.24

False rejection rate (%) 18.50 42.50 67.50 90.50 99.00 63.60

Table 2. Performance comparison of an anti-keyword scoring method using the KullbackLeibler distance depending on different thresholds

Threshold 4.0 3.5 3.0 2.5 2.0 Average

False acceptance rate (%) 92.62 82.37 70.49 54.91 34.86 67.04

False rejection rate (%) 47.00 72.50 89.50 97.50 99.50 81.20

Table 3. Performance of the proposed duration model-based method

Decision rule f ( x ) > f ( μ + 3σ )

False acceptance rate (%) 29.00

False rejection rate (%) 37.50

5 Conclusion We proposed a post-processing method based on a duration model in order to improve the performance of a keyword spotting system. For each phoneme, a duration model was trained by Gaussian probability. We compared the performance of the proposed duration model-based method with those of the anti-keyword scoring methods. As a result, it was shown that the false acceptance and the false rejection rates were found

154

M.J. Lee et al.

to have an inverse relationship for the anti-keyword scoring methods but the proposed method could reduce both the false acceptance and false rejection rates. Moreover, the false acceptance rate of was 34.86% when the false rejection rate was 99.50% for the anti-keyword scoring method. On the other hand, the proposed method provided the false acceptance rate and false rejection rate as 29.00% and 37.50%, respectively. Acknowledgments. This research was supported in part by Basic Science Research Program through the National Research Foundation of Korea (NRF) funded by the Ministry of Education, Science and Technology (2010-0023888) as well as in part by the Ministry of Knowledge Economy (MKE), Korea, under the Information Technology Research Center (ITRC) support program supervised by the National IT Industry Promotion Agency (NIPA) (NIPA-2010-C1090-1021-0007).

References 1.

2. 3. 4. 5.

6. 7. 8. 9.

Kim, M.J., Lee, J.C.: Non-keyword model for the improvement of vocabulary independent keyword spotting system. In: Proceedings of Acoustical Society of Korea Conference, vol. 25, pp. 319–324 (2006) Rose, R.C., Paul, D.B.: A hidden Markov model based keyword recognition system. In: Proceedings of ICASSP, pp. 129–132 (1990) Li, X.Q., King, I.: Gaussian mixture distance for information retrieval. In: Proceedings of International Conference on Neural Networks, pp. 2544–2549 (1999) Johnson, D.H., Sinanović, S.: Symmetrizing the Kullback–Leibler Distance. Rice University, Houston, TX, Technical Report (2001) Kim, Y.K., Song, H.J., Kim, H.S.: Performance evaluation of non-keyword modeling for vocabulary-independent keyword spotting. In: Proceedings of International Symposium on Chinese Spoken Language Processing, pp. 420–430 (2006) ETSI ES 202 050, Speech Processing, Transmission and Quality Aspects (STQ); Distribution Speech Recognition; Advanced Feature Extraction Algorithm (2002) Kim, B.W., Choi, D.L., Kim, Y.I., Lee, K.H., Lee, Y.J.: Current state and future plans at SiTEC for speech corpora for common use, Malsori, pp. 175–186 (2003) Kim, S., Oh, S., Jung, H.Y., Jeong, H.B., Kim, J.S.: Common speech database collection. In: Proceedings of Acoustical Society of Korea Conference, pp. 21–24 (2002) Zavagliakos, D., Schwartz, R., McDonough, J.: Maximum a posteriori adaptation for large scale HMM recognizers. In: Proceedings of ICASSP, pp. 725–728 (1996)

Complexity Reduction of WSOLA-Based Time-Scale Modification Using Signal Period Estimation Duk Su Kim1, Young Han Lee1, Hong Kook Kim1, Song Ha Choi2, Ji Woon Kim2, and Myeong Bo Kim2 1 School of Information and Communications Gwangju Institute of Science and Technology, Gwangju 500-712, Korea {dskim867,cpumaker,hongkook}@gist.ac.kr 2 Camcoder Business Team, Digital Media Business Samsung Electronics, Suwon-si, Gyenggi-do 443-742, Korea {kmbo.kim,jiwoon.kim,songha.choi}@samsung.com

Abstract. In this paper, we propose a computational complexity reduction method for a waveform similarity overlap-and-add (WSOLA) based time-scale modification (TSM) algorithm using signal period estimation. In the proposed method, a signal period is estimated from the normalized cross-correlation. An optimal shift, a maximally similar point, of WSOLA for the current frame can be estimated from the estimated period obtained from the previous frame. Then, we reduce the search range for calculating the normalized cross-correlation around the estimated optimal shift instead of calculating for the full search range. In this manner, we can reduce the computational complexity required for normalized cross-correlations, which dominates most of the complexity in WSOLA. It is shown from experiments that the proposed method gives a relative complexity reduction of 56% for the WSOLA-based TSM algorithm while maintaining speech quality. Keywords: Time-scale modification, WSOLA, complexity reduction, signal period estimation.

1 Introduction Time-scale modification (TSM) is a technique used to modify the duration of speech or audio signals while minimizing the distortion of other important characteristics, such as the pitch and timbre. TSM has been widely used in the fields of speech and audio signal processing. For example, it has been used during preprocessing in speech recognition systems to improve the recognition rate [1]. Also, TSM can be applied to speech synthesis systems in order to produce sounds more naturally [2]. Moreover, TSM has been used to improve the compression rate in speech and audio coding [3]. Over the last three decades, various overlap-and-add TSM algorithms have been developed. Among them, synchronized overlap-and-add (SOLA) based TSM [4], pitch synchronous overlap-and-add (PSOLA) based TSM [2], and waveform similarity overlap-and-add (WSOLA) based TSM [5] show relatively good performance T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 155–161, 2010. © Springer-Verlag Berlin Heidelberg 2010

156

D.S. Kim et al.

regarding output quality. However, SOLA-based and PSOLA-based TSM have disadvantages compared to WSOLA-based TSM. One disadvantage of SOLA-based TSM is in that its output does not guarantee the exact output length because overlap-andadd is performed according to output similarity. In other words, the overlap position differs in each frame. In PSOLA-based TSM, the output quality changes according to the pitch estimation algorithm. That is, TSM performance varies according to the performance of the pitch estimation algorithm. Hence, PSOLA-based TSM requires a high quality pitch estimation algorithm, which also incurs more computational complexity. In contrast, WSOLA-based TSM provides a similar output quality as the other two algorithms, while having a relatively lower computational complexity. Another benefit for WSOLA-based TSM is that the output length is also guaranteed. Nevertheless, the number of computations in WSOLA-based TSM needs to be further reduced to implement it on a resource-limited device in real-time. Also, since the search range for the similarity calculation becomes wider as a time-scale factor increases, real-time processes could be impossible for a high time-scale factor. In addition, the complexity for the similarity calculation increases geometrically as the sampling rate of the input signal increases. As an effort to reducing the complexity of WSOLA-based TSM, a reduction algorithm was proposed [6]. In the previous work, cross-correlation calculations were performed for a specific interval in order to adjust the number of samples participating in the calculation. In this paper, we propose a method to further reduce the complexity of WSOLAbased TSM using signal period estimation. Since short-time speech signals are periodic, the estimated period can be used for the similarity calculation, resulting in the reduced search range for the similarity calculation in the WSOLA-based TSM algorithm. The organization of the rest of this paper is as follows. Following this introduction, we shortly review the WSOLA-based TSM algorithm in Section 2. After that, we discuss methods for reducing the complexity of WSOLA-based TSM. In Section 4, the speech quality and computational complexity of the proposed method are compared with those of the conventional method. Finally, we conclude this paper in Section 5.

2 WSOLA-Based Time-Scale Modification The WSOLA-based TSM algorithm uses an input similarity measure to eliminate the phase distortion of overlap-and-add based time-scale modification [5]. That is, it determines the input frame in order to maintain the natural continuity that exists in the input signal. The synthesis equation of the WSOLA algorithm is as follows [5]. y ( n) =

∑ v( n − k ⋅ L ) x( n + k ⋅ L ⋅ α − k ⋅ L + Δ k ) k ∑ v ( n − k ⋅ L)

(1)

k

where x (n ) , y (n ) , and v(n ) are an input signal, its corresponding time-scaled output signal, and a window signal, respectively. In addition, L indicates the overlap-and-add (OLA) length, and α is a time-scale factor. In this paper, a Hanning window whose

Complexity Reduction of WSOLA-Based Time-Scale Modification

157

length 2L is used for v(n) . If α is greater than 1.0, the output signal is timecompressed. Otherwise the output signal is time-expanded. In Eq. (1), Δ k represents an optimal shift of the k-th frame. The optimal shift is determined by the following equation of Δ k = arg max[corr ( R( n ), C Δ ( n ))]

(2)

Δ

where corr ( R (n ), C Δ (n )) is the normalized cross-correlation between the reference signal, R(n ), and a candidate signal near the analysis instance, C Δ (n ), for a search range, − Δ max ≤ Δ ≤ + Δ max . That is, the normalized cross-correlation is represented as 2 L−1

corr ( R (n ), C Δ (n )) =

In

the

above

equation,

∑ R( n )C Δ (n )

n=0

⎛ 2 L−1 2 ⎞ ⎜ ∑ R (n ) ⎟ ⎝ n =0 ⎠

1/ 2

⎛ 2 L−1 2 ⎞ ⎜ ∑ C Δ (n) ⎟ ⎝ n =0 ⎠

1/ 2

.

R (n) = v (n − (k − 1) L) x (n + (k − 1) ⋅ L ⋅ α + Δ k −1 + L)

(3)

and

C Δ ( n) = v ( n − k ⋅ L ) x ( n + k ⋅ L ⋅ α + Δ ) .

Fig. 1. Example of WSOLA-based time-scale modification with a time-scale factor of 2

Fig. 1 shows processing steps of the WSOLA algorithm with a time-scale factor of 2. Assuming that (A) is the output of the k-th frame, the reference signal of the (k+1)-th frame becomes (A'). In order to determine the output signal of the (k+1)-th frame, we calculate the normalized cross-correlation between (A') and the input signal ranging from − Δ max to Δ max . From this calculation, the shift, Δ k +1 , of the (k+1)-th frame which gives the greatest normalized cross-correlation is selected as the optimal shift, thus the output signal is obtained by using Eq. (1). In this figure, (B') is selected as the output signal; hence, it is overlapped with (A) to provide the time-scaled output signal.

158

D.S. Kim et al.

3 Proposed Complexity Reduction Method for WSOLA In this section, we propose a method for reducing computational complexity for the WSOLA algorithm, whose processing steps are shown in Fig. 2. Speech signals are first segmented into a frame whose length is 960 samples, and then each frame is divided into three subframes. Next, the WSOLA algorithm is initialized for every frame according to a given time-scale factor. Then, the WSOLA algorithm is applied with a full search range to find an optimal shift for the first subframe. After that, the WSOLA algorithm for the second subframe is performed with a reduced search range depending on the optimal shift from the first subframe. If the normalized crosscorrelation from the reduced search range is smaller than a pre-determined threshold, TH NCC , the detection result is ignored. Instead, the WSOLA algorithm is performed with a full search range. In the same manner, an optimal shift of the third subframe is obtained using the estimated optimal shift from the second subframe.

Fig. 2. Processing steps of the proposed complexity reduction method for the WSOLA algorithm, which are applied to the k-th frame

Complexity Reduction of WSOLA-Based Time-Scale Modification

159

3.1 Optimal Shift Estimation and Similarity Calculation with a Reduced Range Since speech signals are assumed to be periodic, we can estimate an optimal shift of the current subframe by using the optimal shift from the previous subframe. First of all, the signal period can be estimated as p (i ) = L ⋅ (1 − α ) + Δ k ,i −2 − Δ k ,i −1 , i = 1,2

(4)

where p(i ) is the signal period of the i-th subframe and Δ k ,i = 0 if i < 0 . The estimated signal period is subsequently used to estimate the optimal shift for the i-th subframe, Δ k ,i , as Δ k ,i = arg max[ corr ( Ri ( n ), β l ( n ))] .

(5)

l

In the above equation, corr ( Ri ( n ), β l ( n )) represents the normalized cross-correlation between the reference signal, of the i-th subframe and Ri (n ), β l ( n) = v( n − k ⋅ L) x( n + k ⋅ L ⋅ α + Δ k ,i −1 + L − l ⋅ P(i)) . In addition, the search range, l , is located between − Δ s and Δ s such that Δ s = {i | Δ k ,i ≤ Δ max }, where Δ max means the absolute of the maximum value for the full search range. Therefore, since the search range is reduced as [ − Δ s , Δ s ], we can reduce the computational complexity of the WSOLA algorithm. 3.2 Detection of Sudden Signal Period Changes For a sudden change in the signal period between two adjacent subframes, the estimated signal period for the previous subframe cannot be applied to the next subframe. In this case, it is necessary to calculate the normalized cross-correlation for the full search range. In the proposed method, we detect a sudden signal period change using a pre-determined normalized cross-correlation threshold. In other words, the proposed method is applied only if there is no signal period change. Otherwise, the WSOLA is performed for the full search range. To show the effectiveness of the proposed method on the complexity reduction, we measure the percentage of the subframes to which the proposed method is applied. Several Korean speech utterances were recorded in a semi-anechoic chamber at a sampling rate of 32 kHz, where the number of frames for the utterances was 23,992. Table 1. Percentage of subframes to which the proposed method is applied according to different normalized cross-correlation thresholds

Threshold 0.9 0.8 0.7 0.6 0.5

Ratio (%) 47.97 58.27 64.33 68.18 71.28

160

D.S. Kim et al.

Table 1 shows the percentage of subframes that the proposed method was applied by varying the threshold, TH NCC , from 0.5 to 0.9 with a step of 0.1. It was shown from the table that the percentage increased as the normalized cross-correlation threshold increased. However, speech quality tended to be degraded as the threshold was lowered. Thus, we set the threshold to 0.8 by considering the trade-off between the complexity reduction and quality degradation.

4 Performance Evaluation To evaluate the computational complexity and speech quality of the proposed WSOLA algorithm, we computed weighed millions operations per second (WMOPS) and carried out a preference test when a time-scale factor is 0.5. We then compared the performance of the proposed WSOLA method with that of a conventional WSOLA algorithm that performed by a full-range search. In the experiment, we prepared the speech data spoken by five males and five females. Table 2 shows the experimental setup for the test. Table 3 compares the computational complexity between the conventional WSOLA algorithm and the proposed WSOLA algorithm. It was shown from the table that we could obtain complexity reduction of 56.0% on the average. Table 4 shows the results of a preference test for male and female speech data. To this end, eight people with no hearing disabilities participated in the test. Two files processed by the conventional WSOLA and the proposed WSOLA algorithm were presented to the participants, and the participants were asked to choose their preference. If they felt no difference between two files, they were guided to select ‘no difference.’ As shown in the table, the audio signals processed by the proposed WSOLA algorithm were similar to that by the conventional one, even though the proposed algorithm noticeably reduced the computational complexity. Table 2. Experimental setup for the performance evaluation

Window length 640 samples

OLA length

Δ max

Δs

320 samples

160 samples

20 samples

Threshold 0.8

Table 3. Comparison of the computational complexity between the conventional and the proposed WSOLA measured in WMOPS

Method Male speech Female speech Average

Conventional WSOLA 197.3 197.3 197.3

Proposed WSOLA 95.1 78.5 86.8

Reduction ratio (%) 51.8 60.2 56.0

Complexity Reduction of WSOLA-Based Time-Scale Modification

161

Table 4. Preference test results (%)

Method Male speech Female speech

Conventional WSOLA 17.2 11.4

No difference 71.4 77.2

Proposed WSOLA 11.4 11.4

5 Conclusion In this paper, we proposed a complexity reduction method for a WSOLA-based TSM by incorporating signal period estimation for reducing a search range of TSM. The proposed algorithm utilized the fact that speech signals are somewhat periodic for a short time interval. This allowed an optimal shift of the current frame to be estimated by using the optimal shift obtained from the previous frame. As a result, we could reduce the computational complexity required for computing normalized crosscorrelations. In the experiments, we obtained an average complexity reduction of 56% using the proposed WSOLA algorithm while maintaining speech quality. Acknowledgments. This work was supported by the Mid-career Researcher Program through an NRF grant funded by MEST, Korea (No. 2010-0000135).

References 1. 2. 3.

4. 5.

6.

Chong-White, N.R., Cox, R.V.: Enhancing speech intelligibility using variable rate timescale modification. Journal of the Acoustical Society of America 120(6), 3452 (2006) Moulines, E., Charpentier, F.: Pitch-synchronous waveform processing techniques for textto-speech synthesis using diphones. Speech Communication 9(5-6), 453–467 (1990) Wayman, J.L., Wilson, D.L.: Some improvements on the synchronized-overlap-add method of time scale modification for use in real-time speech compression and noise filtering. IEEE Transactions on Acoustics, Speech, and Signal Processing 36(1), 139–140 (1988) Roucos, S., Wilgus, A.: High quality time-scale modification of speech. In: Proceedings of ICASSP, pp. 236–239 (1985) Verhelst, W., Roelands, M.: An overlap-add technique based on waveform similarity (WSOLA) for high quality time-scale modification of speech. In: Proceedings of ICASSP, pp. 554–557 (1985) Choi, W.Y.: Audio signal time-scale modification method using variable length synthesis and reduced cross-correlation computations. U.S. Patent Application 2005/0273321 (2005)

A Real-Time Audio Upmixing Method from Stereo to 7.1-Channel Audio Chan Jun Chun1, Young Han Lee1, Yong Guk Kim1, Hong Kook Kim1, and Choong Sang Cho2 1

School of Information and Communications Gwangju Institute of Science and Technology (GIST), Gwangju 500-712, Korea {cjchun,cpumaker,bestkyg,hongkook}@gist.ac.kr 2 Multimedia-IP Research Center Korea Electronics Technology Institute, Seongnam-si, Gyeonggi-do 463-816, Korea [email protected]

Abstract. In this paper, we propose a new method of upmixing stereo signals into 7.1-channel signals in order to provide more auditory realism. The proposed upmixing method employs an adaptive panning and a decorrelation technique for making more channels and reproducing natural reverberant surround sounds, respectively. The performance of the proposed upmixing method is evaluated using a MUSHRA test and compared with those of conventional upmixing methods. It is shown from the tests that 7.1-channel audio signals upmixed by the proposed method are preferred, compared to not only their original stereo audio signals but also 7.1-channel audio signals upmixed by conventional methods. Keywords: Audio upmixing, multi-channel audio, conversion of stereo to 7.1-channel audio, adaptive panning, decorrelator.

1 Introduction Due to the rapidly increasing demand for audio applications, researchers have been investigating many audio fields. Among such fields, multi-channel, rather than stereo, audio systems utilize additional speakers to present a more realistic sound. Specifically, such audio systems not only improve ambient effects but also widen the sound. In multi-channel audio systems, the number of channels for playing audio signals should be identical to that for recording in order to take full advantage of the system. If audio signals with smaller number of channels as in a playing-out speaker configuration are available, then the auditory realism cannot be expected. However, by using audio upmixing, i.e., conversion of stereo signals into multi-channel audio signals, this drawback can be mitigated. Thus, we can utilize mono or stereo audio content for multi-channel audio systems, providing more realistic sound. There exist numerous multi-channel audio systems; typically, stereo, 5.1-channel, and 7.1-channel speaker configurations are shown in Figs. 1(a), 1(b), and 1(c), respectively, which are defined by ITU-R Recommendation BS.775-1 [1]. Although stereo T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 162–171, 2010. © Springer-Verlag Berlin Heidelberg 2010

A Real-Time Audio Upmixing Method from Stereo to 7.1-Channel Audio

(a)

(b)

163

(c)

Fig. 1. Speaker configurations defined by ITU-R Recommendation BS.775-1: (a) stereo, (b) 5.1-channel, and (c) 7.1-channel

or 5.1-channel audio content has been popularly available, 7.1-channel audio content is still relatively rare. Therefore, it is necessary to convert audio content with stereo or 5.1-channel into that suitable for a 7.1-channel speaker system. In this paper, we propose an audio upmixing method that converts stereo audio signals to 7.1-channel audio signals. To this end, we first review several upmixing methods that have been applied for converting stereo signals into 5.1-channel signals. The methods to be reviewed here include a passive surround decoding method [2], an least mean square (LMS)-based method [3], a principal component analysis (PCA)based method [4], and panning methods [5]-[7]. After comparing quality of such methods, we adopt adaptive panning to derive the center channel signal for 7.1channel upmixing. Furthermore, a decorrelator is employed in order to reproduce reverberant effects in surround channel signals. This paper is organized as follows. Following the introduction, we shortly review conventional upmixing methods for multi-channel speaker systems in Section 2. Next, we propose an upmixing method from stereo to 7.1-channel audio signals using adaptive panning and a decorrelator in Section 3. In order to compare the performance of the proposed method with those of the conventional methods, we conduct subjective tests based on multiple stimuli with hidden reference and anchor (MUSHRA) tests [8] in Section 4. Finally, we conclude this paper in Section 5.

2 Conventional Upmixing Methods The following subsections describe several conventional upmixing methods including passive surround decoding, LMS-based, PCA-based, adaptive panning, constant power panning and speaker-placement correction amplitude panning (SPCAP) methods. 2.1 Passive Surround Decoding Method The passive surround decoding (PSD) method is an early passive version of the Dolby Surround Decoder [2]. In this method, a center channel is obtained by adding the original left and right channels. On the other hand, a surround channel can be derived by subtracting the right channel from the left channel. That is, the center and the surround channels are obtained as

164

C.J. Chun et al.

Center(n) = (x L (n) + x R (n) ) / 2 ,

(1)

Rear(n) = (x L ( n) − xR (n)) / 2

(2)

where xL (n) and x R (n) denote the left and the right audio sample at the time index n, respectively. Note that in order to maintain a constant acoustic energy, the center and the surround channel are lowered by 3 dB, which is implemented by multiplying 1/2 to the center and the surround channel signals. However, there are two surround channels in the 5.1-channel configuration as shown in Fig. 1(b). In this paper, a discrete Hilbert transform is used to generate such channels [9]. By using a finite-duration impulse response (FIR) approximation having a constant group delay, we can implement the discrete Hilbert transform. In particular, the approximation is done using a Kaiser window which is defined as 1/ 2 ⎧ ⎛ ⎛ 2 ⎞ ⎞ ⎪ I ⎜ ⎜ − ⎡ n − nd ⎤ ⎟ ⎟ 1 β ⎪ 0 ⎜ ⎜ ⎢ n ⎥ ⎟ ⎟ sin⎛⎜ π n − n d ⎞⎟ ⎜ ⎣ d ⎦ ⎠ ⎟ ⎪ ⎜ 2 ⎟⎠ ⎠ ⎝ h(n) = ⎨ ⎝ ⎝ ⋅ , 0≤n≤M n − nd I 0 (β ) ⎪ π ⎪ 2 ⎪0, otherwise ⎩

(3)

where M is the order of the FIR discrete Hilbert transform, and nd is equal to M / 2 . In this case, M and β are set to 31 and 2.629, respectively. 2.2 LMS-Based Upmixing Method The LMS-based upmixing method creates the center and surround channels using the LMS algorithm [3]. In this method, one of the original stereo channels is taken as a desired signal, d (n), of the adaptive filter, and the other is considered as an input, x(n). Then, the error signal, e(n) is the difference between the output, y (n), of the filter and the desired signal, d (n). Finally, y (n) is defined as a linear combination of the input signals such as y (n) = w T (n)x(n) = w(n)x T (n)

(4)

where x(n) = [x(n) x(n − 1) Λ x(n − N + 1)]T and w(n) = [x0 w1 Λ wN −1 ]T . In Eq. (3), w(n) is a coefficient vector of the N-tapped adaptive filter that is obtained based on the LMS algorithm as w(n + 1) = w (n) + 2μe(n) x(n)

(5)

where μ is a constant step size, which is set to 10 −4 in this paper. As a result, y (n) and e(n) are the signals for the center and the surround channel, respectively. Similarly, a discrete Hilbert transform using a Kaiser window is utilized to determine surround channels as shown in Eq. (3).

A Real-Time Audio Upmixing Method from Stereo to 7.1-Channel Audio

165

2.3 PCA-Based Upmixing Method The PCA-based upmixing method decomposes the original stereo signals into two different signals, where one is highly correlated but the other is somewhat uncorrelated [4]. In other words, to derive the center and the surround channels, a 2 x 2 covariance matrix, A, is obtained as ⎡cov(x L , x L ) cov(x L , x R ) ⎤ A=⎢ ⎥ ⎣cov(x R , x L ) cov(x R , x R )⎦

(6)

where cov(x p , xq ) is the covariance of x p and xq , and p and q could be the left channel, L , or the right channel, R. The covariance matrix in Eq. (5) has two eigenvectors, which become the basis vectors for a new coordinate system. These eigenvectors are then used as weight vectors corresponding to the left and right channels to generate the center and surround channels, such as Center(n) = c L xL (n) + c R xR (n),

(7)

Rear(n) = s L xL (n) + s R xR (n)

(8)

where [c L cR ] is the eigenvector corresponding to the greatest eigenvalue and [ s L s R ] is the other eigenvector. 2.4 Adaptive Panning Method The adaptive panning (ADP) method generates the center and surround channels by panning the original stereo signals [5]. A weight vector for ADP is recursively estimated using the LMS algorithm. Let us define y (n) to be a linear combination of the x(n) = [ x L (n) x R (n)]T , with a weight vector, original stereo signals, T w(n) = [wL (n) wR (n)] . Then, y (n) is represented as y (n) = w T (n)x(n) = w (n)x T (n)

(9)

where wL (n) and wR (n), the elements of the weight vector corresponding to the left and the right channels, respectively, are then estimated using the LMS algorithm as wL (n + 1) = wL (n) − μ y(n)[ x L (n) − wL (n) y(n)],

(10)

wR (n + 1) = wR (n) − μ y(n)[ x R (n) − wR (n) y(n)]

(11)

where μ is a constant step size and set to 10 −10 in this paper. Finally, the center and surround channels can be determined as Center(n) = wL (n) x L (n) + wR (n) x R (n),

(12)

Rear(n) = wR (n) x L (n) − wL (n) x R (n).

(13)

Finally, in order to derive surround channels, we also use a discrete Hilbert transform as described in Section 2.1.

166

C.J. Chun et al.

2.5 Constant Power Panning Method In this method, audio signals for additional channels are determined by panning original signals. If each additional channels is mixed with stereo audio signals, denoted as L and R shown in Fig. 2, we have y (n) = g L x L (n) + g R x R (n)

(14)

where y (n) is the audio signal for an additional channel. The g L and g R are panning gains for the left and right channels, x L (n) and x R (n), respectively. In order to estimate panning gains, θ m , is calculated as

⎧ θ i − θ1 ⋅ 90, if θ1 ≥ θ i ⎪ ` ⎪θ 4 − θ1 ⎪⎪ θ − θ θ m = ⎨ i 1 ⋅ 90, if θ 4 ≤ θ i < θ1 ⎪θ 4 − θ1 ⎪θ − θ ` ⎪ i` 1 ⋅ 90, if θ i ≥ θ 4 ⎩⎪θ 4 − θ1

(15)

where θ i as shown in Fig. 2 is the placement angle for the i-th additional channel and it is mapped to θ m . Then, the panning gains, g L and g R , are determined as g L = cosθ m and g R = sinθ m .

(16)

When stereo audio signals are converted into 5.1-channel audio signals, Table 1 shows panning gains for each additional channel. Finally, we determine the center and surround channels by using the equation of Center (n) = 0.7071 ⋅ x L (n) + 0.7071 ⋅ x R (n),

(17)

RL(n) = 0.9135 ⋅ x L (n) + 0.4067 ⋅ x R (n),

(18)

RR (n) = 0.4067 ⋅ x L ( n) + 0.9135 ⋅ x R (n).

(19)

In order to create LFE channel, we employ an FIR low-pass filter having a cut-off frequency of 200 Hz. By filtering audio signals for the center channel, audio signals for the LFE channel are derived.

Fig. 2. Angles for computing panning gains used in Eq. (14) for the constant power panning method

A Real-Time Audio Upmixing Method from Stereo to 7.1-Channel Audio

167

Table 1. Panning gains for constant power panning from stereo to 5.1-channel audio Channel C (i=0) L (i=1) RL (i=2) RR (i=3) R (i=4)

gR 0.7071 0 0.4067 0.9135 1

gL 0.7071 1 0.9135 0.4067 0

2.6 Speaker-Placement Correction Amplitude Panning (SPCAP) Method Similarly to the constant power panning method, the SPCAP method derives additional channels by panning original signals [7]. In SPCAP, however, a cosineweighted panning method is used for calculating a panning value. If stereo audio signals are upmixed from stereo to 5.1-channel audio signals using SPCAP, two panning values are estimated as

pL =

1 [1 + cos(θ i − θ L )] and pR = 1 [1 + cos(θi − θ R )] 2 2

(20)

where L and R are the left and right channel, respectively, and θ i is the placement angle for the additional channel as shown in Fig. 2. In order to conserve power, the panning values are normalized to obtain two panning gains, g L and g R , as

gL =

pL

β

and g R =

pR

β

(21)

where β = p L + pR . By using Eq. (21), audio signals for the additional channels are derived as Center (n) = 0.5 ⋅ x L ( n) + 0.5 ⋅ x R (n),

(22)

RL (n) = 0.8338 ⋅ x L (n) + 0.1662 ⋅ x R (n),

(23)

RR (n) = 0.1662 ⋅ x L (n) + 0.8338 ⋅ x R (n).

(24)

Similarly, we use an FIR low-pass filter having a cut-off frequency of 200 Hz to derive the LFE channel, considering the input of the low-pass filter as the center channel.

3 Upmixing from Stereo to 7.1-Channel Audio In this section, we propose a new upmixing method from stereo to 7.1-channel audio signals. Fig. 3 shows an overall structure of the proposed method. As shown in the figure, the proposed method basically combines two upmiximg methods; upmixing from stereo to 5.1-channel signals, and upmixing from 5.1-channel to 7.1-channel signals. The stereo-to-5.1 upmixing block is adopted from one of the upmixing methods described in Section 2. On the other hand, the 5.1-to-7.1 upmixing block employs a decorrelator to generate the surround channels for the 7.1-channel configuration.

168

C.J. Chun et al.

Fig. 3. Overall structure of upmixing stereo to 7.1-channel audio signals

3.1 Stereo to 5.1-Channel Upmixing

Fig. 4(a) shows a detailed block diagram for upmixing stereo to 5.1-channel audio signals based on the adaptive panning method described in Section 2.4. Note here that the adaptive panning method is selected from the exhaustive subjective tests. In the figure, each channel is labeled as FL (front left), FR (front right), C (center), LFE (low frequency enhancement), RL (rear left), or RR (rear right).

(a)

(b)

Fig. 4. Block diagram for upmixing: (a) stereo to 5.1-channel audio signals, (b) 5.1-channel to 7.1-channel audio signals

3.2 5.1 to 7.1-Channel Upmixing

As shown in Figs. 1(b) and 1(c), the channel configuration for 7.1-channel is different from that of 5.1-channel. In other words, the surround channels in 5.1-channel look like being split into two pairs of stereo channels such as one pair of side channels, SL (side left), SR (side right), and the other pair of real channels, RL (rear left) and RR (rear right). The side channels go frontier than the surround channels in 5.1-channel, but the rear channels go back. Fig. 4(b) shows a block diagram for performing the 5.1-to-7.1 channel upmixing. Similarly to the block diagram shown in Fig. 4(b), the adaptive panning method is also applied to create SL and SR for 7.1-channel. Here, SL and SR are determined by panning the front and rear channels as SL( n) = wFL (n) FL(n) + w RL (n) RL(n),

(25)

SR(n) = wFR ( n) FR ( n) + wRR (n) RR( n).

(26)

The weight vectors are recursively estimated using the LMS algorithm as wFL (n + 1) = wFL ( n) + μSL(n)[ FL(n) − wFL ( n) SL( n)]

(27)

wRL ( n + 1) = wRL ( n ) + μSL ( n)[ RL( n) − wRL ( n ) SL ( n)]

(28)

A Real-Time Audio Upmixing Method from Stereo to 7.1-Channel Audio

169

wFR ( n + 1) = wFR ( n) + μSR ( n)[ FR (n ) − wFR (n ) SR ( n)]

(29)

w RR ( n + 1) = wRR (n) + μSR( n)[ RR(n) − wRR (n) SR(n)]

(30)

where μ is a constant step size, set at 10 −10. In order to add reverberation effects to the rear channels, we employ a decorrelator that is designed by randomizing the phase response in the frequency domains. The following subsections further describe the decorrelator design and a mixing method using the decorrelator in detail. 3.2.1 Decorrelator Design One approach of designing a decorrelator is to employ the magnitude and phase randomization. Initially, the time-domain original audio signals are transformed into the frequency-domain ones using a Fourier transform. Then, the magnitude and phase responses of the transformed audio signals are obtained. Subsequently, we randomize the magnitude and phase responses, but unwanted discontinuity in the response boundaries could be occurred. Therefore, we employ a cosine interpolation to eliminate this discontinuity with the weight value shown in Table 2. Finally, we determine decorrelated audio signals using an inverse Fourier transform. Table 2. Weights in the phase response (kHz) Weight

<2 1.0

2–4 0.5

4–8 0.25

8 – 16 0.125

> 16 0.625

3.2.2 Mixing Method After the decorrelation process, original and decorrelated audio signals are mixed to generate the rear left and right channel signals, such as RL(n) = (0.7071 ⋅ SL(n) + 0.7071 ⋅ DL (n)) / 2,

(31)

RR( n) = (0.7071 ⋅ SR( n) + 0.7071 ⋅ DR( n)) / 2

(32)

where DL(n) and DR(n) are decorrelated audio signals from SL(n) and SR(n), respectively. Note that in order to match the energy of the original audio signal and that of the upmixed audio signal, the rear channel signals are lowered by 6 dB, which is implemented by multiplying 1 / 2 .

4 Performance Evaluation We compared the quality of the proposed upmixing method in two aspects such as upmixing from 5.1-channel to 7.1-channel and upmixing from stereo to 7.1-channel audio signals. Thus, we conducted MUSHRA tests in compliance with the ITU multi-channel configuration standard defined by ITU-R Recommendation BS.775-1 [1]. The audio contents, sampled at 44.1 kHz, to be compared in the test were as follows:

170

„ „ „ „

„ „

C.J. Chun et al.

Hidden reference 3.5 kHz low-pass filtered anchor 7 kHz low-pass filtered anchor 5.1-channel audio signals (in case of upmixing from stereo to 7.1-channel, stereo audio signals) Upmixed audio signals obtained by the conventional upmixing methods, and Upmixed audio signals obtained by the proposed method.

The MUSHRA test results for upmixing from 5.1-channel to 7.1-channel and from stereo to 7.1-channl are shown in Figs. 5(a) and 5(b), respectively. It was shown from the figures that the upmixed 7.1-channel audio signals were preferred, compared to the original audio signals. Moreover, the proposed upmixing method outperformed the conventional methods.

(a)

(b)

Fig. 5. Comparison of MUSHRA test scores for the audio signals upmixed by different methods: (a) upmixing from 5.1-channel to 7.1-channel audio signals, (b) upmixing from stereo to 7.1-channel audio signals

5 Conclusion In this paper, we proposed an upmixing method based on adaptive panning and decorrelation. The proposed upmixing method could convert stereo to 7.1-channel signals. Moreover, comparing the performance of the proposed method with those of conventional methods in terms of MUSHRA test scores, it was shown that 7.1-channel audio signals generated by the proposed upmixing method were preferred rather than those by the conventional methods.

Acknowledgement This work was supported in part by “Fusion-Tech. Developments for THz Info. & Comm.” Program of GIST in 2010, and in part by the Ministry of Knowledge Economy (MKE), Korea, under the Information Technology Research Center (ITRC) support program supervised by the National IT Industry Promotion Agency (NIPA) (NIPA-2010-C1090-1021-0007).

A Real-Time Audio Upmixing Method from Stereo to 7.1-Channel Audio

171

References 1. 2. 3. 4.

5. 6.

7.

8. 9.

ITU-R BS.775-1: Multi-Channel Stereophonic Sound System with or without Accompanying Picture (1994) Dolby Laboratory, http://www.dolby.com/professional/getting-dolbytechnologies/index.html Bai, M.R., Shih, G.-Y., Hong, J.-R.: Upmixing and downmixing two-channel stereo audio for consumer electronics. IEEE Trans. on Consumer Electronics 53, 1011–1019 (2007) Chun, C.J., Kim, Y.G., Yang, J.Y., Kim, H.K.: Real-time conversion of stereo audio to 5.1 channel audio for providing realistic sounds. International Journal of Signal processing, Image processing and Pattern Recognition 2(4), 85–94 (2009) Irwan, R., Aarts, R.M.: Two-to-five channel sound processing. J. Audio Eng. Soc. 50, 914–926 (2002) West, J.R.: Five-channel Panning Laws: an Analytical and Experimental Comparison. M.S. Thesis, Department of Music Engineering, University of Miami, Coral Gables, Florida (1998) Sadek, R., Kyriakakis, C.: A novel multichannel panning method for standard and arbitrary loudspeaker configurations. In: Proc. of 117th AES Convention, Preprint 6263, San Francisco, CA (2004) ITU-R BS. 1534-1: Method for the Subjective Assessment of Intermediate Quality Levels of Coding System (2003) Bosi, M., Goldberg, R.E.: Introduction to Digital Audio Coding and Standards. Kluwer Academic Publishers, Massachusetts (2002)

Statistical Model-Based Voice Activity Detection Using Spatial Cues and Log Energy for Dual-Channel Noisy Speech Recognition Ji Hun Park1, Min Hwa Shin2, and Hong Kook Kim1 1

School of Information and Communications Gwangju Institute of Science and Technology, Gwangju 500-712, Korea {jh_park,hongkook}@gist.ac.kr 2 Multimedia IP Research Center Korea Electronics Technology Institute, Seongnam, Gyeonggi-do 463-816, Korea [email protected]

Abstract. In this paper, a voice activity detection (VAD) method for dualchannel noisy speech recognition is proposed on the basis of statistical models constructed by spatial cues and log energy. In particular, spatial cues are composed of the interaural time differences and interaural level differences of dualchannel speech signals, and the statistical models for speech presence and absence are based on a Gaussian kernel density. In order to evaluate the performance of the proposed VAD method, speech recognition is performed using only speech signals segmented by the proposed VAD method. The performance of the proposed VAD method is then compared with those of conventional methods such as a signal-to-noise ratio variance based method and a phase vector based method. It is shown from the experiments that the proposed VAD method outperforms conventional methods, providing the relative word error rate reductions of 19.5% and 12.2%, respectively. Keywords: Voice activity detection (VAD), end-point detection, dual-channel speech, speech recognition, spatial cues.

1

Introduction

Voice activity detection (VAD) is a technique for detecting the presence or absence of desired speech. VAD has been used in various speech-based applications, such as speech recognition and speech coding, by deactivating some processes during nonspeech intervals. By doing this, we can reduce the number of computations and network bandwidth usage [1][2]. There have been many VAD methods proposed to discriminate speech intervals from non-speech intervals. Among potential methods, methods based on energy levels and zero crossing rates are the most common, which detect speech intervals effectively with low complexity. However, the discrimination capability of features such as energy levels and zero crossing rates decreases under low signal-to-noise ratio (SNR) conditions, resulting in the degradation of VAD performance [3]. To overcome this problem, noise-robust VAD features such as T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 172–179, 2010. © Springer-Verlag Berlin Heidelberg 2010

Statistical Model-Based Voice Activity Detection Using Spatial Cues and Log Energy

173

periodicity measure [4], cepstral features [5], and long-term spectral divergence [6] have been investigated. In particular, Davis et al. incorporated the Welch-Bartlett method [7] into a VAD method to obtain a low-variance spectrum estimate [8]. Then, the estimate of the power spectral density of noise and the variance of SNRs estimated from non-speech intervals were utilized as VAD features. This method could provide stable VAD performance under different SNR conditions, but this method tends to lose its effectiveness in non-stationary noise environments. Thus, in order to improve VAD performance in non-stationary noise environments, Kim et al. proposed a multi-channel VAD method using a phase vector as a VAD feature [9]. However, this method required reasonable number of microphones to get the improved performance, which was similar to the case of beamforming techniques. Thus, this method restricted the performance improvement in a dual-channel microphone environment. In this paper, we propose a statistical model-based VAD using spatial cues and log energy for dual-channel noisy speech recognition. To this end, statistical models for speech presence and absence are constructed, and then speech intervals are detected via these statistical models. Following this introduction, we propose a statistical model-based VAD that employs spatial cues and log energy in Section 2. In Section 3, we evaluate the performance of the proposed VAD method in terms of discrimination analysis and speech recognition performance. Finally, we summarize our findings in Section 4.

2

Proposed Statistical Model-Based VAD

Fig. 1 shows a schematic diagram of the proposed statistical model-based VAD using spatial cues and log energy as VAD features. In the figure, the proposed method first extracts auditory spectral signals from the binaural input noisy speech. Next, a likelihood ratio of the probabilities for speech presence and speech absence is estimated from a Gaussian function-based statistical model. Finally, a speech interval is determined by comparing the likelihood ratio with a threshold. x L (n)

Gammatone Analysis x R (n)

xLi , j (n)

ti , j

Spacial Cues Extraction

xRi , j (n)

li , j

p(ti , j , li , j , ei , j | π j ,s )

Search π j,s

Log Energy Computation

ei , j

π j,n

p(ti , j , li , j , ei , j | π j ,s )

Likelihood Ratio Computation

Λ (i )

Decision

V (i )

Gaussian Model VAD Feature Extraction

Fig. 1. Block diagram of the proposed statistical model-based VAD employing spatial cues and log energy

2.1

Gammatone Analysis

Binaural input signals, at a sampling rate of 16 kHz, are decomposed into auditory spectral signals by a gammatone filterbank [10] whose center frequencies are linearly spaced on an equivalent rectangular bandwidth (ERB) scale [11] from 50 Hz to 8

174

J.H. Park, M.H. Shin, and H.K. Kim

kHz. Auditory spectral signals are then windowed using a rectangular window with a time resolution of 20 msec and a frame rate of 100 Hz, resulting in left and right auditory spectral signals for the -th frame and the -th frequency band, , and , , respectively. 2.2

Spatial Cues and Log Energy Extraction

In order to construct the statistical models for speech presence and absence, spatial cues such as the interaural time difference (ITD), interaural level difference (ILD), and log energy are extracted for each time-frequency (T-F) bin. First of all, a normalized cross-correlation coefficient for each T-F bin is computed between the left and right auditory spectral signals, which is defined as N −1

CC (τ ) =

∑ xLi , j (n) xRi, j (n − τ )

n=0

i, j

N −1

N −1

n=0

n=0

(1)

∑ ( xLi , j (n))2 ∑ ( xRi , j (n)) 2

where ranges from -16 to 16 and corresponds to a range from -1 msec to 1 msec at represents the number of speech samples a sampling rate of 16 kHz. In addition, per frame and is set to 320 in this paper. Next, the ITD for the ( , )-th T-F bin is estimated as the time lag at which the normalized CC is maximized. In other words,

ti , j = arg max CC i , j (τ )

(2)

τ

In addition to ITD extraction, the ILD for the ( , )-th T-F bin is computed as the ratio of energies obtained from the left and right auditory spectral signals using the equation of ⎛ N −1 li , j = 10 log10 ⎜ ∑ ( xLi , j (n)) 2 ⎝ n=0

N −1

⎞ ⎠

∑ ( xRi, j (n)) 2 ⎟

n =0

(3)

The proposed VAD method assumes that speech and noise sources are all directional and that the speech source is located directly in front of dual microphones, i.e., at an angle of 0°. In this case, the distributions of ITD and ILD extracted in the silence or pause intervals are similar to those extracted from the desired speech. To discriminate speech intervals from such silent intervals, a log energy parameter is incorporated into the statistical models. The log energy parameter is defined as ei , j = log 10

N −1

∑ ( x Li , j ( n)) 2

n=0

(4)

Note that the log energy is used to discriminate the speech intervals from silence intervals by investigating energy level without regard to the spatial information. Therefore, we choose the left channel in Eq. (4), while either channel can be utilized.

Statistical Model-Based Voice Activity Detection Using Spatial Cues and Log Energy

2.3

175

Model-Based VAD Feature Extraction

To detect speech intervals, a likelihood ratio test is performed. The likelihood ratio is deduced using the statistical model for speech presence and absence, where the model is trained by employing a Gaussian kernel density estimator [12]. To this end, we collect all the three-dimensional vectors composed of ITD, ILD, and log energy, which are obtained from the training data. Then, a three-dimensional (3D) plane is constructed for each frequency band, where axes of the plane are linearly quantized from the minimum to the maximum of ITD, ILD, and log energy value. In this paper, each axis is quantized at a step of 50. By using the Gaussian kernel density estimator, likelihoods of speech presence and absence, i.e., the desired speech and non-speech, are then estimated for each region in the 3D plane. As a result, the number of models for speech presence and absence is 125,000 (=50 50 50) likelihoods each. Next, the likelihoods of speech presence and absence for the ( , )-th T-F bin could be estimated by searching the region of the statistical speech and non-speech models, respectively. In the proposed VAD method, the likelihood ratio, Λ , of speech presence over speech absence for each analysis frame is utilized as a feature for VAD, which is computed by taking the sum of the likelihood ratios for all frequency bands. In other words, Λ (i ) =

N j −1

∑ Λ (i , j ) j =0

(5)

where Λ , is the , , , , , | , ⁄ , , , , , | , , and , , , , , | , speech presence probability of the VAD features obtained from the ( , )-th T-F bin, for a given speech presence model, , , at the j-th frequency band. Similarly, is the speech absence probability of the VAD features obtained , , , , , | , 32 is the number of the frequency bands. from the ( , )-th T-F bin. Also, 2.4

Decision Rule

The proposed statistical model-based VAD method detects speech intervals by comparing the likelihood of the VAD features with two different thresholds. Specifically, and for the -th frame, we compute a running average and a standard deviation, , of the likelihoods from the start frame of each utterance to the ( 1)-th frame. After that, we combine them to determine the thresholds for the speech/non-speech determination of the -th frame such as

Ti , c = α c (μi −1 + σ i −1 )

(6)

where the subscript, c, can be either a speech interval, , or a non-speech interval, , depending on whether the threshold is for a speech interval or a non-speech interval. In addition, and are set to 3 and 1, respectively, since actual speech signals have greater likelihood than non-speech signals due to stronger spatial correlation. In particular, the running averages and standard deviations for the first ten frames are set to the same value such as

176

J.H. Park, M.H. Shin, and H.K. Kim

9

μ0 = μ1 = L = μ10 = 101 ∑ Λ (i )

(7)

i=0

2 σ 02 = σ 12 = L = σ 10 =

1 10

2 ∑ (Λ (i ) − μ i ) . 9

Next, the likelihood ratio of the -th frame is compared with VAD result, such as

⎧ 1, ⎪ V ( i ) = ⎨ 0, ⎪V (i − 1), ⎩

(8)

i =0

if Λ (i ) > Ti , s if Λ (i ) < Ti , n otherwise

,

or

,

to give the

(9)

where 1 or 0 implies if the frame is a speech interval or a non-speech interval, respectively. The likelihood can be variant for non-speech intervals in non-stationary noise environments, thus the thresholds should be updated to accommodate such variations. To this end, the mean and variance of the VAD features for the -th frame are updated if the ( 1)-th frame is determined as non-speech, such as

⎧γμ + (1 − γ ) Λ (i ), if V (i ) = 0 μ i = ⎨ i −1 μ i −1 , otherwise ⎩ ⎧⎪ ( i −i 1) σ i2−1 + ( Λ (i ) − μ i )( Λ (i ) − μ i −1 ), if V (i ) = 0 otherwise σ i2−1 , ⎩⎪

σ i2 = ⎨

(10)

(11)

where represents a weighting factor for updating the mean and is set to 0.1 in this and , the thresholds for the ( 1)-th frame are uppaper. Using the updated dated by Eq. (6).

3

Performance Evaluation

In this section, the performance of the proposed VAD method was evaluated in terms of both speech recognition performance and discrimination analysis such as false rejection rate (FRR) and false alarm rate (FAR), and it was compared with those of conventional VADs. 3.1

Binaural Database

To evaluate the proposed VAD method, a binaural database was artificially constructed using 200 utterances of a Korean speech corpus [13]. In other words, the binaural signals were obtained from speech signals that were mixed with noise signals under simulated conditions. The speech and noise signals were initially processed by a filter characterized by a head-related impulse response (HRIR) modeled from a

Statistical Model-Based Voice Activity Detection Using Spatial Cues and Log Energy

177

KEMAR dummy head [14]. More specifically, speech signals were filtered using an HRIR having an angle of 0°, while the noise signals were convolved with HRIRs with an angle of 20° or 40°. Finally, the speech and noise signals were combined with different SNRs of 0, 10, and 20 dB. In this paper, we simulated four different noise types such as babble, factory noise, classical music, and speech noise. 3.2

Discrimination Analysis

First, the proposed VAD was evaluated in terms of its ability to discriminate speech intervals from non-speech intervals in different noise environments. In particular, the discrimination performance of the proposed VAD method using spatial cues and energy (SE-VAD) was compared to the SNR variance-based VAD method (SNRVAD) [8] and the phase vector-based VAD method (PV-VAD) [9]. In the discrimination analysis, two types of error rates, FRR and FAR, were measured by comparing the VAD results of each VAD method with those of manual segmentation. That is, ⁄ ⁄ FRR and FAR are defined as 100 and 100, where and are the total numbers of actual speech and non-speech frames and are the numbers labeled by the manual segmentation, respectively. Also, of incorrectly detected speech and non-speech frames, respectively. Table 1 shows the FRRs and FARs of different VAD methods according to different noise types, respectively. In the tables, all the FRRs and FARs for each noise type were averaged for SNRs of 0, 10, and 20 dB. As shown in the tables, the proposed VAD method had the lowest average FRR and FAR, which implied that the proposed VAD outperformed the SNR variance-based and the phase vector-based VADs. Table 1. Comparison of false rejection rates and false alarm rates of different VAD methods according to different noise types Error Rate False Reject Rates (%) False Alarm Rates (%) Noise Babble Factory Music Speech Avg. Babble Factory Music Speech Avg. VAD SNR-VAD 5.9 5.6 1.9 2.4 4.0 27.7 20.4 42.6 58.1 37.2 PV-VAD 9.2 8.1 8.4 15.7 12.9 4.4 3.5 11.3 25.4 11.2 SE-VAD 4.1 3.9 3.3 4.0 3.8 8.2 6.7 7.4 5.8 7.0

3.3

Speech Recognition Performance

As another measure of the VAD performance, speech recognition experiments were also performed for speech segments that include only speech intervals detected by each VAD method. The speech recognition system used here was constructed using 18,240 utterances of a Korean speech corpus [13]. As a recognition feature, 13 melfrequency cepstral coefficients (MFCCs) were extracted for every 10 ms analysis frame. The 13 MFCCs were then concatenated with their first and second derivatives, resulting in a 39-dimensional feature vector. The acoustic models were 2,296 tied triphones represented by 3-state left-to-right hidden Markov model with 4 Gaussian mixtures. For the language model, the lexicon size was 2,250 words and a finite state network grammar was employed.

178

J.H. Park, M.H. Shin, and H.K. Kim 60

Word Error Rate (%)

55 50 45 40 35 30 25 20

Baseline

Babble Manual

Factory Music Noise Type SNR-VAD

PV-VAD

Speech SE-VAD

Fig. 2. Comparison of average word error rates (%) of different VAD methods according to different noise types

Fig. 2 compares the word error rates (WERs) of speech recognition systems 1) without using any VAD method, 2) employing the manually segmented VAD method, 3) SNR-VAD, 4) PV-VAD, and 5) SE-VAD. All the WERs for each noise type were averaged for SNRs of 0, 10, and 20 dB. It was shown from the figure that the proposed VAD method, SE-VAD, provided smaller WERs than SNR-VAD and PV-SNR for all noise types. In particular, SE-VAD achieved relative WER reductions of 19.5% and 12.2%, compared to SNR-VAD and PV-VAD, respectively.

4

Conclusion

In this paper, a voice activity detection (VAD) method for dual-channel noisy speech recognition was proposed by using spatial cues and log energy. The proposed method was able to discriminate whether each frame was a speech or a non-speech frame based on the likelihood ratio test. The likelihood ratio was provided by a Gaussian kernel density-based statistical model trained by a VAD feature composed of the spatial cues and the log energy. To evaluate the performance of the proposed VAD method, the FRRs and FARs of the proposed VAD method were firstly measured by comparing the VAD results of the proposed VAD with those of manual segmentation. Then, speech recognition experiments were performed for speech segments that only included speech intervals detected by the VAD. As a result, the proposed VAD method outperformed the SNR variance-based and the phase vector-based VADs in terms of FRRs, FARs, and word error rates (WERs). In particular, the proposed VAD method achieved relative WER reductions of 19.5% and 12.2%, compared to the SNR variance-based VAD method and the phase vector-based VAD method, respectively. Acknowledgments. This research was supported by the Basic Science Research Program through the National Research Foundation of Korea (NRF) funded by the Ministry of Education, Science and Technology (2010-0023888).

Statistical Model-Based Voice Activity Detection Using Spatial Cues and Log Energy

179

References 1. Junqua, J.C., Mak, B., Reaves, B.: A robust algorithm for word boundary detection in the presence of noise. IEEE Transactions on Speech and Audio Processing 2(3), 406–412 (1994) 2. ETSI TS 101 707, V7.5.0: Digital Cellular Telecommunications System (Phase 2+); Discontinuous Transmission (DTX) for Adaptive Multi-Rate (AMR) Speech Traffic Channels (2000) 3. Rabiner, R., Sambur, M.R.: An algorithm for determining the endpoints of isolated utterances. Bell System Technical Journal 54(2), 297–315 (1975) 4. Tuker, R.: Voice activity detection using a periodicity measure. IEE Proceedings-I, Communications, Speech and Vision 139(4), 377–380 (1992) 5. Haigh, J.A., Mason, J.S.: Robust voice activity detection using cepstral features. In: Proceedings of the IEEE TENCON, pp. 321–324 (1993) 6. Ramirez, J., Segura, J.C., Benitez, C., Torre, A., Rubio, A.: Efficient voice activity detection algorithms using long-term speech information. Speech Communication 42(3-4), 271– 287 (2004) 7. Welch, P.D.: The use of fast Fourier transform for the estimation of power spectra: a method based on time averaging over short, modified periodograms. IEEE Transactions on Audio Electroacoustics 15(2), 70–73 (1967) 8. Davis, A., Nordholm, S., Tognery, R.: Statistical voice activity detection using lowvariance spectrum estimation and an adaptive threshold. IEEE Transactions on Audio, Speech, and Language Processing 14(2), 412–424 (2006) 9. Kim, G., Cho, N.I.: Voice activity detection using phase vector in microphone array. Electronic Letters 43(14), 783–784 (2007) 10. Patterson, R.D., Nimmo-Smith, I., Holdsworth, J., Rice, P.: An Efficient Auditory Filterbank Based on the Gammatone Functions. APU Report 2341, MRC, Applied Psychology Unit, Cambridge U.K (1998) 11. Glasberg, B.R., Moore, B.C.J.: Derivation of auditory filter shapes from notched–noise data. Hearing Research 47(1-2), 103–138 (1990) 12. Parzen, E.: On estimation of a probability density function and mode. The Annals of Mathematical Statistics 33(3), 1065–1076 (1962) 13. Kim, S., Oh, S., Jung, H.-Y., Jeong, H.-B., Kim, J.-S.: Common speech database collection. Proceedings of the Acoustical Society of Korea 21(1), 21–24 (2002) 14. Gardner, W.G., Martin, K.D.: HRTF measurements of a KEMAR. The Journal of the Acoustical Society of America 97(6), 3907–3908 (1995)

3D Sound Techniques for Sound Source Elevation in a Loudspeaker Listening Environment Yong Guk Kim1, Sungdong Jo1, Hong Kook Kim1, Sei-Jin Jang2, and Seok-Pil Lee2 1 School of Information and Communications Gwangju Institute of Science and Technology, Gwangju 500-712, Korea {bestkyg,sdjo,hongkook}@gist.ac.kr 2 Digital Media Research Center Korea Electronics Technology Institute, Seongnam, Gyeonggi-do, 463-816, Korea {sjjang,lspbio}@keti.re.kr

Abstract. In this paper, we propose several 3D sound techniques for sound source elevation in stereo loudspeaker listening environments. The proposed method integrates a head-related transfer function (HRTF) for sound positioning and early reflection for adding reverberant circumstance. In addition, spectral notch filtering and directional band boosting techniques are also included for increasing elevation perception capability. In order to evaluate the elevation performance of the proposed method, subjective listening tests are conducted using several kinds of sound sources such as white noise, sound effects, speech, and music samples. It is shown from the tests that the degrees of perceived elevation by the proposed method are around the 17º to 21º when the stereo loudspeakers are located on the horizontal plane. Keywords: Sound source elevation, 3D audio, head-related transfer function (HRTF), early reflection, spectral notch filtering, directional band boosting.

1 Introduction Recently, a wide range of multimedia technologies for consuming multi-media contents are rapidly developing in home appliances such as digital TVs (DTVs), personal computers (PCs), and several kinds of hand-held devices. With these recent developments in multimedia techniques and contents, increased demand on even more realistic audio services has continued to grow. However, the audio rendering applicability of such handheld devices is rather limited, and most of users who use computers, TVs or home theater systems personally still use limited audio rendering systems such as stereo or 5.1-channel loudspeaker systems as shown in Fig. 1 [1]. For realistic and immersive audio rendering in virtual reality applications, not only directional effects but also elevation effects are necessary. In the stereo or 5.1Ch loudspeaker configuration, however, it is difficult for rendering elevation effects. This is because all of loudspeakers are placed on the horizontal plane and sound sources can be localized between the pair of two loudspeakers under the panning law generally. Besides, it is difficult to place loudspeakers vertically in home environments, and it costs a lot for constructing such a loudspeaker system. T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 180–187, 2010. © Springer-Verlag Berlin Heidelberg 2010

3D Sound Techniques for Sound Source Elevation

181

C 30˚

30˚

30˚

110˚

(a)

30˚

110˚

(b)

Fig. 1. Speaker configuration defined by ITU-R Recommendation BS.775-1; (a) stereo and (b) 5.1 channel

As an alternative, 3D audio is capable of reproducing the spatial attributes of audio signals (e.g., direction, distance, width of sound source, and room envelopment) in limited reproduction environments such as stereo or 5.1-channel [2][3]. There are two kinds of sound localization techniques in 3D audio; binaural and transaural audio techniques. They are rendering methods for spatial sounds only using stereo audio sources [4]. A binaural method renders audio sources by using stereo headphone, and it can deliver direction and elevation effects more easily than a transaural method. It, however, has an in-head localization or front-back confusion problem due to either absence of reverberation and crosstalk or the application of non-personalized headrelated transfer functions (HRTFs). On the other hand, a transaural method can render audio sources out of the head. However, localization performance (e.g., direction and elevation effects) is rapidly degraded because of the existence of undesired crosstalk and reverberation [4]. In this paper, we propose a sound source elevation method in stereo loudspeaker listening environments. The proposed method integrates several 3D sound techniques such as HRTF-based rendering, early reflection, spectral notch filtering, and directional band boosting techniques. This paper is organized as follows. Following the introduction, we describe an HRTF model based technique as well as an early reflection generation technique in Section 2. In addition, we describe spectral notch filtering and directional band boosting techniques. In Section 3, we propose a sound source elevation method by integrating the techniques explained in Section 2. In Section 4, we discuss the performance evaluation result of the proposed method by measuring the perceived elevation from the stereo loudspeakers which are located on the horizontal plane. Finally, we conclude our findings in Section 5.

2 3D Sound Rendering Techniques 2.1 HRTF Model A head-related transfer function (HRTF) plays a major role in the processing of 3D sound applications. HRTFs are defined as impulse responses of the paths from sound

182

Y.G. Kim et al.

sources to listener’s ear drums [3]. These HRTFs represent reflections and diffractions by the head, the ears, and the torso. An HRTF can be measured by means of dummy head microphones designed to mimic human head and torso or modeled by a digital filter. In the applications for sound positioning, externalization, or crosstalk cancellation, localization performance degrades during measured HRTF employment due to individual disagreement and reverberation absence [5]. Accordingly, HRTF should be individually measured to increase localization performance despite inherent difficulties in practical measurement and necessary cost. To overcome such difficulties, a number of previous works have mathematically modeled the HRTF [6][7]. Similarly, such a model-based HRTF, in particular, a structural HRTF model, is employed in this paper [7]. Fig. 2 shows a schematic diagram of the structural HRTF model, being composed of head and pinna models. The HRTF model parameters are the azimuth, the elevation of a virtually-localized sound source, and the head radius of a listener.

Pinna model Input sound

Head model

Output sound Pinna model

azimuth (θ ), elevation (φ ) head radius ( a )

Fig. 2. Block diagram of a structured HRTF model

A sound localization procedure using the HRFT model is as follows. First, the head model is applied to an input sound to simulate head shadow effects, i.e., for a given azimuth, θ , the head model for left or right channels is represented as H m ( z ,θ ) =

( 2α m (θ ) + βT ) + ( βT − 2α m (θ )) z −1 ( 2 + βT ) + ( βT − 2) z −1

(1)

where m represents L or R for left or right channels, respectively. Further, β = 2c / a where a and c are the head radius and the speed of sound, respectively. In addition, T is the sampling period. Subsequently, α m (θ ) is calculated according to θ as and

α L (θ ) = 1 − sin(θ )

(2)

α R (θ ) = 1 + sin(θ ) .

(3)

Second, the pinna model is applied to the head model output, sin,m (n), to simulate the pinna effect. As a result, we have the output, s out ,m (n), which is represented by

3D Sound Techniques for Sound Source Elevation N

sout ,m (n) = sin,m (n) + ∑ p k sin,m (n − τ k (θ , φ ))

183

(4)

k =1

where φ and N denotes the elevation and the number of pinna reflections, respectively. In addition, τ k (θ , φ ) = Ak cos(θ / 2) sin( Dk (π / 2 − φ )) + Bk , where Ak , Dk , and Bk are constants described in Table 1. Finally, the shoulder model is applied to the pinna model output, optionally, which is composed of single reflection to simulate shoulder reflection. Table 1. The pinna model coefficients

k

ρk

Ak

Bk

Dk

1 2 3 4 5 6

1 0.5 -1 0.5 -0.25 0.25

0 1 5 5 5 5

0 2 4 7 11 13

0 1 0.5 0.5 0.5 0.5

2.2 Early Reflections Generation Using Image Method A sound source is reflected and diffracted by ceilings and walls within rooms during delivery to listeners’ ears. As a result of such phenomena, listeners are able to perceive sound source distance, and 3D sound rendering effect can be more realistic with the help of reverberation effect. In order to localize sound out-of-the-head, artificial reverberation is generated using the image method [8][9]. In order to generate reverberation using the image method, we first assume that an actual sound source is located at position which is higher than 60 degrees of elevation for a given room configuration. Based on this assumption, we simulate and generate a room response by using parameters as follows: sound source is located at (5m, 6m, 8.5m) in a 3D auditory space and a microphone is located at (5m, 5m, 1.5m) in a room with a dimension 1

0.8

value

0.6

0.4

0.2

0

0

0.5

1 1.5 time sample

2

2.5 x 10

4

Fig. 3. Room impulse response for sound source elevation, which is generated by the image method

184

Y.G. Kim et al.

of (10m, 10m, 9m). Then, depending on the location of each image source and a room type, an impulse response with different delay, magnitude, and reflection coefficient is generated. After that, all the impulse responses from the image sources are summed up into a room impulse response. Fig. 3 illustrates the generated room impulse response by using above parameters when the sound source is sampled at 48 kHz. The length of the room impulse response is approximately 24,000, thus the room impulse response can artificially simulate the reverberation effect for perceiving distance and elevation. 2.3 Spectral Notch Filtering In this paper, we investigate the measured HRTF database, CIPIC HRTFs [10], in order to analyze the variation of spectral characteristics depending on elevated sound perception. It is noted from this investigation that notches are located differently on HRTF spectra due to dissimilar azimuths and elevations. Accordingly, in order to analyze spectral notch positions for vertical plane localization, average HRTF spectrum, which corresponds to several vertical directions, is calculated over the CIPIC HRTFs, where 45 subjects exist in the database. Consequently, we find that three notches are located at the average HRTF spectrum, positioned at 9,991 Hz, 12,231 Hz, and 13,954 Hz. 2.4 Directional Band Boosting We carried out listening experiments by using complex tones and found it out that if the sound source had the ingredient of above 7 kHz, listeners could distinguish and perceive sound sources as if they were localized above the head. In addition, Blauert reported that a directional band affected the perception of the direction of sound [11]. Thus, we apply the directional band boosting method for sound source elevation. 10

value

8 6 4 2

23813

22688

21563

20438

19313

18188

17063

15938

14813

13688

11438

12563

10313

9187.5

8062.5

6937.5

5812.5

4687.5

3562.5

2437.5

187.5

1312.5

0

QMF Subband Center Frequency (Hz)

Fig. 4. Plot for directional band boost and attenuation for sound source elevation

48 kHz, Stereo WAVE

Reflection

Head Model

Pinna /Shoulder Model

Notch Filter

QMF Analysis

Boost/ Attenuation

QMF Synthesis

Notch Filter

QMF Analysis

Boost/ Attenuation

QMF Synthesis

Fig. 5. Overall structure of the proposed sound elevation method

48 kHz, Stereo WAVE

3D Sound Techniques for Sound Source Elevation

185

In order to boost a directional band in the subband domain, a 64-channel quadrature mirror filterbank (QMF) analysis and synthesis method [12] is first applied. That is, input stereo audio signals are decomposed by the QMF filterbank analysis, and then the subband signals corresponding to a directional band are boosted. Fig. 4 shows how much each band is boosted or attenuated for sound source elevation, where xaxis is a center frequency of the QMF filterbank. The subband signals are multiplied by the value corresponding to their center frequency and synthesized by the QMF synthesis filter.

3 Proposed Sound Source Elevation Method Fig. 5 shows the overall structure of the proposed sound elevation method. As shown in the figure, the proposed method integrates the image method based reverberation, HRTF modeling, spectral notch filtering, and directional band boosting. First, stereo audio signal is split into two mono audio signals and then each of them is convolved with a room impulse response which is composed of early and late reflections, as described in Section 2.2. Next, HRTF models, as in Section 2.1, are applied to the convolved mono signal in order to localize sound images at arbitrary positions. Second, to improve elevation effects, a spectral notch filter described in Section 2.3 is applied. The directional band boosting method, which is described in Section 2.4, is then performed after applying the QMF analysis. Finally, the QMF synthesis filtering is carried out to obtain the two mono signals that are merged into a stereo audio output signal.

4 Performance Evaluation In order to evaluate the perceptual elevation of the proposed sound elevation method, audio files with different genres such as audio files include white noise, sound effects, speech and audio signals were prepared. Fig. 6 illustrates the configuration of loudspeakers used in this experiment. In order to investigate horizontal and vertical localization effects, each participant was initially asked to listen to the original sound which was played by the loudspeakers which are located on the horizontal plane; i.e., 0 cm far away from the horizontal axis. After that, each participant was also asked to

30˚

30˚

1m

Fig. 6. Configuration of loudspeakers for listening experiments

186

Y.G. Kim et al.

Perceived Elevation (degree)

frontal

lateral

25 20 15 10 5 0 Speech

Music

Whitenoise

Sound Effect

Fig. 7. Perceived elevation measured in degree from the horizontal plane

listen to a pair of audio files composed of an original audio file and its corresponding file processed by the proposed method. In order to measure the perceptual elevation, a laser pointer was used to indicate a perceived position of the processed file relative to that of the original file. We repeated this procedure to lateral direction. In this experiment, nine people with no auditory diseases participated. Fig. 7 shows the perceptual elevation result measured in degree according to different audio genres. It was shown from the figure that the proposed method provided around the perceived elevation of 17º~21º against the horizontal plane. In particular, speech was perceived with the highest degrees among all the genres.

5 Conclusion In this paper, a sound source elevation method for a loudspeaker listening environment was proposed by combining several 3D audio techniques including a structural HRTF model, early reflections, spectral notch filtering and directional band boosting technique. A subjective listening test was performed to evaluate the perceived elevation. As a result, we could elevate audio sources by using the proposed method as higher as 17º~21º.

References 1. ITU-R Recommendation BS. 775-1: Multi-Channel Stereophonic Sound System with or without Accompanying Picture (1994) 2. Breebaart, J., Faller, C.: Spatial Audio Processing – MPEG Surround and Other Applications. Wiley, Chichester (2007) 3. Begault, D.R.: 3D Sound for Virtual Reality and Multimedia. Academic Press, Cambridge (1994) 4. Gardner, W.G.: 3-D Audio Using Loudspeakers. Kluwers Academic Publishers, Norwell (1998) 5. Wenzel, E.M., Arruda, M., Kistler, D.J., Wightman, F.L.: Localization using nonindividualized head-related transfer functions. J. Acoust. Soc. Am. 94(1), 111–123 (1993)

3D Sound Techniques for Sound Source Elevation

187

6. Kistler, D.J., Wightman, F.L.: A model of head-related transfer functions based on principal components analysis and minimum-phase reconstruction. J. Acoust. Soc. Am. 91(3), 1637–1647 (1992) 7. Brown, C.P., Duda, R.O.: An efficient HRTF model for 3D sound. In: Proceedings of IEEE Workshop on Applications of Signal Processing to Audio and Acoustics, pp. 298– 301 (1997) 8. Allen, J.B., Berkley, D.A.: Image method for efficiently simulating small-room acoustics. J. Acoust. Soc. Am. 65(4), 943–951 (1979) 9. McGovern, S.G.: Fast image method for impulse response calculations of box-shaped rooms. J. Applied Acoustics 70(1), 182–189 (2008) 10. Algazi, V.R., Duda, R.O., Thompson, D.M., Avendano, C.: The CIPIC HRTF database. In: Proceedings of IEEE Workshop on Applications of Signal Processing to Audio and Acoustics, pp. 99–102 (2001) 11. Blauert, J.: Spatial Hearing. MIT Press, Cambridge (1997) 12. 3GPP TS 26.401: Enhanced aacPlus General Audio Codec; General Description (2004)

Integrated Framework for Information Security in Mobile Banking Service Based on Smart Phone Yong-Nyuo Shin1 and Myung Geun Chun2, 1

Hanyang Cyber University, Dept. of Computer Engineering, 17 Haengdang-dong, Seongdong-gu, Seoul, Korea [email protected] 2 Chungbuk National University, Dept.of Electrical & Computer Engineering, 410 Seongbong-ro, Heungdeok-gu, Cheongju chungbuk, Korea [email protected]

Abstract. Since Apple launched the iPhone service in November 2009 in Korea, smartphone banking users are increasing dramatically, forcing lenders to develop new products to deal with such demand. The bank of korea took the lead in jointing together to create a mobile banking application that each bank can adapt for its own use. In providing smartphone services, it is of critical importance to take the proper security measures, because these services, while offering excellent mobility and convenience, can be easily exposed to various infringement threats. This paper proposes a security framework that should be taken into account by the joint smartphone-based mobile banking development project. The purpose of this paper lies in recognizing the value of smartphones as well as the security threats that are exposed when smartphones are introduced, and provides countermeasures against those threats, so that an integrated information security framework for reliable smartphone-based mobile financial services can be prepared, by explicitly presenting the difference between personal computers and smartphones from the perspective of security. Keywords: Mobile, Security, Banking Service, Smart Phone, Integrated Framework, Authentication, Threats, Countermeasures.

1

Introduction

As smartphones have become widely adopted, they have brought about changes in individual lifestyles, as well as significant changes in the industry. As the mobile technology of smartphones has become associated with all areas of the industry, it is not only accelerating innovation in other industries such as shopping, healthcare service, education, and finance, but is also creating new markets and business opportunities [1]. In addition, the wide adoption of smartphones has increased the competition among enterprises. As Hana Bank and Industrial bank of Korea started the development of smartphone-based banking services earlier than other banks, competition to take the lead in this new market seems to be accelerating further. *

Corresponding author.

T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 188–197, 2010. © Springer-Verlag Berlin Heidelberg 2010

Integrated Framework for Information Security in Mobile Banking Service

189

In providing smartphone services, it is of critical importance to take the proper security measures [5], because these services, while offering excellent mobility and convenience, can be easily exposed to various infringement threats. In particular, efforts are required to apply security systems that can preemptively cope with potential threats in the area of banking services, which demand high reliability. This study proposes a security framework that should be taken into account by the joint smartphone-based mobile banking development project of the Bank of Korea. The purpose of this study lies in recognizing the value of smartphones as well as the security threats that are exposed when smartphones are introduced, and provides countermeasures against those threats, so that an integrated information security framework for reliable smartphone-based mobile financial services can be prepared, by explicitly presenting the difference between personal computers and smartphones from the perspective of security. When the global hit product the iPhone was distributed in Korea for the first time, the dominant viewpoint was that it was another early adopter product that reflected the preferences of youth. However, the change in our daily lives that followed its introduction was more significant that had been expected. Usage patterns are changing as more people access public information using their smartphones, and people now even prefer to use their smartphones for online banking rather than turning on their personal computer. The mobile communications market and wireless network markets are thus undergoing a period of upheaval, which has caused some to proclaim that we are entering “the age of smartphones.” However, only a few users recognize the enormous threat exposed by smartphones, which indeed, is as significant as their power to affect our lives in positive ways. As the smartphone is essentially a PC that we can hold in our hands, it is vulnerable to every type of violation that can occur to a PC. Even worse, smartphones are quite vulnerable to security violations because they are based on wireless networks. Considering these factors, the types of violation incidents that can occur on smartphones were classified, and damage cases of mobile malicious code were analyzed. Already, a diverse range of mobile malicious code has appeared – from ‘proof-of-concept’ code that simply exposes the possibility of damage, to code that exploits vulnerabilities in a smartphone OS to actually disclose the owner’s information and cause financial damages. Various tools that have already been formalized can be utilized to analyze malicious computer code. However, different tools should be used for each platform to analyze mobile malicious code, and as of yet no methodology has been systematically organized to determine which tools should be used by which method. The integrated information security framework for mobile banking services proposed in this paper seems to be utilized effectively when security measures are established for the joint smartphonebased mobile banking development project being promoted by the Bank of Korea. Following the introduction, Section 2 outlines existing studies related to our work. Section 3 introduces the joint smartphone-based banking project performance evaluation procedure. Section 4 describes the comparison of smartphone OS features and security threats to the platform. Section 5 presents the integrated framework for information security in mobile banking service based on smart phone. The last section provides a conclusion.

190

2 2.1

Y.-N. Shin and M.G. Chun

Related Studies Universal Subscriber Identity Module

Mobile finance services, which were released with an emphasis on unit functions, are evolving into finance and communication convergence services with the introduction of the Universal Subscriber Identity Module (USIM) service. The USIM is a smart card mounted on the mobile handset, which can save the subscriber’s information and enable access to various services, such as public transportation, membership, coupons, mobile banking, credit card, and stock services. The USIM is a safe smart card with a user interface and communication function. Currently, a high-performance Near Field Communication USIM has almost reached the commercialization stage. Domestic communication service providers have developed an applet that provides a hardware security module and storage token function, and are preparing to incorporate the digital certificate in the USIM by the second half of 2010. Once digital certificate installation is completed, a digital certificate that has been issued or saved in the USIM can be invoked and used by the application user interface of financial applications such as banking, securities, and settlement. 2.2

Authentication Based on User Memory

As security threats in open mobile-based electronic financial service can have diverse attack patterns, omnidirectional security management to counter those patterns is required. Among the platform security threats, keyboard hooking is a technique that intercepts a user’s keyboard input, which is mostly exploited to find the user’s input password. This vulnerability is most serious in the area of Internet banking performed using a regular personal computer, and financial losses occur periodically due to such attacks [2]. In addition, SMS (Short Message Service) hooking can also be exploited to maliciously modify the personal information used to access a financial service. The programs that manage SMS text are implemented as applications, and proprietary text engine programs are embedded and executed by each mobile operator due to different standards and localization problems. A password that is safer than certification based on the existing password should be sufficiently complex (wide password space), easy to remember for a longer period of time, and safe against various external attacks. For this purpose, techniques using a graphic password as well as certification techniques that utilize the user’s calculation capability are being studied. This technique performs authentication using the line pattern of each point. A safe method of alternating the password needs to be studied, for application to electronic financial services. The Bank of America performs authentication through the identification of the image that the user has registered when logged in. 2.3

Using Biometric Technology in Electronic Financial Services

Beginning in the second half of 2010, Korean subscribers were able to use Internet banking services or home trade system (HTS) from their smartphones or PCs through fingerprint authentication and Question and answer authentication. Table 1 shows the major alternative authentication methods.

Integrated Framework for Information Security in Mobile Banking Service

191

Table 1. Major authentication methods Fingerprint recognition Question and answer authentication Iris recognition

Vein authentication

Checks the identity by comparing the fingerprint obtained from the detector with the saved information. Inputs the answer to a question that only the authorized user knows, and requests to answer that question at the time of financial transaction. Checks the identity by comparing the iris information scanned from the automatic focus camera with the saved information. Checks the identity of the user by comparing the infrared vein imaging of the finger or palm with the saved information.

Subscribers can also make payments of 300,000 won or more in online shopping malls. Currently, a digital certificate is required for these types of transactions. This is a follow-up measure to the Act on "Alleviation of the public certificate use obligation for electronic financial transaction" announced in March 2010. According to this measure, starting in July methods other than the digital certificates are expected to be allowed for e-Banking and electronic payments of 300,000 won or more. These authentication methods focus on securing the same security level as the public certificate, and must satisfy required items – user identification, server authentication, communication channel encryption, forgery/alternation prevention of transaction details, and non-repudiation. Fingerprint recognition is evaluated as the most basic authentication method, and is already applied to a significant number of security systems. The fingerprint method identifies the user at the time of the financial transaction using the stored fingerprint information. In addition, the question and answer authentication method is a strong candidate, in which the user inputs the information in advance that is known to him/her only, and is required to answer the question at the time of financial transaction to identify him/herself. Biometric authentication methods such as voice recognition, iris and palm vein pattern recognition have also become the subject of discussion. Figure 2 shows the iris recognition screen utilized for mobile banking services in Japan.

Fig. 1. Iris recognition screen for mobile banking services in Japan

192

3

Y.-N. Shin and M.G. Chun

Joint Smartphone Banking Development Project

Since the release of the iPhone on November 28, 2009, Hana Bank and the Industrial Bank of Korea announced the release of application-type smartphone banking services in Korea. These banks seemed to be poised to re-arrange the structure of the existing feature-phone based mobile banking market, and occupy the smartphone banking market in its early stage. These smartphone banking services are implemented such that the free application is downloaded from iPhone AppStore, and the public certificate is moved/copied from the PC. Currently, account transfer and balance check of deposit, loan, fund, and foreign currency accounts are supported by these services. In addition to independent services provided by individual banks, the banking industry has been promoting the development of a joint smartphone-based banking system since early 2009. The joint smartphone banking service standard (plan) was prepared through discussions by the Mobile Finance Committee, which is composed of 17 commercial banks. In December 2009, the Finance Informatization Promotion Committee adopted the “joint development project for the smartphone-based mobile banking service” as one of the finance information projects, and commissioned the Korea Financial Telecommunications & Clearings Institution to implement the project. The joint smartphone-based development project is expected to minimize the investment cost and risk to individual banks by realizing economies of scale in the smartphone environment, in which applications and security modules must be developed for each OS type, and to prevent customers of smaller-scale banks from becoming an alienated service class, as those banks would unavoidably have to give up service provisioning. In addition, overall service stability can be improved by applying common security measures such as public certificate, security module, and information leak prevention. However, customization by each bank will be allowed in application development (customer contact segment) in order to reflect the service differentiation needs of each bank, so that the differentiation needs of participating banks and market needs for convenient services can be satisfied at the same time.

Fig. 2. Configuration of the joint development project system for smartphone-based mobile banking services

Integrated Framework for Information Security in Mobile Banking Service

4

193

Comparison of Smartphone OS Features and Security Threats to the Platform

Generally, smartphone users select a smartphone model to buy after considering the use purpose and comparing the strengths and shortcomings of the product design and functions. Users have only limited options in the domestic market due to the obligatory integration of WIPI. However, with various smartphones being imported from overseas, users now can have more choices and purchase products at lower prices. As a result of competition in the market, domestic manufacturers are also releasing diverse smartphones that satisfy user demands. Among several kinds of open-type mobile platforms, Apple’s iPhone OS (OS X iPhone), Google’s Android, and Microsoft’s Windows Mobile are the 3 major open-type platforms. Windows Mobile is the Windows CE based mobile platform, and most domestic financial services are based on the Windows platform. Apple’s iPhone OS has ported the existing general-purpose Mac OS to the mobile terminal, and added necessary functions. Users can purchase and install applications from the AppStore, and no compatibility with other devices or services is provided due to Apple’s closed policy [11]. Google’s Android provides an open source-based open type mobile platform. Various types of terminals and mobile operators can use the Android OS [8][12]. Droid09 malicious code was a phishing attack that was discovered recently (Android Development, 2010). By deceptively presenting a malicious application distributed in the Android market as a normal banking application, user passwords were stolen. The smartphone is a mobile handset equipped with computer functions, and has characteristics that make it similar to a PC. To attack a smartphone, hackers must have a prior understanding of the specific smartphone OS, as there are a larger number of smartphone OS than PC OS. In most cases, the scope of smartphone security incidents is limited to individuals, such as personal information leak, device disabling, and financial information loss. As smartphones handle sensitive information and dedicated smartphone security software is not sufficient, it seems that security measures need to be established. Types of smartphone security incidents include personal information leaks, limited device use, illegal billing generation, and mobile DDoS. Table 3 shows the details. Table 2. Types of smartphone security incidents Violation incident pattern

Details

Personal information leak

Confidential information leak and privacy violation such as receiving message, phone directory, location information, and business files.

Limited device use

Terminal screen change, terminal breakdown (malfunction), battery consumption, information (file, phone directory, etc.) and program uninstallation.

Illegal billing generation

Financial loss due to spam SMS sending and small amount payments by the mobile handset.

Mobile DDoS

Causes illegal billing, web site paralysis, and terminal disabling by creating large amounts of traffic at a specific site and sending SMS to a specific terminal.

194

Y.-N. Shin and M.G. Chun Table 3. Security threats of smartphone-based financial services Area

Meaning Derivative attack is expected due to

Platform

vulnerabilities or unique functional characteristics of the OS used in the open type mobile platform. Attacks on vulnerabilities of an

Application

application that is recognized by users, unlike a virus.

Storage

Example Virus and malicious code, keyboard hacking, SMS hooking, process and memory (dump) hacking

Phishing program, data file and execution file alteration.

Access to the file system loaded onto the

Access to the internal storage file system

internal/external memory of the mobile

inside the mobile terminal, and extraction

handset, confidential information

of activated and deleted confidential

extraction, and alteration attacks are

information.

expected. Reduced availability due to network

Network

traffic occupancy, and attack using the

Causes traffic error by sending random

zombie terminal (malicious bot infection

SMS/MMS through terminal misuse.

by the smartphone) are expected.

5

Integrated Framework for Information Security

We analyze the security threats that can occur in the open type mobile-based electronic financial service, and presents countermeasures to analyzed threats. The open type mobile terminal provides high performance and scalability that equivalent to that of a PC, and allows the sharing and installation of applications developed by individuals [3]. As a result, an application that is not certified can cause a security threat. 5.1

Universal Subscriber Identity Module

As there can be various types of security threats in open type mobile based electronic financial services, omnidirectional security management to counter these threats is required [1]. The purpose of this paper lies in providing smartphone-based mobile financial services, as well as in analyzing the possible security threats and proposing countermeasures against those threats. 5.2

Security Countermeasures against Platform-Based Financial Services

An open platform implies a software system that provides an interface (software development kit), which enables users to use all or part of the platform and application, when integrated in the open-type mobile platform. As the smartphone is a portable terminal that is integrated with the open platform, smartphone-based business can be exposed to security threats more easily than any other area.

Integrated Framework for Information Security in Mobile Banking Service

195

Fig. 4. Security Framework for Smartphone mobile banking services

a. Virus and malicious code The first mobile virus code was found in 2004 on a mobile terminal running Symbian OS [6], and since then, approximately 400 mobile malicious codes have been detected. Recently, a new mobile malicious code (Trojan-SMS.Python.Flocker) was detected by Kaspersky, which sends an SMS to the recipient registered in the phone directory of the mobile terminal that instructs them to transfer money to a certain account, using mobile malicious code.

▣ Threats ① Modification, deletion, or disclosure of the user’s personal information or stored application. ② Excessive traffic due to continuous requests for data, which were not initiated by the user. ③ Sends large numbers of SMS using the user’s phone directory. ▣ Scenario ① The attacker publishes the malicious code that he/she created using online application sharing web sites and others. ② The user downloads and installs the attacker’s malicious code in his/her terminal from the sharing web site. ③ The attacker sends the user’s personal information stored in the mobile termin-

al to his/her PC periodically, such as public certificate, specific files for financial transactions, phone directory, e-mail, and photos, using the malicious code installed in the victim’s mobile terminal.

▣ Countermeasures ① Anti-virus installation is taken as the minimum measure to protect against virus and malicious code attack. Anti-virus S/W can be used to detect abnormal process execution in real time, and control unauthorized access to the resources saved in the mobile terminal.

196

②

Y.-N. Shin and M.G. Chun

Code signature technology is applied to most mobile platforms. However, some platforms do not strictly apply this technology. Therefore, a separate code signature function is needed for the application equipped with the financial service.

b. Keyboard input value hooking Keyboard input value hooking is a technique that snatches the user’s keyboard input, and is exploited to find the password that the user inputs. This security weakness is most prominent in Internet banking performed on a general computer, and financial damages related to this vulnerability periodically occur.

▣ Threats ① It is known that hooking is possible for a physical keyboard like a QWERTY ②

keyboard, but no such incidents have been reported thus far for a virtual keyboard. As the virtual keyboard accepts input with a fixed number of characters at a fixed location, which is integrated with the terminal when it is shipped out, there is a possibility that the input character can be calculated by detecting mouse clicks or keyboard events.

▣ Scenario ① The attacker can distribute the keyboard hooking program to the user via email, or make a malicious hooking program to be downloaded. ② The user begins mobile banking or trading service, and inputs the PIN and certificate password to the input window. ③ The input keyboard value is hooked and transferred to the attacker. Consequently, the attacker can obtain the user’s password and account number.

▣ Countermeasures ① Technology is required that provides confidentiality of keyboard input values ② 6

by making the data pass through the adapter (hardware that performs encryption) before connecting the keyboard device to the mobile terminal. The virtual keyboard can be used for the computer Internet banking system.

Conclusion

In providing smartphone services, it is of critical importance to take the proper security measures, because these services, while offering excellent mobility and convenience, can be easily exposed to various infringement threats. In particular, efforts are required to apply security systems that can preemptively cope with potential threats in the area of banking services, which demand high reliability. Smartphones are quite vulnerable to security violations because they are based on wireless networks. Considering these factors, the types of violation incidents that can occur on smartphones were classified, and damage cases of mobile malicious code were analyzed. Already, a diverse range of mobile malicious code has appeared – from ‘proof-of-concept’

Integrated Framework for Information Security in Mobile Banking Service

197

code that simply exposes the possibility of damage, to code that exploits vulnerabilities in a smartphone OS to actually disclose the owner’s information and cause financial damages. Various tools that have already been formalized can be utilized to analyze malicious computer code. However, different tools should be used for each platform to analyze mobile malicious code, and as of yet no methodology has been systematically organized to determine which tools should be used by which method. The integrated information security framework for mobile banking services proposed in this paper seems to be utilized effectively when security measures are established for the joint smartphone-based mobile banking development project being promoted by the Bank of Korea. Hopefully, this study could be refined continuously by performing verification and re-establishment through actual application to the joint smartphone-based mobile banking development project. In addition, it could be utilized as an international standardization item driven by the Bank of Korea through the international organization related to security (ISO/IEC JTC1 SC27) or finance (ISO TC68).

References 1.

2.

3. 4. 5. 6. 7. 8. 9. 10. 11. 12.

Claessens, J., Dem, V., Vandewalee, J.: On the security of Today’s Online Electronic Banking Systems. Computers & Security, Elsevier advanced Technology 21(3), 257–269 (2002) Calisir, F., Gumussoy, C.A.: Internet banking versus other banking channels:Young consumers view. International Journal of Information Management Computers & Security 28, 215–221 (2008) Heikkinen, P.: A framework for evaluating mobile payments., Financial Markets and Statistics, Bank of Finland (2009) Mobile Banking Overview, mobile marketing association (2009) Chang, Y.F., Chen, C.S., Zhou, H.: Smart phone for mobile commerce. Computers & Security (31), 740–747 (2009) Symbian Developer Network, http://developer.symbian.com/ Forum Nokia, http://forum.nokia.com/ Android SDK, http://code.google.com/android/ Open Handset Alliance, http://www.openhandsetalliance.com/ Android Development, http://www.android-devs.com/?p=127 Apple iPhone, http://www.apple.com/iphone/ Google Android, http://code.google.com/intl/ko/android

A Design of the Transcoding Middleware for the Mobile Browsing Service Sungdo Park, Hyokyung Chang, Bokman Jang, Hyosik Ahn, and Euiin Choi∗ Dept. of Computer Engineering, Hannam University, Daejeon, Korea {sdpark,hkjang,bmjang,hsahn}@dblab.hannam.ac.kr, [email protected]

Abstract. Mobile devices have the limited environment such as low process performance, small screen size, low network speed and restricted user interface. This situation prevented the use of diverse and rich desktop-based information and services because the user could use limited services in mobile telecommunication environment. Also, this demands that service providers should develop a separate web contents for mobile telecommunication, but it is a waste of time and effort. Therefore, in this paper, we proposed web contents transcoding middleware that could provide automatic web contents re-authoring for the mobile device. Keywords: Mobile web, Transcoding, Middleware, Adaptation.

1 Introduction Recently, the demand for the use of web at the variety of mobile devices including mobile phones is growing. This is based on new worth discovery for the realization of a variety of wire-wireless integrated service in ubiquitous environment. Ultimately, this has been started from a natural demand that web environments in the wirewireless should be integrated into one. Through this, we expect to create many new business opportunities[1]. Mobile web contents market was dominated by general cellular phone in the past, so service providers could provide only native applications, but now the web content development and distribution is activated by development environment with open platform and open source and expansion of the smartphone market such as iPhone and Android. Therefore, this situation is very attractive factor from the web content provider's side because the mobile market which is possible to compete through the technology is better than the desktop market which is holding by major companies. However, there are some problems to service the web content, which is optimized at desktop, to the mobile device which has limitations such as screen size, performance, network speed and support software. Currently, Most of web contents providers have been working to rebuild desktop web contents to mobile based. ∗

Corresponding Author.

T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 198–204, 2010. © Springer-Verlag Berlin Heidelberg 2010

A Design of the Transcoding Middleware for the Mobile Browsing Service

199

There are two different methods to rebuild web contents for the mobile device. These are manual method and automated method[2, 3]. Manual authoring method that the web content provider prepares a variety of web contents version for various device profiles and provides is currently used most frequently. This approach is possible to provide high quality web contents, but the web author have to manage web contents directly and have to expect what contents are accessed by user. Also, it is very waste of time and costs, because they prepare same web contents for various versions of mobile devices. Automatic authoring method using transcoding technique is an approach that could provide transformed web contents for the user device when the user requested. It is an attractive technique because it could be transform automatically in any device environment. But, transformed web contents which apply this method have lower quality than manual authoring method. Furthermore, most of transcoding techniques are based on method that can simply assign web contents to fit the size of the mobile device through parsing HTML codes and searching regular patterns. Therefore, in this paper, we proposed item based on content block extraction method, which is not dependent on only HTML codes, for solving problem of Automatic authoring method and designed transcoding middleware which can provide automatic web contents re-authoring for mobile devices.

2 Related Works 2.1 Mobile Browsing It is mobile browsing to view web contents based on existing desktop using mobile devices. In mobile browsing, there are four methods as follows in order to view web contents. 2.1.1 Full Browsing Full browsing is a method which shows the screen of a desktop as it is to on a mobile device without enlarging or downsizing[4]. This method may have a problem of contents-aware in low-resolution mobile devices because there happen left/right and top/bottom scroll extremely. Recently, there is a try to embed a zoom in/out function into mobile devices or support high-resolution in order to be able to see a full screen at a glance, however, it is a crystal clear for a mobile device with 3-inch-screen to grab a full screen web site. 2.1.2 Mini-map Mini-map method shows a mini-map downsized of full-screen, so the current location will be displayed if a user scrolls it. For the user, it is possible to move a bit more easily directly, but the space for display will be shorten because it takes some room of mobile display[5].

200

S. Park et al.

2.1.3 Thumbnail Thumbnail is a method that shortens a whole page to a screen size and links a part to the enlarged page as clicked[2, 6]. It has been advanced of previous thing that is very effective method about moving sub-page from complexity main-page. Users can watch contents through moving a sub-page. But, it is able to lose half of efficient in case of moving page which is consisted of complexity page by moving. 2.1.4 Vertical Align Vertical-align is a method which optimizes to vertical side in screen[7, 8]. It is superior to others because that is not occurred left/right scroll by fitting horizontalsize although vertical-scroll can be lengthen, but It has a problem of scroll which can be lengthen in case of portal-page which have many contents. Google has a function that provide to automatic page division. But it will occur to problem that is frequently page-moving in case of finding particular contents by users because it is decided by size for page-division. 2.2 Web Content Adaptation System Through considering in heterogeneous mobile device of each user, the system which can provide by automatically adapting in user environment for web contents based on desktop are developed and proposed. 2.2.1 MobileGate MobileGate proposed a method to service by transforming from web contents to image that protect to occur for impossible contents into mobile-device in content of web-contents. It is imagification for whole web-page that is divided by carat about user's preference area and using method to service by transforming image suitable format in mobile[9]. 2.2.2 Xadaptor Jiang He proposed a Xadaptor adapting system using a rule-based approach for flexibility and scalability[10]. It explains to adapting technique about various architecture and basic type such as text, image, streaming media, etc. Especially, it provides to adapting technique such as table and frame.

3 A Design of Transcoding Middleware Web content is Generally made on the basis of the desktop environment thus it has difficulties of use at the mobile device which has limited resources such as low process performance, small screen size, low network speed and restricted user interface. Recently, some parts of limitations of existing mobile devices is supplemented by the appearance of the smartphone which competes with desktop performance through development of the mobile technology, but the mobile device still have problems, such as readability of web contents and scrolling for showing whole page, due to its special features. Especially, there is a serious problem that the developer has to rebuild web contents for mobile device owing to differences of each mobile platform.

A Design of the Transcoding Middleware for the Mobile Browsing Service

201

These problems can be resolved through the middleware which can reconstruct web contents by extracting item based on content block and using the user preference for the priority location of items. Figure 1 shows structure of web contents transcoding middleware proposed in this paper.

Fig. 1. Structure of the web content transcoding middleware

3.1 Extraction Method of Web Content Item Blocks Web content transcoding technique is an adaptation method that can automatically transform web contents for various user devices and can provide web contents suitable for their devices and platforms. Most adaptation methods, based on heuristic methods which find regular patterns in accordance with HTML code analysis, split web content into blocks and summarize it for the size of the mobile, and hence link it to the interface with block. However, this method causes a problem that cannot extract items, which are content units for user recognition, because it is dependent on only code or size of web content. Web content based on desktop does not consist of one subject but detailed items such as menu, login, logo, search, news, etc. Users are able to search and read interesting items, and click hyperlink linked to the items. If an item is divided into different blocks, or a number of items are grounded into one block, it will cause difficulties for users to understand the content of each item. Therefore, most of transcoding methods are less effective at the structurally complex web page such as portal sites. Hence, we proposed item block extraction method based contents using document object model in this paper. DOM(Document Object Model) is a structure which is made as object tree by parsing HTML document. It can be possible to analyze the content or the structure of web contents according to searching DOM tree, modifying or deleting particular nodes and tags. And, through this, generated web content is optimized for mobile browsing service environment. Figure 2 shows an example of DOM tree for the web content.

202

S. Park et al.

Fig. 2. Document object model tree of web contents

3.2 Location Assign Module with User Preference Generated web content should mitigate inconvenience of the interface using preference of users in the mobile browsing environment. Which items will be preferred by users among items of web content? It will be the item which users prefer and frequently use. Interface manipulation is the most troublesome in mobile browsing. Personalizing service which searches items preferred by users on desktop web applications uses a service tool which reduces awkward interfaces as well as difficulty of search for interesting items for users. Item block extraction method of personalizing web content proposed in this paper does not extract the size or code on web content but item based blocks, the unit to consist the content. To create extracted blocks on personalizing web content by preference of users, it makes that web content is rebuilt by calculating the preference of each item block using user preference profile. This also includes user interest information. The user preference can be measured by collaborative filtering and profiling. Through attaching user preference weight to the web content item, we can suitably assign web contents using prioritization at the mobile display screen. Figure 3 shows concept of Web Content Location Assign using User Profile.

Fig. 3. A concept of the web content location assign using user profile

A Design of the Transcoding Middleware for the Mobile Browsing Service

203

3.3 Styling Module HTML tag and style sheet language are widely used for item design on most of desktop based web content. However, there is a difficulty about applying web content to mobile devices, because style sheet is designated for the desktop environment. Hence, the middleware should convert original web content to suit the mobile environment for representing content items to users. The module which is in charge of analyzing and adjusting about style sheet is needed, because the style sheet which need to accept and the style sheet which need to reconfigure are mixed.

4 Conclusion Due to development of the mobile technology, now users can use various desktop based web contents at the mobile devices, so the mobile browsing environment that users can access web contents over any device at anytime at anywhere is possible. However, there are several problems to browsing web contents at the mobile owing to the limitation, such as screen size, support software, etc., of mobile devices compared with desktop-pc. Hence, service providers should develop a separate web contents for the mobile device environment. Therefore, in this paper, we proposed the automatic re-authoring middleware which can reconstruct web contents by extracting item based on content block and using the user preference for the prioritization of items. Also, for this purpose, we proposed item block extraction method based on content using document object model, and propose a web content reconstruction methodology which can reassign items according to user preference profile for interface manipulation that users have felt the most uncomfortable using mobile browsing. In the future, we would develop and test proposed middleware applying item extraction method and reconstruction methodology, and the process of evaluation verification of proposed middleware would be proceeded. Acknowledgments. This work was supported by the Security Engineering Research Center, granted by the Korea Ministry of Knowledge Economy.

References 1. Jones, G.J.F., Brown, P.J.: Context-Aware Retrieval for Ubiquitous Computing Environments. In: Crestani, F., Dunlop, M.D., Mizzaro, S. (eds.) Mobile HCI International Workshop 2003. LNCS, vol. 2954, pp. 371–374. Springer, Heidelberg (2004) 2. Hwang, Y., Kim, J., Seo, E.: Structure-Aware Web Transcoding for Mobile Devices. IEEE Internet Computing Magazine 7, 14–21 (2003) 3. Lum, W.Y., Lau, F.C.M.: User-Centric Content Negotiation for Effective Adaptation Service in Mobile Computing. IEEE Transaction on Software Engineering 29(12), 1100– 1111 (2003) 4. Kaikkonen, A.: Mobile Internet: Past, Present, and the Future. International Journal of Mobile Human Computer Interaction, 29–45 (2009)

204

S. Park et al.

5. Roto, V., Popescu, A., Koivisto, A., Vartiainen, E.: Minimap-A Web Page Visualization Method for Mobile Phones. In: CHI 2006 Proceedings on Mobile Surfing and Effects of Wearables, pp. 35–44 (2006) 6. Lam, H., Baudisch, P.: Summary Thumbnails: Readable Overviews for Small Screen Web Browsers. In: Proceedings of the SIGCHI Conference on Human Factors in Computing System, pp. 681–290 (2005) 7. Roto, V.: Browsing on Mobile Phones, Nokia Research Center, http://www.research.att.com/~rjana/WF12_Paper1.pdf 8. Roto, V., Kaikkonen, A.: Perception of Narrow Web Pages on a Mobile Phone. In: 19th Internationa Symposium on Human Factors in Telecommunication (2003) 9. Park, D., Kang, E., Lim, Y.: An Automatic Mobile Web Generation Method from PC Web Using DFS and W-DFS. In: Gervasi, O., Gavrilova, M.L. (eds.) ICCSA 2007, Part II. LNCS, vol. 4706, pp. 207–215. Springer, Heidelberg (2007) 10. He, J., Gao, T., Yen, I., Bastani, F.: A Flexible Content Adaptation System Using a RuleBased Approach. IEEE Trans. on Knowledge and Data Engineering 19(1) (2007)

A Study of Context-Awareness RBAC Model Using User Profile on Ubiquitous Computing Bokman Jang, Sungdo Park, Hyokyung Chang, Hyosik Ahn, and Euiin Choi∗ Dept. of Computer Engineering, Hannam University, Daejeon, Korea {bmjang,sdpark,hkjang,hsahn}@dblab.hannam.ac.kr, [email protected]

Abstract. Recently, With the IT technique growth, there is getting formed to convert to ubiquitous environment that means it can access information everywhere and every-time using various devices, and the computer can decide to provide useful services to users. But, in this computing environment will be connected to wireless network and various devices. According to, recklessness approaches of information resource make trouble to system. So, access authority management is very important issue both information resource and adapt to system through founding security policy to need a system. So, this model has a problem that is not concerned about user's context information as user's profile. In this paper suppose to context-awareness RABC model that based on profile about which user's information which provide efficiently access control to user through active classification, inference and judgment about user who access to system and resource. Keywords: RBAC, User Profile, Ubiquitous computing, Access Control, Context-Awareness.

1 Introduction Recently, With the IT technique growth, there is getting formed to convert to ubiquitous environment that means it can access information everywhere and everytime[1, 2]. Since the advent of the ubiquitous environment, the user can connect computing environment every-time using various devices, and the computer can decide to provide useful services to users according to context awareness. But, in this computing environment will be connected to wireless network and various devices. According to, recklessness approaches of information resource make trouble to system. So, access authority management is very important issue both information resource and adapt to system through founding security policy to need a system. But, existing access control security model is available to approach information resource ∗

Corresponding Author.

T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 205–213, 2010. © Springer-Verlag Berlin Heidelberg 2010

206

B. Jang et al.

or computing system by using simply user ID and Password. So, this model has a problem that is not concerned about user's context information as user's profile[3, 4]. Ubiquitous Computing environment's access control model that has different existing security access control model in which is authorized by user's simple information(e.g,. ID and Password), and it has to add user's location information, existing user's information(same as user profile), time, and device information during realtime. And then, it provides service about user's access request by environmentinformation(location, time, etc). In case that authorized-user who is certificated to use service, non-authorized user access to resource and system same as authorized-user, it is limited to authorized-user who even if has certification about access authorization of requesting information. So, Access control model has to consolidation and automation about resource security by control according to user environments(same as context information) and user profile. In this paper suppose to dynamical context-awareness RABC model that based on profile about which user's information and user's environment information which provide efficiently access control to user through active classification, inference and judgment about user who access to computing system and information resource. Therefore, we suggested D-PACS(Dimension Profile and Access Control System) which stored location and time, frequency information of often used service, and put the services which expected to use in any location on time to storage, and propose to context-awareness RBAC model that is modeling user's information and user's context information accessing resource by ontology.

2 Related Work 2.1 RBAC RBAC is access control model that is more popular in commercial area as alternative model of MAC(Mandatory Access Control) or DAC(Discretionary Access Control). The best feature of the RBAC is not directly allowed to user who is available for performance of operation about information that is assigned by role that is point obtaining access authority of user through assigned role to user. As management for access authority as relation of role and entity-role, a number of user and entity, can be managing authority and authorization efficiently in distributed computing with occasionally changing component. Also, assigned low-role by between roles of hierarchy architecture provide to authority inheritance that is available of upper-role. Using authority inheritance can more efficiently perform to authorization about role that is consisted of hierarchy architecture. This method has advantage of not only simplifying authority management, but also offering flexibility to implementation of security policy[5, 6, 7]. 2.2 GRBAC(Generalized-RBAC) GRBAC(Generalized RBAC) model use subject role, object role, environment role in access control decision. And that added context information to existing role-based

A Study of Context-Awareness RBAC Model

207

access control. Through modeling in role of subject, object and environment entity offer simplicity and flexibility of access control policy. Security manager describe access authority policy through five attribute that is subject role, object role, environment role, operation, sign. <<SRole, ORole, ERole, op>, sign>, <<doctor, history case, weekends, read>, -> Example, above the expression show not reading history case on weekend of assigned user as role of doctor. Also, in order to solve inexplicit authorization through role-hierarchy architecture use authority inheritance concept of role-hierarchy architecture. Authority inheritance is divided into three type of standard, strinc, lenient. GRBAC model is handling request of user's access through context information as defining environment role after describing access control policy and adapting transmission rule. But, GRBAC is not presented resolve a problem about collision between authority as causing access authority transmission. And GRBAC is difficult to management that occur a plenty of hierarchy as defining user's condition to environment role[6, 8]. 2.3 Access Control Security Architecture Using Context Information CASA is suggested by Georgia Institute of Technology that is security platform of middleware level for security of which associated security with user bio information or location information. Context-aware authorization into CASA authorize to user with user-id, location, role using a bio-awareness method or Active Badge sensor. Context-aware Access control provide to security service as a like giving the authorization and access-control in moving the computer environment of which is mutual-interaction frequently with various network, service and device. Also, that is suggested to GPDL for policy decision and GRBAC-Model giving authorization by considering with user-awareness, time and place[9, 10, 11]. SOCAM propose to OWL for context-information modeling in middleware and that is consisted of several components. Context Providers make abstraction for various context-information. And SOCAM is presented by OWL which can use and share other service components. Context Interpreter provide to logical service about context-information. Context Database saves the context-information ontology and instance in the infra domain of each other. Context-aware Services provide to suitable service in present context considering with context-information of various level. Service Locating Service informs the location of context provider and context interpreter. Also, Service Locating Service helping the service can be located by user or application[12].

3 Context-Awareness RBAC Model Architecture Using User Profile We have to infer what service is fit to user well for serving various services to user based context-aware information which arose in ubiquitous environment. Generally, we stored profile for using user’s inclination and information. Also, because services that often used have high probability which continuously using, if the services stored

208

B. Jang et al.

in profile, we could reduce time of service using. Therefore, previous technique which information and time of often using services stored in profile was suggested. But there are need to information of user’s location and time for providing more correct services. For example, we assume that A service was used 10 times on a day, and if time of service using is 3 P.M, we should infer that the service almost would use to afternoon. And time and frequency of information is important in ubiquitous. But location information is very important also. Even if services was same, frequency of service was different each other. Therefore we suggest technique that providing the service which demanded by user to store location information with time and frequency in profile and that put the service in location on time to using. The system, which we were suggested, is consists of Agent and D-PACS and User, service provider. And figure 1 shows how we structured D-PACS system.

Fig. 1. D-PACS Architecture

D-PACS was consists of 3 modules, such as Service manager, Agent manager, Inference engine, and each modules consist of sub-modules. Service manager is responsible for processing the services which user was requested or predicted by DPACS. And then the predicted services stores on service storage. If users request the predicted service to D-PACS, we will directly search it on service storage without searching works. So it is more quickly find service which user requested, and is able to provide it to user. Agent manager is responsible for receiving information from D-PACS manager on agent, and then send to inference engine. Also, it is send services which was find from service provider to service handler on agent. Analyzer within inference engine is responsible for analyzing context with profile and sensor information to provide suitable service for user, processing access control of users. And predictor estimates services which user is going to use service on other place. In inference engine, authorization service module performs that is both in charge of management and

A Study of Context-Awareness RBAC Model

209

treatment in context information of subject and confirming identification about subject that accessible of context-aware access control system. Also, Authorization service module provides service of assignment as dynamically about role of user through analysis of access policy and acquiring added information that is access location, access time, spatial area about context information of subject which is access of resource. And Authorization service module performs for role of access control through comparison and analysis of security policy with both user role of activated user and activated context role in present. Authentication service module performs for monitoring function of user's access control. Authentication service module acquires context information by surround sensor or device besides access information of approached subject. And then, through comparison and analysis of context information about surround environment of accessed user is in charge of pre-processing about authority level of user who wants access. And, through authorization service is in charge of function that provide to data about authority of user to access. Context knowledge model database is storing both context information which analyze to data from authorization service and resource which want approach of user, and is storing location information anywhere user could stayed in a place and context model information how we infer to context. User & Role, Constraint Policy, Context Knowledge Model represent either approval or disapproval about including request of access to transaction list and each transaction and that is storing as type of rule about approval information. Context-aware access control model is using OWL(Web Ontology Language) for collecting and analyzing context information about surround environment of user's.

4 User Profile and Context Modeling 4.1 Definition of User Profile and Context Model User profile specifies information of interest for an end user. So the profile was structured user information part and service information part. User information part was stored user’s information such as user’s name, inclination, hobby and Service information part was stored services which we were used such as service name, service provider etc. structure of user profile was follow: - User Information: User name, User ID, Personal inclination, hobby, etc - Service Information: Service Name, Service Provider, Service context, Service frequency value, etc Because profile stored how much the service information used, stored not only used service, but also information when, how, where used. Also, there are stored the information about what context used. And proposed model defines basic information, location, time, device of user by using owl in assuming hospital environment. Figure-2 show owl source code and figure-3 show appearance of source through protege from owl source code.

210

B. Jang et al.

Fig. 2. OWL Source code

Fig. 3. User information Ontology modeling attribute in Protege application

4.2 Profile Manipulation in D-PACS We assumed that the services will use this place and time next time, if service was demanded in specific location and time. So, we used the information of time, location, frequency to provide services to user more correctly and suggested D-PACS technique which using recently access time, access time, frequency of access, location value, weekend value. And the values stored in D-PACS profile. - Recently access time(t): This value stored time when service used recently, and use for finding service which not used for a long time. - Access time(a): This value have to 24 from 0, and if service was used on 1 P.M, it’s value has 13.

A Study of Context-Awareness RBAC Model

211

- Frequency of access (f): This value stored frequency of service how many user used the service. - Location value(l): This value have unique number of place where service was used. For example, if user used A service in house and office, location value of A service which used in house is 1, other is 10. - Weekend value(e): This value have to 7 from 1, if service used on Monday, weekend value is 1. Generally, people’s life pattern was repeated per week. So we use the value for analyzing service frequency of user per week. Analyze and recommend what service is fit to user based inferred context to use the information of location, time, weekend in user profile. And we find service which frequency value of service is the highest. And if requesting service is existed in service storage, we could not need the searching process. Because we are already stored the information of service in service storage, we just have only to request it from service storage, and then provide the service to user. So, we are able to reduce the searching time of request service. Predict what service is going to use based inferred context to use the information of location, time, weekend in user profile. And we find service which frequency(f(f)) of service that appeared on prediction time(j) after current time(t) is the highest 4.3 Access Control Processing Workflow in D-PACS

① User make an approach to authorization service for authority of authentication to access in resource. User utilize for application in order to access of resource. ② Authorization service call up authentication service for authorizing of authority about user in present. Authentication service is collecting context information of user's surroundings about approach of resource in present. For user's role to request of approach of resource and context-aware service that ask for context information.

③

Fig. 4. Performance architecture of context-awareness access control model(D-PACS)

212

B. Jang et al.

④ Acquired information by context information of user's surroundings transfer to authorization service module and authorization service module transmit information about receiving of acquired information to authentication service module. Acquired authorization service module by context information of user's surroundings try to access of resource that is approach to context knowledge repository for performing access control and role assignment of user. It request data of access policy and information about role-assignment of user from context knowledge repository. Authorization service is granting access authorization by access policy and role of user who want to approach of resource in present. User request to service through acquisition of access authority about assigned role. Authorization service module make request to service and authorization service module make an approach to suitable resource in level of access authority through level of authority and role by assigned resource of requiring to user. Context knowledge repository can be approached to suitable resource about level of access authority by assigned of authority, security policy and context of user in present.

⑤ ⑥ ⑦ ⑧ ⑨

5 Conclusion Meaning of Ubiquitous computing environment where is available to use for computer conveniently and naturally in common life which is without constraint of location or time. Thus, in distributed computing environment such as ubiquitous environment, user is efficiently available to use and to share of resource between user and other user. Also, we need to access control model to control that is available to access of user that is possible to access in case of sharing resource. And, for using of efficient resource that need to access control model which is able to control of approach to user without authority. Therefore, in this paper is proposed to model that have advantage of which active authorization is more possible then existing access control model as adding a function of authorization about collaborative resource control about other subject in different with RBAC and GRBAC. Proposed model, in this paper call D-PACS, will be making system of active access control that is based on suitable context-aware in ubiquitous environment. We assign to role of access authority about information resource and user to assign of suitable role. And then, we provide to service that can be available to information resource through valid access authority of user who is suitable. Also, for active access control based on contextaware, we use to context role by quantificational expression which is relationship between context information. For using information resource, we will be implementing active access control based on context-aware that is estimation of validity about acquired access control through checking satisfaction of security policy about context role in present(although user have a assigned role). And, for adapting service along to context transition, we will provide to service which must provide to user in specified context with security policy through aware of automatically about transition of context role. Acknowledgments. This work was supported by Hannam University Research Fund, 2010.

A Study of Context-Awareness RBAC Model

213

References 1. Lyytinen, K., Yoo, Y.: Issues and challenges in ubiquitous computing. Communications of the ACM 45, 62–96 (2003) 2. Schilit, B.N., Adams, N., Want, R.: Context- aware computing applications. In: Proc. IEEE Workshop on Mobile Computing Systems and Applications, pp. 85–90 (1994) 3. Potonniée, O.: A decentralized privacy- enabling TV personalization framework. In: 2nd European Conference on Interactive Television: Enhancing the Experience, euroITV 2004 (2004) 4. Klyne, G., Reynolds, F., Woodrow, C., Ohto, H., Hjelm, J., Butler, M.H., Tran, L.: Composite Capability/Preference Profiles (CC/PP): Structure and vocabularies 1.0. W3C Recommendation, W3C (2004) 5. Ferraiolo, D.F., Cugini, J.A., Kuhn, D.R.: Role-Based Access Control(RBAC): Features and Motivations. In: 11th Annual Computer Security Application Conference (November 1995) 6. Sandhu, R.S., Coyne, E.J.: Role-Based Access Control Models. IEEE Computer 20(2), 38– 47 (1996) 7. Sandhu, R.S., Ferraiolo, D., Kuhn, R.: The NIST Model for Role-Based Access Control:Towards a Unified Model Approach. In: 5th ACM Workshop on RBAC (August 2000) 8. Neumann, G., Strembeck, M.: An Approach to Engineer and Enforce Context Constraints in an RBAC Environment. In: 8th ACM Symposium on Access Control Models and Technologies (SACMAT 2003), pp. 65–79 (June 2003) 9. Covington, M.J., Moyer, M.J., Ahamad, M.: Generalized role-based access control for securing future application. In: NISSC, pp. 40–51 (October 2000) 10. Convington, M.J., Fogla, P., Zhan, Z., Ahamad, M.: Context-aware Security Architecture for Emerging Applications. In: Security Applications Conference (ACSAC) (2002) 11. Biegel, G., Vahill, V.: A Framework for Developing Mobile, Context-aware Applications. In: IEEE International Conference on Pervasive Computing and Communications (PerCom) (2004) 12. Gu, T., Pung, H.K., Zhang, D.Q.: A Middleware for Building Context-Aware Mobile Service. In: Proceedings of IEEE Vehicular Technology Conference (VTC) (2004)

Challenges and Security in Cloud Computing Hyokyung Chang and Euiin Choi∗ Dept. Of Computer Engineering, Hannam University, Daejeon, Korea [email protected], [email protected]

Abstract. People who live in this world want to solve any problems as they happen then. An IT technology called Ubiquitous computing should help the situations easier and we call a technology which makes it even better and powerful cloud computing. Cloud computing, however, is at the stage of the beginning to implement and use and it faces a lot of challenges in technical matters and security issues. This paper looks at the cloud computing security. Keywords: Cloud Computing, confidentiality and data encryption, data integrity, availability and recovery.

1 Introduction It was not long ago that Ubiquitous Computing was in the middle of the hot issue in IT industry. Ubiquitous, which means existing, found or seeming to be found everywhere at the same time, itself was good enough to attract the people today who have almost every advanced technology and service. There has been no such software/hardware to offer such services, even if there was, it would be pretty big or should be more various, it would happen to cost a lot for clients and even service providers. Cloud Computing has got close to this problem from another angle and solved it or almost done it. The core elements of Cloud Computing are ubiquity of broadband and wireless network, falling storage cost, progressive improvements in Internet computing software [3]. Cloud-service clients will be able to add more capacity at peak demand, reduce costs, experiment with new services, and remove unneeded capacity, whereas service providers will increase utilization via multiplexing, and allow for larger investments in software and hardware [3]. However, when the existing computing environment changes to cloud environment, there are some issues to be solved, the security is one of them. Cloud Computing services allocate and manage separate resource to protect data, it is general for the level of security to get higher rather than each enterprise or individual manages data directly [2]. However, there will be more damages when any accident happens, it can cause a lot problems of confidentiality of the enterprise or privacy of individual. Thus, in order to utilize Cloud Computing industry, solving security issue should be the first to go. Section 2 sees the definition of Cloud Computing, technological features and challenges, Cloud Computing security will be discussed in section 3, and conclusion and further research will be included in section 4. ∗

Corresponding author.

T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 214–217, 2010. © Springer-Verlag Berlin Heidelberg 2010

Challenges and Security in Cloud Computing

215

2 Definition of Cloud Computing, Technological Features and Challenges 2.1 Definition of Cloud Computing Gartner defines cloud computing as "a style of computing where scalable and elastic IT-related capabilities are provided 'as a service' to external customers using Internet technologies [1,6,9]." Cloud Computing refers to both the applications delivered as services over the Internet and the hardware and systems software in the datacenters that provide those services [5,8]. The service itself is called as Software as a service (SaaS), and the datacenter hardware and software is called a Cloud. When a Cloud is made available in a pay-as-you-go manner to the public, it is called a Public Cloud and the service being sold is Utility Computing. Private Cloud is referred to the internal datacenters of a business or other organization that are not made available to the public. Cloud computing is the sum of SaaS and Utility Computing, but does not include Private Clouds [5]. Figure 1 shows the roles of users and providers in Cloud Computing. The top level can be recursive. SaaS providers can be SaaS users. For instance, a mashup provider of rental maps might be a user of the Craigslist and Google maps services [5].

Fig. 1. Users and Providers of Cloud Computing

2.2 Cloud Computing Technological Features Technological features of Cloud Computing infrastructure and service includes virtualization, service-oriented software, grid computing technology, management facilities, and power efficiency. Consumers purchase such services in the form of infrastructure-as-a-service (IaaS), platform-as-a-service (PaaS), or software-as-a-service (SaaS) and sell value-added services (such as utility services) to users [3]. 2.3 Cloud Computing Challenges There are several issues that Cloud Computing faces, I reviewed what M. D. DiKaiakos et al. described in their research [3] and would like to focus on 4 of them:

216

H. Chang and E. Choi

software/hardware architecture, data management, cloud interoperability, security and privacy. For software/hardware architecture, novel systems and services exploiting a high degree of parallelism should be designed. For storage technology, hard disk drives should be replaced to hybrid hard disks augmented with flash memories, which provide reliable and high-performance data storage. For data management, data can be well stored and kept at secure location, but it can be stored at untrusted hosts as well, which creates enormous risks for data privacy. Therefore, new data managements shall be employed. For Cloud interoperability, it refers to customers' ability to use the same artifacts, such as management tools, virtual server images, and so on, with a variety of cloud computing providers and platforms. To do that, there should be new standards and interfaces which will enable enhanced portability and flexibility of virtualized applications. For security and privacy, in Cloud Computing, a datacenter holds information that end-users would more traditionally have stored on their computers. This concerns regarding user privacy protection because users must outsource their data. Furthermore, centralized services in Cloud Computing could affect the privacy and security of users' interactions. Cloud services should preserve data integrity and user privacy. There should be new protection mechanisms to secure data privacy, resource security, and content copyrights.

3 Cloud Computing Security Privacy and data security technology among Cloud Computing technologies is dealt with in this section. Chul-Soo Lim described it into 8 of categories in his paper [2] and Traian Andrei [7] also mentioned the same referring to Gartner’s [4], however, 3 of them are discussed here, which are confidentiality and data encryption, data integrity, and availability. 3.1 Confidentiality and Data Encryption So as to secure data of individuals or enterprises, encryption technology shall be offered basically. Especially, in Cloud Computing, the availability of entire system can be falling when encrypting a large volume of data, so an appropriate cipher should be used for the situation. For example, it can be considered that a stream cipher is employed instead of block cipher like DES or AES. Also when something happens to the key-stored server, it is not possible for a lot of users to access to data, there should be a study on a key management. 3.2 Data Integrity AWS S3 service down incident in July in 2008 happened because there was no checkroutine for exchanged data between servers. As we can see in this instance, it is very important to check errors in data and messages in Cloud Computing. Recently, there are weaknesses in MD5 and SHA used a lot to check integrity, NIST is promoting and developing SHA-3, a new hash algorithm [4].

Challenges and Security in Cloud Computing

217

3.3 Availability and Recovery It is very important to study on fault tolerance and data recovery technologies when there is an incident in order to prevent a service discontinuance or data loss. Examples of Cloud service discontinuance and data loss are the examples of what problems can be caused when these mechanisms not work properly. He also described some security guidelines for Cloud Computing using what Gartner says [4,10]. They are privileged user access, regulatory compliance, data location, data segregation, recovery, investigative support, and long-term viability.

4 Conclusion and Further Research Cloud Computing with Green IT concept is such an innovation not only in Internet services but also in entire IT industry. Its concept is, however, still very complicated and confusing. It also has a few issues related to SLA, security and privacy, and power efficiency. This paper described the definition of Cloud Computing, technological features, and challenges roughly and also took a close look at Cloud Computing security among challenges. Cloud Computing is still at the beginning stage, so some new types of security threats according to developing of new service models will appear. Thus, a further study on that requires continuing.

References 1. Gartner Says Cloud Computing Will Be As Influential As E-business (June 2008), http://www.gartner.com/it/page.jsp?id=707508 2. Lim, C.: Cloud Computing Security Technology. Review of KIISC 19(3), 14–17 (2009) 3. Dikaiakos, M.D., et al.: Cloud Computing Distributed Internet Computing for IT and Scientific Research. In: IEEE Internet Computing, pp. 10–13 (September/October 2009) 4. Gartner, Assessing the Security Risks of Cloud Computing (June 2008), http://www.gartner.com/Display_Document?id=685308 5. Armbrust, M., et al.: Above the Clouds: A Berkeley View of Cloud Computing. In: Technical Report No.UCB/EECS-2009-28 (2009), doi: http://www.eeec.berkeley.edu/Pubs/TechRpts/2009/ EEEC-2009-28.html 6. Cloud computing, wikipedia, http://en.wikipedia.org/wiki/Cloud_computing 7. Andrei, T.: Cloud Computing Challenges and Related Security Issues (May 2009), http://www.cs.wustl.edu/~jain/cse571-09/ftp/cloud.pdf 8. http://www.cloudtech.org/2010/07/19/ cloud-computing-%E2%80%93-the-emerging-computing-technology/ 9. Mirzaei, N.: Cloud Computing (2008), http://grids.ucs.indiana.edu/ptliupages/publications/ ReportNarimanMirzaeiJan09.pdf 10. Brodkin, J.: Gartner: Seven cloud-computing security risks, Infoword (July 2008), http://www.infoworld.com/article/08/07/02/Gartner_Seven_ cloudcomputing_security_Risks1.html

3D Viewer Platform of Cloud Clustering Management System: Google Map 3D Sung-Ja Choi and Gang-Soo Lee Hannam Univeristy, Dept. of Computer Science, Daejeon, 306-791, Korea [email protected], [email protected]

Abstract. The new management system of framework for cloud envrionemnt is needed by the platfrom of convergence according to computing environments of changes. A ISV and small business model is hard to adapt management system of platform which is offered from super business. This article suggest the clustering management system of cloud computing envirionments for ISV and a man of enterprise in small business model. It applies the 3D viewer adapt from map3D & earth of google. It is called 3DV_CCMS as expand the CCMS[1]. Keywords: 3D Viewer, MAP 3D, Cloud, Clustering, RIA.

1 Introduction Cloud service provide individual of computing resource by using the third infra. It is similar to clouds and the customer is freely to use the third infra as own computer. The used amount is paid. It is the type of service in distributed computing environments[3][4]. For this, the provider of cloud computing must support that the sever of cluster is able to work with directly connected IT resource and advancement of virtualization technique. Also, Cloud service has serious issues as halt, troubles, secret outflow, compatible of problem and so on when worked on cloud service[2]. There SLA&QoS can not be empasizeed its importance too much. Meanwhile, Meanwhile, the management of clustering depends on the management systems of existing hardware supplier as HP, IBM and so on. So, ISV & a small business model of cloud service supplier is dificult to make the server construction because of confustion of existing platform. It makes to difficult efficient management and security. This article suggests new framework of cloud clustering management system and business mode for cross platform. It applies as RIA & AIR provide the 3D viewer with Googl map 3D for clustering management system. It called 3DV_CCMS which is upgrading of CCMS.

2 Related Researches We research various map API for 3D supporting viewer. It actively support applicable map API to support clustering zone for cluster management mash up service. T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 218–222, 2010. © Springer-Verlag Berlin Heidelberg 2010

3D Viewer Platform of Cloud Clustering Management System: Google Map 3D

219

ESRI ArcGIS Esri offers to build and deploy GIS applications on multiple platforms. So, it publishes and consumes GIS Web services using REST or SOAP and creates simple maps from your enterprise data. Also, it gets sample code, configurable templates, online data, and more to help you develop useful GIS applications.[5]

Google Earth & Maps Google Maps (formerly Google Local) is a web mapping service application and technology provided by Google free for non-commercial use that powers many mapbased services, including the Google Maps website, Google Ride Finder, Google Transit, and maps embedded on third-party websites via the Google Maps API. It offers street maps, a route planner for traveling by foot, car, or public transport and for an urban business locator for numerous countries around the world. According to one of its creators (Lars Rasmussen), Google Maps is "a way of organizing the world's information geographically"[7]. Google earth is virtual globe, map and geographic information program. It maps the Earth by the superimposition of images obtained from satellite imagery, aerial photography and GIS 3D globe. Google Earth is also available as a browser plug in. It was also made available for mobile viewers on iPhone & android [6].

Yahoo Maps Yahoo Maps API offers three ways to integrate maps into a website - a simple RESTbased API for map images, an Ajax JavaScript API, and a Flash API. This summary refers to the AJAX API which is closest to Google and Microsoft models [8].

3 3DV_CCMS We had suggested platform of cloud clustering management which had called CCMS. It had cloud clustering server for RIA environments, AIR client node for cross platforms, and android mobile node for manager. However, it had needed accessibility, visibility, expanding of service environments, So we suggest the server framework called 3DV_CCMS. It provides 3D viewer as adapting Google map 3D for considering above items. Preexistence functions of CCMS have monitor the collector, performance chart, event log viewer, real-time viewer, auto recovery management failures and the viewer, reporting and alarm viewer. It provides clustering management information to management. The following items are resource of management. Total list have 14 items of management resource, but Table 1 is omitted. Also, CCMS is added the following functions for 3D viewer of supporting. 3D navigation function supports to the clustering zone of 3D graph. It is possible to know the total clustering zone. So, it is upgrading on visibility of cluster management system. Cluster zone view confirms map of clustering node divided clustering zone.

220

S.-J. Choi and G.-S. Lee

Fig. 1. The platform of 3DV_CCMS Table 1. Resource of management list resource free top watch ……… iostat

explain Show the statics of used & free memory Show the statics CPU and check process-level statistics output custom programs as full-screen periodically …………… omission……………………. Check CPU and I / O statistics.

Clustering node view shows the structure of clustering node and XML data of clustering zone & node as grid component. CCMS Interface module call following functions as performance chart, the real time view, and the report function and so on through CCMS interface link module.

3D Viewer Platform of Cloud Clustering Management System: Google Map 3D

221

4 Implementations The RIA platform offers user to benefits as getting the most out of rich resources. The server platform of clustering management system is constructed by applying RIA platform of Adobe, also, it have interface Google map 3D. It is possible to work easily, access fast and view clustering node information.

Fig. 2. The 3D viewer of clustering node zone

This shows a figure of 3D viewer as information of clustering node zone. Using the Google map key is possible with Flex interface. Also, execution screen move 3D angle according to movement of mouse. Red icon shows the active clustering node zone. Gray icon shows the non-active clustering node which has failure clustering node. By clicking the colored icon, it shows the detailed cluster node of information.

Fig. 3. The interface of CCMS

222

S.-J. Choi and G.-S. Lee

Clustering node zone of information has AIR client cluster nodes. This figure shows the monitoring screen of cluster management information in the real-time. It has simulated on the VMware7.x with Linux server.

5 Analysis and Conclusions 3DV_CCMS suggests the platform of clustering management system in clouding computing environments. It use the Google of map 3D and RIA platform. Although the latest research of 3D & cloud is very active, but a management system for a man of enterprise of small business model is nonexistent. Also a management system which is applying 3D is difficult to find. The 3DV_CCMS of platform is able to apply a various business model and guarantee accessibility, visibility and scalability. Henceforward, the our researches need a existing cluster management system mapping for considering cross platform of environments, also, the researches of 3D engine based on open source will study continually.

References 1.

2. 3. 4. 5. 6. 7. 8.

Choi, S.-J., Lee, G.-s.: CCMS: A Cloud Clustering Management System for AIR & Android environments. In: International Conference on Convergence & Hybrid Information Technology 2010, pp. 18–21 (2010) Methods of Improving the Legal System to Promote Cloud Computing, NIPA (2010) Jiao, Simpson, Siddique, Product family design and platform-based product development: a state-of-art review. J. Intell. Msnuf. (2007) Gartner, Forest: Sizing the Cloud; Understanding the Opportunities in Cloud Service (2009) http://www.esri.com/getting-started/developers/index.html http://en.wikipedia.org/wiki/Google_Earth http://en.wikipedia.org/wiki/Google_Maps http://www.programmableweb.com/api/yahoo-maps

Output Current-Voltage Characteristic of a Solar Concentrator Dong-Gyu Jeong1, Do-Sun Song2, and Young-Hun Lee3 1

Dept. of Electrical and Electronic Eng., Woosuk University, Samnye-up Wanju-gun, Jaollabuk-do, 565-701, Korea Tel.: + 82-63-290-1449; Fax: +82-63-290-1447 [email protected] 2 Dept. of Eng., Woosong Information College, #226-2, Jayang-dong, Dong-gu, Daejeon, 300-71, Korea Tel.: +82-42-629-6381 [email protected] 3 Dept. of Electronic Eng., Hannam University, 133 Ojeong-dong, Daedeok-gu, Daejon, 306-791, Korea Tel.: +82-42-629-7565 [email protected]

Abstract. Solar concentrators have received much attention in their potential applications. In solar concentrators the generated current is directly affected by hourly- daily variation factor and the number of suns. In this paper the output current-voltage characteristic of a solar concentrator is derived. The derivation is based on a simplified circuit model for a solar cell. Computer simulation results show that the open circuit voltage of the concentrator at output terminals increases logarithmically with the number of suns and the variation factor, and the maximum output power of solar concentrator rapidly increases with number of suns. Keywords: Solar Concentrator, Output current-voltage characteristic, Open circuit voltage, Number of suns, Variation factor of sunlight intensity.

1 Introduction A solar concentrator is designed to operate under illumination greater than 1 sun. The incident sunlight on solar concentrator is focused or guided by optical elements such that high intensity sunlight beam concentrates on a small solar cell area. Due to the concentrated sunlight the concentrator has several potential advantages, which include the possibility of lower cost and higher efficiency potential than one sun solar cell. Recently solar concentrators in space have received growing attention in view of reduced solar array cost. Many types of solar concentrators have developed for space flights[1,2,3,4]. In some systems, the concentrators are used to focus the sunlight on the receiving area, which is the surface of solar cell[2,4]. And the concentrators in other systems are used to heat the molecular weight gas to a solar recket[1]. T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 223–226, 2010. © Springer-Verlag Berlin Heidelberg 2010

224

D.-G. Jeong, D.-S. Song, and Y.-H. Lee

However, in this paper the output current-voltage characteristic of a solar concentrator based on a simplified circuit model for a photovoltaic solar cell is derived. In the simplified model the load current through a solar cell is calculated. And then the open circuit voltage of a solar concentrator under consideration of sunlight intensity variation and number of suns is derived. Finally the maximum output power of solar concentrator is also shown in followed figure.

2 Simplified Model of a Solar Cell A simplified equivalent circuit model of a photovoltaic solar cell becomes analytically manageable if the series resistance Rs and shunt resistance Rsh effects are negligible. i.e if Rs =0 and Rshȥ’ . With this simplified model, the output current I passing through load is equal to I = Ig ėIo(eqV/nkT- 1) = Ig ėIo(eqV/kT - 1)

for n=1,

(1)

where the Io represents revere saturation current of a diode and Ig does the generated current of the solar cell. Generally the n has a value between 1 and 2, which depends upon their defect levels. Currently advanced technologies make it possible to reduce the defect levels to obtain n close to 1. For the simplicity, we assume that the diode has very low defects and n being 1. The short circuit current Isc for the diode in solar cells occurs when the voltage V equals 0 volt: Isc = I(V=0) = Ig = Imax for forward bias power quadrant.

(2)

For an ideal cell the maximum current value Imas through the load is the total current produced in a solar cell by photon excitation. And thus the Isc is equal to the generated current Ig. The generated current Ig(or Isc) depends upon the intensity of incident sunlight. The open circuit voltage Voc at the solar cell output occurs when there is no current through the load, and thus it can be approximated by Voc = V(I=0) = (kT/q)ln(Isc/Io+1) for forward bias power quadrant. Ą (kT/q)ln(Isc/Io) for

Isc › Io .

(3)

3 Current-Voltage Characteristic of a Solar Concentrator It is well known that the voltage of a solar cell does not depend upon its size and remains fairly constant with changing sunlight intensity. However the current in the cell is almost directly proportional to sunlight intensity. There are several kinds of factors to affect on the incident sunlight intensity in solar concentrators. One of the factors is hourly-daily variation factor η. The hourlydaily variation factor η of the incident sunlight could be set between 0 ~ 1[5]. And we also consider that a solar concentrator has M suns. On the consideration of the variation factor η and number of suns M, the generated current Ig in Eq.(1) must be

Output Current-Voltage Characteristic of a Solar Concentrator

225

changed by ƅMIsc . The output current I of the solar concentrator in Eq.(1) also must be changed by (4) I = ƅMIsc - Io(eqV/kT – 1). The open circuit voltage V´oc in Eq. (3) must be also changed by Voc: Voc = (kT/q)ln(ƅMIsc/Io) = Voc + (kT/q)ln(ƅM)

(5)

The open circuit voltage Voc of a concentrator increases logarithmically with the number of suns M multiplied by the variational factor ƅ.

4 Simulation Results The computer simulations for the output current-voltage and the power of a solar concentrator are carried out to certify the effects of number of suns M. For simplicity we assume that the temperature T of the solar cell maintains constant value. Generally single junction silicon solar cells produce approximately 0.5 ~ 0.6 volt of Voc at room temperature. We also assume that the Voc is 0.6 volt, the variation factor is 1, and Isc at 1 sun is 18 mA/cm2. Fig. 1 shows the output current as a function of output terminal voltage V, and Fig. 2 does the output power as a function of output terminal voltage V. The solid line, dotted line, and solid-dotted line in both figures represent the current-voltage of the concentrator at 1, 5, 10 suns respectively.

Fig. 1. Current-voltage characteristic of a solar concentrator

Fig. 2. Power characteristic of a solar concentrator

In Fig. 1 the output current I over the range 0 ~ Vmax increases linearly with number of suns M, where Vmax represents the voltage when the concentrator has maximum power. In other hands the open circuit voltage Voc of the concentrator increases logarithmically with the number of suns M, where the Voc is in the range marked as . And the maximum output power in Fig. 2 is rapidly increased with number of suns M, where the maximum power point is on slash line.

226

D.-G. Jeong, D.-S. Song, and Y.-H. Lee

5 Conclusion In this paper the output current-voltage characteristic of a solar concentrator are derived. Incident sunlight intensity suffers hourly and daily variation. And in solar concentrator the generated current is directly affected by the number of suns M. The open circuit voltage of the concentrator at output terminals increases logarithmically with the number of suns M multiplied by sunlight-variation factor η, and the maximum output power of solar concentrator is rapidly increased with number of suns M. The derived output characteristics of a solar concentrator can be usefully applied to the design of solar power systems.

Acknowledgments This paper was financially supported by The Small and Medium Business Administration in Korea as the name of ‘The 2010 SanHak Consortium’.

References [1] [2] [3] [4] [5]

Grossman, G., Williams, G.: Inflatable Concentrators for Solar Propulsion and Dynamic Spsce Power. J. of Solar Energy Engineering 122, 229–236 (1990) Eskenazi, M.: Design, Analysis & Testing the Cellsaver Concentrator for Spacecraft Solar Arrays Stribling, R.: Hughes 702 Concentrator Solar Array. In: 28th IEEE PVSC, pp. 25–29 (2000) Ralph, E.L., et al.: G-STAR Space Solar Array Desigh. In: 28th IEEE PVSC (September 2000) Gillette, G., Pierpoint, W., Treado, S.: A general illuminance model for daylight availability. J. of IES, 380 – 340 (1984)

Efficient Thread Labeling for Monitoring Programs with Nested Parallelism Ok-Kyoon Ha1 , Sun-Sook Kim2 , and Yong-Kee Jun1, 1

2

Department of Informatics, Specialized Graduate School for Aerospace Engineering, Gyeongsang National University, Jinju 660-701, South Korea [email protected], [email protected], [email protected]

Abstract. It is difficult and cumbersome to detect data races occurred in an execution of parallel programs. Any on-the-fly race detection techniques using Lamport’s happened-before relation needs a thread labeling scheme for generating unique identifiers which maintain logical concurrency information for the parallel threads. NR labeling is an efficient thread labeling scheme for the fork-join program model with nested parallelism, because its efficiency depends only on the nesting depth for every fork and join operation. This paper presents an improved NR labeling, called e-NR labeling, in which every thread generates its label by inheriting the pointer to its ancestor list from the parent threads or by updating the pointer in a constant amount of time and space. This labeling is more efficient than the NR labeling, because its efficiency does not depend on the nesting depth for every fork and join operation. Some experiments were performed with OpenMP programs having nesting depths of three or four and maximum parallelisms varying from 10,000 to 1,000,000. The results show that e-NR is 5 times faster than NR labeling and 4.3 times faster than OS labeling in the average time for creating and maintaining the thread labels. In average space required for labeling, it is 3.5 times smaller than NR labeling and 3 times smaller than OS labeling. Keywords: thread labeling, happened-before relation, logical concurrency, data races, parallel programs, nested parallelism, NR labeling.

1

Introduction

Data races [3,9] in parallel programs [13] is a kind of concurrency bugs that occurr when two parallel threads access a shared memory location without proper 



“This research was supported by the MKE(The Ministry of Knowledge Economy), Korea, under the ITRC(Information Technology Research Center) support program supervised by the NIPA(National IT Industry Promotion Agency)” (NIPA-2010(C1090-1031-0007)). Corresponding author: In Gyeongsang National University, he is also involved in the Research Institute of Computer and Information Communication (RICIC).

T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 227–237, 2010. c Springer-Verlag Berlin Heidelberg 2010 

228

O.-K. Ha, S.-S. Kim, and Y.-K. Jun

inter-thread coordination and at least one of these accesses is a write. The races must be detected for debugging, because they may lead to unpredictable results. However, it is difficult and cumbersome to detect data races in an execution of a parallel program. Any on-the-fly race detection [5,8] techniques needs a representation of the Lamport’s happened-before relation [7] for generating unique identifiers which maintain logical concurrency information for parallel threads. NR labeling [6,11] which is an efficient thread labeling scheme supports the fork-join program model with nested parallelism and generates concurrency information using nest regions for nesting threads. The efficiency of NR labeling depends only on the nesting depth N of a parallel program, because it creates and maintains a list of ancestors information for a thread on every fork and join operation. Thus, NR labeling requires O(N ) time complexity for creating and maintaining thread labels, and the storage space for the concurrency information is O(V + N T ) in worst case, where V is the number of shared variables in the parallel program. This paper presents an improved NR labeling, called e-NR labeling, which does not depend on the nesting depth of a parallel program. Thus, it requires a constant amount of time and space complexity. The basic idea is to use a pointer for a thread label to refer to its ancestor list by inheritance or update. For the reference, we change the list of a thread label into a pointer which points on the ancestor list of each created thread. The storage space for the concurrency information is O(V + T ), and the time to generate a unique identifier for each thread is O(1) in the worst case. Some experiments were performed on OpenMP programs with nesting depths three or four and maximum parallelisms varying from 10,000 to 1,000,000. The results show that e-NR is 5 times faster than NR labeling and 4.3 times faster than OS labeling in the average time for creating and maintaining the thread labels. In average space required for labeling, it is 3.5 times smaller than NR labeling and 3 times smaller than OS labeling. This paper is organized as follows. Section 2 illustrates the notion of nested parallel programs and our motivation. Section 3 presents e-NR labeling for the programs with nested parallelism. In Section 4, we analyze the efficiency of the labeling scheme used for on-the-fly race detection in synthetic programs. In the last section, we conclude the paper and present the future work.

2

Background

Parallel or multi-threaded programming is a natural consequence of the fact that multi-processor and multi-core systems are already ubiquitous. This section illustrates the notion of nested loops and introduces our motivation which generates thread concurrency information in parallel programs. 2.1

Parallel Loop Programs

OpenMP [10,12] is a typical model for scalable and portable parallel programs. It employs the simple fork-join execution model that makes the program efficiently

Efficient Thread Labeling for Monitoring Programs with Nested Parallelism #pragma omp parallel for private( i ) for (i = 1; i <= 2; i++) { do something if (i % 2 == 0) { #pragma omp parallel for private( j ) for ( j = 1; j <= i; j++) {

5 5

5 5

5

do something } #pragma omp parallel for private( j ) for ( j = 1; j <= i; j++) { #pragma omp parallel for private( k ) for ( k = 1; k <= j; k++) {

5 5

5 5

do something

}

5 5

} }

229

5 5

}

Fig. 1. A Nested Parallel Loop and its POEG

with lower overhead for parallel execution. Parallel programs using OpenMP contain loop level parallelism which uses fork-join execution of threads. Any loop in the program may contain one or more other loops in their body, called nested loops. This paper considers nested parallel loops without inter-thread coordination in the OpenMP programs. In a nested parallel loop L, the loop is called an inner-most loop if there is no other loop contained in the loop’s body. Otherwise, it is called an outer loop. An individual loop can be enclosed by many outer loops in L. The nesting level of an individual loop is equal to one plus the number of the enclosing outer loops. The nesting depth of L is the maximum nesting level of loops in L. In a one-way nested loop of depth N , there is exactly one loop at each nesting level i, (i = 1, 2, . . . , N ). A loop is multi-way or m-way nested if there exist m disjoint loops in a nesting level, (m ≥ 1). For example, Fig. 1 shows a two-way nested loop of nesting depth three. If we remove the loop indexed by j in the figure, the program becomes a one-way nested loop of nesting depth three. Let Ii denotes the loop index of a loop Li , li and Ui denote the lower and upper bound of Ii respectively, and ai denotes the increment of Ii . A loop Li is normalized if the values of both li and ai are one. ai is optional when it is equal to one. To make our presentation simple, we assume that all parallel loops are normalized loops. Fig. 1 shows a normalized loop with index j for which the lower bound is one, the upper bound is i, and the increment is one. The graph in Fig. 1 represents an execution of the program shown in the figure through a directed acyclic graph called POEG (Partial Order Execution Graph). In this graph, a vertex means a fork or a join operation for parallel threads and an arc started from a vertex represents a thread started from the

230

O.-K. Ha, S.-S. Kim, and Y.-K. Jun

vertex. Using such a graph, we can easily figure out happened-before relation between any pair of threads. For example, the POEG in Fig. 1 shows a partial order on the threads in an execution instance of the two-way nested loop. Data races [3,9] in parallel programs are a kind of concurrency bugs that may occur when two parallel threads access a shared memory location without proper inter-thread coordination, and at least one of the accesses is a write. The parallel program may not have the same execution order with the same input, because thread execution order is timing-dependent. It is difficult for programmer to figure out when the program runs into a race. Unpredictable and mysterious results due to data races may be reported to the programmer, thus the races must be detected for debugging. 2.2

Motivation

Lamport defined the notion of happened-before relation [7]. The definition is applied to a partial ordering of threads that make up an execution instance of a parallel program. This definition is the following: – If a thread Ti happened at an ealier time than a thread Tj , Ti happened before Tj , denoted by Ti → Tj . – Otherwise, a thread Ti is concurrent with the thread Tj , denoted by Ti  Tj . Happened-before relation analysis reports races in a monitored program using a race detection protocol [8] which determines the logical concurrency between the current thread and the previous conflicting threads. For generating the concurrency information, the variations of vector timestamps [1,2,4,6,8] are presented to be used in the happened-before relation analysis. NR labeling [6,11] generates a unique identifier for every thread during the monitored execution of a parallel program. The labeling supports program model with nested parallelism and provides a constant-size label for detecting races. This labeling generates concurrency information using nest regions for nesting threads, so that the complexity does not depend on the maximum parallelism of programs. Because the labeling maintains an ordered list of ancestors information for each thread, a binary search method can be employed for the comparison of concurrency information. The efficiency of NR labeling depends only on the nesting depth N of the monitored parallel program. Thus, NR labeling requires O(N ) time and space complexity for creating and maintaining thread labels. In this paper, we present an improved NR labeling, called e-NR labeling, which does not depend on the nesting depth of a parallel program. Our approach focused on improving the list of ancestors information, called one-way hsitory OH. The basic idea is to use a pointer for each thread label to refer to the OH of its parent threads by inheritance or update. Thus, e-NR labeling provides a constant amount of time and space complexity for creating and maintaining thread labels.

Efficient Thread Labeling for Monitoring Programs with Nested Parallelism

3

231

Improved NR Labeling

The e-NR labeling consists of two main components: the one-way region OR and the one-way history OH. In this section, we present the one-way region which gives unique identifier to concurrent threads using the nest region and join counter. We also describe how our approach applied to the OH, and makes e-NR labeling efficiently for nested parallel programs. 3.1

One-Way Region

The one-way region OR of a thread is a pair of a join counter λ and a nest region α, β, denoted by [λ, α, β] altogether. The join counter λ is the number of the joined ancestors of the thread in the critical path from the initial thread. The nest region consists of two integers α, β which mean a range of number space which has been divided by thread fork operations and concatenated by thread join operations. This one-way region can be used as thread identifier. Fig. 2 shows an example of e-NR labeling for one-way nested loop programs. The nest region of the initial thread T0 is 1, 50 just for readability, although it is initialized with 1, maxint in general where maxint is the maximum interger that can be represented in a machine. Because T0 is assumed to be a joined thread, its joined counter λ0 is one and then OR0 becomes [1, 1, 50]. The initial nest region is divided into two regions for the two child threads: 1, 25 and 26, 50. The forked threads T1 and T2 copy the value of their λ from T0 . When a join operation occurs, the value of λ of the current OR is only changed to the maximum number of joined ancestors until the current thread. For example, OR8 of the joined thread T8 is [3, 26, 50]. The nest region of T8 is inherited from a previous thread in the same level under the same loop index. The join counter of T8 is three, because its maximum joined critical path is T0 → T 7 → T 8 . 5 5

[1,<1,50>]

5

[1,<1,25>]

[1,<26,50>]

5

5

[1,<38,50>]

5

5

[1,<26,37>]

[1,<38,43>]

5

[1,<44,50>]

5 [2,<38,50>]

[3,<26,50>]

5

[4,<1,50>]

Fig. 2. Example of One-way Regions for a Nested Parallel Loop

232

O.-K. Ha, S.-S. Kim, and Y.-K. Jun

Definition 1. Any labeled thread Ti has a nest region αi , βi , denoted by N R(Ti ). If there exists two labeled threads Ti and Tj , N R(Ti )  N R(Tj ) ≡ (αi ≤ βj ∧ αj ≤ βi ) N R(Ti ) ≷ N R(Tj ) ≡ (βi < αj ∨ βj < αi ). N R(Ti )  N R(Tj ) means that N R(Ti ) overlaps with N R(Tj ). N R(Ti ) ≷ N R(Tj ) means that N R(Ti ) does not overlap with N R(Tj ). In Fig. 2, for example, it satisfies N R(T2 )  N R(T7 ) and N R(T3 ) ≷ N R(T7 ). We can see that any two threads are placed in the happened-before relation if they satisfy the overlaped relation. Lemma 1. Given two labeled threads Ti and Tj (i ≤ j), Ti → Tj implies N R(Ti)  N R(Tj ). Theorem 1. Given two labeled threads Ti and Tj , Ti  Tj is equivalent to N R(Ti ) ≷ N R(Tj ). 3.2

Multi-Way Labeling

The one-way history OH of a thread is an ordered list of the joined ancestors information of the thread which are represented by their one-way regions, and also is an ascending order of their join counters. A multi-way loop can have a joined thread which happens before forked threads. The joined ancestors of a joined thread Ti are the joined threads at an ealier time than Ti . A one-way root of Ti is the most recent joined ancestor of Ti in each loop level. In Fig. 1, a [1,1,<1,50>] *[1] 5 [1,1,<26,50>] **[1]

5 5 [1,1,<1,25>] **[1]

5

5 [1,1,<26,37>] **[1]

[1,1,<38,50>] **[1]

5

[2,2,<26,50>] *[1,2] [2,2,<38,50>]

5 **[1,2]

5 [2,2,<26,37>] **[1,2]

5

5 [2,2,<38,43>] **[1,2]

[2,2,<44,50>] **[1,2]

OH List

5 [3,3,<38,50>] *[1,2,3]

5 [2,4,<38,50>] 5

[1,5,<1,50>] *[1]

*[1,2]

addr One-way Rigion 1

[5,<1,50>]

2

[4,<26,50>]

3

[3,<38,50>]

Fig. 3. Example of e-NR for Program in Fig. 1

Efficient Thread Labeling for Monitoring Programs with Nested Parallelism 0 e-NR Init() 1 α, β := 1, maxint; 2 λ := 1; 3 OH(1) := [λ, α, β]; 4 ρ := Loc(OH(1)); 5 ξ := 1; 6 End e-NR Init 0 e-NR Join() 1 λ := λ + 1; 2 ξ := ξ + 1; 3 OH add(OHp (a), [λ, α, β]); 4 ρ := Loc(OH(1)); 5 λp := max{λp , λ}; 6 End e-NR Join

233

0 e-NR Fork() 1 stride := (βp − αp + 1)/U ; 2 α := αp + (I − 1) × stride; 3 if (I < U ) then 4 β := α + stride − 1; 5 else β := βp 6 endif 7 λ := λp ; 8 ρ := ρp ; 9 ξ := ξp ; 10 λ := λ; 11 End e-NR Fork

Fig. 4. e-NR Labeling Algorithms

joined thread T9 has one-way root T5 , because the joined thread T5 is the most recent joined ancestor of T9 among its two joined ancestors T0 and T5 . e-NR labeling is designed using only one OH-list which maintains one-way roots for all thread labels. For each OH of a thread label called thread OH, this labeling uses a pointer which refers to a selective list from the OH-list. Fig. 3 shows an example of e-NR labeling using OH-list and pointers for the program shown in Fig. 1. In this figure, the symbol “∗” means a OH of joined thread to reference entries of OH-list, and the symbol “∗∗” means that forked threads only refer to the thread OH of their one-way root. For the OH of a thread label, e-NR labeling uses the one-way root counter ξ in the OR of the thread, denoted by [ξ, λ, α, β]. Thus, a joined thread Ti has a label that consists of OR(Ti ) and OH(Ti ), denoted by OR(Ti ) ∗ OH(Ti ). Similarly, a forked thread Tj has a label denoted by OR(Tj ) ∗ ∗OH(Tj ). Labeling threads in a multi-way nested loop, called multi-way labeling or eNR labeling, require thread fork and join operations. We use three algorithms for e-NR labeling shown in Fig. 4: e-NR Init(), e-NR Fork(), and e-NR Join(). In the algorithms, each data structure with a subscript p such as αp represents the corresponding data structure of the ancestor thread which forked the current thread. The pointer variable ρ is for the thread OH which refers to the OH-list. The counter variable λ is a mirror variable which is locally shared by the sibling of the current thread to help maintain λ in the thread. The function OH add() in e-NR Join() manages the OH-list. If the OR(Ti ) of a joined thread Ti already exists in the OH-list, the λ of the one-way root is changed to λi . Otherwise, the OR(Ti ) is added as new one-way root in the OH-list. Property 1. Given two threads Ti and Tj (i < j), the one-way root Tx of Tj for comparing with Ti is an ancestor thread which has the smallest join counter in the OH(Tj ) such that the join counter λx is greater than join counter λi .

234

O.-K. Ha, S.-S. Kim, and Y.-K. Jun

For example, consider two threads T3 and T10 in Fig. 3. Thread T5 is the one-way root of T10 and its OR is the second entry of OH(T10 ). Note that the λ3 is smaller than λ10 . Now, we can efficiently compare logical concurrency information of any two threads in a nested parallel program using e-NR labeling. Lemma 2. Given three threads Tx , Ti , and Tj if Tx is one-way root of Tj and λi < λj , Ti → Tj implies ⎧ ⎨ N R(Ti )  N R(Tx ) if λi < λx ≤ λj N R(Ti )  N R(Tj ) if λi = λj ⎩ f alse otherwise Theorem 2. Given three threads Tx , Ti , and Tj if Tx is one-way root of Tj and λi < λj , Ti  Tj is equivalent to ⎧ ⎨ N R(Ti ) ≷ N R(Tx ) if λi < λx ≤ λj N R(Ti ) ≷ N R(Tj ) if λi = λj ⎩ true otherwise

4

Experimental Results

In this section, we evaluate the efficiency of e-NR labeling with others such as the original NR labeling and OS labeling, and analyze the experimental results of the efficiency for labeling and on-the-fly race detection. 4.1

Experimentation

To evaluate the efficiency of e-NR labeling, our experiments are carried on a system with two Intel Quard-core CPUs and 8GB of memory under the Ubuntu Linux operating system. We installed gcc 4.4.3 for OpenMP 3.0 on the system. e-NR labeling is implemented as run-time libraries written in C language to be inserted into the target program. Then, we compiled and executed the instrumented program for the labeling and race detection. We performed the following two steps for comparing the efficiency: labeling overhead and race detection overhead. We use the original NR labeling and OS labeling [8] for the comparision with the e-NR labeling, because it is well known that both two labeling schemes are effective for fork-join parallel programs with nested parallelism. Thus, we also implemented two labeling schemes with runtime libraries which are used to instrument OpenMP programs. For on-the-fly race detection with the three labeling schemes, we employ Mellor-Crummey’s protocol [8], because the protocol exploits a simple technique to compare any two threads, called left-of relation, and requires small overhead for detecting races during an execution of a parallel program. To evaluate the efficiency of the three labeling schemes, we developed a set of synthetic programs considering nesting depth of 3 or 4, maximum parallelisms varying from 10,000 to 1,000,000, and multi-way loops.

Efficient Thread Labeling for Monitoring Programs with Nested Parallelism Max. parallelism Programs OS Labeling E-30 NR Labeling e-NR Labeling OS Labeling E-31 NR Labeling e-NR Labeling OS Labeling E-40 NR Labeling e-NR Labeling OS Labeling E-41 NR Labeling e-NR Labeling

User 0.65 0.76 0.44 0.83 0.93 0.71 0.87 0.76 0.48 0.63 0.72 0.46

10,000 Sys 0.01 0.08 0.01 0.16 0.18 0.01 0.04 0.04 0.01 0.06 0.50 0.01

100,000 User Sys 1.22 0.80 1.67 5.51 0.56 0.03 2.35 10.32 2.65 11.28 1.62 2.68 1.03 1.04 0.93 0.95 0.63 0.06 1.07 1.06 1.06 1.01 0.77 0.05

235

1,000,000 User Sys 6.57 13.39 4.57 36.66 1.08 0.44 17.33 96.37 18.27 98.49 7.96 15.06 6.39 18.81 7.27 19.69 1.48 1.57 13.81 58.33 14.49 62.51 9.67 12.51

Fig. 5. Results for the Efficiency of Three Labeling Schemes

4.2

Analysis

The efficiency of the three labeling schemes, depends on three parameters: V for the number of monitored shared variables, T for the maximum parallelism, and N for the nesting depth of the monitored program. When a fork or join operation occured, the time complexity to generate and maintain a thread label is O(1) for e-NR labeling since it assigns a label that consists of a one-way region of size O(1) and a pointer to one-way history of size O(1). However, NR labeling consumes O(N ) time in the worst case, because it generates a label that consists of a one-way region of size O(1) and a one-way history of size O(N ). OS labeling also consumes O(N ) time for maintaining thread labels in the worst case. These labeling are effective for maintaining the concurrency information during race detection, and then make the efficiencies dependent on the size of thread labels. The space complexity for NR labeling is O(V + N T ) in worst case. To maintain the concurrency information for all shared variables, the required space is O(N T ). To store constant-sized labels of simultaneously active threads, the space depends on the nesting depth and the maximum parallelism. By OS labeling, the space complexity is O(V N ) in the worst case, since concurrent information for logical threads requires the space of O(N ). The space complexity by e-NR labeling is O(V + T ), because it does not depend on nesting depth N . We evaluate the efficiency of e-NR labeling by analyzing the time and space overhead. Fig. 5 shows the result of measurement of the required time for labeling with the synthesized programs. The results show that e-NR labeling is 5 times faster than NR labeling and 4.3 times faster than OS labeling in the average time for creating and maintaining thread labels. Fig. 6 shows that the results of measurement of the time and space overhead for on-the-fly race detection using the three labeling schemes. Fig. 6(a) compares the time overhead of the three labeling Schemes, the slowdown of e-NR labeling is about only 13% in average case, but NR labeling and OS labeling slowdown about 32% and 27% respectively. In Fig. 6(b), the space overhead of NR labeling and OS labeling increases

O.-K. Ha, S.-S. Kim, and Y.-K. Jun

60

OS Labeling NR Labeling e-NR Labeling

50 40 30 20

80

OS Labeling NR Labeling e-NR Labeling

70 60 50 40 30 20

10 0

Memory Overhead (100M)

Runtime Overhead (%)

236

10 E-30

E-31

E-40

(a) Time Overhead

E-41 Synthetics

0

10K

50K

100K

500K 1000K Maximum Parallelism

(b) Space Overhead

Fig. 6. Results for the Efficiency of Race Detection

dramatically, because increamenting the maximum parallelism affects the nesting depth. However, e-NR labeling shows small space overhead for on-the-fly race detection. In average, the space required for labeling is 3.5 times smaller than NR labeling and 3 times smaller than OS labeling. Thus, the efficiency of e-NR labeling makes on-the-fly race detection more practical.

5

Conclusion

Data races in parallel programs occur when two parallel threads access a shared memory location without proper inter-thread coordination and at least one of these accesses is a write. Race detection is important for the debugging of parallel programs, but it is difficult and cumbersome. Any on-the-fly race detection techniques using Lamport’s happened-before relation needs a thread labeling scheme for generating unique identifiers which maintain logical concurrency information on the parallel threads. This paper presents e-NR labeling which has a time and space complexity of O(1) for creating and updating parallel thread labels. e-NR labeling improves NR labeling which is an efficient labeling scheme for the fork-join program model with nested parallelism. Because e-NR labeling removes the dependency on the nesting depth N of the previous labeling, the labeling requires a constant amount of time and space complexity. Empirical comparision were performed on OpenMP synthetic programs which have nesting depths of three or four and maximum parallelisms between 10,000 and 1,000,000. The results show that eNR is 5 times faster than NR labeling and 4.3 times faster than OS labeling for creating and maintaining in thread labels. In average, the space required for labeling is 3.5 times smaller than NR labeling and 3 times smaller than OS labeling. This improvement makes on-the-fly race detection technique more practical. It guarantees moderate enough time and space overhead for large parallel programs. Future work includes additional improvement of e-NR to compare the

Efficient Thread Labeling for Monitoring Programs with Nested Parallelism

237

concurrency of parallel threads in a constant amount of time and extending it to handle more general execution models with inter-thread coordinations.

References 1. Audenaert, K.: Clock Tree: Logical Clocks for programs with Nested Parallelism. IEEE Transactions on Software Engineering 23(10), 646–658 (1997) 2. Baldoni, R., Raynal, M.: Fundamentals of Distributed Computing: A Practical Tour of Vector Clock Systems. IEEE Distributed Systems Online 3(2) (2002) 3. Banerjee, U., Bliss, B., Ma, Z., Petersen, P.: A Theory of Data Race Detection. In: The 2006 Workshop on Parallel and Distributed Systems: Testing, Analysis, and Debugging (PADTAD), pp. 69–78. ACM Press, New York (2006) 4. Fidge, C.J.: Logical Time in distributed Computing Systems. Computer, 28–33 (1991) 5. Jannesari, A., Tichy, W.F.: On-the-fly Race Detection in Multi-threaded Programs. In: The 2008 Workshop on Parallel and Distributed Systems: Testing, Analysis, and Debugging (PADTAD), pp. 1–10. ACM Press, New York (2008) 6. Jun, Y., Koh, K.: On-the-fly Detection of Access Anomalies in Nested Parallel Loops. In: 3rd ACM/ONR Workshop on Parallel and Distributed Debugging, pp. 107–117. ACM Press, New York (1993) 7. Lamport, L.: Time, Clocks, and the Ordering of Events in a Distributed System. Communications of the ACM 21(7), 558–565 (1978) 8. Mellor-Crummey, J.M.: On-the-fly Detection of Data Races for Programs with Nested Fork-Join Parallelism. In: The ACM/IEEE Conference on Supercomputing, pp. 24–33. ACM/IEEE, New York (1991) 9. Netzer, R.H.B., Miller, B.P.: What Are Race Conditions? Some Issues and Formalizations. ACM Lett. Program. Lang. Syst. 1(1), 74–88 (1992) 10. The OpenMP API specification for parallel programming, http://www.openmp.org 11. Park, S., Park, M., Jun, Y.: A Comparison of Scalable Labeling Schemes for Detecting Races in OpneMP Programs. In: Eigenmann, R., Voss, M.J. (eds.) WOMPAT 2001. LNCS, vol. 2104, pp. 68–80. Springer, Heidelberg (2001) 12. Petersen, P., Shah, S.: OpenMP Support in the Intel Thread Checker. In: Voss, M.J. (ed.) WOMPAT 2003. LNCS, vol. 2716, pp. 1–12. Springer, Heidelberg (2003) 13. Rinard, M.: Analysis of Multithreaded Programs. In: Cousot, P. (ed.) SAS 2001. LNCS, vol. 2126, pp. 1–19. Springer, Heidelberg (2001)

A Race Healing Framework in Simulated ARINC-653 Guy Martin Tchamgoue, In-Bon Kuh, Ok-Kyoon Ha, Kyong-Hoon Kim, and Yong-Kee Jun Department of Informatics, Gyeongsang National University, Jinju 660-701, South Korea [email protected], {inbon,jassmin,khkim,jun}@gnu.ac.kr

Abstract. The ARINC-653 standard architecture for flight software specifies an application executive which furnishes an application programming interface and defines a hierarchical framework which provides health management for error detection and recovery. In every partition of the architecture, however, asynchronously concurrent processes or threads may include concurrency bugs such as unintended race conditions which are common and difficult to remove by testing. To reinforce the capability of the ARINC-653 health management system and to increase the reliability of flight software, this paper describes the development of a race healing framework in a simulated ARINC-653 platform which provides ARINC-653 programming interface. The experimental results allow us to argue that our race healing framework is practical enough to be configured under the ARINC-653 partitions. Keywords: ARINC-653, health management, partition, data races, race healing framework.

1

Introduction

In highly critical real-time applications such as flight software, reliability is a very sensitive notion. Unfortunately, flight software applications are becoming more and more complex. Thus, new techniques have to be designed for the verification and mostly for the fault containment and recovery in such applications. To handle this need, the ARINC-653 [1,11,13] standard architecture for flight software has been introduced. This architecture specifies an application executive (APEX) which provides an application programming interface of fifty-one routines. APEX enables the development of portable applications on an Integrated Modular Avionics platform, supporting temporal and spatial partitioning along 



This research was supported by the MKE (The Ministry of Knowledge Economy), Korea, under the ITRC (Information Technology Research Center) support program supervised by the NIPA (National IT Industry Promotion Agency), NIPA-2010(C1090-1031-0007). Corresponding Author: In Gyeongsang National University, he is also involved in the Research Institute of Computer and Information Communication (RICIC).

T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 238–246, 2010. c Springer-Verlag Berlin Heidelberg 2010 

A Race Healing Framework in Simulated ARINC-653

239

with communication between applications in different partitions through welldefined ports. The architecture also defines a health management framework which can be used to provide a hierarchical framework for error detection and recovery at the process, partition, and module levels, supporting fault tolerance and then operational availability to be increased. In a partition of ARINC-653 architecture, processes or threads are executed concurrently according to a preemptive, priority-based scheduler. Accesses to shared variables or resources are coordinated by semaphores and events, such as waiting on empty or full buffers. However, misusing these facilities leads to concurrency bugs such as data races [8,10] which are common and difficult to remove by testing. A data race, is a pair of unsynchronized instructions in concurrent processes or threads that access a shared variable with at least one write access. Data races threaten the reliability of shared-memory programs seriously and latently, because the races result in unintended nondeterministic executions of the programs. Traditional cyclical debugging with breakpoints is often not effective in the presence of races since breakpoints can change the execution timing causing the erroneous behavior to disappear. In a recent work [7], we presented an on-the-fly race healing framework to be incorporated into the ARINC-653 health management architecture for healing data races that appear unexpectedly during the run-time of flight software. This framework instruments and monitors the target program for race detection using the Dinning and Schonberg protocol [4]. This protocol determines the logical concurrency between the current access and the previous conflicting accesses, and then maintains an access history of the shared variable for the subsequent race detection. For the concurrency information to be used in the protocol, the framework generates a variation of vector timestamps [3,6] for every process in the execution using the Nest Region labeling [9]. This paper presents the implementation of this race healing framework in an ARINC-653 environment. We describe the requirements and the design of the framework, and use the Simulated Integrated Modular Avionics (SIMA) [5] environment to provide real ARINC-653 programming interface. In order to achieve the reliability-related goal of the framework, we present details of the analysis to argue that the race healing framework is practical enough to be configured under the ARINC-653 partitions. In the rest of the paper, Section 2 introduces the ARINC-653 standard and presents the architecture of our race healing framework. Section 3 presents our implementation of the framework in SIMA. In Section 4, details are provided on the analysis and the configurability of the framework in SIMA. The paper is concluded in Section 5.

2

Background

Since ARINC-653 was introduced, its fault containment and health management capabilities have been attractive to the programmers of flight software. This section illustrates ARINC-653 and its functionality on health management, and introduces our healing framework architecture for ARINC-653 flight software.

240

2.1

G.M. Tchamgoue et al.

ARINC-653

The ARINC-653 Specification [1,11,13] has been developed as a standardized interface definition of real-time operating system to simplify the development of Integrated Modular Avionics. This standard specifies an Application Executive (APEX) which provides services comprised of a set of fifty-one routines to enable the development of portable applications on an IMA platform. The main objective of the APEX is to provide a strict and robust time and space partitioning environment allowing a processing unit known as module to host multiple applications independently in each partition. A module is managed by an operating system called Module Operating System. The temporal partitioning is a strict time slicing which guarantees that only one application at a time is accessing the system resources including the processor according to a periodic scheduler. The spatial partitioning provides strict memory management by guaranteeing that a memory area allocated to a partition and its processes cannot be corrupted by another partition and its processes. Each partition is governed by a Partition Operating System. A partition consists of a set of concurrently executing processes, sharing access to the system resources with the help of a preemptive, priority-based scheduler. One of the most important features of ARINC-653 is indisputably its health monitor (HM) which has the responsibility to detect and provide recovery mechanisms for both hardware and software failures at the process, partition, and module levels. The HM manages three recovery tables for a precise error handling. The System HM Table is used to localize the level of the error which can be one of module, partition or process. The Module HM table is consulted for errors in module level. This table defines the action to be taken to handle the fault and optionally may provide a module-level user-defined call-back function. The Partition HM table similarly is consulted when the error is at partition level. Each partition has its own error recovery table which optionally provides a partition-level user-defined call-back function. For errors at the process level, the HM will invoke a user-defined aperiodic error handler with the highest possible priority to handle the error. Consequently, the error handler should be efficient and execute as fast as possible not to monopolize the system. 2.2

Race Healing Framework

The ARINC-653 Standard clearly defines a health monitoring function with the objective of keeping the entire system safe by providing mechanisms to handle software and hardware failures and errors. Data races are timing-dependent bugs which are hard to detect and may lead a program to non-deterministic executions. This behavior can be fatal especially for hard real-time applications such as ARINC-653 applications. The architecture of the race healing framework [7] in ARINC-653 is presented in Fig.1. The race detector monitors the instrumented program execution, and once a data race is detected, the ARINC-653 Health Monitor is notified (see the second arrow in Fig.1) by the race detector using the application executive call

A Race Healing Framework in Simulated ARINC-653

241

Fig. 1. Overall Architecture of Race Healing in ARINC-653

RAISE APPLICATION ERROR. The Health Monitor will then contact the partition operating system (POS) of the partition in which the data race occurred. As a response, the race healer will be invoked by the concerned POS (see the third arrow in Fig.1). The race healer accesses the racing code and tries to heal the data race (see the fourth arrow in Fig.1). If the healer fails to do this, a notification is sent back to the Health Monitor (see the fifth arrow in Fig.1) which then initiates its native error recovery procedure. In fact, the race healer considers only asymmetric races [12] although the race detector can detect general race patterns. However, for this system to work well, the Health Monitor recovery tables have to be modified with new error codes to handle data races and to define emergency actions to be taken when the race cannot be healed. When invoked, the race healer process obtains higher priority than the other processes in the system. This architecture fits the layering concept of ARINC-653 and permits to detach entirely the race healing function from the race detection. This mechanism can be implemented within a partition to handle intra-partition concurrency or within a module to check inter-partition communication.

3

Race Healing Framework in SIMA

This section presents an implementation of the race healing framework and describes its incorporation into the SIMA platform. 3.1

The SIMA Environment

The ARINC-653 services are provided by the Simulated Integrated Modular Avionics (SIMA) [5]. SIMA is an execution environment, providing the ARINC653 application programming interface to operating systems like Linux that do not support such services. SIMA simulates ARINC-653 partitions, modules, and health monitor and provides mechanisms for inter-partition communication and logging. SIMA is designed to run on all posix-compliant operating systems.

242

G.M. Tchamgoue et al.

The SIMA environment simulates the two-layered architecture of most operating systems compatible with the integrated modular avionics specification. SIMA is developped as C libraries. The partition operating system is provided as a library called pos.a that is statically linked to the user application code. This library contains the ARINC-653 API. The SIMA module operating system is implemented by a program called mos that contains the partition scheduler, configured in the ARINC-653 XML configuration file. SIMA implements Part 1 [1] and most of the Extended Services of Part 2 [2] of the ARINC-653 specification. SIMA maps ARINC-653 partitions to POSIX processes and ARINC-653 processes to POSIX threads, allowing each SIMA application to be linked to its own POSIX program. 3.2

Race Detection Protocol

For on-the-fly race detection in our framework, we used the protocol presented by Dinning and Schonberg [4]. This protocol supports a program model with thread locking and guarantees to detect at least one race for each shared variable, if any exists. We used the Nest Region labeling [9] engine which generates logical concurrency information. The detecting engine reports races with analysis of labels and lock status by monitoring accesses to shared variables. It consists of the following four modules and data structures for the maintenance of the access history: (1) RChecker and Read access history for a read access without proper locking, (2) W-Checker and Write access history for a write access without proper locking, (3) CSR-Checker and CS-Read access history for a read access protected by a locking mechanism, (4) CSW-Checker and CS-Write access history for a write access protected by a locking mechanism. Upon race detection, the SIMA health monitor is notified by the race detector using the provided system call RAISE APPLICATION ERROR. 3.3

Race Healing Protocol

Generally, it is hard to heal data races on-the-fly, because this requires detecting data races and its localization, identifying error patterns, and choosing a proper healing method. However, it may be simple to heal the racing code if the pattern is well specified such as asymmetric races [12]. This section presents our algorithm for on-the-fly healing of asymmetric races implemented in SIMA. To heal data races, our technique inserts delay operations before an access which is about to be involved in a race. Fig.2 shows the healing technique implemented in our framework. In this figure, r and w in the circle represent the read and write accesses respectively. The numbers attached to the accesses represent an observed order. Fig.2(a) illustrates an example of data race. Data races are detected early since instructions accessing a shared variable are monitored before their execution. The healing function is registered in each monitored program as its error handler. This is done using the SIMA system call CREATE ERROR HANDLER.

A Race Healing Framework in Simulated ARINC-653

(a) Before Race Healing

243

(b) After Race Healing

Fig. 2. An example of Race Healing

In the SIMA environment, the error handler once invoked, accesses the racing code and inserts at the race detection point the SIMA system call WAIT EVENT. This system call forces the racing process to wait for a notification. This mechanism is shown in Fig.2(a). On lock release, a process execute the SIMA system call SET EVENT to signal waiting processes. Processes blocked because of a race can then resume and continue their execution. This is depicted by Fig.2(b).

4

Efficiency and Configurability

We evaluated the efficiency of the framework on a set of synthetic OpenMP programs. Each program contains 100 threads and presents at least one possible asymmetric race on a shared variable. Programs are divided into three sets, each with five programs based on the following criteria: there is at least one thread in which (A) all accesses to the shared variable use no lock, (B) at least one access is unprotected before a critical section, and (C) at least one access is unprotected after a critical section. We implemented five programs for each category. To exhibit the non-determinism, each thread in each program has at least one write access to the shared variable. Indeed, these three groups of programs reflect the common cases of asymmetric race patterns in real-world projects. We configured SIMA to run two partitions called P1 and P2. Each partition runs the synthetic programs described above. Only Partition P1 embeds our healing framework. Upon race detection, the SIMA health monitor is notified by the race detector using the provided system call RAISE APPLICATION ERROR. This system call provokes the execution of the registered error handler that is the healing function. Fig.3 shows an outpout of the two partitions P1 and P2 in the SIMA environment. The output of partition P1 reveals that three data races [44,W][47,R], [44,W][33,CSR], [44,W][36,CSR] are reported and healed. Each reported race is a pair of line number and access event between two threads. For example, [44,W][47,R] represents a data race that happened between a write access at line 44 in the first thread and a read access at line 47 in the second thread. Moreover, CSR stands for a read access inside a critical section. We measured and compared the total execution time of our synthetic programs as shown in Fig.4. The dark bars represent for each group of programs,

244

G.M. Tchamgoue et al.

Fig. 3. Output of SIMA Partitions

Fig. 4. Race Detection Overhead

the execution time measured in partition P2. On the other hand, the gray bars show the execution time when the programs are monitored by our framework in partition P1. The result of Fig.4 shows that our technique slows down in average about 2 times the original program execution. The results show that the proposed framework is configurable under an ARINC-653 platform. Indeed, the framework slows down the monitored application by about 2 times. ARINC-653 uses a XML formatted file to configure each partition. This file defines the scheduling time and the scheduler for each partition and its processes. This file is configured by the system designer for a better integrity of the whole system. To meet the real-time requirements of each partition and its applications, the XML configuration file must take into consideration our results. Thus, the

A Race Healing Framework in Simulated ARINC-653

245

execution time for a partition running our framework should be at least 2 times the original execution time. SIMA supports and provides the ARINC-653 configuration file.

5

Conclusion

The application executive of the ARINC-653 specification provides buffers, blackboards, semaphores and events for intra- and inter-partition communication and synchronization. Unfortunately, misusing these facilities may produce concurrency bugs such as deadlocks and data races that can be fatal for highly sensitive applications like flight software. In this paper, we presented an implementation and the configuration under a simulated ARINC-653 platform, of a race healing framework. The efficiency of the framework shows that it is possible to reinforce the ARINC-653 health management function with a race healing mechanism in order to increase the reliability of flight software.

References 1. Airlines Electronic Engineering Committee (AEEC): Avionics Application Software Standard Interface - ARINC Specification 653 - Part 1 (Supplement 2 - Required Services), ARINC (2006) 2. Airlines Electronic Engineering Committee (AEEC): Avionics Application Software Standard Interface - ARINC Specification 653 - Part 2. Extended Services, ARINC (2008) 3. Baldoni, R., Raynal, M.: Fundamentals of Distributed Computing: A Practical Tour of Vector Clock Systems. IEEE Distributed Systems Online 3(2) (2002) 4. Dinning, A., Schonberg, E.: Detecting Access Anomalies in Programs with Critical Sections. In: The ACM/ONR workshop on Parallel and Distributed Debugging, pp. 85–96. ACM Press, New York (1991) 5. Engel, C., Jenn, E., Schmitt, P.H., Coutinho, R., Schoofs, T.: Enhanced Dispatchability of Aircraft using Multi-static Configurations. In: Embedded Real Time Software and Systems, Toulouse (2010) 6. Fidge, C.J.: Logical Time in Distributed Computing Systems. Computer, 28–33 (1991) 7. Ha, O.-K., Tchamgoue, G.M., Suh, J.-B., Jun, Y.-K.: On-the-fly Healing of Race Conditions in ARINC-653 Flight Software. Accepted in the 29th Digital Avionics Conference. IEEE, Salt Lake City (2010) 8. Jannesari, A., Tichy, W.F.: On-the-fly Race Detection in Multi-threaded Programs. In: The Workshop on Parallel and Distributed Systems: Testing, Analysis, and Debugging, pp. 1–10. ACM, Seattle (July 2008) 9. Jun, Y., Koh, K.: On-The-Fly Detection of Access Anomalies in Nested Parallel Loops. In: The 1993 ACM/ONR Workshop on Parallel and Distributed Debugging, pp. 107–117. ACM, California (1993) 10. Netzer, R.H.B., Miller, B.P.: What Are Race Conditions? Some Issues and Formalizations. ACM Letters on Programming Languages and Systems 1(1), 74–88 (1992)

246

G.M. Tchamgoue et al.

11. Prisaznuk, P.J.: ARINC-653 Role in Integrated Modular Avionics (IMA). In: The 27th Digital Avionics Conference, pp. 1E2.1–7. IEEE, Minnesota (2008) 12. Ratanaworabhan, P., Burstscher, M., Kirovski, D., Zorn, B., Nagpal, R., Pattabiraman, K.: Detecting and Tolerating Asymmetric Races. In: Principles and Practices of Parallel Programming, pp. 173–184. ACM, New York (2009) 13. Santos, S., Rufino, J., Schoofs, T., Tatibana, C., Windsor, J.: A Portable ARINC653 Standard Interface. In: The 27th Digital Avionics Conference, pp. 1E2.1–7. IEEE, Minnesota (2008)

A K-Means Shape Classification Algorithm Using Shock Graph-Based Edit Distance Solima Khanam1, Seok-Woo Jang2, and Woojin Paik1 1 Dept. of Computer Science, Konkuk University, 322, Danwol-Dong, Chungju-Si, and Chungcheongbuk-do 380-701, Korea {solima,wjpaik}@kku.ac.kr 2 Dept. of Digital Media, Anyang University, 708-113, Anyang 5-dong, Manan-gu, Anyang-si, Gyeonggi-do, 430-714, Korea [email protected]

Abstract. Skeleton is a very important feature for shape-based image classification. In this paper, we apply the discrete shock graph-based skeleton features to classify shapes into predefined groups, using a k-means clustering algorithm. The graph edit cost obtained by transforming database image graph into the respected query graph, will be used as distance function for the k-means clustering. To verify the performance of the suggested algorithm, we tested it on MPEG-7 dataset and our algorithm shows excellent performance for shape classification. Keywords: Medial axis, shock graph, edit distance, k-means clustering.

1 Introduction In content-based image retrieval (CBIR), images are retrieved and classified based on their visual similarity to a user-supplied query image using the content color, texture, and shape. Where there is no information about color and texture, shape is an important cue. In shape-based image retrieval, visual transformation of a shape is a challenging issue for shape matching [1]. It is desirable that small changes in the shape boundary result in small changes in the shape descriptor. Therefore, the research related to shape retrieval derives shape representation schemes and similarity measures that are robust against visual transformations. Though computationally complex, the skeleton based approaches show superiority to the contour-based approaches by providing topological and geometrical information as well as showing robustness against visual transformations [1]. To reduce time complexity, a skeleton-based approach is proposed by Latecki’s group [2]. According to them, instability occurs due to the junction points of a skeleton, and therefore matching is only done with respect to the end points. In contradiction, Zaboli et al. [3] and Goh [4] reduced time complexity using only the branch points. However, considering only branch or only end points is not always accurate. Therefore, we developed an adaptive weighing algorithm [5] to choose branch or end T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 247–254, 2010. © Springer-Verlag Berlin Heidelberg 2010

248

S. Khanam, S.-W. Jang, and W. Paik

points based on the situation. This reduces the sample points and decreases running time. However, it does not yet help to reduce the time complexity of the retrieval. Combining an adaptive algorithm with the discrete shock graph approach, we proposed an idea [6] which reduces time complexity O(x3y3) to O(x y), where x and y are the number of nodes in the query and database skeleton. Another important issue in CBIR is the size of image databases, which has increased dramatically in recent years. To solve this issue, some new techniques and tools, like clustering algorithms, are widely used in numerous applications including sorting, browsing, searching, and retrieving images. Distance measure is an important step in clustering as it determines the similarity of two objects. Therefore, in this paper, we applied a k-means [7, 8] clustering algorithm for classifying shapes into groups using a discrete shock graph feature from a shape. The number of clusters, k, is predefined for our applied database [9]. We choose a kmeans clustering algorithm as it is suitable for classifying large amounts of image data. As a distance function, we will use shock graph-based edit cost which shows robustness under visual transformation as well as decreased complexity. To the best of our knowledge, a shock graph-based k-means clustering approach to classify a large shape database, like MPEG-7 [9], has not yet been reported. The rest of the paper is organized as follows. Section 2 contains a short description of the proposed method including shock graph-based approach of a shape, edit distance-based similarity measure, and k-means clustering. Experiments and related results are shown in Section 3. Finally, we draw conclusions in Section 4.

2 Method In our approach, k-means clustering will be applied for shape classification, where k is predefined. Dissimilarity between shapes will be measured using the graph edit cost. The graph edit cost will further be applied by k-means clustering to group the images into their respective classes. The overall scheme is shown in Fig. 1. 2.1 Shock -Based Shape Representation and Graph Edit Distance We talked about shape retrieval from shock graphs, which arise from the concept of the medial axis [5, 6]. The loci of all the shock points in Fig. 2 give the Blum’s medial axis [1, 10]. The second-order shocks are the sources of flow while the fourth-order shocks are termination points of flow which represent branch and end points, respectively. At the start of implementation, we adaptively choose the nodes from the medial axis of images corresponding to the given query [5]. The time complexity of the adaptive selection algorithm is O(x), where x is the number of nodes. For matching, we will use shock point matching and edit operations in a discrete way. Instead of a joint curve (corresponding boundaries of the shock graph) idea [1], which is computationally complex, we will match shock points between query and data images. To deal

A K-Means Shape Classification Algorithm Using Shock Graph-Based Edit Distance

249

Fig. 1. Architecture of edit distance-based shape classification scheme

Fig. 2. Segmented shape showing the medial axis, branch point, and end point

with visual transformation, we will consider the deform cost resulting from the edit operations, like contract and merge. Therefore, the total cost will be the sum of the shock point matching cost and the deform cost. Matching cost between shock graphs is done by discretizing the graph into nodes (branch or end nodes). Let two segments of shock graphs, g and g*, be discretized at

250

S. Khanam, S.-W. Jang, and W. Paik *

*

*

sample nodes: g1 , g 2 ,....., g n and g 1 , g 2 ,...., g m , respectively. These nodes can be considered as elements of a matrix ( m by n). Let C(i, j) and d ([k , j ], [l , j ]) be the * * * matching cost of graphs, ( g1 , g 2 ,....., g i and g 1 , g 2 ,...., g j ) and segments ( s k ,...., s i and s l* ,...., s *j ), respectively. Therefore, the cost of shock point matching, C (i, j ) will be C ( i , j ) = min [ C ( i − k , j − l ) + d ([ i − k , i ], [ j − l , j ])] k ,l

(1)

It is clear from the definition of the deform cost that the splice cost is related to removing the end points and the contract is related to removing the branch points of a shock graph [1]. Thus, the splice cost is the difference between the total number of end nodes of the query and data images. Similarly, contract cost is the difference between the total number of branch points of the query and data images. Let D be the shock point (end or branch) difference. Therefore, the total graph edit cost (sum of deform cost and shock point matching cost) M will be,

M =C+D

(2)

2.2 K-Means Clustering Using Graph Edit Distance The aim of the k-means clustering algorithm is to partition given inputs into k clusters [8] by assigning an input to a cluster to which it is most similar, based on the distance between the object and the cluster mean. Let us assume that we have N shape objects, O 1 , O 2 ,..., O N , all with shock graph features. Depending upon the features we have partitioned the objects into k clusters by assigning an input object

Oi into the jth

cluster if the indicator function is I ( k j O i ) = 1 where, k j = arg min (edit distance). The k-means algorithm for graph edit distance is described as follows: Input: The number of groups, k and shape database of N images. Output: A set of k clusters that minimizes the distance function. Step1

Initial value of centroids, P: arbitrarily choose initial k centroids for N shape images. Step2 Distance between shapes and centroids: graph edit cost between centroids, and database images will be calculated according to equation (2). Step 3 Update the centroid by

pnew = pold + ϕ (Oi − pold ), where ϕ is a positive learning rate. Step 2 and Step 3 will be repeated until the centroids converge.

A K-Means Shape Classification Algorithm Using Shock Graph-Based Edit Distance

251

3 Experimental Results and Discussion At the beginning of our work, we chose the sample points using a weighing algorithm [5]. As an example, here, we used 3 groups of 15 images: apple, bat, and beetle from the MPEG-7 dataset (Table 1). In Table 1, edit distance measures are presented according to the queries (apple-1, bat-3, and beetle-3) using the end and branch nodes in the shock graphs. The values of distance measure will be used as the values of distance function in the proposed k-means clustering to classify images into their respective groups. The clustering result in Figure 3 shows that 15 images are classified properly into 3 groups by the algorithm except for the 4th images in Groups 2 and 3. However, bat and beetle are of the animal category, so this error is within a category error. Additionally, k-means clustering is efficient in the processing of a large image dataset and the computational complexity of the algorithm is O(Nkt ) , where N is the total number of objects, k is the number of clusters, and t is the number of iterations. Moreover, graph edit cost measure is done with a reduced complexity compared to other skeleton-based methods [1]. As a result, our total system for image classification is done in simpler and more efficient way. The Table 2 depicts comparative study of our approach to some other shape-based classification schemes using the MPEG-7 database. We would not be able to compare to the other skeleton-based classification methods because of not availability using MPEG-7 database. MPEG-7 database consist of different types of large number of images [70 classes]. In this database, some images of the same group

Fig. 3. Result of clustering for the 3 groups of images (apple, bat, and beetle) form MPEG-7 dataset [9]

252

S. Khanam, S.-W. Jang, and W. Paik

Table 1. Distance measure for 15 images with respect to 3 queries (apple-1, bat-3, and beetle-10) Image No.

Image

Total end node

Total branch node

Distance for apple-1

Distance for bat -3

Distance for beetle10

1

Apple-1

5

7

0

40

89

2

Apple-3

6

8

17

39

88

3

Appple-9

7

9

14

40

89

4

Apple-14

7

9

17

39

88

5

Apple-15

8

10

23

37

86

6

Bat-3

25

27

26

38

93

7

Bat-4

40

40

45

38

84

8

Bat-8

160

138

40

0

83

9

Bat-10

65

64

49

45

81

10

Bat-20

32

35

41

32

70

11

Beetle-3

154

129

89

83

0

12

Beetle-7

80

72

90

56

45

13

Beetle-10

94

83

97

74

75

14

Beetle-11

127

117

113

78

54

15

Beetle-20

148

107

124

89

62

have the visual dissimilarly and also, some images from two different groups have the visual similarity. Therefore, this database is the most widely tested among various shape-based image processing. For the sake of comparison we compare the method to one contour based approach [11] and one region based approach [12], which proves the better.

A K-Means Shape Classification Algorithm Using Shock Graph-Based Edit Distance

253

Table 2. Comparison of classification performance with shape-based methods using MPEG-7 database

Aspect

Contour-based

Method

Classification rate (%)

Instability handling

Invariance to geometric transformation (translation, rotation and scaling). May not be suitable for complex shapes of several disjoint regions e.g. trademarks or logos, emblems, clipart and characters, and the contour can be changed drastically if there is a small crack-like opening [12]

Shape geodesic[11]

98.86

Zernike moment[12]

90

Invariant to rotation and robust to noise and minor variations

Proposed scheme

99

Invariant to rotation, translation, view point variation, occlusion articulation and some other visual transformations. Less complex than previous skeletal-based approaches [5, and 6] and shows superiority to contour based approaches[1]

Region-based

254

S. Khanam, S.-W. Jang, and W. Paik

4 Conclusions In this paper, we applied a k-means clustering algorithm for classifying shapes using shock graphs, which is an important skeleton-based feature in shape-based image retrieval. As a distance function, we will use graph edit cost which shows robustness under visual transformation. To the best of our knowledge a shock graph-based kmeans clustering approach for shape classification using a large database like MPEG7 has not yet been checked. The classification accuracy is also very impressive and complexity is reduced in the whole process using discrete shock graphs. Complete implementation of our approach for shape classification is in process and in the future, we will show more comparative results.

References 1. Sebastian, T.B., Klein, P.N., Kimia, B.B.: Recognition of Shapes by Editing Their Shock Graphs. IEEE Trans. Pattern Anal. Mach. Intell. 26(5), 550–571 (2004) 2. Bai, X., Latecki, L.J.: Path Similarity Skeleton Graph Matching. IEEE Trans. Pattern Anal. Mach. Intell. 30(7), 1282–1292 (2008) 3. Zaboli, H., Rahmati, M.: An Improved Shock Graph Approach for Shape Recognition and Retrieval. In: Proc. First Asia Int. Conf. on Modelling and Simulation, Thailand, pp. 438– 443 (March 2007) 4. Goh, W.-B.: Strategies for Shape Matching Using Skeletons. Comput. Vis. Image Underst. 110(3), 326–345 (2008) 5. Khanam, S., Jang, S.W., Paik, W.: An Improved Shock Graph-Based Edit Distance Approach Using an Adaptive Weighting Scheme. CCIS, vol. 56, pp. 501–508. Springer, Heidelberg (2009) 6. Khanam, S., Jang, S.W., Paik, W.: Fast and Simple 2D Shape Retrieval Using Discrete Shock Graph. Electron. Lett. (submitted, 2010) 7. MacQueen, J.B.: Some Methods for Classification and Analysis of Multivariate Observations. In: Proceedings of 5th Berkeley Symposium on Mathematical Statistics and Probability, vol. 1, pp. 281–297. University of California Press, Berkeley (1967) 8. Cheung, Y.M.: k*-Means: A New Generalized k-means Clustering Algorithm. Pattern Recognit. Lett. 24, 2883–2893 (2003) 9. ImageProcessingPlace, http://www.imageprocessingplace.com/root_files_V3/ image_databases.htLoudon 10. Blum, H.: A Transformation for Extracting New Descriptors of Shape. W. Whaten-Dunn, MIT Press (1967) 11. Nasreddine, K., Benzinou, A., Fablet, R.: Variational shape matching for shape classification and retrieval. Pattern Recognit. Lett. 31, 1650–1657 (2010) 12. Kim, W.Y., Kim, Y.S.: A region-based shape descriptor using Zernike moments. Signal Process.-Image Commun. 16, 95–102 (2000)

Efficient Caching Scheme for Better Context Inference in Intelligent Distributed Surveillance Environment Soomi Yang Department of Information Engineering, The University of Suwon, 445-743, Korea [email protected]

Abstract. In this paper, we describe the caching guidelines for better context inference based on distributed ontology framework. Context inference including distributed multimedia data is widely used in distributed surveillance environment. In such a distributed surveillance environment, surveillance devices such as smart cameras may carry heterogeneous video data with different transmission ranges, latency, and formats. These devices not only can get services from a region server, but also they can form and generate a P2P(peer-to-peer) network to provide services to each other. For such a P2P network, an effective cache framework that can handle heterogeneous devices is required. In this paper, we propose a flexible cache scheme which is adaptive to the actual device demands and that of its neighbors. Our scheme shows the efficiency of caching resulted in better context inference. Keywords: Intelligent Distributed Surveillance Systems, Multimedia Data, Cooperative Caching, Peer to Peer Network.

1 Introduction The popularity of smart cameras providing many intelligent functions grows with the advance of electronic technologies and Internet applications. In the upcoming era, many applications such as data sharing, intelligent biometric techniques and distributed web services for context reasoning will be widely used in the distributed surveillance systems. On the other hand, P2P systems have now been widely used in lots of applications on the Internet, Structured P2P systems provide both low latency and desired load balance. In our network surveillance environment, each surveillance device is equipped with an agent utilizing P2P computing systems. Context is any information that can be used to characterize the situation of environment entities. Each agent tries to be context-aware through integration, analysis and inference of data and information. For better inference, it need not only data of its own but also data of other neighbor agents. The distribution of demands for multimedia data items is often skewed, and the surveillance devices have different capabilities and data formats. These can lead to poor data communication and dropped messages. In this paper, we propose a distributed adaptive cache scheme based on heterogeneous device and data network. Our scheme uses caching and conformity to update and share data in a cooperative way. T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 255–261, 2010. © Springer-Verlag Berlin Heidelberg 2010

256

S. Yang

Simulation studies are conducted to evaluate the effectiveness of our flexible cache scheme. Implementation is also going on into our distributed surveillance network environment. The rest of the paper is organized as follows, Section 2 surveys related work of cooperative caching schemes. Our proposed modeling framework is explained in Section 3. Section 4 describes the adaptive caching technique. In Section 5, simulation results are presented and the performance is evaluated. We also show our implementation results. Finally, Section 6 concludes with an outline of our future work.

2 Related Work There have been a lot of cooperative cache schemes proposed with analogical peers. Numerous studies have been carried out on the caching and replication techniques in distributed environments. Especially [1] dealt with multimedia data caching technique. However, previous works similar to [1] were mostly based on the ground that the distributed nodes in the network have the same characteristics, and the data transmitted is standardized and intermittent. Our distributed surveillance environment, multimedia data is generated continuously and analysis should be done in real time. In [2], a cooperative caching framework is introduced and claimed to be effective to data availability. In [3], a replica allocation method and clustering in distributed networks are introduced to improve data accessibility in a mobile communication environment. Another cooperative cache scheme for similar peers is described in [4], which combines the P2P communication technology with a conventional mobile system. However they do not apply their technique to the distributed surveillance system. Our network surveillance application can be thought of semantic web. Object classification is achieved through ontologies and uniqueness is achieved through URIs. Building a semantic web application for network surveillance provides several advantages such as many distributed data sources, decentralized semi-structured images, efficient-incremental knowledge base, distributed inference, open systems. Several ontology reasoning systems have been developed for reasoning and querying the semantic web and they show good performance as seen in [6]. We want adopt, customize and improve them adequate for our surveillance system. To address these challenges, we advocate an adaptive caching framework in which heterogeneous devices with different transmission ranges, latency, formats and even cache sizes co-exist in the distributed surveillance network.

3 Proposed Modeling Framework 3.1 Hierarchical Infrastructure Cooperative inference such as object tracking requires the cooperation among local data acquisition systems[5]. Data associations between data sources are required to cover larger areas and solve occlusion problems. The availability of small, poweraware, and high-performance camera nodes or sensor nodes can be combined into hierarchical surveillance networks in several levels.

Efficient Caching Scheme for Better Context Inference

257

For more efficient collaboration, we make the infrastructure of the regional surveillance networks hierarchical tree structure by regional and administrative level as shown in Figure 1. The rectangles mean region servers and the ovals mean data source servers. The data source server can be a single camera node or sensor node. Possibly it can be a back end server for several cameras or sensor nodes. The lowest level server is called ‘level 1 server’. Level 1 region servers receive data from data source servers in their domain and manage them. Rarely upper level servers can have data source server of their own that shown as shaded oval in Figure 1. Data source servers form a graph structure. They can communicate each other freely within access control permission forming P2P computing networks. Equipped with agents, they perform their own intelligent distributed inference based on their own ontology knowledge base[6].

level n . .. level 2 level 1

Fig. 1. Hierarchical infrastructure of region servers

3.2 Communication Protocol In the case of multi-agent systems, association of data across the data source servers is indispensable for context awareness and decision making for the countermeasure. For each neighbor data request, data source server ni first tries to find the required data item from its local cache. If it encounters a local cache miss, it broadcasts a request message to its neighbor peers via P2P broadcast communication. If a neighbor peer has the required data item, it sends a reply message to ni via P2P communication. However, if ni does not get any reply from the network after the time out period, it will instead send the request to the higher region server to obtain the required data. For the broadcasting, each data source server sends a “hello” message to the other data source servers in its transmission range. The latency is defined as following. hop

L = ∑ (SizeOf Re questi + SizeOf Re plyi ) / Bandwidthi ,i +1

(1)

i =1

hop is defined as the total number of hops the data gets transmitted. As peers can exchange such information as the cache sizes of their neighbors and the transmission ranges, they can negotiate and come up with a cache strategy based on the messages exchanged. As a result, better usage of their limited cache space and higher system performance can be obtained.

258

S. Yang

4 Adaptive Caching Technique As shown in Figure 1, the multimedia data and feature data caching will be distributed over the region servers and data source servers. The data source server will need to carry out the indexing and retrieval of the information distributed across the servers in an efficient manner. To aid the task, we should use a data structure containing only the information related to the cached objects. In a distributed surveillance environment, multimedia data and feature data are produced continuously. To maintain the freshness and effectiveness of the data, we should cache data adaptively. We use the term ‘weight’ of cached data to describe its relative importance as compared to the other data as proposed in [1]. The higher the weight, the lower is the probability of the data being replaced. We also use a policy based on the size of the objects, in which the weight is proportional to the size of the data. Therefore the weight w is computed as following,

w = F f S sRr

(2)

where F is the number of times the data is accessed(frequency), S is the size of the data and R is the time since the last access for the data(recency). The three exponents f , r and s are weighting factor. The value for f should be a positive number, meaning that more frequently accessed data is more likely to be cached. The value of s can be a negative number, such that smaller data is more likely to be cached. The value of r should be a negative number, meaning that more recent data is more likely to be cached. If the recentness is more important than the frequency, the absolute value of the exponent r should be greater than that of the exponent f. If the probability of having cached data is q, the average expected packet transmission can be computed as following from the Equation (1) and (2),

E (T ) = (1 − q) ⋅ ( L ⋅

1 1 ) ⋅ (w ⋅ ) h 1− p

(3)

where E(T) means the expectation of the packet traffic, p means the probability of packet loss and h is the number of hops. When we examine the Equation (3), we can expect the packet traffic would be proportional to the probability of cache miss, latency, the probability of packet loss, the weight of data and the inverse of the number of hops.

5 Performance Evaluation 5.1 Communication Protocol For each given caching ratio q, we can inspect the effects to the average packet transmission. Figure 2 shows the expected packet transmission by packet loss p and caching ratio q for the same other factors. When the packet loss is small, the amount of packet transmission E in the Equation (3), difference is small. However, as the packet loss gets bigger, it suffers more increasing packet transmission. However as the caching ratio q increases, the difference gets rather smaller about to the 30%.

Efficient Caching Scheme for Better Context Inference

259

cached

18 16 14 12

E

10 8 6 4 2 0 0.8 0.6

1 0.8

0.4

0.6 0.4

0.2 0.2 q

0

0

p

Fig. 2. The expected packet transmission

For the difference of the number of the packet transmissions, when the adaptive caching technique is applied, it shows better performance. The data source servers might be grouped by region. The caching skewed by region could be reflected through variance in caching ratio q. 5.2 Implementation We implemented our adaptive caching technique into our distributed surveillance system. Figure 4 shows our object tracking through the communication between the data source servers. Some student walking in campus is tracked between the two smart cameras with agents. Although each of the data source servers which are equipped with cameras has both web interface and local camera control panel, in Figure 4 we show web interface for one data source server and camera control panel for the other data source server to lead better understanding. Web interface shown in Figure 3 (a) includes google map to represent many kinds of location based objects and events such as camera location or burglar alarm. Detail explanation about the objects and events can be found through the links listed in left and right frames. Camera control panel shown in Figure 3 (b) shows much local information obtained from camera and gives a chance to adjust to the situation. They receive control signal and generate a signal for camera adaptively. Each signal can be generated local or remotely. Each of the data source servers has its own ontology framework with local inference engine. It infers context information and makes decision based on the data gathered from several related neighbor agents. For the inference efficiency, it utilizes caching system in a way explained in Section 5.1. They communicate through dedicated openAPIs provided independently like P2P servers. We are developing openAPIs based on [7]. Some are getVideoList(), getVideo(), setVideo(), getVideoStatistics(), requestSignal(), sendSignal().

260

S. Yang

(a) Web interface

(b) Camera control panel Fig. 3. Object tracking between two data source servers

We are collecting the experimental data showing adaptive caching helps the distributed context inference. More realistic data will be given in the near future work.

6 Conclusion We describe the caching guidelines for better context inference based on distributed ontology framework. Data source servers communicate each other freely within access control permission to perform their own intelligent distributed inference based on their own ontology knowledge base. Context inference including distributed multimedia data is widely used in distributed surveillance environment. In such a distributed surveillance environment, surveillance devices such as smart cameras may carry heterogeneous video data with different transmission ranges, latency, and formats. These devices not only can get services from a region server, but also they can form and generate a P2P network to provide services to each other. For such a P2P network, an effective cache framework that can handle heterogeneous devices is required. In this

Efficient Caching Scheme for Better Context Inference

261

paper, we propose a flexible cache scheme which is adaptive to the actual device demands and that of its neighbors. Our scheme uses caching and conformity to update and share data in a cooperative way. Simulation studies are conducted to evaluate the effectiveness of our flexible cache scheme. Implementation is also going on into our distributed surveillance network project for the U-city security and surveillance technology. More realistic data will be given in future work. Our scheme shows the efficiency of caching resulted in better context inference. Acknowledgments. This work was supported by the GRRC program of Gyeonggi province. [GGA0801-45700, Center for U-city Security and Surveillance Technology].

References 1. 2. 3.

4. 5. 6. 7.

Paknikar, A., Kankanhalli, M., Ramakrishnan, K.: A Caching and Streaming Framework for Multimedia. ACM Multimedia (2000) Yin, L., Cao, G.: Supporting Cooperative Caching in Ad Hoc Networks. IEEE Tr. on Mobile Computing 5(1) (2006) Zheng, J., Su, J., Lu, X.: A Clustering based Data Replication Algorithm in Mobile Ad Hoc Networks for Improving Data Availability. In: Cao, J., Yang, L.T., Guo, M., Lau, F. (eds.) ISPA 2004. LNCS, vol. 3358, pp. 399–409. Springer, Heidelberg (2004) Chow, C., Leong, H., Chan, A.: Distributed Group-based Cooperative Caching in a Mobile Broadcast Environment. In: MDM 2005 (2005) Sankaranarayanan, A., Veeraraghavan, A., Chellappa, R.: Object Detection, Tracking and Recognition for Multiple Smart Camaras. Proceedings of the IEEE 96(10) (2008) Pan, J.Z.: A Flexible Ontology Reasoning Architecture for the Semantic Web. IEEE Transactions on Knowledge and Data Engineering archive 19(2) (2007) ONVIF, Open Network Video Interface Forum Core Specification version 1.01 (2009)

A System Implementation for Cooperation between UHF RFID Reader and TCP/IP Device Sang Hoon Lee1 and Ik Soo Jin2 1

Dept. of Electronic Engineering, Kyungnam University 449 Woryeong-dong, Masanhappo-gu, Changwon-si, Gyeongsangnam-do, Republic of Korea [email protected] 2 Dept. of Information & Communication Engineering, Kyungnam University 449 Woryeong-dong, Masanhappo-gu, Changwon-si, Gyeongsangnam-do, Republic of Korea [email protected] Abstract. This paper presents a system implementation for cooperation between UHF RFID reader and TCP/IP device that can be used as a home gateway. The system consists of an UHF RFID tag, an UHF RFID reader, a RF end-device, a RF coordinator and a TCP/IP I/F. The UHF RFID reader is compatible with EPC Class-0/Gen1, Class-1/Gen1, 2 and ISO18000-6B, operating at the 915MHz. In particular, UHF RFID reader can be combined with a RF end device/coordinator for ZigBee(IEEE 802.15.4) interface which is low power wireless standard. The TCP/IP device is communicated with RFID reader via wired type. On the other hand, it is connected with ZigBee enddevice via wireless type. The experimental results show that the developed system can provide the right networking. Keywords: UHF RFID, RFID Reader, ZigBee, RF Coordinator.

1 Introduction A RFID (Radio Frequency Identification) technology is a non-contact method for information identification technology using radio frequency. RFID is practical technology in industry due to continuous growth of the Internet, manufacturing technology of low-cost tag, and standardization of electrical identification code[1-5]. Several frequency ranges are used in RFID technology, such as LF(125KHz), HF(13.56MHz), UHF(860~960MHz), and microwave(2.4GHz). The advantage of using low-frequency is low cost, but these systems have short recognition ranges. On the other hand, the advantage of using high-frequency is a higher range, but the cost is high. In this paper, we introduce a system co-implementation of UHF RFID reader and TCP/IP device via wire and/or wireless communications.

2 A System Design Figure 1 shows the system configuration. The system consists of three functional blocks. An UHF RFID reader can communicate with TCP/IP device by two methods. The one is directly connected with TCP/IP device via UART. The other is indirectly connected with TCP/IP device via ZigBee end-device. T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 262–267, 2010. © Springer-Verlag Berlin Heidelberg 2010

A System Implementation for Cooperation between UHF RFID Reader

Wire Transmission

RFID Reader

263

TCP / IP Interface Device Diagram

FLASH

CPU

SDRAM ZIGBEE Coordinator

Wireless Transmission

ZIGBEE End Device

Fig. 1. A system configuration diagram

2.1 UHF RFID Reader Figure 2 shows the functional block diagram of a 900MHz RFID reader. The RFID reader consists of three functional blocks. A transmitting block sends request commands to RF-tag in the recognition field. A receiving block receives data from RFtags through an antenna. A data processing block deals with data. Transmitting block

H o s t

Modulator Micro controller

P C

Comparator

Power Amplifier Control

Monolithic Amplifier

Power Amplifier

Tunning Circuit

RF power Detector

Directional Coupler

Antenna

Active RC Filter

Amplifier

RF Tag

Receiving block

Data Processing Block

Fig. 2. Block diagram of UHF RFID reader

Transmitting block contains a signal generator, a modulator, a power amplifier and a tuning circuit. The signal generator generates carrier signal for RFID system. In this paper, we generate 915MHz signal from 10MHz crystal using SI4113-BM frequency synthesizer of Silicon Laboratories Inc., as shown in figure 3. In order to design the modulator and power amplifier, we use RFMD RF2173 chip because the device has +36dBm output power and 32dB gain. And we can also control the output power level by making use of EXAR MP7524A D/A converter via microcontroller. Receiving block consists of detector, amplifier, filter, and comparator as shown in figure 2. The detector splits received tag signal from antenna into two parts using a directional coupler, Alpha DC08-73 chip. The amplifier of Linear Technology LT6200CS6 having 165MHz gain bandwidth enhances tag signal from the directional coupler. The amplified signal is supplied to comparator, LMV7219M7 of National Semiconductor through active RC filter, LT1568 as shown in figure 3. Data processing block is operated by a microcontroller of Microchip PIC18F452 with a built-in 10-bit A/D converter. Figure 4 is a prototype of UHF RFID reader.

264

S. H. Lee and I.S. Jin

(a) Tag searching signal in TX (b) Tag signal from the comparator in RX Fig. 3. Measured waveforms in UHF RFID reader

Fig. 4. UHF RFID reader prototype

2.2 ZigBee End-Device Figure 5 shows the functional block diagram of a ZigBee end-device. The ZigBee end-device contains RF data modem, microcontroller and power management. We used CC2420 RF transceiver of Chipcon for ZigBee communication. The chip is a 2.4GHz IEEE802.15.4 compliant RF transceiver designed for low-power. And we also used ATmega-128L RISC processor for microcontroller’s operation. The data communication between RF modem and microcontroller has been carried out through SPI. Figure 6 is a fabricated ZigBee end-device. RF Data Modem

Microcontroller

RX Analog/RF

RX Baseband

Device app

Frequency Generator

SPI/ Control

NWK Protocol

TX Analog /RF

TX Baseband

Device driver

MAC (IEEE802.15.4)

Power management

Fig. 5. Block diagram of Zigbee end-device

RFID READER

A System Implementation for Cooperation between UHF RFID Reader

265

Fig. 6. ZigBee end-device prototype

2.3 TCP/IP Device TCP/IP device can be used as a home gateway for a remote management of UHF RFID reader. The TCP/IP device is directly connected with RFID reader via UART or

Wire Transmission

RS232#2 RS232#1

WAN

LAN#1

LAN#2

LAN#3

LAN#4

LAN#5

LAN#6

LAN#7

LAN#8

USB

PCI SWITCHING

FLASH

CPU

SDRAM Wireless Transmission

ZIGBEE Coordinator WLAN E-IDE Antenna #1

Fig. 7. Block diagram of TCP/IP device

Fig. 8. TCP/IP device prototype

Antenna #2

266

S. H. Lee and I.S. Jin

it is indirectly connected with RFID reader via ZigBee end-device. In this paper, we designed the TCP/IP device based on ADM8668 reference board of Infineon. Figure 7 shows the functional block diagram of TCP/IP device. Figure 8 is a fabricated TCP/IP device.

3 Experimental Results Figure 9 shows a series of the prototypes fabricated by using commercial parts. The part on the right side indicates the TCP/IP device and RF coordinator. The part in the middle is for UHF RFID reader and ZigBee end-device, and the part in left side is antenna tag, respectively.

G Fig. 9. A series of prototypes

Figure 10 shows the test set-up for recognition of UHF tag and management of recognized tag-information. The test divided into three parts to verify the results of these apparatus: Tag recognition by UHF RFID reader, transmission of taginformation by ZigBee end-device and RF coordinator, and remote management by TCP/IP device. Figure 11 indicates the GUI window for remote RFID information under web test circumstance. We can confirm that the recognized multi-tag data have saved and transferred to the specific user through TCP/IP device.

G Fig. 10. Test set-up for cooperating between RFID reader and TCP/IP device

A System Implementation for Cooperation between UHF RFID Reader

267

Fig. 11. Web GUI window for remote recognition of RFID tag

4 Summary In this paper, we introduce a system implementation of UHF RFID reader and TCP/IP device. The UHF RFID reader is compatible with EPC Class-0/Gen1, Class-1/Gen1, 2 and ISO18000-6B, operating at the 915MHz. TCP/IP device is prepared to retransmit the tag data for remote management. ZigBee end-device and RF coordinator can support a wireless link between RFID reader and TCP/IP device. To verify the operation of the designed prototypes, we suggested web test circumstance. The fabricated prototypes can be used in application fields such as the remote inventory management, coming in and out regulation, USN and so on. Acknowledgments. This work was supported by Kyungnam University Foundation Grant, 2010.

References 1. EPC Global Radio-Frequency Identity Protocols Class-1 Generation2 UHF RFID (2005) 2. Finkenzeller, K.: RFID Handbook, Fundamentals and Applications in Contactless Smart Cards and Identification, Youngjin.com (2004) 3. Adamcova, P., Tobes, Z.: UHF RFID Technology and its Applications. In: 17th International Conference on Radioelektronika, pp. 1–5 (2007) 4. Xiaohua, W., Xiaoguang, Z., Baisheng, S.: Design for UHF RFID Reader and Selection for Key Parts. In: International Conference on Automation and Logistics, pp. 2913–2916 (2007) 5. Ying, C., Fu-hong, Z.: International Conference on Communication Technology Proceedings, pp. 301–304 (2008)

Study of Host-Based Cyber Attack Precursor Symptom Detection Algorithm Jae-gu Song1, Jong hyun Kim2, Dongil Seo2, Wooyoung Soh1, and Seoksoo Kim1,* 1 Department of Multimedia, Hannam University, Daejeon, Korea Electronics and Telecommunications Research Institute, Daejeon, Korea [email protected], [email protected], [email protected], [email protected], [email protected] 2

Abstract. Botnet-based cyber attacks cause large-scale damage with increasingly intelligent tools, which has called for varied research on bot detection. In this study, we developed a method of monitoring behaviors of host-based processes from the point that a bot header attempts to make zombie PCs, detecting cyber attack precursor symptoms. We designed an algorithm that figures out characteristics of botnet which attempts to launch malicious behaviors by means of signature registration, which is for process/reputation/network traffic/packet/source analysis and a white list, as a measure to respond to bots from the end point. Keywords: Cyber attack, Precursor symptom detection, Botnet, security.

1 Introduction Currently, DDos attacks using botnet are affecting individuals as well as the government and enterprises, calling for increased security for corporate/personal information and systems along with proper response measures[1,2,3]. Various solutions have been provided, including firewalls, Cyber Attack Detections Systems(CADSs), encryption, and authentications. These solutions detect malicious code through signature-based detection and are not very effective for variant attacks[4,5,6]. In order to overcome this limitation, efforts are put into developing active signature collection according to botnet infection paths and behaviors, including file-based detection, an emulator, the sandbox, MIME filtering, behavior-based detection, and so on[7]. However, this method conducts analysis at an initial stage of spread, making difficult to take prompt measures. Therefore, we need to develop a technology of analyzing vulnerability before malicious code occurs and detecting a bot which tries to approach systems. In this research, we designed an algorithm that can analyze behaviors of a bot occurring in a host environment to detect types and symptoms of malicious code. Through the algorithm we can figure out precursor symptoms of botnet infection and attacks, ranging from a precursor situation (disclosure of vulnerability) to an initial stage of spread (occurrence of malicious code). *

Corresponding author.

T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 268–275, 2010. © Springer-Verlag Berlin Heidelberg 2010

Study of Host-Based Cyber Attack Precursor Symptom Detection Algorithm

269

2 Related Works In this study, based on previous botnet detection technologies and research on botnet features/behaviors, we will study precursor symptoms possibilities. 2.1 BotNet Detection Technologies Botnet detection methods are largely divided into three categories: detection of invasion into networks, detection of communication with a C&C server, and detection of a bot with virtualization technologies[8,9,10,11].

○1

Detection of invasion into networks: This detection technology uses signature-based diagnosis of the file base technology as well as Heuristic detection tech and Generic detection tech. This method confirms infection by comparing signature data with affected files and executable files. Communication with a C&C server: Of behavior detection technologies, this method identifies C&C server data with network-based detection and automatically generates a signature of a bot by saving/analyzing its row packets. For example, KISA's sinkhole server receives commands when a bot communicates with a C&C server, analyzes the command system, and traces the server. However, recent bots use intelligent evasion technologies such as fast-flux and channel/communication encryption fake traffic to avoid detection between a C&C server and a zombie PC. Detection with virtualization technologies: Sandbox applied file-based detection and behavior detection to find out a variant bot or non-existing bot. Although this is effective to detect a variant bot, a normal file could be detected as an infected one.

○2

○3

2.2 Precursor Symptoms According to Botnet Types and Behavior Analysis Botnet can be categorized according to its behaviors and characteristics as follows[12], and we can use the information to trace back botnet.

○1 Attacks: a method of attacks such as DDos and scaning. ○2Command & Control model: structure for command and control such as centralization, distribution, p2p, and so on. ○3 Communication protocol: protocols used for network communication such as IRC, HTTP, and P2P. ○4 Observable botnet behavior: abnormal behaviors caused by botnet such as abnormal system call or short a large number of packets generated in a short time. ○5 Rally mechanism: mechanism that rallies new bots under a bot master such as hard-coded IP, dynamic DNS, distributed DNS, etc. ○6 Evasion method: a method of evading detection such as HTTP/VoIP tunneling, IPv6 tunneling, P2P encryption traffic, etc.

Figure 1 shows a normal process of botnet infection. In this study, we analyzed precursor symptoms by dividing abnormal botnet behaviors into a network-based behavior, host-based behavior, and global behavior.

270

J.-g. Song et al.

Fig. 1. Diagram of BotNet Infection Processes

○1 Network-based behavior

A normal botnet continues to control a zombie PC by receiving commands and upgrades through communication with a C&C server. Therefore, we can detect botnet through network traffic analysis using C&C server detection[13,14]. Analyzing abnormal traffic, we can generate precursor symptom signatures before cyber attacks occur. Precursor symptoms of networks help to figure out initial symptoms and detect abnormal phenomena so as to take early measures. Figure 2 shows network traffic management TO-BE model.

Fig. 2. Network Traffic Management TO-BE Model

We need the following information in order to figure out early symptoms through network-based behaviors. 1. Host arrangement generating most traffic and real-time monitoring 2. Categorization of the total traffic by protocols 3. Categorization of TCP traffic by applications 4. PPS(Packet Per Second) and FPS(Flow Per Second) trend analysis 5. Operation of P2P application and occupied bandwidth

Study of Host-Based Cyber Attack Precursor Symptom Detection Algorithm

271

○2 Host-based behaviors

Once a bot is executed, it calls a series of system library to change system registry and files, attempts to generate connection with networks, or disable antivirus programs. That is, we can observe behaviors different from legal ones. And we need the following information in order to figure out early symptoms through host-based behaviors[15]. File System - changes to a host's file system can be indicative of the activities that are conducted on that host. Network Events - An intrusion detection system can intercept all network communications after they have been processed by the network stack before they are passed on to user-level processes. System Calls - with some modification of the host's kernel, an intrusion detection system can be positioned in such a way as to observe all of the system calls that are made. This can provide the intrusion detection system with very rich data indicating the behavior of a program. host-based behaviors can be very effective in detecting invasion, which is difficult at a network level, for they carry out activity and condition monitoring. Also, the method hardly allows malicious code to evade[16]. But it can lower the performance of platform.

○3 Global correlation behaviors

Global correlation behaviors are used to trace back botnet by studying its structure and mechanism. This is most useful, for it carries out observation based on botnet mechanism already made known. Correlation behaviors are used to compare a series of behavior rules and correlation system requests to allow services or system according to results. This method is applied to blocking, correlation, and engine management. Figure 3 shows a Cysco’s correlation system[17]. This research studies precursor symptom detection through host-based behaviors and global correlation behaviors.

Fig. 3. Cisco Security Agent applies an “intercept, correlate, rules engine” process— INCORE—that compares correlated system calls with a set of behavioral rules

272

J.-g. Song et al.

3 Design of Host-Based Precursor Symptom Detection Algorithm In this study, we trace back behaviors related with global correlation through process monitoring and host/traffic analysis based on host-based behaviors in order to find out botnet precursor symptoms. With this design, we can detect a zombie PC to analyze initial infection cases and malicious behaviors so as to prevent large-scale damage as recent botnet increasingly attempts to minimize communication with a C&C server or remove such communication. The next figure shows a host-based precursor symptom detection algorithm.

Fig. 4. Host-based Precursor Symptom Detection Algorithm

Study of Host-Based Cyber Attack Precursor Symptom Detection Algorithm

273

The suggested algorithm involves the following 11 steps. 1. Program execution waiting 2. Program execution 3. At an external process analysis stage, it should be possible to detect changes in process paths and system structure using Rootkit. To that end, memory scanning searches for hidden processes. 4. The detected process is compared with a white list so as to see if it is a known process. A known process will be executed normally but, if it generates a repeated process or a number of files, then network traffic analysis will start. 5. An unknown process is examined by reputation analysis to find out time of detection, user information, user patterns, known behaviors, and so on. If the file is judged to be not malicious, it will be executed normally. However, if it generates a repeated process or a number of files as explained in the 4th step, then network traffic analysis will start. 6. In the Step 5, if a file is still judged to be malicious, network traffic analysis will examine numerical data of traffic. If there is no problem in traffic, the process analysis will end and a signature is registered. However, if abnormal traffic occurs after the process analysis, packet analysis will start. 7. Packet analysis starts. 8. Source IP and destination IP are analyzed in order to figure out an access path. Here, if IP data are not figured out, the network traffic analysis will be repeated, collecting network traffic and packets on which re-analysis is based. 9. An access path will be secured through the analyzed source IP and destination IP, and source files are analyzed to register a signature. 10. An attempted behavior is analyzed based on analyzed source files and a signature is registered. 11. The registered signature is finally reported and registered on a precursor symptom list. The white list suggested in the algorithm above refers to a list based on a reputation system. A reputation system provides users with notices based on the collected list of hazardous programs. A registered signature is saved in a reputation system and continues to update a white list. Here, a temporary black list is developed in order to screen malicious processes. Also, in the network traffic analysis stage, the following analysis processes will trace back global correlation behaviors. 1. Traffic analysis - Analyzes potential of infection and checks numerical data through AAWP(Analytical Active Worm Propagation) modeling and LAAWP modeling. 2. Extraction of an abnormal file (self-reproduction, traffic generation, process occupancy – Notifies a user) - Applies social engineering methods. 3. Reporting a file (to a professional agency) - If a file is judged malicious, the file is reported to an antivirus or security agency under consent of a user. 4. Analysis 5. Tracing a message through bot channel information 6. Confirmation of a command(intentions) 7. Developing prevention measures 8. Distributing a patch file to a PC

274

J.-g. Song et al.

Fig. 5. White List Registration Algorithm

Through these processes we can analyze network conditions before DDoS attack occur, recognize regular packets, extract abnormal traffic, and analyze botnet-related files and commands, examining malicious packets and fast extracting signatures. However, we need to prepare to deal with variant bots by continuously collecting doubtful packets and finding out common patterns of botnet-related signatures. This research aims to detect precursor symptoms from users, who are most likely to be targeted by zombie PCs. Bot headers prepare attacks by approaching personal computers in order to form initial botnet. According to the solution developed by this study, detection starts upon the approach of a bot header.

4 Conclusion As the number of large-scale cyber attacks continues to increase, a lot of efforts are being made on botnet detection to effectively respond to DDoS attacks. In this study, we developed a host-based method to detect malicious behaviors and infection in the stage that botnet begins to act. Host-based precursor symptom detection allows real-time and immediate detection, and we can deal with unknown approaches/behaviors, for the method can analyze access to internal resource systems. Also, we can detect an attempt to make a number of PCs zombies and analyze patterns of an attack before large-scale cyber attacks start. In the near future, we need to carry out network-based analysis in order to understand precursor symptoms more accurately.

Acknowledgement This paper has been supported by the Software R&D program of KEIT. [201010035257, Development of global collaborative integrated security control system].

Study of Host-Based Cyber Attack Precursor Symptom Detection Algorithm

275

References 1. Zhang, G., Parashar, M.: Cooperative Defense against Network Attacks. In: Proceedings of WOSIS 2005, ICEIS 2005, pp. 113–122. INSTICC Press (2005) 2. Turner, D., Fossl, M., Johnson, E., Mack, T., Blackbird, J., Entwisle, S., Low, M.K., McKinney, D., Wueest, C.: Symantec Global Internet Security Threat Report (2008) 3. Arbor Networks.: Worldwide Infrastructure Security Report (2007) 4. Mirkovic, J.: D-WARD:Source-End defense Against Distributed Denial-of-Service Attacks. Ph.D Thesis (2003) 5. Websense.: Malicious Facebook Password Spam (2009), http://securitylabs.websense.com/content/Alerts/3496.aspx 6. Nazario, J.: Twitter-based Botnet Command Channel (2009), http://asert.arbornetworks.com/2009/08/ twitter-based-botnet- command-channel/ 7. Natvig, K.: Sandbox Technology Inside AV Scanners. In: Virus Bulletin Conference, pp. 475-488 (2001) 8. Futamura, K., Ehrlich, W., Rexroad, C.B.: Method and apparatus for detecting worms. filed U.S. Pattent (2005) 9. Racine, S.: Analysis of internet relay chat usage of ddos zombies. Master’s thesis, ETH Zurich (2004) 10. The Honeynet Project & Research Alliance.: Know your enemy: Tracking botnets (2005), http://www.honeynet.org 11. Cooke, E., Jahanian, F., McPherson, D.: The zombie roundup: Understanding, detecting and disrupting botnets. In: 1st Workshop on Steps to Reducing Unwanted Traffic on the Internet, SRUTI (2005) 12. Trend Micro, Taxonomy of Bonet Threats, A Trend Micro White Paper (2006) 13. Bobor, V.: Efficient Intrusion Detection System Architecture Based on Neural Networks and Genetic Algorithms. Department of Computer and Systems Sciences, Stockholm University, Royal Institute of Technology, KTH/DSV (2006) 14. Zhang, J., Zulkernine, M.: Anomaly Based Network Intrusion Detection with Unsupervised Outlier Detection. In: Symposium on Network Security and Information AssuranceProc. of the IEEE International Conference on Communications, ICC (2006) 15. Singh, S., Silakari, S.: A Survey of Cyber Attack Detection Systems. IJCSNS International Journal of Computer Science and Network Security 9(5) (2009) 16. De Boer, P., Pels, M.: Host-Based Intrusion Detection Systems. Technical Report:1.10, Faculty of Science, Informatics Institute, University of Amsterdam (2005) 17. Packet, Cisco Systems User Magazine, Second Quarter (2005)

Design of Cyber Attack Precursor Symptom Detection Algorithm through System Base Behavior Analysis and Memory Monitoring Sungmo Jung1, Jong hyun Kim2, Giovanni Cagalaban1, Ji-hoon Lim1, and Seoksoo Kim1,* 1

Dept. of Multimedia, 133 Ojeong-dong, Daedeok-gu, Daejeon-city, Korea Electronics and Telecommunications Research Institute, Daejeon-city, Korea [email protected], [email protected], [email protected], [email protected], [email protected] 2

Abstract. More recently, botnet-based cyber attacks, including a spam mail or a DDos attack, have sharply increased, which poses a fatal threat to Internet services. At present, antivirus businesses make it top priority to detect malicious code in the shortest time possible (Lv.2), based on the graph showing a relation between spread of malicious code and time, which allows them to detect after malicious code occurs. Despite early detection, however, it is not possible to prevent malicious code from occurring. Thus, we have developed an algorithm that can detect precursor symptoms at Lv.1 to prevent a cyber attack using an evasion method of ‘an executing environment aware attack’ by analyzing system behaviors and monitoring memory. Keywords: Cyber Attack, Precursor Symptom Detection, Behavior Analysis, Memory Monitoring, Avoidance Technology, DeepTrace.

1 Introduction More recently, cyber attacks have sharply increased, which primarily includes HTTP and P2P botnet[1]. A botnet consists of a bot master, who is the attacker, a bot server, which conducts a malicious act after receiving a command from the bot master, and a C&C server, which delivers a command and a result between the bot master and the bot server. A botnet is manly used for a spam mail or a DDoS attack[2]. We need to first understand the structure of a botnet in order to prevent a botnet attack. In a general botnet attack, a bot server carries out a malicious act and, therefore, we can obtain only the IP address of a bot server from a victim’s computer and can respond only to that bot server. However, the botnet exploits a numerous number of bot servers to carry out malicious acts and they attack a victim’s system. Hence, responding only to a specific bot server cannot effectively prevent botnet attacks[3]. *

Corresponding author.

T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 276–283, 2010. © Springer-Verlag Berlin Heidelberg 2010

Design of Cyber Attack Precursor Symptom Detection Algorithm

277

Previous botnet trace-back technologies collect data of a bot server which is examined by an analyst in a passive manner. However, such a reverse engineering[4] method cannot promptly respond to botnet attacks, calling for an automated analysis technology. A botnet continuously develops encoding skills to evade trace-back and, thus, we need a new monitoring technology to be generally applied regardless of such new evasion skills. And most bot analysis systems have difficulty in detecting a botnet which hides a communication channel using an NDIS(Network Driver Interface Secification) interface and, thus, we need a botnet detection method analyzing acts of an NDIS system[5]. Also, one of evasion skills used by intelligent bots is 'an attack after being aware of an executing environment’, in which a bot stops a process by detecting delay of executing environment aware time. Therefore, we have designed an algorithm to detect a precursor symptom of a cyber attack using ‘an executing environment aware attack’ by analyzing system behaviors and memory monitoring.

2 Relation between Time and Spread of Malicious Code For example, if we consider the number of malicious code reported in Korea by year, the numerical increase in malicious code not only shows diversification of code types but also makes it almost impossible for antivirus businesses to promptly respond to it[6]. Table 1. 1988-2005 malicious code found by numerical in Korea Year

1988

1989

1990

1991

1992

1993

1994

1995

1996

Total

1

6

28

21

17

34

76

128

226

Year

1997

1998

1999

2000

2001

2002

2003

2004

2005

Total

256

276

379

572

435

277

1239

4622

2956

Not being able to swiftly respond to malicious code eventually leads to a rise in the number of affected computer systems. The next graph shows a relation between a prompt response and damage to a computer system, implying that from which point we provide safety measures significantly affects spread of malicious code. Lv. 1, which refers to the most ideal response to malicious code, analyzes vulnerability of an operating system in advance, and takes action to prevent damage even if malicious code occurs[7]. However, we do not know which vulnerability of a specific operating system or a program malicious code will use. Even if we can, however, we can never predict if malicious code exploiting specific vulnerability will be actually developed. Also, as we see in Lv.3 and Lv.4, if we fail to promptly respond to initial spread of malicious code, the damage will be uncontrollable. Therefore, prompt response to initial spread must be provided to minimize damage from malicious code.

278

S. Jung et al.

Fig. 1. Step by step the spread of malicious code and time correlation

Hence, most antivirus businesses attempt to provide solutions in Lv.2. In this stage, antivirus software with the latest engine installed in a computer can fast detect malicious code and reflect the data in a scanning engine to prevent further spread and damage. Nevertheless, no matter how quickly we can obtain a malicious code sample and develop/distribute a scanning engine, during the period that the engine is developed, the malicious code will continue to affect computer systems. In this study, therefore, in order to analyze acts of malicious code in Lv.1, as the first step, we will conduct reliable infection analysis by carrying out process/network/memory monitoring of the honeypot technology[8] and by using a stealth module. And in the 2nd/3rd step, we will conduct system-based analysis and monitor TDI and NDIS[9] to develop an algorithm detecting a precursor symptom of a cyber attack, which can deal with an evasion skill of ‘a executing environment aware attack’.

3 Design of Cyber Attack Precursor Symptom Detection Algorithm 3.1 Honeypot-Based Memory Monitoring Technology Recent intelligent bots employ various evasion skills including executing environment aware attacks, encryption of communication mechanism, encoding of data transmission, and so on. In this research, we will use DeepTrace[10] in order to monitor malicious behaviors of a bot server using an evasion method of an executing environment aware attack. The strength of DeepTrace is its reliable data analysis despite infection by various bot servers, for it monitors network connection and memory by process. The following figure describes the memory monitoring system of DeepTrace. A memory monitoring module secretly monitors behaviors of a bot server. The module is composed of 5 modules while process/network/memory monitoring modules and a stealth module are implemented at a kernel level. In this study, we use the following modules.

Design of Cyber Attack Precursor Symptom Detection Algorithm

279

Fig. 2. DeepTrace memory monitoring structure Table 2. Module information Modules

Explanation Monitors all processes. An automatically generating process is most likely to be a bot server so will monitor with all resources. Monitors outbound traffic. Includes an attack and DoS preventing engine. Monitors changes in network packet receiving and memory Hides a process/network/memory monitoring module

Process Network Memory Stealth

The following table compares features of DeepTrace with those of other existing technologies. Table 3. Compare the features of existing technology and DeepTrace Methods

Honeypot

Tracking Client

DeepTrace

Type

High Interaction

Low Interaction

High Interaction

Safety

Low

High

High

Analysis

High

Low

High

Maintainability

High

Low

Mideum

Analysis of Multi-Bot

Low

Mideum

High

Password analysis

Low

Low

High

Properties

The technology we suggest herein, which monitors memory based on honeypot technology, makes possible continuous monitoring of a bot server regardless of its evasion skills. In addition, automatic analysis of collected bot server data can monitor network traffic. Although we have designed a honeypot-based memory monitoring system for early detection of cyber attack precursor symptoms, even a small change in memory and process is detected as a precursor symptom, which leads to a higher error rate. Hence, in this study, we apply memory monitoring as the first step of behavior analysis, followed by 2nd/3rd step at a kernel level so as to lower the error rate.

280

S. Jung et al.

3.2 Cyber Attack Precursor Symptom Detection Algorithm Design with 3-Step System Behavior Analysis The 2nd behavior analysis technology suggested here involves 2 kernel drivers. As to the kernel driver for behavior monitoring, if a system is judged to have a precursor

Fig. 3. General system architecture

Fig. 4. 2 monitoring added system architecture for system behavior monitoring

Design of Cyber Attack Precursor Symptom Detection Algorithm

281

symptom by the 1st analysis, the driver is added to the system as TDI Filter Driver and NDIS Protocol Driver, depicted in Figure 4. In this way, IP and port data of packets, generated after TDI Filter Driver was added between NDIS Protocol Driver and TDI Client, can be continuously monitored. In connection with the process data created by the Step 1 behavior analysis, we can extract process data which generate the packet. The following figure shows the cyber attack precursor symptom detection algorithm suggested in this study.

Fig. 5. Cyber attack precursor symptom detection algorithm

282

S. Jung et al.

The algorithm monitors process/network/memory in the first stealth module and analyzes the Step 1 behavior analysis in order to detect changes. If a change is detected, the kernel driver is loaded (Step 2), installing TDI FD and NDIS PD, and detects a bot using an evasion method of executing environment aware attacks. If a bot is detected, behaviors of TDI Lv. Sys. are saved and those of NDIS Lv. Sys. analyzed. if these two behaviors do not agree, we can decide that it is a precursor symptom.

4 Conclusion and Future Work In this study, we designed a 3-step cyber attack precursor symptom detection algorithm that will monitor TDI and NDIS by analyzing system-based behaviors, for application of honeypot technology alone will lead to a high error rate. While recent intelligent bots use methods to evade trace-back such as one that a bot stops a process by detecting delay of executing environment aware time, the algorithm detects the bot before it starts to act and prevents its process. In the near future, we need to implement and verify the designed technology, develop a trace-back method for a path between a bot master and a C&C server, and make further application.

Acknowledgement This paper has been supported by the Software R&D program of KEIT. [201010035257, Development of global collaborative integrated security control system].

References 1. Grizzard, J.B., et al.: Peer-to-Peer Botnets: Overview and Case Study (2002), http://www.usenix.org/event/hotbots07/tech/full_papers/ grizzard/grizzard_html/ 2. Moore, D., Voelker, G., Savage, S.: Inferring internet denial-of-service activity. In: USENIX Security Symposium (2001) 3. Freiling, F.C., et al.: Botnet Tracking - Exploring a Root-Cause Methodology. In: di Vimercati, S.d.C., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 319–335. Springer, Heidelberg (2005) 4. Cui, W., Kannan, J., Wang, H.J.: Discoverer: automatic protocol reverse engineering from network traces. In: Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium, pp. 1–14 (2007) 5. He, W., Hu, G., Yao, X.: Large-scale communication network behavior analysis and feature extraction using multiple motif pattern association rule mining. Wseas Transactions On Communications 8(5), 473–482 (2009) 6. ASEC Annual Report (2005)

Design of Cyber Attack Precursor Symptom Detection Algorithm

283

7. Zou, C.C., Gao, L., Gong, W., Towsley, D.: Monitoring and early warning for internet worms, Department of Computer Science, Univ. of Massachusetts, Amherst, Tech. Rep. TRCSE-03-01 (2003) 8. Honeynet Project (2009), http://www.honeynet.org 9. Baker, A.: Windows NT Device Driver Book: A Guide for Programmers, with Disk with Cdrom, 2nd edn. Prentice-Hall PTR, Englewood Cliffs (1996) 10. Park, C., Kang, K., Kwon, Y., Jang, H., Kim, C.: Botnet Traceback Based on Honeypot Using Memory Analysis. In: 2007 Korean Institute of Information Scientists and Engineers Conference, vol. 34(1), pp. 25–28 (2007)

The Improved 4-PSK 4-State Space-Time Trellis Code with Two Transmit Antennas Ik Soo Jin Dept. of Information & Communication Engineering, Kyungnam University, 449 Woryeong-dong, Masanhappo-gu, Changwon-si, Gyeongsangnam-do, 631-701, Korea [email protected]

Abstract. Space-time coding is a powerful technique to improve the error performance of wireless communications systems by using multiple transmit antenna. In this paper, a new 4-PSK 4-state space-time trellis codes (STTCs) with two transmit antennas for slow fading channels is presented by improving the design parameters of the code. From the simulation results, it is shown that new code is superior to the TSC code and the BBH code by about 0.2 dB at a BER of 10-4 over slow Rayleigh fading channels, about 0.4~1.3 dB over slow Rician fading channels. Moreover, it is also shown that new code with Gray mapping can be obtained gains by about 0.1~0.6 dB while keeping the complexity almost the same as the code with natural mapping. Keywords: STTCs, TSC, BBH, design parameters, Gray mapping.

1

Introduction

Space-time coding is a powerful technique to improve the error performance of wireless communications systems by using multiple transmit antenna. In [1] Tarokh et al. introduced the concept of space-time coding as an extension to conventional timeconvolutional coding, and derived analytical bounds and design criteria to obtain codes for slow and fast fading channels. It was pointed out that in slow fading channels, the critical parameters are the rank and determinant of the codeword distance matrix, while in fast fading channels, the important parameters are the symbol-wise Hamming distance and the product distance. Based on these criteria, Baro et al. [2] found by computer search some 4- and 8-phase-shift keying (PSK) codes with better performance for slow fading channels. The product of the minimum rank and the , is called the minimum diversity. If 4, the number of receive antennas, rank & determinant criteria are applicable, while the trace criterion will be the domi4 [3]. Maeng et al. [4] found nant parameter for the code performance in case the minimum averaged product distance considering all incorrect paths , having the same symbol-wise Hamming distance δ as a design parameter in fast should be maximized for high coding gain. fading channels. The , The motivation of this work stems from the different design criteria between in slow fading channels and in fast fading channels. As previously mentioned, the design parameters of space-time trellis codes (STTCs) in slow fading channels are different from those in fast fading channels. But, it is worthwhile to note that the design T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 284–290, 2010. © Springer-Verlag Berlin Heidelberg 2010

The Improved 4-PSK 4-State Space-Time Trellis Code with Two Transmit Antennas

285

parameters in fast fading channels can also affect slightly the performance of STTCs over slow fading channels provided that the design criteria in slow fading channels are satisfied and maximized. As the Rician parameter increases (the channel tends toward Rician fading), the indirect influence of the design parameters in fast fading channels increases in slow fading channels. In addition, little has so far been reported on the performance improvements of 4-PSK 4-state STTC with two transmit antennas and one receive antenna since Tarokh et al. have proposed STTCs. For bit-wise communication systems, the post-decoding information bit error rate is more important than only minimizing the error-event probability. Gray mapping can also be a method for performance improvements in STTC. In this paper, a new 4-PSK 4-state STTC with two transmit antennas for slow fading channels is presented by improving the design parameters of the code. The Tarokh/Seshadri/Calderbank (TSC) code [1] and Baro/Bauch/Hansmann (BBH) code [2] are considered as references. In addition, the performance of the new code with Gray mapping is also provided over slow Rayleigh or Rician fading channels.

2

System Model

Fig. 1 illustrates the block diagram of the considered baseband space-time coded system with 2 transmit antenna and 1 receive antenna. The signals on the matrix channel, i.e., the · transmission paths between transmitter and receiver, are supposed to undergo frequency non-selective fading. It is assumed that the path gains are constant during one frame and change independently from one frame to another. It is also assumed that channel state information is known to receiver perfectly. The block size of symbol interleaver per antenna is 15 10. The received signal at time t is given by (1) where is the complex Gaussian channel path gain from transmit antenna ; is the energy per symbol; is space-time trellis coded symbol transmitted via transmit antenna at time ; is the additive complex white Gaussian noise at time with zero mean and variance ⁄2 per dimension. binary STTC M-ary data Encoder symbol

ct1 Symbol Interleaving

M-ary Modulator

ct2 Tx.

binary STTC soft data Decoder output

Symbol Deinterleaving

M-ary Demodulator

Fig. 1. General STTC system model

Rx.

286

I.S. Jin

The amplitude of the envelope of the received signal is a normalized random variable with a Rician probability density function given by

p ( h ) = 2 h (1 + K f )e

− K f − h 2 (1+ K f )

I 0 (2 h K f (1 + K f ) ), h ≥ 0

(2)

represents the ratio of the direct and specular where the Rician fading parameter · is the zero order modified signal components to the diffuse component and Bessel function of the first kind. As a special case, 0 yields Rayleigh fading, ∞ describes the AWGN channel. The outputs of symbol deinterleaver are and sent to STTC decoder using the conventional Viterbi algorithm with no quantization.

3 3.1

New 4-PSK 4-State STTC with Two Transmit Antennas Design Criteria for Fading Channels

It is well known regarding the design parameters of STTCs in slow and fast fading channel, respectively. Therefore, we will summarize them briefly. The case of slow fading. The design criteria for slow Rayleigh fading channels depend on the value of . The maximum possible value of is . If the value of is small, the design criteria can be summarized as [1]: i) Maximum the minimum rank of codeword distance matrix , ̂ over all pairs of distinct codeword. , of matrix , ̂ along the pairs of ii) Maximize the minimum product, ∏ distinct codeword with the minimum rank. This criteria set is referred to as rank & determinant criteria. If the value of rn is large, the trace criterion should be applied [5]. The case of fast fading. The design criteria for fast Rayleigh fading channels depend on the value of . For small value of , the error probability is dominated by the minimum space-time symbol-wise Hamming distance over all distinct , along the path of codeword pairs. In addition, the minimum product distance the pairs of codeword with the minimum symbol-wise Hamming distance , should be maximized. See [5] for details. , conIn [4] Maeng et al. found the minimum averaged product distance , sidering all incorrect paths having the same symbol-wise Hamming distance as a should also be maximized design parameter in fast fading channels. The , for high coding gain. 3.2

The Improved Design Parameters of New Code

STTCs have attracted considerable attention mainly due to the significant performance gains they can provide. A numerous of investigations [5] have shown the great promise of STTCs. By the way, little has so far been reported on the performance improvements of 4-PSK 4-state STTC with two transmit antennas and one receive antenna since Tarokh et al. [1] have proposed STTCs.

The Improved 4-PSK 4-State Space-Time Trellis Code with Two Transmit Antennas

287

Following the design criteria described in section 3.1, new code is generated through random search. The trellis diagram for the new code is shown in Fig. 2. The design parameters are also listed in Table 1. The Tarokh/Seshadri/Calderbank (TSC) code [1] and Baro/Bauch/Hansmann (BBH) code [2] are considered as references. We can notice that new code has a larger value of design parameters in the fast fading channels when compared to references. Table 1. Comparisons of STTC design parameters STTC

M-PSK

state

TSC BBH New

4 4 4

4 4 4

slow fading rank det. 2 4 2 4 2 4

fast fading ,

2 2 2

4.0 8.0 12.0

1.778 4.000 7.024

4.0 6.0 8.0

Information bits/4-PSK symbol 00/00 01/22 10/10 11/32

New (Natural)

00/00 01/22 11/10 10/32

00/02 01/20 10/12 11/30

00/02 01/20 11/12 10/30

00/23 01/01 10/33 11/11

00/23 01/01 11/33 10/11

00/21 01/03 10/31 11/13

00/21 01/03 11/31 10/13

(a) new code with natural mapping

New (Gray)

(b) new code with Gray mapping

Fig. 2. Trellis diagram of new 4-PSK 4-state STTC with 2 transmit antennas

3.3

New Code with Gray Mapping

The mapping or assignment of k information bits to the 2 possible signal may be done in a number of ways. Proper bit-to-symbol mapping can reduce the number of erroneous bits. The preferred assignment of k information bits to the M-ary signal is natural mapping in STTC. However, it is worthwhile to note that Gray mapping can also be a method for performance improvements in STTC [6], [7]. For bit-wise communication systems, the post-decoding information bit error rate is more important than only minimizing the error-event probability. The Gray mapping is one in which two successive values differ in only one bit. The trellis diagram of new code with Gray mapping is shown in Fig. 2(b).

4

Simulation Results

The bit error rate (BER) performance is evaluated by simulation. In the simulations, each frame consisted of 150 symbols transmitted from each antenna. The number of transmit antenna is two and the number of receive antenna is one. A maximum

288

I.S. Jin

likelihood Viterbi decoder with perfect channel state information (CSI) is employed at the receiver. Jakes’ model is used for Rayleigh fading based on summing sinusoids [8]. The performance curves are plotted against the signal-to-noise ratio (SNR), defined as SNR 2E ⁄N . The simulation conditions are listed in Table 2. Table 2. Simulation conditions Parameters Frame Length Carrier Frequency bits/frame Modulation State Transmit Antenna Receive Antenna Interleaver Channel Model Channel Estimation Decoder

Description 20 ms 2,0 GHz 300 4-PSK 4 2 1 15 10 block interleaver per antenna. 4-PSK symbol by symbol interleaver . Rayleigh fading or Rician fading with Rician parameter Slow fading. Jakes model for Rayleigh fading Ideal channel estimation (Channel information is known to receiver perfectly) Viterbi decoder with no quantization

Fig. 3 shows the BER of the considered STTCs over slow Rayleigh fading chan0 and slow Rician fading channels K 10 , respectively. It is nels K worthwhile to mention that diversity advantage refers to the slope of the BER 0, the performance of TSC code is almost the curves versus SNR. In case of K same as that of BBH code. We can observe that new code is superior to the TSC code and the BBH code by about 0.2 dB at a BER of 10 . It should be pointed out that performance improvement of 0.2 dB can be obtained over slow Rayleigh fading channels even though the design parameters based on the rank & determinant criteria are the same in Table 1. The results indicate that the design parameters in fast fading channels can also affect slightly the performance of STTCs over slow Rayleigh fading channels provided that the design criteria in slow Rayleigh fading channels are satisfied and maximized. As the Rician parameter K increases, the indirect influence of the design parameters in fast fading channels increases in slow 10, new code outperforms the TSC code and the fading channels. In case of K BBH code by about 1.3 dB and about 0.4 dB at a BER of 10 , respectively. As a further point, it is interesting to observe that performance improvements of 10 is much more than those in case of K 0 in new code in case of K Fig. 3. This result is mainly come from the fact that the design criteria derived from section 3.1 are all assumed on Rayleigh fading channels, and the Rician fading channels can be considered as the transient channels between the Rayleigh fading channels and the additive white Gaussian noise (AWGN) channels as K increases.

The Improved 4-PSK 4-State Space-Time Trellis Code with Two Transmit Antennas

289

Fig. 3. Performance comparisons of 4-PSK 4-state codes over slow fading channels

Fig. 4. Performance comparisons of 4-PSK 4-state codes with Gray mapping over slow fading channels

Fig. 4 illustrates the performance comparisons of new code between with Gray mapping and with natural mapping over slow fading channels. It is noted that new code with Gray mapping always shows better performance than new code with natu0 and 0.1 dB ral mapping. We can see that 0.6 dB improvements in case of 10 are observed at a BER of 10 , respectively. Fiimprovements in case of nally, notice that the cost that has to paid for this improvement can be negligible because the hardware complexity of Gray mapping is almost the same as that of natural mapping.

290

5

I.S. Jin

Conclusions

We presented a new 4-PSK 4-state STTC with two transmit antennas for slow fading channels by improving the design parameters of the code. From the simulation results, it is shown that new code is superior to the TSC code and the BBH code by about 0.2 dB at a BER of 10 over slow Rayleigh fading channels, about 0.4~1.3 dB over slow Rician fading channels. It should be pointed out that the design parameters in fast fading channels can also affect slightly the performance of STTCs over slow Rayleigh fading channels provided that the design criteria in slow Rayleigh fading channels are satisfied and maximized. Moreover, it is also shown that new code with Gray mapping can be obtained gains by about 0.1~0.6 dB while keeping the complexity almost the same as the code with natural mapping. Acknowledgments. This work was supported by Kyungnam University Foundation Grant, 2010.

References 1. Tarokh, V., Seshadri, N., Calderbank, A.R.: Space-Time Codes for High Data Rate Wireless Communication - Performance Criterion and Code Construction. IEEE Trans. Inform. Theory 44, 744–765 (1998) 2. Baro, S., Bauch, G., Hansmann, A.: Improved Codes for Space-Time TrellisCoded Modulation. IEEE Commun. Lett. 4, 20–22 (2000) 3. Yuan, J., Chen, Z., Vucetic, B., Firmanto, W.: Performance and Design of Space-Time Coding in Fading Channels. IEEE Trans. Commun. 51, 1991–1996 (2003) 4. Maeng, J.S., Jin, I.S., Sung, W., Whang, K.C.: Modified Performance Criterion for SpaceTime Codes on Fast Fading Channels. IEE Electronics Lett. 38, 889–890 (2002) 5. Vucetic, B., Yuan, J.: Space-Time Coding. John Wiley & Sons, London (2003) 6. Panagos, A., Kosbar, K.: A Gray-Code Type Bit Assignment Algorithm for Unitary SpaceTime Constellations. In: Proc. IEEE Global Telecommun. Conf. (GLOBECOM), pp. 4005–4009 (2007) 7. Tran, N.H., Nguyen, H.H., Le-Ngoc, T.: Coded Unitary Space-Time Modulation with Iterative Decoding - Error Performance and Mapping Design. IEEE Trans. Commun. 55, 703– 716 (2007) 8. Jakes Jr., W.C.: Microwave Mobile Communications. John Wiley & Sons, New York (1974)

A Study on Efficient Mobile IPv6 Fast Handover Scheme Using Reverse Binding Mechanism Randy S. Tolentino, Kijeong Lee, Sung-gyu Kim, Miso Kim1, and Byungjoo Park2,∗ 1

Department of Multimedia Engineering, Hannam University 133 Ojeong-dong, Daeduk-gu, Daejeon, Korea [email protected] 2 Department of Multimedia Engineering, Hannam University 133 Ojeong-dong, Daeduk-gu, Daejeon, Korea [email protected]

Abstract. This paper proposes a solution for solving the packet handover issues of MIPv6. We propose an efficient scheme that can support fast handover effectively in standard Mobile IPv6 (MIPv6) by optimizing the associated data and the flow of signal during handover. A new signaling message Reverse Packet Binding Mechanism is defined and utilized to hasten the handover procedure by adding a buffer in access point (AP) and home agent (HA). Keywords: MIPv6, Movement detection, Reverse binding mechanism, MIPv6 mobility management.

1 Introduction Mobile Internet Protocol version 6 (MIPv6) allows an IPv6 nodes to be mobile-to arbitrarily change its location on an IPv6 network while maintaining its reachability. Also, it allows the node to move within the Internet topology while maintaining reachability and on-going connections between mobile and correspondent nodes. To do this a mobile node sends Binding Updates (BUs) to its Home Agent (HA) and all Correspondent Nodes (CNs) it communicates with, every time it moves [1]. The mobile node may send data packets via its Home Agent immediately after sending the Binding Update, but the Home Agent will not be able to route traffic back to the mobile node before it receives the Binding Update. This incurs at least half a round-trip delay before packets are again forwarded to the right place. There is an additional delay for sending data packets if the mobile node chooses to wait for a Binding Acknowledgement (BA). The round-trip times can be relatively long, if the mobile node and its home agent are in different parts of the world. Nevertheless, the signaling exchanges required to update your location will always cause some disruption to active connections. Some packets will be lost. Together with link layer and IP layer connection setup delays there may be effects to upper layer protocols. Reducing these delays during the time-critical handover period will improve the performance of Mobile IPv6. ∗

Corresponding author.

T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 291–300, 2010. © Springer-Verlag Berlin Heidelberg 2010

292

R.S. Tolentino et al.

In this paper, we proposed an efficient scheme that can support fast handover effectively to reduce the handover delays and to improve the performance of Mobile IPv6 (MIPv6) by optimizing the associated data and the flow of signal during handover. A new signaling message Reverse Packet Binding Update (RPBU) is defined and utilized to hasten the handover procedure by inserting a buffer in access point (AP). This paper briefly describes and discusses the performance comparison of standard MIPv6 and the proposed scheme in MIPv6 using reverse binding mechanism. The rest of these papers are as follows: Section II explains related works; In Section III we illustrate and discusses the proposed scheme; comparison and performance analysis is explained in Section IV; and concluding in Section V.

2 Related Work This section discussed the detailed information about mobile internet protocol version 6 (MIPv6) mobility protocol, MIPv6 operation, and MIPv6 handover procedure problems.

Fig. 1. Mobile IPv6 Topology

A Study on Efficient Mobile IPv6 Fast Handover Scheme

293

2.1 Standard Mobile IPv6 (MIPv6) Mobility in IPv6 is, therefore, an enabler for future services. Even if the ingenious Mobile IPv6 protocol performs sufficient, in macro environments with non-real-time traffic, seamless mobility requires some more enhanced protocol procedures in between the mobile node and the involved network entities. Limiting the effect of handovers has the potential to considerably improve application performance in terms of latency and packet loss. A handover (HO) is the process during which a mobile node (MN) creates a new connection and disassociates from its old one. The decision for a new association may be initiated due to movement, if we are moving away from the old connection point and we are approaching a new one; low signal quality, because of interference or other impairments in the wireless path; quality of service decision, trying to effect a balanced load among neighboring or overlapping cells; better service, if we recognize a network with services that we require; or policy and cost decision, where the network or the user decide that it is more appropriate, or advantageous to relate to a different location. Fig. 1 illustrates the process of transmission of packets in MIPv6. While a mobile node is attached to its home network, it is able to receive packets destined to its home address, and being forwarded by means of conventional IP routing mechanism. When the mobile node moves into a new network (visited or foreign network), its movement is detected and a new association is made with mobility agents (foreign agents) in the new domain [2]. In MIPv6 a mobile node is more “independent” and does not have to rely on an access router to obtain a CoA and register with the home agent. To obtain its CoA, a mobile node uses the IPv6 protocols for Address Autoconfiguration [3] and Neighbor Discovery [4]. 2.2 Duplicate Address Detection in MIPv6 After completing movement detection an MN should generate an NCoA using IPv6 stateless address auto-configuration upon moving to the new link [3] [4]. After generation of the CoA an MN should perform DAD for testing the new CoA’s uniqueness within the new link. That is, DAD must be performed on all new IPv6 addresses to eliminate address collisions. As the problems of DAD delay have become apparent, there have been suggestions to skip DAD altogether, or to perform DAD “asynchronously” [5]. If two nodes do configure the same address, however, there are serious consequences. The colliding nodes will ‘fight’ for the address and corresponding nodes must choose one arbitrarily between the responses, depending on their order of arrival. Not only will packets not be delivered to the correct node, but the colliding node may send negative acknowledgements such as TCP resets or ICMP ‘Destination Unreachable’ messages, causing existing connections to be terminated. The current and simplest form of DAD was laid out as part of RFC 2462 [4]. When a node wishes to create a new address on an interface, it combines the network prefix with a suffix generated from its interface identifier. The interface identifier can be either obtained from the interface hardware or generated randomly [6] [7]. This address is referred to as the tentative address. The node sends a neighbor solicitation message from the unspecified address to the tentative address. If the address is already in use by another node, that node will reply with a neighbor advertisement message defending the address.

294

R.S. Tolentino et al.

2.3 MIPv6 Operation We can define the handover procedure like as movement detection, new CoA configuration, DAD and binding update. To process movement detection, an MN detects that it has moved to a new subnet by analyzing the router advertisement periodically sent by the access router (AR) (see Fig. 2). The MN can also request to send router advertisement by sending a router solicitation. To initiate CoA configuration and DAD, the information contained in the router advertisement will allow the MN to

Fig. 2. Mobile IPv6 handover procedure scheme

A Study on Efficient Mobile IPv6 Fast Handover Scheme

295

create a new CoA. As specified in IPv6 Narten et al. (1998), the MN first needs to verify the uniqueness of its link-local address on the new link. The MN performs DAD on its link-local address. Then, it may use either stateless or stateful address autoconfiguration Thomson et al. (1998) to form it new CoA. Whenever the mobile node is away from its home network, the home agent intercepts packets destined to the node, and forwards the packets by tunneling them to the node current address, the care-of-address (CoA). The transport layer (TCP, UDP) uses the home address as a stationary identifier for the mobile node. The basic solution requires tunneling through the home agent, thereby leading to longer paths and degraded performance. To alleviate the performance penalty, Mobile IPv6 includes route optimization (RO). When route optimization is used, the mobile node sends its current care-of-address to the correspondent node using binding update (BU) messages.

3 New Proposed Fast Handover Scheme over IPv6-Based Wireless Mobile Network Once association phase from MNÙNAP in the layer 2 handover is completed successfully; solicitation phase starts from MNÙNAR; after the MN receives the router advertisement (RA) from NAR it configures the care-of-address (CoA) and performs duplicate address detection (DAD). The HA registration phase takes place where return routability (RR) method for binding update (BU) authorization mechanism is suitable for use between MN and corresponding node (CN), the MN sends a home test init (HoTI) and a care-of test init (CoTI) messages to CN; MN sends BU with new primary CoA lifetime and forwards the packet to home agent (HA); HA send binding acknowledgement (BA) to MN; reverse binding update (RBU) request message sent by HA to mobile node new access router (NAR) after establishing a binding the home prefix assigned to the mobile node and its CoA and store it on a buffer; reverse binding acknowledgment (RBA) message sent by an NAR in response to reverse BU message that it received from HA, the message is stored on the buffer. • Movement Detection When an active MN moves to a new IP subnet, it changes its point of attachment to the network through the following handover process. First, layer 2 handover occurs to change the wireless AP to which MN is associated. After a new layer 2 connections is established, layer 3 handover is performed, which broadly involves movement detection, IP address configuration and location update. Initially, the MN's IP protocol implementation may be unaware of the link change, or may have been informed of the arrival by a link-trigger. Alternatively, the network itself may be aware of the MN's movement and may make use of this information to aid movement detection. Subsequently the MN receives a Router Advertisement which indicates that movement has occurred. The RA may have been an unsolicited `beacon' message which has been periodically sent by the router, or it may be in response to a Router Solicitation.

296

R.S. Tolentino et al.

Fig. 3. Proposed MIPv6 Handover procedure scheme

Once the MN knows it has moved, stateless or stateful address configuration including DAD is performed. This entails waiting for validation to complete, before further packets may be sent or received by the MN. Mobility signaling procedures are then started, with the MN sending a Binding Update (BU) to its Home Agent. Additionally Return Routability (RR) procedures are

A Study on Efficient Mobile IPv6 Fast Handover Scheme

297

started for route optimized conversations with Correspondent Nodes (CNs). Also, we added a new binding message Reverse Binding Update (RBU) to HA and we insert a buffer for storing the received data. As the Return Routability tests are completed, further BU messages are sent to CNs.

4 Performance Analysis 4.1 Parameters Table Each simulation used an assumed data in order to get the difference between schemes except the CoA configuration time of 1000ms. We assigned a value for each symbol, t1=50ms, t2=40ms, t3=60ms, and t4=80ms with their corresponding description as shown in table 1. We measured the handover latency, the interval between the last packet in the previous access router and the first packet in the next access router and the handover of CoA from NA to HA. The main purpose of this is to solve the packet handover issues which are packet loss and out of sequence problem. Table 1. Proposed MIPv6 Performance Analysis Parameters

Symbols t1 t2 t3 t4 HLCoA

Description MNÙNAP NAPÙNAR NARÙHA HAÙCN Forming CoA

Value 40ms 50ms 60ms 80ms 1000ms

4.2 Handover Latency Analysis A mobile node is unable to receive IP packets on its new association point until handover process finishes. The period between the transmissions of its last IP packet through the new connection is known as latency handover. The overall handover process, as well as the component delays identified above is illustrated in figure 3. The total latency handover for proposed MIPv6 scheme can analytically be computed as: Proposed MIPv6

(1)

= (4t1 +2 t2) + CoA + (2t1 + 2t2 + 4t3) + (2t1 + 2t2 + 2t3 + 2t4) = 2(2t1 + t2) + CoA +2 (t1 + t2 +2t3) + 2(t1 + t2 + t3 + t4) = 8t1 + 6t2 + CoA +6t3 +2 t4 = 2(4t1 + 3t2 + 3t3 + t4) + CoA

MIPv6 = (tAss_Req+tAss_Resp+tRS+tRA) +CoA+ (tBU +tBA)+(tBU + tBA) = (4t1 +2 t2) + CoA + (2t1 + 2t2 + 2t3) + (2t1 + 2t2 + 2t3 + 2t4) = 8t1 +6 t2 + CoA + 4t3 + 2t4 = 2(4t1 +3 t2 + 2t3 + t4) + CoA

(2)

298

R.S. Tolentino et al.

Where: HLL2, HLDAD, HLHA_REG, HLCN_REG as described above. tAss_Req is association request time, tAss_Resp is association request time, tRS is router solicitation time, tRA is router advertisement time, tRBU is reverse binding update time, and tRBA is reverse binding acknowledgement time. 4.4 Performance Comparison Fig. 5 shows the Handover Latency comparison between MIPv6, Proposed MIPv6 from MNÙNAP at time t1, in which we assigned assumed values of 50ms and 60ms. 3300

MIPv6 (50ms) Proposed Scheme (50ms) MIPv6 (60ms) Proposed Scheme (60ms)

3200 3100 3000

Total Handover Latency

2900 2800 2700 2600 2500 2400 2300 2200 2100 2000 1900 1800 1700 20.0ms

40.0ms

60.0ms

80.0ms

100.0ms

120.0ms

140.0ms

Time t1 Fig. 4. Handover Latency Comparison at time t1

5 Conclusion In this paper we have examined the handover process of Mobile IPv6. This work has illustrates and discussed the detailed decomposition and analysis of the handover delay, with a focus on the pre-registration phase. This paper provides simulated results for significant parts of the handover process. We illustrate and discuss the standard and propose schemes and all the results were obtained with no optimizations on the L3 part of the implementations used. Our results illustrate how the link layer detection, the movement detection, and the address autoconfiguration parts of the handover can be reduced. Link layer delays have been shown to be reduced association time by storing the message to buffer for fast reassociation response. The same happens when RA Intervals are shortened. However, for both these changes there is an indication that the processing load on the nodes and

A Study on Efficient Mobile IPv6 Fast Handover Scheme

299

the increased traffic in the wireless medium and the network will increase, respectively. DAD functions can be foregone, if the network meets certain requirements. Furthermore, an optimal range of Router Solicitation Delays may also benefit the network and the MNs. Acknowledgments. This research was supported by Basic Science Research Program through the National Research Foundation of Korea (NRF) funded by the Ministry of Education, Science and Technology (2010-0024401).

References 1. Tolentino, R.S., Lee, K., Song, M., Jeong, Y.-S., Kim, Y.-T., Park, B., Park, G.-C.: MSMAP: A study on Robust Multiple Selection Scheme of Mobility Anchor Point in Hierarchical Mobile IPv6 Network. In: FGCN 2009. CCIS, vol. 56, pp. 571–578. Springer, Heidelberg (2009) 2. Vaassiliou, V., Zinonos, Z.: An Analysis of the Handover Latency Components in Mobile IPv6. Journal of Internet Engineering 3(1) (December 2007) 3. Thomson, S., Narten, T., Jinmei, T.: IPv6 Stateless Address Autoconfiguration, Request for Comment 4862, Internet Engineering Task Force (September 2007) 4. Narten, T., Nordmark, E., Simpson, W., Soliman, K.: Neighbor Discovery for IP Version 6 (IPv6). Request for Comment 4861, Internet Engineering Task Force (September 2007)

300

R.S. Tolentino et al.

Authors Randy S. Tolentino completed his Bachelor of Science in Information Technology degree at WVCST (Western Visayas College of Science and Technology), Lapaz, Iloilo, Philippines, 2003(Pioneer batch); He completed his diploma in teaching at WVCST, College of Education, 2005. Currently, he is on the Integrated Course (Master to Ph.D.) at Hannam University and one of the members of Mobile and Multimedia Communication Lab (MMC). His research interests include Ubiquitous e-health care, Ubiquitous Medical Sensor Network Modeling, Wireless Healthcare Network, Mobile Networks and Sensor Network. Kijeong Lee completed his Bachelor of Science in Multimedia Engineering degree at HNU (Hannam University), Daejeon Metropolitan City, Republic of Korea, 2009. Currently, he is on the Master Course in Multimedia Engineering at Hannam University and one of the members of MMC Lab. His research interests include Wireless Mobile Network, Multimedia Network System, IEEE 802.16e (Mobile WiMAX), Wireless Sensor Network, RealTime Multimedia Transmission Service.

Sung-Gyu Kim working toward his Bachelor of Science in Multimedia Engineering degree at HNU (Hannam University), Daejeon Metropolitan City, Republic of Korea. Currently, he is on the B.S. Course in Multimedia Engineering at Hannam University and one of the members of MMC Laboratory. His research interests include Wireless Mobile Network, Multimedia Network System, IEEE 802.16e (Mobile WiMAX), Real-Time Multimedia Transmission Service, and Mobile IPTV.

Miso Kim working toward his Bachelor of Science in Multimedia Engineering degree at HNU (Hannam University), Daejeon, Republic of Korea. Currently, he is on the B.S. in Multimedia Engineering at Hannam University and one of the members of MMC Lab. His research interests include Wireless Mobile Network, Multimedia Network System, IEEE 802.16e (Mobile WiMAX), Real-Time Multimedia Transmission Service, and Mobile IPTV. Byungjoo Park received the B.S. degree in electronics engineering from Yonsei University, Seoul, Rep. of Korea in 2002, and the M.S. and Ph.D. degrees (First-Class Honors) in electrical and computer engineering from University of Florida, Gainesville, USA, in 2004 and 2007, respectively. From June 1, 2007 to February 28, 2009, he was a senior researcher with the IP Network Research Department, KT Network Technology Laboratory, Rep. of Korea. Since March 1, 2009, he has been a Professor in the Department of Multimedia Engineering at Hannam University, Daejeon, Korea. He is a member of the IEEE, IEICE, IEEK, KICS, and KIISE. His primary research interests include theory and application of mobile computing, including protocol design and performance analysis in next generation wireless/mobile networks. He is an honor society member of Tau Beta Pi and Eta Kappa Nu, USA. His email address is [email protected], [email protected]

A Software Framework for Optimizing Smart Resources in the Industrial Field Dongcheul Lee1 and Byungjoo Park2,∗ 1

Mobile R&D Laboratory, KT 17, Woomyeon-dong, Seoul, Korea [email protected] 2 Department of Multimedia Engineering, Hannam University 133 Ojeong-dong, Daeduk-gu, Daejeon, Korea [email protected]

Abstract. Recently, there are many industries that use smart resources such as smart phones. If we use smart resources, we can get information from anywhere and at anytime. In this environment, we can use various useful information when we scheduling the resources. However, optimizing these resources automatically is still hard since the field industry has various types of environmental factors generally. In this paper, we present the software framework that can optimize the use of the smart resources in the field industry. The framework takes various environmental factors in the field industry as input data. Then, it generates solution by using various optimization algorithms. The solution can be diverse since various objective functions and constraints can be selected. Finally, we implemented the framework in the real industrial field. As a result of this, the usage ratio of the resources was improved by 27%. Keywords: Smart Resource, Software Framework, Optimization.

1 Introduction In the industrial field, it is required that we should optimize limited resources and acquire maximum efficiency. For instance, in the telecom industrial field, limited field engineers should visit as many designated locations as possible at specific time. If there are enough resources and the amount of tasks that the resource should process is small and the diversity level of tasks is low, scheduling those resources is simple problem. However, generally, the resources in the industrial field are not enough, and there are diverse tasks they should process, and there exist many spatial and temporal constraints. Therefore, scheduling these resources is hard problem. In this paper, we present a software framework that optimizes the resources in highly complex industrial field. This framework considers each resource’s capability and a skill level so that it can get estimated time to process the task. Also, it contains diverse types of objective functions so that we can get optimized schedules with ∗

Correspondent author.

T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 301–310, 2010. © Springer-Verlag Berlin Heidelberg 2010

302

D. Lee and B. Park

different purposes. Furthermore, each resource can be equipped with a smart phone so that the resource can receive the scheduling result and report processing results to the framework from anywhere and at anytime. This paper is composed as follows: Section 2 introduces previously proposed general resource scheduling methods. Section 3 presents the software framework that can optimize the resources in the industrial field. Section 4 explains the implemental results of the framework. Section 5 concludes the paper on the basis of the results on Section 4.

2 Related Works The resource optimization problem belongs to the Traveling Salesperson Problem (TSP) [1]. It can be converted to various types of optimization problems by relaxing or changing constraints. The basic type of TSP finds minimum cost while visiting each location exactly once for a given set of locations. Vehicle Routing Problem (VRP) [2] additionally considers the number of tasks to deliver them to specific locations. Capacitated Vehicle Routing Problem (CVRP) additionally considers the carrying capacity of the tasks that should be delivered. Capacitated Vehicle Routing Problem with Multi-Depot (CVRPMD) additionally considers multiple pickup locations for the tasks. Capacitated Vehicle Routing Problem with Multi-Depot and Time Window (CVRPMDTW) additionally considers that each location has time windows within which the visits must be made. Among these problems, CVRPMDTW is the most relevant problem with the industrial field; however, it still has many restrictions to reflect the real world environment.

3 Proposed Method In this paper, we solve the resource optimization problem in the industrial field by using a software framework that has the ability of a resource scheduling. The software framework is composed of 5 modules: a module for receiving input data, a module for preprocessing the data before the framework solves the problem, a module for modeling data, a module for solving the problem by using the model, and a module for printing a scheduling result. 3.1 Input Data Fig. 1 shows input data that are used in the software framework. The data related with the resources are as follows: resource identification number, current location, clock-in time, clock-out time, estimated completion time of a task, movement speed of a resource, capable type of tasks, and skill level of a resource. The data related with the tasks that the resource should process are as follows: type of the task, location of the task, minimum start time, maximum start time, required number of resources, concurrent task flag, and reserved resource flag. Commonly used data include the pickup location, and previously scheduled results. The scheduling parameters include objective functions, maximum searching time, distance measurement methods, time windows, fixed number of tasks, and scheduling modes.

A Software Framework for Optimizing Smart Resources in the Industrial Field

303

‫ۆۍۊےۀۈڼۍڡٻ ۀۍڼےۏہۊڮٻ ۉۊۄۏڼەۄۈۄۏۋ ڪٻ ۀھۍېۊێۀ ڭ‬

 Fig. 1. Input data that is provided into the framework are shown

3.2 Modeling Objective Functions The objective functions that are used in this framework are processed as a cost minimization problem. That is, cost is added to the elements that affect the objective functions so that the solution is searched by minimizing total cost. We defined 4 types of basic objective functions and 4 types of multi-objective functions by combining 2 basic objective functions. 3.2.1 Maximizing the Number of Tasks Objective Function This objective function is suitable when there are excessive numbers of tasks on specific day. Since the resources are limited, few constraints should be used for processing as many tasks as possible. Therefore, if this objective function was selected, it solves the problem by ignoring starting time of the tasks. This objective function adds cost as much as the number of unprocessed tasks if it cannot process entire tasks. Furthermore, the cost of the resources and the cost of the movement distance should be considered together. The cost is added as follows: Loc.setPenaltyCost(Cost) where Loc is an object for the task.

(1)

304

D. Lee and B. Park

3.2.2 Maximizing Punctuality Objective Function This objective function is intended to assign resources to specific locations punctually. Strictly speaking, this objective function is similar to a constraint function. However, since punctuality is an important factor in the industrial field, we made it as an objective function. If this objective function is used, it must keep the starting time of the task or the task is excluded from the solution. The model is built as follows: model.add(requestMinTimeOfCustomer<=Loc.getCumulVar(time))

(2)

model.add(Loc.getCumulVar(time)<=requestMaxTimeOfCustomer)

(3)

where requestMinTimeOfCustomer is the minimum starting time of the task, and requestMaxTimeOfCustomer is the maximum starting time of the task, and Loc.getCumulVar(time) is a temporal variable of the task. There is an alternative option for this objective function: Even though it cannot keep the starting time of the task, it only adds penalty cost as much as the time gap without excluding from the solution. Therefore, if the resource visits the location earlier than the starting time, it adds the earliness cost. Also, if the resource visits the location later than the starting time, it adds the lateness cost. These processes are described as follows: model.add(timeDimension>=LatenessCost*(Loc.getCumulVar(time)requestMaxTimeOfCustomer)

(4)

model.add(timeDimension>=-EarlinessCost*(Loc.getCumulVar(time)requestMinTimeOfCustomer)

(5)

where timeDimension includes from the starting time to the completion time. 3.2.3 Minimizing the Number of Resources Objective Function This objective function is intended to make a resource to process as many tasks as possible. Therefore, it minimizes the total number of resources by adding penalty cost to additional resources. However, if it exceeds the constraints, another resource is searched and selected for the task. The cost is added as follows: vehicle.setCost(Cost)

(6)

vehicle.setCost(timeDimension, unitCost)

(7)

where unitCost is unit cost for timeDimension. 3.2.4 Load Balancing Objective Function This objective function tries to assign the tasks to the resources evenly. It adds the penalty cost if the number of tasks assigned to the resource is greater or lesser than the average number of tasks for each resource. The cost is increased exponentially as the gap increases. The maximum value of the average number of tasks was set to 50. Also, the maximum number of tasks that a resource can process in a day was set to 100. This limit is needed since it makes the model realistic and the solution searching can be processed efficiently. The model is built as follows:

A Software Framework for Optimizing Smart Resources in the Industrial Field

305

model.add(lastLoc.getRankVar()<=MAX_ORDER)

(8)

model.add(orderDiffVars[i]==ABS(lastLoc.getRankVar()-1-avgOrderNo)

(9)

model.add(sum[i]==Exponent(orderDiffVars[i])*LOAD_BALANCE_COST

(10)

model.add(objLoadBalanceCost==sum)

(11)

where getRankVar() is an index variable which indicates the order of visits of the resource, and MAX_ORDER is the maximum number of tasks that a resource can process in a day, and LOAD_BALANCE_COST is the load balancing cost. 3.2.5 Multi-Objective Function The combination of the Maximizing Punctuality Objective Function and the Load Balancing Objective Function keeps the starting time of the task and distributes tasks to resources evenly. LatelessCost, EarlinessCost, and LOAD_BALANCE_COST are involved in this multi-objective function. The combination of the Maximizing Punctuality Objective Function and the Minimizing the Number of Resources Objective Function keeps starting time of the task and reduces as many resources as possible to reduce the cost of a resource. LatelessCost and EarlinessCost are relevant with punctuality while vehicle.Cost element is relevant with the resource minimization. The combination of the Maximizing the Number of Tasks Objective Function and the Minimizing the Number of Resources Objective Function tries to process as many tasks as possible while minimizing the number of resources. Loc.cost element is the cost when the task cannot be processed while vehicle.Cost element is concerned with the resource minimization. The combination of the Maximizing the Number of Tasks Objective Function and the Load Balancing Objective Function tries to process as many tasks as possible while distributing tasks to resources evenly. Variables that are not relevant with this multi-objective function were set to zero. Also, LOAD_BALANCE_COST was set lesser than other multi-objective functions since processing more tasks is more important than load-balancing tasks. 3.3 Searching Solution Searching solution module makes a schedule for given resources and tasks. In this software framework, solution is searched by using the objective functions and the constraints. The procedure of the searching can be divided into two steps: First, it searches initial solution. Second, it improves the solution by using suitable algorithms. If there were no improvement within several seconds, which indicates the solution is local solution [3], meta-heuristic methods [4] are used to escape from local solution. If the searching time is passed or the framework finds optimal solution, it stops the searching and generates schedule.

306

D. Lee and B. Park

3.3.1 Searching Initial Solution Initial solution is the first schedule that the scheduling module makes under given objective function and constraints. Depending on an objective function, the framework uses the Minimizing the Number of Resources Component or the Load Balancing Component. However, if these components could not find initial solution, the framework searches at least one solution even though the solution does not satisfy the full constraints. The Load Balancing Component is processed as follows: A1. A resource is selected that has not been selected and has been assigned minimum tasks; A2. If there is no resource that satisfies the condition, the module is stoped; A3. A starting location of the resource is assigned to Loc1; A4. The location of the task that has maximum cost is assigned to Loc2; A5. If the selected resource can move from Loc1 to Loc2, the path is chosen; A6. Assign Loc1 to Loc2 and go to A4; A7. If the number of assigned tasks of the resource is greater than the average, go to A1; The Minimizing the Number of Resources Component is processed as follows: B1. A resource is selected that has never been selected and has been assigned minimum tasks; B2. If there is no resource that satisfies the condition, the module is stoped; B3. A starting location of the resource is assigned to Loc1; B4. The location of the task that has maximum cost is assigned to Loc2; B5. If the selected resource can move from Loc1 to Loc2, the path is chosen; B6. Assign Loc1 to Loc2 and go to B4; B7. If the number of assigned tasks of the resource is greater than 10, go to B1; The Component for searching at least one solution is processed as follows: C1. A resource is selected that has never been selected and has been assigned minimum tasks; C2. If there is no resource that satisfies the condition, the module is stoped; C3. A starting location of the resource is assigned to Loc1; C4. The location of the task that has maximum cost is assigned to Loc2; C5. If the selected resource can move from Loc1 to Loc2, the path is chosen and go to C1; C6. If the resource cannot move from Loc1 to Loc2, return to initial pickup location;

A Software Framework for Optimizing Smart Resources in the Industrial Field

307

Table 1. Algorithms for improving solutions are described Algorithm 2-Opt Or-Opt Cross Exchange Relocate MakeLoc UnmakeLoc SwapLoc

Description Make a new path after removing 2 nodes from the previous path Make a new path after removing several nodes from the previous path Switch end nodes between two path Switch end nodes between several path Move a node from a path to another path Modify solution to visit the location, which has not been visited Modify solution not to visit the location, which was scheduled to visit Modify solution by switching a visited location to non-visited location

3.3.2 Improving Initial Solution At improving solution stage, the module tries to find another solution with less cost than initial solution. Table 1 shows the algorithms that were used in this module to improve solution. 2-Opt or Or-Opt are used to enhance solution within the same path. Cross or Exchange or Relocate are used to improve solution across the paths. MakeLoc or UnmakeLoc or SwapLoc are used to enhance solution by adding or exchanging or deleting locations. This process is stopped if the solution has not improved after 50 times trials or if the searching time is passed. 3.3.3 The Order of Algorithms It is important that not only selecting suitable algorithms but also their sequence of execution. That is, depending on the sequence of the algorithms, searching time can be affected. Therefore, once the module used first algorithm and there was no improvement, the next algorithm is used for enhancing solution. When the combination of the Maximizing Punctuality Objective Function and the Load Balancing Objective Function or the combination of the Maximizing the Number of Tasks Objective Function and the Load Balancing Objective Function is used, the sequence of MakeLoc, SwapLoc, Relocate, Exchange, Cross, and Or-Opt showed fastest searching time. Also, when the combination of the Maximizing Punctuality Objective Function and the Minimizing the Number of Resources Objective Function or the combination of the Maximizing the Number of Tasks Objective Function and the Minimizing the Number of Resources Objective Function is used, the sequence of MakeLoc, UnmakeLoc, SwapLoc, Relocate, Exchange, Cross, Or-Opt showed fastest searching time. 3.3.4 Meta-heuristic Algorithms Guided Local Search (GLS) [5] is used to escape from local solution. GLS adds cost to an objective function when previous local solution is searched again. The algorithm consists of following elements: D1. F is a set of component elements; D2. f i is index function of ith element of F; If i is included in the solution S, then f i (S ) = 1 else 0; D3. c is a cost vector;

ci is the cost of ith element;

308

D. Lee and B. Park

D4.

λ

is penalty cost factor;

D5. p is penalty vector; p i is the number of penalties of ith element; D6. O(S) is the original objective function; Modified objective function is O ' ( S ) = O ( S ) + λ f i ( S ) p i ci

∑ i∈F

This algorithm finds solution by using the modified objective function which is described in D6. Also, a penalty cost is granted to the element that has maximum ci /( p i + 1) to avoid local solution. The algorithm stops if the number of repetition exceeds 200. Also, the penalty cost factor can be changed as following: 0.15, 0.25, and 0.2.

4 Implemental Results We implemented the software framework that can optimize the use of resources at KT’s workforce environment. KT is the largest telecommunication company in Korea

Fig. 2. The number of tasks before and after adopting the framework is compared

A Software Framework for Optimizing Smart Resources in the Industrial Field

309

so that there exist thousands of tasks in a day and various environmental factors. Therefore, KT’s workforce scheduling problem is hard to solve. The workforce has a smart phone so that they can be aware of the scheduled tasks from anywhere and at anytime by using an application, which communicates with the software framework. Also, they can inquire detail information of the task and can report their current locations and processing results. This environment is suitable for adopting this framework since the framework can monitor the status of the workforce and can use it as input data. Furthermore, after solving the problem by using the data, it can send the results to the workforce instantly. Fig. 2 shows the result before and after adopting the software framework. If we compare the distribution of the number of resources before and after adopting the framework, we can identify the average number of tasks was increased by 1.6, which indicates the usage ratio was increased by 27%.

5 Conclusions In this paper, we proposed the smart resource optimization software framework that optimizes the use of the resources in the industrial field. The framework preprocesses input data and builds a model for problem solving on the basis of objective functions and constraints. Then, it searches optimal solution by using various algorithms. As a result of implementing the framework to the real world, the usage ratio of the resources was increased.

References 1. Xie, X.F., Liu, J.: Multiagent Optimization System for Solving the Traveling Salesman Problem. IEEE Transactions on Cybernetics 30(2), 489–502 (2009) 2. Li, S., Chen, L.: Optimization of the VRP with Single Depot Based on Vehicle Coordination Strategy. In: International Conference on ICICTA, pp. 862–865 (2010) 3. Chiang, H.D., Chu, C.C.: A systematic search method for obtaining multiple local optimal solutions of nonlinear programming problems. In: Interrnational Symposium on ISCAS, pp. 447–450 (1994) 4. Takahara, S., Kusumoto, Y., Miyamoto, S.: An adaptive meta-heuristic approach using partial optimization to non-convex polygons allocation problem. In: International Conference on Fuzzy Systems, pp. 1191–1194 (2001) 5. Bai, R., Kendall, G., Li, J.: An efficient guided local search approach for service network design problem with asset balancing. In: International Conference on Logistics Systems and Intelligent Management, pp. 110–115 (2010)

310

D. Lee and B. Park

Authors Dongcheul Lee received the B.S. and M.S. degrees in Computer Science and Engineering from Pohang University of Science and Technology, Pohang, Korea in 2002 and 2004, respectively. He has been a senior researcher in the KT Network Technology Laboratory, Korea since 2004. His research interest includes algorithm and application of mobile communications, workforce scheduling issues for network service provisioning, and task scheduling algorithms for GRID environment.

Byungjoo Park received the B.S. degree in electronics engineering from Yonsei University, Seoul, Rep. of Korea in 2002, and the M.S. and Ph.D. degrees (First-Class Honors) in electrical and computer engineering from University of Florida, Gainesville, USA, in 2004 and 2007, respectively. From June 1, 2007 to February 28, 2009, he was a senior researcher with the IP Network Research Department, KT Network Technology Laboratory, Rep. of Korea. Since March 1, 2009, he has been a Professor in the Department of Multimedia Engineering at Hannam University, Daejeon, Korea. He is a member of the IEEE, IEICE, IEEK, KICS, and KIISE. His primary research interests include theory and application of mobile computing, including protocol design and performance analysis in next generation wireless/mobile networks. He is an honor society member of Tau Beta Pi and Eta Kappa Nu, USA. His email address is [email protected], [email protected]

Automatic Image Quality Control System Jee-Youl Ryu, Sung-Woo Kim, Seung-Un Kim, and Deock-Ho Ha Dept. of Information and Communications Engineering, Pukyong National University, Busan, 608-737, South Korea [email protected]

Abstract. A new automatic image quality control system for TFT-LCD (Thin Film Transistor Liquid Crystal Display) applications is proposed. Image quality factors such as gamma adjustment, flicker, brightness, and contrast are enhanced by proposed algorithm and system. Developed system utilizes programmable 6-point matching algorithm with reference gamma curve and automatic power setting algorithm. Proposed system showed significantly reduced gamma adjusting time, reduced flicker, high contrast and much less average gamma error than conventional manual method. Keywords: Automatic image quality control system, gamma adjustment, flicker, brightness, contrast, programmable 6-point matching algorithm.

1 Introduction TFT-LCD has rapidly grown over the past 10 years in Mobile phones, DSC, PDA, cars, printers, ATM machines, digital signage, and many electronics products. Gamma, flicker, brightness, and contrast are essential factors in display image quality. In addition, considering sensitivity for the optical light of the human eyes, gamma and flicker are important electro-optical parameters to express accurate display image quality on a TFT LCD [1]-[5]. The image quality of TFT LCD depends on complex relationship between LC materials, TFT characteristics, backlight unit and RGB color filters. Traditional way of mobile LCD image adjustments manually involves correction steps by trial and error to adjust several registers. Since this process depends on tuning skills and experiences of LCD engineers, there is a little deviation for image quality optimization [1]-[3]. It is very important to reduce this deviation without any image quality degradation. In this work, we present a new automatic image quality control system for TFT LCD. Proposed system utilizes gamma curve optimization and programmable power setting algorithms. It automatically adjusts gamma curve and flicker level by controlling grayscale voltages and powers in the TFT LCD modules using developed algorithms. Proposed system utilizes programmable 6-point matching algorithm and automatic power setting algorithm. Algorithm and control program are developed to reduce gamma correction error, gamma adjusting time and flicker, and to improve brightness and contrast. T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 311–315, 2010. © Springer-Verlag Berlin Heidelberg 2010

312

J.-Y. Ryu et al.

2 Gamma Curve and Flicker Optimization The LCD driver IC used in mobile TFT LCDs has various registers more than 10 sets to control image quality. Optimized image quality is properly adjusted by setting these registers. Image quality control registers are classified by flicker adjustment, gamma adjustment and power control. 2.1 Register Setting of LCD Driver IC Fig. 1 shows a general setting sequence of LCD driver IC for optimizing display image quality of mobile LCDs. This sequence basically consists of three sequential steps such as contrast adjustment, flicker adjustment, and gamma adjustment. The LCD driver ICs typically include contrast, gamma and flicker adjustment registers of more than 10 sets and 3 bits to optimize image quality. Conventional way of mobile LCD image quality adjustments manually contains correction steps by trial and error to adjust these 10-set registers. Since this depends on skills and experiences of LCD module developers, it is highly labor-intensive. Contrast adjustment

Black and white voltage setting

Flicker adjustment

Common voltage adjustment

Gamma adjustment

Grayscale voltage adjustment

Measure gamma error ratio & flicker

NG

Check Spec. OK END

Fig. 1. Register setting sequence for LCD driver IC

2.2 Adjustment Algorithm Fig. 2 shows the flowchart for amplitude and reference adjustment algorithms. To accomplish the adjustment, register values are controlled by variable resistors. The proposed algorithm follows a sequential step that reads and displays each luminance for the grayscale voltages of V8, V20, V43 and V55 shown in Fig. 12 using developed programmable 6-point matching algorithm. It automatically adjusts 6 grayscale voltage levels of V1, V8, V20, V40, V55 and V62 using automatic register bit control. As shown in Fig. 2, amplitude and reference registers in driver IC are designed to choose these four grayscale voltages of V8, V20, V43 and V55.

Automatic Image Quality Control System

Gray 8 display & luminance read if, +

Ref. - Measure luminance

if, +

Gray 20 display & luminance read if, +

Gray 42 display & luminance read

d=d+1

Ref. - Measure luminance

Register setting

313

Gray 55 display & luminance read if, +

Ref. - Measure luminance

Ref. - Measure luminance

END

Fig. 2. Flowchart for amplitude and reference adjustment algorithms

3 Development of System and Software The proposed system consists of module-under-test (MUT, LCD module), PC installed with algorithm and program, multimedia display tester (Yokogawa, 3298F luminance meter) for measuring luminance, and control board for interface between PC and LCD module as shown in Fig. 3. It is realized to calibrate gamma values of 1.8, 2.0, 2.2 and 3.0. The control board is basically constructed with TMS320F2812 DSP chip of Texas Instruments. The board is also designed with FPGA, and it supports different interfaces such as RGB and CPU. It plays a role in RS232 interface between PC and luminance meter controlling luminance meter, reading LCD luminance data, setting LDI register, and providing grayscale images in LCD. The PC part has GUI program, contrast, gamma and flicker adjustment algorithms, and system monitoring function. From control commends using PC program, control system performs register value change, luminance measurement, and signal transmitting. RS232 Luminance meter PC

RS232

DSP TMS320F2812

FPGA XC3S1000

LCD LCD Driver IC

Fig. 3. Automatic image quality adjustment system

4 Experiment Results and Discussion We looked at the average gamma error rate and adjusting time. Considering wide spread in panel-to-panel gamma variation, gamma curve values of 1.8 and 2.2 are investigated. Fig. 4 shows the adjusted results for (a) gamma=1.8 and (b) gamma=2.2.

314

J.-Y. Ryu et al.

The tested module is 2.4” IPS mode with QVGA (240×320) resolution and CPU 16bit interface. As depicted in Fig. 4, the proposed system showed average gamma error rate of less than 5% and adjusting time of about 8 minutes for four gamma values. For gamma curve of 2.2, the system showed very low average gamma error rate of 4.95% and adjusting time of about 8 minutes.

(a) gamma=1.8

(b) gamma=2.2

Fig. 4. The adjusted results for several gamma values

Table 1 summarizes the adjusted results of the proposed system for a standard gamma value of 2.2. Although IPS mode provides average gamma error rate of more than 10%, this meets specification of less than 15% with significantly reduced adjusting time. However, as listed in Table 1, proposed system has much longer adjusting time to get much enhanced image quality with flicker level of less than 2% and gamma error rate of less than 5%. Proposed system showed flicker level of 1.1% and gamma error rate of 4.95% with the adjusting time of 480 seconds. Fig. 5 shows adjustment results for conventional manual method and proposed method. As shown in Fig. 5, proposed system showed high quality image with high Table 1. Summary of the adjusted results for the proposed system Contrast ratio Before After adjustment adjustment

Flicker level (%) Before After adjustment adjustment

Gamma error rate (%) Before After adjustment adjustment

adjusting time (sec.)

LC Mode

Driver IC

TN

A type

QCIF

340:1

350:1

35.2

1.90

21.97

9.95

238

TN

B type

QCIF

345:1

350:1

26.4

2.30

20.97

7.00

245

Resolution

TN

B type

QCIF

348:1

350:1

19.5

1.70

21.89

6.81

248

ECB

C type

QVGA

320:1

360:1

29.5

2.40

41.50

12.83

241

ECB

C type

QVGA

325:1

360:1

21.9

2.52

37.48

13.27

239

ECB

D type

QVGA

330:1

360:1

19.5

2.21

34.32

4.85

365

IPS

C type

QVGA

345:1

500:1

17.3

1.10

32.52

4.95

480

Automatic Image Quality Control System

(a) Conventional manual adjustment

315

(b) Proposed adjustment

Fig. 5. The adjusted results for each method

contrast ratio, very low flicker level, low gamma error rate and fast adjusting time. However, adjustment results using conventional manual method showed degraded quality image.

5 Conclusion We presented automatic image quality control system for TFT LCD. It could adjust gamma curve, contrast ratio and flicker level automatically by controlling analog supply voltage and gamma voltages of the LCDs. The system was realized to calibrate gamma values of 1.8 and 2.2. We believe that the proposed system is very useful to develop high quality LCD and to reduce test overhead in mass production line of the mobile TFT LCD. We hope that proposed system will be used in flat panel display applications including TVs and monitors.

References 1. Cho, N.S., Ryu, J.Y., Park, C.W., Kwon, W.H.: Development of Automatic Gamma Optimization System for Mobile TFT-LCD. J. of Institute of Control, Robotics and Systems 15(3), 323–329 (2009) 2. Park, C.W., Ryu, J.Y., Jeong, G.Y., Jung, T.H., Kim, T.S., Kim, K.D.: Development of Automatic Gamma Control System for Mobile LCD Applications. In: SAMSUNG Tech. Conference 2006, pp. 131–137 (2006) 3. Lee, P.M., Chen, H.Y.: Adjustable Gamma Correction Circuit for TFT LCD. In: IEEE 2005, pp. 780–783 (2005) 4. Oh, J.H., et al.: Automated LCD Gamma Curve Optimization. In: SID 2006, pp. 394–397 (2006) 5. Park, H.W., et al.: A Novel Method for Image Contrast Enhancement in TFT-LCDs: Dynamic Gamma Control (DGC). In: SID 2003, pp. 1343–1345 (2003)

Programmable RF System for RF System-on-Chip Jee-Youl Ryu, Sung-Woo Kim, Dong-Hyun Lee, Seung-Hun Park, Jung-Hoon Lee, Deock-Ho Ha, and Seung-Un Kim Dept. of Information and Communications Engineering, Pukyong National University, Busan, 608-737, South Korea [email protected]

Abstract. This paper proposes a new automatic programmable radio frequency (RF) system for a System-on-Chip (SoC) transceiver. We built a 5-GHz low noise amplifier (LNA) with an on-chip programmable RF system using 0.18μm SiGe technology. This system is extremely useful for today's RF IC devices in a complete RF transceiver environment. The programmable RF system helps it to provide DC output voltages, hence, making the compensation network automatic. The programmable RF system automatically adjusts performance of 5-GHz low noise amplifier with the processor in the SoC transceiver when the LNA goes out of the normal range of operation. The ACN compensates abnormal operation due to the unusual thermal variation or unusual process variation. Keywords: System-on-Chip, automatic programmable RF system, low noise amplifier.

1 Introduction A rapid growth in RF integrated circuit devices demands high density, high speed and low-cost RF systems. To realize these recent trends, system-on-chip (SoC) has become a new solution in today’s RFIC industry. However, the suitable test technique and reduction of test cost for SoC still remain to be the major bottleneck to make affordable wireless systems. To solve these problems, the test technique using DFT (Design-for-Testability) circuit in the RF and mixed-signal domain is applied as a suitable test structure on SoC [1-4]. To design an effective RF DFT structure, proper identifications of catastrophic faults and parametric variations in RF system play an integral part of the design. Analog systems have only a few inputs and outputs, and their internal states exhibit low time constants compared to digital circuits [5]. To test point-to-point transceiver, loop-back technique using spectral signature analysis is generally used with lower effort and very small test overhead [3-4]. However, this test technique has disadvantages such as lower test coverage due to the fact that the complete transceiver is tested as a whole and the need of an additional DSP due to the higher complexity of the test signature generation [4]. In this paper, a new low-cost alternative method for RF SoC testing to adjust parametric variations is proposed. The alternative method utilizes automatic programmable T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 316–320, 2010. © Springer-Verlag Berlin Heidelberg 2010

Programmable RF System for RF System-on-Chip

317

RF system for 5-GHz low noise amplifier (LNA) as a typical RF front-end chip. The system involves RF Design-for-Testability (DFT) circuit, Capacitor Mirror Banks (CMB) and digital signal processor (DSP). The RF DFT circuit helps it to provide DC output voltages, hence, making the compensation system automatic.

2 Approach Fig. 1 shows the SoC-based receiver configuration with an automatic programmable RF system for the LNA. The proposed system contains RF Design-for-Testability (DFT) circuit, Capacitor Mirror Banks (CMB) and digital signal processor (DSP). The system automatically adjusts and compensates performance of the 5-GHz LNA by the processor when the LNA goes out of the normal range of operation due to the unusual thermal variation or unusual process variation. The RF DFT circuit helps it to provide DC output voltages, thus, making the system automatic. Mixer ADC

LNA

DSP

LO DFT

CMB DN

Fig. 1. SoC-based receiver configuration with an ACN for the LNA

The RF DFT hardware consists of a test amplifier (TA), a band-gap reference and two RF peak detectors (PD1 and PD2) as shown in Fig. 2. This additional hardware occupies a very small area on the SoC, and it helps to measure LNA performance without expensive external equipment. To provide DC output voltages (VT1 and VT2) two RF peak detectors are used.

vL1

PD1

vT

TA

PD2

Band-gap Reference

Fig. 2. RF DFT hardware

VT1

VT2

318

J.-Y. Ryu et al.

The proposed DFT circuit is shown in Fig. 3, and it is designed using 0.18μm SiGe technology. It consists of TA and PD2 circuit stages. The PD1 circuit is also a part of the DFT circuit and it has the same topology as the PD2 circuit as shown in Fig. 3. The test amplifier is designed with the input and output impedances of 50 ohms, respectively. The gain of the test amplifier is designed to be 3 to increase the output voltage level. The RF peak-detectors are used to convert RF signal to DC voltage. The bias stage utilizes a band-gap reference circuit for a low-supply voltage and a low-power dissipation. VCC R05

Lc01

R01 R02 Q03 Q02

vT

vB

v1

C04

VT2

Q04

Q01

CB

R03

C06

C03

C02

Rb01

R06

R07 C05

R04 GND

Band-gap reference

Test Amplifier

Peak Detector 2

Fig. 3. Schematic diagram of an RF DFT

Fig. 4 shows details of the proposed CMB. It has N-bit capacitor banks to accurately compensate an LNA performance. In this approach, we have designed an 8-bit CMB considering a chip area overhead. The capacitor bank is controlled by using digital signals (D8…D2D1) from the digital signal processor (DSP) hardware. The input data streams of (D8…D2D1) = (0…01) for (1/8)(Cb) and (1…11) for Cb have been used to compensate LNA performance, respectively. The Cb is under fault-free value. It was designed with LNA on a single chip using 0.18 μm SiGe technology to demonstrate this idea. It is powered by 1.8-V supply voltage. VDD CB1

RD1

……

RD2

2 Cb N

2 Cb N

……

vin D1

M1

D2

……

M2

2 Cb N

2 Cb N

RS1

RS2

……

RDN 2 Cb N

DN

MN

CB2

2 Cb N

vout RSN GND

Fig. 4. N-bit CMB

Programmable RF System for RF System-on-Chip

319

3 Results Fig. 5(a) and (b) shows the gain and noise figure variations and their compensation results for a +20% process variation of the most sensitive component (Lc1). The gain and noise figure compensations shown in this figures were done at the operation frequency of 5.25GHz. We identified a variation of 1.04dB (11.32%) in the LNA gain from the +20% process variation. To compensate a 1-dB LNA gain, the input data stream of (D8…D2D1) = (0…01) providing CB = (1/8)(Cb) was applied. The Cb is under fault-free value. As can be seen from Fig. 10, our ACN can compensate the gain of LNA due to the process variation at 5.25 GHz. The noise figure compensation shown in this figure was done at the operation frequency of 5.25GHz. The Lc1+20%

(a) Gain compensation

(b) Noise Figure compensation

Fig. 5. LNA compensation results for Lc1+20% process variation Table 1. Comparisons of variations and their compensations Variations Components

Compensations

ΔGLNA(dB) ΔNF(dB)

Data Codes

CB

ΔGLNA(dB) ΔNF(dB)

Lc1+10%

-0.450

0.003

(00000011)

0.250Cb

0.440

-0.367

Lc1+20%

-1.040

0.022

(00000001)

0.125Cb

1.010

-0.370

T+10°C

-0.103

0.108

(00111111)

0.750Cb

0.146

-0.141

T+20°C

-0.188

0.191

(00001111)

0.500Cb

0.283

-0.275

T+30°C

-0.277

0.274

(00000011)

0.250Cb

0.403

-0.393

T+40°C

-0.372

0.357

(00000001)

0.125Cb

0.412

-0.409

Lc1+10%&T+10°C

-0.560

0.113

(00001111)

0.500Cb

0.305

-0.272

Lc1+10%&T+20°C

-0.649

0.197

(00000011)

0.250Cb

0.443

-0.368

Lc1+10%&T+30°C

-0.744

0.281

(00000011)

0.250Cb

0.445

-0.396

320

J.-Y. Ryu et al.

process variation showed a small variation in the LNA noise figure as shown in Fig. 5(b). We identified a variation of 0.022dB (0.5%) in the LNA noise figure from the +20% process variation. Table 1 summarizes the noise figure and gain variations and their compensation results for process, thermal and coupled variations. Data codes used for compensation are listed. As can be seen in this table, the proposed programmable RF system showed good compensation results for the variations of the LNA gains and noise figures.

4 Conclusions This paper presented a new programmable RF system for RF SoC. We proved that our programmable RF system can help to compensate RF component with parametric variations. Utilizing our new programmable RF system, we measured input impedance, gain and noise figure, and it automatically adjusted performance of 5GHz LNA when the LNA went out of the normal range of operation. The new system provided successful measurement results of RF chips. The RF LNA provided with complete testing by utilizing a novel RF system architecture and mathematical equations. We believe that this new capability will provide industry with a low-cost technique to test RFIC chips.

References 1. Ryu, J.Y., Noh, S.H.: A New Approach for Built-In Self-Test of 4.5 to 5.5GHz Low Noise Amplifiers. ETRI Journal 28(3), 355–363 (2006) 2. Pronath, M., Gloeckel, V., Graeb, H.: A Parametric Test Method for Analog Components in Integrated Mixed-Signal Circuits. In: IEEE/ACM International Conference on Computer Aided Design, pp. 557–561 (2000) 3. Liu, H.C.H., Soma, M.: Fault diagnosis for analog integrated circuits based on the circuit layout. In: Proceedings of Pacific Rim International Symposium on Fault Tolerant Systems, pp. 134–139 (1991) 4. Segura, J., Keshavarzi, Soden, A., Hawkins, J.C.: Parametric failures in CMOS ICs – a defect -based analysis. In: Proceedings of International Test Conference, pp. 90–99 (2002) 5. Chatterjee, A., Nagi, N.: Design for Testability and Built-In Self-Test of Mixed-Signal Circuits: A Tutorial. In: IEEE 10th International Conference on VLSI Design, pp. 388–392 (1997)

Development of a Mobile Language Learning Assistant System Based on Smartphone Jin-il Kim1, Young-Hun Lee2,*, and Hee-Hyol Lee3 1

Dept. of Electronic Eng., Hannam University, 133 Ojeong-dong, Daedeok-gu, Daejon 306-791, Korea [email protected] 2 Dept. of Electronic Eng., Hannam University, 133 Ojeong-dong, Daedeok-gu, Daejon 306-791, Korea [email protected] 3 The Graduate School of Information, Production and Systems, Waseda University, 2-7 Hibikino, Wakamatsu-ku, Kitakyunshu, Fukuoka, 808-0135, Japan [email protected]

Abstract. One of the most important issues of the school education today is that learners are not able to apply their knowledge that they've learned from the classroom to their real life. Situated Learning Theory would be one of the best solutions to solve these problems. However, current methods which have been developed for instructional purpose until now don't seem to reflect Situated Learning Theory enough. It is vital to investigate better applicable methods that can be practiced in education field based on Situated Learning Theory. Therefore, the purpose of this paper is to design and implement a Mobile Language Learning Assistant System using location awareness technology. This study has found that Mobile Language Learning Assistant System can be effectively utilized in providing authentic learning environment and also its future prospect is very bright according to the learner evaluation. Keywords: Mobile, Learning Assistant, Situated Learning Theory, Contextaware.

1 Introduction In recent years, great changes are happening in education because of the development of ubiquitous technology and class using ICT in education methodology. Education demands expanded concept of educational environment that can be done anywhere anytime learning without giving a place on education training beyond the concept of a fixed place. Also, Learning environment become free from the temporal and spatial constraints as well as focus on personal characteristics. In real life, Situated learning that can maximize the effectiveness of learning is a illuminate. This Situation Learning Theory is changing with the development of Internet and mobile communication technologies and context-aware computing technology closely. Initially, the situation learning and its practical approach has been studied *

Corresponding author.

T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 321–329, 2010. © Springer-Verlag Berlin Heidelberg 2010

322

J.-i. Kim, Y.-H. Lee, and H.-H. Lee

extensively in the field of psychology, cultural studies and education. However, current methods, anchored instruction [1] [2] [3], a Web course [4] [5] and learning using a simple mobile devices[6][7][8][9] etc, which have been developed for instructional purpose until now don't seem to reflect Situated Learning Theory enough. It is vital to investigate better applicable methods that can be practiced in education field based on Situated Learning Theory. Therefore, the purpose of this paper is to design and implement a Mobile Language Learning Assistant System using location awareness technology. This study has found that Mobile Language Learning Assistant System can be effectively utilized in providing authentic learning environment.

2 Related Study According to situated learning, learning which takes place in the context-aware of real life is easy to understand knowledge as well as motivate learners to learn, because connect personal experiences and needs of learners to learning contents in the learning. In addition, the knowledge that learned through the context-aware of real life is even easier than the knowledge gained through direct teaching in practical and realistic solution of the problem[1][10]. So, learning is the most effective that students learn knowledge or skills in the context-aware of real life. However, it is impossible to learn all learning in real-life. The most of learning has made by the virtual environment even if this can be done learning through direct experience in real life. According to situated learning, it can gain knowledge by agency experience in the virtual space which is similar to the real life[11]. The Cognition and Technology Group of Vanderbilt University has developed a series of Jasper that have applied the principles of learning situation. The experimental results proved that students' problem-solving skills have been improved[1][2][3]. This teaching methodology known as Anchored instruction theory revealed significant results that are effective problem-solving skills of students as well as academic achievement, attitude change in several studies. Recent advances in information technologies have brought environments that situated learning can research actively in web-based virtual space. Some related research is as follows: Just-In-Time Learning Systems [5], applying situated learning in the virtual space on the Web, research of learning motivation purpose, considering the elements of fun and excitement of the game, and MMORPG-type learning system [4], featuring a virtual social space rather than a simple game and so on. However, in a strict sense, it is difficult to say that anchored instruction or learning, takes place in virtual space on the web are a perfect match to the context-aware learning teaching method, Because these teaching methods offer a context-aware similar to the real. However, this method provides learning contents to students unilaterally. And that provide not direct experience but indirect experiences through observation. Currently, the tools that they can learn beyond the classroom using mobile devices are being actively studied [12][13][14][15]. Some related research is as follows : design of mobile learning content to support situated learning using Wireless internet mobile devices [6][7], implement of learning content on isolated-type mobile devices [8] and a mobile learning system that require content from the Web server to download your devices [9] and so on.

Development of a Mobile Language Learning Assistant System

323

More studies show that a learning using mobile devices in the context-aware of a realistic interaction is possible. In addition, that method is a practical way of situated learning, because practical experience of learners is knowledge of learners. However, these studies have several disadvantages: First, screen of a learning system using mobile handsets is very small and is limited to store learning content. Second, it's merely benefits before the contents can save to mobile devices. In other words, the context-aware of learner is not considered at all in real life. Third, learners should be prepared the context-sensitive content and anticipated the situation in advance in order to learn in the context-aware of real life. However, even if the contents are ready to advance specific training, the learning is available in limited circumstances. Therefore, when it occur the learning need of learners in real life, it cannot provide proper contents to the learners. This was a major disincentive learning motivation of the learners and the study motivation. Therefore, it should provide real-time information to the learners and recognize the context-aware of the learners. In this paper, location-aware technology, a part of context-aware computing technology solves this problem. Fourth, although the learners equipped with the system that can be transmitted in real time via a wireless Internet system, Learners should be manipulate mobile devices directly in order to obtain information for learning and aware of the situation. In other words, if the learners download learning contents from the Web server or find out content which stored on mobile devices, the learners can learn in context-aware of real life. But the download time, procedures, and how to handle a mobile device have no energy to do a love of learning. We should resolve this problem using the concept of intelligent agents to provide learning contents which is appropriate in context-aware of learners automatically.

3 A Mobile Language Learning Assistant System 3.1 Environment of System Development In this section, a development and operating environment of A Mobile Language Learning Assistant System is describes. Table 1 is a development environment. In this study, GPS receivers, dialogues, context sentence is develop using Visual C + + by a module. Learning content is built "Practical English for travelers", because essential elements of situated learning and the characteristics of u-learning can be better reflect. Table 1. Environment of system development

OS Language Database Mobile Device

Windows XP MS Visual Studio 2005 MS SQL Server 2005 Compact Edition CyberBank POZ-X310(SKT)

3.2 Context-Aware Information of Learners GPS chipsets of the Cyberbank POZ-X310 (SKT) model receives signals from satellites in the handset itself. As shown in Figure 1, it Uses GPS signals obtained through the user's location information, Learner's rating reflects the historical information and time information obtained from the system.

324

J.-i. Kim, Y.-H. Lee, and H.-H. Lee

3.3 Design of System The job process of a Mobile Language Learning Assistant System shown in Figure 2.

Fig. 1. Situation information of learner

Fig. 2. Job Processr

" GPS information management" performs the function such as GPS receiver data, buffer processing, analysis, value setting and so on. Table 2 is shown in the main module. Table 2. GPS information management Name

Functions

Init ComOpen RecvComThread CheckRecvBuf

GPS settings initialization GPS port and baud value GPS data receive thread checks the buffer status

RecvComData

receive and buffer handling of GPS data from the communications port

ParsingW IsValidW GetRestBuffW WriteLog

parse GPS data that received from the buffer per 1 line validates the GPS data. store the remaining data in the buffer after parsing stores the GPS data log files

ComClose

GPS port termination and buffer initialization, timer shutdown

Development of a Mobile Language Learning Assistant System

325

"A register mark management" calculates the value of the preset area using the received value of GPS coordinates. If Location of the shops include in this area, the stores are display on the screen. Main functions and features are in Table 3. Table 3. A register mark management Name

Functions

InGPSArea

determine whether or not longitude and latitude are locate in the registration point

SortRegPointList

Sort values of the frequency of visits and learning patterns outputs a list control on the registration point.

SetGPSPoint OnMenuSetupDispArea

set the display area of the registration point and the area is recalculate.

CalcPointRange

the area is recalculate.

"Research management" looks for the desired code by the group code and the section code in industrial classification . Main functions and features like the Table 4. Table 4. Research management Name

Functions

OnLbnSelchangeListBcT OnLbnSelchangeListBcS

Select group Code Select section Code

“Conversation Management" calls the conversation of the situation and then audio files(mp3) is running by selecting section code in industrial classification and conversation corresponding to industrial classification. Main functions and features are in Table 5. Table 5. Convertation management Name

Functions

OnCbnSelchangeComboBc OnCbnSelchangeComboStatus OpenTalkStatusFile OpenTalkDataFile OpenPlayMp3 PauseMp3

Select section of industrial classification Select context-aware of industrial classification Select context-aware value of industrial classification Call context-aware conversation Play voice file in context-ware(mp3) Stop and Replay voice file in context-ware(mp3)

326

J.-i. Kim, Y.-H. Lee, and H.-H. Lee

"Situation Sentence Management" calls the sentence of the situation and then audio files(mp3) is running by selecting section code in industrial classification and situation sentence corresponding to industrial classification . Main functions and features are in Table 6. Table 6. Situation sentence management

Name

Functions

OnCbnSelchangeComboBc OnCbnSelchangeComboStatus OpenStatusSentenceFile OpenStatusSentenceDataFile OpenPlayMp3

Select industrial classification Sub-Industry Select Situation Sentence Set Situation values Call Situation Sentence Play and call voice files(mp3)

4 Results and Implementation of the System 4.1 Screen of the System If the GPS signal is received, the GPS Settings icon turns green. GPS information is display on the screen. And a list of stores display on the screen according to the GPS coordinates of mobile device and learning Recommendation technique. A function of a Mobile Language Learning Assistant System is as follows: First, the GPS setting management can be change GPS Settings, emulate/GPS mode, NMEA data log storage, and the sound output settings. Registration point can be register or delete the location information of the stores. Learning mode setting management can change the options that select the manual mode and automatic mode, the code order of conversation/situation sentence and so on. If you select automatic mode, you can be select to display the conversation or situation sentence on the screen. Learning Recommendation technique uses the location and context-aware information of the learner. It recommended content of learning to learners automatically. Learning Recommendation techniques are un-order, the nearest place, learning rate and learning patterns. First, if "the unordered" option is select, shops of the registration point area display on the order that the data entered. Second, if "the nearest place" option is select, shops display in order of his nearest shops based on the learner's location. Third, if "learning rate" option is select, it displays in order that learning rate of the section code by industrial classification in a registration point area is high. Fourth, if "learning pattern" option is select, a list of shops display by the output value(the order users want to visit at the current time using the probability values) of the Bayesian network model using context-aware information (location information, the learner's rating that reflects the historical information, time information that obtained from the system). The display area management of registration point can set the display area. The default setting is set to within 100m. You can select within 50m, 100m, 1km and 2km. Help is a brief help for each menu.

Development of a Mobile Language Learning Assistant System

327

4.2 Search Screen When GPS signal is poor, "search screen" is used to find information that the learner should learn. For example, in Figure 7, if you select one of the group of industrial classification, the section code of it display on the right of the screen. In Figure 8, 'medical' has been selected as an example in group of industrial classification..

Fig. 7. Search screen

Fig. 8. Select "medical"

4.3 Conversation and Situation Sentence In Fig. 9 and Fig. 10, if you select a shop, conversation or situation sentence display on screen. If you want to hear the voice of conversation, you press a button in Fig. 9. When you click the play a button, you can listen to the voice of the conversation. And if you press stop button, you can stop listening to it. And if you use the control bar, you can go directly to the desired location. The situation sentence of the English can output voice as a sentence. In Fig. 10, if any part of the Hangul or English of the situation sentence using the stylus-pen part is click, then you can listen to the voice of the sentence.

Fig. 9. Conversation

Fig. 10. Situation sentence

4.4 Results of the System Development The system was tested several times. The subjects of the experiment are 30 students who are experienced in mobile devices regardless of gender. A usability evaluation

328

J.-i. Kim, Y.-H. Lee, and H.-H. Lee

method based on Heuristic evaluation that is used often in Web site. This method is modified to suit the mobile environment. items developed by the evaluation questions based on Nielsen's heuristic evaluation items. The rating scale is from one to five. "Consistency and standards" was the most useful evaluation. And "aesthetic and minimalist design" as a second satisfaction was 3.21. The third "User control and freedom” was 3.20. This means that the proposed System is satisfied a consistent interface, minimized design, free transitions of the screen, the accessibility of the system, efficient manipulation, user-friendly interface and terminology. "Recognition rather than recall", "Help and user documentation" and "Error Prevention" were 3.07, 3.04, and 3.00, respectively. It means that functional split-screen, the appropriate help and a message to avoid mistakes are not a satisfactory level. "Help users recognize, diagnose, and recover from errors" was a 2.88. This means that the learner wasn't satisfied with the solution of the user's mistake at all. Especially, this entry is low for the evaluation. The reason is that because the system was developed as a prototype, it does not have contents for all context-aware. Therefore, the low score of the item is said to be inevitable currently. In conclusion, most of the average of assessment items is higher than 3 points, but it was less than 4 points. This means that users are evaluated positively.

5 Conclusion One of the most important issues of the school education today is that learners are not able to apply their knowledge that they've learned from the classroom to their real life. Situated Learning Theory would be one of the best solutions to solve these problems. However, current methods which have been developed for instructional purpose until now don't seem to reflect Situated Learning Theory enough. Therefore, the purpose of this paper is to design and implement a Mobile Language Learning Assistant System using location awareness technology. The procedure of this study is as follows: First, this study reviewed various previous studies on Smart, GPS signal, u-learning, Ubiquitous, Agent, Situated Learning, and the method to develop software. Second, this study built a strategy to develop a Mobile Language Learning Assistant System. Third, this study designed an engine and database based on the above strategy. Fourth, this study developed a Mobile Language Learning Assistant System based on the design. In conclusion, this study has found that a Mobile Language Learning Assistant System can be effectively utilized in providing authentic learning environment and also its future prospect is very bright according to the learner evaluation. Nevertheless, there are some raised questions. One of them is that there are not enough applicable contents for now. This is due to the characteristic of Mobile Language Learning Assistant System, which is a prototype. In order to overcome this shortage, the following needs to be examined in the future study: Fist, Future study should focus on developing various learning models. Second, More multi-lingual contents should be developed. Acknowledgments. This paper has been supported by 2010 Hannam University Research Fund.

Development of a Mobile Language Learning Assistant System

329

References 1. Cognitive and Technology Group at Vanderbilt: Anchored instruction and situated cognition revisited. Educational Technology 33(3), 52–70 (1993) 2. Cognitive and Technology Group at Vanderbilt: Anchored instruction and its relationship to situated cognition. Educational Researcher 19(6), 2–10 (1990) 3. Cognitive and Technology Group at Vanderbilt: The Jasper experiment: An exploration of issues in learning and instructional design. Educational Technology Research and development 40(1), 65–80 (1992) 4. Sung-il, P.: Development of a Situated Learning Support System Based on MMORPG. Unpublished doctoral dissertation, Korea National University of Education (2005) 5. Young-won, J.: Design and Implementation of the Just-In-Time learning System Applying Situated Learning Theory. A master’s thesis, Korea National University of Education (2006) 6. Lee, Y.-H.: A Study on the System Supporting Museum Exhibition Using Mobile PDA, A master’s thesis, Yonsei University (2002) 7. Jeong, J.-H.: Design and Development of Mobile Learning Contents for Field Activities. A master’s thesis, Korea National University of Education (2004) 8. Park, J.-H.: Design and Implementation of Mobile Learning Contents for Situated Learning. A master’s thesis, Korea National University of Education (2005) 9. Park, J.-C.: A Design and Implementation of Experiment. Practice Study Contents using a PDA. A master’s thesis, Silla University (2003) 10. Bransford, J.D., Vye, N.J.: A perspective on cognitive research and its implications for instruction. In: Resnick, L.B., Klopfer, L.E. (eds.) Toward the Thinking Curriculum: Current Cognitive Research, Alexandria VA, pp. 173–205. Association for Supervision and Curriculum Development (1989) 11. Spiro, R., Feltovich, P.: Cognitive flexibility, constructivism, and hypertext. Educational Technology 31(5), 24–33 (1991) 12. Kim, J.-H.: Design and Implementation of a PDA-based Mobile Learning Contents Centering on Wordprocessor Learning, A master’s thesis, Catholic University of Daegu (2004) 13. Yang, K.-M., Kim, C.-M., Kim, S.-B.: The Design and Implementation of an English Situated Learning System based on RFID. J. of Korea Association of Computer Education 9(6), 65–78 (2006) 14. Park, M.-K., Park, J.-H., Bae, Y.-K., Lee, T.-W.: A Study on the Development of uLearning System for Field Trip. J. of The Korea Society of Computer and Information 11(3), 221–229 (2006) 15. Lee, S.-J.: Design and Implementation of English Learning System in Web and Mobile Environment. A master’s thesis, Silla University (2004)

Implementation of the Sensor Node Hardware Platform for an Automatic Stall Management Yoonsik Kwak1, Donghee Park1,2, Jiwon Kwak1, Dongho Kwak1, Sangmoon Park1, Kijeong Kil1, Minseop Kim1, Jungyoo Han1, TaeHwan Kim1, and SeokIl Song1 1

Dept. of Computer Engineering, Chungju National University, Chungbuk, Korea [email protected] 2 Dept. of Information Comm. Engineering, Chungju National University, Chungbuk, Korea [email protected]

Abstract. In this paper, we present the architecture of a sensor node for automatic stall management. Automatic stall management is emerging application fields of sensor network and our proposed sensor node acts as a key role in the applications. Our proposed sensor node consists of 8-bit microprocessor, temperature sensor and humidity sensor to acquire temperature and humidity data in real world. We design and implement our sensor node to according to the requirements of stall management environment. Through our experiments, we show that deviation of temperature and humidity of our sensor node is 5 and 23.2% respectively, and the proposed sensor node is reliable in real applications.

1 Introduction The rapid advances of computer and information technology increase enable us to use ubiquitous sensor network systems in various fields. Subsequently, many studies on sensor network have been progressed for various application fields, i.e., environment monitoring, home automation and so on. The core of sensor network technology consists of sensor node hardware platform and OS technology.[1, 2] In this paper, we propose the architecture of sensor node which is the most important part in sensor network, and implement it. A number of studies on sensor node; especially hardware platform and operating system, have been proposed. Crossbow Mica Series[3][5] is the project that Berkeley University pushed ahead. It builds infrastructure like hardware platform, TinyOS, simulator and Open Application. Additionally it had been started from WeC[3] and released Mica series. Fundamentally, it is equipped with Atmega[1][3] processor and used widely. Also, both international and local companies have been performed intensive studies on the various sensor node platforms. To our knowledge, existing commercial sensor node platforms are for general purpose. They are equipped with various sensors such as humidity, temperature, vibration, sound and so on. However, automatic stall management applications only require a small number of sensors such as humidity and temperature, and CPUs with low processing power. Therefore, the general purpose sensor nodes have too excessive specification for the applications. T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 330–334, 2010. © Springer-Verlag Berlin Heidelberg 2010

Implementation of the Sensor Node Hardware Platform

331

In this paper, we design and implement sensor nodes that are specialized and optimized for automatic stall management applications. Our sensor nodes are designed to acquire temperature and humidity of stall efficiently, and to endure the bad environment of stall. Our sensor module consists of microprocessor part, ADC part which converts analog signal to digital signal, and main system which input data are gone through AP and loaded. This paper is organized as follows. In Section 2, we describe our sensor module in detail. Then, In Section 3, the experiment results of our sensor node is given, and finally, this paper is concluded in Section 4.

2 Sensor Module When designing the module of sensor network which collects information about real world, we have to check the requirements of sensor module. First, to satisfy premise conditions that are needed to be set for sensor nodes, it is required to design low power consumption system. Secondly, a sensor node needs to transmit collected data to other sensor nodes or sink node, so a sensor node should be equipped with transmit and receive function. Finally, a sensor node should have ADC part to convert analog signal to digital signal. The full block diagram is shown in Fig 1. 5GPUQT 6 5*6Z5*6Z

/KETQ #6/GIC

5GPUQT *

#2

5*6Z5*6Z

Fig. 1. Block Diagram for Sensor Node

2.1 MCU (Multiple Control Unit) In this paper, we use ATMEL microprocessor as MCU for sensor module. ATMEL's basic function is to control temperature and humidity sensor, data inputted by temperature and humidity information, and sensor device. Fig. 2 shows the architecture of MCU. As shown in this figure, Atmega128 is basically chosen, D port is used for input switch port, and C port is connected with input switch of temperature and humidity sensor in the control system. Also humidity and temperature sensors are designed to connect each C port. To send sensing data of sensor node to a target system where control program is running, we need transmitting program. Our transmitting mechanism use ATmega48 USART in this system, because it is a serial synchronous/asynchronous controller, consists of clock generator, transmitter, and receiver. Also, it has master/slave that operates as full duplex and synchronous method, baud rate generator that has less error rate than others, parity bit generator, parity checker, detection function for data

332

Y. Kwak et al.

Fig. 2. Design of MCU

overun, framing error detection function, TX and RX interrupt function. And these functions are controlled through program. 2.2 Control Procedure The control procedure is loaded on sensor module. It is the program based on SPI. The most important functions are to initialize the sensor module for performing function of module. These functions contain port initialization, ADC initialization, timer/counter initialization, UART initialization and interrupt initialization. Functions are performed by function, void int_device(void). It is designed as firmware format and loaded on the processor. The function, void analog_comp_int(void), carries out disable to the analog comparator, void port_io_init(void) should perform initialization process about PORT B~PORT D. In here, input data of temperature and humidity, LED output, and output port initialization for input data transmitting is performed. The void timer_counter_init(void) performs initialization process for the timer/counter, and it is used for timer which needs data transmitting/receiving, interrupt in ATmega128. The void uart_init(UINT16) is set some option such as 9600bps, dual USART transmitting speed and multi-processor communication mode to initialize UART for data transmitting. The void turn_on_watchdog(UINT08 value) is designed to check any event by the clock. void init_device (void){ port_io_init(); analog_comp_init(); timer_counter_init(); uart_init(USART_BRATE_9600); __enable_interrupt(); }

Implementation of the Sensor Node Hardware Platform

333

3 Experiment The firmware for our sensor node is build with IAR compiler on desktop PC and loaded to the sensor node. We collected temperature and humidity data from sensor nodes. The collected humidity and temperature data from sensor node is shown in Fig. 4 ~ 6. Humidity deviation is 23.2% and temperature deviation is 5'c. It means that our sensor node is trustworthy that it can be applied to field.

Fig. 3. Sensor Device

Fig. 4. Case1: Non-establishment

334

Y. Kwak et al.

Fig. 5. Case 2: Non –establishment

Fig. 6. Case 3: Establishment

4 Conclusion In this paper, we design and implement sensor node platform for automatic stall management applications. It has not only existed commercializing system function but low-cost and easy to design sensor. Through experiments, we show that humidity and temperature of collected data is 23.2% and is 5'c, respectively. The deviation means that we trust to apply the device in field.

References [1] [2] [3] [4] [5]

http://www.atmel.com http://www.intel.com Culler, D.: Overview of Sensor Network. In: IEEE 2004, UC Berkeley (2004) IEEE 802.15 Working Group for WPAN, http://www.ieee802.org/15/ http://nest.cs.berkeley.edu/sub.html

A Study on the Enhancement of Positioning Accuracy Performance Using Interrogator Selection Schemes over Indoor Wireless Channels Seungkeun Park1 and Byeong Gwon Kang2 1

EM Environment Research Team Electronic Telecommunication Research Institute(ETRI) Daejeon, 305-700, South Korea [email protected] 2 Dept. of Information and Communication Engineering Soonchunhyang University Asan, 336-745, South Korea [email protected]

Abstract. In this paper, two kinds of interrogator selection schemes named as random interrogator selection and hybrid interrogator selection methods are considered to enhance the positioning accuracy under indoor wireless LAN environments and the performances are compared with those of the conventional methods called as normal and reference interrogator selection schemes. These interrogator selection schemes are based on received signal strength(RSS) levels and trilateration method. A testbed was set up to measure and compare the positioning estimation error of the considered methods and previous conventional ones. The experiments results showed that the accuracy of location estimation was enormously improved with the hybrid method as much as 3m especially in a hostile environment with some obstacles. Meanwhile, the differences of estimation errors are not so much (< 0.2m) without obstacle conditions among the four kinds of interrogator selection methods. Keywords: positioning; interrogator; tag; WLAN; indoor channel.

1 Introduction There has been increasing interests on positioning of objects or users in wireless indoor environments for advanced context-aware services in recent years. For outdoor location, the Global Positioning Systems (GPS) is widely used and its performance is satisfying in terms of coverage and accuracy [1]. However, GPS can not be used for indoor location applications due to lack of line-of-sight conditions between satellites and terminals on earth and required additional hardware and infrastructure to cover overall inner building area. Since IEEE 802.11 based WLAN has widely distributed over the world and the received signal strength (RSS) can be easily obtained from T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 335–342, 2010. © Springer-Verlag Berlin Heidelberg 2010

336

S. Park and B.G. Kang

MAC software, RSS-based indoor positioning system is becoming an important commercial solution mainly using the fingerprinting scheme [2,3]. The wireless indoor channels are much more complex compared to those of outdoor transmission. In office environments, for example, there are walls, various wooden desks, iron cabinets and various obstacles including human beings [4]. The resulted signal propagation is fluctuated over wider range and the strength of a signal at a given point is continuously varying as time passed. Thus, the credibility of fingerprinting is decreased in case of large channel variation environments. In this paper, we consider two kinds of interrogator selection methods including random and combined interrogator selection method to improve the positioning estimation accuracy resulting in high credibility based on received signal strength (RSS) of Access Point (AP) of WLAN. There are four kinds of positioning methods based on WLAN infrastructure depending on parameters utilized to estimate the location. It is well known that the parameters are Time of Arrival (ToA), or Time Difference of Arrival (TDoA), Angle of Arrival (AoA), Received Signal Strength Indicator (RSSI) and Cell-ID. Among these, ToA or TDoA are profitable for indoor locating systems because the location estimation accuracy is not affected by multipath and distance between the interrogator and tag [5]. Although the ToA or TDoA positioning schemes are generally evaluated as successful in documents, they are still less attractive. This is because the fact that the RSS measurement values can be derived without additional hardware and costs unlike ToA or TDoA. Many research works have been performed focused on RSSI fingerprinting [5,6], and combination of several parameters or methods are proposed for accuracy enhancement. For example, Vimal Joy et al. suggested a combined UWB and WLAN [7] and Lionel Reyero et al. proposed an algorithm for combined GPS and WLAN [8]. And also, Victor Lang et al. [3] presented a method using both AoA and the RSS schemes. However, there are few researches on the combination of interrogator selection schemes. In this paper, we propose random and hybrid interrogator selection methods for improvement of location estimation accuracy and implement a testbed system based on WLAN to measure and compare the positioning errors. The hybrid method is a combination of reference interrogator and random interrogator selection method. The performances of the suggested schemes are more accurate as much as 1.5-3 m than those of conventional methods in the case of obstacle existence.

2 Selection Schemes for Interrogators For performance tests, we consider indoor RFID (Radio Frequency Identification) system environment consisting of interrogators, tags and application program interfaces. We use Access Points of wireless LAN (Local Area Network) as interrogators (ipTime G104M model). The accuracy of location estimation is dependent on several parameters such as the number of APs in unit area, AP positions and environments, and transmitted signal power levels, etc. However, there are few research papers about interrogator selection method for enhancing location estimation accuracy. We consider two kinds of interrogator selection schemes, that is, random selection and hybrid interrogator

A Study on the Enhancement of Positioning Accuracy Performance

337

selection method. And we compare the performances of these two schemes to those of conventional schemes which are normal interrogator selection and reference interrogator selection method. In this section we describe the characteristics of each selection method used in this paper. A. Normal Interrogator Selection Scheme The operation algorithm of this method is very simple. The tag receives the RSS(Received Signal Strength) from each interrogator and sends it to server to calculate the locations of interrogators. The server estimates the tag’s location based on the RSS from each interrogator. At this time, it adopts relatively stronger signal levels from 3 interrogators and ignores weaker signals from the remaining interrogators. The server already knows the interrogator’s position as (x, y) coordinates prior to signal transmission and use the trilateration method to estimate the tag’s location. B. Reference Interrogator Selection Scheme This scheme is very similar to the above normal interrogator selection method except for rejection an interrogator’s RSS level which has a large variation over threshold compared with the previous measured RSS level. This method is widely used in literature. The abrupt change of signal level happens when an object or human being is passed by between interrogator and tag. In this paper, we adopt an interrogator’s RSS if it is continuously stable over 3 times measurements duration and the signal level is larger than -60 dBm. C. Random Interrogator Selection Scheme This scheme randomly selects interrogators which are assumed to be near the targeted tag independent of RSS levels. That is, an interrogator which has the strongest RSS level can be not chosen and the other interrogators with less RSS levels can be selected and used for positioning. In this method, each measurement is based on different combinations of interrogators. If we measure the RSS values three times and one of them is including an incorrect estimation, the averaged estimation error is attenuated due to the other two correct measurement results. This method is some useful in an environment with some obstacles. D. Hybrid Interrogator Selection Scheme The hybrid interrogator selection method is the combined method of using reference interrogator selection and random interrogator selection. That is, in this paper, 4 interrogators are selected among 6 interrogators according to the RSS levels and then 3 interrogators are randomly selected among the 4 interrogators for positioning. This scheme gives strong immunity to obstacles because of advantages from two interrogator selection methods in an indoor environment. The effectiveness is proven from the experimental results which show that the performance is especially good at weak signal conditions due to obstacles.

338

S. Park and B.G. Kang

3 Experimental Setup The experiment site configuration is shown in Fig. 1. The testbed for testing our proposed model is implemented on the second floor of a six-story building, where it is called Multimedia Building in Soonchunhyang University, South Korea(see figure 1). The dimension of the testbed is 55m by 33m, an area of 1815 m2. We fixed the interrogator and tag locations in the public area of the experiment site, marked as red and blue square, respectively, in Fig. 1.

Fig. 1. Schematic of experiments site configuration

In our experiment, six IEEE 802.11 b/g access points(AP) are installed as interrogators to cover entire site. We use an open source wireless router(ipTime G104M model) as our access point. The AP(interrogator) transmits its beacon containing its information to tag and the tag collects the information from several interrogators and then sends the information including interrogator ID and RSS as UDP socket format to the server through Ethernet. We adopt SYS-LAB II of Libertron Co. as our tag[9]. The configuration of the tag is shown in Fig. 2. The tag used in this study is named an E-Tag (Embedded Tag) because it is an embedded board which has processing power and communication units installed (SYS-LAB II board). The CPU used in this board is an ARM 11 type S3C6410 chip with 32 bit RISC processor core. It has 128 MB flash memory and Embedded Linux (Ubuntu distribution) is ported. Since it is an open source Linux we could have more flexibility in controlling and managing signals to and from interrogators. An E-Tag receives signals from interrogators and delivers relative information to the server via Ethernet using UDP protocol. For the wireless communication of an ETag, we use ipTime G054UA 802.11 b/g wireless LAN card through USB interface. To obtain RSS from interrogators, we developed an S/W tool, which run on the ETag. All RSS data received at an E-Tag are sent to the server. The server receives UDP packets from the E-Tag and parses them to extract information from the interrogators. Then the extracted data are used to determine the tag’s location.

A Study on the Enhancement of Positioning Accuracy Performance

339

Fig. 2. E-Tag (Embedded Tag) board

The UDP socket delivered to the server by E-Tag includes interrogator’s physical address, ESSID, mode, channel and assigned frequency. However, information needed for the location estimation are physical address, AP ID, frequency and signal level, etc. A parser is used to obtain these parameters. To obtain the RSS data received by the E-Tag, we developed our own tool, which runs on the server, based on MS Visual C++ MFC 6.0. We collected sample data every 5 seconds from interrogators.

4 Measurement Results The positioning accuracy of the proposed schemes is compared using the collected data from a university building including offices, classrooms and experimental laboratories. The RSS measurement was performed on the second floor of the sixstory building at the Sonnchunhyang University. A total of 6 APs(interrogators) and 1 mobile device(tag) are used and the locations of these devices are all fixed for exact comparison of the estimation error evaluation. When the tag’s location is estimated, only 3 APs are applied to implement trilateration scheme. Fig. 3 shows performances of the 4 kinds of interrogator selection methods conditioned on without obstacles. The performance is evaluated as the average distance of estimation error. We repeated 30 times same experiments and obtained different estimation error at each trial. The values in the graph are averaged, that is, if the number of measurement 15 then 15th estimation error is averaged with previous 14 estimation errors. If we do not average, the values do not converge and seem like random data. This rule is also applied to Fig. 4 and Fig. 5. In Fig. 3, the measurement data up to 5 times are not credible due to large variations and show some different characteristics between 10 to 20 measurements. After 20 measurements the 4 kinds of interrogator selection methods show some convergent characteristics and the hybrid method shows the best performance at the last stage. The random interrogator selection method performed well in this no

340

S. Park and B.G. Kang

obstacle environment and the estimation error is distributed over 0.2m among the 4 kinds of schemes. The reference interrogator selection method shows the worst performances between 8th and after 18th measurements.

Fig. 3. Estimation errors without obstacles

We consider the case of intermittent existence of obstacles resulting in the performances of Fig. 4. The obstacles are interspersed between interrogators and a tag 12 times over 30 times measurement trial. That is, 18 times are measured without obstacles and 12 times with obstacles.

Fig. 4. Estimation errors with and without obstacles

A Study on the Enhancement of Positioning Accuracy Performance

341

The performance differences are relatively larger than those of Fig. 3 and the hybrid method consistently shows the best performance among 4 kinds of methods. The normal and reference interrogator selection method show worse performances than those of random and hybrid selection method and former performances are enormously affected by the accumulated estimation error. In Fig. 5, the case of always existing obstacles is considered. The performances of random and hybrid interrogator selection methods show almost same and the latter method is better in a very small amount. The reference interrogator selection method shows worse and worse performance as the number of measurement increased due to accumulated estimation error. The estimation error of the normal interrogator selection method shows no much variation over 0.5m range and the performance is the worst compared to another schemes.

Fig. 5. Estimation errors in obstacles only environment

5 Conclusions In this paper, we considered two kinds of interrogator selection schemes, that is, random interrogator selection and hybrid interrogator selection methods to enhance the positioning accuracy based on indoor wireless LAN environments. And it is shown that these two methods are very useful especially in the case of obstacle existence. A testbed was set up to measure and compare the locating estimation error of the suggested methods and previous conventional methods including normal and reference interrogator selection methods. From the experiments conducted in a real university building, the proposed methods show better performance than those of previous ones in almost all cases and are very useful especially in hostile environments with obstacles. There are not so much performance differences of less than 0.2m among the 4 kinds of schemes in environments without obstacles. When the obstacles are intermittently existed between a interrogator and a tag, the estimation error is increased to 1.5m between the

342

S. Park and B.G. Kang

best hybrid method and the worst normal method and this difference is enlarged to 3m in case of consistently existing obstacle environment. In this case, the performance of random interrogator selection method shows almost same with that of hybrid selection scheme.

References [1] [2] [3] [4] [5] [6]

[7]

[8]

[9]

Baala, O., Zheng, Y., Caminada, A.: The Impact of AP Placement in WLAN-based Indoor Positioning System. In: Proc. IEEE 8th Intl. Conf. on Networks, pp. 12–17 (2009) Fang, S.H., Lin, T.N., Lee, K.C.: A Novel Algorithm for Multipath Fingerprinting in Indoor WLAN Environments. IEEE Trans. on Wireless Comm. 7(9), 3579–3588 (2008) Lang, V., Gu, C.: A Locating Method for WLAN-based Location Service. In: Proc. IEEE Intl. Conf. on e-Business Engineering, pp. 427–431 (October 2005) Gu, Y., Lo, A., Niemegeers, I.: A Survey of Indoor Positioning Systems for Wireless Personal Networks. IEEE Comm. Surveys and Tutorials 11(1), 13–32 (2009) Uthansakul, P., Uthansakul, M.: WLAN Received Signal Strength Indication for Indoor Location Determination. In: Proc. APCC, pp. 1–5 (October 2008) Kaemarungsi, K.: Distribution of WLAN Received Signal Strength Indication for Indoor Location Determination. In: Proc. 1st Intl. Symposium on Wireless Pervasive Computing (January 2006) Joy, V., Laxman, V.: Smart Spaces: Indoor Wireless Location Management System. In: Proc. IEEE Intl. Conf. on Next Generation Mobile Applications, Services and Technologies, pp. 261–266 (September 2007) Reyero, L., Delisle, G.Y.: Positioning Technologies for Implementation of the Always Best Located Algorithm. In: Proc. IEEE Radio and Wireless Symposium, pp. 811–814 (2008) Libertron Co., http://www.libertron.com/

A Fully Parallel, High-Speed BPC Hardware Architecture for the EBCOT in JPEG 2000 Dong-Hwi Woo1, Kyeong-Ryeol Bae1, Hyeon-Sic Son1, Seung-Ho Ok1, Yong Hwan Lee2, and Byungin Moon3 1

School of Electrical Eng. & Computer Science, Kyungpook National University, Daegu, Korea {windlove,puris1,soc_shs1984,wintiger}@ee.knu.ac.kr 2 School of Electronic Engineering, Kumoh National Institute of Technology, Gumi, Korea [email protected] 3 School of Electronics Engineering, Kyungpook National University, Daegu, Korea [email protected]

Abstract. In this paper, we propose a fully parallel, high-speed bit-plane coding (BPC) hardware architecture for the embedded block coding with optimized truncation (EBCOT) module in JPEG 2000. The BPC is the most complicated and critical part in design and implementation of the EBCOT. In addition, the BPC consumes most of the computation time in the EBCOT. Thus, a highspeed BPC hardware architecutre is strongly required for the real-time highresolustion JPEG 2000 systems. To increase BPC throughput, the proposed hardware architecture performs BPC coding in all the bit planes in parallel through the proposed significance look-ahead methods. Experimental results show that the proposed architecture increases BPC throughput twice when compared with the previously proposed BPC architectures. Keywords: JPEG 2000, EBCOT, BPC, Tier1, fully parallel.

1 Introduction JPEG 2000 was introduced by ISO/IEC JTC1/SC20/WG1 as a new image compression standard [1]. It has rich set of features that are not available in conventional JPEG standard, such as region of interest (ROI), excellent low bit-rate performance, both lossy and lossless encoding in one algorithm [2]. The key algorithms of JPEG 2000 are discrete wavelet transform (DWT), and EBCOT. Even though JPEG 2000 takes the benefits of the EBCOT, the EBCOT consumes over half of the computation time in JPEG 2000 systems and is most critical part in the design and implementation of JPEG 2000 systems. Thus, an efficient high-speed EBCOT hardware architecture is required for a real-time high-resolution JPEG 2000 system. The EBCOT is consists of two parts: Tier1 is a context-based adaptive arithmetic coder, and Tier2 is for rate-distortion optimization and bit stream layer formation [3, 4]. In particular, the BPC, one of the major processing modules of the Tier1, account for nearly 71% of the total EBCOT computation time due to its inherent bitlevel processing and complex fractional bit-plane scanning patterns [3]. To improve T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 343–346, 2010. © Springer-Verlag Berlin Heidelberg 2010

344

D.-H. Woo et al.

the overall performance of a JPEG 2000 system, many BPC architectures have been proposed [5, 6, 7]. Y. Li and M. Bayoumi proposed a three-level parallel architecture for the EBCOT, which states the parallelism among bit-planes, three pass scanning, and coding bits [5,6]. The parallel architecture based on the pass-parallel context modeling scheme is proposed by J.S. Chiang and et al. However, most of previously proposed works are partially parallel BPC architectures. Compared to previous works, we propose a fully parallel, high-speed BPC architecture. The proposed architecture uses the coding pass and significance look-ahead methods which allow executing three coding passes that are significance propagation pass (SPP), magnitude refinement pass (MRP), and cleanup pass (CUP) in parallel at each bit plane levels. The experimental results show that the cycle times of the proposed architecture is reduced to about 50% compared with previously proposed BPC architectures. The rest of the paper is organized as follows. In Section 2, we describe the proposed parallel BPC architecture. Section 3 presents and analyzes the experimental results. Finally, we summarize and conclude the paper in Section 4.

2 Proposed Parallel BPC Hardware Architecture In this section, we describe the proposed parallel BPC hardware architecture. The proposed BPC architecture consists of four blocks as shown in Fig 1. The Bit Plane (BP) block stores the coefficients of the code block, the Significance Look-ahead (SLA) block pre-computes the execution conditions of each coding pass, the Coding Pass (CP) block computes the context and decision pairs of each coding pass, and Pass Result Register (PRR) block stores the results of the CP block and outputs the results according to the pass select signal from the BPC Control block. To increase BPC throughput, the proposed architecture executes three coding passes (SPP, MRP, and CUP) in parallel at each bit plane level and outputs the results of the three coding passes by using the pass select signal from the BPC Control block. In the conventional BPC computation procedures, three coding passes (SPP, MRP, and CUP) of the BPC are computed sequentially, so that this sequential computation method causes a bottleneck of BPC throughput [3]. Thus, to increase BPC throughput, the BPC should be computed in parallel. For this reason, in order to parallelize the computations of all the bit plane levels as well as the three coding passes of each bit plane level, there are n Initial Sigma State Plane (ISSP) and After SPP Sigma State Plane (ASSP) pairs in the SLA of the proposed architecture. The ISSP and ASSP stores the values that are required to compute the three coding passes in parallel at the CP block. In addition, to compute values of the ISSP and ASSP for each bit plane level, the BPC Control block which is a part of the SLA is required. The BPC Control block also generates the pass select signal to select the correct output of the PRR. Previously proposed BPC architectures have three state planes (Sigma State, Eta State, and Sigma’ State Plane) to computes the three coding passes sequentially for all the bit plane levels. This is mainly because, the Eta State Plane and Sigma’ State Plane provide the computing information of each coding passes to compute the three coding passes. However, in the proposed architecture, the Eta State Plane and Sigma’ State Plane are not needed to compute the three coding passes in parallel. This is dmainly because n ISSP and ASSP cover the roles of the conventional Eta State Plane and Sigma’ State Plane.

A Fully Parallel, High-Speed BPC Hardware Architecture

345

Fig. 1. Block diagram of the proposed fully parallel, high-speed BPC coder

3 Experimental Results By experiments, the proposed BPC architecture is compared with the previously proposed BPC architectures [5, 6]. The Table 1 shows the comparison of the number of clock cycles required for the BPC in the proposed and previous architectures. Table 1. Comparison of the number of clock cycles required in the proposed architecture and related works [5, 6] with image size of 512 × 512 and 8 × 8 code blocks of 64 × 64 pixels

Image (512×512, gray) lena boat goldhill mandrill peppers

Clock cycles of the proposed BPC 524,418 524,418 524,418 524,418 524,418

Clock cycles of Column -based [5] 1,405,716 1,366,328 1,367,824 1,061,012 1,237,284

Clock cycles Reduction Reduction of Bit-plane Rate Rate -based [6] 62.70% 1,033,728 49.27% 61.62% 935,680 44.69% 61.66% 988,928 46.98% 50.57% 760,576 25.78% 57.62% 904,960 42.05%

Experimental results show that the proposed architecture requires about 50% less number of clock cycles than the previously proposed BPC architectures. This is mainly because the previously proposed architectures compute the three coding passes of the BPC by using the partial parallelized modules, whereas the proposed architecture is fully parallelized. In addition, the proposed architecture requires the

346

D.-H. Woo et al.

same number of cycles regardless of values of the BP, unlike the previously proposed BPC architectures. That is, if the input images are divided into the same number of code blocks of the same size, the overall performance of the proposed architecture is not influenced by values of the input images.

4 Conclusions In this paper, to increase BPC throughput, a fully parallel, high-speed BPC hardware architecture is proposed. By using the proposed significance look-ahead methods, this architecure performs BPC coding in all bit planes in parallel. Furnthermore, the three coding passes (SPP, MRP, and CUP) at each bit plane are also parallelly processed. Thus, the proposed architecture is able to output the contexts and decision results of the BPC with a reduced number of clock cycles, about 50% less compared with the previously proposed BPC architectures. Acknowledgments. This work was sponsored by ETRI System Semiconductor Industry Promotion Center, Human Resource Development Project for SoC Convergence.

References 1. Boliek, M., Christopoulos, C., Majani, E.: JPEG 2000 Part I Final Committee Draft Version 1.0. ISO/IEC JTC1/SC29/WG1, pp. 108–119 (2000) 2. Acharya, T., Tsai, P.S.: JPEG 2000 standard for image compression: concepts, algorithms and VLSI architectures, pp. 163–184. John Wiley & Sons, Inc., Hoboken (2005) 3. Chen, K.F., Lian, C.J., Chen, H.H., Chen, L.G.: Analysis and architecture design of EBCOT for JPEG 2000. In: The 2001 IEEE International Symposium on Circuits and Systems, Sydney, vol. 2, pp. 765–768 (2001) 4. Lian, C.J., Chen, K.F., Chen, H.H., Chen, L.G.: Analysis and architecture design of blockcoding engine for EBCOT in JPEG 2000. IEEE Transactions on Circuits and Systems for Video Technology 13, 219–230 (2003) 5. Li, N., Bayoumi, M.: Three-level parallel high speed architecture for EBCOT in JPEG 2000. In: IEEE International Conference on Acoustics, Speech, and Signal Processing, ICASSP 2005, vol. 5, pp. v/5–v/8 (2005) 6. Li, Y., Bayoumi, M.: A Three-Level Parallel High-Speed Low-Power Architecture for EBCOT of JPEG 2000. IEEE Transactions on Circuits and Systems for Video Technology 16, 1153–1163 (2006) 7. Chiang, J.S., Chang, C.H., Lin, Y.S., Hsieh, C.Y., Hsia, C.H.: High-speed EBCOT with dual context-modeling coding architecture for JPEG 2000. In: Proceedings of the 2004 International Symposium on Circuits and Systems, ISCAS 2004, vol. 3, pp. III-865-8 (2004)

Implementating Grid Portal for Scientific Job Submission Arun D. Gangarde1 and Shrikant S. Jadhav2 1

Chairman, Board of Studies in Computer Science, University of Pune, Maharashtra, India Associate Professor , Department of Computer Science, New Arts, Science & Commerce College, Ahmednagar, 414001 Maharashtra, India [email protected] 2 Lecturer, Department of IT Engineering, Bharati Vidyapeeth University, Pune-43, Maharashtra, India [email protected]

Abstract. This paper is the short description of the grid service used to submit the jobs on grid. This paper describes the job submission on the grid, which simplifies the interactions with the end users. The user can just submit his job on the grid and can relax and wait for the completion of his job. This means that the user is not required to worry about the internal working of the grid and can rely on the interfaces that are built to exploit the power on grid. Thus indirectly it will be useful to attract the users that are not experts in grid.

Keywords: WSDL (Web Service Definition Language), Grid Service, Grid Portal.

1 Introduction Computational Grids have emerged as a distributed computing infrastructure for providing pervasive, ubiquitous access to a diverse set of resources. One of the primary motivations for building Grids is to enable large-scale scientific research projects to better utilize distributed, heterogeneous resources to solve a particular problem or set of problems. However, Grid infrastructure only provides a common set of services and capabilities that are deployed across resources and it is the responsibility of the application scientist to devise methods and approaches for accessing Grid services. We define a Grid portal to be a web based application server enhanced with the necessary software to communicate to Grid services and resources. A Grid portal provides application scientists with a customized view of software and hardware resources specific to their particular problem domain and provides a single point of access to Grid resources they have already been authorized to use. The capability enabled by grid computing is to provide an environment for collaboration among a wider audience. In the past, distributed computing promised this collaboration and achieved it to some extent. Grid computing can take these T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 347–353, 2010. © Springer-Verlag Berlin Heidelberg 2010

348

A.D. Gangarde and S.S. Jadhav

capabilities to an even wider audience, while offering important standards that enable very heterogeneous systems to work together to form the image of a large virtual computing system offering a variety of resources. The users of the grid can be organized dynamically into a number of virtual organizations, each with different policy requirements. These virtual organizations can share their resources collectively as a larger grid. Sharing starts with data in the form of files or databases. A data grid can expand data capabilities in several ways. First, files or databases can span many systems and thus have larger capacities than on any single system. Such spanning can improve data transfer rates through the use of striping techniques. Data can be duplicated throughout the grid to serve as a backup and can be hosted on or near the machines most likely to need the data, in conjunction with advanced scheduling techniques. Sharing is not limited to files, but also includes other resources, such as specialized devices, software, services, licenses, and so on. These resources are virtualized to give them a more uniform interoperability among heterogeneous grid participants. The participants and users of the grid can be members of several real and virtual organizations. The grid can help in enforcing security rules among them and implement policies, which can resolve priorities for both resources and users.

Fig. 1. The grid virtualizes heterogeneous, geographically disperse resources

High-end conventional computing systems use expensive hardware to increase reliability. They are built using chips with redundant circuits that vote on results, and contain logic to achieve graceful recovery from an assortment of hardware failures. The machines also use duplicate processors with hot pluggability so that when they fail, one can be replaced without turning the other off. Power supplies and cooling systems are duplicated. The systems are operated on special power sources that can start generators if utility power is interrupted. All of this builds a reliable system, but at a great cost, due to the duplication of expensive components.

Implementating Grid Portal for Scientific Job Submission

349

In the future, we will see a complementary approach to reliability that relies on software and hardware. A grid is just the beginning of such technology. The systems in a grid can be relatively inexpensive and geographically dispersed. Thus, if there is a power or other kind of failure at one location, the other parts of the grid are not likely to be affected. Grid management software can automatically resubmit jobs to other machines on the grid when a failure is detected. In critical, real-time situations, multiple copies of important jobs can be run on different machines throughout the grid. Their results can be checked for any kind of inconsistency, such as computer failures, data corruption, or tampering.

Fig. 2. Redundant grid configurations

Such grid systems will utilize autonomic computing. This is a type of software that automatically heals problems in the grid, perhaps even before an operator or manager is aware of them. In principle, most of the reliability attributes achieved using hardware in today’s high availability systems can be achieved using software in a grid setting in the future

2 Design and Implementation The web-based grid portal job submission service is required to be installed on each of the resources/machine desired to run on and allow access to grid through a welldefined set of API. Developing a grid service is coordinated combination of the following steps: 1. Define the service interface (its operations) in WSDL. The job that is to be communicated over the network is required to be defined in Web Service Definition Language (WSDL). We need to specify what our service is going to provide to the outer world. At this point we're not concerned with the inner workings of that service (what algorithms it

350

A.D. Gangarde and S.S. Jadhav

uses, other systems it interacts with, etc.). We just need to know what operations will be available to our users. In Web Services lingo, the service interface is usually called the port type (usually written portType). Our WSDL file has three features, which are specific to WSRF or to the Globus implementation of WSRF we're using. z

Resource Properties: We use the wsrp: ResourceProperties attribute of the portType element to specify what our service's resource properties are. The resource properties must be declared in the section of the WSDL file. Remember that the resource properties are where we'll keep all our state information.

z

The WSDL Preprocessor: Thanks to the wsdlpp: extends attribute of the portType element we can include existing WSRF portTypes in our own portType without having to copy-and-paste from the official WSRF WSDL files. A WSDL Preprocessor will use the value of that attribute to generate correct WSDL, which includes our own portType definitions, plus any WSRF portType we might need in our service. This is a Globus-specific feature that is included to make life easier for programmers. In our case, notice how we're including the GetResourceProperty portType from the WS-ResourceProperties WSDL file.

z

No Bindings: Bindings are an essential part of a normal WSDL file. However, we don't have to add them manually, since they are generated automatically by a GT4 tool that is called when we build the service.

2. Implement the interface using Java. The interface i.e. the web portal through which user will be connected to grid world is implemented in Java. Mainly JSP, Servlets, etc is used for implementation. Through this web portal the user can submit their jobs for execution. Our service implementation will consist of a single Java class with the code for both the service and the resource. The first bit of code we need is a very simple Java interface that will make our life a bit easier. When we have to refer to just about anything related to a service, we will need to do so using its qualified name or QName for short. This is a name, which includes a namespace, and a local name. A qualified name is represented in Java using the QName class. 3. Define deployment parameters in WSDD. Web service is deployed using XML based deployment descriptor file known Web Service Deployment Descriptor (WSDD). WSDD describes how the various components installed are to be chained together to process incoming and outgoing messages to the services. Up to this point, we have written the two most important parts of our stateful Web service: the service interface (WSDL) and the service implementation (Java). However, we still seem to be missing something... How do we actually make our web service available to client connections?? This step will actually take all the loose pieces we have written up to this point and make them available through a Web services container. This step is called the deployment of the web service. One of the key components of the deployment phase is a file called the deployment descriptor. It's the file that tells the Web Services container how it should publish our

Implementating Grid Portal for Scientific Job Submission

351

web service (for example, telling it what our service's URI will be). The deployment descriptor is written in WSDD format 4. Using Ant creates a deployment GAR file. GAR file is a single file, which contains all the files and information the web services container need to deploy our service and make available to whole world. However, creating a GAR file is a pretty complex task, which involves the following: z z z z z

Processing the WSDL file to add missing pieces (such as bindings) Creating the stub classes from the WSDL Compiling the stubs classes Compiling the service implementation Organize all the files into a very specific directory structure

5. Deploy the service using a GT4 tool. Thus the service can be deployed using Globus Toolkit 4 which is available online. The GAR file, as mentioned in the previous step, contains all the files and information the web server needs to deploy the web service. Deployment is done with a GT4 tool that, using Ant, unpacks the GAR file and copies the files within (WSDL, compiled stubs, compiled implementation, WSDD) into key locations in the GT4 directory tree. This deployment command must be run with a user that has write permission in $GLOBUS_LOCATION. There is also a command to undeploy a service. 6. Security constraints. The user is first required to create the login account before he can submit the job. Every time before using portal to submit the job, the user will be authenticated to check whether he is valid user or not.For more details on individual steps for service implementation, please refer to [3]. The following operations are involved in submitting a job to portal. 1. Authentication: Username and password required to be entered by user before submitting the job. 2. Job Submission: Submit the specified job to the remote resource. 3. Upload the required file: Upload any file required as input for the job being submitted to the remote resource. 4. Download the file: Download any output file that has finished executing. 5. Job Status: Given job id, check on the current status of the job that is submitted 6. User Notification: Given job id, the notification mechanism used to automatically report back to the user once the job has completed. No matter what kind of an application is available on each of the resources, assuming user is able to invoke it, job submission service should offer fundamental features to execute it and receive results.

352

A.D. Gangarde and S.S. Jadhav

3 Service Deployment In order to use the web-based grid service, it is necessary to have a working grid based on Globus Toolkit 4 [4] and running MyProxy [5] server for authentication. Once it is downloaded, the following five steps must be performed on each of the resources: 1. unzip/untar the source code in a desired directory 2. Use globus_build_service.sh to build the necessary GAR file. 3. As user globus (or similar), deploy the service using globus deploy gar command. 4. As user globus again, start a globus container 5. Compile/invoke client code and invoke the service Once the service is deployed, it can be accessed from any remote resource through above given API. It can be used though command line tools or a java client.

4 Conclusion In short the paper described the need, the architecture and implementation of the job submission grid portal service. The service provides a standardized, high-level set of functions allowing for easy job submissions and access to grid resources. It alleviates the end-user from having to learn some of the cumbersome terminology and details of how to use the grid. There is also a set of tools that could benefit from the above service by relying on its functionality and robustness. At the current level, the user is still communicating directly with individual resource. A higher level service, such as a scheduler or a web portal, could be provided and allow the user to be abstracted even further from grid usage details.

References 1. Berman, F., Hey, A., Fox, G. (eds.): Grid Computing: Making the Global Infrastructure a Reality. John Wiley & Sons, Chichester (2003) 2. Foster, I., Kesselman, C., Nick, J., Tuecke, S.: The Physiology of the Grid: An Open Grid Services Architecture For Distributed Systems Integration. In: Global Grid Forum, June 22 (2002) 3. Borja, S.: The Globus Toolkit 4 Programmer’s Tutorial (2005), http://gdp.globus.org/gt4-tutorial/ (Last accessed 12/14, 2005) 4. Foster, I.: Globus Toolkit Version 4: Software for Service-Oriented Systems. In: Jin, H., Reed, D., Jiang, W. (eds.) NPC 2005. LNCS, vol. 3779, pp. 2–13. Springer, Heidelberg (2005)

Implementating Grid Portal for Scientific Job Submission

353

5. Novotny, J., Tuecke, S., Welch, V.: An Online Credential Repository for the Grid: MyProxy. In: Proceedings of the Tenth International Symposium on High Performance Distributed Computing (HPDC 2010), pp. 104–111. IEEE Press, Los Alamitos (2001) 6. Afgan, E., Jones, W.T.: Design, Development and Usage of a Generic Job Submission Grid Service. University of Alabama, Birmingham 7. Jacob, B., Brown, M., Fukui, K., Trivedi, N.: IBM Red Book, Introduction to Grid Computing with Globus, SG24-6895 (2005)

A Comprehensive Performance Comparison of On-Demand Routing Protocols in Mobile Ad-Hoc Networks Jahangir Khan and Syed Irfan Hayder School of computer science PAF-KIET, PAF Base korangi Creek Karachi 75190, Pakistan [email protected], [email protected]

Abstract. Mobile ad hoc network is an autonomous system of mobile nodes connected by wireless links. Each node operates not only as an end system, but also as a router to forward packets. The nodes are free to move about and organize themselves on a fly. In this paper we focus on the performance of the on-demand routing protocols such as DSR and AODV in ad-hoc networks. We have observed the performance change of each protocol through simulation with varying the data in intermediate nodes and to compare data throughput in each mobile modes of each protocol to analyze the packet fraction for application data. The objective of this work is to evaluate two routing protocols such as On-demand behavior, namely, Ad hoc Demand Distance vector (AODV) and Dynamic Source Routing (DSR), for wireless ad hoc networks based on performance of intermediate nodes for the delivery of data form source to destination and vice versa in order to compare the efficiency of throughput in the neighbors nodes. To overcome we have proposed OPNET simulator for performance comparison of hop to hop delivery of data packet in autonomous system. Keywords: MANET, AODV, DSR, OPNET, performance comparison.

1 Introduction In modern world wireless communication technology, mobile computers are using very increasingly in many areas for different activities. Mobile Ad hoc Networks or peer to peer networks are an old concept defined in modified form by the invention of wireless technologies like Bluetooth and Wi-Fi etc. Mobile Ad hoc Networks (MANETS) are dynamic independent networks consists of mobile nodes. Such networks represent a fully mobile infrastructure due to the wireless communication between nodes. Mobile Ad hoc Network can be created and used at ant time, any where without any pre-existing base station infrastructure and central administration. The nodes in the network are used to provide connectivity and services, i.e. the nodes communicate directly with one another in peer-to-peer fashion. MANETS are used in applications such as disaster recovery, conferences, lectures, emergency situation in hospitals, meetings, crowd control, and battle fields. In such applications there is no T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 354–369, 2010. © Springer-Verlag Berlin Heidelberg 2010

A Comprehensive Performance Comparison of On-Demand Routing Protocols

355

need for central administration or fax infrastructure. The only way to add or delete nodes in Mobile Ad hoc Network is by interaction with other nodes [3]. In the fast world of growing technology the advancement in computers and mobile wireless communication technology have increasingly used applications in every area of life. Most of the technology operates in the traditional Internet Protocol (IP) suite. In the competition of this modern technology the aim of Mobile Ad Hoc networking is to provide efficient communication in wireless technology by adopting routing functionality in mobile nodes. The main aim behind the developing of ad hoc networking is multi-hop relaying. Wireless Ad hoc networks or infrastructure less networks are very easy to establish by using radio waves as transmitting medium without the requirements of any other equipment or infrastructure. In such a network mobile nodes can be moved and organized freely in an arbitrary way. This dynamic connectivity of nodes allow mobile ad hoc network to be organized any where any time. The development in computer equipments and the commercial arrival of laptop computers and other enhancements in mobile technology during 1990s gave birth to third generation of Ad hoc networks. The researchers proposed the idea of a collection of mobile nodes in ad hoc network. Mobile Ad hoc network working group was formed by Internet Engineering Task Force (IETF) in mid 1990s to standardized routing protocols for the newly adopted technology as well as by IEEE 802.11 for wireless networks. Mobile Ad hoc working group proposed reactive and proactive routing protocols for MANETS [12]. The objective of this work is to evaluate the performance of intermediate nodes as well as source to destination of two routing protocols based on On-demand behavior, namely, Ad hoc Demand Distance vector (AODV) and Dynamic Source Routing (DSR), for wireless ad hoc networks based on performance of intermediate nodes for the delivery of data form source to destination and vice versa. The paper is organized as follows. In section 2 describes classification of routing protocols in MANETS. In section 3 briefs the overview of AODV and DSR routing protocols. In section 4 to examine analysis and simulation along with program codes of selected protocols. Section 5 covers the performance comparison of hop-to-hop in AODV and DSR protocols. In 2nd last section describes proposed performance based routing model and last one concludes the paper.

2 Classification of MANET Routing Protocols The routing function of transferring data packets in mobile ad hoc network is performed by mobile nodes itself. Due to un-centralized and limited transmission range of ad hoc network, routing between mobile nodes consists of multiple hops depend on one another to forward packets to destination node. Routing protocol uses several metrics to calculate best suitable path for routing data packets between source and destination node. The routing protocol of ad hoc network must be distributed in nature and have the capability to compute multiple routes during the dynamic changes in network topology. Routing protocols for ad hoc network can be classified into different categories. Based on different criteria such as; type of routing information, when and how routing information is exchanged, and when and how routes are computed etc., here we classify ad-hoc network as proactive and reactive for routing protocols.

356

J. Khan and S.I. Hayder

2.1 Proactive or Table Driven Routing Protocols As the name implies, these routing protocols maintains information about global network topology in the form of routing tables at every node all time. Proactive Routing protocols are enhanced version of traditional wired/wireless network routing protocols. These protocols maintain routing information on every single node in network even before it needed. In other words it provides complete picture of network topology on every node. Routing information’s in routing tables is updated periodically and therefore actively determines layout of the network as network topology changes. These protocols are ideal in time-critical environment as it takes less time to determine best route for packets, but are not suitable for larger networks as it needs new node entry in table on every node which cause overhead and consumption of bandwidth. When a host node in the network requires a path to destination to send data packets, proactive routing protocol runs path finding algorithm to find best available route [7]. The common proactive routing protocols used by MANET are DSDV, OLSR, STAR, CGSR, FSR, HSR, GSR, and WRP. 2.2 Reactive or On-Demand Routing Protocols Ad Hoc networks using the reactive protocols do not maintain network topology information on all nodes at all time. As clear form the name on-demand routing these protocols do not exchange routing information periodically but use flooding method to obtain information when required for a node to send data packet. The host node which needs to transmit packets to destination in network, broadcasts a route request to all nodes in network. The host node will be waiting for reply of the nodes in the network to provide a path to destination before transmitting packets [7]. Reactive protocol performs two main functions in Ad hoc network routing, i.e. route discovery and route maintenance. The route discovery function of protocol is responsible for detecting of new route to forward packets when required by a node. Route maintenance function of reactive protocol is responsible for detecting of broken links and repairing of an existing route [8].The route discovered by global search process are then stored for future use until they become invalid and deleted because of link failure or topological changes. The route request and selection process leads to significant delay in initial setup of transmitting packets. Reactive protocols are bandwidth efficient and reduce storage space as it does not need to keep unnecessary network topology information up-to-date [9]. The common reactive routing protocols used by MANET are DSR, AODV, TORA, ABR, SSA, LAR, FORP, LMR, ROAM and PLBR.

3 Overview of Selected Routing Protocols This section discuss in details the current Mobile Ad Hoc Network (MANET) routing protocols concept as described by Internet Engineering Task Force (IETF) MANET working group and IEEE of wireless 802.11 standard. In particular, Ad Hoc OnDemand Distance Victor (AODV) Routing and Dynamic Source Routing (DSR),) are discussed along with a review of previous research implementation of these routing protocols.

A Comprehensive Performance Comparison of On-Demand Routing Protocols

357

3.1 Ad-Hoc On-Demand Distance Vector Routing Protocol (AODV) AODV routing algorithm is a routing protocol design for mobile Ad-hoc networks and is using on-demand routing approach for establishment of route between nodes. As it uses on-demand routing therefore it built route to transmit data packets when the source node desired and is trying to maintain established route as long as they are needed. AODV protocol has quality to support unicast, multicast and broadcast routing with loop free, self starting and scalable characteristics. AODV protocol routes data packets between mobile nodes of ad hoc network. This protocol allows mobile nodes to pass data packets to required destination node through neighbor’s node which cannot directly communicate. Nodes of network periodically exchange information of distance table to their neighbors and ready for immediate updates. AODV protocol is responsible to select shortest and loop free route from table to transfer data packets. In case of errors or changes in selected route, AODV is able create a new route for the rest of transmission of establishment and maintenance as below in fig.1. Route Management AODV routing protocol in ad hoc network communicate between mobile nodes through four types of different messages. • Route Request • Route Reply • Route Error • Hello Message To establish a route between source and destination node Route Request (RREQ) and Route Reply (RREP) packet query cycle are used. Route Error (REER) and HELLO data packets are used for route maintenance [2]. Route Establishment Consider the following figure 2, where source node 1 broadcast flooded RREQ message in network for destination node 9. Node 2, 5, and 6 are neighbor of node 1 therefore receives RREQ packet. When neighbor nodes receive RREQ packet, first of all these nodes create a reverse route entry for source node in their route table. These nodes check their routes to destinations if not available, they rebroadcast RREQ packet to their next own neighbors i.e. 3, 5, 7, and 9 after increasing the hop count. As shown in the figure 3.1, an intermediate node 5 can receive multiple RREQ packets from its multiple neighbors, i.e. node 1, 2 and 4. In such situation when a node receives multiple RREQ with same sequence number and broadcast identifier, it drops redundant RREQ and does not forward it Eventually, three different routes are discovered on the arrival of RREQ packet on destination node. This time destination node 9 sends unicast RREP packet which follow reverse route back to source node 1. The RREP packet from destination node includes current sequence number of destination and distance in hops to destination. During reverse routing of RREP packet nodes also set forward route table entry for destination node in their route table. Thus a unicast RREP packet reaches to source node with updated destination sequence number. The source node 1 accepts destination sequence number with shortest route and transmits data packets through forward route [1]. During transmission if source node receive RREP packet with

358

J. Khan and S.I. Hayder

greatest destination sequence number or equivalent it already using with less number of hops, it then updates its route table and begins to transmit data packets on new route. In a situation where source node does not receive RREP in required life span. The source node rebroadcast RREQ packet by increasing life span.

(a)

(b)

Fig. 1. Route establishments. (a) Route maintenance. (b) in AODV.

3.2 Dynamic Source Routing (DSR) Dynamic Source Routing (DSR) Protocol is an on-demand routing protocol developed at Carnegie Mellon university Pittsburgh USA for use of multi-hop wireless mobile ad hoc networks. DSR routing protocol is designed for mobile ad hoc network to keep features of both on-demand routing protocol and source routing protocol. DSR protocol performing as on-demand routing establishes a route between source and destination node when source node wants to send data packets, routing of data packets in DSR protocol between mobile nodes of ad hoc network is based on request/reply method. DSR control the wastage of bandwidth by eliminating need of periodic table updating. As discussed earlier that DSR protocol can establish a route to destination through source routing, therefore it does not require transmission of periodic hello message by a node to inform its neighbor about his presence [14]. Attractive point of DSR source routing protocol is that intermediate nodes of ad hoc network do not need to keep route information. The path is clearly defined in data packet of source node. DSR routing protocol supports uni-directional communication between mobile nodes [3]. In mobile wireless ad hoc network communication between mobile nodes through DSR routing protocol is achieved by two phases: Route establishment and maintenance along with fig.2. Route Establishment The DSR protocol dynamically discovers a source route across mobile nodes to any destination in ad hoc network. The DSR on-demand routing protocol operation based

A Comprehensive Performance Comparison of On-Demand Routing Protocols

359

on source routing divides route establishment phase between source and destination node into three parts. • Route Request (RREQ) • Route Reply (RREP) • Route Cache Route Maintenance In DSR routing protocol, mobile nodes of ad hoc network do not need to broadcast update periodic messages. Source node in network is responsible to maintain route for communication. Consider the following figure 3, where source node1 broadcasting data packets to destination node 9 through route 1-5-7-9. When communicating links 5-7 in the source route is broken down and node 5 cannot receive acknowledgement packet from node 7. The node 5 deletes current source route form its route cache and sends a RERR packet to source node 1. RERR packet from node 5 contains information about broken links between node 5 and 7. As soon as source node receive RERR packet, it deletes used source route from route cache and select another route to destination from route cache. If route cache does not contain any other route to destination then the source node broadcast the RREQ packet again to discover a new route to destination [4].

(a)

(b)

Fig. 2. Route establishments. (a) Route maintenance. (b) In DSR.

DSR protocol uses reactive/on-demand approach for routing in ad hoc network such as source routing instead of hop to hop routing and eliminates advertisement of periodically update messages. The intermediate nodes of the network are able to

360

J. Khan and S.I. Hayder

utilize route cache information effectively and efficiently so that to reduce control overhead. The saving in bandwidth occurs in DSR protocol due to beacon less (no hello messages) architecture [14].

4 Analysis and Simulation The main parameters that effect mobility in Ad Hoc Network are maximum speed of mobile host nodes and pause time between each moving. In this paper we discuss different phases such as simulation, data collection, and analysis of mobile ad hoc network. In this simple scenario of ad hoc network the following parameters are used for simulation purpose. The simulation is done by OPNET simulator version.12 for AODV and DSR routing protocols, here the scenario consists of four to thirty wireless nodes for simulation. Table 1. Parameters of Simulation

Routing Protocols Number of wireless nodes scenario Movement space Maximum speed Maximum pause time Transmission rates Packet size Simulation time

AODV and DSR 4-30 nodes 4000m x 3000m 2, 10, and 20 m/s 0 , 200s 2, 5, and 10 packets/s 512 bytes 300s

4.1 Analysis of AODV Routing Protocol The simulated scenario evaluates the performance of important TCP parameters for AODV network. All nodes in the network are configured to run AODV protocol and FTP sessions. In simulation process different AODV parameters are used as suggested by RFC and WLAN data rate. A single TCP connection is established between wireless nodes of scenario. Two different self mobility trajectories are defined for mobile. The results shows amount of routing traffic generated, route discovery time and the number of hops per route, TCP/IP traffic, no; of RREQ and RREP packets and FTP download and upload time. Simulation of mobile ad hoc network consist of six nodes was run for 300 seconds and the following results were generated. 4.1.1 Program Code C file for AODV Data Packet Support /* aodv_pkt_support.ex.c */ #include #include

A Comprehensive Performance Comparison of On-Demand Routing Protocols

361

#include #include #include static AODV_Packet* aodv_pkt_memcopy (AODV_Packet*option_ptr); static void aodv_pkt_memfree (AODV_Packet*option_ptr); static AODV_Packet* aodv_mem (void); static AodvT_Rreq*aodv_rreq_mem (void); static AodvT_Rrep*aodv_rrep_mem (void); static AodvT_Rerr*aodv_rerr_mem (void); static void aodv_rreq_memfr (AodvT_Rreq* rreq_ptr); static void aodv_rrep_memfr (AodvT_Rrep* rrep_ptr); static void aodv_rerr_memfr (AodvT_Rerr* rerr_ptr); Packet*aodv_pkt_create (AODV_Packet* pkt_option_ptr, int option_size) {static int index_x = OPC_FIELD_INDEX_INVALID; Packet* aodv_pkptr; #ifndef BIN #define BIN #endif #ifndef BOUT #define BOUT #endif 4.1.2 Global Statistics of AODV Routing Protocol To establish a route source node initiated route discovery process by sending FTP request to the destination node. In the route establishment process source node broadcasting RREQ packet and destination node reply by RREP packet. As soon as route is established between source and destination nodes, data transfer is started. The destination node sending data to source node in response of FTP request. Due to delay in Hello messages exchange between neighbor nodes chances of link breakage is higher. In case of link breakage route establishment process is started again. Mobile nodes of define ad hoc network wait until 3 minutes and 20 seconds (i.e. 200seconds) and start moving away towards path defined by trajectory during simulation process as in fig.3.

362

J. Khan and S.I. Hayder

(a)

(b)

Fig. 3. Global Statistics of AODV traffic sent (a) and received (b)

As described earlier that Hello messages are used for maintenance of a route between source and destination. This attribute of AODV is also used to determine neighbor nodes connectivity by the following formula, Allowed Hello Loss * Hello interval The periodic time interval of hello message transmission for this six node simulated scenario is defined as Uniform (10, 10.1) sec. Allowed Hello loss defines number of packet loss a node can maintain before link break which is defined 3 in this simulation. 4.1.3 Object Statistics of Source and Destination Nodes The lifetime of a routing table entry is initialized to active route timeout and is defined as 5 seconds for this scenario. If a route is not used and refreshed within defined period of time, AODV marks route as invalid and removes it from IP common table. To establish a route for the first time, originating node uses a TTL start value which is 1 for the first RREQ packet. The number of hops covered by source node is 2 where destination node is 1. The AODV packets are queued during route establishment, when route is established then packets are transmitted without any waiting in queue. Both nodes routing table contains same number of nodes information. The routing traffic sent and received by both source and destination nodes are also shown in the fig.4.

(a)

(b)

Fig. 4. Object statistics AODV Source node (a) and Destination node (b)

A Comprehensive Performance Comparison of On-Demand Routing Protocols

363

4.1.4 Object Statistics of AODV Mobile Nodes 1 and 2 The individual statistics of both mobile nodes in simulated scenario as shown in fig.5. The mobile node 2 is used as a hop in selected route for data transmission from source to destination. The AODV routing traffic sent and received in both packets and bits of mobile node 2 is high than mobile node 1. As the graph shows both mobile nodes are used in establishment of routes but OPNET internal mechanism selects the route of mobile node 2 because of shortest way to destination. Mobile node 1 graph shows that it sent routing traffic only in the establishment of route but is not use any more in the communication of data packets.

(a)

(b)

Fig. 5. Object statistics AODV mobile node 1(a) and node 2

4.1.5 Object Statistics of AODV Intermediate Nodes 1 and 2 The individual statistics of both wireless intermediate nodes in simulated scenario as shown in fig.6. The intermediate node 2 is used as a hop in selected route for data transmission from source to destination. The AODV routing traffic sent and received in both packets and bits of intermediate node 2 is high than intermediate node 1. The following figures shows the same results as discussed above for mobile nodes.

(a)

(b)

Fig. 6. Object statistics AODV Intermediate node 1(a) and node 2 (b)

364

J. Khan and S.I. Hayder

4.2 Analysis of DSR Routing Protocol The simulated scenario evaluates performance of important TCP parameters for DSR based six to thirty nodes network. All nodes in network are configured to run DSR protocol and FTP sessions. In simulation process different DSR parameters are used as suggested by RFC and WLAN data rate. A single TCP connection is established between wireless nodes of scenario. The mobility pattern for mobile nodes is defined by two different self defined trajectories. Different results are taken which shows the amount of routing traffic generated the route discovery time and number of hops per route, TCP/IP traffic, no of RREQ and RREP packet. 4.2.1 Program Code C file for DSR Data Packet Support /* dsr_pkt_support.ex.c */ #include #include #include #include #include static List*dsr_memcopy (List* t1v_options_lptr); static DsrT_Packet_Option*dsr_rreq_memcopy (DsrT_Packet_Option*); static DsrT_Packet_Option*dsr_rrep_memcopy (DsrT_Packet_Option*); static DsrT_Packet_Option*dsr_err_memcopy (DsrT_Packet_Option*); static DsrT_Packet_Option*dsr_sur_memcopy (DsrT_Packet_Option*); static DsrT_Packet_Option*dsr_pkt_memall (void); static DsrT_Route_Request_Option* dsr_rreq_memallo (void); static DsrT_Route_Reply_Option*dsr_rrep_memallo (void); static DsrT_Source_Route_Option*dsr_sup_memallo (void); /** Create the DSR packet**/ Packet*pkt_create (int next_header) { Packet*dsr_pkptr = OPC_NIL; List*tlv_options_lptr = OPC_NIL;

A Comprehensive Performance Comparison of On-Demand Routing Protocols

365

#ifndef BIN #define BIN #endif #ifndef BOUT #define BOUT #endif 4.2.2 Global Statistics of DSR Routing Protocol The simulated scenario for DSR routing protocol is the same as for AODV protocol. The different parameters defined for AODV protocol is kept same for DSR protocol to get best results for comparison of these two widely used routing protocols. The route request table of the wireless nodes in simulated ad hoc network is defined to hold 10 nodes towards destination. The number of hops in discovered route from source to destination in DSR routing protocol is 1 as shown in the fig.7.The route is established only once during start of data transmission in simulation run time. The route establishment phase in DSR protocol consists of three parts, i.e. RREQ, RREP, and route cache, Route cache is used to hold maximum number of routes at any time during simulation. The expiry time for a route in the route cache is defined as 300 seconds for this simulation scenario. The DSR routing global traffic sent and received in both packets and bits per seconds in simulated nodes of ad hoc network.

(a)

(b)

Fig. 7. Global statistics of DSR Routing Traffic sent (a) and received (b)

The above figures shows that maximum routing traffic sent by DSR routing protocol in simulated scenario is between 2200 and 2400 bits/s, where 7 packets/s. This is very good result during start of data packet transmission, but the routing traffic during transmission is draft to a very less value after the 20 seconds of route establishment. The routing traffic is reached to 0 bits and packets/s during communication and mostly less than 400 bits/s and 1 packet/s in the whole 300s simulation time. 4.2.3 Object Statistics of Intermediate Nodes in DSR During transmission of data in simulated ad hoc network routing traffic sent by all wireless nodes is shown in below. The route selected by DSR protocol in simulated scenario for transmission of data between source and destination nodes consists of four nodes, i.e. source, mobile node 2, intermediate node 2, and destination. Source

366

J. Khan and S.I. Hayder

node sent traffic only once during start of transmission. During reply by destination node a lot of traffic is added to the data as shown in the figure. The intermediate node 2 and mobile node 2 ads nearly same data traffic during simulation time. The source node sent less than 100 bits/sec traffic where a mobile and intermediate node 2 sent more than 500 bits/sec traffic. The traffic sent by all wireless DSR routing nodes in ad hoc network during simulation is shown in the following fig.8.

Fig. 8. Total DSR routing traffic sent

The traffic received by all wireless DSR routing nodes in ad hoc network during simulation in intermediate nodes routing traffic received as shown in the following fig.9.

Fig. 9. Total DSR routing traffic received

A Comprehensive Performance Comparison of On-Demand Routing Protocols

367

5 Routing Protocols Comparison Summary In order to judge the performance of any routing protocol one needs to know different metrics. Both AODV and DSR routing protocols deliver a greater percentage of originated data packets where there is node mobility occur. Both DSR and AODV are on-demand protocols whose basic characteristic is demonstrated in the shape of its overhead. DSR routing protocol limits scope and overhead of RREQ packets by using route cache.. The global statistics shows that traffic sent and received by DSR protocol is greater than AODV routing protocols. Data traffic is high in AODV during re-establishment of route between source and destination node, where in DSR traffic is going high and low during whole transmission. OPNET simulator internal mechanism select shortest possible path between all nodes of ad hoc network at any time during simulation and forward all data packets on specified path. In our scenario OPNET uses same route for both routing protocols. In order to check how AODV and DSR protocols react as rate of topology change varies; I changed the maximum node speed from 30 m/s to 5 m/s which show effect on both routing protocols. The global statistic of DSR MANET delay is very low than AODV delayed. The DSR delay is high only in start of transmission and a bit high during second and third time when route was established. On the other side AODV delay is very high in start of transmission and through out the simulation time. The size of the network, traffic load, and delay affects both AODV and DSR routing protocols. DSR routing protocol is not efficient for large networks with many mobile nodes and high load in terms of traffic and delay which will increase overhead. In such situation AODV routing protocol is ideal because of its hop-by-hop routing. The results also shows that total MANET traffic sent and received by DSR routing protocol is higher than AODV. The route discovery time of DSR is good than AODV routing protocol. Thus our simulation results show that some parameters of AODV are good as compared to DSR. But the overall performance of DSR is good than AODV routing protocol in this small and medium simulated ad hoc node scenarios.

6 Proposed Performance Based Routing Protocol Model For best routing between wireless nodes of ad hoc network a number of qualitative properties is desirable. For best and effective routing loop freedom is very necessary for data packets to avoid collision and waste of time. MANET uses time to live (TTL) to avoid such loops, but more structured approach is required to get best results. The MANET delay effects on routing very badly, as the mobile nodes are battery powered and scarce memory. The routing protocol needs to be routed intelligently and utilize network bandwidth and energy resources in a better way in case of network route delay. One of the important characteristics of MANET is dynamic topology based on node mobility. Mobile nodes in ad hoc network are free to change position frequently, therefore routing protocol needs to quickly adopt topology changes. Due to dynamic mobility and limited energy resources a unique wireless node in MANET cannot be trusted for auto configuration in case of break down. Therefore support of distributed operation is required by routing protocols to solve such type of problems. Therefore the routing protocol should design to eliminate or minimize control traffic and other

368

J. Khan and S.I. Hayder

periodic messages. Source routing protocol DSR is quite good in route establishment and route maintenance phases but not as good in routing data packets. Where hop-byhop routing protocol is good in transmission of data packets. AODV is authentic for large networks in routing of data packets.

7 Conclusion In this research work performance analysis of two different previously published routing protocols AODV and DSR were done through OPNET simulator. Simulation results for AODV and DSR routing protocols have been presented in many papers by different researchers. Here three different simulation scenarios are generated and the simulation time has varied from 2sec, 10sec and 20 sec. It is observed that the packet loss is very less in case of AODV, initially but it increases substantially on the simulation time increases. In case of DSR simulation the packet loss is very high initially but it decreases substantially on the simulation time increases. So, we can conclude that if the MANET has to be setup for a small amount of time then AODV should be prefer due to low initial packet loss and DSR should not be prefer to setup a MANET for a small amount of time because initially there is packet loss is very high. If we have to use the MANET for a longer duration then both the protocols can be used, because after some times both the protocols have same ratio of packet delivering. But AODV have very good packet receiving ratio in comparison to DSR.The two protocols Ad hoc OnDemand Distance Vector Routing (AODV) and Dynamic Source Routing (DSR) have been compared using simulation, it would be interesting to note the behavior of these intermediate nodes on a real life test bed. In this scenario of hop to hop (intermediate) networking, traffic load, and delay affects both AODV and DSR routing protocols, DSR routing protocol is not efficient for large networks with many mobile nodes and high load in terms of traffic and delay which will increase overhead. In such situation AODV routing protocol is ideal because of its hop-by-hop routing. Thus the combined performance of both AODV and DSR routing protocol could be best solution for routing in MANET instead of separate performance of both AODV and DSR in authentic intermediate data transfer rate from source to destination.

Acknowledgements Our thanks with core of heart to LNCS to give us the opportunity to present our research in competitive world of humans, we also thanks our family who pray for us, to whom we love.

References 1. Feeney, M.L.: Introduction to MANET Routing. [Internet]. Swedish Institute of Computer Science (2005), http://www.nada.kth.se/kurser/kth/2D1490/05/lectures/ feeney_mobile_adhoc_routing (accessed February 15, 2007)

A Comprehensive Performance Comparison of On-Demand Routing Protocols

369

2. Lin, C.: (N/A) AODV Routing Implementation for Scalable Wireless Ad Hoc Network Simulation (SWANS), http://jist.ece.cornell.edu/docs/040421-swans-aodv.pdf (accessed February 10, 2007) 3. Lee, S.: Routing and Multicasting Strategies in Wireless Mobile Ad Hoc Networks, [Internet].University of California Los Angeles (2000), http://www.sigmobile.org/phd/2000/theses/sjlee.pdf (accessed April 01, 2007) 4. Nicolau, A., Grigoras, D.: Concurrent Information Processing and Computing, 2nd edn. IOS Press, Netherlands (2005) 5. Forouzan, A.B.: TCP/IP Protocol Suite, 3rd edn. McGraw Hill Book Company, New York (2005) 6. De Renesse, R., Aghvami, A.H.: Formal Verification of Ad-hoc Routing Protocols using SPIN Model Checker. Centre for Telecommunication Research, King’s College London, UK (2004) 7. Lang, D.: On the Evaluation and Classification of Routing Protocols for Mobile Ad Hoc Networks (2006), http://home.leo.org/~dl/dissertation.pdf (accessed March 12, 2007) 8. Mukija, A.: Reactive Routing Protocols for Mobile Ad Hoc network (2001), http://www.ifi.unizh.ch/~mukhija/papers/rrp_thesis.pdf (accessed March 12, 2007) 9. Halgamuge, K.S., Wang, P.L.: Classification and Clustering for Knowledge Discovery, 1st edn. Springer, Netherlands (2005) 10. Kenjiro, C., Philippe, J.: Technologies for Advanced Heterogeneous network, 1st edn. Springer, Netherlands (2005) 11. Agha, A.K., Omidyar, G.C.: Mobile and Wireless Communications Networks, 2nd edn. World Scientific, Singapore (2003) 12. Bakht, H.: Wireless Infrastructure: Critical ah-hoc networking features (2005), http://www.zatz.com/authors/authorpages/humayunbakht.htm (accessed on 03-03-2007) 13. He, C.: Throughput and delay in Wireless Ad Hoc Networks, Final report of EE359 Class project, Stanford University (2003) 14. Ram, S.C., Manoj, S.B.: Ad-Hoc wireless networks: architecture and protocols, 1st edn. Prentice-Hall, New Jersey (2004)

Preserving Energy Using Link Protocol in Wireless Networks Anita Kanavalli, T.L. Geetha, P. Deepa Shenoy, K.R. Venugopal, and L.M. Patnaik Department of Computer Science and Engineering University Visvesvaraya College of Engineering, Bangalore, India Vice Chancellor, Defence Institute of Advanced Technology (Deemed University) Pune, India [email protected]

Abstract. A sensor node is equipped with a limited energy source and hence has a lifetime dependent on that source. In a wireless sensor network, each node can originate data and also has to route data. When a few nodes deplete their energy resources, topology changes occur which may require rerouting of data packets. An Automatic Repeat reQuest (ARQ) protocol uses a mechanism to improve transmission reliability of a communication link by means of packet retransmission. The purpose of this work is to design a link quality aware ARQ protocol which only retransmits packets only when it gets acknowledgement from the receiver i.e. only when link is good. The protocol makes necessary comparisons through simulations and draw conclusions based on the results obtained. The main aim of this study is to determine a protocol that is efficient in terms of preserving the limited energy supply for sensor nodes and use a SimpleLink module for this purpose. The SimpleLink module consists of a transmitter and sender both will Adopt ARQ transmission protocol. Keywords: ARQ, Link aware, Slot time, Sensor networks.

1 Introduction Since wireless adhoc or sensor networks are not widely implemented in real world except military implementations, it is hard to find any industry products or standards that implement the energy efficient protocols. A sensor node is equipped with a limited energy source and hence has a lifetime that is dependent on that source. In a wireless sensor network, each node can originate data and also has to route the data. When a few nodes deplete their energy resources, topology changes occur which may require rerouting of data packets. A sensor node's task is to sense data, perform some processing and then transmit the data. Energy consumption in a node can therefore be divided into three areas: communication, processing and sensing. A node traditionally expends most of its energy during communication. The transceiver unit consumes energy during both start-up and active states. Sensor nodes use short data packets for communication. As the size of these packets become smaller, the significance of power consumed during transceiver start-up increases. The energy consumed during processing is small and can be kept to a minimum by simplifying the processing task T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 370–380, 2010. © Springer-Verlag Berlin Heidelberg 2010

Preserving Energy Using Link Protocol in Wireless Networks

371

as much as possible. The energy consumed for sensing depends on the nature of the sensing task. Sensing can be continuous or at discreet intervals and different types of sensors have different complexities and power consumption. Another potential example is the delay-tolerant networks. In such networks a node does not have fixed links to its neighbors because of movement of nodes in the network or due to the unavailability of the links. Thus their neighbors may show up or disappear from time to time. Therefore, in these scenarios, traditional ARQ protocols fail to deliver a packet while wasting a lot of energy on retransmissions. Energy and bandwidth are limited in wireless adhoc or sensor networks. Therefore reducing the energy consumption and increasing network capacity is a rewarding goal for engineers. Generally for any given network topology and the traffic demands, to find the way to minimize the total power consumption is not very easy. To save energy, intuitively, we can send fewer messages at the sources and the energy is conserved. With the same token, if we can do reliable computation at the sink and intermediate nodes, energy is further saved. For routes, it is better to find good path with diversity advantage from the intermediate nodes, not the shortest path. Thus a link quality aware protocol is required which retransmits the packet only when an acknowledgement is received. Such protocols will preserve the energy of the nodes in the network.

2 Related Work Authors in [1, 2] have looked into the tradeoff between energy consumption and throughput. They modeled the throughput and energy consumption using a Markov model. Then they proposed an easy probing based approach such that whenever an acknowledgement is missed, the transmitting node switches to a probing mode in which only pilot packets are sent periodically until an acknowledgement is received. The idea is to reduce the energy consumption by probing link quality with small pilot packets. However, this protocol assumes that, the channel can be modeled precisely with the markov chain, the buffer size is unbounded; and the transmitter has a lot of packets to send thus the pilot packets are sent with a much lower rate than the data packets. In a real WSN, say, monitoring environmental parameters, these assumptions may not be true. In fact most of the WSN’s are not designed for the heavy traffic. The aim is to conserve their energy and transmit the important changes in the environment. The authors in [3] proposed a machine learning algorithm to decide whether to retransmit. A decision regarding retransmission is awarded or punished depending on whether an acknowledgement is received. Their decision making algorithm is actually a variation of using Exponential Weighted Moving Average (EWMA) filtering to estimate the Packet Delivery Ratio (PDR). A successful delivery will raise the estimation of the current PDR with a fixed amount while a failure will decrease the estimation by the same amount. The impact of previous estimation decrease exponentially with time. The difference is that the authors add several more parameters into the algorithm which makes the rate of change in increment and decrement different. However, the parameters used in adaptation are hard to decide, a pre-determined value only fits the already available measurement of certain environment while deciding the values of these parameters on the fly that models the current scenario properly is highly difficult to implement[4,5]. Therefore, our objective here has been on two

372

A. Kanavalli et al.

facets: use the current situation of the environment effectively and take the decision based on the current measurements and use the fact that WSNs usually tolerate certain amount of delay so that buffering could be used to exploit the link to fullest when it is most useful. The growing interest in WSNs and the continual emergence of new techniques inspired some efforts to design communication protocols for this area. Communication protocols take the task of data transmission in the large scale network and are important to achieve possible better performance. Normally; current routing can be typically classified into four main categories, namely data-centric protocols, hierarchical protocols, location-based protocols and flow-based and QoS-aware protocols [6, 7, 8]. Of course, there are also some hybrid protocols that fit under more than one category.

3 Model and Design 3.1 SimpleLink SimpleLink which is used to connect two nodes is as shown in the figure 1. This figure shows the architecture of a SimpleLink object.

Fig. 1. Architecture of a SimpleLink object Figure 1 also shows the composition of class SimpleLink, which consists of the following basic objects and tracing objects in the interpreted hierarchy: Basic Objects: i) Head: The entry point of a SimpleLink object. ii) Queue: As a queue object, queue_ models packet buffering of a “real router”. iii) Link: A delay link object, which models packet transmission time and link propagation delay. iv) Ttl: At time to live checker object whose class is TTLChecker, it decrements the time to live field of an incoming packet. After the decrement, if the time to live field is still positive, the packet will be forwarded to the next element in the link. Otherwise, it will be removed from the simulation. v) Drophead: The common packet dropping point for the link. The dropped packets are forwarded to this object.

Preserving Energy Using Link Protocol in Wireless Networks

373

Tracing Objects: enqT_: Trace packets entering queue deqT_: Trace packets leaving queue drpT_: Trace packets dropped from queue rcvT_: Trace packets leaving the link or equivalently received by the next node. SimpleLink object is created using the instprocs simplex-link {...} and duplex-link {...} of class Simulator. 3.2 Modeling Packet Departure The class DelayLink is used to instantiate the instvar SimpleLink, which models the packet departure process. A packet departure process consists of packet transmission time and link propagation delay. Conceptually, when a LinkDelay object receives a packet, it places these two events on the simulation timeline: (i) Packet departure from an upstream object: Define Packet transmission time = packet size/bandwidth as time needed to transmit a packet over a link. After a period of packet transmission time, the packet completely leaves (or departs) the transmitter and the transmitter is allowed to transmit another packet. Upon a packet reception, a LinkDelay object waits for a period of packet transmission time, and informs its upstream object that it is ready to receive another packet. (ii) Packet arrival at a downstream node: Define propagation delay as the time needed to deliver a data bit from the beginning to the end of the link. Again, an entire packet needs a period of packet transmission time+ propagation delay to reach the destination. A LinkDelay object, therefore, schedules a packet reception event at the downstream node after this period. (iii) In our scheme we use the ETX metric for link quality measurement. it estimates the number of retransmissions required to send packets by measuring the loss rate of broadcast packets between pairs of neighboring nodes. The packet loss rates can be defined as r LF = (N-NA)/N = 0.2.

(1)

r LR = (N-NB)/N = 0.3.

(2)

for the links from A to B and from B to A, respectively; here the subscripts LF and LR stand for loss on forward and reverse path, respectively, Now we an define the probability of sending a packet and successfully receiving the acknowledgement in a single attempt: PSR = (1 -rLF) * (1 -rLR) = 0.56.

(3)

374

A. Kanavalli et al.

We can find the expected number of retransmissions until the packet is successfully delivered: Q A, B = I / PSR = 1.79.

(4)

This is the value of the ETX metric for quality of the link between A and B. 3.3 ARQ Module An Automatic Repeat reQuest (ARQ) protocol, which is a mechanism to improve transmission reliability of a communication link by means of packet retransmission [8]. Automatic Repeat reQuest (ARQ) is a method of handling communication errors by packet retransmission. An ARQ transmitter (i.e., a transmitting node which implements an ARQ protocol) is responsible for transmitting data packets and retransmitting the lost packets. An ARQ receiver (i.e., a receiving node which implements an ARQ protocol), on the other hand, is responsible for receiving packets and (implicitly or explicitly) informing the transmitter of the transmission result. It returns an ACK (acknowledgement) message or a NACK (negative acknowledgement) message to the transmitter if a packet is successfully or unsuccessfully (respectively) received. Based on the received ACK/NACK pattern, the ARQ transmitter decides whether to retransmit the lost packet or to transmit a new packet. In this design we focus on a limited-persistence stop-and-wait ARQ protocol. Here, an ARQ transmitter transmits a packet and waits for an acknowledgement from the corresponding ARQ receiver before commencing another (lost or new) packet transmission. In the following section the design of the different programming modules are discussed.

Fig. 2. Architecture of a SimpleLink object with an ARQ module

The Link is constructed by inserting an error module an ARQ module into a SimpleLink object. As shown in the Fig 2. A SimpleLink object consists of four main instvars: queue_ which models the packet buffering, link_ which models the service time of the queue and the link propagation delay, ttl_ which models time-to-live of a packet, and drophead which acts as a common dropping point for a SimpleLink

Preserving Energy Using Link Protocol in Wireless Networks

375

object. An error model link errmodule_ is inserted into a SimpleLink object by an OTcl command link-lossmodel{...} of class Simulator ns2, employs a queue blocking and callback mechanism to model packet forwarding in a SimpleLink object. The process starts when a Queue object queue_ receives and forwards a packet as well as its queue handler (whose class is QueueHandler) to its downstream object, and blocks itself. The instvars tARQ, acker and nacker are incorporated into the packet forwarding mechanism as follows: ACK/NACK message passing: The key components of the ACK/NACK message passing mechanism are instvars acker_ and nacker_, which are responsible for creating and forwarding ACK and NACK messages (respectively) to an ARQ transmitter. As shown in the figure 8 the two components are attached to variables target and drop, respectively, of instvar link errmodule. A packet will be forwarded to the instvars acker and nacker, respectively, depending on whether the packet is in error or not in error, respectively. Instvar acker informs the ARQ transmitter of a transmission success, and forwards the received packet to the instvar link, while nacker drops the corrupted packet, and informs the ARQ transmitter of transmission failure. A callback mechanism: In case of a SimpleLink object, instprocs link and link errmodule are responsible for the callback mechanism. When inserting ARQ components, the callback mechanism is modified as follows. Instvars link and link errmodule call back to an ARQ transmitter which in turns calls back to a Queue object. Upon receiving a packet and a queue handler from the Queue object, the ARQ transmitter stores the queue handler in its member variable, and transmits the received packet as well as its handler to the downstream object. Depending on whether the packet is in error or not in error, the link errmodule and link (respectively) will place a callback event on the simulation timeline. At the same time, nacker and acker will inform the ARQ transmitter of the transmission result. At the firing time (when the packet is completely transmitted), the ARQ transmitter determines whether the packet was successfully transmitted or not. Then, it decides whether to retransmit the lost packet or to fetch another packet from the upstream Queue object based on the received ACK/NACK messages. In Fig. 2 the ARQ-related instvars include an ARQ transmitter tARQ, an ACK message transmitter acker, and a NACK message transmitter nacker. Functions ack () and nack (p) are ACK and NACK message reception functions, respectively, whose flowcharts are shown in Fig. 3 Function ack () resets num rtxs to zero and sets status to acknowledged. Function nack (p) stores the input packet in variable pkt, and increases the value of variable num_rtxs by 1. If num_rtxs is greater than retry limit, it will set status to DROPPED and reset num_rtxs to zero. Otherwise, it will set status to RTX. Function resume () is invoked when the ARQHandler object arqh is dispatched. It takes actions based on the value stored in the variable status. Finally the Flow chart in Fig. 5 is designed to show the over all working of our implementation in this paper, as we mentioned earlier, our protocol works only when link from sender to receiver is good. To know whether link is good or bad we thoroughly examine our protocol as by its ACK and NACK for certain time and then we set our retransmission limit. To set timeout period of a packet we need to take historical values by examining for certain possible input/outputs. Like we need to calculate round trip time of a packet for more number of packets and get smaller value in that and set timeout period for a packet or time to live of a packet. So we go for slottime.

376

A. Kanavalli et al.

Fig. 3. Flowchart of function (a) ACK ( ) (b) nack ( p ) of class ARQTx

Fig. 4. Flowchart of function resume ( ) of class ARQTx

Slot time is the time it takes for a packet to travel the maximum theoretical distance between two nodes in a network. If the slot time were less it would mean that the nodes waiting to send a packet would wait for a small time before transmission. More collisions would mean more retransmissions and hence delay in the packet reaching its destination. So, noting the delay in packet reception for different slot times would help us in understanding the consequences of switching from one slot time to another. For a given network scenario, we varied the slot time of the Mac layer protocol and observed its effects on the delay in packet reception. NS implements two MAC layer protocols for mobile networking- Mac802.11 and preamble based TDMA protocol. We used the Mac802.11 protocol while conducting our experiments, as it is a contention-based protocol. Also, the preamble based TDMA protocol is still in its preliminary stages of development.

Preserving Energy Using Link Protocol in Wireless Networks

377

Fig. 5. Flow chart of Link Quality ARQ protocol

4 Implementation and Results In the OTcl domain, we need to create ARQTx, ARQAcker, and ARQNack objects tARQ, acker, and nacker, respectively, and insert them into a SimpleLink object as shown in figure 1. The implementation is done using ns2, A SimpleLink link-arq{limit} : this instproc creates the ARQ related instances and configures the SimpleLink object This instproc is an interface instproc which creates and configures ARQ modules of the link connecting Node from to Node to, The input argument limit here is used as the retry limit of the ARQ module. The experiment is set up to show the impact of retry limit of a limited-persistence stop-and-wait ARQ protocol on TCP throughput. An error module is inserted with 0.3 error probabilities in the link connecting the nodes and implements a limited-persistence ARQ over this lossy link, and plot TCP throughput versus the retry limit. The snapshot of the simulation is shown in figure 6. TCP throughput in packets per second is computed as the final TCP sequence number divided by the simulation time. We vary the retry limit to {0, 1, 2, 3}, and plot TCP throughput as shown in the Fig. 7.a, It clearly shows the increase of retry limit and also increases link reliability, and therefore, increases TCP throughput. Movement Model For our experiment, we considered a fixed scenario of 100 nodes, moving with a maximum speed of 10m/s, with a pause time of 4s, within a topology boundary of 500 x 500, for a simulation time of 30s.

378

A. Kanavalli et al.

Communication Model We gave the nodes 40 cbr connections, with a packet generation rate of 2.66.

Fig. 6. Impact of retry limit of a limited persistent ARQ protocol on TCP

The obtained results in Fig 7.b consistent with our initial expectations that the delay in packet reception increases when the slot time decreases. The plot in the graph above is a smooth and continuous curve, indicating that there is a steady increase in average delay in packet reception as the slot time is reduced.

400

TCP Throughput

350 300 250 200 150 100 50 0 0,0

0.2 0.4

0.6 0.8

1

1.2 1.4

1.6 1.8

2.2 2.8

3

Retry Lim it

Fig. 7. (a) Impact of retry limit of a limited persistent ARQ protocol on TCP

Preserving Energy Using Link Protocol in Wireless Networks

379

800 750 700 650

Avg End to End Delay

600 550 500 450 400 350 300 250 200 150 100 10

11

12

13

14

Slot Tim e

Fig. 7. (b) Slottime v/s End to End Delay

5 Conclusion The above implementation of SimpleLink concludes that by using stop and wait mechanism in ARQ protocol at the receiver and at the transmitter side energy is saved by routers by simply transferring without knowledge of the whether the packet sent or not. So this mechanism gives us the better results in achieving the status of packet and forward next packet. We can get status of link whether it’s free to send packet or not. Also we designed a scenario to generate slot time as we need to set in our design for correct transmission of packet in saving energy of resources

References 1. Zorzi, M., Rao, R.R.: Energy constrained error control for wireless channels. IEEE Personal Communication Magazine 4, 27–33 (1997) 2. Zorzi, M., Rao, R.R.: Error control and energy consumption in communications for nomadic computing. IEEE Transactions on Computers 46, 279–289 (1997) 3. Chen, J., Lin, R., Li, Y., Sun, Y.: A Link Quality Estimation based Routing for Wireless Sensor Networks. Sensors 8, 1025–1038 (2008) 4. Akkaya, K., Younis, M.: A survey on routing protocols for wireless sensor network. Ad Hoc Networks 3(3), 325–349 (2005) 5. Kumar, K.S., Chandramouli, R., Subbalakshmi, K.P.: On stochastic learning in predictive wireless ARQ. Wirel. Commun. Mob. Comput. 8(7), 871–883 (2008) 6. Dananjay, L., Manjeshwar, A., Herrmann, F., Uysal-Biyikoglu, E., Keshavarzian, A.: Measurement and Characterization of Link Quality Metrics in Energy Constrained Wireless Sensor Networks. In: IEEE Global Telecommunications Conference (GLOBECOM 2003), pp. 446–452 (December 2003) 7. Heinzelman, W., Chandrakasan, A., Balakrishnan, H.: Energy-Efficient Communication Protocol for Wireless Microsensor Networks. In: Proceedings of the 33rd Hawaii International Conference on System Sciences (HICSS), Hawaii, USA, January 4-7, p. 110 (2000)

380

A. Kanavalli et al.

8. Guo, C., Venkatesha Prasad, R., Pawełczak, P., Hekmat, R.: Designing Energy Efficient Automatic Repeat Request Protocol in Wireless Sensor Networks. In: ACM 978-1-60558741-7/09/09 (2009) 9. The Network Simulator – ns-2, http://www.isi.edu/nsnam/ns/ 10. Introduction to Network Simulator, Springer book publications, TOT Public Company Limited, Ekram Hossain Department of Electrical & Computer Engineering

Trust Based Routing in Ad Hoc Network Mikita V. Talati, Sharada Valiveti, and K. Kotecha Computer Science and Engineering Department Institute Of Technology Nirma University, Ahmedabad-382481 [email protected], [email protected], [email protected]

Abstract. Ad Hoc network often termed as an infrastructure-less, selforganized or spontaneous network.The execution and survival of an ad-hoc network is solely dependent upon the cooperative and trusting nature of its nodes. However, this naive dependency on intermediate nodes makes the ad-hoc network vulnerable to passive and active attacks by malicious nodes and cause inflict severe damage. A number of protocols have been developed to secure ad-hoc networks using cryptographic schemes, but all rely on the presence of trust authority. Due to mobility of nodes and limitation of resources in wireless network one interesting research area in MANET is routing. This paper offers various trust models and trust based routing protocols to improve the trustworthiness of the neighborhood.Thus it helps in selecting the most secure and trustworthy route from the available ones for the data transfer. Keywords: Ad Hoc network, Trust, Security, Trust models.

1

Introduction

One of the most important characteristics of Ad Hoc networks is that they require non centralized administration or fixed network infrastructure. Nodes in the ad hoc networks cooperate with each other to do routing discoveries and data transmissions in a self-organized way.However,this self-organization nature that makes mobile ad hoc networks insecure. Without any third-party authority, everybody including some malicious nodes can join and leave the ad hoc network freely. These malicious nodes would then perform all kinds of attacks to eavesdrop information, interrupt normal communications, or even make the whole network denial-of-service. The trust relationship between the existing nodes will be disturbed, and no one can definitely trust with each other any more. Many security schemes for mobile ad hoc networks have been proposed in order to protect the routing information or data packages during communications. However most of these schemes assume that there are trusted third parties or centralized servers who are responsible for issuing certificates and keys or monitoring the behaviors of other nodes. Centralized servers or trusted parties make the network more controllable but they destroy the self-organizing nature and T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 381–392, 2010. c Springer-Verlag Berlin Heidelberg 2010 

382

M.V. Talati, S. Valiveti, and K. Kotecha

reduce the scalability of mobile ad hoc networks. Even some schemes distribute the servers into many nodes, there are still bottlenecks due to centralization. If one scheme distributes the functions of servers into each node of the network, it will introduce huge performance overhead. Thus, we need a self-organized routing scheme for mobile ad hoc networks. The remaining paper is organized as follows. Following part focuses on some basic routing information and it’s challenges. Section 1.3 define the existing security based routing protocols for Ad Hoc networks in a self-organizing way instead of using centralized servers. But they usually make the unrealistic approach to let each node monitor its neighbors. This will bring high overhead and even worse security. Our solution, on the other hand, introduces the idea of trust. Section 2 defines basic knowledge and properties about trust. Trust models and trust based routing protocol are defined in section 3 and section 4 accordingly.Finallly we conclude in section 5 and future work is represented in section 6. 1.1

Routing in Ad Hoc Network

Routing protocol includes exchanging information and finding feasible path depending on some metrics like no. of hope counts, latency, bandwidth consumption, power requirement, lifetime of a link etc. There are three main approaches in the design of routing protocols for Ad Hoc networks. • Proactive approach: Proactive protocols discover network topology information through periodic control packets and operate in a manner independent of current communication needs and network conditions.ex.DSDV, WAR,STAR • Reactive approach:On-demand protocols discover routing information only when it is needed for current communication, and are generally more efficient, as they scale their overhead according to communication demands in the network.ex.AODV,DSR,TORA • Hybrid approach:It’s a combination of above both approch,thus advantage of both approch has been acquired. 1.2

Challanges in Ad Hoc Network

1. Malicious attacks • Passive attack: Here the attacker does not disturb the routing protocol. It only eavesdrops on the routing traffic and endeavors to extract valuable information like node hierarchy and network topology from it. while Nodes that perform passive attacks with the aim of saving battery life for their own communications are considered to be selfish. • Active attacks: The aggressor node has to expend some of its energy in order to carry out the attack. Malicious nodes can disrupt the correct functioning of a routing protocol by modifying routing information, by fabricating false routing information or by impersonating nodes. Nodes that perform active attacks with the aim of disrupting other nodes by causing network outage are considered to be malicious.

Trust Based Routing in Ad Hoc Network

383

2. Promiscuous communication channel: This promiscuous nature allow malicious mobile nodes to eavesdrop the transmission of other mobile nodes. 3. Broken links and sporadic channel due to dynamic topology: malicious node may report genuine link as a broken link to disrupt the communication between two nodes. Secure routing protocols are incapable of differentiating between the genuinely reported broken links from maliciously reported broken links because of their static behavior. 4. Cooperation among nodes: MANET eliminates the necessity for an infrastructure, every mobile node is required to cooperate to forward packets for other mobile nodes. This intrinsic requirement allows malicious nodes to launch Denial of Service (DoS) attacks in the form of dropping or (and) flooding packets. 5. Constrained Battery power: 1.3

Existing Security Based Routing Protocols

1.3.1 SAODV-Secure AODV Secure AODV (SAODV)[1] is a security extension of the AODV protocol, based on public key cryptography. SAODV routing messages (RREQs, RREPs, and RERRs) are digitally signed to guarantee their integrity and authenticity. Therefore, a node that generates a routing message signs it with its private key, and the nodes that receive this message verify the signature using the senders public key. The hop count cannot be signed by the sender, because it must be incremented at every hop. Therefore, to protect it (i.e., not allow malicious intermediate nodes to decrement it), a mechanism based on hash chains is used. It uses double signature: when a node A generates a RREQ message, in addition to the regular signature, it can include a second signature, which is computed on a fictitious RREP message towards A itself. Intermediate nodes can store this second signature in their routing table, along with other routing information related to node A.If one of these nodes then receives a RREQ towards node A, it can reply on behalf of A with a RREP message.But SAODV requires heavyweight asymmetric cryptographic operation for generation of signatures 1.3.2 ARAN-Authenticated Routing Protocol for Ad Hoc Network ARAN [2] provides authentication,message integrity,non-repudation as a part of minmal security for ad hoc network.It is motivated to detect and protect against malicious actions by third parties and peers in an ad hoc environment. ARAN is a security scheme, which can be applied to any on-demand routing protocols. ARAN consists of three stages: a preliminary certification process, a mandatory end-to-end authentication stage and an optional stage providing secure shortest path. To deploy these three stages, ARAN requires the use of a trusted certificate server T and public key cryptography. Each node, before entering the network, must request a certificate from T, and will receive exactly one certificate after securely authenticating their identities to T. When a node wants to initiate a route discovery, it creates a signed RDP and broadcasts it to the next hop. The next hop node verifies the originator’s

384

M.V. Talati, S. Valiveti, and K. Kotecha

signature. If it is authentic, it adds its own certificate and signs the whole packet again.When the target node receives this RDP, it replies with a REP.However, the use of public key cryptography is very costly. The computational overhead caused by signature generation and verification brings tremendous burden and wastage of bandwidth for mobile nodes. 1.3.3 SEAR-Secure Efficient Ad Hoc on Demand Routing Protocol The traditional philosophy to protect the modification of the routing messages is to apply authentication to prevent the alternation of all fields included in the routing messages. In contrast, SEAR allows for the alteration of certain fields in routing messages, but guarantees that such an alteration will not result in any benefit to an adversary. In SEAR [3] each node has pair of keys Ka ,Ka−1 .In order to protect RERR messages, we assume even sequence numbers are usedKa,Ka- for messages that originate from the destination, while odd sequence numbers are used for those messages that originate from other nodes. Each node also maintains two hash chains function. • Authenticator ash chain to protect the sequence numbers and hop counts for routing packets associated with routes to that node. • TESLA key chain for authenticating RERR messages. The authentication hash chain is generated using one-way function. The values of the hash chain, which are called authenticators, are partitioned and used according to the sequence numbers and hop counts associated with the routing messages they protect.Attackers might generate same hope count so node’s identity is encoded in hash value. 1.3.4 AODV-SEC AOVD-SEC [4] has a goal of efficient routing protocols using strong security mechanisms combined with a high network performance.AODV-SEC makes use of the certificates provided by the PKI. The protocol AODV-SEC is an improved version of the SAODV protocol. Since we defined AODV-SEC as an AODV extension, only the Controller had to be replaced by the Security Controller. This new controller module detects the security extensions and runs the respective mechanisms to verify or secure the packet. Every secured packet will be answered using also a secure packet and insecure is by insecure. They are using libcrypto as cryptographic library. Conventional X.509 certificates have been used in the original design of AODV-SEC.However during the first evaluation runs it’s discovered that routing packets containing several X.509 certificates become too large (avg. 2.5 kb) to fit in a single Maximum Transfer Unit (MTU) of 802.11 WLAN. Hence the MAC layer starts to fragment the packets which lead to twice the number of packets on the channel, increasing the number of collisions. Therefore, a new certificate type called mCert is designed which contains only the relevant data of the certificate. The corresponding mCert is around 450 Byte large. It also uses digital signature, hash chains and data container for security purpose.AODV-SEC implements double signature

Trust Based Routing in Ad Hoc Network

385

extension in which originator.of req/reply packet as well as last hop forwarding a msg. is also verified. For that they are using RSA and SHA-1 hashing.Thus it reduces the connection setup time. 1.4

Challenges with Existing Security Protocols

• Pre-installation of security association required which may cause struggle for new and existing node in network • Dynamic topology causes central authority as unattractive option • Incentive based systems failed against nodes that disrupt the transmissions of nodes by dropping or flooding packets

2

Trust Metric

2.1

Introduction

Trust and security are two tightly interdependent concepts that cannot be desegregated. For example, cryptography is a means to implement security but it is highly dependent on trusted key exchange. Similarly, trusted key exchange cannot take place without requisite security services in place. It is because of this inter-reliance that both these terms are used interchangeably when defining a secure system. Trust in wired networks is usually achieved using indirect trust mechanisms, including trusted certification agencies and authentication servers. However, establishing this indirect trust still requires some out-of-band mechanism for initial authentication and is usually dealt with physical or location-based authentication schemes. Trust establishment in ad-hoc wireless networks is still an open and challenging field. Ad-hoc networks are based on naive ”trust-your neighbor” relationships. These relationships originate, develop and expire on the fly and have usually short life spans. As the overall environment in such a network is cooperative by default, these trust relationships are extremely susceptible to attacks. For a number of reasons, including better service, selfishness, monetary benefits or malicious intent, some nodes can easily mold these relationships to extract desired goals. Trust cannot be treated as a property of trusted systems but rather it is an assessment based on experience that is shared through networks. 2.2

Trust Properties

• Asymmetry: Trust relationship is not symmetric. One can trust another but not vice versa. That is the trustworthiness in the reverse direction need not exist at the same time. Thus, the trust relationship can be viewed as a oneway or unidirectional relationship. If mutual trust exists between the same entities, some trust models such as often represent them as two separate trust relationships. This allows each of these relationships to be manipulated independently.

386

M.V. Talati, S. Valiveti, and K. Kotecha

• Transitivity: Trust is not necessarily transitive, that is, if A trusts B and B trusts C, then A does not necessarily trust C. however, some trust scenarios do exhibit transitivity. • Reflexivity: Trust is assumed to be reflexive, that is, a node trusts itself completely. A trust level is requested by a ”Requester” to the ”Recommender”, in reply a recommender send its own trust level in the requested node. • Context dependent: Trust relationship are meaningful in specific context. • Quantitative values: Trust is represented in numeric value. • - Continuous:for Ex.+1 for complete trust,0 for uncertainty and -1 for no trust • - Discrete:for Ex.very high,high,medium,low • Not reciprocal: 2.3

Difference between Trust and Reputation

• Trust: It enables trustee to take binary decision value by balancing between known risk and opinion held for trustee.It’s prediction of nodes future action. • Reputation: Reputation is the opinion held by thruster toward trustee depending on its past experience. It provides opinion which effect the prediction about trust. 2.4

Types of Trust

• Direct trust: It’s known as functional trust and entity can trust another entity directly using all existing experiences • Recommendation trust: It’s known as referral trust and expresses the belief in the capability of an entity to decide whether another entity is reliable in the given trust class and in its honesty when recommending third entities.

3 3.1

Trust Models Direct and Recommendation Trust Model

Here semantics of direct trust[11] values is different from that of recommendation trust values. During authentication in open networks an entity often requires other entities’s recommendations. These entities can be viewed as Authentication Servers (AS). This trust model is to prevent contradicting or malicious recommendations from different authentication servers. Thus, it is necessary to provide a mean of estimating the trustworthiness of AS. This trust model divides trust relationships into two types: direct trust and recommendation trust. Direct trust means that node A can trust another node directly using all the existing experiences in A about that node. Recommendation trust was adopted by many other trust model applications such as the other trust models .The recommendation trust often comes along a path.

Trust Based Routing in Ad Hoc Network

387

Fig. 1. Direct and Recommendation Trust Model

3.2

A Distributed Authentication Trust Model with Recommendation Protocol

The model[11] uses trust categories and trust values to find different levels of trust. The integral trust values in the model vary from -1 to 4 representing distinct levels of trust from absolute distrust (-1) to absolute trust (4). The trust values of a node are given in table. When a node A want to trust another node B, node A first checks its own Trust Table. If node B is in its table and the value is ”yes”, then B can be trusted; if the value is ”no”, B cannot be trusted. If B is not in A’s Trust Table, A sends a trust-value-request for B’s trust value to all the trustworthy nodes in its Trust Table. If any of these trustworthy nodes does not know B, this node passes A’s request to its trustworthy nodes in its trust table. Table 1. Direct Trust Value Semantics Value Meaning Description -1 Distrust Untrustworthy 0 Ignorance Can not make trust related judgment about entity 1 Minimal Lowest possible trust 2 Average Trustworthiness 3 Good More trustworthy 4 Complete Complete trust

3.3

Subjective Logic Model

Subjective logic[11] is a type of probabilistic logic that explicitly takes uncertainty and belief ownership into account. Arguments in subjective logic are subjective opinions about states in a state space. A binomial opinion applies to a

388

M.V. Talati, S. Valiveti, and K. Kotecha

single proposition, and can be represented as a Beta distribution. Where as a multinomial opinion applies to a collection of propositions. It has many operators and one of them is discounting operator. It’s used to compute transitive trust along path. 3.4

Trust Model Based on Algebra

This trust model[8] includes a general trust inference and trust evaluation algorithm based on trust algebra. It present’s an information entropy to quantitatively measure trust, thus uncertainty of trust has been considered.Two abstract operators used to combine opinions One operator compute indirect trust value along a single path in trust graph, i.e., node A’s opinion for node B is combined with node B’s opinion for node C into one indirect opinion that node A should have for node C, based on node B’s recommendation.

Fig. 2. Indication of ⊗ Operator

The other operator combines opinions across paths, i.e., node A’s indirect opinion for node C through one path is combined with node A’s indirect opinion for node C through second path into one aggregate opinion. Then, these operators can be used in a general framework for solving trust inference problems, provided they satisfy certain mathematical properties, i.e., form an algebraic structure called trust algebra.

Fig. 3. Indication of ⊕ Operator

Trust Based Routing in Ad Hoc Network

3.5

389

PRN: A Novel Trust Model

This trust model[9] calculates based on positive, referral and negative reputation.Here concept called trust cell(TC) is used which is the virtual set of entities in which every  consumer(c) entity has positive reputation on provider(p) entity. Thus C P is a trust cell.Positive reputation is calculated by direct touch behavior between two entities PA,B =

α α+β+2

Where α is the no. of successful behavior and β is the no. of unsuccessful behavior. Referral reputation calculated with the help of obj. A contact other consumer object which are in trust cell to query the reputation on certain provider object B,marked as RA,B = Σ cikti where k is the no of objects in TC.Negative reputation is describes in terms of past behavior denoted as NA,B .Thus finally trust value is the T =

4 4.1

P +R−N P +R+N

Existing Trust Based Routing Protocols R-AODV-Reliant Ad Hoc On-Demand Distance Vector Routing Protocol

The implementation of this protocol is done by modified a trust mechanism known as direct and recommendations trust model and then incorporating it inside AODV which will allow AODV to not just find the shortest path, but instead to find a short path that can be trusted. In open network entity we require other entities recommendation known as authentication server (AS), but here we require some mechanisms by which we can have trustworthiness of AS. The proposed framework has four basic modules; basic routing protocol, trust model, trusted routing protocol and self-organized key management mechanism. For trust calculation it uses trust combination. A node collects opinion from all its neighbors about a metric which is calculated by Markov chains. The protocol also adds three new fields in the routing table of AODV; positive events, negative events and opinion. TAODV has an efficient trust calculation mechanism but in a large ad hoc network a specific node could exhaust its energy in processing the TREQ and TREP packets. Each node can broadcast TREQ and TREP messages to its neighbors with high reliability, which is very difficult to achieve in real-life situations. Thus AODV can be modified to select better path (best path (Bp)) during the route discovery cycle based on the trust and number of hops (trusted and shortest).They calculate better path by following equation. Bp =

S[t] (HOPcount )3/2

390

M.V. Talati, S. Valiveti, and K. Kotecha

If a route entry for a node does exist, and if best path (Bp) to any of the intermediate nodes is greater than the previously known best path (Bp) to that node, the routing table entry is updated for that node and assigns new trust value computed by trustvaluen ew = 4.2

S[t] HOPcount

DMTR-Dynamic Mutual Trust Based Routing Protocol

DMTR [10] ensures the security of the whole network by utilizing the idea of Trust Network Connect (TNC), and improves the security of the path selected by using barrel theory. DMTR uses sociologic trust to represent the relationship among nodes. In DMTR, trust among nodes is represented by trust score which consists of direct trust score and indirect trust score. Trust updating and routing decisions are based on experienced, observed, or reported routing and forwarding behavior of other nodes. Path selection is based on trust score of the path. The trust model of DMTR contains three components: the Requestor, the Decision Maker and the Executant. In the framework, every node’s trust score is the main factor when performing trusted routing. DMTR adds this field into Route Cache and route record of ROUTE REQUEST message. So in Route Discovery, every intermediate node appends its own address and trust score of last hop which is in its trust table to the route record. Every node’s Route Cache saves routes and nodes’ trust score in every route. 1. Requester:The requestor issues a request for the execution of the function and monitors its execution by the visible providers the requestor validates the result of the execution of based on the outcome of the validation phase, and sends the result to the Decision Maker. 2. Executant:The Executants receives the request for the execution of the function.It looks up its blacklist to decide whether the requestor is in it. If not,it deliveries the request to Decision Maker.Otherwise it discards the request. It also enforces the decision made by Decision Maker. 3. Decision maker:The Decision Maker makes decisions such as refuse or agree to execute the function.It contains following components. • Trust manager:It updates the trust score dynamically. It manages a table consisting of entries for nodes and their trust scores during every periodical time t. Node id

trust indirect score trust

trust score of last periodical time

• Path evolution system:Its main functionality is to compute the trust score of a path according to the below equation. PT = Δ −

Δ−Tmin Tmin −ω

Trust Based Routing in Ad Hoc Network

391

computes the path trust. It also performs the following functions during the periodical time t according to the trust manager: 1. Path re-ranking according to security metric, e.g., Trust score of the nodes in the path. 2. Deletion of paths containing malicious nodes. • Policy system:It will notify some actions to Executant and Requestor according to the node’s trust score computed by trust manager. (a) Refuse a node’s request or recommendation. (b) Accept a node’s request or recommendation. (c) Notify its misbehavior. Table 2. Comparison of Routing Protocols Name the

of algo-

Security

Simulator

Advantages and challenges

based/Trust

rithm

based

AODV-SEC

Security

NS2

based

certificate called

and

new

Selection

of

packet

type

size,cryptographic

mechanisms

MCert

is

and certificate is difficult

used which reduces congestion SEAR

ARAN

Security

NS2,Uses

hash

Avg. packet delivary delay is in-

based

function and key

creased due to use of asymmetric

nonce

cryptography for intial key dis-

for

every

route

tribution and communication

Security

NS2,Can be apply

Cost of higher latency due to

based

to any on demand

cryptography and trusted certifi-

routing protocol

cate server

Secure

Security

Glomosim,Used

Requirement of heavy weight

AODV

based

double

asymmetric cryptographic mech-

signature

extension R-AODV

DMTR

5

Trust based

Trust based

anisms mecha-

Packet may take longer route

nisms for malicious

due to trust metric so normalized

behaviors

load and end-end delay may in-

NS2,Fast

and

attackers

creases

NS2,Distributed

Trust network connect and bar-

framework

rel theory

Conclusion

Trust behaviors are performed according to trust relationship among nodes. Thus with the help of various trust theory and models we can find out the

392

M.V. Talati, S. Valiveti, and K. Kotecha

most promising and optimistic routing path and reducing the need of crucial cryptographic mechanisms and certificate for routing protocol.

6

Future Work

We can study the various parameters which can be used to calculate trust metric and various mechanisms related to security that have been considered in the Security based Routing Protocols in order to decide the threshold value of trust.The resulting technique would be the combination of trust and security.

References 1. Jaafar, M.A., Zukarnain, Z.A.: Performance comparisons of AODV, Secure AODV and Adaptive secure AODV Routing Protocols in Free Attack Simulation Environment. European Journal of Scintific Research 32(3), 430–443 (2009) 2. Xu, S., Mu, Y., Susilo, W.: Authenticated AODV Routing Protocol Using OneTime Signature and Transitive Signature Schemes. Journal of Networks 1(1) (May 2006) 3. Li, Q., Zhao, M., Walker, J., Perrig, A.: SEAR: A Secure Efficient Ad Hoc On Demand Routing Protocol for Wireless Networks. Intel cooperation and University of Rutger 4. Eichler, S., Roman, C.: Challenges of Secure Routing in MANETs:A Simulative Approach using AODV-SEC. Institute of Communication Network, Germany 5. Veeraraghavan, P., Limaye, V.: Trust in Mobile Ad hoc Network. In: Proceedings of the 2007 IEEE International Conference on Telecommunications and Malaysia International Conference on Communications, Penang, Malaysia, May 14-17 (2007) 6. Seshadri Ramana, K., Chari, A.A., Kasiviswanth, N.: Trust Based Security Routing in Mobile Adhoc Networks. Global Journal of Computer Science and Technology, 121–126 7. Misra, S., Woungang, I., Misra, S.C.: Guide to Wireless Ad Hoc Networks. Computer Communications and Networks Series, pp. 473–503. Springer, Heidelberg 8. Wenxhong, Y., Tong, W., Zhenyu, Z.: A General trust model based on trust algebra. In: An Intranational Conference on Multimedia Information and Network Security. IEEE, Los Alamitos (2009) 9. Biao, C., Zhishu, L., Xun, L.: PRN-A Novel trust model. In: First International Symposium on Data,Privacy and E-Commorce. IEEE, Los Alamitos (2007) 10. Chuanhe, H., Yong, C., Hao, Z.: A Trusted Routing Protocol for Mobile Ad hoc networks. Wuhan University, china 11. Jassim, H.S., Yussof, S., Kiong, T.S., Koh, S.P., Ismail, R.: A Routing Protocol based on Trusted and shortest Path Selection for Mobile Ad hoc Network. In: 9th International Conference on Communication. IEEE, Los Alamitos (2009)

Routing in Ad Hoc Network Using Ant Colony Optimization Pimal Khanpara, Sharada Valiveti, and K. Kotecha Computer Science and Engineering Department Institute of Technology Nirma University, Ahmedabad-382481 [email protected], [email protected], [email protected]

Abstract. The ad hoc networks have dynamic topology and are infrastructure less. So it is required to implement a new network protocol for providing efficient end to end communication based on TCP/IP structure. There is a need to re-define or modify the functions of each layer of TCP/IP model to provide end to end communication between nodes. The mobility of the nodes and the limited resources are the main reason for this change. The main challenge in ad hoc networks is routing. Due to the mobility of the nodes in the ad hoc networks, routing becomes very difficult. Ant based algorithms are suitable for routing in ad hoc networks due to its dynamic nature and adaptive behavior. There are number of routing algorithms based on the concept of ant colony optimizations. It is quite difficult to determine the best ant based algorithm for routing as these algorithms perform differently under various circumstances such as the traffic distribution and network topology. In this paper, the overview of such routing algorithms is given. Keywords: Ad hoc networks, artificial agents, ant colony optimization, ant based routing.

1

Introduction

An ad hoc network is a group of nodes which are capable of movement and are connected dynamically. These nodes exchange information in the wireless medium and are decentralized in arbitrary manner. The network topology is dynamic and nodes can enter or leave the network at any time. The communication takes place among the nodes within some specific transmission range. To communicate with the nodes which are outside the transmission range, a node takes the help of other intermediate nodes to send and receive the messages. So, a node in this kind of network acts as a terminal and a router. Routing in ad hoc networks is very challenging as nodes are moving, topology of the network changes dynamically. So a good route will probably be unavailable after a short while. This would result in having each node along the route update their routing table frequently, causing many control packets to flood through T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 393–404, 2010. c Springer-Verlag Berlin Heidelberg 2010 

394

P. Khanpara, S. Valiveti, and K. Kotecha

the network, consuming precious network resources. Therefore, to discover and maintain a route in the ad hoc environment is difficult. Features of Routing Protocols for Ad hoc Networks should be: • • • • • • • •

Routing Path should be shortest Computational Requirements and Communication Overhead should be less It should use multi-path routing to avoid traffic congestions It should be scalable when the network size increases It should limit the propagation of topology changes Single point of failure should not be there The bandwidth and power requirements should be less Routing process should be secure and not error prone

Routing algorithms for an ad hoc network can be classified into three categories: • Proactive • Reactive • Hybrid Proactive routing protocols attempts to maintain consistent, up-to-date routing information from each node to every other node all times. These protocols require each node to maintain on or more tables to store routing information and respond to topological changes by propagating updates through the network. Thus using a proactive protocol, a node is immediately, able to route or drop a packet. Examples of proactive protocols are TBRPF (Topology Broadcast based on Reverse Path Forwarding) [1] and OLSR (Optimized Link State Routing protocol) [2]. In a reactive routing protocol, a node does not need to periodically broadcast the routing table thereby improving network bandwidth. A node establishes a route to its destination, only on demand. However, a node may suffer from long waiting time before it can transmit the data packets since a node may not know which neighbor to select as the next hop to forward the packet due to the dynamic network topology. Consequently, the node has to find a new route to the destination on the fly. Examples of reactive routing protocols are AODV (Ad hoc On Demand distance Vector) [3] and ABR [4]. A hybrid protocol combines the advantages of both proactive and reactive protocols. Hybrid routing protocols have the potential to provide higher scalability than pure reactive or proactive protocols. This is because they attempt to minimize the number of rebroadcasting in nodes by defining a structure (or some sort of a backbone), which allows the nodes to work together in order organize how routing is to be performed. By working together the best or the most suitable nodes can be used to perform route discovery. For example, in AntHocNet, the proactive path discovery leads to update and discover new routes to the destination according to the current status of the network. This may potentially eliminate the need for flooding, since the nodes know exactly where to look for a destination every time. Another novelty of hybrid routing protocols is that they attempt to eliminate single point of failures and creating bottleneck nodes in the network. This is achieved by allowing any number of nodes to perform routing or data forwarding if the preferred path becomes unavailable.

Routing in Ad Hoc Network Using Ant Colony Optimization

2

395

Ant Colony Optimization

Ant colony optimization (ACO) [5] is a stochastic approach for solving combinatorial optimization problems like routing in computer networks. The idea of this optimization is based on the observation of how ants optimize food gathering in the nature. Ant colony optimization algorithms use artificial ants to iteratively construct a solution for an optimization problem. A pheromone trail and a heuristic pheromone value is been used. A folk of ants move on the adjacent paths concurrently and asynchronously to find an optimum solution. Each ant selects the next hop by making a stochastic decision using the existing pheromone trails and heuristic information. The solution is built incrementally as the ants move from one node to another node. While moving on the path, an ant evaluates this solution and deposits pheromone on its way. This pheromone trail will be used by the future ants to make a routing decision. Ad-hoc wireless networks are increasing in popularity, due to the spread of laptops, sensor devices, PDA and other mobile electronic devices. These devices will eventually need to communicate with each other. In some cases, without an adequate infrastructure to rely on the network must work properly. At the same time, swarm intelligence has been used to solve optimization problems applied to data networks. Routing is one such optimization problem where swarm intelligence has been applied. Several routing protocols take advantage of that, i.e. Ant Net [6], ARA [7] and AntHocNet [12]. Algorithm procedure ACOMetaHeuristic while (not termination) generate Solutions() daemonActions() pheromoneUpdate() end while end procedure Ad-hoc wireless networks are increasing in popularity,due to the spread of laptops, sensor devices, PDA and other mobile electronic devices. These devices will eventually need to communicate with each other. In some cases, without an adequate infrastructure to rely on the network must work properly. At the same time, swarm intelligence has been used to solve optimization problems applied to data networks. Routing is one such optimization problem where swarm intelligence has been applied. Several routing protocols take advantage of that, i.e. Ant Net [6], ARA [7] and AntHocNet [8]. 2.1

Why Ant Algorithms are Suitable for Ad Hoc Networks?

The following properties of ant based algorithm make them suitable for routing in ad hoc networks:

396

P. Khanpara, S. Valiveti, and K. Kotecha

• Dynamic Topology The ant algorithm is based on autonomous agent systems imitating individual ants. This allows a high adaptation to the current topology of the network. • Local Work Contrast to other routing approaches, the ant algorithm is based only on local information, i.e. no routing tables or other information blocks have to be transmitted to other nodes of the network. • Link Quality It is possible to integrate the connection/link quality into the computation of the pheromone concentration, especially into the evaporation process. This will improve the decision process with respect to the link quality. It is important to note that the approach can be modified so that nodes can also manipulate the pheromone concentration independent of the ants, e.g. if a node detects a change of the link quality. • Support for Multi-Path Each node has a routing table with entries for all its neighbors, which also contain the pheromone concentration. The decision rule for selection of the next node is based on the pheromone concentration at the current node, which is provided for each possible link. Thus, the approach supports multi path routing.

3 3.1

ACO Based Routing Algorithms AntNet

Gianni Di Caro and Marco Dorigo proposed a routing algorithm, AntNet which uses the concept of ant colony optimization. In AntNet, probabilistic routing tables are maintained by each node. The ants (software agents) communicate with each other by using these routing tables and an array which represents statistical local traffic experienced by every node. There are two types of software agents (ants) : forward ants and backward ants. Forward ants collect information and move randomly to search a destination node based on heuristics. Backward ants retrace the path covered by the forward ants in the reverse direction. Backward ants updates the pheromone values by updating the probabilistic table entries. There are two types of queues maintained: low priority queue (data packets and forward ants) and high priority queue (backward ants and forward ants). At regular time intervals every node creates a forward ant to randomly selected destinations. Forward ants use probabilistic routing tables together with queue status at every intermediate node to choose its output port from unvisited list of nodes. Time elapsed and node identifier is pushed to ants stack. When a forward ant reaches to its destination, it transforms itself to a backward ant, visits the list of the nodes in its stack in a reverse order, updates corresponding entries in the routing tables and array on its way back to source by using its values stored on its stack. AntNet has better performance than bellman-ford and link state routing algorithms.

Routing in Ad Hoc Network Using Ant Colony Optimization

3.2

397

ABC(Ant Based Routing)

Ant based Control (ABC) [9] is another ant based algorithm designed for telephone networks proposed by Schoonderwoerd. It shares many similarities with AntNet, but also incorporates certain differences. The basic principle relies on mobile routing agents, which randomly explore the network and update the routing tables according to the current network state. The routing table stores probabilities instead of pheromone concentrations. The uni-directional mobile agents are used for updating and maintaining the routing tables. The mobile agents use heuristics based on the routing tables to move across the network. The routing tables are updated based on the distance of mobile nodes from the source node and the current state of the routing table at each node. 3.3

ANSI(Ad Hoc Networking with Swarm Intelligence)

Rajagopalan and Shen proposed ANSI [10] (Ad hoc Networking with Swarm Intelligence) which is a reactive routing algorithm for mobile ad hoc networks. In ANSI, there are two types of mobile agents: forward reactive ants and backward reactive ants. There are two types of tables maintained in this protocol: routing table and ant decision table. Routing tables contain an entry for each reachable node and the next hop. Ant decision table contains pheromone values. When a node wants to transmit a data, a forward reactive ant is generated and broadcasted. The backward reactive ant updates the pheromone values at the nodes while retracing the path of the forward ants. The selection of next hop depends on the parameter chosen like pheromone value. This algorithm is good for end to end delay in packet transmission. 3.4

ARA(Ant Colony Based Routing Algorithm)

Gunes and Spaniol proposed ARA (Ant colony based Routing Algorithm) which is a reactive routing protocol for mobile ad hoc networks. The next hop selection is done based on the pheromone values in the routing table. The pheromone on the path evaporates with time and if the amount of pheromone becomes less than the lower threshold, the nodes enter a sleep mode. There are two types of mobile agents: forward ants and backward ants. The forward and backward ants have unique sequence numbers to prevent duplicate packets. In ARA, backward ants as well as forward ants update the routing tables at each node. When a path is found, the source node is not required to generate new mobile agents for destination. The data packets perform the route maintenance. 3.5

ARAMA(Ant Routing Algorithm for Mobile Ad Hoc Networks)

A proactive routing algorithm, ARAMA (Ant Routing Algorithm for Mobile Ad hoc networks) [11] is proposed by Hossein and Saadawi. In this algorithm, the forward ants consider hop counts as well as the local heuristics to reach to the destination node. These local heuristics contain the information along the route like queue delay and power of a node. Each backward ant calculates

398

P. Khanpara, S. Valiveti, and K. Kotecha

a value, called grade which is a function of the path information stored in the forward ant. This grade value is used by a backward ant to update the pheromone amount in the routing table. This grade value is same for all the links. The rate of generation of the forward ants is controlled to reduce the overhead of route discovery and maintenance. 3.6

HOPNET

A hybrid routing algorithm, Hopnet [12] , proposed by Jianping Wang et al is a zone based routing protocol. In Hopnet, ants can hop from one zone to another. This algorithm is based on ZRP (Zone routing Protocol) and DSR. It is highly scalable compared to other hybrid protocols. The network is divided into zones which are the node’s local. The local route discovery is done proactively within a node’s neighborhood and reactive communication between the neighborhoods. The size of the zone is specified the radius of the hops and it is not determined locally. So a routing zone contains all the nodes within the specified radius length. These zones are of varying size and a node can be within multiple overlapping zones. There are two types of nodes: interior nodes and boundary nodes. Boundary nodes are at a distance from the central node. The interior nodes are the nodes less than the radius. There are two types of routing tables for each node: Intrazone routing table (IntraRT) and Interzone routing table (InterRT). The IntraRT is proactively maintained so that a node can obtain a path to any node within its zone quickly. This is done by periodically sending out forward ants to sample path within its zone and determine any topology changes (such as nodes moving away, link failure, new nodes entering the zone, etc.). Once a forward ant reaches a destination, a corresponding backward ant is sent back along the path discovered. The InterRT stores the path to a node beyond its zone. This source routing table is setup on demand as routes outside a zone is required. The peripheral nodes of the zone are used to find routes between zones. For small number of sparse nodes, due to the continuous movement of border nodes, new routes have to be determined continuously resulting in more delay than other hybrid routing protocols. 3.7

AntHocNet

Another hybrid protocol, AntHocNet, is proposed by Ducatelle for MANETs. As it is a hybrid protocol, consists of both reactive and proactive components. In this algorithm, nodes are not required to maintain all possible destinations at all the times but mobile agents are generated only when the data session starts. The mobile agents search for multiple paths to the destination and these paths are set up in the form of pheromone tables indicating their respective quality. The paths are continuously monitored and improved in a proactive manner. AntHocNet is good to improve delivery ratio and end to end delay than AODV. The heuristic based ant routing algorithms are suitable for ad hoc networks because: • The algorithm is fully distributed, there is no single point of failure; • The operations to be performed in each node are very simple;

Routing in Ad Hoc Network Using Ant Colony Optimization

399

• The algorithm is based on an asynchronous and autonomous interaction of agents; • It is self-organizing, thus robust and fault tolerant; there is no need of defining path recovery algorithms; • It is intrinsically traffic adaptive without any need for complex and yet inflexible metrics; • It is inherently adaptive to all kinds of long-term variations in topology and traffic demand, which are difficult to be taken into account by deterministic approaches. Ant routing algorithms can be classified in different ways, according to how the pheromone is updated, how routing table probabilities are calculated, how often and how many ants are sent per request, and so on. The following table shows the classification.

4

AntHocNet

AntHocNet[11] is a hybrid multipath routing protocol so it contains the advantages of both reactive and proactive routing. Mostly, the algorithms we have studied are single path but AntHocNet provides multi-path routing. It provides the features of Link failure robustness and load balancing. Some algorithms create multiple paths at path setup time and use the best of these until it fails, after which they switch to the second best and so on but the problem is that alternative paths are often infeasible.[12] Specifically, it combines a reactive route setup process with proactive route maintenance and improvement process. The algorithm is reactive in the sense that it only gathers routing information about destinations that are involved in communication sessions. It is proactive in the sense that it tries to maintain and improve information about existing paths while the communication session is going on. In AntHocNet, routing information is organized in pheromone tables. Each node i maintains one pheromone table Ti , which is a two-dimensional matrix. An entry Tijd of this pheromone table contains information about the route from node i to destination d over neighbor j. This information includes the pheromone value Tdij, which is a value indicating the relative goodness of going over node j when traveling from node i to destination d, as well as statistics information about the path, and possibly virtual pheromone. Apart from a pheromone table, each node also maintains a neighbor table, in which it keeps track of which nodes it has a wireless link to. At the start of a communication session, the source node of the session controls its pheromone table, to see whether it has any routing information available for the requested destination. If it does not, it starts a reactive route setup process, in which it sends an ant packet out over the network to find a route to the destination. Such an ant packet is called a reactive forward ant. Each intermediate node receiving a copy of the reactive forward ant forwards it. This is done via unicasting in case the node has routing information about the ant’s

400

P. Khanpara, S. Valiveti, and K. Kotecha Table 1. Comparison of Ant Based Routing Protocols Types

Role of forward

Parameters

Amount of

of

of tables

ant

used

pheromone

Algo-

main-

choosing

rithm

tained

next hop

Algorithm Type

AntNet

Proactive Routing table

in

deposited

Pheromone

Depends on

destination nodes

and

the network

and

length

traffic

Current net-

Depends on

work state

ant age

Depends on

Identifies the

elapsed the

the time

queue

between

launch

and

arrival of ant at each node Ant Based

Proactive Routing

Control

table

Identifies

the

destination nodes

(ABC)

and

the

elapsed the

time

between

launch

and

arrival of ant at each node Routing

Identifies of desti-

Hop

Network-

table, ant

nation

count

ing

decision

pheromone

table

amount

Ad

hoc

Reactive

with

Swarm In-

nodes,

and

hop

count

and delay

pheromone and

delay

telligence (ANSI) Ant

Reactive

colony

Routing

Identifies

table

nation nodes and

bors

hop count

forward ant

and delay

based

desti-

All

neighof

Depends on hop

count

Routing Algorithm (ARA) Ant

Proactive Routing table

Routing

Calculates

the

Pheromone,

Depends on

link

and

queue delay

the quality of

and

path found

cost

queuing delay

Algorithm

battery

for MAnet

power

(ARAMA) Hopnet

node

Hybrid

Intrazone

Identifies the des-

Pheromone

Hop

and

tination node and

and

and queuing

its zone

count

in-

terzone

hop

count

delay

routing table AntHocNet Hybrid

Pheromone Identifies of desti-

All

table

nation nodes, hop

bors

neigh-

count and delay

forward ant

of

Hop

count

and delay

Routing in Ad Hoc Network Using Ant Colony Optimization

401

destination in its pheromone table, and via broadcasting otherwise. Reactive forward ants store the full array of nodes that they have visited on their way to the destination. The first copy of the reactive forward ant to reach the destination is converted into a reactive backward ant, while subsequent copies are destroyed. The reactive backward ant retraces the exact path that was followed by the forward ant back to the source. On its way, it collects quality information about each of the links of the path. At each intermediate node and at the source, it updates the routing tables based on this quality information. This way, a first route between source and destination is established at completion of the reactive route setup process. The full process is repeated later if the source node falls without valid routing information for the destination of the session while data still need to be sent. Once the first route is constructed via the reactive route setup process, the algorithm starts the execution of the proactive route maintenance process, in which it tries to update, extend and improve the available routing information. This process runs for as long as the communication session is going on. It consists of two different sub processes: pheromone diffusion and proactive ant sampling.

Fig. 1. Finite State Machine representation of AntHocNet algorithm

402

4.1

P. Khanpara, S. Valiveti, and K. Kotecha

Pheromone Diffusion

The aim of the pheromone diffusion sub process is to spread out pheromone information that was placed by the ants. Nodes periodically broadcast messages containing the best pheromone information they have available. Using information bootstrapping, neighboring nodes can then derive new pheromone for themselves and further forward it in their own periodic broadcasts. This is an approach to gathering routing information are very efficient, but can be slow to adapt to dynamic situations, possibly temporarily providing erroneous information. Therefore, the pheromone diffusion process can be considered as a cheap but potentially unreliable way of spreading pheromone information. Because of this potential unreliability, the pheromone that is obtained via pheromone diffusion is kept separate from the normal pheromone placed by the ants, and is called virtual pheromone; the pheromone placed by the ants will in what follows be called regular pheromone. 4.2

Proactive Ant Sampling

In this sub process, all nodes that are the source of a communication session periodically send out proactive forward ants towards the destination of the session. These ants construct a path in a stochastic way, choosing a new next hop probabilistically at each intermediate node. Different from reactive forward ants, they are never broadcast. When calculating the probability of taking a next hop, proactive forward ants consider both regular and virtual pheromone. This way, they can leave the routes that were followed by previous ants, and follow the routes that have emerged from pheromone diffusion. Once a proactive forward ant reaches the destination, it is converted into a proactive backward ant that travels back to the source and leaves the regular pheromone along the way, just like reactive backward ants. This way, proactive ants can follow virtual pheromone and then, once they have experienced that it leads to the destination, convert it into regular pheromone. Data packet forwarding in AntHocNet is done similarly to other ACO routing algorithms: routing decisions are taken hop-by-hop, based on the locally available pheromone. Only regular pheromone is considered, as virtual pheromone is not considered reliable enough. Each forwarding decision is taken using a stochastic formula that gives preference to next hops that are associated with higher pheromone values. The formula is different from that used by the forward ants, so that data packets can follow a less exploratory strategy. Via parameter tuning, it is possible to vary between spreading the data packets over all possible available paths and deterministically sending them over the best path. While the former can in principle provide higher throughput through the use of multiple paths. 4.3

Link Failures

Link failures can be detected in AntHocNet via failed transmissions of data or control packets, or through the use of hello messages. Hello messages are short

Routing in Ad Hoc Network Using Ant Colony Optimization

403

messages that are periodically sent out by all nodes in the network. The reception of a hello message is indicative of the presence of a wireless link, while the failure to receive such messages point to the absence of a link. The function of hello messages is fulfilled by the same periodic messages that are used for pheromone diffusion. When a node detects a link failure, it controls its pheromone table, to see which routes become invalid due to the failure, and whether alternative routes are available for the affected destinations. Then, it broadcasts a link failure notification message to warn neighboring nodes about all relevant changes in its pheromone table. In case the link failure was associated with a failed data packet transmission, the node can also start a local route repair to restore the route to the destination of this data packet. To this end, it sends out a repair forward ant. Repair forward ants are similar to reactive forward ants, in the sense that they follow available pheromone information where possible, and are broadcast otherwise, but they have a limited maximum number of broadcasts, so that they cannot travel far from the old failed route. Upon arrival at the destination, the repair forward ant is converted into a repair backward ant that travels back to the node that started the repair process and sets up the pheromone for the repaired route.

5

Conclusion and Future Work

As described above, there are many algorithms for ant based routing in the ad hoc network. But as AntHocNet is a hybrid algorithm, it combines the advantages of both reactive and proactive routing algorithms. It provides efficiency and adaptability. Link failure detection is also supported by this algorithm. The main issue is to implement an efficient and feasible routing algorithm and AntHocNet provides all these features so the future work includes the implementation of AntHocNet algorithm.

References [1] Perkins, C.E., Belding-Royer, E.M., Chakeres, I.: Ad hoc On Demand Distance Vector Routing [2] Toh, C.K.: Associativity-Based Routing for Ad-Hoc Mobile Networks [3] Dorigo, M., Maniezzo, V., Colomi, A.: Ant System: Optimization by a colony of cooperating agents. IEEE Transactions on Systems, Man, and Cybernetics - Part B 26(1), 29–41 (1996) [4] Dorigo, M., Di Caro, G., Gambardella, L.M.: Ant algorithms for discrete optimization. Artificial Life 5(2), 137–172 (1999) [5] Dorigo, M., SCutzle, T.: Ant Colony Optimization. MIT Press, Cambridge (2004) [6] AntHocNet: an adaptive nature-inspired algorithm for routing in mobile ad hoc networks. European Transactions on Telecommunications 16, 443–455 (2005) [7] Asokan, R., Natarajan, A.M., Venkatesh, C.: Ant Based Dynamic Source Routing Protocol to Support Multiple Quality of Service (QoS) Metrics in Mobile Ad Hoc Networks

404

P. Khanpara, S. Valiveti, and K. Kotecha

[8] Rajagopalan, S., Shen, C.: ANSI: a unicast routing protocol for mobile ad hoc networks using swarm intelligence. In: Proceedings of the International Conference on Artificial Intelligence (2005) [9] Hossein, O., Saadawi, T.: Ant routing algorithm for mobile ad hoc networks (ARAMA). In: Proceedings of the 22nd IEEE International Performance, Computing, and Communications Conference, Phoenix, Arizona, USA, pp. 281–290 (April 2003) [10] Wanga, J., Osagiea, E., Thulasiraman, P., Thulasiram, R.K.: HOPNET: A hybrid ant colony optimization routing algorithm for mobile ad hoc network. Elsevier, Amsterdam (June 2008) [11] Di Caro, G., Ducatelle, F., Gambardella, L.M.: AntHocNet: An Adaptive NatureInspired Algorithm for Routing in Mobile Ad Hoc Networks, Technical Report No. IDSIA-27-04- 2004 (September 2004) [12] Ducatelle, F., Di Caro, G., Gambardella, L.M.: An Analysis of the different components of the AntHocNet routing algorithm. In: Proceedings of the Fifth International Workshop on Ant Colony Optimization and Swarm Intelligence (ANTS 2006), Brussels, Belgium, September 4-7, pp. 37–48 (2006)

Non-repudiation in Ad Hoc Networks Purvi Tandel, Sharada Valiveti, K.P. Agrawal, and K. Kotecha Computer Science and Engineering Department Institute of Technology Nirma University, Ahmedabad-382481 [email protected], [email protected], [email protected], [email protected]

Abstract. With the phenomenal growth of the Internet and open networks in general, security services, such as non-repudiation, become crucial to many applications. In conventional network non-repudiation is achieved using protocols involving TTP. Non-repudiation in conventional network is achieved using different protocols, but in ad hoc networks due to mobility problem we can’t use trusted third party (TTP). There is a scope to implement a non-repudiation protocol, which satisfies nonrepudiation requirements emerged by the application in a peer-to-peer network. Keywords: non-repudiation, proof of reception, secure data aggregation, witness selection.

1

Introduction

In an ad hoc network, there is no fixed infrastructure such as base stations or mobile switching centers. Mobile nodes that are within each other’s radio range communicate directly via wireless links, while those that are far apart rely on other nodes to relay messages as routers. Node mobility in an ad hoc network causes frequent changes of the network topology. Due to these infrastructure-less and self-organized characteristics, ad hoc network encounters different problems from infrastructure-based wired network, such as key management, power shortage, and security issues[1]. The nature of ad hoc networks poses a great challenge to system security designers due to the following reasons: 1. The wireless network is more susceptible to attacks ranging from passive eavesdropping to active interfering; 2. The lack of an online CA or Trusted Third Party adds the difficulty to deploy security mechanisms; 3. Mobile devices tend to have limited power consumption and computation capabilities which makes it more vulnerable to Denial of Service attacks and incapable to execute computation-heavy algorithms like public key algorithms; T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 405–415, 2010. c Springer-Verlag Berlin Heidelberg 2010 

406

P. Tandel et al.

4. There are more probabilities for trusted node being compromised and then being used by adversary to launch attacks on networks, in another word, we need to consider both insider attacks and outsider attacks in ad hoc networks, in which insider attacks are more difficult to deal with; 5. Node mobility enforces frequent networking reconfiguration which creates more chances for attacks[2]. 1.1

Security Goals in Ad Hoc Networks

Security is an important issue for ad hoc networks, especially for those securitysensitive applications. To secure an ad hoc network, we consider the following attributes: availability, confidentiality, integrity, authentication, and nonrepudiation. • Availability ensures the survivability of network services despite denial of service attacks. A denial of service attack could be launched at any layer of an ad hoc network. On the physical and media access control layers, an adversary could employ jamming to interfere with communication on physical channels. • Confidentiality ensures that certain information is never disclosed to unauthorized entities. Routing information must also remain confidential in certain cases, because the information might be valuable for enemies to identify and to locate their targets in a battlefield. • Integrity guarantees that a message being transferred is never corrupted. A message could be corrupted because of benign failures, such as radio propagation impairment, or because of malicious attacks on the network. • Authentication enables a node to ensure the identity of the peer node it is communicating with. Without authentication, an adversary could masquerade a node, thus gaining unauthorized access to resource and sensitive information and interfering with the operation of other nodes. • Non-repudiation ensures that the origin of a message cannot deny having sent the message. Non-repudiation is useful for detection and isolation of compromised nodes. When a node A receives an erroneous message from a node B, non-repudiation allows A to accuse B using this message and to convince other nodes that B is compromised. Non-repudiation is usually achieved using public key cryptography. If A signs a message with their private key B can confirm the origin of the message by verifying the signature using A’s public key. Similarly, given B’s signature on the message, A can confirm receipt by verifying the signature using B’s public key[3]. With the advent of digital signatures and public key cryptography, the base for non-repudiation services was created. A typical non-repudiation protocol can provide a number of different non-repudiation services, like non-repudiation of origin, non-repudiation of receipt and fairness, but the actual non-repudiation services provided by a protocol depend mainly on its application.

Non-repudiation in Ad Hoc Networks

1.2

407

Non-repudiation Services in Ad Hoc Networks

• Non-repudiation of origin (NRO) provides the recipient with the evidence NRO which ensures that the originator will not be able to deny having sent the message. The evidence of origin is generated by the originator and held by the recipient. • Non-repudiation of receipt (NRR) provides the originator with the evidence NRR which ensures that the recipient will not be able to deny having received the message. The evidence of receipt is generated by the recipient and held by the originator. • Non-repudiation of submission (NRS) is intended to provide evidence that the originator submitted the message for delivery. This service only applies when the protocol uses a TTP. Evidence of submission is generated by the delivery agent, and will be held by the originator. • Non-repudiation of delivery (NRD) is intended to provide evidence that the recipient received the message. This service also only applies when the protocol uses a TTP. Evidence of delivery is generated by the delivery agent, and will be held by the originator. • Fairness is achieved for a non-repudiation protocol if at the end of the protocol execution either the originator has the evidence of receipt for the message m and the recipient has the evidence of origin of the corresponding message m, or none of them has any valuable information[4]. The fairness is an essential requirement of a transaction in any type of network. Keeping the fairness of the protocol is helpful for participants to complete procedures. No participant is willing to join in an unfair transaction neither in the real world nor in the electronic world. To achieve non-repudiation in conventional network protocols with or without TTP been used. Most of them with TTP to solve the purpose are used. In this paper various protocols to achieve non-repudiation are studied. To achieve non-repudiation in ad hoc networks peer-to-peer mechanism using witness selection and proof of reception can be used.

2

Overview of Non-repudiation Protocol in Conventional Network

Most practical fair non-repudiation protocols require the involvement of a TTP to some extent. The level of intervention can vary depending on the protocol and the requirements of the end users. Kremer et al identify three main types of TTP: 1. Inline 2. Online 3. Offline

408

P. Tandel et al.

An inline TTP (sometimes called a delivery agent) is involved in transmission of each protocol message. An online TTP is involved in each session of a protocol but not in every message transmission. An offline TTP is involved in a protocol only in case of incorrect behavior of a dishonest entity or in case of network failures[3]. 2.1

Non-repudiation Protocol without TTP

Although protocols without TTP were the first protocols proposed in the framework of fair exchange of secrets and digital contract signing, non- repudiation protocols without TTP were initially presented at the end of the 1990s. The first non-repudiation protocol without TTP was proposed in 1999. Markowitch and Roggeman protocol The goal of this protocol is to avoid the intervention of a TTP at the price of accepting the probabilistic version of fairness. The protocol has to be parameterized on the basis of the most powerful entity’s computing power. This iterative protocol is such that, except at the last iteration, no entity is more privileged than another one during the protocol. The probabilistic non-repudiation protocol however does not need the involvement of a TTP to keep the fairness. The transaction processes are: Client → Provider: Request for a service Provider → Client: Service Client → Provider: Payment (acknowledgement) The procedures are described in the following steps. The recipient (Bob) determines the date D Step 1. B → A sSKB(request,B,A,D) The originator (Alice): checks D chooses n computes the signed f1, : : :, fn Step 2. A → B sSKA (fn(m),A,B,D) Step 3. B → A sSKB(ack1) . . Step 2n. A → B sSKA(f1(m),A,B,D) Step 2n+1. B → A sSKB(ackn) m= fn(m) fn-1(m) f1(m). NRO=NROi — i=1,,n, with NROi= sSKA (fi(m),A,B,D) NRR=sSKB(ackn) At any moment, if Alice or Bob receives an incorrect message, they stop taking part in the protocol. Moreover, if Bob does not directly answer Alice’s messages

Non-repudiation in Ad Hoc Networks

409

by sending the corresponding NRR Alice will suppose that Bob attempts to cheat and consequently she stops the protocol (by not sending the next value)[5]. 2.2

Non-repudiation Protocol with Online TTP

The protocols based on an online TTP are such that the TTP does not act anymore as a delivery authority (as an intermediary for each transmission between the entities). However, an online TTP intervenes during each session of the protocol. Zhou and Gollmann protocol Zhou and Gollmann presented a non-repudiation protocol with online TTP. The idea of this protocol is to reduce the work of the TTP to a minimum. During the protocol, if an incorrect message arrives or if an awaited message does not arrive, the potential recipient stops the protocol. Alice initiates the protocol by sending the cipher to Bob, using session key k, of the message she wants to transmit to Bob, a label identifying the protocol session, a time-out value before which the session key must be submitted to the TTP and after which it can be consulted, as well as the signed non- repudiation of origin evidence for the ciphered message. If Bob accepts the consultation time-out proposed by Alice, he sends his signed non-repudiation of receipt evidence for the ciphered message. Alice then sends to the TTP a signed copy of the session key. The TTP accepts during a session of a protocol only one submission from an entity and checks whether Alice’s signature is valid and whether the time-out is not exceeded. After the time-out, Bob can get, the session key and the non-repudiation of origin evidence for this session key provided by the TTP. This evidence is necessary in order to build a complete non-repudiation of origin evidence for the message that Alice sends to him. In a similar way, Alice consults the TTP to complete her non-repudiation of receipt evidence for the message. Both Alice and Bob will fetch the session key and the corresponding evidence for this key at the TTP. This evidence serves to Bob as evidence of origin and to Alice as a proof that the key is accessible to Bob. The entities consult, at the proper time, a read-only public directory managed by the TTP. If one of entity can’t get the evidence at the TTP, while the other entity does, he will lose a possible future dispute on this subject[6]. 2.3

Non-repudiation Protocols with Offline TTP

A TTP is said offline if it does not intervene in the protocol while no problem occurs. A problem could be an incorrect behavior of a dishonest entity or a network error. When such a problem occurs, Alice and/or Bob invoke the TTP to help them to finish the protocol run in a fair way. Non-repudiation protocol with offline TTP is proposed by Zhou-Gollmann.

410

P. Tandel et al.

A Fair Non-repudiation Protocol The protocol is presented below in Alice and Bob notation, where fNRO, fNRR, fSUB and fCON are labels used to identify the purpose of the messages. 1. 2. 3. 4. 5.

A → B: fNRO.B.L.C.NRO B → A: fNRR.A.L.NRR A → TTP: fSUB.B.L.K.subK B ↔ TTP: fCON.A.B.L.K.conK A ↔ TTP: fCON.A.B.L.K.conK

The main idea of the FairZG protocol is to split the delivery of a message into two parts. First a commitment C, containing the message M encrypted by a key K, is exchanged between Alice and Bob. Once Alice has an evidence of commitment from Bob, the key K is sent to a trusted third party. Once the TTP has received the key, both Alice and Bob can retrieve the evidence conK and the key K from the TTP. This last step is represented by a double direction arrow in the Alice and Bob-style notation because it is implementation specific and may be composed by several message exchanges between the agents and the TTP. In this scenario we assume the network will not be down forever and both Alice and Bob have access to the TTP’s shared repository where it stores the evidences and the key. That means the agents will eventually be able to retrieve the key and evidences from the TTP even in case of network failures[4,7]. 2.4

Comparison of Non-repudiation Protocols

In this section comparison among all given as per the following table, where important information such as the degree of fairness that is reached, whether timeliness is respected or not, which kind of TTP is involved in the protocol and the channel requirements are compared. Table 1. Comparison of non-repudiation protocols Protocol Markowitch-Roggeman Zhou-Gollmann A fair non-repudiation protocol Peer-to-peer mechanism

3 3.1

Fairness probabilistic strong strong probabilistic

Timeliness probabilistic yes yes probabilistic

TTP involvement none online offline none

Probabilistic Approaches for Non-repudiation in Ad-Hoc Networks Non-repudiation Mechanisms for Peer-to-Peer Networks

Most peer-to-peer technology has one disadvantage today, only a few necessary security requirements, like end-to-end transport security. Proof of reception is

Non-repudiation in Ad Hoc Networks

411

a key element for providing secure contract conclusion between members on a market place. The key principle is the involvement of other peers. These peers act as witnesses (see figure 1) and assist the non-repudiation protocol operations. In summary, the set of witnesses acts as a replacement for the trusted third party known from classical non-repudiation protocols. In figure 1 peers W1, W2 and W3 are selected as witness peers. These peers assist the proof of reception protocol between the peers A and B.

Fig. 1. Involving other peers into the protocol

In this mechanism, TTP is not required because the involvement of other available peers which assist the protocol between sender and recipient acting as witness. Using witness selection and proof of reception nodes communicates. One of participants is able to compute witness peer set using brute-force attack, place malicious peers and manipulate protocol. Sender and recipient both must be involved into witness peer selection. Witness selection Using nonce exchange method witness selection has been done: SA(H(H(O)),NA) SB(SA(H(H(O)),NA),NB) Proof of reception After exchanging nonce values, sender A computes the set of witness peers using following formula. Peer IDPi = H(i, SB(SA(H(O),NA)NB)) Figure 2 shows the protocol for a proof of reception of document O of recipient B started by sender A. For simplification the figure only shows one witness peer Pi.

412

P. Tandel et al.

Fig. 2. Communication protocol

By the integration of witness peers, there is no need for a global trusted third party. For each proof of reception other witness peers are selected. This mechanism offers better scalability and better robustness[8]. 3.2

Non-repudiation Using Secure Data Aggregation

Data aggregation protocols aim to combine and summarize data packets of several nodes so that amount of data transmission is reduced. An example data aggregation scheme is presented in Fig. 3 where a group of nodes collect information from a target region. When the base station queries the network, instead of sending each node’s data to base station, one of the nodes, called data aggregator, collects the information from its neighboring nodes, aggregates them (e.g., computes the average), and sends the aggregated data to the base station over a multi-hop path. As illustrated by the example, data aggregation reduces the number of data transmissions thereby improving the bandwidth and energy utilization in the network[9].

Fig. 3. Data aggregation

Non-repudiation in Ad Hoc Networks

413

Security requirements There are main 4 security requirements in the network: Data confidentiality: Data confidentiality ensures that secrecy of sensed data is never disclosed to unauthorized parties. Data integrity and Data freshness: Data integrity guarantees that message being transferred is never corrupted. Data freshness protects data aggregation schemes against replay attacks by ensuring that the transmitted data is recent. Source authentication: Nodes need authentication mechanism to detect maliciously injected or spoofed packets. Without authentication, an adversary can masquerade a node. Availability: Availability guarantees the survivability of network services against Denial-of-Service (DoS) attacks[9,10]. The main objective of data aggregation is to increase the network lifetime by reducing the resource consumption of nodes (such as battery energy and bandwidth). There are several protocols that allow routing and aggregation of data packets simultaneously. These protocols can be categorized into two parts: 1. Tree-based data aggregation protocols 2. Cluster-based data aggregation protocols 1. Tree-based data aggregation protocols The simplest way to achieve distributed data aggregation is to determine some data aggregator nodes in the network and ensure that the data paths of nodes include these data aggregator nodes. The main issue of tree-based data aggregation protocol is the construction of an energy efficient data aggregation tree. In this protocol, parent selection is based on nodes’ distance to the base

Fig. 4. Tree based data aggregation

414

P. Tandel et al.

station and their residual energy level. Data aggregation is performed during data forwarding phase. Using this approach amount of latency will be high. 2. Cluster-based data aggregation protocol To reduce the latency due to tree-based data aggregation, recent work on data aggregation tends to group nodes into clusters so that data are aggregated in each group for improved efficiency. In each cluster, cluster head is elected in order to aggregate data locally and transmit the aggregation result to the base station[9].

Fig. 5. Cluster based data aggregation

Aggregation scenario using sum function to select witness node Data aggregation uses primitive functions, such as mean, average, addition, subtraction, and exclusive or to eliminate identical readings, and only unique results

Fig. 6. An aggregation scenario using sum function

Non-repudiation in Ad Hoc Networks

415

are be forwarded, reducing the cost of data transmission. The network in figure 6 contains 16 nodes and uses SUM function to minimize energy consumption by reducing the number of bits reported to the base station. Node 7, 10-16 are normal nodes that are collecting data and reporting them back to the upper nodes whereas nodes 1-6, 8, 9 are aggregators that perform sensing and aggregating at the same time. In this example 16 packets traveled within the network and only one packet is transmitted to the base station. However, the number of traveling packets would increase to 50 packets if no data aggregation exists. Base station gets data from only 1 aggregator so number of bits reported to the base station reduced[10].

4

Conclusion

Most popular protocols like Zhou-Gollmann and fair non-repudiation protocol provide strong fairness and timeliness property. Now to secure ad hoc networks peer - to - peer mechanism can be used as there is no requirement of TTP in communication, because it will involve the other nodes as witness. Another approach for achieving non-repudiation in Ad-Hoc network is tree based aggregator selection in Ad-Hoc networks.

References 1. Zhou, L., Haas, Z.J.: Securing Ad Hoc Networks 2. Yu, S., Zhang, Y., Song, C., Chen, K.: A security archi tecture for Mobile Ad Hoc Networks 3. Robinson, P., Cook, N., Shrivastava, S.: Implementing Fair Non-repudiable Interactions with Web Services. In: Proceedings of the 2005 Ninth IEEE International EDOC Enterprise Computing Conference, EDOC 2005, 0-7695-2441-9/05 (2005) 4. Santiago, J., Vigneron, L.: Study for Automatically Analysing Non-repudiation. ACI S´ecurit´e SATIN and the IST-2001-39252 AVISPA project 5. Lin, Y.-C., Slay, J.: Non-Repudiation in Pure Mobile Ad Hoc Network 6. Kremer, S., Markowitch, O., Zhou, J.: An Intensive Survey of Fair Non-Repudiation Protocols, April 23. Elsevier Science, Amsterdam (2002) 7. Zhou, J., Gollmann, D.: A Fair Non-repudiation Protocol. In: Proceedings of the 1996 IEEE Symposium on Security and Privacy (SP 1996), pp. 1081–6011/96 (1996) 8. Conrad, M.: Nonrepudiation mechanisms for Peer-to-Peer networks. ACM portal (2006) 9. Ozdemir, S., Xiao, Y.: Secure data aggregation in wireless sensor networks: A comprehensive overview. Elsevier Computer Networks 53, 2022–2037 (2009) 10. Alzaid, H., Foo, E., Nieto, J.G.: Secure Data Aggregation in Wireless Sensor Network: a survey. In: Proc. 6th Australasian Information Security Conference (AISC 2008), Wollongong, Australia. CRPIT, vol. 81 (2008) 11. Bayya, A.K., Gupte, S., Shukla, Y.K., Garikapati, A.: Security in Ad-hoc Networks 12. Huang, S.-I., Shieh, S., Tygar, J.D.: Secure encrypted-data aggregation for wireless sensor networks. Springer Science+Business Media, LLC 2009, Wireless Netw. (2010) 16, 915–927 (2009) 13. Sang, Y., Shen, H.: Secure Data Aggregation in Wireless Sen sor Networks: A Survey. In: IEEE Proceedings of the Seventh International Conference on Parallel and Distributed Computing, Applications and Technologies, PDCAT 2006, pp. 0-7695-2736-1/06 (2006)

The Vehicular Information Space Framework Vivian Prinz1, Johann Schlichter1, and Benno Schweiger2 1

TU Munich, Department of Informatics, Boltzmannstr. 3 85748 Garching, Germany [email protected] 2 BMW Group, Research and Technology, Hanauer Straße 46 80992 Munich, Germany [email protected]

Abstract. Vehicular networks are distributed, self-organizing and highly mobile ad hoc networks. They allow for providing drivers with up-to-the-minute information about their environment. Therefore, they are expected to be a decisive future enabler for enhancing driving comfort and safety. This article introduces the Vehicular Information Space framework (VIS). Vehicles running the VIS form a kind of distributed database. It enables them to provide information like existing hazards, parking spaces or traffic densities in a location aware and fully distributed manner. In addition, vehicles can retrieve, modify and delete these information items. The underlying algorithm is based on features derived from existing structured Peer-to-Peer algorithms and extended to suit the specific characteristics of highly mobile ad hoc networks. We present, implement and simulate the VIS using a motorway and an urban traffic environment. Simulation studies on VIS message occurrence show that the VIS implies reasonable traffic overhead. Also, overall VIS message traffic is independent from the number of information items provided. Keywords: Structured peer-to-peer algorithms; P2P; distributed hash tables; DHTs; Mobile Ad hoc Networks, MANETs; Vehicular Ad hoc Networks, VANETs; VANET performance analysis; distributed information management.

1 Introduction Vehicular networks are distributed, self-organizing and highly Mobile Ad Hoc Networks (MANETs). Vehicular Communication Systems (VCSs) enable vehicles to warn each other about existing hazards, for example. In this context, Vehicle-to-Vehicle (V2V) communication offers important possibilities to reduce the number of accidents particularly through the fast propagation of locally relevant warnings. In addition, VCSs allow for the provision of convenient add-on applications. For instance, drivers can be supplied with up-to-the-minute traffic information or check for nearby parking spaces currently available. Furthermore, traffic jams lead to annual economic costs of 17.4 billion Euros in Germany alone [1]. By improving roadway system utilization, VCSs bear the possibility to reduce economic costs as well as fuel consumption and CO2 emissions. These are additional potentials besides enhancing road safety and driving comfort. T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 416–431, 2010. © Springer-Verlag Berlin Heidelberg 2010

The Vehicular Information Space Framework

417

Accordingly, the research field has gained much interest from both academia and industry. Many aspects of Vehicular Ad Hoc Networks (VANETs) have been investigated profoundly. However, in the field of distributed information management, VCS solutions can be further improved. This includes functionalities such as the efficient distributed provision of information items like existing hazards, parking spaces or traffic densities. Also, subsequent data handling of already distributed information is of concern. This article presents the Vehicular Information Space framework (VIS). The VIS provides the named functionalities by establishing a fully distributed vehicular database. The VIS core algorithm is based on features derived from existing structured Peer-to-Peer (P2P) algorithms and extended to suit the specific characteristics of VANETs. The remainder of the paper is structured as follows: Section 2 discusses requirements for VCSs and related work. Section 3 describes the VIS approach and its implementation. In section 4, we simulate the VIS and present evaluation results on occurring message traffic. Finally, we give a summary and an outlook on future work in section 5.

2 Aims and Goals and Related Work This section derives demands on a VCS with regard to different applications. Afterwards, it gives a survey of work related to these functionalities. 2.1 VCS Applications and Accompanied Requirements One VANET application area is active safety: For example, cars can warn each other about preceding accidents or black ice. Another example is cooperative traffic jam detection performed by multiple cars. This bears the possibility to warn vehicles about traffic jams or even to avoid them by propagating appropriate speed limitations. Particularly with regard to local relevance and fast propagation of information, VANETs offer important potential for reducing the number of accidents. In addition, deployment applications aim at offering drivers supplemental benefits. For instance, car parks are able to provide information about their capacities and costs using wireless communication endpoints. Vehicles leaving a public parking space can announce this as well. By aggregating this information, VCS applications are able to visualize nearby parking spaces and their costs using, e.g., in-car navigation systems. Like active safety applications, deployment applications benefit from regional relevance and up-to-dateness of information accessible via the vehicular network. To support the multitude of possible applications in the named fields, a VCS has to be provided arbitrary applications can be built on. We focus on decentralized VCSs relying on present communication enabled vehicles only. Centralized systems either base on a network of dedicated roadside units or they use existing cellular networks. Yet, it is difficult to seamlessly provide and maintain roadside units in the whole road network. Therefore, decentralized organization offers some advantages over centralized systems. For example, there is no need for each vehicle to keep an internet connection. Hence, there are no barriers concerning costs, accessibility or coverage gaps.

418

V. Prinz, J. Schlichter, and B. Schweiger

Also, vehicles are able to propagate information items, which might be safety critical, very fast when exchanging them directly. In other words: “A central challenge of VANETs is that no communication coordinator can be assumed. Although some applications likely will involve infrastructure, several applications will be expected to function reliably using decentralized communications” [2]. In particular, we focus on the following requirements on decentralized VCS: It is not sufficient to send a black ice warning to all successive vehicles once. Vehicles reaching a hazard zone later should be warned as well. Hence, information should be available over variable periods. Thereby, many messages lead to higher collision probabilities and longer access times at the air interface. Both consequences should be avoided particularly with respect to active safety applications. Due these resource constraints, a VCS should not provide information items like available parking spaces by retransmitting them all the time – They are interesting for only a few vehicles and rather seldom. Instead, it would be advantageous to store information in a distributed manner and to allow arbitrary vehicles to retrieve this information. In the following, we will refer to this kind of distributed storage as publishing. After publishing an information, it should be possible to modify it: Information like the capacity of a car park changes frequently. Deletion/Expiration of published items is important as drivers should not be warned about black ice after road conditions have normalized again, for example. Apart from that, a warning about bad road conditions is irrelevant in far-off regions. Thus, it should not be managed there for efficiency reasons and for fast propagation. Also, provision needs to be reliable: As we presume no centralized infrastructure, cars manage information themselves. The information items must not get lost if a vehicle passes a tunnel or is being parked, for example. To summarize, a VCS should allow for publishing information with respect to certain geographical regions or specified validity durations. Furthermore, it should be possible to modify, delete and to retrieve this information. In the following, we will refer to these mechanisms as distributed information management. From the application point of view, it implies the provision of publish, delete, search and modify primitives besides send and receive. 2.2 Work Related to Distributed Information Management in VANETs A lot of profound work in MANET/VANET research is on media access, multi-hop routing, multicast and geocast. In addition, the Dedicated Short Range Communication Standard (DSRC) [3] is currently being developed. It is designed to support wireless communication for V2V and Vehicle-to-Infrastructure (V2I) applications. As the groundwork for DSRC, IEEE 802.11p is used. It will take advantage of a 75 MHz spectrum allocated both in Europe and the USA in the 5.9 GHz range. 10 MHz channels are operating at up to 27 Mbps depending on modulation mode. The standard envisions vehicle speeds of up to 200 km/h and direct communication within a distance of up to one kilometer. The named technologies provide the basis for distributed information management. Regarding distributed information management, there are several approaches

The Vehicular Information Space Framework

419

discussing intelligent retransmissions of broadcast messages to realize persistent availability (e.g. [4]). That is, vehicles within an area retransmit information according to dedicated rules. This way, vehicles reaching the area later receive the messages as well. An alternative approach is Stored Geocast (e.g. [5]). A Geocast message is sent to one node being a fixed infrastructure point or elected out of present mobile nodes. Afterwards, that node delivers the message within the desired region. This can be done again using continuous retransmissions. Alternatively, every vehicle can broadcast its location periodically. This way, Geocast servers notice a vehicle entering their area of interest. Hence, they can deliver Geocast messages on demand. Yet, continuous rebroadcasts and inherited redundancies are required in either case. Moreover, distributed information management – in terms of on-demand modifiability, deletion and retrievability – is not considered. Among other things, P2P algorithms address reliable, distributed information management. Popular P2P applications are file sharing clients and communication tools such as Skype. Different applications are based on different P2P algorithms to manage the underlying P2P network. An unstructured P2P network consists of peers joining and leaving the network according to only a few rules. Information is stored at random peers and retrieved through optimized flooding. In contrast, the topology of structured P2P networks is strictly controlled. They utilize Distributed Hash Tables (DHTs) as carriers: Information items have unique keys. These keys are hashed onto identifiers, likewise peer addresses. Information is then stored and to be searched on the peer whose identifier is most similar to the information's identifier. Information items and requests are routed to the appropriate peer using small routing tables. Expiration is realized by passing a validity period when publishing. The peer storing the information deletes it as soon as the validity expires. Corresponding structured P2P algorithms basically differ in their data object schemata, their address spaces, their routing strategies and their replication strategies to achieve fault tolerance. If a peer fails, neighboring peers in the address space usually take over its identifier interval and corresponding information. A popular example is the structured P2P algorithm Chord [6] and its ring topology. Chord virtually places peers onto a ring ordered by ascending identifiers. Peers are always hosting information items, whose identifiers lie in the interval bounded by their own identifier and their predecessor’s identifier on the ring (clockwise). Hence, the aforementioned similarity of peer and information identifiers equates to unidirectional proximity on a ring as far as the Chord algorithm is concerned. Likewise, the named neighborship relation refers to peers next to each other on the virtual ring. For more detailed information on P2P algorithms see, for example, [7]. VANETs and P2P networks bear strong resemblances. Both are distributed, selforganizing networks. In addition, nodes act autonomously and anonymously: Internet users as well as vehicles joining or leaving the network are not known in advance. Moreover, both networks are potentially very large – internet and road network. Finally, P2P and vehicular networks suffer from frequent topology changes. PCs are switched on and off arbitrarily. Vehicles are started and shut off or come to pass areas like a tunnel with no radio connectivity. Consequently, P2P algorithms account for properties prevailing in VANETs as well.

420

V. Prinz, J. Schlichter, and B. Schweiger

Several existing approaches deal with MANETs and structured P2P algorithms (e.g. [8]). However, these approaches do not focus on VANETs. Thus, they do not consider properties like high vehicular velocities, the size of vehicular networks or references to and influences of the street topology. In VANET research, Lochert et al. [9] compare the central server approach and the possibility to regard the vehicular network as one big structured P2P network. For the latter, application specific information, requests and topological information have to be exchanged over vehicular multi-hop connections. These connections may exceed many kilometers. Thereby, information exchange has to take place in a fast and reliable way, which poses a problem in VANETs (see Section 3.1). In addition, they point out the huge network load. All named information would have to be routed frequently and most often over long distances. Thus, Lochert et al. conclude that, despite the substantial benefits of P2P, infrastructure-based solutions will be the ones preferred – at least in the near future. In [10] they suggest a solution for an infrastructure-based P2P network. The network is made up of vehicles each of which maintains an internet connection to be able to access fixed network infrastructure. This way, they take advantage of P2P functionalities while avoiding the stated problems. As motivated in section 2, we are focusing on infrastructure-independent solutions. To the best of our knowledge, there are no approaches allowing for fully distributed vehicular information management based on structured P2P algorithms.

3 The Vehicular Information Space Framework This section first overviews the VIS. Afterwards, it describes the integrated structured P2P algorithm. 3.1 Framework Overview To give an overview on the VIS, we first specify challenges that influenced the VIS approach. Subsequently, we depict the basic VIS concept and its implementation. 3.1.1 Challenges P2P algorithms were designed for the internet. In VANETs, communication over multiple vehicles is not as fast and reliable [11]. On the one hand, reliability is restricted because obstacles like trees may jam wireless connections. On the other hand, communication is slower because multi-hop routing protocols for VANETs require a lot of message exchanges. This is due to the high vehicle speeds, which necessitate many routing table updates. Multiple messages again result in higher collision probabilities and longer access times. Alternatively, connections are established on demand, which results in delays. Finally, established connections over multiple vehicles are not very stable again due to the high vehicular velocities. The problem is that P2P algorithms require fast and reliable exchange of topology and application data independent from the peers’ physical distance. First, inconsistencies in the P2P network may occur if topology data is not exchanged adequately. Second, rapid (re-)allocation of application data during regular publish, join and leave

The Vehicular Information Space Framework

421

procedures or in case of failure recovery becomes a problem. Apart from that, information like a black ice warning should not be managed in far-off areas for efficiency reasons and for fast propagation. Existing P2P algorithms are not concerned with information management referring to certain road network regions. 3.1.2 The Basic VIS Concept A way to cope with these different conditions is not to regard the vehicular network as one big structured P2P network. Instead, the VIS divides it into segments, each forming a structured P2P network. The segment sizes are chosen according to the available communication range. For example, in urban areas street sections of half a kilometer are chosen when assuming the average DSRC communication range [3]. The address space of a VIS P2P network is limited to these segments whereas adjacent segments overlap logically at their borders. Within a VIS segment, vehicles are able to communicate directly. Thus, they can exchange topology information and application data in an adequate manner. The VIS uses a vehicle’s position to determine whether a vehicle crosses segment borders. As soon as a VIS vehicle approaches a new segment, it contacts the first vehicle of the corresponding VIS P2P network using beacon messages. This way, it is able to obtain all information required to join the new topology. Furthermore, it announces its departure from the old VIS segment to avoid overhead from failure recovery. By default, information is published, and then managed, in one segment. Yet, a piece of information might be of relevance beyond the borders of that segment as well. This segment-overlapping information has to be forwarded between neighboring VIS segments. In order to facilitate this, a VIS vehicle crossing segment borders first searches segment-overlapping information in its old segment. Then, it publishes found items in the new segment. Finally, it marks these items as being forwarded by modifying them. Thus, there is no redundant forwarding. To be able to specify segment-overlapping information, a corresponding information type is defined. Hence, segment-overlapping information becomes searchable and markable for all vehicles. If segment-overlapping information is modified or deleted, the forwarded mark is reset again and, in case, set deleted. This way, the information item is passed to adjacent segments again. There, the responsible VIS vehicle has to overwrite or to delete the existing information. Exceptions are segment-overlapping warnings. If they are of relevance in adjacent segments as well, they are flooded. It is not possible to wait until the next vehicle leaves the segment. Yet, as this relates to wide ranging warnings only, it can be assumed that the scenario is going to emerge rather seldom. 3.1.3 Framework Design We implemented the VIS using the programming language Python. The network segmentation and all further mechanisms are realized at the framework layer. Currently, the network segmentation needs to be configured and was manually determined for each deployed traffic environment (see Section 4). Future work is to enhance this by applying appropriate algorithms for object-aware geographical segmentation (e.g. [12]).

422

V. Prinz, J. Schlichter, and B. Schweiger

Figure 1 schematizes the VIS architecture: VCS applications access the VIS functionalities using publish, search, modify and delete primitives provided by its interface. We refer to VIS information items as resources. These objects typify any kind of application data to be managed by the VIS. When a resource is published, its default scope can be modified. This attribute is specified in meters and passed within a resource when calling the publish method. The VIS then selects relevant segments and publishes the resource accordingly. Likewise, resources obtain a validity attribute whose default value can be modified. A VIS vehicle storing a resource deletes it as soon as the validity expires. To determine if a vehicle crosses segment borders, the framework requests a vehicle's position periodically. Also, the VIS needs to be provided with send and receive primitives for information exchange. To achieve loose coupling, an application has to pass a callback specifying what to do with a request’s result. The VIS calls this callback on receiving Fig. 1. VIS architecture the respective result. Consequently, VCS application developers do not need to know about the vehicular network segmentation. They use the VIS as if working on a local database. Likewise, the VIS does not need to know about existing applications. The design aims at maximizing loose coupling while offering ease of application development. 3.1.4 Reliability Beyond Segment Borders Within one VIS segment, P2P topology data and application specific data can be exchanged rapidly. Apart from that, resources are managed only within relevant VIS segments. However, the segmentation leads to the problem that VIS fault tolerance mechanisms are bounded to the segments. Within one segment, a VIS vehicle's neighboring peer in the address space assumes the responsibility for its range of identifiers and corresponding resources (see Sections 2.2, 3.2). Hence, resources are not lost as long as one VIS vehicle is left in a segment. This presumes the vehicle is able to store all resources. As segments are comparatively small and the VIS is concerned with vehicles only, storage capacity is assumed to be not as critical. Yet, all resources are lost as soon as the last VIS vehicle leaves a segment. To handle this, we suggest that the relevance range of every resource covers adjacent segments by default. A resource's relevance range might even be selected wider depending on the preferred level of fault tolerance. Consequently, the VIS would always manage resources in adjacent segments. If a vehicle recognizes a VIS overlay it wants to join does not exist anymore, it is able to request corresponding resources. Hence,

The Vehicular Information Space Framework

423

resources could be recovered until one segment and all its adjacent segments fail. Thus, a failure should not take place as long as one VIS vehicle is left within an area much bigger than the available communication range. Implementing and evaluating this reliability mechanism is part of our future work. Yet, this aspect might even turn out to be of advantage considering given deployment issues of vehicular communication technologies (e.g. [13]). 3.2 The VIS Structured P2P Algorithm The VIS implements the chord address space. In addition, it adapts existing join, leave and maintenance procedures. Finally, it integrates extensions handling the increased message loss rate of VANETs. 3.2.1 Address Space: Chord Ring Structured P2P algorithms use their DHTs to determine on which peer to store an information item. Likewise, they know which peer to contact in order to retrieve, modify or delete it. Overlay routing is applied to route a request to the corresponding peer. Thereby, more complex address spaces usually offer better overlay routing performance. On a peer failure, they can provide alternative overlay routes not crossing that peer, for instance. In exchange, they require more messages to keep up their topology. Usually, overlay routes are decoupled from underlay routes – One-hop overlay routes may result in long-distance multi-hop underlay routes. Overlay routing is necessary because structured P2P algorithms potentially need to scale for millions of peers on the internet. It is not possible to maintain consistent overlay address tables if each table comprises all peers participating in the network whereas, network-wide, each table has to be updated on each single topology change. Regarding the VIS, it is possible to utilize the limited number of nodes participating in the overlay simultaneously. The node number is bounded because of the limited segment size. This again implies that overlay address tables remain relatively small even if they comprise all segment participants. In addition, updates of overlay address tables can be carried out comparatively fast as each VIS vehicle is in physical onehop distance. Therefore, each VIS vehicle maintains the overlay identifier and the corresponding network address of each other VIS overlay member. As a consequence, each overlay member is able to address every other overlay member. Thus, there is no need for a complex address space. Therefore, the VIS is based on the rather simple Chord ring structure (see Section 2.2 and Fig. 2. a). The VIS calculates overlay identifiers by hashing a vehicles address and a resource's key. Currently, it calculates these identifiers using the Message-Digest algorithm 5 [14]. In accordance to Chord, VIS vehicles manage resources whose identifiers lie in the interval bounded by the vehicle's identifier and its predecessor's identifier. To give an example, there may be two vehicles with identifiers 170xxx and 43xxx with no other vehicle whose identifier is greater than 43xxx and also smaller than 170xxx (see Fig. 2). Then, vehicle 170xxx is responsible for all resources whose identifiers lie in between 170xxx and 43xxx. In the example illustrated in Fig. 2. a, it hosts the resource with identifier 124xxx. VIS application developers may specify resource keywords the framework uses for identifier generation. For example, a resource might hold the keyword “parking

424

V. Prinz, J. Schlichter, and B. Schweiger

space” in case it describes the location (and other attributes) of a certain parking space. This way, other instances of the same distributed VCS application are able to search, modify or to delete corresponding resources. By naming the keyword, they enable the VIS to calculate the respective identifier needed to identify the successive vehicle on the Chord ring (successor) to contact (see Fig. 2. a, lines 4 - 9). If no keyword is specified, the VIS publishes resources using a unique key being a standard attribute of every resource (see Fig. 2. a, lines 11 - 15). In that case, only the publishing vehicle is able to access the resource as no other vehicle knows its key.

Fig. 2. a) VIS address space

Fig. 2. b) Publish pseudocode

3.2.2 Adaptations of Existing Join, Leave and Maintenance Procedures In general, maintenance mechanisms are concerned with irregular peer failures. In addition, they may imply handling leave events in case only join is performed proactively. In contrast to Chord, VIS join and leave procedures are purely proactive: As soon as a VIS vehicle approaches a new segment, it broadcasts a join request. Thereupon, the VIS vehicle's successor sends a reply message including the segment's address table. In addition, the message comprises resources that are no longer under the responsibility of the successor but have to be managed by the joining VIS vehicle. Apart from that, every VIS vehicle adds the joining vehicle to its address table on receiving the join request. As the whole ring is common knowledge, every VIS vehicle is aware if it is the new VIS vehicle's successor. In case a VIS vehicle leaves a segment or a driver performs a usual shut down (parking), the VIS vehicle broadcasts a leave request. In answer to receiving that leave request, all VIS vehicles delete the leaving vehicle from their address tables. Moreover, the leaving vehicle attaches resources its successor has to resume. As leave procedures are purely proactive, VIS maintenance is concerned with irregular failures only. For example, VIS vehicles may fail on entering a basement garage or if a vehicle's engine is stalled. Failure recovery utilizes the fact that published resources can be replicated on a VIS vehicle's successor easily. A VIS vehicle publishing a resource is aware of the entire ring. Hence, it knows the responsible VIS vehicle to contact for publishing as well as the responsible VIS vehicle's successor. It is able to publish the resource on the latter for replicated storage as well. Likewise, a VIS vehicle contacting a failed VIS vehicle for any kind of request is able to inform

The Vehicular Information Space Framework

425

the failed VIS vehicle's successor immediately. If so, the whole overlay can be stabilized by a single following leave message representative for the failed VIS vehicle sent by its successor. 3.2.3 Increased Message Loss Handling The VIS has to cope with high message loss probabilities due to wireless vehicular communications. Existing structured P2P algorithms do not consider this circumstance. To give an example, the reply to a join request issued by VIS vehicle A might get lost. Vehicle A does not get the information necessary to join the VIS segment's topology. This might recur after vehicle A repeated the request. Meanwhile, all other vehicular peers added vehicle A to their routing tables as they received its request. Therefore, VIS vehicle B might send a leave request where all VIS vehicles assume vehicle A in the role of the successor. Only vehicle A is not able to know as it has not yet established its ring structure. Hence, all resources vehicle A would have to take over get lost. There might occur losses of join, leave, publish, search, modify or delete requests and losses of corresponding responses. Thus, diversified scenarios exist where single message losses or combinations of these losses lead to serious faults in the overlay. The VIS applies the following mechanisms to avoid these faults: Pending Requests: Every VIS vehicle memorizes requests it did not receive a reply to. Thereby, a VIS vehicle's successor answers to a join or a leave request. Publish, search, modify and delete requests are answered by the VIS vehicle responsible for the corresponding resources. Requests have unique identifiers and version numbers. In case there is no reply to a request, a VIS vehicle repeats the request using a higher version number. VIS vehicles recognize a repeated request using its identifier. In case, they do not repeat the respective operation locally. They only repeat a required reply. A VIS vehicle in state joining memorizes incoming requests corresponding to its new segment. It handles them as soon as the join procedure is complete. A VIS vehicle in state leaving does not process requests corresponding to its old overlay and does not answer to them. The requesting vehicle has to repeat the request after updating its address table. Address table adjustments: Leave requests are processed by every segment member to delete the leaving vehicle. Thereby, they comprise the sending vehicle's address table as well as the version of this table. All VIS vehicles perform the same operations on their address tables. Hence, their versions have to be equal. If not, a join or a leave request was lost whereas the VIS vehicle not receiving the message was not in the role of the successor – the request was not repeated. Therefore, VIS vehicles receiving an address table with a higher version than their local one replace their local address table. 3.2.4 Discussion of an Alternative Solution In case a VCS application publishes a resource, each segment member physically receives the publish request since we are in a wireless environment. An intuitive suggestion is to simply let each vehicle store the resource and avoid the costs for VIS overlay messaging. On second thought, this is no satisfying alternative: If each VIS vehicle would store each published resource, all VIS vehicles would have to process the publish request. In case there's an explicit receiver address, other VIS vehicles drop the request at an early stage. Also, each VIS vehicle newly arriving would need to request existing resources to know about them and to keep them alive.

426

V. Prinz, J. Schlichter, and B. Schweiger

Thereby, each VIS vehicle would have to broadcast the request since it does not know a responsible receiver VIS vehicle. Again, each VIS vehicle would have to process this request. Also, each VIS vehicle would need to reply and pass all existing resources since there's no responsible vehicle commonly known. If a VCS application publishes, modifies or deletes a resource, the VIS would have to broadcast the request to force each VIS vehicle to perform the operation. Besides redundant processing, this bears consistency problems. In the common case of message loss, single vehicles would not know about a resource. Hence, each VIS vehicle would need to send a publish reply to acknowledge a resources receipt, not only the responsible VIS vehicle. And, even in the latter case, the publishing VIS vehicle would still not be able to detect a VIS vehicle not receiving the resource as it does not know present VIS vehicles. If a VCS application modifies a resource, there will soon be different versions due to losses of modify requests. With deletion, it is not known if information – an available parking space – should still be existent.

4 Evaluation Results on VIS Message Traffic It is necessary to realistically simulate factors like car movements and wireless vehicular communications as they strongly influence evaluation results. Thus, this section first describes our simulation environment. Then, we present evaluation results on occurring VIS message traffic. 4.1 VISSIM/VCom VISSIM by PTV Vision [15] is a time step oriented and behavior-based simulator for urban and highway traffic simulation including pedestrians, cyclists and motorized vehicles. A simulation's result is a two- or three-dimensional traffic flow animation. VISSIM visualizes the animation using a graphical user interface (see Section 4.2). Furthermore, different traffic characteristics can be logged and analyzed offline. Traffic-dependent control logic is modeled using external modules for traffic signaling and control. Concerning the traffic flow model, driver-vehicle entities move through the transport network autonomously. Each driver and his behavioral patterns are associated with a dedicated car. This way, driving behavior and a vehicle's technical possibilities correlate. A driver-vehicle entity is characterized by different attributes. Besides the vehicle's technical specification, they span individual human behavior patterns. Examples are psychophysical perception barriers like estimation abilities or the readiness to assume risk. Moreover, dependencies between different drivervehicle entities influence a vehicle’s behavior. To simulate vehicular communication, we are working with the VISSIM module VCom. VCom has been developed by PTV Vision in collaboration with the Technical Universities of Karlsruhe and Munich. The motivation behind VCom is that a network simulator becomes a bottleneck when coupling it with a traffic simulator in case there is a multitude of nodes. VCom does not use a network simulator to simulate the communication process. Rather, the network simulator ns-2 [16] was used to generate communication statistics. VCom accesses these statistics to simulate vehicular communication. For more detailed information on the characteristics of the deployed vehicular communications simulation, see, for example, [17].

The Vehicular Information Space Framework

427

4.2 Simulation Settings We deployed the VIS using two different VISSIM Traffic Environments (TEs). For both environments, we manually determined segment boarders of three segments on the basis of the VISSIM coordinates. According to the VCom communication range, a segment's maximum diameter is 500m. The first TE is an urban environment (see Fig. 3a. Passenger cars as well as trucks are assigned desired speeds of 50 km/h. We modeled a traffic load of 250 vehicles per lane per hour. There are two lanes of traffic, each running opposite directions. Consequently, there is a traffic load of 500 vehicles per hour. It is thought that medium to long-term adoption will result in around 25% of communication-enabled vehicles [14]. Therefore, we defined an average rate of 25% of communication-enabled vehicles resulting in 125 vehicles able to communicate per hour.

Fig. 3. a) Urban TE

Fig. 3. b) Motorway TE

In the depicted TE, there is relatively little join and leave traffic (churn) and sparse traffic density. Hence, there are not as many leave requests for distributed address table adjustment (see Section 3.2). But then, there's fewer stress concerning wireless data load and inherited message loss. Also, the number of distributed address table updates is low. To be able to evaluate the VIS under high churn and for high node numbers, we deployed it on a 4-lane motorway traffic network as well (see Fig. 3. b). There are four lanes of traffic, two each running opposite directions. A passenger car's desired speed is 140 km/h. Trucks have desired speeds of 80 km/h. Furthermore, we modeled a traffic load of 2000 vehicles per hour for each driving direction. Like in the urban scenario, there is an average rate of 25 % communication-enabled vehicles. Consequently, there are about 500 vehicles able to communicate wirelessly per hour and direction equating to 1000 vehicles distributed over the given 4 lanes. 4.3 VIS Information Provisioning Each communication-enabled vehicle of the depicted TEs runs the VIS. As described, it joins a VIS overlay on entering a segment and leaves it when crossing its borders again. Thereby, resources are handed over in case responsibilities change. On starting a simulation run, the first VISSIM vehicle entering a VIS segment does not get a response to its join request. After repeating the request to exclude the possibility of message loss, it builds up a new information space. The behavior is identical in case a

428

V. Prinz, J. Schlichter, and B. Schweiger

segment failed. The new information space is then joined by subsequent vehicles. Thereby, we wait until vehicles dispersed throughout the road network. Afterwards, arbitrary vehicles publish dummy resources to determine the number of VIS messages needed for their provisioning. Fig. 4 visualizes the number of VIS messages transmitted per time in case vehicles provide one resource. It depicts the measurements starting short before publishing the resource in the motorway TE. Noticeable is the sharp message increase after simulation second number 200. Reviewing the logfiles showed that there are two leave requests simultaneous at simulation second 199,9. Only one of the two is answered. Starting from simulation second 199,9, there is one leave request continuously repeated until simulation second 212,6. Meanwhile, there are 4 join and 4 further leave requests issued by other vehicular peers. These requests influence the overlay in a way that there is always one peer waiting for a leave reply resulting in the visible huge stabilization traffic.

Fig. 4. VIS messages traffic, motorway TE

Fig. 5. VIS messages traffic, urban TE

The Vehicular Information Space Framework

429

Fig. 5 shows the number of VIS messages transmitted for one provided resource in the urban TE. Message traffic is much lower than on the motorway. This is because there are fewer overlay members due to the lower traffic density. Also, message occurrence is less constant. This is because there are fewer vehicles traversing a VIS segment slower. Therefore, regular join and leave traffic occurs more frequent on the motorway. In comparison, it appears in irregular steps in the urban TE, which is emphasized by the higher y-axis resolution. As stated in previous sections, we do not restrict information provisioning on single items. Instead, we focus on multiple resources necessary for diversified applications (traffic densities, multiple available parking lots, gas stations and their prices, restaurants nearby et cetera). Therefore, we also measured the number of VIS messages transmitted in case multiple resources are published. At first thought, additional published resources should have no impact on the VIS message load as long as they do not imply multiple data packages due to their sizes: Resources are handed over during regular join and leave procedures. Join and leave messaging is required no matter if there are resources to pass or not. However, Fig. 6 displays there is a difference in the number of transmitted VIS messages for a varying number of resources on the motorway. This is because a single additional publish request influences the message loss probability of subsequent messages. In detail, message loads equal for one and four present resources (compare Fig. 4 and 6). Moreover, Fig. 6 shows there are even less transmitted messages when four resources are published instead of three. With two resources, there is no need for VIS stabilization traffic. In case three resources are present, visible stabilization overhead occurs starting from simulation seconds number 200 and number 260. In contrast, measurements in the urban TE show equal overall behavior given two, three and four resources (see Fig. 7). The only difference is that message counts differ in the number of transmissions needed for each additional publish request and the corresponding reply. This is because there is relatively little churn due to sparse traffic density and lower velocities. This implies less stress concerning wireless data load and inherited message loss. Therefore, the probability of overlay stabilization necessity is lower. During the depicted runs, there’s no stabilization traffic at all.

Fig. 6. VIS messages, up to 4 resources, motorway TE

430

V. Prinz, J. Schlichter, and B. Schweiger

Fig. 7. VIS messages, up to 4 resources, urban TE

To conclude, evaluation results show that VIS message traffic increases in case overlay stabilization becomes necessary. Otherwise, overall traffic equals when providing additional resources. In addition, the presented results allow for the assumption that the VIS implies reasonable overall message overhead. Future work is to investigate this through comparative studies.

5 Conclusions and Future Work Future VCS applications like up-to-the-minute hazard notification, parking assistance or traffic jam detection may considerably contribute to driving comfort and traffic safety. To this end, vehicles need to provide information about existing hazards, parking spaces or traffic jams in a distributed manner within the concerned region. In addition, VCS applications need to be able to modify published information about car park capacities or delete an eliminated hazard, for example. This article described the VIS. Vehicles running the VIS form a kind of distributed database. It enables them to publish arbitrary information items with respect to certain areas or validity durations and to handle them later on. The underlying algorithm is based on features derived from the structured P2P algorithm Chord and extended to suit the specific characteristics of VANETs. We presented, implemented and simulated the VIS. Evaluation results show that VIS message load depends on occurring overlay stabilization traffic. The latter again proved to depend on vehicular speeds and traffic densities affecting vehicular churn and therefore message loss rates. In addition, evaluation results show that overall VIS message traffic is independent from the number of resources provided. Finally, the results allow for the assumption that the VIS implies reasonable overall message overhead. Our next step is to implement state-of-the-art persistent information provisioning. This will enable us to comparatively quantify the presented VIS overhead. Thereby, overhead may be sustainable to a certain degree regarding the further distributed information handling functionalities of the VIS.

The Vehicular Information Space Framework

431

References [1] Lange, B.: Enhancing line-of-sight. iX magazine on professional information technology 11/2009, 113–115. Heise Verlag Publishing House (2009) [2] Hartenstein, H., Laberteaux, K.P.: A tutorial survey on vehicular ad hoc networks. IEEE Communications Magazine 46(6), 164–171 (2008) [3] ASTM Standard E2213, Standard Specification for Telecommunications and Information Exchange Between Roadside and Vehicle Systems. ASTM International (2003) [4] Wischoff, L., Ebner, A., Rohling, H., Lott, M., Halfmann, R.: Sotis - a self-organizing traffic information system. In: Proceedings of the 57th IEEE Vehicular Technology Conference, pp. 2442–2446 (2003) [5] Maihöfer, C., Franz, W., Eberhardt, R.: Stored Geocast. In: Proceedings of Kommunikation in Verteilten Systemen (KiVS), pp. 257–268 (2003) [6] Stoica, I., Morris, R., Karger, D., Kaashoek, M.F., Balakrishnan, H.: Chord: A scalable peer-to-peer lookup service for internet applications. In: Proceedings of the 2001 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, pp. 149–160 (2001) [7] Lua, K., Crowcroft, J., Pias, M., Sharma, R., Lim, S.: A survey and comparison of peerto-peer overlay network schemes. IEEE Communications Surveys & Tutorials 7(2), 72– 93 (2005) [8] Miller, B., Konstan, J., Riedl, J.: PocketLens: Toward a personal recommender system. ACM Tranactions on Information Systems 22(3), 437–476 (2004) [9] Lochert, C., Rybicki, J., Scheuermann, B., Mauve, M.: Scalable data dissemination for inter-vehicle-communication: aggregation versus peer-to-peer. Information Technology 50(4), 237–242 (2008) [10] Rybicki, J., Scheuermann, B., Kiess, W., Lochert, C., Fallahi, P., Mauve, M.: Challenge: peers on wheels - a road to new traffic information systems. In: Proceedings of the 13th International Conference on Mobile Computing and Networking, pp. 215–221 (2007) [11] Luo, J., Hubaux, J.: A survey of Research in Inter-Vehicle Communications. In: Embedded Security in Cars, pp. 111–122. Springer, Heidelberg (2006) [12] Campbell, N., Mackeown, W., Thomas, B., Troscianko, T.: Interpreting image databases by region classification. Pattern Recognition 30(4), 555–563 (1997) [13] Matheus, K., Morich, R., Lübke, A.: Economic background of car-to-car communication. In: Proceedings of Informationssysteme für Mobile Anwendungen (2004) [14] Rivest, R.: RFC 1321: The md5 algorithm (1992) [15] The vissim traffic simulator, http://www.ptvamerica.com/ [16] The network simulator - ns-2, http://www.isi.edu/nsnam/ns/ [17] Assenmacher, S., Killat, M., Schmidt-Eisenlohr, F., Vortisch, P.: A simulative approach for the identification of potentials and impacts of v2x-communication. In: Proceedings of the 15th World Congress on Intelligent Transport Systems (2008)

Effectiveness of AODV Protocol under Hidden Node Environment Ruchi Garg1, Himanshu Sharma2, and Sumit Kumar3 1

Electronics and Communication Engineering Maharishi Markandeshwar University Ambala, Haryana, India [email protected] 2 Electronics and Communication Engineering Maharishi Markandeshwar University Ambala, Haryana, India [email protected] 3 Information Technology Technology Education and Research Institute Kurukshetra, Haryana, India [email protected] Abstract. IEEE 802.11 is a standard for mobile ad hoc networks (MANET), implemented with various different protocols. Ad Hoc on Demand Distance Vector Routing (AODV) is one of the several protocols of IEEE 802.11, intended to provide various Quality of Service (QOS) parameters under acceptable range. To avoid the collision and interference the MAC protocol has only two solutions, one, to sense the physical carrier and second, to use the RTS/CTS handshake mechanism. But with the help of these methods AODV is not free from the problem of hidden nodes like other several protocols. Under the hidden node environment, performance of AODV depends upon various factors. The position of receiver and sender among the other nodes is very crucial and it affects the performance. Under the various situations the AODV is simulated with the help of NS2 and the outcomes are discussed. Keywords: AODV; MANET, RTS/CTS; NS2, hidden nodes; MAC, protocol, IEEE 802.11, interference.

1 Introduction In ad hoc networks, dynamic topology and dynamic behavior of the nodes imposes an extensive contention for the shared wireless medium of 802.11. Simultaneous transmission of the packets in a network over the shared medium may cause a very poor performance. So if the virtual carrier sensing mechanism is not implemented properly the performance of any protocol may not be acceptable. If a protocol wants to transmit a packet from one node to another node successfully then there should be no interference of any other packet with this packet throughout the transmission. The interference caused by the other nodes can be avoided up to certain extent with the available methods of- RTS/CTS handshake and physical carrier sensing technique. But the power needed for interrupting a packet is much lower than the power needed T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 432–440, 2010. © Springer-Verlag Berlin Heidelberg 2010

Effectiveness of AODV Protocol under Hidden Node Environment

433

for a packet for its successful delivery. The physical medium sensing prevents the interference up to a considerable level but it is not very effective all the time, as the carrier sensing is performed at the sender’s end and has no idea about the exact situation at the receiver’s end. Similarly RTS/CTS handshake is unable to prevent the delivery of packet from the interferences in all the situations. Furthermore the broadcast and multicast frames are not guided by any acknowledgement and RTS/CTS mechanism.

n3 n1 n0 n4

n2

Fig. 1. Hidden nodes (n3, n4) for the node n0

The nodes fall in the interference range of a receiver are called hidden nodes. From Fig. 1, there are five nodes; transmission range of n0 is shown by a bold solid circle, where just solid circles are representing the transmission range of n1 and n2, similarly dotted circles are representing the range of n4 and n3. The double dot dashed circle is representing the interference range of node n0. Here considerable part is the interference range, as interference range is more than the twice of the transmission range, so as the area depicted for the interference range is quite large in the Fig. 1. Now, n4 and n3 falls in the interference range of n0, so n4 and n3 are the hidden nodes for n0 when n0 is in the receiving mode. Interference range has a drastic effect on the capacity of the bandwidth. Consider the figure Fig. 1, when n0 wants to receive a packet from n1, at the same time n0, n2, n3 and n4 should not transmit any packet in the same medium. So, here, the capacity is reduced to 1/5 of the channel bandwidth. Now, again consider the Fig. 1, if n3 and n4 are outside the interference range of n0, the capacity is reduced to 1/3 of the channel bandwidth. For the analysis of performance of ad hoc network under hidden nodes environment, AODV protocol is used here. AODV has self- configuring and selfhealing properties. It supports high mobility of nodes. For the simulation, testbed is using IEEE 802.11for physical layer, MAC layer and logical link layer to accomplish the wireless communication among the several nodes. In rest of the paper, related work, AODV protocol, simulation environment and results are discussed and followed by concluding remarks.

2 Related Works Number of protocols have been studied and designed to provide an effective protocol for wireless mobile ad hoc networks. AODV is an on-demand distance vector routing protocol, assumes that all links are symmetric.

434

R. Garg, H. Sharma, and S. Kumar

In [6], authors have evaluated the performance of AODV in a hybrid wireless mesh network using NS2 simulator, for varying levels of offered traffic loads and client speeds. The results discussed also indicate that the nodes are virtually isolated using MAC layer filtering and influenced by the co-channel interference. In a network, nodes may fall in gray area [5], result of various overlapped interference zones. The nodes which act as links in between receiver and transmitter and fall in the gray area is known as unstable link, the link which gives the fluctuating packet loss rate. The interference not only creates unstable links but create several other problems and some time show the unpredictable behaviour also. In mobile ad hoc networks, the topology used is mesh topology. But the intermediate links in between the receivers and transmitters, within a network make a different topology each time. These topological changes create different patterns of overlapped interference zones and thus give a varying throughput. In contrast to the related work, this paper is focused primarily with the hidden nodes problem and what may be the possible outcomes of AODV under this environment. The emphasis is on the different topological arrangements within the ad hoc networks and the behavior of hidden nodes when the nodes are mobile under certain circumstances.

3 IEEE 802.11 RTS/CTS IEEE 802.11 uses carrier sensing and virtual carrier sensing to avoid collisions. If a source node receives a CTS packet in response to its RTS packet, then the source transmits a data packet. If RTS/CTS packets are received by other nodes than the transmitter or receiver, these nodes defer these packets to avoid collisions and update their network allocation vector. Even with the availability of virtual sensing mechanism, the IEEE 802.11 is still suffering from the adverse effects of hidden nodes. The RTS/CTS can prevent a network from the hidden node problem if in a wireless LAN all nodes can sense each other’s transmission [4]. But it is not possible in AODV under the standard IEEE 802.11. Destination Node

Source Node RTS CTS

update RTS-NAV update CTS-NAV

DATA ACK

Fig. 2. RTS/CTS Mechanism

Effectiveness of AODV Protocol under Hidden Node Environment

435

4 AODV Protocol Overview Source Node

Destination Node

node 2

node 1

HELLO HELLO

HELLO RREQ RREQ RREP RREP DATA DATA --------OR---------

DATA

DATA

DATA DATA

X ACK ACK ACK --------OR---------

RERR

RERR

Fig. 3. AODV messaging

5 Test Environment In this paper, NS2 simulator is used to test the performance of AODV protocol under various conditions. The version of NS2 used is 2.31. The common parameters are tabulated below in table 1. Table 1. Test Parameters

Antenna Type Transmission Range Topology IEEE standard Interference Range Test Area Traffic Type Packet Size Propagation Model Routing Protocol

Omni Directional 250 m Mesh IEEE 802.11 550 m 800 x 800 m CBR (UDP) 512 bytes Two Ray Ground AODV

436

R. Garg, H. Sharma, and S. Kumar

For the test environment, certain assumptions have been made• All nodes have same transmission power. • All nodes have a single wireless transceiver. • Wireless antennas with all the nodes are omni-directional. • All nodes are working on one common channel.

6 Results and Analysis A number of tests have been conducted with the help of NS2 to understand the behaviour of AODV under hidden node environment and to understand the possible reasons. In the first test case, sender (n1) is mobile while receiver (n0) is fixed in a grip of interferences due to some hidden nodes. The arrangement of nodes is shown in the Fig. 4.

transmitter

n1

n0

receiver

d

Interference area not covered by RTS/CTS Fig. 4. Arrangement of nodes

Fig. 5. Throughput vs. distance between n0 and n1

Effectiveness of AODV Protocol under Hidden Node Environment

437

In the arrangement of nodes of Fig. 4, when the distance’d’ between receiver and transmitter exceeds more than 0.56 of Rtx (where Rtx is transmission range of transmitter), the effectiveness of RTS/CTS falls sharply [1] in IEEE 802.11. A simulation has been carried out for the Fig. 4. The results of simulation are shown in Fig. 5 and prove that this deterioration due to the distance is considerable in the case of AODV also; even though virtual carrier sensing mechanism is also adopted. To understand further, the degradation of the performance in AODV due to hidden nodes, another experiment is performed where two pairs of a transmitter and a receiver exists as shown in Fig. 6.

n0

n1

n2

n3

Fig. 6. Two pairs of transmitters and receivers

In the Fig. 6, node n0 is a sender for n1 and n3 is a sender for n2. By this arrangement, n3 is a hidden node for n1; similarly n0 is a hidden node for n2. During the simulation, distance‘d’ between the two pairs are going to vary. By this simulation, a very strange behaviour is observed as shown in the Fig. 7. As per the expectations, as

Fig. 7. Throughput vs. distance between n1 and n2

438

R. Garg, H. Sharma, and S. Kumar

the distance ’d’ will increase, the reception of packets at node n1 due to node n0 should not fall or it should increase even. But the graph in Fig. 7 shows that after a particular distance the curve falls and then after a certain gap it again achieves a remarkable height and this new height is more than the earlier height. When the distance‘d’ is increased RTS/CTS becomes ineffective in this arrangement and the expected curve does not appear. As the nodes n2, n3 moved away from n0, n1; the response of n1 (i.e. CTS) is not received by n3 because after certain distance n3 will come out of the transmission range of n1. Since interference range is more than the twice of the transmission range, so at that particular distance n1 is not free from interference due to the transmission of n3 for n2. But again after a certain distance, the curve in Fig.7 achieves good height. There is a reason behind this improvement, as both the pairs are moving away from each other they will come out of reach of each other by any means so the number of packets received at node n1 achieves a remarkable strength. Similarly, now it is free from any kind of interference so it attains a better strength than the earlier value also. The case illustrated in Fig.4, presents the results of intra-flow co-channel interference. But to understand further the problem of hidden nodes and the effectiveness of RTS/CTS in a case of inter-flow co-channel interference, a star topology, shown in Fig.8 is simulated and observed the results in Fig.9.

n0 n0

n0 n0 1

Fig. 8. Star topology of nodes

In Fig. 8, effect of the variation of distance‘d’ is studied on the receiver n4, when n3 is a transmitter for n4. At the same time, all other nodes i.e. n0, n1, n2 and n4 are stationary and n2 is a receiver of n0. The results obtained by this simulation are surprising and shown in Fig. 9. As per the expectations, as the distance‘d’ will increase, the curve should fall sharply, since ‘d’ will become an obstacle for the performance of RTS/CTS mechanism as discussed in Fig. 5 also.

Effectiveness of AODV Protocol under Hidden Node Environment

439

Fig. 9. Throughput vs. distance between n4 and n1

But it is very strange to observe that after certain distance curve is coming up and shows a considerable improvement. It is considerable to note that in the case of inter-flow co-channel interference the throughput is considerable low at every point. Other important factor is to understand why the curve is coming up after a certain distance. Since as the distance‘d’ will increase, at a certain point the node n4 will come out of the interference of n0 and n2. If n4 is out of the reach of hidden nodes then throughput should be increased at this node.

7 Conclusion A number of tests have been simulated and studied for the protocol AODV. A common problem observed is a performance degradation and unexpected behaviour due to interflow and intra-flow co-channel interference. Similarly performance of AODV also depends upon the topology of the nodes taking part in the communication. RTS/CTS is one mechanism to solve the problem of interference but the results are satisfactory within certain conditions only. So in future the work should be done by other mechanism to solve this problem of interference with better results. In totality paper highlighted the inconsistent behaviour of RTS/CTS in the case of AODV protocol.

References [1] Gerla, K.X., Sang Bae, M.: How effective is the IEEE 802.11 RTS/CTS handshake in ad hoc networks. In: Global Telecommunications Conference, GLOBECOM 2002, November 17-21, vol. 1, pp. 72–76. IEEE, Los Alamitos (2002) [2] Pirzada, A.A., Wishart, R., Portmann, M.: Congestion Aware Routing in Hybrid Wireless Mesh Networks. In: 15th IEEE International Conference on Networks, ICON 2007, November 19-21, pp. 513–518 (2007)

440

R. Garg, H. Sharma, and S. Kumar

[3] NS-2 Simulator, http://www.isi.edu/nsnam/ns/tutorial/index.html [4] Xu, S., Saadawi, T.: Does the IEEE 802.11 MAC Protocol Work Well in Multihop Wireless Ad Hoc Networks? IEEE Communications Magazine, 130–137 (June 2001) [5] Ye, F., Zhou, Z., Niu, Z.: Exploit the capacity of unstable links in AODV-based ad hoc networks. In: Asia-Pacific Coference on Communications, APCC 2006, pp. 1–5 (August 2006) [6] Hu, P., Pirzada, A.A., Portmann, M.: Experimental Evaluation of AODV in a Hybrid Wireless Mesh Network. In: The 5th Workshop on the Internet, Telecommunications and Signal Processing (WITSP 2006), December 11-13 (2006) [7] Rahman, A.h.A., Zukarnain, Z.A.: Performance Comparison of AODV, DSDV and IDSDV Routing Protocols in mobile Ad Hoc Networks. European Journal of Scientific Research 31(4), 566–576 (2009) [8] Perkins, C.E., Royer, E.M.: Ad-hoc On-Demand Distance Vector Routing. In: 2nd IEEE Workshop on Mobile Computing Systems and Applications, pp. 90–100 (Feburary 1999) [9] Chakeres, I.D., Belding-Royer, E.M.: AODV Routing Protocol Implementation Design. In: 24th International Conference on Distributed Computing Systems Workshops - W6: WWAN (ICDCSW 2004), vol. 6, pp. 698–703 (2004)

Prevention of Malicious Nodes Communication in MANETs by Using Authorized Tokens N. Chandrakant1, , P. Deepa Shenoy1 , K.R. Venugopal1 , and L.M. Patnaik2 1

2

Department of Computer Science and Engineering University Visvesvaraya College of Engineering Bangalore University, India Vice Chancellor, Defence Institute of Advanced Technology, India [email protected]

Abstract. A rapid increase of wireless networks and mobile computing applications has changed the landscape of network security. A MANET is more susceptible to the attacks than wired network. As a result, attacks with malicious intent have been and will be devised to take advantage of these vulnerabilities and to cripple the MANET operation. Hence we need to search for new architecture and mechanisms to protect the wireless networks and mobile computing applications. In this paper, we examine the nodes that come under the vicinity of base node and members of the network and communication is provided to genuine nodes only. It is found that the proposed algorithm is a effective algorithm for security in MANETs.

1

Introduction

A Mobile Ad Hoc Network (MANET) is a network consisting of set of nodes capable of communicating with each other without the help of network infrastructure as depicted in Fig 1. MANETs are basically used in rescue work, battlefield applications, outdoor meeting, or an ad-hoc classroom. With the increasing number of applications to harness the advantages of Ad-Hoc Networks, more concerns arise for security issues in MANETs. The architecture of ad- hoc networks poses a great challenge to system security designers due to the following reasons: lack of online trusted third party, limited energy consumption and computation capabilities which makes them more susceptible to denial of service, trusted node being compromised and then being used by adversary to launch attacks on networks. Security services for MANETs includes authentication, confidentiality, integrity, non-repudiation, and availability. The wireless network is handy to both legitimate network users and malicious attackers. Attackers may encroach into the network through the subverted nodes. In spite of the dynamic nature, mobile users may apply for anytime, anywhere security services as they are in motion from one place to another. As a result, a security solution is required which has both extensive protection and desirable network performance. 

Corresponding author.

T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 441–449, 2010. c Springer-Verlag Berlin Heidelberg 2010 

442

N. Chandrakant et al.

Fig. 1. Structure of MANETs

To make progress in the MANETs, there is a need to focus on the development of better security requirements, and preventing malicious node access. Our supposition is that applying a security modelling and security evidence collection framework in the network can increase the level of security. The deficiency of coordination point in MANETs makes it difficult to have centralized information about the nodes in the network. Hence a Message Authentication Code [1] or token is used. Many integrity and confidentiality attacks are possible in MANETs since the transmission used is of type broadcast, where every node in the transmission range can have enough information about the nodes and routing which allow unwanted users to read, delete, edit or reply to the messages. The malicious nodes or selfish nodes can have a detrimental effect on the network; hence it can degrade the network throughput considerably. Thus it is required to search for a new architecture and mechanisms to protect the wireless networks. In this paper we examine the nodes that come under the vicinity of base node and the vicinity of members. Any node that visits the network has to send a message or a token to the central or base node before communicating with neighbours, however even if it communicates, the neighbour will not respond unless visitor gets a valid token from the base node. The proposed algorithm prevents the malicious node to be the part of the network and hence provides better security to MANETS. This paper has the following sections, Section 2 gives an overview of previous schemes is presented. Section 3 describes the architecture of MANETs. In Section 4, we present the proposed model with token distribution and different communication scenarios; Section 5 gives an overview of implementation. Finally, Section 6 gives the conclusion.

Prevention of Malicious Nodes in MANETs

2

443

Related Work

S. Marti et al in [2] presented two techniques that improve the throughput in an ad hoc network in the presence of nodes that agree to forward data packets. The concept of a watchdog that detects malicious nodes and the concept of a pathrater that helps the routing protocols circumvent these paths are introduced. However the approach adopted fails to detect collusion among nodes, receiver collision etc. L. Zhou et al., [3] have analyzed the security threats to an ad hoc network faces and present the security objectives that need to be achieved. On one hand, the security-sensitive applications of ad hoc networks require a high degree of security; on the other hand, ad hoc networks are incredibly vulnerable to security attacks. Therefore, security mechanisms are essential for ad hoc networks. The peculiarity of ad hoc networks poses both challenges and opportunities for these mechanisms. Authentication architecture for mobile ad hoc networks is proposed in [4]. The scheme details the formats of messages, together with protocols that achieve authentication. The architecture can accommodate different authentication schemes; key management service is a prerequisite for such security architecture. A. Patcha and A. Mishra [5] have presented some extensions to the watchdog concept in scenarios where there is no a priori trust relationship between the nodes. Their initial results are promising and indicated a solution towards the detection and isolation of malicious nodes in the network either working alone or colluding with other malicious nodes to bring the network down. Y Zhang et. al., [6] introduces a new intrusion detection architecture for MANETs and presents a multilayer integrated intrusion detection and response scheme. In [7] a two-step secure authentication approach for multicast MANETs is proposed. First, a Markov chain trust model is proposed to determine the Trust Value (TV) for each one-hop neighbour. A nodes TV is analysed from its previous trust manner that was performed in this group. The proposed trust model is proven as continuous-time Markov chain model. Second, the node with the highest TV in a group will be selected as the certificate authentication (CA) server. To increase reliability, the node with the second highest TV will be selected as the backup CA server for primary CA. The security analysis of each procedure is analysed to guarantee that the proposed approach achieves a secure reliable authentication in multicast MANETs. In [8] a SCAN mechanism whereby each node of the ad hoc network is required to hold a token in order to contribute in the network operations is proposed. Tokens are granted to a node collaboratively by its neighbours based on the monitoring of the nodes involvement to packet forwarding and routing operations. However, one drawback of SCAN is that the legitimate nodes also have a non-zero, though quite small, probability of being incorrectly accused. There have been many research efforts to overcome the security concerns in on demand routing protocols in mobile ad hoc networks such as authentication, intrusion detection, data encryption etc. [9], [10], [11].

444

3

N. Chandrakant et al.

MANETs Architecture

The architectural model and security issues in each layer for MANETs as shown in Fig. 2. The intrusion avoidance mechanisms like encryption and signature do not eliminate the need for intrusion or misbehaviour detection and response. Although the intrusion or misbehaviour detection and response mechanisms are not distinctively specified in the system architecture, they are very important in MANETs security system and can be deployed in any layer of the system architecture according to the security requirements in each layer. A layered architecture can provide such advantages as modularity, simplicity, flexibility, and standardization of protocols.

Fig. 2. Architecture of MANETs

Prevention of Malicious Nodes in MANETs

4

445

The Proposed Algorithm

The proposed algorithm will be placed in base node and member node. All nodes are homogeneous in nature, their transmission ranges are assumed to be the same. Active node: A node that is participating in network communication actively. Known node: This is called as history node or old neighbour. Unknown node: This is a new node and ready to enter the network. Log Table: This is a network table contains node address, entry date-time, exit date-time, number of visits and status of node. The Log Table is required for base node and members of the network. The Log table of base node contains details of all nodes and its properties, hence it is called as global table. The Table 1 shows the logged records whenever entry or exit of the node happens. Member Log table is useful when a known node revisits a network within token expiry time, then such node need not go to base node for token renewal. There are 3 cases where we need to update the Log Tables during visiting, revisiting and departing time. There are three scenarios, firstly, Known node enters into network, secondly, Unknown node enters into network and finally, Known node leaves the network, in all these scenarios Log Table of base node and members should be updated with node address. The procedures to update the log table for different scenarios, approving and disapproving the cases are described in the following.

N1 N2 N3 N1 : Nm

4.1

Entry-date and time 05/05/2010 22:33 06/05/2010 21:31 07/05/2010 11:27 08/05/2010 11:00 : 05/05/2010 13:03

Exit-date and time 05/05/2010 23:33 06/05/2010 23:33 07/05/2010 11:55 08/05/2010 11:24 : 05/05/2010 15:57

Number of visits Maliciousness Node

Node-address

Table 1. Log Table

1 1 1 2 : 5

NO NO NO NO : YES

Known Node Enters into Network

The node N 1 is a legitimate active node in the network and X is a known node. The process of communications is explained in the following steps.

446

N. Chandrakant et al.

Step1: X sends a message or old token to the base node and N 1 for communication permission. Step2: Both base node and N 1 will cross check in their Log Tables whether X has visited earlier. Step3: Then base node will evaluate the node X with respect to security measures, if it is a legitimate node then sends an enhanced token to node X with Log updation. Base node will not send any token to malicious node and mark it as M alicious = Y es in Log Table for future use. Step4: X sends an enhanced token to intended neighbour for communication. Then updates their Log Table. Step5: N 1 validates the token and approves for the communication with Log Table updation. Step6: X is ready for communication and it updates their Log Table too. 4.2

Unknown Node Enters into Network

The node N 1 is a legitimate active node in network and X is an unknown node. Step1: X sends a message to base node and N 1 for communication permission. Step2: Both base node and N 1 will cross check in their Log Tables whether X has visited earlier. Step3: Then base node will evaluate node X with respect to security measures using the technique proposed in [7] by Ben-Jye Chang, Szu-Liang Kuo, if it is not a malicious node then it sends a new token to node X with Log updation. If it is a malicious node then base node will not send any token to this node and mark it as M alicious = Y es in the Log Table for future use. Step4: X sends a new token to intended neighbour for communication. Then it updates its Log Table. Step5: N 1 validates the token and approves for the communication along with Log Table updation. Step6: X can proceed with communication and it updates their Log Table. 4.3

Known Node Leaves the Network

The node N 1 is a legitimate active node in network and X is known node but it is moving out of the network. Unknown node will become known node after a visit, because Log Tables will have a history for that node. Step1: X need not send a message to base node or to N 1; by default token validity will be expired after a fixed time. Step2: Log Table of the base node and node N 1 will be updated with exit date, time and status. 4.4

Approve for Legitimate or Non-Malicious Node

Fig 3 shows the process of sending a token to the legitimate node and it involves the following steps,

Prevention of Malicious Nodes in MANETs

447

Step1: Request for new Token or renewal of the existing one. Step2: Sending a new/updated Token. Step3: Sending a Token to neighbour. Step4: Neighbour validates the Token and approves the request for communication. Here all the above steps involve Log Table updation.

Fig. 3. Sending a token for legitimate node

Fig. 4. Rejecting a token for malicious node

448

4.5

N. Chandrakant et al.

Disapprove for Malicious Node

Fig 4 shows the process of rejecting a request (in other terms base node does not reply to the seeker) and it involves the following steps, Step1: The node X enters into the network. Request for new Token or renewal of the existing one. But base node doesnt give any reply as it confirmed that X is a non-trusted node. A node cannot communicate with neighbors without a valid token.

5

Experiments and Results

This section shows the overview of simulation of ad-hoc network communication based on the algorithm 1 described in Section 4. This work has been carried out using JAVA. The most important class of the project is the class Manets. It keeps all other parts collectively and gets everything to work. This is where the main method of the whole project is located. This also includes starting the client applications. HistoryLogTable class preserves all transactions related to communication between nodes. Node class specifies all properties of nodes. Algorithm class does the approving and disapproving the nodes as described in Section 4. The token renewal process is similar to SCAN [8] scheme. However, SCAN provides a network-layer security solution that encompasses all three components of protection, detection, and reaction. In our paper method to avoid the communication after detecting a node as malicious node in any communication stage by maintaining history table is also proposed. In the proposed implementation the user is given flexibility to change all the parameters at runtime in the Ad hoc network. Algorithm 1. Preventing Malicious Nodes Communication in MANETs Require: Initialize BaseN ode, memberN odes, X 1: while i <= number of nodes do 2: if X enters the vicinity of particular node then 3: if X is already visited and X is not a Malicious node then 4: Update with current time stamp and sends old token 5: else 6: X sends its testimonials to BaseN ode to get a token and evaluation continues 7: end if 8: else 9: update with current time stamp for X and Basenode 10: end if 11: end while

Prevention of Malicious Nodes in MANETs

6

449

Conclusion

Security solutions are important issues for MANETs, especially for those of sensitive applications. It is shown that even SCAN [8] might predict legitimate node as malicious node in some instances. In this paper an algorithm is proposed to avoid the malicious node into MANETs. It is found that the malicious node would not be a part of communication in the network. Hence this algorithm is one of the effective algorithms for security in MANETs. Research work is in progress.

References 1. Papadopoulos, K., Zahariadis, T., Leligou, N., Voliotis, S.: Sensor networks security issues in augmented home environment, pp. 1–4 (2008) 2. Marti, S., Giuli, T.J., Lai, K., Baker, M.: Mitigating routing misbehavior in mobile ad hoc networks. In: International Conference on Mobile Computing and Networking, pp. 255–265 (2000) 3. Zhou, L., Haas, Z.: Secure ad hoc networks. IEEE Network Magazine 13, 14–30 (1999) 4. Jacobs, S., Corion, M.S.: Wnet authentication architecture. Internet draft (1999) 5. Patcha, A., Mishra, A.: Collaborative security architecture for black hole attack prevention in mobile ad hoc networks. In: Radio and Wireless Conference: RAWCON 2003, pp. 75–78 (2003) 6. Zhang, Y., Lee, W.: Intrusion detection in wireless ad hoc networks. In: International Conference on Mobile Computing and Networking, pp. 275–283 (2000) 7. Chang, B.: Markov chain trust model for trust-value analysis and key management in distributed multicast manets. IEEE Transactions On Vehicular Technology 58 (2009) 8. Yang, H., Shu, J., Meng, X., Lu, S.: Scan: Self-organized network layer security in mobile ad hoc networks. IEEE JSAC Special Issue on Security in Wireless Ad Hoc Networks 24, 262–273 (2006) 9. Dahill, B., Levine, B., Royer, E., Shields, C.: A secure routing protocol for ad hoc networks 13, 78–87 (1999) 10. Kong, J., Zerfos, P., Luo, H., Lu, S., Zhang, L.: Providing robust and ubiquitous security support for mobile ad-hoc networks. In: International Conference on Network Protocols, pp. 251–260 (2001) 11. Papadimitratos, P., Hass, Z.: Secure data communication in mobile ad hoc networks. IEEE Network Magazine 24, 343–356 (2006)

Performance Evaluation of FAST TCP Traffic-Flows in Multihomed MANETs Mumajjed Ul Mudassir1 and Adeel Akram2 1 Air University, Sector E-9, Islamabad, Pakistan University of Engineering and Technology, Taxila, Pakistan [email protected], [email protected] 2

Abstract. In Mobile Ad hoc Networks (MANETs) an efficient communication protocol is required at the transport layer. Mobile nodes moving around will have temporary and rather short-lived connectivity with each other and the Internet, thus requiring efficient utilization of network resources. Moreover the problems arising due to high mobility, collision and congestion must also be considered. Multihoming allows higher reliability and enhancement of network throughput. FAST TCP is a new promising transport layer protocol developed for high-speed high-latency networks. In this paper, we have analyzed the performance of FAST TCP traffic flows in multihomed MANETs and compared it with standard TCP (TCP Reno) traffic flows in non-multihomed MANETs. Keywords: MANETs, Multihoming, Performance, FAST TCP.

1 Introduction A Mobile Ad hoc Network (MANET) or Mobile Mesh Network is a self-organizing network of mobile devices (also referred as host or node) connected wirelessly. Each MANET node is free to move in any direction, and will therefore frequently change its links to other devices. Each device must be able to forward its own as well as other nodes' traffic acting as a router. The main difficulty in creating a MANET is equipping each device for continuous maintenance of the information required to properly route traffic [1]. Multihoming [2] is defined as a technique by which a host can access a remote destination by using two or more connections. These connections are typically from separate Internet Service Providers. At a certain time, the Internet connection may be disrupted at physical layer and this can lead to a link failure. To overcome such a situation and to protect against link failure the host must switch to a different Internet Service Provider. Thus a host with such ability can be recognized as a reliable host [3]. Such a host is said to be a multihomed host that contains multiple IP addresses [4]. The multihoming technique can also be implemented in a host with multiple network interfaces [9]. In MANETs, the mobile nodes moving at high speeds suffer network failures that results in reduced overall throughput. When the number of mobile nodes increases in T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 450–458, 2010. © Springer-Verlag Berlin Heidelberg 2010

Performance Evaluation of FAST TCP Traffic-flows in Multihomed MANETs

451

a MANET more delay is introduced in transmission and reception of data than what can be efficiently managed by the transport protocol. In case of network failure, multihoming can provide good throughput per session. If a connection fails then the data can be re-routed through another path and if both the connections are alive then the data can also be transmitted concurrently. Multihoming is mostly implemented using SCTP protocol. But unfortunately SCTP doesn’t perform well in high speeds and high latency networks. Several researches have shown that FAST TCP is a good solution for high speed networks. The objective is to simulate FAST TCP connection in a multihomed MANET so that the overall throughput can be increased. The rest of the paper is structured as follows: In 2nd section we describe the concept and key features of FAST TCP and its comparison with standard TCP (TCP Reno) protocol. In 3rd section the performance comparison is done with the help of different simulations in ns2 [10][11][12]. We have used a FAST TCP module [13] and integrated it in ns2 after necessary changes required to implement our proposed design. In all our simulations we have assumed that there is no error or delay due to interference or multipath fading. GNUPLOT was used to sketch the results. Section 4 describes the conclusions and finally the references are provided at the end.

2 FAST TCP For high-speed long distance connections a new and efficient protocol FAST TCP [5] is used. This protocol is a variation of standard TCP (TCP Reno) [7]. FAST TCP uses a delay-based congestion control algorithm to improve the performance of standard TCP. In SCTP and standard TCP utilizes packet loss for estimation of congestion. To adjust congestion widow, both SCTP and TCP rely only on packet loss but the FAST TCP technique uses both packet loss and queuing delay as signals of congestion, and this makes it different from the loss based congestion control schemes [7][8]. To control congestion FAST TCP uses queuing delay and at low speeds it does not perform well as compared to loss-based approach, but the results are excellent at high speed. The window calculation mechanism of FAST TCP consists of three phases: Slow Start (SS), multiplicative increase (MI), and exponential convergence (EC). Slow Start is almost the same as in standard TCP Reno with a small variation that when the number of packets queued in the network exceeds a threshold gamma then instead of using packet loss, FAST TCP exits Slow Start. Whenever a connection falls below equilibrium, FAST TCP uses MI to rapidly move it closer to equilibrium. FAST TCP also uses a protection mechanism in both multiplicative increase and exponential convergence by increasing or decreasing a window on alternative RTTs. In exponential convergence phase the window increases exponentially and in each update interval the window slides half-way between the current value and the target. The time of convergence is measured in multiples of 10 ms. The window size is updated by using the parameters of the following algorithm [3], as given in eq. (1).

452

M.U. Mudassir and A. Akram

w←min{2w,(1- γ)w + γ((baseRTT/RTT)w+ α (w,qdelay))}

(1)

Where γ є [0, 1], baseRTT is the current minimum RTT, and qdelay represents the end-to-end queuing delay (average). The constant α is the number of packets each flow attempts to maintain in the network buffer(s) at equilibrium [7]. We conclude that FAST TCP mainly addresses the four main problems of TCP Reno in networks with high capacities and large latencies. Its window adjustment is equation based, under which the network moves rapidly toward equilibrium when the current state is far away and slows down when it approaches the equilibrium. In addition to packet loss, FAST TCP uses queuing delay as a congestion signal. Queuing delay provides a finer measure of congestion and scales naturally with network capacity [5].

3 Experimental Setup We now give the details of our experimental setup and the simulation results. The simulations were done in Network Simulator (ns2) for Linux. The final results are sketched using GNUPLOT. All the wireless communication is done using IEEE 802.11 standard with a data rate of 2Mbps. We have used a CBR traffic generator. 3.1 Setup 1 In the first setup we have used a MANET with twelve nodes. The routing protocol used is AODV. The ./setdest command in ns2 is used to generate a node movement file. The file defines a movement pattern for twelve nodes moving randomly in an area of 500 x 500 m with random speeds. The maximum speed limit for any node is 1000 m/s. Two nodes Node1 and Node2 in the MANET are wirelessly communicating with each other by using a TCP Reno connection. The communication range for each node is 250 m. The signal from the sending node Node1 reaches the receiving node Node2 by hopping over the remaining nodes. If Node2 comes out of the communication range of Node1, no data packets are received. And we say that a network failure has occurred. The simulation results are shown in Fig. 1. The distance between Node1 and Node2 at different simulation instances is plotted in Fig. 2. 3.2 Setup 2 In the second setup we have used a FAST TCP connection between Node1 and Node2. The rest of the parameters are the same. By plotting the results we observed that the throughput decreased a bit. Fig. 3 shows the simulation results. The distance between the two moving nodes over various intervals of time is plotted in Fig.4.

Performance Evaluation of FAST TCP Traffic-flows in Multihomed MANETs

453

Fig. 1. Throughput achieved by TCP Reno in a MANET with 12 nodes moving randomly in an area of 500mx500m

Fig. 2. Distance between the two moving nodes Node1 and Node2 over various intervals of time (TCP Reno case)

454

M.U. Mudassir and A. Akram

Fig. 3. Throughput achieved by FAST TCP in a MANET with 12 nodes moving randomly in an area of 500mx500m

Fig. 4. Distance between the two moving nodes Node1 and Node2 over various intervals of time (FAST TCP case)

Performance Evaluation of FAST TCP Traffic-flows in Multihomed MANETs

455

3.3 Setup 3 In the third setup the number of nodes was increased from 12 to 52. Rest of the settings, were same. The results were sketched again first by using TCP Reno connection and then by using the FAST TCP connection between the nodes. The throughput achieved by using a FAST TCP connection between the nodes was clearly higher than that of a simple TCP Reno connection. The simulation results for this scenario are shown in Fig. 5 and Fig. 6. 3.4 Setup 4 In the fourth setup we simulated a multihomed FAST TCP connection between the two nodes. Each node has two interfaces with wireless connections. Mutihoming is implemented at the transport layer. Now the receiving node can receive data via two separate wireless links concurrently. Link1 is simulated as a link which is always alive and no network failure occurs. The throughput achieved by FAST TCP over Link1 is shown in Fig. 7. Link2 is simulated as a connection with frequent network failures and has the same characteristics as shown in Fig. 4. The throughput achieved over Link2 by FAST TCP is plotted in Fig. 8. If a network failure occurs at Link2 then all the packets are re-routed through Link1. Finally the aggregate throughput of both the links are shown in Fig. 9.

Fig. 5. Throughput achieved by TCP Reno in a MANET with 52 nodes moving randomly in an area of 500mx500m

456

M.U. Mudassir and A. Akram

Fig. 6. Throughput achieved by Fast TCP in a MANET with 52 nodes moving randomly in an area of 500mx500m

Fig. 7. Throughput achieved by Fast TCP over link1 (with no network failures) in a multihomed MANET with 52 nodes moving randomly in an area of 500mx500m

Performance Evaluation of FAST TCP Traffic-flows in Multihomed MANETs

457

Fig. 8. Throughput achieved by Fast TCP over link2 (with some network failures) in a multihomed MANET with 52 nodes moving randomly in an area of 500mx500m

Fig. 9. Aggregate throughput of Link1 and Link2 in a multihomed MANET

458

M.U. Mudassir and A. Akram

4 Conclusions In this paper, we analyzed the performance of FAST TCP protocol in high speed and long latency MANETs. The simulation results clearly show that as the number of mobile nodes increase in a MANET the throughput starts increasing also. The idea of multihoming with FAST TCP in MANETs is a new idea and the simulations have proved that it can raise the throughput of a session , and in real scenarios the throughput can be increased to almost 60 to 70 percent. We are still investigating its performance under different circumstances. In future we would like to enhance this research for Vehicular Ad hoc Networks (VANETs).

References 1. Wiki on Mobile ad hoc network, http://en.wikipedia.org/wiki/Mobile_ad_hoc_network 2. Ohta, M.: The Architecture of End to End Multihoming. Internet-draft, IETF, draft-ohta e2emultihoming-03.txt (November 2002) 3. Arshad, M., Junaid, M.M.: Saleem: Issues of multihoming implementation using Fast TCP: a simulation based analysis. IJCSNS International Journal of Computer Science and Network Security 8(9) (September 2008) 4. Braden, R.: Requirements for Internet Hosts – Communication Layers. RFC1122, IETF (October 1989) 5. Jin, C., Wei, D., Low, S.H.: FAST TCP: motivation, architecture, algorithms, performance. Tech. Rep. CaltechCSTR: 2003.010, Caltech, Pasadena CA (2003) 6. CMU Monarch project, Computer Science Department, Canergie Mellon University, Pittsburgh.: The CMU Monarch project’s wireless and mobility extensions to ns (1999) 7. Allman, M., Paxson, V., Stevens, W.: TCP Congestion Control. RFC2581, IETF (April 1999) 8. Stewart, R., Xie, Q., Morneault, K., Sharp, C., Schwarzbauer, H., Taylor, T., Rytina, I., Kalla, M., Zhang, L., Paxon, V.: Stream Control Transmission Protocol. RFC 2960 (October 2000) 9. Calvo, R.A., Campo, J.P.: Adding Multiple Interface Support in NS-2, http://personales.unican.es/aguerocr/files/ ucMultiIfacesSupport.pdf 10. Wang, Q., Zhang, T.: Simulating Wireless Multihomed Node in NS-2 11. VINT Project, Network Simulator ns-2, http://www.isi.edu/nsnam/ns/ 12. Fall, K., Varadhan, K.: The ns Manual. The VINT Project, UC Berkeley, LBL, USC/ISI, and Xerox PARC (2006) 13. Cui, T., Andrew, L.: FAST TCP module for ns-2, http://cubinlab.ee.mu.oz.au/ns2fasttcp

Fault Tolerant Implementation of Xilinx Vertex FPGA for Sensor Systems through On-Chip System Evolution S.P. Anandaraj1, R. Naveen Kumar2, S. Ravi3, and S.S.V.N. Sharma4 1

Department of CSE, St.Peter’s University, Chennai – 600 054 Dept. of Informatics, Kakatiya University, Warangal – 506 011 3 Department of ECE, Dr. M.G.R University, Chennai – 600 095 4 Dept. of Informatics, Kakatiya University, Warangal – 506 011 2

Abstract. Nowadays, majority of applications struggle to achieve good behavior of their subsystems by cooperation of systems, which is independently designed, separately located, but mutually affecting subsystems. Such coordinating systems are hard to attain the specific structural models and effective parameters. In such cases, the evolved hardware (EHW) methods with evolutionary Algorithms (EA) to achieve sophisticated level of information [2]. Numeral systems were introduced with evolvable hardware on a single chip to overcome the lack of flexibility, with the support of modifiable evolutionary algorithm stored in software on a built-in processor. This paper proposed the architecture with Xilinx Virtex-II Pro FPGA with interfaced PowerPC processor. Due to this speedy processing, time consumption in hardware and also allows other parts to be easily modifiable software. The proposed technique will provide more benefits in the future work as regards cost and compactness [1]. The system was completely analyzed on physical devices with software executing in parallel with fitness computation in digital logic circuits, and the results determine that the system uses only double the time when compared to a PC running at 10 times faster clock speed[6].

1 Introduction To achieving time in real-time evolvable systems is too difficult. Apart from that, cost and compactness is also a vital factor. Integration of a system is important on a single chip with these factors. More number of techniques was found out earlier. Kajitani et al introduced several Large-Scale Integrated Circuits with evolvable hardware. This approach provided speedy processing but system has deficiency in flexibility. So, many degrees of freedom should be considered while realizing evolvable hardware systems. VLSI (Very Large-Scale Integration) Poetic chips have also been described for On-chip evolution [6]. A Robot Controller was designed with architecture that contains 32-bit on-chip custom processor and bio-motivated arrays of building blocks. So, the chips are dedicated for the implementation of bio-motivated mechanisms [5]. This paper exhibits how a general FPGA (Field Programmable Gate Array) provides a medium for OnChip System progression. This on-chip system evolved by integrating the software T.-h. Kim et al. (Eds.): FGCN 2010, Part II, CCIS 120, pp. 459–468, 2010. © Springer-Verlag Berlin Heidelberg 2010

460

S.P. Anandaraj et al.

running on a PCprocessor with the evolvable hardware implemented in digital logic with reconfigurable approach. So, it allows fast fitness computation normally the time consumption part of evolution by measuring fitness in hardware communicating with processor within same evolved hardware chip. Tufte and Haddow proposed FPGA with complete evolution implementation. Evolutionary mechanisms are also implemented in the evolving design [8]. A similar system is proposed by Perkins et al. This system achieved speedup in non-linear filtering when compared to conventional processing. Shackle ford et al has introduced many custom accelerators in FPGA for solving a challenged folding problem. Then, Sekanina reported Virtex XC2V3000 FPGA with complete running evolution [7]. This evolution is implemented in modifiable logic with 3x3 and 3x4 bit multipliers. This paper represents the work with XC2VP7 Virtex-II Pro FPGA with reconfigurable logic, a PowerPC 405hard-core processor block, and on-chip RAM and high speed serial links for external interfaces. This work is based on the designing of co-processor for analog neural network ASIC. In contrast to, evolution of digital circuits and evolutionary system is focused in a single device [3]. The balanced software-hardware approach will provide low implementation effort on a single chip design, suited for interfaced real-world applications. The most important stimulus of producing single processing unit with On-chip evolution and fitness computations, Which is allowed for real time scalable systems. The connection of number of such processing units into a grid, achieves parallel processing [3]. Thus, this system architecture will be very scalable and flexible. Software plays major role in affording flexibility, in addition the hardware also comparatively easy to modify in the system architecture [2]. This paper also discusses about the system performance by taking into many experimentation on evolving small multiplier circuits. This document explains the speed of evolution apart from evolution of very large and composite Circuits.

2 System Architecture with Virtex-II Pro FPGA with Evolutionary Algorithm 2.1 Xilinx Vertex-II Pro (XC2VP7-FG456-7) FPGA The system is implemented with Xilinx Virtex-II Pro (XC2VP7-FG456-7) FPGA [7], operates with 11,088 Logical Cell Units, 792 Kbit dual-port SRAM – otherwise named as BRAM (Block Select RAM), and PowerPC405 (PPC) processor and shown in Fig.1. The maximum speed of the PowerPc405 Processor is 300MHZ. The FPGA is situated on a Memec Design Virtex-II Pro development board, has dual Xilinx XC18V04 with well configured EEPROMs. 32MB SDRAM, Rocket I/O ports, as RS232 port, an LCD panel and other useful connections.

Fault Tolerant Implementation of Xilinx Vertex FPGA for Sensor Systems

461

Fig. 1. Virtex –II Pro FPGA

2.2 Evolvable Hardware Architecture with Evolutionary Algorithm on FPGA The Xilinx Virtex-II Pro FPGA has interfacing of Embedded Development Kit (EDK), collection of logical Property (LP) cores and tools for building systems [8]. Hardware and Software parts of the system can be specified parametrically through various configuration files, net details and libraries are generated automatically. The

 3RZHU 'DWD 0HPRU\ 3& 3UR  .% FHVVRU  %5$0 

,QVWUQ 0HPRU\

WƌŽŐƌĂŵ DĞŵŽƌLJ ;ϲϰ<ZDͿ



W> (YROYDEOH +DUGZDUH



ƌŝĚŐĞ ;W>ϮϬWͿ

WĞƌŝƉŚĞƌĂůƐ

     

KW 8$57 56,I 

>/ͬ&



^ZD DĞŵŽƌLJ /ͬ&

  Fig. 2. System architecture with Evolvable Hardware (EHW)

462

S.P. Anandaraj et al.

system architectural units contain set of modules communicated with buses. Two numbers of buses are used to connect on-chip peripherals, namely the Processor Local Bus (PLB) and On-chip Peripheral Bus (OPB). The PLB is a high-performance 64bit data path bus and OPB is a 32-bit wide bus designed for peripherals with lower requirements [5]. Both the buses runs at different clock domains and bridge is used to interconnect the buses in the operations and Shown in below Fig.2. The fig.2 shows the interconnection of PLB and OPB with various communication intensive units. The PLB is connected with PowerPC processor (CPU) and 64KB BRAM for executing program instructions. The PowerPC Processor is embedded with two On-Chip Memories, 16KB BRAM and 8KB instruction Cache(IC). Both of the memories act as interfaces between FPGA and PPC unit. The 16KB BRAM in PPC is used for Storage of data-side Memory unit and 8KB BRAM acts as instruction side memory space. These interfaces are usually used for executing instructions and data caches, which is already embedded in BRAM. The On-Chip memories interface with PLB Bus interconnection is benefited in such a way that no bus arbitration is needed for accessing memory, instruction and data access do not have to share the same interfaces. The On-chip Memory (OCM) is used for storage for all program data and increases program execution speed, i.e. twice the speed for program execution by introducing instruction caching and thrice the speed for accessing all program data through data side interface [1]. The On-Chip Peripheral Bus (OPB) is connected with target Evolvable Hardware (EHW) and also with a wide range of On-Chip Peripherals, UART for RS232 interface for serial communications [7], LCD interface and LED interface and made known in Fig.2. 2.3 Realization of Genetic Algorithm on PowerPC Processor The PowerPC Processor operates the Genetic Algorithm (GA) by the Program written in C language, it is compiled and linked using PPC405 version of GNU GCC compiler tools [8]. When implementing the Genetic Algorithm (GA) on PPC system, some system limitations have to be considered like program memory and floating point operations. The program memory is limited one. A maximum of 64 KB of BRAM was allowed for the executable size. Even though, there exists 32MB of SDRAM on the development board, it was decided to only use BRAM internal to FPGA. This BRAM operates in faster manner and allows the program to be loaded directly from the bit stream that configures the FPGA [12]. During the execution of parallel processing, large program fitted in BRAM should be loaded into SDRAM using boot loader from external nonvolatile memory during initialization. SDRAM acts as data storage, but it will be slower when data cache is used. In PPC405 version, floating point operations are not supported. Floating point operation in C programs is used, when floating point co-processor is available. Recursive floating point is not effective in case of speedy processing, which results the increase in program size [10]. This restriction in C language leads us to use C++ language for minimizing the use of standard library functions. To achieve the speedy processing, fixed point or integer points should be implemented to reduce the program executable size.

Fault Tolerant Implementation of Xilinx Vertex FPGA for Sensor Systems

463

The C-Programming in PowerPC Processor abandons the use of library functions, mainly floating point operations, leads us slightly complicated implementation and results in time consumption. However, the degree of program flexibility and the speed of algorithm implementation is very high compare to assembly programming or other interactive hardware solutions. By considering the restrictions, the program was developed mostly using Microsoft’s Visual Studio, it runs on both PC and FPGA platform. Some few source codes of lines have to be written more specifically for the PPC[11]. The PC version of the program is equally fast as if it would have been developed for PC only. The algorithm implemented in this experiment follows Genetic Programming, defined by Goldberg. Fitness computations are used as proportionate selection scheme through the use of roulette wheel mechanism. Qsort algorithm is used to sort the individual data inputs. For mutation, instead of having one probability of mutation for every bit in the genome, a quicker solution has been adopted [12]. The number of mutations n, for the whole genome is calculated by random lookup in a 10-position array. Then, n random placed are bit-flipped in genome. This calculations are more efficient then checking every bit if mutation takes place or not. 2.4 Implementation of Evolvable Hardware for System Flexibility The Fig.2 represents the implementation of target evolvable hardware (EHW) on OPB slave bus. Xilinx IP line hub is used to interface OPB bus in simpler way for the user model. This interface device is connected in both OPB and PLB buses. The adaptation of target EHW to the PLB bus is an easier task due to IP line hub. Control and configuration of the EHW is done through register Write operations in C++. Genome values are written to registers which are again connected to the configuration inputs of each functional module. Registers are also provided for EHW for getting inputs and for storage of outputs. KW

 KW /ŶƚĞƌĨĂĐĞ /W/ŝͬĨ

/ͬW

&ƵŶĐƚŝŽŶĂůhŶŝƚ DĞŵŽƌLJ ŽŶĨŝŐ

ŽŶƚƌŽů>ŝŶŬƐ

Fig. 3. EHW design

KͬW

464

S.P. Anandaraj et al.

The functional unit in Fig. 3 is the core of EHW, which performs all the functionalities like processing inputs, carry out mathematical operation on inputs, and storage of output. Each and every functional unit gets three inputs are a time. Each of the input signals can be inverted. Each input unit can perform all the four functions: BUF, MUX, AND, XOR. The functional units and its three inputs are configurable and determined by genetic programming [2]. In functional units of the genome string are encoded and shown below. Input data1 (4 bits)

Input data 2 (4 bits)

Input data 3 (4 bits)

Function Unit (2 bits)

Out of 4 bits each input, one bit can be inverted in toggling, remaining 3 bits used for output from the previous layer. For our array consisted for 6 layers with 8 units, the genome string line becomes 672 bit long by calculations[5]. The array is built in parallel approach, and registers are interfaced to the output of each layer. Only one training vector is calculated at a time. 2.5 GA Constraints and Fitness Computations For the system development, constrains are used with size of 20. Exclusive constraints are used for selecting best performing parameter to be carried for next iteration. The crossover rate of each individual is 0,5 and replication rate is 0.5. A roulette wheel selection scheme is applied and linear scaling is used as Fitness computations [9]. The transformation rate is expressed as probability for number of inputs n. The probability for each input is shown in below table 1. Table 1. Input Probabilities

No. of inputs (X)

Probability value P(N)

0

1/10

1

6/10

2

2/10

3

1/10

4

6/10

Fault Tolerant Implementation of Xilinx Vertex FPGA for Sensor Systems

465

The Fitness Computation (F) is used for analyzing the input(x) with the following function [3],

For the given input, the computed output y is compared to the target output d. If y=d, then addition function is generated used GA and 1 is added to fitness function (F). Then, the function sums these values for the output to be displayed and is used stored in truth table vectors.

3 Experimental Outcomes In this sector, the system is analyzed and represented with below parameters. 3.1 Device Flexibility and Speed Rate The above table.2 represents the amount of device utilization for target evolvable hardware (EHW), contains 8x6 functional memory modules. During the execution, utmost 20% of FPGA overall devices are used. The entire system device utilization including bus construction and peripherals is 43%. The system constitutes Xilinx Vertex-II pro FPGA, relative small when compared with devices up to 1, 42,000 logical units [12]. The device utilization specifies the use of large composite FPGAs to increase more system flexibility. The utmost clock rate in this system reached 200 MHZ frequency for PowerPC processor and 50 MHZ for the remaining part of the system, which comprises both PLB and OPB modules equally. The predicted speed rate for PowerPC processor is 300 MHZ and 100 MHZ for the remaining system. This could be overcome by implementing high speed processor. Table 2. EHW Device Performance Rate

Devices/ Characteristics Used Available System Performance %

Chip Flip Parts Flops (FF) 1025 896 4928 9856

Input LUTs

20

12

9

1231 9856

466

S.P. Anandaraj et al.

3.2 Evolution Rate Evolution runs were conducted on specified on-chip system and a Pentium 4(P4) terminal is used evaluate speed rate. The Pentium4 terminal has a clock speed of 2GHZ. For the speed test, 10,000 probability of 20 data which are specified individually. The fitness evaluation was for 2x2 bit multiplier, thus 16 input/output units were used. Table 3. GA with fitness evaluation speed

Design Fitness parameter without GA Fitness Parameter with GA Total % of Fitness Time

Power Power4 PC Processor Processor (sec) (sec) 8.3

1.3

20

8.6

59

85

Table.3 indicates the comparison of execution speed of GA parameters without fitness and with fitness. The table.3 indicates the use of P4 processor is running at higher clock speed and operates with more well-organized memories interface and caches. But in terms of evolution speed, PowerPC processor provides 65%, whereas P4 processor provides 30% evolution speed in case of executing lower instructions per clock cycle. 3.3 Circuit Design On-chip system is designed with 2x2 bit multiplier, used after 5702 iterations over 10 progressions. Same on-chip was used on PC terminal for testing; it resulted in the average of 5649 iterations [6]. The different values can be described by various programs using probability number generators. This results were resembled in FPGA implementation, and works perfectly providing on-chip flexibility.

4 Future Developments The specified on-chip system design should be examined completely for gaining higher clock speed rate. To achieve this, higher bus speed will be resolution for the reconfiguration phase in target evolvable hardware (EHW). If, this bus is interfaced with target EHW to PLB bus, then extensive data path will be achieved [11]. The PPC’s data BRAM can be connected with other BRAM, so, dual-ported Data BRAM will be implemented [5].

Fault Tolerant Implementation of Xilinx Vertex FPGA for Sensor Systems

467

To increase the speed rate, fitness evaluations should be modified. Definite software functions also should be moved into hardware units. Mainly for digital systems with labeled training examples, it will be beneficial to formulate the system that inputs the EHW unit with one labeled example per clock cycle. Since the functional memory modules are pipelined, the number of cycles needed for one complete GA parameters, which would be approximately equal to the number of training vectors. By using more number of EHW units on the same chip, high degree of hardware specialization will be achieved with reduced cost and with higher development work. This paper presents the outcome of our primary experiments on the progressed platform on the implementation of PowerPC Processor on the evolving hardware. This makes us to achieve real-world applications with on-chip flexibility [11]. The most part of the computational time is used for fitness evaluation for small multipliers in small circuits also. So, it results in the more data’s to be evaluated with time used for small computations. Additionally, more flexibility is significant with evolutionary and bio-inspired techniques. This is attained in our platform with PPC consisting the blocks not critical on estimation of time.

5 Conclusions This paper discusses the approach of using Evolvable hardware in digital circuit’s results in emerging of technology, On-chip system flexibility using FPGA. Mainly, this work centers the prospective of running o EHW on embedded PowerPC processor in FPGA. The very initial test on system on evaluating performance is little bit compromising, but, anyway it results in cost effective solution to embedded systems.

References 1. Hollingsworth, G., Smith, S., Tyrrell, A.: Design of Highly Parallel Edge Detection Nodes using Evolutionary Techniques. In: Proceedings of the 7th Euro Micro Workshop on Parallel and Distributed Processing, pp. 35–42. IEEE, Los Alamitos (1999) 2. Layzell, P.: Reducing Hardware Evolution’s Dependency on FPGAs. In: Proceedings of the Seventh International Conference on Microelectronics for Neural, Fuzzy and BioInspired Systems (Micron euro 1999), pp. 171–178. IEEE, Los Alamitos (1999) 3. Clark, G.R.: A Novel Function-Level EHW Architecture within Modern FPGAs. In: Proceedings of the Congress on Evolutionary Computation (CEC 1999). IEEE, Los Alamitos (1999); Hollingworth, G., Smith, S., Tyrrell, A.: Safe Intrinsic Evolution of Virtex Devices. In: Proceedings of the Second NASA/DoD Workshop on Evolvable Hardware, pp. 195–202. IEEE, Los Alamitos (2000) 4. Thompson, A., Harvey, I., Husbands, P.: The natural way to evolve hardware. In: Proc. IEEE Int. Symp. Circuits Syst., pp. 37–40 (1996) 5. Hereford, J., Pruitt, C.: Robust sensor systems using evolvable hardware. In: Proc. NASA/DoD Conf. Evolvable Hardware, Seattle, WA, pp. 161–168 (June 2004) 6. Thompson, A., Harvey, I., Husbands, P.: The natural way to evolve hardware. In: Proc. IEEE Int. Symp. Circuits Syst., pp. 37–40 (1996) 7. Sun, X., Xu, J., Chan, B., Trouborst, P.: Novel Technique for Built-In Self-Test of FPGA Interconnects. In: Proc. Of IEEE International Test Conference, pp. 795–803 (2000)

468

S.P. Anandaraj et al.

8. Programmable Data Book, Xilinx Inc. (2003) 9. Renovell, M., Portal, J.M., Figuras, J., Zorian, Y.: Testing the Interconnect of RAM-Based FPGAs. In: IEEE Designand Test of Computers, pp. 45–50 (1998) 10. Feng, W., Chen, X., Meyer, F.J., Lombardi, F.: Reconfiguration of One-Time Programmable FPGAs with Faulty Logic Resources. In: Proc. IEEE International Symposium on Defect and Fault Tolerance in VLSI Systems, pp. 368–376 (1999) 11. Sekanina, L.: Toward uniform approach to design of evolvable hardware based systems. In: Grünbacher, H., Hartenstein, R.W. (eds.) FPL 2000. LNCS, vol. 1896, pp. 814–817. Springer, Heidelberg (2000) 12. Torresen, J.: Possibilities and limitations of applying evolvable hardware to real-world application 13. Hartenstein, R.W., et al. (eds.): FPL 2000. LNCS, vol. 1896, pp. 230–239. Springer, Heidelberg (2000)

Author Index

Abad, Javad Mohebbi Najm II-1 Abdelli, Abdelkrim I-85 Aboul-Dahab, Mohamed A. I-121 Agrawal, K.P. II-405 Ahn, Hyosik II-198, II-205 Akram, Adeel II-450 Aliahmadipour, Laya II-71 Anandaraj, S.P. II-459 Asadinia, Sanaz II-11, II-112 Back, Sung-Hyun I-217 Bae, Kyeong-Ryeol II-343 Benkaouha, Haroun I-85 Bouyahia, Karima I-85 Busanelli, Stefano I-137, I-188 Cagalaban, Giovanni I-1, II-276 Chandrakant, N. II-441 Chang, Hyokyung II-198, II-205, II-214 Chen, Tien-ho I-46 Cheong, Seung-Kook I-132 Cho, Choong Sang II-162 Cho, Kee Seong I-37, I-56 Choi, Euiin II-198, II-205, II-214 Choi, Seong Gon I-37, I-56 Choi, Seong-Yong I-66 Choi, Seung Ho II-138 Choi, Song Ha II-148, II-155 Choi, Sung-Ja II-218 Chu, William C. I-227 Chun, Chan Jun II-162 Chun, Myung Geun II-188 Colace, Francesco II-83 Dardzinska, Agnieszka II-22 Deng, Shaoyi II-63 De Santo, Massimo II-83 EL-Badawy, Hesham M. I-121 Entezari, Negin II-41, II-51 Esmailpour, Babak II-1

Farahmand, Hossein II-123 Ferrandino, Salvatore II-83 Ferrari, Gianluigi I-137, I-188 Gangarde, Arun D. II-347 Garg, Ruchi II-432 Geetha, T.L. II-370 Gong, Zhenghu I-15 Ha, Deock-Ho II-311, II-316 Ha, Ok-Kyoon II-227, II-238 Han, Jechan I-112 Han, Jungyoo II-330 Hashim, Rathiah I-237 Hayder, Syed Irfan II-354 Herawan, Tutut I-237 Hsiang, Han-chen I-46 Hsu, Chien-Lung I-23 Ikhmatiar, Mohammad S. I-237 Iotti, Nicola I-137 Jadhav, Shrikant.S. II-347 Jang, Bokman II-198, II-205 Jang, Bong-Im I-180 Jang, Jong-Wook I-217 Jang, Sei-Jin II-180 Jang, Seok-Woo II-247 Javidi, Mohammad M. II-71, II-93 Jeon, HahnEarl I-76, I-104 Jeong, Dong-Gyu II-223 Jeong, Yoon-Su I-164 Jin, Ik Soo II-262, II-284 Jo, Sungdong II-180 Jun, Yong-Kee II-227, II-238 Jung, Min A. II-138 Jung, Sungmo I-10, II-276 Kaloune, Yasmina I-85 Kanavalli, Anita II-370 Kang, Byeong Gwon II-335 Kang, Sanggil I-199

470

Author Index

Karmin, Masiri I-237 Khan, Jahangir II-354 Khanam, Solima II-247 Khanpara, Pimal II-393 Khattab, Maged M. I-121 Kil, Kijeong II-330 Kim, Duk Su II-155 Kim, Hae Geun I-207 Kim, Hak-Man I-199 Kim, Hong Kook II-138, II-148, II-155, II-162, II-172, II-180 Kim, Hwa-Suk I-37, I-56 Kim, Hwa-Sun I-217 Kim, Hyun Jong I-37 Kim, Jaewoo I-76 Kim, Jang-Ju I-217 Kim, Jin-il II-321 Kim, Jin-Su I-66 Kim, Ji Woon II-148, II-155 Kim, Jong hyun II-268, II-276 Kim, Kam Yong I-56 Kim, Kyong-Hoon II-238 Kim, Mi-Jin I-217 Kim, Minseop II-330 Kim, Miso II-291 Kim, Myeong Bo II-148, II-155 Kim, SeogGyu I-104 Kim, Seoksoo I-1, I-10, II-268, II-276 Kim, Seung-Un II-311, II-316 Kim, Sung-gyu II-291 Kim, Sung-Woo II-311, II-316 Kim, Sun-Sook II-227 Kim, TaeHwan II-330 Kim, Yong Guk II-162, II-180 Kim, Yong-Tae I-147, I-155, I-164, I-180 Ko, Dae-Sik I-132 Kotecha, K. II-381, II-393, II-405 Kuh, In-Bon II-238 Kumar, R. Naveen II-459 Kumar, Sumit II-432 Kwak, Dongho II-330 Kwak, Jiwon II-330 Kwak, Yoonsik II-330 Lai, Chung-Che I-227 Lang, Bo II-31 Lee, Dongcheul II-301 Lee, Dong-Hyun II-316 Lee, Gang-Soo II-218

Lee, Hee-Hyol II-321 Lee, Jaiyong I-76, I-95, I-104, I-112 Lee, Jung-Hoon II-316 Lee, Jung-Hyun I-66 Lee, Kijeong I-147, I-155, II-291 Lee, Min Ji II-148 Lee, Sang Hoon II-262 Lee, Seok-Pil II-180 Lee, Seong Ro II-138 Lee, Yong Hwan II-343 Lee, Young Han II-155, II-162 Lee, Young-Hun II-223, II-321 Li, Hangyu II-31 Lim, Ji-hoon II-276 Lim, Sunggook I-95 Lim, Yujin I-199 Lin, Yu-Li I-23 Liu, Chenglian II-63 Liu, Jung-Chun I-227 Liu, Pin-chuan I-46 Martal` o, Marco I-137 Moon, Byungin II-343 Moradi, Parham II-41, II-51 Mudassir, Mumajjed Ul II-450 Naji, Hamid Reza II-123 Ni, Wenting II-31 Oh, BongHwan I-112 Oh, Yoo Rhee II-148 Ok, Seung-Ho II-343 Paik, Woojin II-247 Pakzad, Farzaneh II-11, II-112 Park, Byungjoo II-291, II-301 Park, Donghee II-330 Park, Gil-Cheol I-147, I-155, I-172, I-180 Park, Ji Hun II-172 Park, Nam In II-138 Park, Sangmoon II-330 Park, Seung-Hun II-316 Park, Seungjin II-102 Park, Seungkeun II-335 Park, Sungdo II-198, II-205 Park, Yang-Jae I-66 Park, You-Sin I-217 Patnaik, L.M. II-370, II-441 Ponomarev, Vasily II-130 Prinz, Vivian II-416

Author Index Rafsanjani, Marjan Kuchaki II-11, II-71, II-93, II-112 RashidiNejad, Masoud II-123 Ravi, S. II-459 Rezaee, Abbas Ali II-1 Rim, Kee-Wook I-66 Ryu, Jee-Youl II-311, II-316 Ryu, Joong-Kyung I-66 Schlichter, Johann II-416 Schweiger, Benno II-416 Seo, Dongil II-268 Sharma, Himanshu II-432 Sharma, S.S.V.N. II-459 Shenoy, P. Deepa II-370, II-441 Shih, Wei-kuan I-46 Shim, Jae Chan I-37 Shin, Min Hwa II-172 Shin, Yong-Nyuo II-188 Shiri, Mohammad E. II-41, II-51 Soh, Wooyoung II-268 Sohrabi, Mina II-93 Son, Hyeon-Sic II-343 Song, Do-Sun II-223 Song, Jae-gu I-10, II-268 Song, SeokIl II-330 Spigoni, Giovanni I-137

Su, Chain-Hui Surip, Miswan

471

I-23 I-237

Talati, Mikita V. II-381 Tandel, Purvi II-405 Tchamgoue, Guy Martin II-238 Tolentino, Randy S. I-147, I-155, II-291 Valiveti, Sharada Venugopal, K.R.

II-381, II-393, II-405 II-370, II-441

Woo, Dong-Hwi II-343 Wu, Tzong-Chen I-23 Xia, Yan

I-15

Yang, Chao-Tung I-227 Yang, Soomi II-255 Yeh, Hsiu-lien I-46 Yoo, Seong-Moo II-102 Yoon, Jae Sam II-148 Youn, MyungJun I-104 Yu, Myoung Ju I-56 Yu, Shih-Chi I-227 Zeng, Yingzhi I-15 Zhang, Jianghong II-63