BZPEERReading, trust and collaboration for research
Menu

Discover

GraphFollow connections around a paper, topic or saved view.

Workspaces

HomePick up where your research flow left off.InboxHandle requests, replies and notifications from one place.CollectionsCurate reading lists, evidence sets and shareable dossiers.ResearchSee your private provenance graph, trail and imports.CollaborationMove from discovery into focused discussion rooms.PublishDraft, preview and publish full-text research articles.

Network

ExpertsFind specialists worth following or asking for help.CommunitiesJoin research circles organized around shared work.PartnersSee external organizations active around the same topics.

Opportunities

ListingsBrowse roles, calls and collaborations with clearer fit signals.

Account

Log inReturn to your reading and collaboration workspace.Create accountStart saving work, following people and joining teams.
Log inCreate account

Researcher profile

Sugata Sanyal

Sugata Sanyal contributes to research discovery and scholarly infrastructure.

ResearcherAffiliation not importedOpen to collaborate
Cryptography and SecurityNetworking and Internet ArchitectureOther Computer ScienceArtificial IntelligenceNeural and Evolutionary ComputingNumerical AnalysisComputer Visioncs.CYDiscrete MathematicsEmerging TechnologiesGraphicsHuman-Computer InteractionInformation Theorymath.ITMultiagent Systems

Trust snapshot

Quick read

Trust 21 - EmergingVerification L1Unclaimed author
50works
0followers
15topics
4close collaborators

Actions

Decide how to stay connected

Follow researcher0

Identity and collaboration

How to connect with this researcher

Claiming links this public author record to a researcher profile and unlocks direct collaboration workflows.

Log in to claim

Direct collaboration

Open a focused conversation when the fit is right

Claim this author entity first to unlock direct invitations.

Research graph

See the researcher in context

Open full explorer

Inspect adjacent work, topics, institutions and collaborators without jumping out to a separate graph page.

Building this graph slice

BZPEER is loading the nearby papers, people, topics and institutions for this page.

Published work

50 published item(s)

preprint2013arXiv

A Survey on Security Issues in Cloud Computing

Cloud Computing holds the potential to eliminate the requirements for setting up of high-cost computing infrastructure for the IT-based solutions and services that the industry uses. It promises to provide a flexible IT architecture, accessible through internet for lightweight portable devices. This would allow many-fold increase in the capacity or capabilities of the existing and new software. In a cloud computing environment, the entire data reside over a set of networked resources, enabling the data to be accessed through virtual machines. Since these data centers may lie in any corner of the world beyond the reach and control of users, there are multifarious security and privacy challenges that need to be understood and taken care of. Also, one can never deny the possibility of a server breakdown that has been witnessed, rather quite often in the recent times. There are various issues that need to be dealt with respect to security and privacy in a cloud computing scenario. This extensive survey paper aims to elaborate and analyze the numerous unresolved issues threatening the Cloud computing adoption and diffusion affecting the various stake-holders linked to it.

0 citations0 reviewsNo code linkedOpen access
preprint2013arXiv

Cloud Computing -- An Approach with Modern Cryptography

In this paper we are proposing an algorithm which uses AES technique of 128/192/256 bit cipher key in encryption and decryption of data. AES provides high security as compared to other encryption techniques along with RSA. Cloud computing provides the customer with the requested services. It refers to applications and services that run on distributed network using virtualized resources and accessed by common IP and network standard. While providing data services it is becoming important to provide security for data. In cloud computing keeping data secure is an important issue to be focused. Even though AES was designed for military purposes, now a days it is been commercially adopted worldwide as it can encrypt most confidential document, as well as it can work in most restricted areas, and offers good defense against various attack techniques, and security level to protect data for next 2-3 decades.

0 citations0 reviewsNo code linkedOpen access
preprint2013arXiv

Detection and prevention of botnets and malware in an enterprise network

One of the most significant threats faced by enterprise networks today is from Bots. A Bot is a program that operates as an agent for a user and runs automated tasks over the internet, at a much higher rate than would be possible for a human alone. A collection of Bots in a network, used for malicious purposes is referred to as a Botnet. Bot attacks can range from localized attacks like key-logging to network intensive attacks like Distributed Denial of Service (DDoS). In this paper, we suggest a novel approach that can detect and combat Bots. The proposed solution adopts a two pronged strategy which we have classified into the standalone algorithm and the network algorithm. The standalone algorithm runs independently on each node of the network. It monitors the active processes on the node and tries to identify Bot processes using parameters such as response time and output to input traffic ratio. If a suspicious process has been identified the network algorithm is triggered. The network algorithm will then analyze conversations to and from the hosts of the network using the transport layer flow records. It then tries to deduce the Bot pattern as well as Bot signatures which can subsequently be used by the standalone algorithm to thwart Bot processes at their very onset.

0 citations0 reviewsNo code linkedOpen access
preprint2013arXiv

Finding Numerical Solutions of Diophantine Equations using Ant Colony Optimization

The paper attempts to find numerical solutions of Diophantine equations, a challenging problem as there are no general methods to find solutions of such equations. It uses the metaphor of foraging habits of real ants. The ant colony optimization based procedure starts with randomly assigned locations to a fixed number of artificial ants. Depending upon the quality of these positions, ants deposit pheromone at the nodes. A successor node is selected from the topological neighborhood of each of the nodes based on this stochastic pheromone deposit. If an ant bumps into an already encountered node, the pheromone is updated correspondingly. A suitably defined pheromone evaporation strategy guarantees that premature convergence does not take place. The experimental results, which compares with those of other machine intelligence techniques, validate the effectiveness of the proposed method.

0 citations0 reviewsNo code linkedOpen access
preprint2013arXiv

Impact of Mobile Transmitter Sources on Radio Frequency Wireless Energy Harvesting

Wireless energy harvesting sensor networks constitute a new paradigm, where the motes deployed in the field are no longer constrained by the limited battery resource, but are able to re-charge themselves through directed electromagnetic energy transfer. The energy sources, which we call actors, are mobile and move along pre-decided patterns while radiating an appropriate level of energy, sufficient enough to charge the sensors at an acceptable rate. This is the first work that investigates the impact of energy transfer, especially concerning the energy gain in the sensors, the energy spent by the actors, and the overall lifetime in the resulting mobile sensor-actor networks. We propose two event-specific mobility models, where the events occur at the centers of a Voronoi tessellation, and the actors move along either (i)the edges of the Voronoi cells, or (ii) directly from one event center to another. We undertake a comprehensive simulation based study using traces obtained from our experimental energy harvesting circuits powering Mica2 motes. Our results reveal several non-intuitive outcomes, and provide guidelines on which mobility model may be adopted based on the distribution of the events and actors.

0 citations0 reviewsNo code linkedOpen access
preprint2013arXiv

Increasing Security in Cloud Environment

The concept of cloud computing was introduced to meet the increase in demand for new application for a project, and to provide a large storage facility whenever or wherever a user needs it. The cloud system facility helped many industries as well as individual users to get authentic software at a very low cost. But with this new system comes the major concern of security, as the connection to the cloud is through the web and the data and application availability need to be handled for each client. The paper describes the various security measures that can be added in isolation or in combination for securing data transmission, server and client.

0 citations0 reviewsNo code linkedOpen access
preprint2013arXiv

Inter-Cloud Data Security Strategies

Cloud computing is a complex infrastructure of software, hardware, processing, and storage that is available as a service. Cloud computing offers immediate access to large numbers of the world's most sophisticated supercomputers and their corresponding processing power, interconnected at various locations around the world, proffering speed in the tens of trillions of computations per second. Information in databases and software scattered around the Internet. There are many service providers in the internet, we can call each service as a cloud, each cloud service will exchange data with other cloud, so when the data is exchanged between the clouds, there exist the problem of security. Security is an important issue for cloud computing, both in terms of legal compliance and user trust, and needs to be considered at every phase of design. In contrast to traditional solutions, where the IT services are under proper physical, logical and personnel controls, Cloud Computing moves the application software and databases to the large data centers, where the management of the data and services may not be trustworthy. This unique attribute, however, poses many new security challenges. Cloud computing seems to offer some incredible benefits for communicators.

0 citations0 reviewsNo code linkedOpen access
preprint2013arXiv

RISM -- Reputation Based Intrusion Detection System for Mobile Ad hoc Networks

This paper proposes a combination of an Intrusion Detection System with a routing protocol to strengthen the defense of a Mobile Ad hoc Network. Our system is Socially Inspired, since we use the new paradigm of Reputation inherited from human behavior. The proposed IDS also has a unique characteristic of being Semi-distributed, since it neither distributes its Observation results globally nor keeps them entirely locally; however, managing to communicate this vital information without accretion of the network traffic. This innovative approach also avoids void assumptions and complex calculations for calculating and maintaining trust values used to estimate the reliability of other nodes observations. A robust Path Manager and Monitor system and Redemption and Fading concepts are other salient features of this design. The design has shown to outperform normal DSR in terms of Packet Delivery Ratio and Routing Overhead even when up to half of nodes in the network behave as malicious.

0 citations0 reviewsNo code linkedOpen access
preprint2013arXiv

Secure Authentication of Cloud Data Mining API

Cloud computing is a revolutionary concept that has brought a paradigm shift in the IT world. This has made it possible to manage and run businesses without even setting up an IT infrastructure. It offers multi-fold benefits to the users moving to a cloud, while posing unknown security and privacy issues. User authentication is one such growing concern and is greatly needed in order to ensure privacy and security in a cloud computing environment. This paper discusses the security at different levels viz. network, application and virtualization, in a cloud computing environment. A security framework based on one-time pass key mechanism has been proposed. The uniqueness of the proposed security protocol lies in the fact, that it provides security to both the service providers as well the users in a highly conflicting cloud environment.

0 citations0 reviewsNo code linkedOpen access
preprint2012arXiv

A Connectionist Network Approach to Find Numerical Solutions of Diophantine Equations

The paper introduces a connectionist network approach to find numerical solutions of Diophantine equations as an attempt to address the famous Hilbert's tenth problem. The proposed methodology uses a three layer feed forward neural network with back propagation as sequential learning procedure to find numerical solutions of a class of Diophantine equations. It uses a dynamically constructed network architecture where number of nodes in the input layer is chosen based on the number of variables in the equation. The powers of the given Diophantine equation are taken as input to the input layer. The training of the network starts with initial random integral weights. The weights are updated based on the back propagation of the error values at the output layer. The optimization of weights is augmented by adding a momentum factor into the network. The optimized weights of the connection between the input layer and the hidden layer are taken as numerical solution of the given Diophantine equation. The procedure is validated using different Diophantine Equations of different number of variables and different powers.

0 citations0 reviewsNo code linkedOpen access
preprint2012arXiv

A Heuristic Reputation Based System to Detect Spam activities in a Social Networking Platform, HRSSSNP

The introduction of the social networking platform has drastically affected the way individuals interact. Even though most of the effects have been positive, there exist some serious threats associated with the interactions on a social networking website. A considerable proportion of the crimes that occur are initiated through a social networking platform [5]. Almost 33% of the crimes on the internet are initiated through a social networking website [5]. Moreover activities like spam messages create unnecessary traffic and might affect the user base of a social networking platform. As a result preventing interactions with malicious intent and spam activities becomes crucial. This work attempts to detect the same in a social networking platform by considering a social network as a weighted graph wherein each node, which represents an individual in the social network, stores activities of other nodes with respect to itself in an optimized format which is referred to as localized data-set. The weights associated with the edges in the graph represent the trust relationship between profiles. The weights of the edges along with the localized data-set is used to infer whether nodes in the social network are compromised and are performing spam or malicious activities.

0 citations0 reviewsNo code linkedOpen access
preprint2012arXiv

A Hybrid Approach Towards Intrusion Detection Based on Artificial Immune System and Soft Computing

A number of works in the field of intrusion detection have been based on Artificial Immune System and Soft Computing. Artificial Immune System based approaches attempt to leverage the adaptability, error tolerance, self- monitoring and distributed nature of Human Immune Systems. Whereas Soft Computing based approaches are instrumental in developing fuzzy rule based systems for detecting intrusions. They are computationally intensive and apply machine learning (both supervised and unsupervised) techniques to detect intrusions in a given system. A combination of these two approaches could provide significant advantages for intrusion detection. In this paper we attempt to leverage the adaptability of Artificial Immune System and the computation intensive nature of Soft Computing to develop a system that can effectively detect intrusions in a given network.

0 citations0 reviewsNo code linkedOpen access
preprint2012arXiv

A Multi-Dimensional approach towards Intrusion Detection System

In this paper, we suggest a multi-dimensional approach towards intrusion detection. Network and system usage parameters like source and destination IP addresses; source and destination ports; incoming and outgoing network traffic data rate and number of CPU cycles per request are divided into multiple dimensions. Rather than analyzing raw bytes of data corresponding to the values of the network parameters, a mature function is inferred during the training phase for each dimension. This mature function takes a dimension value as an input and returns a value that represents the level of abnormality in the system usage with respect to that dimension. This mature function is referred to as Individual Anomaly Indicator. Individual Anomaly Indicators recorded for each of the dimensions are then used to generate a Global Anomaly Indicator, a function with n variables (n is the number of dimensions) that provides the Global Anomaly Factor, an indicator of anomaly in the system usage based on all the dimensions considered together. The Global Anomaly Indicator inferred during the training phase is then used to detect anomaly in the network traffic during the detection phase. Network traffic data encountered during the detection phase is fed back to the system to improve the maturity of the Individual Anomaly Indicators and hence the Global Anomaly Indicator.

0 citations0 reviewsNo code linkedOpen access
preprint2012arXiv

A Review of Techniques to Mitigate Sybil Attacks

Any decentralised distributed network is particularly vulnerable to the Sybil attack wherein a malicious node masquerades as several different nodes, called Sybil nodes, simultaneously in an attempt to disrupt the proper functioning of the network. Such attacks may cause damage on a fairly large scale especially since they are difficult to detect and there has been no universally accepted scheme to counter them as yet. In this paper, we discuss the different kinds of Sybil attacks including those occurring in peer-to-peer reputation systems, self-organising networks and even social network systems. In addition, various methods that have been suggested over time to decrease or eliminate their risk completely are also analysed along with their modus operandi.

0 citations0 reviewsNo code linkedOpen access
preprint2012arXiv

A Survey on Various Data Hiding Techniques and their Comparative Analysis

With the explosive growth of internet and the fast communication techniques in recent years the security and the confidentiality of the sensitive data has become of prime and supreme importance and concern. To protect this data from unauthorized access and tampering various methods for data hiding like cryptography, hashing, authentication have been developed and are in practice today. In this paper we will be discussing one such data hiding technique called Steganography. Steganography is the process of concealing sensitive information in any media to transfer it securely over the underlying unreliable and unsecured communication network. Our paper presents a survey on various data hiding techniques in Steganography that are in practice today along with the comparative analysis of these techniques.

0 citations0 reviewsNo code linkedOpen access
preprint2012arXiv

Collusion resistant self-healing key distribution in mobile wireless networks

A fundamental concern of any secure group communication system is key management and wireless environments create new challenges. One core requirement in these emerging networks is self-healing. In systems where users can be offline and miss updates, self-healing allows a user to recover lost session keys and get back into the secure communication without putting extra burden on the group manager. Clearly, self-healing must only be available to authorized users. This paper fixes the problem of collusion attack in an existing self-healing key distribution scheme and provides a highly efficient scheme as compared to the existing works. It is computationally secure, resists collusion attacks made between newly joined users and revoked users and achieves forward and backward secrecy. Our security analysis is in an appropriate security model. Unlike the existing constructions, our scheme does not forbid revoked users from rejoining in later sessions.

0 citations0 reviewsNo code linkedOpen access
preprint2012arXiv

Implementation of a Real Time Passenger Information System

Intelligent Transportation Systems (ITS) are gaining recognition in developing countries like India. This paper describes the various components of our prototype implementation of a Real-time Passenger Information System (RTPIS) for a public transport system like a fleet of buses. Vehicle-mounted units, bus station units and a server located at the transport company premises comprise the system. The vehicle unit reports the current position of the vehicle to a central server periodically via General Packet Radio Service (GPRS). An Estimated Time of Arrival (ETA) algorithm running on the server predicts the arrival times of buses at their stops based on real-time observations of the buses' current Global Positioning System (GPS) coordinates. This information is displayed and announced to passengers at stops using station units, which periodically fetch the required ETA from the server via GPRS. Novel features of our prototype include: (a) a route creator utility which automatically creates new routes from scratch when a bus is driven along the new route, and (b) voice tagging of stops and points of interest along any route. Besides, the prototype provides: (i) web-based applications for passengers, providing useful information like a snapshot of present bus locations on the streets, and (ii) web-based analysis tools for the transport authority, providing information useful for fleet management, like number of trips undertaken by a specific bus. The prototype has been demonstrated in a campus environment, with four-wheelers and two-wheelers emulating buses. The automatic real-time passenger information system has the potential of making the public transport system an attractive alternative for city-dwellers, thereby contributing to fewer private vehicles on the road, leading to lower congestion levels and less pollution.

0 citations0 reviewsNo code linkedOpen access
preprint2012arXiv

Prover and Verifier Based Password Protection: PVBPP

In today's world password are mostly used for authentication. This makes them prone to various kinds of attacks like dictionary attacks. A dictionary attack is a method of breaking the password by systematically entering every word in a dictionary as a password. This attack leads to an overload on the server leading to denial of service attack. This paper presents a protocol to reduce the rate of dictionary attack by using a prover and a verifier system. This system makes it difficult for the attacker to prove it as a valid user by becoming computationally intensive. The rate of attempts is also reduced and thus restricting the Denial of Service attack.

0 citations0 reviewsNo code linkedOpen access
preprint2012arXiv

Reciprocally induced coevolution: A computational metaphor in Mathematics

Natural phenomenon of coevolution is the reciprocally induced evolutionary change between two or more species or population. Though this biological occurrence is a natural fact, there are only few attempts to use this as a simile in computation. This paper is an attempt to introduce reciprocally induced coevolution as a mechanism to counter problems faced by a typical genetic algorithm applied as an optimization technique. The domain selected for testing the efficacy of the procedure is the process of finding numerical solutions of Diophantine equations. Diophantine equations are polynomial equations in Mathematics where only integer solutions are sought. Such equations and its solutions are significant in three aspects-(i) historically they are important as Hilbert's tenth problem with a background of more than twenty six centuries; (ii) there are many modern application areas of Diophantine equations like public key cryptography and data dependency in super computers (iii) it has been proved that there does not exist any general method to find solutions of such equations. The proposed procedure has been tested with Diophantine equations with different powers and different number of variables.

0 citations0 reviewsNo code linkedOpen access
preprint2012arXiv

Rule Based Expert System for Cerebral Palsy Diagnosis

The use of Artificial Intelligence is finding prominence not only in core computer areas, but also in cross disciplinary areas including medical diagnosis. In this paper, we present a rule based Expert System used in diagnosis of Cerebral Palsy. The expert system takes user input and depending on the symptoms of the patient, diagnoses if the patient is suffering from Cerebral Palsy. The Expert System also classifies the Cerebral Palsy as mild, moderate or severe based on the presented symptoms.

0 citations0 reviewsNo code linkedOpen access
preprint2012arXiv

Rule Based Expert System for Diagnosis of Neuromuscular Disorders

In this paper, we discuss the implementation of a rule based expert system for diagnosing neuromuscular diseases. The proposed system is implemented as a rule based expert system in JESS for the diagnosis of Cerebral Palsy, Multiple Sclerosis, Muscular Dystrophy and Parkinson's disease. In the system, the user is presented with a list of questionnaires about the symptoms of the patients based on which the disease of the patient is diagnosed and possible treatment is suggested. The system can aid and support the patients suffering from neuromuscular diseases to get an idea of their disease and possible treatment for the disease.

0 citations0 reviewsNo code linkedOpen access
preprint2012arXiv

Security Architecture for Cluster based Ad Hoc Networks

Mobile Ad hoc Networks (MANETs) are subject to various kinds of attacks. Deploying security mechanisms is difficult due to inherent properties of ad hoc networks, such as the high dynamics of their topology, restricted bandwidth, and limited resources in end device. With such dynamicity in connectivity and limited resources it is not possible to deploy centralized security solution but distribution solution. The paper proposes architectural security concept in distributed manner where network is divided into clusters with one cluster head node each. This cluster head node also act as a router providing proactive hidden routing by using Steganographic methods for inter-cluster security. Besides cipher method is used to provide intra-cluster security. The proposed secure architecture specifies operational view of cluster head as a router that provides trust, anonymity and confidentiality through Steganography and Cryptography respectively.

0 citations0 reviewsNo code linkedOpen access
preprint2012arXiv

Sleep Deprivation Attack Detection in Wireless Sensor Network

Deployment of sensor network in hostile environment makes it mainly vulnerable to battery drainage attacks because it is impossible to recharge or replace the battery power of sensor nodes. Among different types of security threats, low power sensor nodes are immensely affected by the attacks which cause random drainage of the energy level of sensors, leading to death of the nodes. The most dangerous type of attack in this category is sleep deprivation, where target of the intruder is to maximize the power consumption of sensor nodes, so that their lifetime is minimized. Most of the existing works on sleep deprivation attack detection involve a lot of overhead, leading to poor throughput. The need of the day is to design a model for detecting intrusions accurately in an energy efficient manner. This paper proposes a hierarchical framework based on distributed collaborative mechanism for detecting sleep deprivation torture in wireless sensor network efficiently. Proposed model uses anomaly detection technique in two steps to reduce the probability of false intrusion.

0 citations0 reviewsNo code linkedOpen access
preprint2012arXiv

TSET: Token based Secure Electronic Transaction

Security and trust are the most important factors in online transaction, this paper introduces TSET a Token based Secure Electronic Transaction which is an improvement over the existing SET, Secure Electronic Transaction protocol. We take the concept of tokens in the TSET protocol to provide end to end security. It also provides trust evaluation mechanism so that trustworthiness of the merchants can be known by customers before being involved in the transaction. Moreover, we also propose a grading mechanism so that quality of service in the transactions improves.

0 citations0 reviewsNo code linkedOpen access
preprint2011arXiv

A Multi-Factor Security Protocol for Wireless Payment - Secure Web Authentication using Mobile Devices

Previous Web access authentication systems often use either the Web or the Mobile channel individually to confirm the claimed identity of the remote user. This paper proposes a new protocol using multifactor authentication system that is both secure and highly usable. It uses a novel approach based on Transaction Identification Code and SMS to enforce extra security level with the traditional Login/password system. The system provides a highly secure environment that is simple to use and deploy, that does not require any change in infrastructure or protocol of wireless networks. This Protocol for Wireless Payment is extended to provide two way authentications.

0 citations0 reviewsNo code linkedOpen access
preprint2011arXiv

A New Trusted and Collaborative Agent Based Approach for Ensuring Cloud Security

In order to determine the user's trust is a growing concern for ensuring privacy and security in a cloud computing environment. In cloud, user's data is stored in one or more remote server(s) which poses more security challenges for the system. One of the most important concerns is to protect user's sensitive information from other users and hackers that may cause data leakage in cloud storage. Having this security challenge in mind, this paper focuses on the development of a more secure cloud environment, to determine the trust of the service requesting authorities by using a novel VM (Virtual Machine) monitoring system. Moreover, this research aims towards proposing a new trusted and collaborative agent-based two-tier framework, titled WAY (Who Are You?), to protect cloud resources. The framework can be used to provide security in network, infrastructure, as well as data storage in a heterogeneous cloud platform. If the trust updating policy is based on network activities, then the framework can provide network security. Similarly, it provides storage security by monitoring unauthorized access activities by the Cloud Service Users (CSU). Infrastructure security can be provided by monitoring the use of privileged instructions within the isolated VMs. The uniqueness of the proposed security solution lies in the fact that it ensures security and privacy both at the service provider level as well as at the user level in a cloud environment.

0 citations0 reviewsNo code linkedOpen access
preprint2011arXiv

A Novel Multipath Approach to Security in Mobile Ad Hoc Networks (MANETs)

In this paper, we present a novel encryption-less algorithm to enhance security in transmission of data packets across mobile ad hoc networks. The paper hinges on the paradigm of multipath routing and exploits the properties of polynomials. The first step in the algorithm is to transform the data such that it is impossible to obtain any information without possessing the entire transformed data. The algorithm then uses an intuitively simple idea of a jigsaw puzzle to break the transformed data into multiple packets where these packets form the pieces of the puzzle. Then these packets are sent along disjoint paths to reach the receiver. A secure and efficient mechanism is provided to convey the information that is necessary for obtaining the original data at the receiver-end from its fragments in the packets, that is, for solving the jigsaw puzzle. The algorithm is designed to be secure so that no intermediate or unintended node can obtain the entire data. An authentication code is also used to ensure authenticity of every packet.

0 citations0 reviewsNo code linkedOpen access
preprint2011arXiv

A Stochastic Net Model for Controlling Bullwhip Effect in Virtual Multi-Tier Retail Network

Supply Chain operation is an integrated business process starting from primary supplier to end user and the process produce products, services and information. A successful chain will explore technology, lean operations, and quality management by adding value for customers and stakeholders. It is a strategic alliance among the partnering enterprises without geographical boundary. Every chain has its own unique set of market demands and operating challenges. Retailing is one such service domain of Supply Chain vulnerable to bullwhip effects. Demand uncertainty is one of the root causes of Bullwhip effects. This paper calls for modeling of a demand driven multi-tier stochastic Retail Chain to work against the Bullwhip effect. The proposed model of the operational chain will ensure significant return of share to the retailer through the sophisticated transaction management, real-time inventory management and the ability to track all inventory movements.

0 citations0 reviewsNo code linkedOpen access
preprint2011arXiv

CompChall: Addressing Password Guessing Attacks

Even though passwords are the most convenient means of authentication, they bring along themselves the threat of dictionary attacks. Dictionary attacks may be of two kinds: online and offline. While offline dictionary attacks are possible only if the adversary is able to collect data for a successful protocol execution by eavesdropping on the communication channel and can be successfully countered using public key cryptography, online dictionary attacks can be performed by anyone and there is no satisfactory solution to counter them. This paper presents a new authentication protocol which is called CompChall (computational challenge). The proposed protocol uses only one way hash functions as the building blocks and attempts to eliminate online dictionary attacks by implementing a challenge-response system. This challenge-response system is designed in a fashion that it does not pose any difficulty to a genuine user but is time consuming and computationally intensive for an adversary trying to launch a large number of login requests per unit time as in the case of an online dictionary attack. The protocol is stateless and thus less vulnerable to DoS (Denial of Service) attacks.

0 citations0 reviewsNo code linkedOpen access
preprint2011arXiv

Grid Security and Integration with Minimal Performance Degradation

Computational grids are believed to be the ultimate framework to meet the growing computational needs of the scientific community. Here, the processing power of geographically distributed resources working under different ownerships, having their own access policy, cost structure and the likes, is logically coupled to make them perform as a unified resource. The continuous increase of availability of high-bandwidth communication as well as powerful computers built of low-cost components further enhance chances of computational grids becoming a reality. However, the question of grid security remains one of the important open research issues. Here, we present some novel ideas about how to implement grid security, without appreciable performance degradation in grids. A suitable alternative to the computationally expensive encryption is suggested, which uses a key for message authentication. Methods of secure transfer and exchange of the required key(s) are also discussed.

0 citations0 reviewsNo code linkedOpen access
preprint2011arXiv

Modeling Smart Grid using Generalized Stochastic Petri Net

Building smart grid for power system is a major challenge for safe, automated and energy efficient usage of electricity. The full implementation of the smart grid will evolve over time. However, before a new set of infrastructures are invested to build the smart grid, proper modeling and analysis is needed to avoid wastage of resources. Modeling also helps to identify and prioritize appropriate systems parameters. In this paper, an all comprehensive model of smart grid have been proposed using Generalized Stochastic Petri Nets (GSPN). The model is used to analyze the constraints and deliverables of the smart power grid of future.

0 citations0 reviewsNo code linkedOpen access
preprint2011arXiv

QoS Routing using OLSR with Optimization for Flooding

Mobile Ad-hoc Network (MANET) is the self organizing collection of mobile nodes. The communication in MANET is done via a wireless media. Ad hoc wireless networks have massive commercial and military potential because of their mobility support. Due to demanding real time multimedia applications, Quality of Services (QoS) support in such infrastructure less networks have become essential. QoS routing in mobile Ad-Hoc networks is challenging due to rapid change in network topology. Consequently, the available state information for routing is inherently imprecise. QoS routing may suffer badly due to several factors including radio interference on available bandwidth, and inefficient flooding of information to the adjacent nodes. As a result the performance of the network degrades substantially. This paper aims at the solution for energy efficient QoS routing by best utilization of network resources such as energy and bandwidth. A comparative study shows that despite the overhead due to QoS management, this solution performs better than classical OLSR protocol in terms of QoS and efficient utilization of energy.

0 citations0 reviewsNo code linkedOpen access
preprint2011arXiv

Steganography and Steganalysis: Different Approaches

Steganography is the technique of hiding confidential information within any media. Steganography is often confused with cryptography because the two are similar in the way that they both are used to protect confidential information. The difference between the two is in the appearance in the processed output; the output of steganography operation is not apparently visible but in cryptography the output is scrambled so that it can draw attention. Steganlysis is process to detect of presence of steganography. In this article we have tried to elucidate the different approaches towards implementation of steganography using 'multimedia' file (text, static image, audio and video) and Network IP datagram as cover. Also some methods of steganalysis will be discussed.

0 citations0 reviewsNo code linkedOpen access
preprint2010arXiv

A Microwave Imaging and Enhancement Technique from Noisy Synthetic Data

An inverse iterative algorithm for microwave imaging based on moment method solution is presented here. The iterative scheme has been developed on constrained optimization technique and is certain to converge. Different mesh size for the model has been used here to overcome the Inverse Crime. The synthetic data at the receivers is contaminated with different percentage of noise. The ill-posedness of the problem is solved by Levenberg-Marquardt method. The algorithm is applied to synthetic data and the reconstructed image is then further enhanced through the Image enhancement technique

0 citations0 reviewsNo code linkedOpen access
preprint2010arXiv

A Novel Scheme for Secured Data Transfer Over Computer Networks

This paper presents a novel encryption-less algorithm to enhance security in transmission of data in networks. The algorithm uses an intuitively simple idea of a "jigsaw puzzle" to break the transformed data into multiple parts where these parts form the pieces of the puzzle. Then these parts are packaged into packets and sent to the receiver. A secure and efficient mechanism is provided to convey the information that is necessary for obtaining the original data at the receiver-end from its parts in the packets, that is, for solving the "jigsaw puzzle". The algorithm is designed to provide information-theoretic (that is, unconditional) security by the use of a one-time pad like scheme so that no intermediate or unintended node can obtain the entire data. A parallelizable design has been adopted for the implementation. An authentication code is also used to ensure authenticity of every packet.

0 citations0 reviewsNo code linkedOpen access
preprint2010arXiv

A Semi-distributed Reputation Based Intrusion Detection System for Mobile Adhoc Networks

A Mobile Adhoc Network (MANET) is a cooperative engagement of a collection of mobile nodes without any centralized access point or infrastructure to coordinate among the peers. The underlying concept of coordination among nodes in a cooperative MANET has induced in them a vulnerability to attacks due to issues like lack of fixed infrastructure, dynamically changing network topology, cooperative algorithms, lack of centralized monitoring and management point, and lack of a clear line of defense. We propose a semi-distributed approach towards Reputation Based Intrusion Detection System (IDS) that combines with the DSR routing protocol for strengthening the defense of a MANET. Our system inherits the features of reputation from human behavior, hence making the IDS socially inspired. It has a semi-distributed architecture as the critical observation results of the system are neither spread globally nor restricted locally. The system assigns maximum weightage to self observation by nodes for updating any reputation values, thus avoiding the need of a trust relationship between nodes. Our system is also unique in the sense that it features the concepts of Redemption and Fading with a robust Path Manager and Monitor system. Simulation studies show that DSR fortified with our system outperforms normal DSR in terms of the packet delivery ratio and routing overhead even when up to half of nodes in the network behave as malicious. Various parameters introduced such as timing window size, reputation update values, congestion parameter and other thresholds have been optimized over several simulation test runs of the system. By combining the semi-distributed architecture and other design essentials like path manager, monitor module, redemption and fading concepts; Our system proves to be robust enough to counter most common attacks in MANETs.

0 citations0 reviewsNo code linkedOpen access
preprint2010arXiv

A Spatial Crypto Technique for Secure Data Transmission

This paper presents a spatial encryption technique for secured transmission of data in networks. The algorithm is designed to break the ciphered data packets into multiple data which are to be packaged into a spatial template. A secure and efficient mechanism is provided to convey the information that is necessary for obtaining the original data at the receiver-end from its parts in the packets. An authentication code (MAC) is also used to ensure authenticity of every packet.

0 citations0 reviewsNo code linkedOpen access
preprint2010arXiv

A Very Simple Approach for 3-D to 2-D Mapping

Many times we need to plot 3-D functions e.g., in many scientificc experiments. To plot this 3-D functions on 2-D screen it requires some kind of mapping. Though OpenGL, DirectX etc 3-D rendering libraries have made this job very simple, still these libraries come with many complex pre- operations that are simply not intended, also to integrate these libraries with any kind of system is often a tough trial. This article presents a very simple method of mapping from 3D to 2D, that is free from any complex pre-operation, also it will work with any graphics system where we have some primitive 2-D graphics function. Also we discuss the inverse transform and how to do basic computer graphics transformations using our coordinate mapping system.

0 citations0 reviewsNo code linkedOpen access
preprint2010arXiv

ACRR: Ad Hoc On-Demand Distance Vector Routing with Controlled Route Requests

Reactive routing protocols like Ad Hoc On-Demand Distance Vector Routing (AODV) and Dynamic Source Routing (DSR)in Ad-Hoc Wireless Networks which are used in Mobile and Ad Hoc Networks (MANETs) work by flooding the network with control packets. There is generally a limit on the number of these packets that can be generated or forwarded. But a malicious node can disregard this limit and flood the network with fake control packets. These packets hog the limited bandwidth and processing power of genuine nodes in the network while being forwarded. Due to this, genuine route requests suffer and many routes either do not get a chance to materialize or they end up being longer than otherwise. In this paper we propose a non cryptographic solution to the above problem and prove its efficiency by means of simulation.

0 citations0 reviewsNo code linkedOpen access
preprint2010arXiv

An LSB Data Hiding Technique Using Prime Numbers

In this paper, a novel data hiding technique is proposed, as an improvement over the Fibonacci LSB data-hiding technique proposed by Battisti et al. First we mathematically model and generalize our approach. Then we propose our novel technique, based on decomposition of a number (pixel-value) in sum of prime numbers. The particular representation generates a different set of (virtual) bit-planes altogether, suitable for embedding purposes. They not only allow one to embed secret message in higher bit-planes but also do it without much distortion, with a much better stego-image quality, and in a reliable and secured manner, guaranteeing efficient retrieval of secret message. A comparative performance study between the classical Least Significant Bit (LSB)method, the Fibonacci LSB data-hiding technique and our proposed schemes has been done. Analysis indicates that image quality of the stego-image hidden by the technique using Fibonacci decomposition improves against that using simple LSB substitution method, while the same using the prime decomposition method improves drastically against that using Fibonacci decomposition technique. Experimental results show that, the stego-image is visually indistinguishable from the original cover-image.

0 citations0 reviewsNo code linkedOpen access
preprint2010arXiv

Data Hiding Techniques Using Prime and Natural Numbers

In this paper, a few novel data hiding techniques are proposed. These techniques are improvements over the classical LSB data hiding technique and the Fibonacci LSB data-hiding technique proposed by Battisti et al. \cite{r1}. The classical LSB technique is the simplest, but using this technique it is possible to embed only in first few bit-planes, since image quality becomes drastically distorted when embedding in higher bit-planes. Battisti et al. \cite{r1} proposed an improvement over this by using Fibonacci decomposition technique and generating a different set of virtual bit-planes all together, thereby increasing the number of bit-planes. In this paper, first we mathematically model and generalize this particular approach of virtual bit-plane generation. Then we propose two novel embedding techniques, both of which are special-cases of our generalized model. The first embedding scheme is based on decomposition of a number (pixel-value) in sum of prime numbers, while the second one is based on decomposition in sum of natural numbers. Each of these particular representations generates a different set of (virtual) bit-planes altogether, suitable for embedding purposes. They not only allow one to embed secret message in higher bit-planes but also do it without much distortion, with a much better stego-image quality, in a reliable and secured manner, guaranteeing efficient retrieval of secret message. A comparative performance study between the classical Least Significant Bit (LSB) method, the data hiding technique using Fibonacci -p-Sequence decomposition and our proposed schemes has been done. Theoretical analysis indicates that image quality of the stego-image hidden by the technique using Fibonacci decomposition improves against simple LSB substitution method, while the same using the prime decomposition method improves drastically against that using Fibonacci decomposition technique, and finally the natural number decomposition method is a further improvement against that using prime decomposition technique. Also, optimality for the last technique is proved. For both of our data-hiding techniques, the experimental results show that, the stego-image is visually indistinguishable from the original cover image.

0 citations0 reviewsNo code linkedOpen access
preprint2010arXiv

Embedding Secret Data in HTML Web Page

In this paper, we suggest a novel data hiding technique in an HTML Web page. HTML Tags are case insensitive and hence an alphabet in lowercase and one in uppercase present inside an HTML tag are interpreted in the same manner by the browser,i.e., change in case in an web page is imperceptible to the browser. We basically exploit this redundancy and use it to embed secret data inside an web page, with no changes visible to the user of the web page, so that he can not even suspect about the data hiding. The embedded data can be recovered by viewing the source of the HTML page. This technique can easily be extended to embed secret message inside any piece of source-code where the standard interpreter of that language is case-insensitive.

0 citations0 reviewsNo code linkedOpen access
preprint2010arXiv

Hiding Inside HTML and Other Source Codes

Many steganographic techniques were proposed for hiding secret message inside images, the simplest of them being the LSB data hiding. In this paper, we suggest a novel data hiding technique in an HTML Web page and also propose some simple techniques to extend the embedding technique to source codes written in any programming language (both case insensitive like HTML, Pascal and case sensitive languages like C, C++, Java). We basically try to exploit the case-redundancy in case-insensitive language, while we try hiding data with minimal changes in the source code (almost not raising suspicion). HTML Tags are case insensitive and hence an alphabet in lowercase and one in uppercase present inside an HTML tag are interpreted in the same manner by the browser, i.e., change in case in a web page is imperceptible to the browser. We first exploit this redundancy and use it to embed secret data inside an web page, with no changes visible to the user of the web page, so that he can not even suspect about the data hiding. The embedded data can be recovered by viewing the source of the HTML page. This technique can easily be extended to embed secret message inside any piece of source-code where the standard interpreter of that language is case-insensitive. For case-sensitive programming languages we do minimal changes in the source code (e.g., add an extra character in the token identified by the lexical analyzer) without violating the lexical and syntactic notation for that language) and try to make the change almost imperceptible.

0 citations0 reviewsNo code linkedOpen access
preprint2010arXiv

New Frontiers of Network Security: The Threat Within

Nearly 70% of information security threats originate from inside an organization. Opportunities for insider threats have been increasing at an alarming rate with the latest trends of mobility (portable devices like Laptop, smart phones etc.), ubiquitous connectivity (wireless or through 3G connectivity) and this trend increases as more and more web-based applications are made available over the Internet. Insider threats are generally caused by current or ex-employees, contractors or partners, who have authorized access to the organization's network and servers. Theft of confidential information is often for either material gain or for willful damage. Easy availability of hacking tools on the Internet, USB devices and wireless connectivity provide for easy break-ins. The net result is losses worth millions of dollars in terms of IP theft, leakage of customer / individual information, etc. This paper presents an understanding of Insider threats, attackers and their motives and suggests mitigation techniques at the organization level

0 citations0 reviewsNo code linkedOpen access
preprint2010arXiv

Particle Swarm Optimization Based Diophantine Equation Solver

The paper introduces particle swarm optimization as a viable strategy to find numerical solution of Diophantine equation, for which there exists no general method of finding solutions. The proposed methodology uses a population of integer particles. The candidate solutions in the feasible space are optimized to have better positions through particle best and global best positions. The methodology, which follows fully connected neighborhood topology, can offer many solutions of such equations.

0 citations0 reviewsNo code linkedOpen access
preprint2010arXiv

Piecemeal Journey To 'HALCYON' World Of Pervasive Computing : From past progress to future challenges

Although 'Halcyon' means serene environment which pervasive computing aims at, we have tried to present a different interpretation of this word. Through our approach, we look at it in context of achieving future 'calm technology'. The paper gives a general overview of the state of pervasive computing today, proposes the 'HALCYON Model' and outlines the 'social' challenges faced by system designers.

0 citations0 reviewsNo code linkedOpen access
preprint2010arXiv

Security Scheme for Distributed DoS in Mobile Ad Hoc Networks

In Mobile Ad Hoc Networks (MANET), various types of Denial of Service Attacks (DoS) are possible because of the inherent limitations of its routing protocols. Considering the Ad Hoc On Demand Vector (AODV) routing protocol as the base protocol it is possible to find a suitable solution to over-come the attack of initiating / forwarding fake Route Requests (RREQs) that lead to hogging of network resources and hence denial of service to genuine nodes. In this paper, a proactive scheme is proposed that could prevent a specific kind of DoS attack and identify the misbehaving node. Since the proposed scheme is distributed in nature it has the capability to prevent Distributed DoS (DDoS) as well. The performance of the proposed algorithm in a series of simulations reveal that the proposed scheme provides a better solution than existing approaches with no extra overhead.

0 citations0 reviewsNo code linkedOpen access
preprint2010arXiv

Steepest Ascent Hill Climbing For A Mathematical Problem

The paper proposes artificial intelligence technique called hill climbing to find numerical solutions of Diophantine Equations. Such equations are important as they have many applications in fields like public key cryptography, integer factorization, algebraic curves, projective curves and data dependency in super computers. Importantly, it has been proved that there is no general method to find solutions of such equations. This paper is an attempt to find numerical solutions of Diophantine equations using steepest ascent version of Hill Climbing. The method, which uses tree representation to depict possible solutions of Diophantine equations, adopts a novel methodology to generate successors. The heuristic function used help to make the process of finding solution as a minimization process. The work illustrates the effectiveness of the proposed methodology using a class of Diophantine equations given by a1. x1 p1 + a2. x2 p2 + ...... + an . xn pn = N where ai and N are integers. The experimental results validate that the procedure proposed is successful in finding solutions of Diophantine Equations with sufficiently large powers and large number of variables.

0 citations0 reviewsNo code linkedOpen access
preprint2010arXiv

Vcache: Caching Dynamic Documents

The traditional web caching is currently limited to static documents only. A page generated on the fly from a server side script may have different contents on different accesses and hence cannot be cached. A number of proposals for attacking the problem have emerged based on the observation that different instances of a dynamic document are usually quite similar in most cases, i.e. they have a lot of common HTML code. In this paper, we first review these related techniques and show their inadequacy for practical use. We then present a general and fully automatic technique called Vcache based on the decomposition of dynamic documents into a hierarchy of templates and bindings. The technique is designed keeping in mind languages like Perl and C etc that generate the documents using low-level print like statements. These languages together, account for the largest number of dynamic documents on the web.

0 citations0 reviewsNo code linkedOpen access