In Vehicular Ad hoc Networks (VANETs) the mobility of the nodes is the main concern. This mobility of nodes makes the route unstable and unreliable for the information exchange and communication between two nodes in the network. To enhance the performance and throughput of the VANETs, routes between nodes must be reliable and stable. In this paper, we study the significance of path duration and link duration in Vehicular Ad hoc Networks (VANETs). Because of this mobility, connectivity graphs changes very frequently and it affects the performance of VANETs. Therefore, path duration can be used to predict the behaviour of the mobile nodes in the network. Estimation of the path duration in VANETs can be a key factor to improve the performance of the routing protocol. Estimation of path duration is a challenging task to perform as it depends on many parameters including node density, transmission range, numbers of hops, and velocity of nodes. This paper will provide a comprehensive study for estimating the path duration in VANETs.
Improved learning through remote desktop mirroring controlConference Papers
The document describes a Wireless Stream Management System (WSMS) that allows a moderator (teacher) to remotely manage and control wireless screen mirroring from student devices to support collaborative learning. Key features of WSMS include allowing the teacher to select any student's laptop screen to project, enabling the teacher to remotely control the student's laptop, and distributing presentation content as images to student devices. The system architecture uses various components like a Wireless Screen Sender, Receiver, Administrator and Controller. Performance tests showed the system using under 2 Mbps of bandwidth and latency under 173ms with no major CPU utilization issues.
Congestion and overload control techniques in massive M2M systems: a surveyapnegrao
Lilatul Ferdouse1, Alagan Anpalagan1* and Sudip Misra2
1 WINCORE Lab, Department of Electrical and Computer Engineering, Ryerson University, Toronto, Canada
2 School of Information Technology, Indian Institute of Technology, Kharagpur, India
This document discusses security requirements for mobile governance (m-governance) projects. It analyzes security issues with different m-governance delivery channels like SMS, mobile applications, and proposes a security architecture with features like user authentication, authorization, data encryption, transaction security, alerting/logging/auditing. It also presents a case study of Aadhaar's e-KYC API, describing its authentication, key exchange and encryption mechanisms. The goal is to help identify real security needs and offer measures to secure request/response data transmitted over mobile channels for m-governance implementations.
This document describes a remote desktop management system that allows an administrator to monitor and control client computers from a server. Key features of the system include asset management, software deployment, patch management, remote desktop sharing, and generating reports. The system uses Remote Method Invocation (RMI) for remote communication between the server and clients. The server can send messages to clients, log clients off remotely, and restart clients. Clients send live screen captures to the server at set intervals. The system is intended for use in corporate networks to remotely monitor employee computers.
A deployment scenario a taxonomy mapping and keyword searching for the appl...Conference Papers
This document discusses developing a taxonomy to map relationships between applications, virtual machines, hosts, and clients when performing upgrades and patches. It proposes creating a taxonomy based on analyzing errors that occur during application execution to understand dependencies. The taxonomy would classify applications based on their libraries, operating systems, and browsers to provide a troubleshooting guideline for upgrades. An experiment upgrading an application called Crawling encountered errors due to dependencies on older software versions. Mapping the application criteria and relationships in a taxonomy could help identify the root cause of issues and the steps to resolve them.
Software Reliability and Quality Assurance Challenges in Cyber Physical Syste...CSCJournals
Software Reliability is the probability of failure-free software operation for a specified period of time in a specified environment. Cyber threats on software security have been prevailing and have increased exponentially, posing a major challenge on software reliability in the cyber physical systems (CPS) environment. Applying patches after the software has been developed is outdated and a major security flaw. However, this has posed a major software reliability challenge as threat actors are exploiting unpatched and insecure software configuration vulnerabilities that are not identified at the design phase. This paper aims to investigate the SDLC approach to software reliability and quality assurance challenges in CPS security. To demonstrate the applicability of our work, we review existing security requirements engineering concepts and methodologies such as TROPOS, I*, KAOS, Tropos and Secure Tropos to determine their relevance in software security. We consider how the methodologies and function points are used to implement constraints to improve software reliability. Finally, the function points concepts are implemented into the CPS security components. The results show that software security threats in CPS can be addressed by integrating the SRE approach and function point analysis in the development to improve software reliability.
IRJET- Improving Employee Tracking and Monitoring System using Advanced M...IRJET Journal
This document proposes an employee tracking and monitoring system using Android smartphones. It allows managers to monitor employee call logs, messages, browsing history, location via GPS, and data usage on a centralized server. If an employee leaves a specified area, an alert message is sent to the manager. The system calculates employee behavior - good, bad, average or loyal - using a k-means clustering algorithm based on unauthorized calls and data usage. It uses AES encryption to securely transmit data between devices over a WiFi network. The system aims to give managers better oversight of how employees use company-provided phones.
Modern vehicles are increasingly being interconnected with computer systems, which collect information both from vehicular sources and Internet services. Unfortunately, this creates a no negligible attack surface, which extends when vehicles are partly operated via smart phones. In this letter, a hierarchically distributed control system architecture which integrates a Smartphone with classical embedded systems is presented, and an ad-hoc, end-to-end security layer is designed to demonstrate how a Smartphone can interact securely with a modern vehicle without requiring modifications to the existing in-vehicle network. Experimental results demonstrate the effectiveness of the approach.
Improved learning through remote desktop mirroring controlConference Papers
The document describes a Wireless Stream Management System (WSMS) that allows a moderator (teacher) to remotely manage and control wireless screen mirroring from student devices to support collaborative learning. Key features of WSMS include allowing the teacher to select any student's laptop screen to project, enabling the teacher to remotely control the student's laptop, and distributing presentation content as images to student devices. The system architecture uses various components like a Wireless Screen Sender, Receiver, Administrator and Controller. Performance tests showed the system using under 2 Mbps of bandwidth and latency under 173ms with no major CPU utilization issues.
Congestion and overload control techniques in massive M2M systems: a surveyapnegrao
Lilatul Ferdouse1, Alagan Anpalagan1* and Sudip Misra2
1 WINCORE Lab, Department of Electrical and Computer Engineering, Ryerson University, Toronto, Canada
2 School of Information Technology, Indian Institute of Technology, Kharagpur, India
This document discusses security requirements for mobile governance (m-governance) projects. It analyzes security issues with different m-governance delivery channels like SMS, mobile applications, and proposes a security architecture with features like user authentication, authorization, data encryption, transaction security, alerting/logging/auditing. It also presents a case study of Aadhaar's e-KYC API, describing its authentication, key exchange and encryption mechanisms. The goal is to help identify real security needs and offer measures to secure request/response data transmitted over mobile channels for m-governance implementations.
This document describes a remote desktop management system that allows an administrator to monitor and control client computers from a server. Key features of the system include asset management, software deployment, patch management, remote desktop sharing, and generating reports. The system uses Remote Method Invocation (RMI) for remote communication between the server and clients. The server can send messages to clients, log clients off remotely, and restart clients. Clients send live screen captures to the server at set intervals. The system is intended for use in corporate networks to remotely monitor employee computers.
A deployment scenario a taxonomy mapping and keyword searching for the appl...Conference Papers
This document discusses developing a taxonomy to map relationships between applications, virtual machines, hosts, and clients when performing upgrades and patches. It proposes creating a taxonomy based on analyzing errors that occur during application execution to understand dependencies. The taxonomy would classify applications based on their libraries, operating systems, and browsers to provide a troubleshooting guideline for upgrades. An experiment upgrading an application called Crawling encountered errors due to dependencies on older software versions. Mapping the application criteria and relationships in a taxonomy could help identify the root cause of issues and the steps to resolve them.
Software Reliability and Quality Assurance Challenges in Cyber Physical Syste...CSCJournals
Software Reliability is the probability of failure-free software operation for a specified period of time in a specified environment. Cyber threats on software security have been prevailing and have increased exponentially, posing a major challenge on software reliability in the cyber physical systems (CPS) environment. Applying patches after the software has been developed is outdated and a major security flaw. However, this has posed a major software reliability challenge as threat actors are exploiting unpatched and insecure software configuration vulnerabilities that are not identified at the design phase. This paper aims to investigate the SDLC approach to software reliability and quality assurance challenges in CPS security. To demonstrate the applicability of our work, we review existing security requirements engineering concepts and methodologies such as TROPOS, I*, KAOS, Tropos and Secure Tropos to determine their relevance in software security. We consider how the methodologies and function points are used to implement constraints to improve software reliability. Finally, the function points concepts are implemented into the CPS security components. The results show that software security threats in CPS can be addressed by integrating the SRE approach and function point analysis in the development to improve software reliability.
IRJET- Improving Employee Tracking and Monitoring System using Advanced M...IRJET Journal
This document proposes an employee tracking and monitoring system using Android smartphones. It allows managers to monitor employee call logs, messages, browsing history, location via GPS, and data usage on a centralized server. If an employee leaves a specified area, an alert message is sent to the manager. The system calculates employee behavior - good, bad, average or loyal - using a k-means clustering algorithm based on unauthorized calls and data usage. It uses AES encryption to securely transmit data between devices over a WiFi network. The system aims to give managers better oversight of how employees use company-provided phones.
Modern vehicles are increasingly being interconnected with computer systems, which collect information both from vehicular sources and Internet services. Unfortunately, this creates a no negligible attack surface, which extends when vehicles are partly operated via smart phones. In this letter, a hierarchically distributed control system architecture which integrates a Smartphone with classical embedded systems is presented, and an ad-hoc, end-to-end security layer is designed to demonstrate how a Smartphone can interact securely with a modern vehicle without requiring modifications to the existing in-vehicle network. Experimental results demonstrate the effectiveness of the approach.
A Survey of MAC Layer Issues and Application layer Protocols for Machine-to-M...IRJET Journal
This document discusses challenges at the MAC layer for machine-to-machine (M2M) communications. It first describes issues around efficient, scalable and fair channel access for large numbers of M2M devices. It then discusses application layer protocols used to connect devices and applications to the internet, including CoAP, MQTT, and WebSocket. Finally, it analyzes MAC layer issues for a smart home example using M2M for power management, security and assisted living for the elderly. Key challenges include supporting diverse quality of service needs, large numbers of devices sharing channels, energy efficiency needs, and low-cost hardware requirements.
Design of Transparent Distributed IMS Network: Security Challenges Risk and S...ijngnjournal
The IP Multimedia subsystem (IMS) based on SIP as mechanism signalling and interfaces with other servers using OSA (Open Service Access) and CAMEL (Customized Applications for Mobile network Enhanced Logic).Is responsible for the interconnection of IP packets with other network, IMS support data communication services, voice, video, messaging and web-based technologies. In this work we present a distributed design of architecture that turns up some challenges of transparent mobility on the secured IMS architecture. We introduced the architecture with clustering database HSS and automatic storage of data files that give a secure access to database. This paper gives an overview of classification of security in IMS network and we show delay analysis comparison in signalling interworking with and without securing Gateway (SEG) in the registration of any UE in access network based IMS. We show that there is a tradeoff between the level of increasing system security and the potential delay incurred by mobility in Access Network .we conclude that this architecture is suitable for operators and services providers for the new
business models delivering ,the services based IMS Everywhere, anytime and with any terminals.
This document summarizes an article that investigates security algorithms for WiMAX networks. It begins by describing the architecture of WiMAX networks, including the user terminals, access service network, and connectivity service network. It then discusses vulnerabilities in the WiMAX standard, including issues at the physical layer and weaknesses in authentication and key management protocols. The document reviews some common denial of service attacks on WiMAX, such as attacks using ranging request/response messages. It also summarizes some existing encryption protocols like DES, TDES, RC2, and RC4. Finally, it suggests the need to address denial of service attacks prior to authentication as a way to improve WiMAX security.
This document summarizes four architectural patterns for context-aware systems: WCAM, Event-Control-Action, Action, and architectural pattern for context-based navigation. It discusses examples, problems addressed, solutions, structures, and benefits of each pattern. The patterns are examined to determine which can best overcome complexity and be more extensible for context-aware systems.
How good is my software a simple approach for software rating based on syst...Conference Papers
This document proposes a simple analytics approach for determining a software product rating based on results from system testing. The approach assigns points to test cases based on whether they pass or fail during iterations of system testing. Points are totaled for each test strategy and weighted based on the strategy's importance. The weighted scores are averaged to determine an overall software rating on a predefined scale like stars. The rating can indicate software quality before full release or provide interim ratings during ongoing testing. A case study demonstrates calculating sample scores and ratings using functional testing results from three hypothetical software projects at different stages of testing.
The Ad Hoc mobile network (MANET) is a wireless network with properties which may constitute
challenges and weaknesses before the security progress in MANET network. It causes weakness in security,
which leads to increased attacks on MANET. In this paper the challenges and attacks likely to threaten
MANET will be investigated. As a corollary, security solutions will be discussed, the relationship between
them will be concluded and architectural security solutions in MANET will beproposed.
This document provides an introduction to software engineering topics including:
1. What software engineering is, its importance, and the software development lifecycle activities it encompasses.
2. The many different types of software systems that exist and how software engineering approaches vary depending on the application.
3. Key fundamentals of software engineering that apply universally, including managing development processes, dependability, and reusing existing software components.
Design of Intrusion Tolerance System based on Service Redundancy LevelIOSRJEEE
The Internet is an open space where a great number of computer systems are connected. Since many services are provided through the Internet, malicious users can easily intrude on any of those systems by using the vulnerabilities of the Internet. Although Intrusion Detection and Prevention System (IDPS) can be used to defend against such malicious activities, it is not always possible to completely protect a targeted system against the attacks. For this reason, Intrusion Tolerance Systems (ITS) has been proposed to maintain services even in threatening environments, where some malicious attacks have intruded into a system successfully. In this paper, we propose a new ITS based upon maintaining a service redundancy level to ensure that all services are properly provided to users even if a malicious intrusions such as VM (virtual machine) escape attack exists. The simulation results show that the proposed scheme can guarantee the operation of every ongoing service by maintaining the service redundancy level of all services
India is one of the countries which has the electronic voting machine for parliamentary and assembly polls. But in every poll election commission is facing so much of troubles and various types of issues through the election. The most familiar issue which is faced by the election commission is, no proper acknowledgement regarding the confirmation of casting the votes, duplication or illegal casting of votes. In this project all these issues has been handled and overcome with the perfect solution. The main advantage of this project is handling of data by using biometric system such as finger print and face recognition (is done by masking technique). This is used to ensure the security to avoid fake and repeating voting. It also enhances the accuracy and speed of the process. The system performs with perfect recognition on a face and thumb impression of all the eligible voters in a constituency, which is done as pre-polled procedure. During election, thumb impression and face templates of voters is given as an input to the system. This is then compared with the already stored database and available records. If the particular pattern matches with the record then the voters are allowed to vote but incase if it doesn’t match or in case of repetition, voters vote are denied or gets rejected. The result is instant and counting is done.
Metric for Evaluating Availability of an Information System : A Quantitative ...IJNSA Journal
The purpose of the paper is to present a metric for availability based on the design of the information
system. The availability metric proposed in this paper is twofold, based on the operating program and
network delay metric of the information system (For the local bound component composition the
availability metric is purely based on the software/operating program, for the remote bound component
composition the metric incorporates the delay metric of the network). The aim of the paper is to present a
quantitative availability metric derived from the component composition of an Information System, based
on the dependencies among the individual measurable components of the system. The metric is used for
measuring and evaluating availability of an information system from the security perspective, the
measurements may be done during the design phase or may also be done after the system is fully
functional. The work in the paper provides a platform for further research regarding the quantitative
security metric (based on the components of an information system i.e. user, hardware, operating
program and the network.) for an information system that addresses all the attributes of information and
network security.
A Trusted Integrity verification Architecture for Commodity ComputersEditor IJCATR
Trust is an indispensable part of the computing environment, the validity of any transaction or information depends heavily
on the authenticity of the information source. In this context, many mechanisms for ensuring the authenticity of the information source
were developed, including password verification and biometrics. But as the attacks are directed towards the computing platform and
the applications running on the computer, all these initial security mechanisms are not sufficient. It is essential to ensure before making
a secure transaction that the system is in a good state (or say some authorized state) and maintains its integrity throughout the
execution time. The emergence of the Trusted Platform Module (TPM) has added to the security feature of a computer. Mechanisms
are in place which guarantee system integrity but very little is known about the state of the applications running on them. We propose
a system which notifies the user if the integrity of an application is violated and stops it. Our system also compares the current system
state with a known good value to ensure platform integrity.
IRJET- Improve Client Performance in Client Server Mobile Computing System us...IRJET Journal
This document discusses techniques to improve performance in client-server mobile computing systems, specifically focusing on caching techniques. It provides background on mobile computing and discusses challenges like low bandwidth and unstable wireless links. Caching is introduced as an effective technique to improve performance by reducing latency and bandwidth usage. The document reviews different caching strategies and replacement techniques, and discusses factors like cache size, hit rate, and consistency that impact caching performance. The goal is to study caching and other techniques to identify promising methods for optimizing mobile application performance.
The purpose of this paper two fold. First and foremost it presents a background narrative on the origins, innovations and applications of novel structural automation technologies and the rarity of experts involved in research, development and practice of this field. The second part of this paper presents a rudimentary framework for a solution addressing this paucity – the creation of an interdisciplinary academic program at PAAET that will be the first ever in the region to address applied information communication technologies ICT in the design, planning, engineering and management of structural automation projects. In doing so, we need also to define the level of implementation. This field, as all fields in ICT, have been loosely defined and most applications carry less weight in its implementation than what should be applied. This paper gives an attempt to define an indexing scheme by which we can easily classify such implementation and generate a ranking by which we can safely define its level of ―Intelligence‖.International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
A heterogeneous short-range communication platform for Internet of Vehicles IJECEIAES
The automotive industry is rapidly accelerating toward the development of innovative industry applications that feature management capabilities for data and applications alike in cars. In this regard, more internet of vehicles solutions are emerging through advancements of various wireless medium access-control technologies and the internet of things. In the present work, we develop a short-range communication–based vehicular system to support vehicle communication and remote car control. We present a combined hardware and software testbed that is capable of controlling a vehicle’s start up, operation and several related functionalities covering various vehicle metric data. The testbed is built from two microcontrollers, Arduino and Raspberry Pi 3, each of which individually controls certain functions to improve the overall vehicle control. The implementation of the heterogeneous communication module is based on the IEEE 802.11 and IEEE 802.15 medium access control technologies. Further, a control module on a smartphone was designed and implemented for efficient management. Moreover, we study the system connectivity performance by measuring various important parameters including the coverage distance, signal strength, download speed and latency. This study covers the use of this technology setup in different geographical areas over various time spans.
This document summarizes security issues related to mobile devices, networks, and communication. It discusses how mobile devices store sensitive data and access various networks, raising security concerns. Issues addressed include unauthorized access of data on lost or stolen devices, insecure communication channels, and vulnerabilities in mobile networks like cellular networks. The document also examines existing security measures and the need for improved solutions to address issues like authentication, encryption, and access control across mobile technologies.
An intrusion detection algorithm for amiIJCI JOURNAL
Nowadays, using the smart metering devices for energy users to manage a wide variety of subscribers,
reading devices for measuring, billing, disconnection and connection of subscribers’ connection
management is an important issue. The performance of these intelligent systems is based on information
transfer in the context of information technology, so reported data from network should be managed to
avoid the malicious activities that including the issues that could affect the quality of service the system. In
this paper for control of the reported data and to ensure the veracity of the obtained information, using
intrusion detection system is proposed based on the support vector machine and principle component
analysis (PCA) to recognize and identify the intrusions and attacks in the smart grid. Here, the operation of
intrusion detection systems for different kernel of SVM when using support vector machine (SVM) and PCA
simultaneously is studied. To evaluate the algorithm, based on data KDD99, numerical simulation is done
on five different kernels for an intrusion detection system using support vector machine with PCA
simultaneously. Also comparison analysis is investigated for presented intrusion detection algorithm in
terms of time - response, rate of increase network efficiency and increase system error and differences in
the use or lack of use PCA. The results indicate that correct detection rate and the rate of attack error
detection have best value when PCA is used, and when the core of algorithm is radial type, in SVM
algorithm reduces the time for data analysis and enhances performance of intrusion detection.
Multi agent based network monitoring and management using jadeAlexander Decker
This academic article discusses a multi-agent based network monitoring and management system using JADE. It proposes using multiple sensor agents that monitor nodes in the network and report any issues to a central monitoring agent. This allows distributed monitoring of a large network to identify problems like excess traffic. The system was implemented using JADE agents with sensor agents collecting IP/MAC addresses and monitoring traffic on nodes in an academic network. This provides a more scalable approach than centralized SNMP for a large, heterogeneous network.
A SECURITY FRAMEWORK FOR SOA APPLICATIONS IN MOBILE ENVIRONMENTIJNSA Journal
This document proposes a security framework for developing SOA (Service Oriented Architecture) applications on mobile devices. The framework aims to provide tools to securely develop and provide services in the mobile environment. It includes components for service description, communication interfaces, security features like cryptography and digital signatures. The framework also defines layers for networking, event handling, service provision, storage, security and management. It allows developers to easily create and securely provide services from mobile devices.
An Architectural Framework for Delivering Sip-As Multimedia Services Based on...josephjonse
The document proposes a new scalable service-oriented architecture based on OSGi technology for delivering SIP application services. The architecture uses JADE platform agents to implement SIP application services on an IMS core network in a flexible way. As a proof of concept, a televoting service was developed using the JADE/OSGi framework and tested for scalability. Results showed the televoting service could scale up and out to handle concurrent calls through dynamic load balancing of agents.
Dashboard of intelligent transportation system (ITS) using mobile agents stra...IJECEIAES
Extracting accurate information from huge Transportation Database need to build efficiency Intelligent Transportation Systems ITS-Dashboard that should allow making correct decisions. The quality of decision and the achievement of performance depend on the quality of the information supplied. This information must be reliable, complete, pertinent and more to care about external attacks. Distributed Mobile Agent consists of autonomy of entities with capacities of perception, cooperation and action on their own environment. One of Agent function is the security of Authentication process by activation of notification system on Mobile Device. The main purpose of this paper is to make it consisting of an Agent Based Framework. The strategy is to exploit Mobile Agent capabilities in a Strict Notification Process when user validates his authentication request.
A Survey of MAC Layer Issues and Application layer Protocols for Machine-to-M...IRJET Journal
This document discusses challenges at the MAC layer for machine-to-machine (M2M) communications. It first describes issues around efficient, scalable and fair channel access for large numbers of M2M devices. It then discusses application layer protocols used to connect devices and applications to the internet, including CoAP, MQTT, and WebSocket. Finally, it analyzes MAC layer issues for a smart home example using M2M for power management, security and assisted living for the elderly. Key challenges include supporting diverse quality of service needs, large numbers of devices sharing channels, energy efficiency needs, and low-cost hardware requirements.
Design of Transparent Distributed IMS Network: Security Challenges Risk and S...ijngnjournal
The IP Multimedia subsystem (IMS) based on SIP as mechanism signalling and interfaces with other servers using OSA (Open Service Access) and CAMEL (Customized Applications for Mobile network Enhanced Logic).Is responsible for the interconnection of IP packets with other network, IMS support data communication services, voice, video, messaging and web-based technologies. In this work we present a distributed design of architecture that turns up some challenges of transparent mobility on the secured IMS architecture. We introduced the architecture with clustering database HSS and automatic storage of data files that give a secure access to database. This paper gives an overview of classification of security in IMS network and we show delay analysis comparison in signalling interworking with and without securing Gateway (SEG) in the registration of any UE in access network based IMS. We show that there is a tradeoff between the level of increasing system security and the potential delay incurred by mobility in Access Network .we conclude that this architecture is suitable for operators and services providers for the new
business models delivering ,the services based IMS Everywhere, anytime and with any terminals.
This document summarizes an article that investigates security algorithms for WiMAX networks. It begins by describing the architecture of WiMAX networks, including the user terminals, access service network, and connectivity service network. It then discusses vulnerabilities in the WiMAX standard, including issues at the physical layer and weaknesses in authentication and key management protocols. The document reviews some common denial of service attacks on WiMAX, such as attacks using ranging request/response messages. It also summarizes some existing encryption protocols like DES, TDES, RC2, and RC4. Finally, it suggests the need to address denial of service attacks prior to authentication as a way to improve WiMAX security.
This document summarizes four architectural patterns for context-aware systems: WCAM, Event-Control-Action, Action, and architectural pattern for context-based navigation. It discusses examples, problems addressed, solutions, structures, and benefits of each pattern. The patterns are examined to determine which can best overcome complexity and be more extensible for context-aware systems.
How good is my software a simple approach for software rating based on syst...Conference Papers
This document proposes a simple analytics approach for determining a software product rating based on results from system testing. The approach assigns points to test cases based on whether they pass or fail during iterations of system testing. Points are totaled for each test strategy and weighted based on the strategy's importance. The weighted scores are averaged to determine an overall software rating on a predefined scale like stars. The rating can indicate software quality before full release or provide interim ratings during ongoing testing. A case study demonstrates calculating sample scores and ratings using functional testing results from three hypothetical software projects at different stages of testing.
The Ad Hoc mobile network (MANET) is a wireless network with properties which may constitute
challenges and weaknesses before the security progress in MANET network. It causes weakness in security,
which leads to increased attacks on MANET. In this paper the challenges and attacks likely to threaten
MANET will be investigated. As a corollary, security solutions will be discussed, the relationship between
them will be concluded and architectural security solutions in MANET will beproposed.
This document provides an introduction to software engineering topics including:
1. What software engineering is, its importance, and the software development lifecycle activities it encompasses.
2. The many different types of software systems that exist and how software engineering approaches vary depending on the application.
3. Key fundamentals of software engineering that apply universally, including managing development processes, dependability, and reusing existing software components.
Design of Intrusion Tolerance System based on Service Redundancy LevelIOSRJEEE
The Internet is an open space where a great number of computer systems are connected. Since many services are provided through the Internet, malicious users can easily intrude on any of those systems by using the vulnerabilities of the Internet. Although Intrusion Detection and Prevention System (IDPS) can be used to defend against such malicious activities, it is not always possible to completely protect a targeted system against the attacks. For this reason, Intrusion Tolerance Systems (ITS) has been proposed to maintain services even in threatening environments, where some malicious attacks have intruded into a system successfully. In this paper, we propose a new ITS based upon maintaining a service redundancy level to ensure that all services are properly provided to users even if a malicious intrusions such as VM (virtual machine) escape attack exists. The simulation results show that the proposed scheme can guarantee the operation of every ongoing service by maintaining the service redundancy level of all services
India is one of the countries which has the electronic voting machine for parliamentary and assembly polls. But in every poll election commission is facing so much of troubles and various types of issues through the election. The most familiar issue which is faced by the election commission is, no proper acknowledgement regarding the confirmation of casting the votes, duplication or illegal casting of votes. In this project all these issues has been handled and overcome with the perfect solution. The main advantage of this project is handling of data by using biometric system such as finger print and face recognition (is done by masking technique). This is used to ensure the security to avoid fake and repeating voting. It also enhances the accuracy and speed of the process. The system performs with perfect recognition on a face and thumb impression of all the eligible voters in a constituency, which is done as pre-polled procedure. During election, thumb impression and face templates of voters is given as an input to the system. This is then compared with the already stored database and available records. If the particular pattern matches with the record then the voters are allowed to vote but incase if it doesn’t match or in case of repetition, voters vote are denied or gets rejected. The result is instant and counting is done.
Metric for Evaluating Availability of an Information System : A Quantitative ...IJNSA Journal
The purpose of the paper is to present a metric for availability based on the design of the information
system. The availability metric proposed in this paper is twofold, based on the operating program and
network delay metric of the information system (For the local bound component composition the
availability metric is purely based on the software/operating program, for the remote bound component
composition the metric incorporates the delay metric of the network). The aim of the paper is to present a
quantitative availability metric derived from the component composition of an Information System, based
on the dependencies among the individual measurable components of the system. The metric is used for
measuring and evaluating availability of an information system from the security perspective, the
measurements may be done during the design phase or may also be done after the system is fully
functional. The work in the paper provides a platform for further research regarding the quantitative
security metric (based on the components of an information system i.e. user, hardware, operating
program and the network.) for an information system that addresses all the attributes of information and
network security.
A Trusted Integrity verification Architecture for Commodity ComputersEditor IJCATR
Trust is an indispensable part of the computing environment, the validity of any transaction or information depends heavily
on the authenticity of the information source. In this context, many mechanisms for ensuring the authenticity of the information source
were developed, including password verification and biometrics. But as the attacks are directed towards the computing platform and
the applications running on the computer, all these initial security mechanisms are not sufficient. It is essential to ensure before making
a secure transaction that the system is in a good state (or say some authorized state) and maintains its integrity throughout the
execution time. The emergence of the Trusted Platform Module (TPM) has added to the security feature of a computer. Mechanisms
are in place which guarantee system integrity but very little is known about the state of the applications running on them. We propose
a system which notifies the user if the integrity of an application is violated and stops it. Our system also compares the current system
state with a known good value to ensure platform integrity.
IRJET- Improve Client Performance in Client Server Mobile Computing System us...IRJET Journal
This document discusses techniques to improve performance in client-server mobile computing systems, specifically focusing on caching techniques. It provides background on mobile computing and discusses challenges like low bandwidth and unstable wireless links. Caching is introduced as an effective technique to improve performance by reducing latency and bandwidth usage. The document reviews different caching strategies and replacement techniques, and discusses factors like cache size, hit rate, and consistency that impact caching performance. The goal is to study caching and other techniques to identify promising methods for optimizing mobile application performance.
The purpose of this paper two fold. First and foremost it presents a background narrative on the origins, innovations and applications of novel structural automation technologies and the rarity of experts involved in research, development and practice of this field. The second part of this paper presents a rudimentary framework for a solution addressing this paucity – the creation of an interdisciplinary academic program at PAAET that will be the first ever in the region to address applied information communication technologies ICT in the design, planning, engineering and management of structural automation projects. In doing so, we need also to define the level of implementation. This field, as all fields in ICT, have been loosely defined and most applications carry less weight in its implementation than what should be applied. This paper gives an attempt to define an indexing scheme by which we can easily classify such implementation and generate a ranking by which we can safely define its level of ―Intelligence‖.International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
A heterogeneous short-range communication platform for Internet of Vehicles IJECEIAES
The automotive industry is rapidly accelerating toward the development of innovative industry applications that feature management capabilities for data and applications alike in cars. In this regard, more internet of vehicles solutions are emerging through advancements of various wireless medium access-control technologies and the internet of things. In the present work, we develop a short-range communication–based vehicular system to support vehicle communication and remote car control. We present a combined hardware and software testbed that is capable of controlling a vehicle’s start up, operation and several related functionalities covering various vehicle metric data. The testbed is built from two microcontrollers, Arduino and Raspberry Pi 3, each of which individually controls certain functions to improve the overall vehicle control. The implementation of the heterogeneous communication module is based on the IEEE 802.11 and IEEE 802.15 medium access control technologies. Further, a control module on a smartphone was designed and implemented for efficient management. Moreover, we study the system connectivity performance by measuring various important parameters including the coverage distance, signal strength, download speed and latency. This study covers the use of this technology setup in different geographical areas over various time spans.
This document summarizes security issues related to mobile devices, networks, and communication. It discusses how mobile devices store sensitive data and access various networks, raising security concerns. Issues addressed include unauthorized access of data on lost or stolen devices, insecure communication channels, and vulnerabilities in mobile networks like cellular networks. The document also examines existing security measures and the need for improved solutions to address issues like authentication, encryption, and access control across mobile technologies.
An intrusion detection algorithm for amiIJCI JOURNAL
Nowadays, using the smart metering devices for energy users to manage a wide variety of subscribers,
reading devices for measuring, billing, disconnection and connection of subscribers’ connection
management is an important issue. The performance of these intelligent systems is based on information
transfer in the context of information technology, so reported data from network should be managed to
avoid the malicious activities that including the issues that could affect the quality of service the system. In
this paper for control of the reported data and to ensure the veracity of the obtained information, using
intrusion detection system is proposed based on the support vector machine and principle component
analysis (PCA) to recognize and identify the intrusions and attacks in the smart grid. Here, the operation of
intrusion detection systems for different kernel of SVM when using support vector machine (SVM) and PCA
simultaneously is studied. To evaluate the algorithm, based on data KDD99, numerical simulation is done
on five different kernels for an intrusion detection system using support vector machine with PCA
simultaneously. Also comparison analysis is investigated for presented intrusion detection algorithm in
terms of time - response, rate of increase network efficiency and increase system error and differences in
the use or lack of use PCA. The results indicate that correct detection rate and the rate of attack error
detection have best value when PCA is used, and when the core of algorithm is radial type, in SVM
algorithm reduces the time for data analysis and enhances performance of intrusion detection.
Multi agent based network monitoring and management using jadeAlexander Decker
This academic article discusses a multi-agent based network monitoring and management system using JADE. It proposes using multiple sensor agents that monitor nodes in the network and report any issues to a central monitoring agent. This allows distributed monitoring of a large network to identify problems like excess traffic. The system was implemented using JADE agents with sensor agents collecting IP/MAC addresses and monitoring traffic on nodes in an academic network. This provides a more scalable approach than centralized SNMP for a large, heterogeneous network.
A SECURITY FRAMEWORK FOR SOA APPLICATIONS IN MOBILE ENVIRONMENTIJNSA Journal
This document proposes a security framework for developing SOA (Service Oriented Architecture) applications on mobile devices. The framework aims to provide tools to securely develop and provide services in the mobile environment. It includes components for service description, communication interfaces, security features like cryptography and digital signatures. The framework also defines layers for networking, event handling, service provision, storage, security and management. It allows developers to easily create and securely provide services from mobile devices.
An Architectural Framework for Delivering Sip-As Multimedia Services Based on...josephjonse
The document proposes a new scalable service-oriented architecture based on OSGi technology for delivering SIP application services. The architecture uses JADE platform agents to implement SIP application services on an IMS core network in a flexible way. As a proof of concept, a televoting service was developed using the JADE/OSGi framework and tested for scalability. Results showed the televoting service could scale up and out to handle concurrent calls through dynamic load balancing of agents.
Dashboard of intelligent transportation system (ITS) using mobile agents stra...IJECEIAES
Extracting accurate information from huge Transportation Database need to build efficiency Intelligent Transportation Systems ITS-Dashboard that should allow making correct decisions. The quality of decision and the achievement of performance depend on the quality of the information supplied. This information must be reliable, complete, pertinent and more to care about external attacks. Distributed Mobile Agent consists of autonomy of entities with capacities of perception, cooperation and action on their own environment. One of Agent function is the security of Authentication process by activation of notification system on Mobile Device. The main purpose of this paper is to make it consisting of an Agent Based Framework. The strategy is to exploit Mobile Agent capabilities in a Strict Notification Process when user validates his authentication request.
A Dashboard of ITS - Tableau de bord du STIn allali
This document proposes a framework that uses mobile agents to securely authenticate users through a notification process on mobile devices when accessing an intelligent transportation system dashboard. The framework aims to address issues with password-based authentication systems being vulnerable to attacks by implementing an agent-based notification system. When a user attempts to log in or change their account, an agent will trigger a remote notification to the administrator or account owner through various means like email, text message, or phone call to add an additional layer of security verification before allowing access. The framework seeks to improve authentication security while maintaining usability through an asynchronous mobile notification system.
The document describes a proposed intelligent switching agent that would be installed on dual-band phones (capable of both GSM and WiFi networks). The agent would monitor call status and WiFi signal strength and automatically switch the call between the GSM and WiFi networks as needed, such as if the GSM signal weakened. The system would include both Symbian and J2ME software components, with the Symbian module interacting with the phone's telephony system API and the J2ME module implementing the intelligent switching logic using the JADE agent platform. The agent would use ontologies to define concepts like call state and WiFi availability to determine when to trigger a network handover.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
AN ARCHITECTURAL FRAMEWORK FOR DELIVERING SIP-AS MULTIMEDIA SERVICES BASED ON...ijngnjournal
This document proposes and evaluates a new scalable service-oriented architecture for delivering SIP application services based on JADE/OSGi technology. It introduces an architectural framework that uses a JADE multi-agent system implemented on an OSGi platform to provide SIP application services as a service (SIP-AS) over an IMS core network. As a proof of concept, a televoting service was developed and tested on this architecture. Results showed that the televoting service scales well, enabling elasticity and dynamic load balancing of the architecture.
The rapid growth that has taken place in Computer Vision has been instrumental in driving the advancement of Image processing techniques and drawing inferences from them. Combined with the enormous capabilities that Deep Neural networks bring to the table, computers can be efficiently trained to automate the tasks and yield accurate and robust results quickly thus optimizing the process. Technological growth has enabled us to bring such computationally intensive tasks to lighter and lower-end mobile devices thus opening up a wide range of possibilities. WebRTC-the open-source web standard enables us to send multimedia-based data from peer to peer paving the way for Real-time Communication over the Web. With this project, we aim to build on one such opportunity that can enable us to perform custom object detection through an android based application installed on our mobile phones. Therefore, our problem statement is to be able to capture real-time feeds, perform custom object detection, generate inference results, and appropriately send intruder alerts when needed. To implement this, we propose a mobile-based over-the-cloud solution that can capitalize on the enormous and encouraging features of the YOLO algorithm and incorporate the functionalities of OpenCV’s DNN module for providing us with fast and correct inferences. Coupled with a good and intuitive UI, we can ensure ease of use of our application.
The document proposes a real-time mobile surveillance system using WebRTC. It utilizes computer vision techniques like YOLO for object detection on live video feeds captured by an Android application. The feeds are sent to a NodeJS server and then to a Flask server using REST APIs where OpenCV's DNN module performs inference. Detected objects and alerts are then sent back to the Android device. The system aims to provide low-latency, remote surveillance capabilities using mobile devices and over-the-cloud solutions.
Online Signature Authentication by Using Mouse Behavior Editor IJCATR
Several large-scale parole leakages exposed users to associate unprecedented risk of speech act and abuse of their data. associate inadequacy of password-based authentication mechanisms is turning into a serious concern for the complete data society. carries with it 3 major modules: (1) Mouse–Behavior dynamics Capture, (2) Feature Construction, and (3) coaching or Classification. the primary module serves to make a taking mouse behavior user signs. The second module is employed to extract holistic and procedural options to characterize mouse behavior and to map the raw options into distance-based options by exploitation numerous distance metrics. The third module, within the coaching section, applies neural network on the distance-based feature vectors to reckon the predominant feature elements, then builds the user’s profile employing a one-class classifier. within the classification section, it determines the user’s identity exploitation the trained classifier within the distance-based feature exploitation NN. A four Digit OTP is generated to the user’s email ID. The user are going to be giving the ‘2’ digit OTP and therefore the server are going to be giving balance ‘2’ digit OTP. Users ‘2’ digit OTP is verified by the server and contrariwise.
Review on operating systems and routing protocols for wireless sensorIAEME Publication
This document provides an overview of operating systems and routing protocols for wireless sensor networks. It discusses several popular operating systems used in wireless sensor networks, including TinyOS, MANTIS, Contiki, RetOS, and MagnetOS. It describes the key features and limitations of each operating system. The document also reviews common routing protocols for wireless sensor networks, and discusses flooding and its variants as a basic routing technique.
The Difference Impact on QoS Parameters between the IPSEC and L2TPAM Publications
Many of the networks are existing but little of them that believe the quality and security together, the secure transmission of the information with high quality remains the primary goal of all engineers, which is considered the ideal goal of this theory either in fact, get a high quality of service comes at the expense of security and vice versa, has been expressed networks fiber optic for the best possible speed while maintaining a good level of security. In the Internet network, person-to-person communication can be enhanced with high quality images and videos, and access to information and services on public and private networks will be enhanced by higher data rates, quality of service (QoS), security measures, location-awareness, energy efficiency, and new flexible communication capabilities. So some networks are characterized by the QOS offered in addition to the security that we will discuss extensively later. This distinction is linked to the quality of communication and service over the network and security[1]. The quality of a network is evaluated on the basis of the quality of service, and especially on its security features. The use of security mechanisms is important in knowing the identity, saving the information, and ensuring that there is no tampering.in this research we try to ensure the security for QoS with two different methods using the Tunnel like the L2TP and IPSec that mean the security of layer two and three of OSI model, and we compared the differential impact between the two types of security on QoS parameters.
SIP-Based Mobility Management for LTE-WiMAX-WLAN Interworking Using IMS Archi...CSCJournals
In this paper, we propose an architecture framework for interworking of Long Term Evolution (LTE), Worldwide Interoperability for Microwave Access (WiMAX) and Wireless Local Area Network (WLAN) technologies. The aim is to offer users of various networks seamless high quality IP-based multimedia services access anywhere at any time. IP Multimedia Subsystem (IMS) is used in the proposed architecture for providing a platform through which telecommunications operators can merge the various networks. A Session Initiation Protocol (SIP) REFER method which provides uninterrupted service continuity is introduced. The proposed LTE-WiMAX and LTE-WLAN tight coupled interworking is compared with the UMTS- WiMAX and UMTS-WLAN tight coupled interworking. The two heterogeneous networks are simulated using OPNET Modeler 17.1. Various metrics are obtained to test the performance of the proposed technique. Results show that successful VoIP session handoffs with acceptable Quality of Services (QoS) levels can be performed. Results also show that the proposed architecture outperforms the pervious architecture.
The Geoquorum approach for implementing atomic read/write shaved memory in mobile ad hoc networks. This
problem in distributed computing is revisited in the new setting provided by the emerging mobile computing technology. A
simple solution tailored for use in ad hoc networks is employed as a vehicle for demonstrating the applicability of formal
requirements and design strategies to the new field of mobile computing. The approach of this paper is based on well
understood techniques in specification refinement, but the methodology is tailored to mobile applications and help designers
address novel concerns such as logical mobility, the invocations, specific conditions constructs
Formal Specification for Implementing Atomic Read/Write Shared Memory in Mobi...ijcsit
The Geoquorum approach for implementing atomic read/write shaved memory in mobile ad hoc networks. This
problem in distributed computing is revisited in the new setting provided by the emerging mobile computing technology. A
simple solution tailored for use in ad hoc networks is employed as a vehicle for demonstrating the applicability of formal
requirements and design strategies to the new field of mobile computing. The approach of this paper is based on well
understood techniques in specification refinement, but the methodology is tailored to mobile applications and help designers
address novel concerns such as logical mobility, the invocations, specific conditions constructs. The proof logic and
programming notation of mobile UNITY provide the intellectual tools required to carryout this task. Also, the quorum
systems are investigated in highly mobile networks in order to reduce the communication cost associated with each distributed
operation.
ANALYSIS OF NETWORK PERFORMANCE MANAGEMENT DASHBOARDIAEME Publication
Analysis of performance availability is very important to help improve network
performance. This is due to developing services to be used by customers. In performance
availability it is known that there are many problems that occur in each event in the
field. In achieving the optimal level in carrying out the implementation and support
processes of the performance management dashboard, an analysis is needed to develop
management and control in the networking division with the aim of generating
utilization in the implementation and support processes to align with the business needs
of PT ABC. The existing reference model is a reference model that refers to the
functional area of FCAPS. The FCAPS model consists of five functional areas,
including fault management, configuration management, accounting management,
performance management, and security management. In general, companies have
implemented FCAPS on failure issues and configurations (fault and configuration).
Security / security has relied on other tools that are not integrated in the FCAPS model
as a whole. The basic principle is, even though there are five elements from FCAPS,
one element can influence the success of other elements.
Secure and efficient handover authentication and detection of spoofing attackeSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
International Journal of Engineering Research and DevelopmentIJERD Editor
Electrical, Electronics and Computer Engineering,
Information Engineering and Technology,
Mechanical, Industrial and Manufacturing Engineering,
Automation and Mechatronics Engineering,
Material and Chemical Engineering,
Civil and Architecture Engineering,
Biotechnology and Bio Engineering,
Environmental Engineering,
Petroleum and Mining Engineering,
Marine and Agriculture engineering,
Aerospace Engineering
SPECIFICATION BASED TESTING OF ON ANDROID SYSTEMSijwmn
With the surging of mobile applications, mobile security draws more and more attentions from researchers
in various areas. Due to the lack of quality assurance approaches in mobile computing, many mobile
applications suffer the vulnerabilities and security flaws. In this paper, we proposed a model based unit
testing approach on the android security properties using JUnit. Both behavior and structure model of the
android application were developed on the Unified Modeling Language (UML) – behavior is described in
state diagram, while structure is described in class diagram. Our approach focus on two common security
groups – the access control and authentication properties. Both groups are represented in the operations
defined in the class diagrams and dynamic behaviors are captured (partially) in the state diagram. A set of
well defined test cases is developed to validate the desired properties based on the class diagram. All
properties on the class diagram and state diagram are described in Object Constraint Language (OCL) – a
formal specification language on the first order logic and set theory.The results of this research will
provide a sound foundation towards the specification based unit testing on mobile security.
IJCER (www.ijceronline.com) International Journal of computational Engineerin...ijceronline
This document proposes routing and security software components that can be integrated into remote laboratories and e-laboratories. It describes implementing routing and security management services using virtual routers. These services allow centralized network management while labs are distributed. The services provide address management of connected nodes, routing of packets between networks, encryption of transmitted information, management of public/private keys, and support for mobile devices through WAP. The services are defined using WSDL and can be accessed programmatically using languages like C# and Visual Basic.
Ähnlich wie Security Analysis and Delay Evaluation for SIP - Based Mobile Mass Examination System (20)
Call for Papers - 10th International Conference on Computer Science and Infor...josephjonse
10th International Conference on Computer Science and Information Technology (CSTY 2024) will provide an excellent international forum for sharing knowledge and results in theory, methodology and applications of Computer Science, Engineering and Information Technology. The Conference looks for significant contributions to all major fields of the Computer Science, Engineering and Information Technology in theoretical and practical aspects.
Authors are solicited to contribute to the conference by submitting articles that illustrate research results, projects, surveying works and industrial experiences that describe significant advances in the following areas, but are not limited to.
8th International Conference on Soft Computing, Mathematics and Control (SMC ...josephjonse
8th International Conference on Soft Computing, Mathematics and Control (SMC 2024) will provide an excellent international forum for sharing knowledge and results in theory, methodology and applications impacts and challenges of Soft Computing, Mathematics and Control. The conference documents practical and theoretical results which make a fundamental contribution for the development of Soft Computing, Mathematics and Control. The aim of the conference is to provide a platform to the researchers and practitioners from both academia as well as industry to meet and share cutting-edge development in the field.
Implementation of Pipelined Architecture for Physical Downlink Channels of 3G...josephjonse
LTE (Long Term Evolution) is a high data rate, low latency and packet optimized radio access technology designed to support roaming Internet access via cell phones and handheld devices in 3G and 4G networks. This paper mainly focuses on to improve the processing speed and decrease the maximum delay of the downlink channels using the pipelined buffer controlled technique. This paper proposes Pipelined buffer controlled Architecture for both transmitter and receiver for Physical Downlink channels of 3GPP-LTE. The transmitter architecture comprises Bit Scrambling, Modulation mapping, Layer mapping, Precoding and Resource element mapping modules. The receiver architecture comprises Demapping from resource elements, Decoding, Comparing and Detection, Delayer mapping and Descrambling modules as described in LTE specifications. In addition to these, buffers are included in both transmitter and receiver architectures. Modelsim is used for simulation, synthesis and implementation are achieved using PlanAhead13.2 tool on Virtex-5, xc5vlx50tff1136-1 device board is used. Implemented results are discussed in terms of RTL design, FPGA editor, Power estimation and Resource estimation.
12th International Conference of Artificial Intelligence and Fuzzy Logic (AI ...josephjonse
12th International Conference of Artificial Intelligence and Fuzzy Logic (AI & FL 2024) provides a forum for researchers who address this issue and to present their work in a peer-reviewed forum. Authors are solicited to contribute to the conference by submitting articles that illustrate research results, projects, surveying works and industrial experiences that describe significant advances in the following areas, but are not limited to these topics only.
2nd International Conference on Computer Science, Engineering and Artificial ...josephjonse
2nd International Conference on Computer Science, Engineering and Artificial Intelligence (CSEAI 2024) will provide an excellent international forum for sharing knowledge and results in theory, methodology and applications of Computer Science, Computer Engineering and AI. The Conference looks for significant contributions to all major fields of the Computer Science, Engineering and AI in theoretical, practical aspects. The aim of the conference is to provide a platform to the researchers and practitioners from both academia as well as industry to meet and share cutting-edge development in the field.
Global mobility and Handover management for heterogeneous network in vanetjosephjonse
Now a day’s Vehicular Ad Hoc Network (VANET) is an emerging technology. Mobility management is one of the most challenging research issues for VANETs to support variety of intelligent transportation system (ITS) applications. VANETs are getting importance for inter-vehicle communication, because they allow the communication among vehicles without any infrastructure, configuration effort, and without the high costs of cellular networks. Besides local data exchange, vehicular applications may be used to accessing Internet services. The access is provided by Internet gateways located on the site of roadside. However, the Internet integration requires a respective mobility support of the vehicular ad hoc network. In this paper we will study about the network mobility approach in vehicular ad hoc network; the model will describe the movement of vehicles from one network to other network. The proposed handover scheme reduces the handover latency, packet loss signaling overhead.
3rd International Conference on Artificial Intelligence Advances (AIAD 2024)josephjonse
3rd International Conference on Artificial Intelligence Advances (AIAD 2024) will act as a major forum for the presentation of innovative ideas, approaches, developments, and research projects in the area advanced Artificial Intelligence. It will also serve to facilitate the exchange of information between researchers and industry professionals to discuss the latest issues and advancement in the research area. Core areas of AI and advanced multi-disciplinary and its applications will be covered during the conferences.
10th International Conference on Artificial Intelligence and Applications (AI...josephjonse
10th International Conference on Artificial Intelligence and Applications (AI 2024) will provide an excellent international forum for sharing knowledge and results in theory, methodology and applications of Artificial Intelligence and its applications. The Conference looks for significant contributions to all major fields of the Artificial Intelligence, Soft Computing in theoretical and practical aspects. The aim of the Conference is to provide a platform to the researchers and practitioners from both academia as well as industry to meet and share cutting-edge development in the field.
Network Parameters Impact on Dynamic Transmission Power Control in Vehicular ...josephjonse
In vehicular ad hoc networks, the dynamic change in transmission power is very effective to increase the throughput of the wireless vehicular network and decrease the delay of the message communication between vehicular nodes on the highway. Whenever an event occurs on the highway, the reliability of the communication in the vehicular network becomes so vital so that event created messages should reach to all the moving network nodes. It becomes necessary that there should be no interference from outside of the network and all the neighbor nodes should lie in the transmission range of the reference vehicular node. Transmission range is directly proportional to the transmission power the moving node. If the transmission power will be high, the interference increases that can cause higher delay in message reception at receiver end, hence the performance of the network decreased. In this paper, it is analyzed that how transmission power can be controlled by considering other different parameter of the network such as; density, distance between moving nodes, different types of messages dissemination with their priority, selection of an antenna also affects on the transmission power. The dynamic control of transmission power in VANET serves also for the optimization of the resources where it needs, can be decreased and increased depending on the circumstances of the network. Different applications and events of different types also cause changes in transmission power to enhance the reachability. The analysis in this paper is comprised of density, distance with single hop and multi hop message broadcasting based dynamic transmission power control as well as antenna selection and applications based. Some summarized tables are produced according to the respective parameters of the vehicular network. At the end some valuable observations are made and discussed in detail. This paper concludes with a grand summary of all the protocols discussed in it.
2nd International Conference on Computer Science, Engineering and Artificial ...josephjonse
2nd International Conference on Computer Science, Engineering and Artificial Intelligence (CSEAI 2024) will provide an excellent international forum for sharing knowledge and results in theory, methodology and applications of Computer Science, Computer Engineering and AI. The Conference looks for significant contributions to all major fields of the Computer Science, Engineering and AI in theoretical, practical aspects. The aim of the conference is to provide a platform to the researchers and practitioners from both academia as well as industry to meet and share cutting-edge development in the field.
10th International Conference on Data Mining (DaMi 2024)josephjonse
10th International Conference on Data Mining (DaMi 2024) Conference provides a forum for researchers who address this issue and to present their work in a peer-reviewed forum.
10th International Conference on Artificial Intelligence and Soft Computing (...josephjonse
10th International Conference on Artificial Intelligence and Soft Computing (AIS 2024) will provide an excellent international forum for sharing knowledge and results in theory, methodology, and applications of Artificial Intelligence, Soft Computing. The Conference looks for significant contributions to all major fields of the Artificial Intelligence, Soft Computing in theoretical and practical aspects. The aim of the Conference is to provide a platform to the researchers and practitioners from both academia as well as industry to meet and share cutting-edge development in the field.
On the Equality of the Grundy Numbers of a Graphjosephjonse
Our work becomes integrated into the general problem of the stability of the network ad hoc. Some, works attacked(affected) this problem. Among these works, we find the modelling of the network ad hoc in the form of a graph. Thus the problem of stability of the network ad hoc which corresponds to a problem of allocation of frequency amounts to a problem of allocation of colors in the vertex of graph. we present use a parameter of coloring " the number of Grundy”. The Grundy number of a graph G, denoted by Γ(G), is the largest k such that G has a greedy k-coloring, that is a coloring with colours obtained by applying the greedy algorithm according to some ordering of the vertices of G. In this paper, we study the Grundy number of the lexicographic, Cartesian and direct products of two graphs in terms of the Grundy numbers of these graphs.
10th International Conference on Artificial Intelligence and Applications (AI...josephjonse
10th International Conference on Artificial Intelligence and Applications (AI 2024) will provide an excellent international forum for sharing knowledge and results in theory, methodology and applications of Artificial Intelligence and its applications. The Conference looks for significant contributions to all major fields of the Artificial Intelligence, Soft Computing in theoretical and practical aspects. The aim of the Conference is to provide a platform to the researchers and practitioners from both academia as well as industry to meet and share cutting-edge development in the field.
Cache Performance Analysis of Virtualized Router on Virtual Content-Centric N...josephjonse
Content-centric networking (CCN) is one of the major proposals for realizing information-centric networking. CCN routers cache forwarded data in a buffer memory called the ContentStore (CS). Virtual content-centric networking (VCCN), which enables the construction of multiple virtual networks (called VCCN slices) on a content-centric network, has been recently proposed. When multiple VCCN slices are constructed, the performance of each VCCN slice and that of the entire network are strongly affected by the CCN routers' CS allocation to VCCN router instances in VCCN slices. In this paper, we analyze the effects of CS allocation methods and content request patterns in VCCN slices on the performance of each VCCN slice and that of the entire network. Through several numerical examples, we show that when content request patterns are heterogeneous, a hybrid resource allocation method is effective in terms of both network fairness for VCCN slices and overall network performance.
10th International Conference on Artificial Intelligence and Applications (AI...josephjonse
10th International Conference on Artificial Intelligence and Applications (AIFU 2024) is a forum for presenting new advances and research results in the fields of Artificial Intelligence. The conference will bring together leading researchers, engineers and scientists in the domain of interest from around the world. The scope of the conference covers all theoretical and practical aspects of the Artificial Intelligence.
2nd International Conference on Computer Science, Engineering and Artificial ...josephjonse
2nd International Conference on Computer Science, Engineering and Artificial Intelligence (CSEAI 2024) will provide an excellent international forum for sharing knowledge and results in theory, methodology and applications of Computer Science, Computer Engineering and AI. The Conference looks for significant contributions to all major fields of the Computer Science, Engineering and AI in theoretical, practical aspects. The aim of the conference is to provide a platform to the researchers and practitioners from both academia as well as industry to meet and share cutting-edge development in the field.
A Cognitive Radio And Dynamic Spectrum Access – A Studyjosephjonse
A basic problem facing the future in wireless systems is where to find suitable spectrum bands to fulfill the demand of future services. While all of the radio spectrum is allocated to different services, applications and users, observation show that usage of the spectrum is actually quite low. To overcome this problem and improve the spectrum utilization, cognitive radio concept has been evolved. Wireless communication, in which a transmitter and receiver can detect intelligently communication channels that are in use and those which are not in use are known as Cognitive Radio, and it can move to unused channels. This makes possible the use of available radio frequency spectrum while minimizing interference with other users. CRs must have the capability to learn and adapt their wireless transmission according to the surrounding radio environment. The application of Artificial Intelligence approaches in the Cognitive Radio is very promising since they have a great importance for the implementation of Cognitive Radio networks architecture. Dynamic spectrum access is a promising approach to make less severe the spectrum scarcity that wireless communications face now. It aims at reusing sparsely occupied frequency bands and does not interfere to the actual licensees. This paper is a review and comparison of different DSA models and methods.
5G Technology: An Assessment of the Opportunities and Challenges in an Emergi...josephjonse
No country wants to be left behind in the tech war as there may be far-reaching consequences in military, health, and well-being, industrial applications, technology, banking, financial services, urbanization, and other facets of private and national life. For an emergent country like Nigeria, the cost of being left behind is enormous and may mean the continuous peril of underdevelopment wrought by over-dependence on other nations for essential services. This paper provides perspectives on sectors where the deployment of the 5G telecommunication network could be a swift driver of an emergent Nigeria. It also highlights the particular challenges facing the deployment of the 5G technology in Nigeria. The study adopted the use of secondary sources to obtain relevant preexisting data to facilitate the research objectives. Restrictions in movement necessitated this approach to curtail the spread of the Coronavirus. The research findings revealed the enormous multi-sectorial benefits of deploying the 5G technology in an emergent Nigeria and the inherent challenges. It is envisaged that the ideas highlighted in the study findings would provide useful guidance for policy directors in the quest for a better emergent Nigeria.
2nd International Conference on Education in Post Pandemic (EDUPAN 2024)josephjonse
2nd International Conference on Education in Post Pandemic (EDUPAN 2024) will act as a major forum for the presentation of innovative ideas, approaches, developments, and research projects in the areas of Education in post Pandemic COVID 19. It also aims to provide a platform for exchanging ideas in new emerging trends that needs more focus and exposure and will attempt to publish proposals that strengthen our goals.
Software Engineering and Project Management - Introduction, Modeling Concepts...Prakhyath Rai
Introduction, Modeling Concepts and Class Modeling: What is Object orientation? What is OO development? OO Themes; Evidence for usefulness of OO development; OO modeling history. Modeling
as Design technique: Modeling, abstraction, The Three models. Class Modeling: Object and Class Concept, Link and associations concepts, Generalization and Inheritance, A sample class model, Navigation of class models, and UML diagrams
Building the Analysis Models: Requirement Analysis, Analysis Model Approaches, Data modeling Concepts, Object Oriented Analysis, Scenario-Based Modeling, Flow-Oriented Modeling, class Based Modeling, Creating a Behavioral Model.
International Conference on NLP, Artificial Intelligence, Machine Learning an...gerogepatton
International Conference on NLP, Artificial Intelligence, Machine Learning and Applications (NLAIM 2024) offers a premier global platform for exchanging insights and findings in the theory, methodology, and applications of NLP, Artificial Intelligence, Machine Learning, and their applications. The conference seeks substantial contributions across all key domains of NLP, Artificial Intelligence, Machine Learning, and their practical applications, aiming to foster both theoretical advancements and real-world implementations. With a focus on facilitating collaboration between researchers and practitioners from academia and industry, the conference serves as a nexus for sharing the latest developments in the field.
KuberTENes Birthday Bash Guadalajara - K8sGPT first impressionsVictor Morales
K8sGPT is a tool that analyzes and diagnoses Kubernetes clusters. This presentation was used to share the requirements and dependencies to deploy K8sGPT in a local environment.
CHINA’S GEO-ECONOMIC OUTREACH IN CENTRAL ASIAN COUNTRIES AND FUTURE PROSPECTjpsjournal1
The rivalry between prominent international actors for dominance over Central Asia's hydrocarbon
reserves and the ancient silk trade route, along with China's diplomatic endeavours in the area, has been
referred to as the "New Great Game." This research centres on the power struggle, considering
geopolitical, geostrategic, and geoeconomic variables. Topics including trade, political hegemony, oil
politics, and conventional and nontraditional security are all explored and explained by the researcher.
Using Mackinder's Heartland, Spykman Rimland, and Hegemonic Stability theories, examines China's role
in Central Asia. This study adheres to the empirical epistemological method and has taken care of
objectivity. This study analyze primary and secondary research documents critically to elaborate role of
china’s geo economic outreach in central Asian countries and its future prospect. China is thriving in trade,
pipeline politics, and winning states, according to this study, thanks to important instruments like the
Shanghai Cooperation Organisation and the Belt and Road Economic Initiative. According to this study,
China is seeing significant success in commerce, pipeline politics, and gaining influence on other
governments. This success may be attributed to the effective utilisation of key tools such as the Shanghai
Cooperation Organisation and the Belt and Road Economic Initiative.
Advanced control scheme of doubly fed induction generator for wind turbine us...IJECEIAES
This paper describes a speed control device for generating electrical energy on an electricity network based on the doubly fed induction generator (DFIG) used for wind power conversion systems. At first, a double-fed induction generator model was constructed. A control law is formulated to govern the flow of energy between the stator of a DFIG and the energy network using three types of controllers: proportional integral (PI), sliding mode controller (SMC) and second order sliding mode controller (SOSMC). Their different results in terms of power reference tracking, reaction to unexpected speed fluctuations, sensitivity to perturbations, and resilience against machine parameter alterations are compared. MATLAB/Simulink was used to conduct the simulations for the preceding study. Multiple simulations have shown very satisfying results, and the investigations demonstrate the efficacy and power-enhancing capabilities of the suggested control system.
Introduction- e - waste – definition - sources of e-waste– hazardous substances in e-waste - effects of e-waste on environment and human health- need for e-waste management– e-waste handling rules - waste minimization techniques for managing e-waste – recycling of e-waste - disposal treatment methods of e- waste – mechanism of extraction of precious metal from leaching solution-global Scenario of E-waste – E-waste in India- case studies.
Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...shadow0702a
This document serves as a comprehensive step-by-step guide on how to effectively use PyCharm for remote debugging of the Windows Subsystem for Linux (WSL) on a local Windows machine. It meticulously outlines several critical steps in the process, starting with the crucial task of enabling permissions, followed by the installation and configuration of WSL.
The guide then proceeds to explain how to set up the SSH service within the WSL environment, an integral part of the process. Alongside this, it also provides detailed instructions on how to modify the inbound rules of the Windows firewall to facilitate the process, ensuring that there are no connectivity issues that could potentially hinder the debugging process.
The document further emphasizes on the importance of checking the connection between the Windows and WSL environments, providing instructions on how to ensure that the connection is optimal and ready for remote debugging.
It also offers an in-depth guide on how to configure the WSL interpreter and files within the PyCharm environment. This is essential for ensuring that the debugging process is set up correctly and that the program can be run effectively within the WSL terminal.
Additionally, the document provides guidance on how to set up breakpoints for debugging, a fundamental aspect of the debugging process which allows the developer to stop the execution of their code at certain points and inspect their program at those stages.
Finally, the document concludes by providing a link to a reference blog. This blog offers additional information and guidance on configuring the remote Python interpreter in PyCharm, providing the reader with a well-rounded understanding of the process.
The CBC machine is a common diagnostic tool used by doctors to measure a patient's red blood cell count, white blood cell count and platelet count. The machine uses a small sample of the patient's blood, which is then placed into special tubes and analyzed. The results of the analysis are then displayed on a screen for the doctor to review. The CBC machine is an important tool for diagnosing various conditions, such as anemia, infection and leukemia. It can also help to monitor a patient's response to treatment.
Security Analysis and Delay Evaluation for SIP - Based Mobile Mass Examination System
1. International Journal of Next-Generation Networks (IJNGN) Vol.4, No.1, March 2012
DOI : 10.5121/ijngn.2012.4101 1
SECURITY ANALYSIS AND DELAY EVALUATION FOR
SIP-BASED MOBILE MASS EXAMINATION SYSTEM
Ahmad Barnawi1
, Abdulrahman Altalhi2
, Nadine Akkari3
and Muhammad Emran4
Faculty of computing and information technology, King Abdulaziz University, KSA
1
ambarnawi@kau.edu.sa 2
ahaltalhi@kau.edu.sa
3
nakkari@kau.edu.sa
4
memran@kau.edu.sa
ABSTRACT
IP Multimedia Subsystem (IMS) is considered to be one of the important features in Mobile Next
Generation Networks (MNGN). It adds value to the mobile services and applications by integrating mobile
network resources, such as location, billing and authentication. This is achieved by enabling a third party
access to network resources. In previous work [1] we have presented a testbed to be used as platform for
testing mobile application prior to actual deployment. We have chosen a novel IMS based MObile Mass
EXamination (MOMEX) system to showcase the benefit of designing an IMS based mobile application. We
identify two aspects essential to of the application namely security threats and delay analysis. In this paper
we identify MOMEX security threats and suggest strategies to mitigate system vulnerabilities. We then
evaluate the performance of MOMEX system in terms of delay and security threats and vulnerabilities. The
results presented show system performance limitation and tradeoffs.
KEYWORDS
IMS, SIP, mobile application, performance evaluation
1. INTRODUCTION
Driven by competition from application warehouses i.e. Over the Top players, standardization
body, such as 3GPP, has paid enormous attention to develop an interface for third parties to
access the mobile network to deploy applications that will make life much easier for mobile users.
This business model will also make sure that mobile operator can secure some revenues out of the
traffic going through their networks [1]. IP Multimedia Subsystem (IMS) is considered as the
cornerstone for NGN. IMS is best described as the glue between the “global” applications world
(Internet) and the mobile world. The IMS was designed to enable third party developers to deploy
their applications over mobile networks. According to the standards, IMS is defined in the form
of reference architecture to enable delivery of next-generation communication services of voice,
data, video, wireless, and mobility over an Internet Protocol (IP) network [1]. Signaling in IMS
network is based on a Session Initiation Protocol (SIP). The SIP based architecture provides a
multiservice environment with multimedia capabilities. IMS contains Home Subscriber Server
(HSS), which is the central storage area for user-related information such as his/her security
related information or the service to which the user is subscribed to. It is also consists of the
Serving Call Session Control Function (S-CSCF) which acts as the central node of the signalling
2. International Journal of Next-Generation Networks (IJNGN) Vol.4, No.1, March 2012
2
plane. S-CSCF on one hand is connected to the Application Server that hosts the application and
on the other it is connected to HSS and the mobile IMS either through the Proxy CSCF (P-SCSF)
if the client resides in its own area of serving or Interrogator CSCF (I-SCSF) if a client is being
served by another S-CSCF.
This funded research project is aimed toward the development of a testbed for Next Generation
Networks (NGN). The testbed is to be used for testing mobile applications prior to actual
deployment. The benefits of such testbed are enormous. For start it would enable third party
application developer to test applications in realistic environment prior to deployment. The
testbed will also facilitate studying the traffic and signaling in NGN network to optimize system
performance.
Along with testbed development, we showcase the advantages of IMS based mobile application
by developing a Mobile Mass Examination (MOMEX) system. MOMEX System expedites the
examination process for mass students by automating various activities in an examination such as
exam paper setting, scheduling and allocating examination time and evaluation etc.
The MOMEX system will assess to students by conducting mobile based objective exam. This
will be highly customizable for any university who acquired to adopt similar IMS based
examination system and faculties to create their own dashboard (create set of questions, creates
groups, adds related students into the groups, schedule exams, etc.). Further, the exams will be
associated with specific groups so that only associated students can appear for the test; result will
be notified to the student either through SMS/email as shown in Figure 1.
IMS based applications inherits several security challenges for both infrastructure providers and
mobile users. Thus security for MOMEX system has to be taken care of due to the nature of the
application. In this paper, we provide an overview of the IMS based application architecture and
the security challenges that it raises. It is intended as a case study basis for assessing security
threats and counter measures to secure NGN mobile applications.
As a distributed system, performance evaluation of a heterogeneous system such as the IMS is a
none trivial problem. It also appears that signaling delay associated with SIP messages, have
concerned mobile operators about the viability of SIP services over the UMTS air interface [2]. In
this paper we provide an insight into the SIP based applications performance, focusing on the
MOMEX system. We furthermore study the effect of security threats on the overall delay. Results
of a performance evaluation of the registration and set up signaling scenarios are presented in
terms of time delay through the IMS network components.
The paper is organized as follows. In section 2, an overview in Mobile Exam Examination system
is presented. In section 3, Security Risk Analysis for SIP Based IMS Exam Application is
conducted. In section 4, we summarize the system vulnerabilities and counter measures. In
section 5, an application layer security gateway solution is proposed. Section 6 presents the delay
analysis in function of the student’s registration and set up phases. Next, the IMS delay is
analysed to determine the delay bottleneck of the system. In section 8, performance evaluation
and related results are presented. Finally related security vulnerabilities are studied in function of
the delay analysis. At the end, we conclude and discuss future works.
2. MOBILE MASS EXAMINATION (MOMEX) SYSTEM
SIP based Mobile Examination scenario is based on the following High Level Operations which
are illustrated in the following figure 1 and explained below [3].
3. International Journal of Next-Generation Networks (IJNGN) Vol.4, No.1, March 2012
3
• Step 1 & 2: The exam will be scheduled by the teacher to be triggered to specified
recipients (UA) on the specified time.
• Step 3: User authentication by the application server and exam submission by the client
will be carried out in this step.
• Step 4: Informing the students for the examination results.
• Step 5: After automated evaluation sending results back to the teacher for further
clarifications or manual corrections.
.
Figure 1. Mobile exam use case
The MOMEX will typically be deployed over IMS based system. The IMS main Components are
listed as follows:
CSCF: The Call State Control Function (CSCF) is the heart and soul of the IMS. SIP (Session
Initial Protocol) is used as signaling protocol for establishing, controlling, modifying and
terminating sessions between two or more the SIP routing machinery. CSCF can be further
divided into 3 subcomponents mainly P-CSCF, I-CSCF, S-CSCF.
The Proxy –CSCF (P-CSCF): is the first point of contact for user with the IMS and act as an
outbound/inbound SIP proxy server. This means that all the requests initiated by the IMS terminal
or destined for the IMS terminal traverse the P-CSCF. The P-CSCF includes several functions,
some of which are related to security. Since SIP is a text based protocol and sometimes SIP
message can be large so the P-CSCF also includes a compressor and a de-compressor of SIP
messages using SigComp, which reduces the round-trip over slow radio links. It may also include
a PDF (Policy Decision Function), which authorizes media plane resources e.g. quality of service
(QoS) over media plane.
Interrogating-CSCF (I-CSCF): I-CSCF is used to conceal network details from other operators,
determining routing within the trusted domain and thus helps to protect the S-CSCF and the HSS
from unauthorized access by other networks.
Serving-CSCF (S-CSCF): The S-CSCF acts as a registrar. It controls subscriber’s service
(handling registration processes, making routing decisions and maintaining session states, etc) on
every session that the user initiates.
The Home Subscriber Server (HSS): Is the master data storage for all subscribers and service
related data of the IMS. The main data stored include user identities, registration information,
location of the subscriber device, the services a subscriber is allowed to access and other service-
triggering information.
4. International Journal of Next-Generation Networks (IJNGN) Vol.4, No.1, March 2012
4
Application Server (AS): AS is not a part of IMS Core, AS is a SIP unit that hosts and executes
services depending upon the services subscribed to and invoked by the user. The ASs offer APIs
like SIP servlet, Parlay for application execution.
Figure 2. IMS-SIP based components of the Mobile Exam Application Infrastructure
Source [3]
3. SECURITY RISK ANALYSIS FOR SIP BASED IMS EXAM APPLICATION
Here we conduct an analysis aimed at evaluating security threats for MOMEX system. We start
with listing the threats and scenarios of occurrence and we end up with proposal addressing
common security threats.
3.1. General Type of the possible attacks on the IMS components
The title is to Attack on SIP based network can be categorized into passive versus active attacks,
Internal versus external attacks, single source versus multisource attacks. Security Analysis shows
that following are the possible risk factors that should be taken care of in designing Mobile Exam
Application.
3.1.1. Gateway attacks
Different access technologies are being converged on IMS platform which need conversion of the
content from one access technology to the other. This conversion is achieved by the gateways that
require some level of conversion in content forms, which is legitimate manipulation of the
content. These are the most vulnerable hosts in the IMS network specifically, signaling gateway
(SGW), Media Gateway Control Function (MGCF) and Media Gateway (MGW). [4] The content
conversion should be integrity checked otherwise some intruder may perform an inverse
conversion from a malicious script that may look legal contents which could harmful after
conversion for the network.
IMS Client mobile / desktop
SIP AS XDMS
HSS
P-CSCF
S-CSCF
I-CSCF
5. International Journal of Next-Generation Networks (IJNGN) Vol.4, No.1, March 2012
5
Figure 3. Gateway Attack
3.1.2. Denial of Service (DoS) attack on User Agent (UA)
In IMS infrastructure an individual user could be held under the DoS attack. Due to DoS attack
the required bandwidth for the UA will be consumed by the attack initiating malicious machines.
IMS security mechanism should be capable enough to guard against DoS attack especially when
user is trying to access the exam [4]. An attacker can issue a large number of fake requests which
can be targeted to SIP network device to consume its resources and not allow it to access the
exam from the exam application server.
3.1.3. Application Servers security
As the third party application servers are accessible on the IMS network. The more are the
chances that UAs are getting affected from suspicious attacks which indirectly can affect the
security of the application servers. User agent security should be taken care of by applying the
proper authentication mechanisms which is important for the security of application servers [4].
3.1.4. Presence Consideration and Identity Risk
Wide range of social networking applications on IMS network pose more security risks on IMS
UAs. For example IMS user agent presence data may disclose some of the attributes of UA to
others like current status, availability and location of UA. Presence data must be safeguard
against eavesdropping and should only be accessible by legitimate users, who have permission to
access private data [4]. In IMS HSS is the component which stores the user’s profiles. User
defined groups should be managed by the IMS instead of users so their security can be taken care
off.
3.1.5. Hijacking of SIP Registration
The SIP registration session can be hijacked by a hijacker during the SIP user registration
process:
1. By launching DOS attack on user machine the legitimate user’s registration can be
disabled.
6. International Journal of Next-Generation Networks (IJNGN) Vol.4, No.1, March 2012
6
2. Hacker can send a registration request with attacker’s IP address instead of the legitimate
user’s address to get registered on.
3. Attacker changes the IP address in the header by replacing its own IP with the IP of the
original user’s IP.
4. By these steps the attacker can gain access to the network and SIP messages are read by
the hacker clearly.
5. Because SIP messages are being sent in clear text and no SIP message authentication is
built into the protocol that is why the attack is made possible.
For Sip Registration Hijacking attack the security measure should be taken at the application
level. The proper way of authentication and SIP Optimized firewall should be used to secure the
SIP components. [5] SIP registration Hijacking is shown in figure 4.
Figure 4. Student Registration Session Hijacking by Attacker
3.1.6. Eavesdropping
Internet tools like Ethereal and Wire shark could be used to make eavesdropping possible for the
traffic based on SIP signaling protocol. SIP messages are sent in plain text which is easy to
capture and analyzed by the sniffer.
By intercepting the signaling and associated media streams of a VOIP conversation could help in
eavesdropping. Media streams are usually carried over UDP and RTP. Packet sniffing tools can
capture and decode RTP packets.
IPSEC could be one solution for the IP packets secure encryption making them safe from
unauthorized access or modifications. By using shared keys between the parties IPSEC can
provide the secure path for communication between the SIP Users.
Eavesdropping should be handled at the application layer by applying proper security measures
otherwise the rough UA can listen the conversation of the VOIP enabled UA [5].
3.1.7. Proxy Impersonation
In Proxy Impersonation attack the attacker can trick the proxies to communicate with the rouge
proxy. If the attacker can successfully impersonate the proxy, he can have the full access to the
SIP messages and is in complete control of the session. Lack of strong authentication and
communication using UDP is the reason for proxy impersonation attack. A rouge proxy can insert
Hijacked IMS Session
Student request for
Registration to Proxy is
Hijacked by Attacker
Attacker Spoofing Student
Request
, Steeling the Student
Parameters
Communication on Hijacked Media by
the attacker to the Exam Server
Student Registration Session Hijacking by the Attacker
Student P
-CSCF
Attacker
Student
Exam’s
Server
P-CSCF
Exam
Server Teacher
7. International Journal of Next-Generation Networks (IJNGN) Vol.4, No.1, March 2012
7
itself into the communication by using either Domain Name Service (DNS) spoofing, Address
resolution protocol (ARP) cache spoofing or by simply changing the proxy address for a SIP User
Agent. Proxy Impersonation attack is shown in figure 5.
Figure 5. Proxy Impersonation Attack
DNS spoofing can be used to redirect the outgoing call to a particular domain. ARP cache
spoofing is an attack on the internal switch which can trick the UA to communicate with a rough
proxy on the internal network. The calls from the user agent can be intercepted by the attacker
[6].
3.1.8. Session Tear down (Bye Attack)
The “Bye” message can be crafted and sent by an attacker as man in the middle attack to tear
down the ongoing exam session. This message can be crafted by learning the necessary session
parameters which are Session ID, RTP Port etc. To mitigate this type of attack the security for the
session parameters must be made mandatory by encrypting the message. Either Transport Layer
Security (TLS) or IPSec can be employed to provide security measures against such type of attack
[7]. Session teardown or Bye attack is shown in the figure 6.
Figure 6. Session Tear down (Bye Attack)
3.1.9. DoS Attack on Application Server
SIP is susceptible to threats and vulnerabilities which exist in the Internet realm. [8]. SIP
architecture components and devices should be made secure against denial of service attacks. One
of the possible methods to create DOS attack can be launched by creating a large number of
requests against any SIP component so it cannot provide useful service. The examination server
can be the potential target of such attacks.
IMS
IMS
8. International Journal of Next-Generation Networks (IJNGN) Vol.4, No.1, March 2012
8
3.1.10. Reflection distributed DOS (RDDOS)
Reflection distributed DOS (RDDOS) attack can also be a threat and launched by using attack
reflectors, which create a large number of requests against the target SIP component. Weak areas
in SIP based network can be exploited as vulnerabilities of the network which could help the
attacker to gain access to the network and could cause potential security threats for the system [7].
If no appropriate security mechanism is in place then attacker may easily find any appropriate
parameter needed to launch any of the above mentioned types of attacks. Security analysis
indicates that proper security mechanisms are required in SIP based networks for exam
application to provide confidentiality, integrity, Authentication, Authorization and Accounting
(AAA) services.
4. Summary of attacks and counter measures
The increasing need of security concerns have focused on securing both the components of IMS
architecture and the application servers as well. In this part in the following table we have
summarized the possible security threats and their vulnerabilities for mobile exam application.
Also we discussed possible countermeasure for the security of mobile exam application. On
Internet thousands of messages can be generated or tailored and sent to attack applications
servers. To handle the multimedia sessions on Internet and 3G Networks SIP is adopted as
signaling protocol. SIP specification does not include any specific security mechanisms. The
utilization of other well-known Internet security mechanisms is suggested. Following security
methods are described in [7] which can help us in securing our exam application.
4.1. IPSec and SIP
For lack of authentication mechanism in SIP, proper security measures should be taken care of at
application development time. “IPSec in SIP can safeguard signaling and data from various
network vulnerabilities, provided that some sort of trust (e.g. pre-shared keys, certificates) has
been established beforehand between the communicating parties.” [7] .This could be achieved by
the use and sharing of proper keys during the authentication phase between the student agent and
exam application server.
4.2. Transport Layer Security (TLS)
TLS support is not yet fully implemented in current SIP UAs [7]. On SIP components, Transport
Layer Security (TLS) standard should be enforced to provide strong authentication and
encryption between these SIP components. Secure RTP (SRTP) can also be used as a standard for
media gateway protection. The firewalls should also support TLS as a security measure to
incorporate the secure authentication.
4.3. Authentication, Authorization and Accounting Services in SIP
It is more convenient for SIP entities to communicate with an authentication, authorization and
accounting (AAA) server than attempting to store users’ credentials and profiles locally as
required by the HTTP digests [7]. In hardware based solutions for the sack of IMS security
numerous devices such as SIP optimized firewalls can be used to protect the SIP systems from
attacks. Session border controllers (SBC) and other application specific gateways are all part of
the proposed security measures which could be taken to protect the exam application from the
above mentioned threats.
9. International Journal of Next-Generation Networks (IJNGN) Vol.4, No.1, March 2012
9
5. PROPOSED SOLUTION
In our proposed solution we have deployed Application Level Gateway (ALG) and firewall in
order to make secure communication on IMS network. ALG is deployed exact before SIP
application server and packet filtering firewall is deployed between the Internet client and IMS
network. Firewall could help in packet filtering or can provide state full firewall functionalities.
SIP traffic should be passed through the firewall and directed towards the ALG in order to be
checked by the ALG before getting into SIP application server.
Application Level Gateway will help in deep packet inspection of all the packets directed towards
it. Application specific protocols are being supported by the ALG. An ALG can allow firewall
traversal with SIP back to back user agent (B2BUA). SIP sessions can be passed to the ALG
instead of the firewall if the firewall has its SIP traffic terminated on an ALG. NAT traversal is
another issue for SIP which can also be solved with ALG. Information within the SIP messages
can be rewritten by a NAT with a built in ALG and can hold address bindings until the session
terminates.
An ALG plays here the roll similar to a proxy as it is being deployed between the client and the
server and it facilitates the information exchange. The only difference between the Proxy and the
ALG is that ALG performs its function by intercepting the messages without the application
being configured to use it whereas the Proxy needs to be configured in the client application to be
used by the client. In case of Proxy the client explicitly connects to the proxy rather than the real
server [8].
Figure 7. Firewall and ALG Deployment in IMS Networks
10. International Journal of Next-Generation Networks (IJNGN) Vol.4, No.1, March 2012
10
Table 1. Security Threats Comparison
Security Threat Target Vulnerability
SIP Registration
Hijacking
UAs, Media Gateway (MG),
Interactive Voice Response
(IVR), VOICE Mail System
User Agent Messages
Spoofing
Eavesdropping SIP Message
User Agent / Proxy
Message Spoofing
Proxy Impersonation Proxy Proxy Messages Spoofing
Session Tear Down
Attack (Bye Attack)
User Agent (UA) Lack of Authentication
VOIP Server Attack User Agent (UA) Lack of Authentication
6. DELAY ANALYSIS
In order to evaluate the performance of the exam system, the end-to-end delay from the access
network to the Exam AS over the IMS network will be analyzed. The IMS-based exam will be
based on the core IMS for student registration and the Exam server for exam delivery. Accessing
the system will be through the access network where the mobile is launching the request. This
Student-to-server delay is calculated starting from the student registration with the SCSCF and
ending up with the exam being delivered to the student. This process includes students accessing
the Exam access server from any access network and then requesting the exam. According to the
exam system, student should first register and be authenticated before the AS accept the student
invitation and to open the exam session. At this point all the http and RTP messages will be
exchanged. Thus the total delay in study is the signaling delay composed of the registration and
set up phases that took place before the user starts the exam session. Accordingly, the total delay
is viewed to be equal to the time taken by the registration and set up signaling in the access
network and IMS network as per equation (1).
(1)
From equation (1), the IMS delay and the access network delay need to be considered for both the
registration and the set up phases. The access network delay will be considered as negligible as
we will assume the students will be accessing the IMS through a high data rates network.
We will evaluate the total delay in the IMS networks considering separately the registration and
the set up phases.
We will build our model based on the queuing theory and we will study the system performance
in function of the related parameters such as arrival rate, waiting probability, number of students,
etc. The purpose of the study is to specify what will be the bottleneck of the system, which
system parameters will contribute in the total delay and what could overflow the serving points of
the system.
6.1 SIP registration phase
Figure 8. SIP signaling example for registratioon phase
The main components of the IMS network is as shown in figure 8. The P-CSCF is the entry proxy
point for all SIP messages from end-points to the rest of the IMS network. It could be in the
11. International Journal of Next-Generation Networks (IJNGN) Vol.4, No.1, March 2012
11
home network or may reside in the visited network. The P-CSCF determines what I-CSCF to
send SIP messages to, which could be an I-CSCF in its own network or another I-CSCF across an
administrative domain [9]. The Interrogating-CSCF (I-CSCF) is responsible for finding the S-
CSCF at registration. The main function of the I-CSCF is to proxy between the P- and S-CSCF
[9]. The Serving-CSCF (S-CSCF) is responsible for interfacing with the Application Servers
(AS).
When receiving a registration request as a SIP message from an I-CSCF, the S-CSCF will query
the HSS via Diameter protocol to register the terminal as being currently served by itself [9].
The Home Subscriber Server HSS provides information to the I-CSCF for locating the S-CSCF. It
provides service profile information to the S-CSCF. The registration phase is made of a “REG”
SIP messages sent from P, C, to S –CSCF. A UA client sends REGISTER message to inform a
SIP server of its location. While processing the message, the response is “401 Unauthorized” as
the user agent needs to authenticate. It therefore resends the REGISTER request again with
authentication information and thus receives “200 OK” SIP message sent on the reverse way as
shown in figure 8.
6.2 SIP set up phase
As per figure 9, a student has to register with the IMS core network per every mobile exam
session setup. After registration, the user selects the exam service by sending to the S-CSCF an
INVITE message, which is forwarded to the appropriate AS after resolving its destination address
[10]. In the INVITE message, a caller sends this message to request that another endpoint join a
SIP session such as AS. AS is the Application Server where Mobile Exam service is applied. The
S-CSCF sends a SIP TRYING message “100 OK’ to the user for a waiting state. SIP INVITE is
processed toward the AS as shown in figure 9. 200 OK response means that the request was
successful. ACK is a SIP UA response to an INVITE.
Figure 9.SIP set up messages
12. International Journal of Next-Generation Networks (IJNGN) Vol.4, No.1, March 2012
12
7. IMS DELAY ANALYSIS
As per (1), the total delay consists of calculating the Access network delay and the IMS delay
where the access network delay will be considered negligible with the assumption that the
students will be accessing the IMS through a high data rates network.
We will evaluate the total delay in the IMS networks as per equations (2) considering separately
the registration and the set up phases.
The propagation delay is affected by the distance between the nodes and the channel
characteristics. This parameter is considered negligible.
7.1 Queuing delay
In order to evaluate the queuing delay which contributes in both the registration and setup phases,
each entity in the IMS network is modelled as M/M/1 as P,C and I-CSCF are responsible to
process SIP messages and forward them from one node to another as per figure 11. Thus, we
modelled the PCSCF as M/M/1 since PCSCF will be the first node that will accept the REG
message from the UE. In this case, this system will not have loss due to the infinite buffer which
will handle all the registration requests. Other CSCF nodes are modelled as the M/M/1/ as well
contributing in M/M/1 cascaded model.
Figure 10 shows the overall scenario illustrated in the given queuing system. In this model, the
total delay will be equal to the serving delay and the queuing delay within every node. In
addition, the following assumptions were made:
• The students initiate a connection to the network as a Poisson process with an intensity of
λ where λ is the arrival rate.
• The service time distribution of the CSCF nodes is exponentially distributed with mean of
mean service rate assumed to be greater than the mean arrival rate.
Figure 10. Queuing system for registration
The registration end-to-end delay is equal to the queuing delay in P-CSCF, I-CSCF, SCSCF and
the serving delay in P-CSCF, I-CSCF, S-CSCF. The communication with the AS consists of
sending SIP Invite message from UE to AS. The end-to end queuing delay:
Queueing delay = waiting time (P,I,S,) (3)
Where P,I, and S denotes P-CSCF, I-CSCF, and S-CSCF respectively. As per [11], waiting time
at a node n is given by:
(3.1)
Where λ denotes the arrival rate of P-CSCF and the P denotes the service rate of P_CSCF.
13. International Journal of Next-Generation Networks (IJNGN) Vol.4, No.1, March 2012
13
Where the coefficients 2, 4, 4, and 2 are the number of messages that are to be processed by the
involved node such as the UA, P-SCSF, ICSCF and S-CSCF respectively. In the same way, the
queuing delay could be calculated for the IMS setup delay as:
Where Wn is the packet queuing delay at node n, and the coefficients are the numbers of messages
that are to be processed by the involved nodes such as UA, P-SCSF, ICSCF and S-CSCF and AS
respectively. Based on the above equations, the total delay could be finally calculated in function
of the waiting time, in both the registration and the set up processes.
8. PERFORMANCE EVALUATION
As we calculated the queuing delay for both the registration and the setup phases, each entity in
the IMS has its own unit processing cost in addition to the cost of searching within the
information table such as in HSS node. We need to consider the HSS processing delay that
depends on the address lookup delay. As the processing cost will increase with respect to the
number of users which corresponds to an increase in the number of entries in the table thus an
increased processing time as per [12]. The processing time for the HSS node is given by:
Where CIMS_NODE is the processing cost per IMS node, K’ is in function of the unit processing cost
value for every entity and the number of packets per request, K is the system dependent constant,
R is the ration of the number of bits in the address to the machine word size in bits and N is the
number of entries per table [10]. Figure 11 shows the effect of increasing the number of users on
the processing time. The processing time will double for a 10 times increase in the number of
users N.
Figure 11. Processing time (sec) Vs Number of users
The waiting time depends on the integer coefficients which show that not only the arrival rate will
affect the waiting time but also the number of the SIP exchanged messages processed at each
14. International Journal of Next-Generation Networks (IJNGN) Vol.4, No.1, March 2012
14
node. Thus to minimize the registration delay, the bottleneck is to reduce the waiting time at each
node which is in turn affected by the arrival rata. An increased arrival rate will result in an
increase in the queue size and increase in the queuing time. On the other hand, the reduction of
the SIP messages could result in less waiting time. Similarly, for the setup delay, the waiting time
will increase with the increased arrival rate but will be mainly affected by the coefficient
corresponding to the number of messages exchanged at each IMS node. Thus the waiting time is
higher due to the higher number of messages involved in the setup delay. In addition, an increase
in the arrival rate will affect more the setup time as compared to the registration time. Thus the
total delay is highly affected by the setup delay rather than the registration delay as per figure 12.
Thus the total signaling delay is due to the setup delay.
Figure 12. Registration and set up queuing cost versus arrival rate
9. SECURITY VIOLATIONS
For both registration and setup delay as calculated in the cascaded queuing model, we will study
first the delay conditions at the system entry P-SCSCF and at the AS EXAM that may indicate a
possible security violation. As per figure 13, we will consider security violation at the main entry
point P-CSCF of the IMS queuing system. The I-CSCF and S-CSCF nodes will not be considered
in this study since they will simply forward the messages from the P-CSCF to the AS exam
server. At the end of the queue, the AS will be considered as another possible point possible
security violations where delay should be evaluated in order to study the server performance.
At the P-CSCSF node we will consider the following measures: First the number of accepted
registration should be controlled. When the number of students is known, the registration requests
number could be limited. When denial of service is launched, more registration requests will be
initiated toward the P-CSCF thus security violation could be recorded. Thus the probability of
keeping the number of accepted registration less than the number of students n should be highly
tracked.
Second, the time required to access the P-CSCF is critical since more time means possible
violation of user account which results in more processing at P-CSCF node and more waiting
time for the registration request in the P-CSCF system (buffer+ server).
15. International Journal of Next-Generation Networks (IJNGN) Vol.4, No.1, March 2012
15
Accepted registration: The maximum number of users in the system should be less than a number
n after which no more users will be accepted in the system.
When a denial of service occurs, a number of registration requests may flood the system. Due to
the PCSCF being over flowed, the number of users in the system should be less than a number n.
Thus in order to ensure all the registration will be accepted, we need to calculate:
Figure 13. Delay measures at security violations points
Where ρ is the system utilization given by equation (6) as:
Thus the probability that the number of registration requests exceeds a threshold n after which the
calls will be denied is:
Probability (Overflow)=1 - P(number of registration requests in system ≤ n = ρn+1
) (7)
Figure 14 shows that, for a given n, the overflow probability will increase with increased ρ
(varying from 0.1 to 0.9). Thus, higher utilization means busy server, less probability of being
within the accepted number of registrations, more probability to exceed the threshold. Thus when
ρ exceeds 0.75, the overflow probability will increase indicating a server being busy starting to
reject student’s registrations.
16. International Journal of Next-Generation Networks (IJNGN) Vol.4, No.1, March 2012
16
Figure 14. P-CSCSF node Overflow Probability Vs ρ
For the time required to access the P-CSCF node, the time spent in the system is to be controlled.
Based on the following:
Waiting time in the system (Tq) = Waiting time buffer+ Waiting time server
The probability of the waiting time should be kept less than a threshold T where T corresponds to
maximum waiting time for registration requests at the P-CSCG node, when this threshold is
exceeded, the probability of the server being busy is higher which will contribute in more waiting
time thus the probability of a possible security violation is exceeded when the threshold is not
maintained.
Where t is chosen to be less than a threshold T considering that a security attack would result in
higher waiting time. Thus “t” is simply the value below the threshold corresponding to normal
conditions of processing (waiting time) of the P-CSCF with no proxy overflow.
If t is exceeded, this means that server processing time is higher and a possible attack (student
account violation, for example) has been encountered. Figures 15 and 16 show the probability of
the waiting time in function of t for a low value of ρ (0.1) and high value of ρ (0.9) respectively.
With increasing t, the waiting time will increase. Higher probability of exceeding T is in case ρ is
high where the probability to be less than t is low and accordingly the system may be under
attack. On the other hand, low ρ, the system will encounter less waiting time thus higher
probability to stay within the threshold hence lower probability for the system to be overflowed or
vulnerable to risks.
Exam AS: On the AS, we need to control number of registration requests in the buffer since after
the buffer stage, requests will be served at the AS. So in order not to overflow the AS and before
the server is overflowed, the number of registration requests in the buffer should be controlled.
Thus the probability of the number of registration requests in the buffer should be kept less than n
where n is the number of students as per the following equation:
17. International Journal of Next-Generation Networks (IJNGN) Vol.4, No.1, March 2012
17
Figure 15. Waiting Probability Vs t with low ρ
Figure 16. Waiting Probability Vs t with high ρ
Thus the probability of exceeding the number n of registration requests is ρ n+2
as per the P-CSCSF
analysis, the overflow probability is increased with increasing n. Thus n should be kept less than
the threshold that may overflow the server and cause the AS not to respond to the student’s
requests. In this context, exceeding the threshold will occur at higher system utilization ρ. Thus
when kept at a low level the system should not suffer from any delay. In addition the AS server
should not reject any registration or set up request due to server overflow. In addition, as per the
P-CSCF delay limitations, the total time spent in the system (AS) should be less than a threshold t
otherwise more security measures should be taken (possibility of security attacks). The time spent
in the system (buffer + server) should be less than the normal condition time t. Thus probability
(waiting time in the system ≤ t) will give the same results as per P-CSCF node. Table 2
summarizes the delays effects and related management based on the specified sources.
18. International Journal of Next-Generation Networks (IJNGN) Vol.4, No.1, March 2012
18
Table 2. Delay effects and management
Source of
latency
Latency effect Latency management
Propagation Negligible at the
node level
Shorter distance between the nodes
Transmission Negligible at the
access network level
Faster access networks
Queuing Waiting time for
both registration and
set up
Accept invitation up to threshold n
Registration waiting time do not exceed T
Increased waiting
time
AS overflow or P-
CSCF Overflow
Check for possible violations.
Increased service
time
System may start to
reject new requests
Check for possible violations before no more
requests could be accepted.
10. CONCLUSIONS
In this paper we have analyzed different security threats for IP Multimedia Subsystem
architecture. A detailed analysis of security threats is presented and proposed a solution for the
security of Mobile Exam Application by deploying the firewall and Application Level Gateway.
The proposed solution can better secure the IMS infrastructure by providing the security in two
folds first firewall can filter the malicious traffic on network and transport layer and later ALG
can help in mitigating the application layer attacks. In addition, a delay analysis was conducted
to study the system performance and eliminate the possible security vulnerabilities based on the
type of latency and the possible source of delay. Results showed that the security violations could
be avoided by limiting the number of accepted registrations that the system will process and
defining the maximum waiting time that a request could take based on the current number of
students and related waiting time under normal system conditions.
ACKNOWLEDGEMENTS
The authors would like to thank King Abdulaziz City for Science and Technology (KACST),
Saudi Arabia for funding this ongoing research project number 29-324.
REFERENCES
[1] Thoren, " Rethinking mobile communication: It’s not about bit speed", Feb. 2007
(http://www.ericsson.com/ericsson/corpinfo/publications/ericsson_business_review/pdf/207/not_abou
t_speed.pdf)
[2] Dirk Pesch, Maria Isabel Pous, Gerry Foster, "Performance evaluation of SIP-based multimedia
services in UMTS", Computer Networks, Volume 49, Issue 3, 19 October 2005, Pages 385-403
[3] Barnawi, “Deploying SIP-based Mobile Exam Application onto Next Generation Network testbed”,
Electronics, Communications and Photonics Conference (SIECPC), 2011 Saudi International, 16 June
2011.
[4] Hunter, “Security Issues with the IP Multimedia Subsystem (IMS)”, Version 1.0, September 1, 2007.
[5] Mark, “VOIP Vulnerabilities – Registration Hijacking” Secure Logix Corporation, 01 June 2005.
19. International Journal of Next-Generation Networks (IJNGN) Vol.4, No.1, March 2012
19
[6] Mark, “Basic Vulnerability Issues for SIP Security” Secure Logix Corporation, 01 March 2005.
[7] Geneiatakis, “Survey of Security Vulnerabilities Session Initiation Protocol”, IEEE Communications
Survey & Tutorials, Volume 8, No.3, 3rd Quarter 2006.
[8] http://en.wikipedia.org/wiki/Application_Layer_Gateway accessed on 24th December 2011.
[9] Keith Drage, SIP and the application of SIP as used in 3GPP, Lucent Technologies.
[10] W.Jianhui, J.Hao, Wu Wenguang, “A novel queuing model for IMS- based IPTV system”, IC-
BNMT2009.
[11] J. Medhi, Stochastic Models in Queueing Theory. Academic Press, 2003.
[12] N.Psimogiannos, A.ggeliki, D.Vergados,”An IMS-based network architecture for WiMAX-UMTS
and WiMAX-WLAN interworking”, Conputer Communications, 2010.
Authors
Dr. Ahmed Barnawi received his BSc in Electrical Engineering from King Abdul-Aziz University in
2000, his degree in Communication Engineering from University of Manchester Institute of Science and
Technology (UMIST) in 2002, and his PhD degree in Mobile Communications from Bradford University in
2006. Currently, Dr. Barnawi is an Assistant Professor at the Department of Computer Science, King
Abdul-Aziz University, Jeddah, Saudi Arabia. His current research interests include Mobile Next
Generation Network, Cognitive Radio and Wireless Ad hoc and Sensor Networks.
Dr. Abdulrahman Altalhi is an assistant professor of Information Technology at King Abdul-Aziz
University. He has obtained his Ph.D. in Engineering and Applied Sciences (Computer Science) from the
University of New Orleans on May of 2004. He served as the chairman of the IT department for two years
(2007-2008). Currently, he is the Vice Dean of the College of Computing and Information Technology. His
research interest include: Wireless Networks, Software Engineering, and Computing Education.
Dr. Nadine Akkari received his BSc and Msc in computer engineering from University of balamand,
Lebanon in 1999 and a diploma in specialized study in telecommunications networks from Engineering
School of Beirut, Saint Joseph University, Lebanon in 2001. She received her PhD degree in Mobility and
QoS Management in next generation networks in 2006 from National Superior School of
telecommunications (ENST), Paris, France. Currently, Dr. Akkari is an Assistant Professor at the
Department of Computer Science, King Abdulaziz University, Jeddah, Saudi Arabia. Her current research
interests include Next Generation Networks, mobility management and Cognitive Radio.
Muhammad Emran is working as Lecturer in Computer Science Department of King Abdul Aziz
University, Jeddah, Saudi Arabia. He has completed Master in Computer Science from Quaid-i-Azam
University, Islamabad Pakistan in 1997. Then he completed his MS (CS) with specialization in Computer
Networks from COMSATS Institute of Information Technology, Lahore Pakistan in 2006. His research
interests are in IP Multimedia Subsystem, Wireless and Mobile Computing and Network Security.