Vol. 11 No. 9 SEP 2013

Vol. 11 No. 9 SEPTEMBER 2013 International Journal of Computer Science and Information Security

Publication SEPTEMBER 2013, Volume 11 No. 9 (Download Full Journal) (Archive) (Download 2)

Copyright © IJCSIS. This is an open access journal distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

1. Paper 31081326: Countering Wrapping Attack on XML Signature in SOAP Message for Cloud Computing (pp. 1-6)

Full Text: PDF

Hadi Razzaghi Kouchaksaraei, Alexander G. Chefranov

Department of Computer Engineering, Eastern Mediterranean University, Gazimagusa- Mersin 10- Turkey

Abstract — It is known that the exchange of information between web applications is done by means of the SOAP protocol. Securing this protocol is obviously a vital issue for any computer network. However, when it comes to cloud computing systems, the sensitivity of this issue rises, as the clients of system, release their data to the cloud. XML signature is employed to secure SOAP messages. However, there are also some weak points that have been identified, named as XML signature wrapping attacks, which have been categorized into four major groups; Simple Ancestry Context Attack, Optional element context attacks, Sibling Value Context Attack, Sibling Order Context. In this paper, two existing methods, for referencing the signed part of SOAP Message, named as ID referencing and XPath method, are analyzed and examined. In addition, a new method is proposed and tested, to secure the SOAP message. In the new method, the XML any signature wrapping attack is prevented by employing the concept of XML digital signature on the SOAP message. The results of conducted experiments show that the proposed method is approximately three times faster than the XPath method and even a little faster than ID.

Keywords: Cloud Computing, SOAP message, XML digital signature, Wrapping attack.

2. Paper 31081313: An Approach for Software Security Evaluation Based on ISO/IEC 15408 in the ISMS Implementation (pp. 7-11)

Full Text: PDF

Tahereh Nayerifard*, Computer Engineering Department, Islamic Azad University, North Tehran Branch, Tehran, Iran

Nasser Modiri, Computer Engineering Department, Islamic Azad University, Zanjan Branch, Zanjan, Iran

Sam Jabbehdari, Computer Engineering Department, Islamic Azad University, North Tehran Branch, Tehran, Iran

Abstract — Security software is focused on identifying potential hazards and can have a negative impact on the software and also damage the whole system. If risks are identified early in the software engineering process, Software design problems are detected, and the potential hazards are eliminated or controlled. Value of the investment on hardware components and software programs, the value of data organization, individual data values, threats, computer crimes, are the main reasons to understand the Importance of security and why security measures are necessary. Since the systems are under constant threat and on the other hand, absolute security cannot be seen, it is obvious that whenever there is a security problem of the advancement of technology. From Hence, in order for raising the level security in the software, at all stages of the development of software products, security assessments should be considered. In this paper, we tried to security evaluate all the activities of Software Development Life Cycle based on the third part of the ISO/IEC 15048, to increase the level of security in the SDLC. In fact, using this standard, the adoption of security activities in order to assess the life cycle activities is proposed. Continued research in applying the principles of ISMS, security assessment activities have improved with exposure in PDCA cycle, thus the complete security evaluation on the life cycle of software development activities will be carried out. Therefore, the goal is to create a method based on the principles of safety engineering, that represent the evaluation of the activities involved SDLC under the Common Criteria standard. Since the guidelines of the standards, ISO/IEC 12207, ISO/IEC 15408 and ISO/IEC 27034 is used, this approach worked quite flexible and adaptable to changing technology, organizational structure, changing business objectives and organization security policy changes.

Keywords- ISO/IEC 15408 ،PDCA ،SDLC ،Security Evaluation ،Software Security

3. Paper 31081315: An Efficient Parallel Based Diabetic Retinopathy Grading Algorithm (pp. 12-23)

Full Text: PDF

Associate. Prof. Ghada F. Elkabbany, Informatics Dept., Electronics Research Institute, Cairo, Egypt

Associate. Prof. Heba A. Elnemr, Computers & Systems Dept., Electronics Research Institute, Cairo, Egypt

Abstract — Medical imaging has revolutionized the medicine by providing cost-efficient healthcare and effective diagnosis in all major disease areas. Diabetes is a chronic disease and a major public health challenge worldwide. Diabetes complications can be prevented or delayed by early identification of people at risk. There are several approaches carried out on this context. There are many methods are available for prediction but because natural process of this kind are very complex which involves large number of input variables so we need very large dataset for proper prediction, it also has disadvantage of high algorithmic complexity and extensive memory requirements of the required quadratic programming in large-scale tasks. For very large and complex problems it is better to divide data in parts which not only decrease the complexity but also provide the capability of handling the tasks in parallel. This work presents and evaluates a method for introducing parallelism into the diabetic retinopathy grading algorithm proposed in [1]. The aim is to improve its performance by utilizing parallel concepts which distribute the employed datasets into different nodes which reduces the computational complexity, processing power and memory requirements. To implement the parallel processing on DR grading algorithm presented in [1], different levels of parallelism are used. Multi-level of parallelization improves the system utilization and throughput. In the proposed parallel DR grading algorithm, when the number of nodes is large load imbalance occurs. Thus, static load balancing algorithm is applied to get better performance. The suggested parallel DR grading method is simple and can be used for large datasets. This method also provides the flexibility to be modified according to the dataset size, number of nodes and memory available on different units. We have tested the proposed algorithm and the results are very encouraging.

Keywords - Diabetic retinopathy; Clustering; Parallel processing; Texture feature extraction; Gray level co-occurrence matrix; Parallel techniques

4. Paper 31081319: Maximum Battery Capacity Routing to Prolong Network Operation Lifetime in Wireless MESH Network alongside the OLSR Protocol (pp. 24-29)

Full Text: PDF

Ramezanali Sadeghzadeh, Faculty of Electrical and Computer Engineering, K.N. Toosi University of Technology, Tehran, Iran

Afsaneh Saee Arezoomand, Dept. of Electrical and Computer Engineering, Science and Research Branch, Islamic Azad University, Tehran, Iran

Mohammad Zare, Dept. of Electrical and Computer Engineering, Science and Research Branch, Islamic Azad University, Tehran, Iran

Abstract — A wireless mesh network (WMN) is a communications network made up of radio nodes organized in a mesh topology. Wireless mesh networks often consist of mesh clients, mesh routers and gateways. The mesh clients operate on batteries such as cell phone, laptop and .., while the mesh routers forward traffic to and from the gateways which may, but need not, connect to the Internet. To maximize the lifetime of mesh mobile networks, the power consumption rate of each node must be evenly distributed, it is essential to prolong each individual node (mobile) lifetime since the lack of mobile nodes can result in partitioning of the network, causing interruptions in communications between mobile nodes, and finally the overall transmission power for each connection request must be minimized. In this article we propose a new metric to find a proper route in wireless Mesh network and beside it we study OLSR protocol that it can be used in Ad hoc network.

Keywords- Wireless Mesh; Ad hoc Network; Energy Consumption; Power Control; OLSR protocol

5. Paper 31081321: A New Sentinel Approach for Energy Efficient and Hole Aware Wireless Sensor Networks (pp. 30-37)

Full Text: PDF

Dame DIONGUE, PhD Student, Department of Computer Science, Gaston Berger University, BP : 234 Saint Louis, SENEGAL

Ousmane THIARE, Department of Computer Science, Gaston Berger University, BP : 234 Saint Louis, SENEGAL

Abstract — Recent advances in micro-sensor and communication technology have enabled the emergence of a new technology, Wireless Sensor Networks (WSN). WSN have emerging recently as a key solution to monitor remote or hostile environments and concern a wide range of applications. These networks are faced with many challenges such as energy efficiency usage, topology maintenance, network lifetime maximization, etc. Experience shows that sensing and communications tasks consume energy, therefore judicious power management can effectively extend network lifetime. Moreover, the low cost of sensor devices will allows deployment of huge number nodes that can permit a high redundancy degree. In this paper, we focus on the problem of energy efficiency and topology maintenance in a densely deployed network context. Hence we propose an energy aware sleep scheduling and rapid topology healing scheme for long life wireless sensor networks. Our scheme is a strong node scheduling based mechanism for lifetime maximization in wireless sensor networks and has a fast maintenance method to cover nodes failure. Our sentinel scheme is based on a probabilistic model which provides a distributed sleep scheduling and topology control algorithm. Simulations and experimental results are presented to verify our approach and the performance of our mechanism.

Keywords-component; energy conservation; lifetime maximization; topology maintenance; insert (key words)

6. Paper 31081322: Design of Generic Framework for Botnet Detection in Network Forensics (pp. 38-45)

Full Text: PDF

Sukhdilpreet Kaur, Computer Science and Engineering, Punjabi University Regional Centre for Information Technology and Management, Mohali, India

Amandeep Verma, Computer Science and Engineering, Punjabi University Regional Centre for Information Technology and Management, Mohali, India

Abstract — With the raise in practice of Internet, in social, personal, commercial and other aspects of life, the cybercrime is as well escalating at an alarming rate. Such usage of Internet in diversified areas also augmented the illegal activities, which in turn, bids many network attacks and threats. Network forensics is used to detect the network attacks. This can be viewed as the extension of network security. It is the technology, which detects and also suggests prevention of the various network attacks. Botnet is one of the most common attacks and is regarded as a network of hacked computers. It captures the network packet, store it and then analyze and correlate to find the source of attack. Various methods based on this approach for botnet detection are in literature, but a generalized method is lacking. So, there is a requirement to design a generic framework that can be used by any botnet detection. This framework is of use for researchers, in the development of their own method of botnet detection, by means of providing methodology and guidelines. In this paper, various prevalent methods of botnet detection are studied, commonalities among them are established and then a generalized model for the detection of botnet is proposed. The proposed framework is described as UML diagrams.

Keywords- Network forensics, Botnets, Botnet detection methods, class diagrams, activity diagram.

7. Paper 31081325: Visualization for Information Retrieval in Regional Distributed Environment (pp. 46-63)

Full Text: PDF

Mamoon H. Mamoon, Hazem M. El-Bakry, Amany A. Slamaa

Faculty of computer science & information system, Mansoura University, EGYPT

Abstract — Information retrieval (IR) is the task of representing, storing, organizing, and offering access to information items. The problem for search engines is not only to find topic relevant results, but results consistent with the user’s information need. How to retrieve desired information from the Internet with high efficiency and good effectiveness is become the main concern of internet user-based. The interface of the systems does not help them to perceive the precision of these results. Speed, resources consuming, searching and retrieving process also aren't optimal. The search engine's aim is developing and improving the performance of information retrieval system and gifting the user whatever his culture' level. The proposed system is using information visualization for interface problems, and for improving other side of web IR system's problems, it uses the regional crawler on distributed search environment with conceptual query processing and enhanced vector space information retrieval model (VSM). It is an effective attempt to match renewal user's needs and get a better performance than ordinary system.

Keywords - Regional distributed crawler, VSM, conceptual weighting, visualization, WordNet, information visualization, web information retrieval.

8. Paper 31081327: A Comparative Study of Replication Techniques in Grid Computing Systems (pp. 64-73)

Full Text: PDF

Sheida Dayyani, Department of Computer Engineering, Sheikh Bahaei University, Isfahan, Iran

Mohammad Reza Khayyambashi, Department of Computer Engineering, University of Isfahan, Isfahan, Iran

Abstract — Grid Computing is a type of parallel and distributed systems that is designed to provide reliable access to data and computational resources in wide area networks. These resources are distributed in different geographical locations, however are organized to provide an integrated service. Effective data management in today`s enterprise environment is an important issue. Also, Performance is one of the challenges of using these environments. For improving the performance of file access and easing the sharing amongst distributed systems, replication techniques are used. Data replication is a common method used in distributed environments, where essential data is stored in multiple locations, so that a user can access the data from a site in his area. In this paper, we present a survey on basic and new replication techniques that have been proposed by other researchers. After that, we have a full comparative study on these replication strategies. Also, at the end of the paper, we summarize the results and points of these replication techniques.

Keywords-comparative study; distributed environments; grid computing; data replication

9. Paper 31081332: Parallel Implementation of the Single Source Shortest Path Algorithm on CPU–GPU Based Hybrid System (pp. 74-80)

Full Text: PDF

Dhirendra Pratap Singh, Dept. of Computer Science and Engineering, MANIT, Bhopal, India

Nilay Khare, Dept. of Computer Science and Engineering, MANIT, Bhopal, India

Abstract — Single source shortest path (SSSP) calculation is a common prerequisite in many real world applications such as traveler information systems, network routing table creation etc., where basic data are depicted as a graph. To fulfill the requirements of such applications, SSSP calculation algorithms should process their data very quickly but these data are actually very large in size. Parallel implementation of the SSSP algorithm could be one of the best ways to process large data sets in real time. This paper proposes two different ways of parallel implementation of SSSP calculation on a CPU-GPU (Graphics Processing Unit)-based hybrid machine and demonstrates the impact of the highly parallel computing capabilities of today’s GPUs. We present parallel implementations of a modified version of Dijkstra’s famous algorithm of SSSP calculation, which can settle more than one node at any iteration. This paper presents a comparative analysis between both implementations. We evaluate the results of our parallel implementations for two Nvidia GPUs; the Tasla C2074 and the GeForce GTS 450. We compute the SSSP on graph having 5.1 million edges in 191 milliseconds. Our modified parallel implementation shows the three-fold improvement on the parallel implementation of simple Dijkstra’s algorithm.

Keywords - Graph Algorithm; Compute Unified Device Architecture (CUDA); Graphics Processing Unit (GPU); Parallel Processing.

10. Paper 31081340: Analysis of the Methodology Required for the Simulation of Handover Failure in GSM Network (pp. 81-86)

Full Text: PDF

Syed Foysol Islam, Faculty of Engineering, University of Development Alternative (UODA), Dhaka, Bangladesh

Fahmi Ahmed, Faculty of Engineering, University of Development Alternative (UODA), Dhaka, Bangladesh

Abstract — This research paper shows the methodology needed for the simulation of call drop & handover failure in GSM network tele-traffic through OMNeT++ simulation tool under Windows platform. It measures design conditions and minimum quality standards should provide for operation and simulates call drop and hand over failure in GSM tele-traffic. The simulator has been programmed in OMNeT++, is a discrete event simulator focused on research of wired or wireless networks.

Keywords - Call drop; Handover; Wireless network; Simulator;

11. Paper 31061311: Web Usage Mining through Efficient Genetic Fuzzy C-Means (pp. 87-90)

Full Text: PDF

Deepak Kumar Niware, Department of Computer Science & Engg., TIT, Bhopal (INDIA)

Dr. Setu Kumar Chaturvedi, Department of Computer Science & Engg., TIT, Bhopal (INDIA)

Abstract - In process of knowledge discovery from any weblog dataset, most widely and extensively used clustering algorithm for this purpose is Fuzzy c-means (FCM) algorithm because the data of web-log is unsupervised dataset. Due to sensitivity of FCM, it can be easily trapped in a local optimum, and it is also depends on initialization. In this paper we present use of Genetic algorithm in Fuzzy cmeans algorithm to select initial center point for clustering in FCM. The purpose of this paper is to provide optimum initial solution for FCM with the help of genetic algorithm to reduce the error rate in pattern creation.

Keywords: Fuzzy C-means, Genetic Algorithm, Web log mining, Web usage mining, Web mining.

12. Paper 31081301: Clustering Technique Based Outlier Detection Method for Document Classification (pp. 91-96)

Full Text: PDF

Deepti Jain, SATI Vidisha, Vidisha (M.P.) India

Dr. Bhupendra Verma, Director TIT Bhopal, Bhopal (M.P.) India

Dr. R. C. Jain, Director SATI Vidisha, Vidisha (M.P.) India

Abstract - In this paper, we propose a clustering based technique to capture outliers for document classification and apply Kmeans clustering algorithm to divide the dataset into clusters. The points lying near centroid of the cluster are not probable candidate for outlier and prune out such points from each cluster then calculate a distance based outlier score for remaining points. The computations calculate to the outlier score reduces considerably due to the pruning of some points. Based on the outlier score declare the top n points with the highest score as outliers after that classification technique is applied for categorization. The experimental results using actual dataset demonstrate that even though the number of computations is fewer, the proposed method performs better than the obtainable method.

Keywords: outlier; Cluster; Distance-based; Classification.

13. Paper 31081318: Hybrid Storage Architecture: A survey (pp. 97-102)

Full Text: PDF

Tejaswini Apte, Symbiosis Institute of Computer Studies and Research, Pune, INDIA

Dr. Maya Ingle and Dr. A.K. Goyal, Devi Ahilya Vishwavidyalaya, Indore, Indore, INDIA

Abstract - Database design requirement for large scale OLAP applications differs from small-scale database programs. Database query and update performance is highly dependent on the storage design techniques. Two storage design techniques have been proposed in the literature namely; a) Row-Store architecture and b) Column-Store architecture. This paper studies and combines the best aspect of both Row-Store and Column-Store architectures to better serve an ad-hoc query workload. The performance is evaluated against TPC-H workload.

General Terms: Performance, Design Keywords: Statistics

14. Paper 31081323: Application of Combined Radial Basis Function And Echo State Neural Network (RBFESNN) For Mining Hamilton Rating Scale Depression Data (pp. 103-107)

Full Text: PDF

Bhuvana R., Research Scholar, Department of Computer Science, Vels University, Chennai, INDIA-600117.

Dr. Purushothaman S., Professor, PET Engineering College, Vallioor, INDIA-627117,

Rajeswari R., Research scholar, Mother Teresa Women’s University, Kodaikanal, INDIA-624101.

Abstract - Mining of depression data such as depressed mood, feelings of guilt, suicide, insomnia early, insomnia middle, insomnia late, work and activities, retardation, Psychomotor, agitation, anxiety, anxiety somatic, somatic symptoms, somatic symptoms general, genital symptoms, genital symptoms, insight, diurnal variations, depersonalization and decreolization, paranoid symptoms, obsessionals and compulsive symptoms have been collected based on the Hamilton rating scale for depression. This paper presents the implementation of neural network methods for depression data mining and diagnosis patients by using radial basis function (RBF) and Echo state neural network (ESNN). The output of RBF is given as input to ESNN network. A systematic approach has been developed to efficiently mine the depression data for proper diagnosis of the patients.

Keywords: Hamilton Rating Scale Depression data, radial basis function (RBF), echo state neural network (ESNN)

15. Paper 31081305: A Model for Control the Traffic Pollution using Signals by Optimization Method (pp. 108-110)

Full Text: PDF

D. Nagarajan, Department of Information Technology, Math Section, Salalah college of Technology, Salalah, Sultanate of Oman.

M. Raji, Department of Mathematics, Asan Memorial College of Engineering and Technology, Chengalpattu, India.

Abstract — Traffic signals are very important vital factor for reduce the traffic pollution in our world. The past three decades researches much attention about the traffic pollution. There are many opportunities to use clever traffic engineering to reduce the impacts of traffic on public transportation. Often these combine traffic signals with short sections of exclusive public transport lanes. The aim of the paper is to reduce the traffic pollution using traffic signal by Markov chain and genetic algorithm.

Keywords- traffic system; continuous time markov chain; genetic algorithm.

16. Paper 31081346: An Evaluative Model of Organizational Architecture by the use of Colored Petri Networks (pp. 111-116)

Full Text: PDF

Ali akbar tabibi, Research and Science University of Bushehr, Student Masters, Department of Computer Engineering, Software, 7514963161Bushehr Iran

Seyed javadmirabedini, Islamic Azad University, Central Tehran Branch, Tehran Iran

Abstract - Organizational architecture is composed under a process called organizational architecture process. This process is complicated and architecture can use its framework as a modulator of structure to control complicacy and apply the method as a behavior director. In architecture, behavior is prior to structure, and a structure may have different behaviors. But which behavior (method) best suite architecture and thus meet the concerned needs? Evaluation of architecture is needed to answer this question. As an instance, this article aims to demonstrate validity of architecture behavior on intelligent fuel card using colored Petri networks. As result, it revealed up that the given solution led to identify traffic points and thus helped the architecture designers in choosing the right method.

Keywords: Organizational Architecture, Evaluation of Architecture, Colored Petri

17. Paper 31081348: Security Issues Analysis for Cloud Computing (pp. 117-125)

Full Text: PDF

Bashir Alam (1), M.N Doja (1), Mansaf Alam (2) and Shweta Malhotra (1)

(1) Department of Computer Engineering Jamia Millia Islamia , New Delhi, India

(2) Department of Computer Science Jamia Millia Islamia , New Delhi, India

Abstract — Cloud computing is a new emerging concept recently introduced in the world. Cloud services on the first hand provides many advantages like pay-as-u-go nature, faster deployment of IT resources and the way of future but on the other hand challenges/ issues of cloud overweight the advantages of cloud. Among all the challenges of cloud, the upmost challenge that the world is facing with cloud is “Security” as clients outsource their personal, sensitive data to the cloud over the internet which can be very dangerous if not secured properly. In this paper we have analyzed security issues of cloud from different aspects along with some implemented solutions. Security of cloud can be categorized by service models provided by service providers, data life cycle security issues and it can be categorized by data security, virtualization security and software/application security. We have also analyzed some implemented solution model based on cryptography and shamir’s secret sharing algorithm to some of the security issues.

Keywords- Software as a service (SAAS) Platform as a service (PAAS); Infrastructure as a service (IAAS); Service level agreement (SLA), Multi cloud Database model (MCDB), NetDB2-Multi Share(NetDB2-MS).

18. Paper 31081307: Software Engineering Framework using Agile Dynamic System Development Method for Efficient Mobile Application Development (pp. 126-134)

Full Text: PDF

Mr. N. Balasupramanian, Mr. RamKumar Lakshminarayanan , Dr. RD. Balaji,

Lecturer, Department of IT, Higher College of Technology, Muscat, Sultanate of Oman

Abstract - The mobile industry is changing the technologies very often to attract the customer to a greater extent; whether it is application platforms, devices, technology, features, network models or exploration of application use cases, the speed of change for any one of these technologies means that businesses or opportunities have to think carefully before investing in creating their own applications. Now-a-days, the mobile application development is targeted of introducing many new tools, techniques and methodologies for the application development. This paper provides the development team members a right direction to apply appropriate software engineering framework implementing agile method for the development of mobile application and this paper also gives a comparative study between the XP and DSDM agile methods.

Key Words- Going Mobile, Application Development, Software Engineering, Agile, Framework, XP-Extreme Programming, DSDM-Dynamic System Development Method