International Conference on Applied Information ...

Download PDF
11 downloads 1019 Views 25MB Size Report
Comment
Joseph J. M., Robert, M. & William M. T. 2003. Installing ...... Isaac Siwale (2013) in his paper „Solution of. Nonlinear ...... rain is seen even during these dry seasons (Mongabe,. 2011 ...... vision images with 12 images per subject in gray scale.
Proceedings

AIT 2015 International Conference on Applied Information Technology

i

Department of Computer Science

Proceedings

AIT 2015 International Conference on Applied Information Technology

7-9 of October, 2015 Federal University of Agriculture, Abeokuta, Ogun State, Nigeria.

Edited by A. T. Akinwale A. O. Ojesanmi S. A. Onashoga A. A. Abayomi-Alli

Department of Computer Science

ii

Copyright © 2015 Nigeria Computer Society (NCS), Ogun State Chapter.

All rights reserved. No part of the contents of this publication may be reproduced or transmitted in any form or by any means without the written permission of the publisher. Copying, reprint, or republication requests should be addressed to: The Nigerian Computer Society, Ogun State Chapter, C/o Department of Computer Science, Federal University of Agriculture, Abeokuta, Nigeria.

ISBN: 978-978-950-229-5 The selected, peer reviewed papers in this book comprise the proceedings of the International Conference on Applied Information Technology (AIT 2015). They reflect the authors’ opinions and, in the interests of timely dissemination, are published as presented without change. Their inclusion in this publication does not necessarily constitute endorsement by the Editors, the Nigeria Computer Society, Ogun State Chapter or the Department of Computer Science, Federal University of Agriculture, Abeokuta, Nigeria.

Additional Copies may be ordered from the:

Department of Computer Science, Federal University of Agriculture, Alabata road, Abeokuta, Ogun State, Nigeria. [email protected]

Nigeria Computer Society, Ogun State Chapter. http://www.ncsogun.org.ng [email protected] +234-8033537505

Cover art production by: Mathus Media, 08067179427 Printed in Nigeria by: Al-Ameen Digital Press, 08034092598

Department of Computer Science

iii

2015 1st International Conference on Applied Information Technology AIT 2015 Table of Contents Preface Conference Committee Reviewers

vii viii ix

Multi-Protocol Label Switching (MPLS) Recovery for a Failed Multicast Network Nubunga, I.

1-4

A Hybrid Intelligent Forecasting Model to Determine Malaria Transmission Abisoye, O. A. and Jimoh, R. G.

5-11

An Availability Architecture for Distributed Databases against Byzantine Failure Aborisade, D. O., Sodiya, A. S., Odumosu, A. A., Alowosile, O. Y. and Adedeji, A. A.

12-17

Securing Digitized Campus Clinical Healthcare Delivery System Olaniyi, O. M., Folorunso, T. A., Omotosho, A. and Alegbeleye, I.

18-26

Effective Teaching of Programming Languages at Undergraduate: An Overview Adelakun-Adeyemo, O. and Akinola, S. O.

27-32

A Fashion Colour Combination Visualization Model Using Genetic Algorithm Salako, O. S., Oloruntoba, C. O., Sanusi, O. V. and A. A. Maruf-Sogeyinbo

33-37

Multi-Path Messaging Service (MPM): An Advanced and Better Way to Multimedia Messaging Service Ibharalu, T. F., Ogunjobi, A. O. and Onashoga, S. A.

38-43

Effect of Time Spent On Social Media on the Academic Performance of Undergraduate Students Ayoade, O. B.

44-50

Towards a Quality of Service Based Content Delivery in the Cloud Omotunde, A. A, Okolie, S. O., Idowu, S. A. and Ajayi, O. B.

51-53

A Proposed Intrusion Alerts Verification and Correlation Mechanism Ikuomola, A. J.

54-59

An Intelligent Decision-Making Model for B2B E-Commerce Using Advanced Analytic Hierarchy Process Makinde, A., Vincent, O. R. and Akinwale, A. T.

60-69

Investigating Quality of Service Performance of Mobile Broadband Networks at Sokoto State Tertiary Institutions Shehu, S., Mohammed, A., Tambuwal, A. Y. and Bello, A.

70-75

Parameter Variation in Genetic Algorithm Linear Equation Solver Ikotun, A. M., Akinwale, A. T. and Arogundade, O. T.

76-80

Development of an Agent and Web-Based Models for Campus Emergency Communication Alaba, O. B., Ayeni, G. A., Ojesanmi, O. A. and Soyemi, J.

81-86

Variability of Surface Duct in Abidjan-Ivory Coast Troposphere using Advanced Refractive Effects Prediction System (AREPS) Ikharo, A. B., Okereke, U. O. and Jiya, J. D.

87-92

iv

Similarity Measure on E-Assessment Raji-Lawal, H., Akinwale, A. T. and Folorunso, O.

93-97

Rough Set Theory Based Intelligent Distributed Video Coding Side Information Generation Akinola, M. O.

98-102

A Noise Perturbation Framework towards Enhancing Privacy in Big Data Computing Oloruntoba, C. O. and Sodiya, A. S.

103-106

Dynamic Congestion Control Scheme for Video Streaming In Peer-To-Peer Network Ojo, O. E., Ajobiewe, A. B. and Ajayi, T. D.

107-110

Natural Language Processing of English Language to Yorùbá Language Obalalu, B. S., Ibharalu, F. T. and Fagbolu, O. O.

111-114

Information and Communication Technology (ICT) Competence and Literacy among Undergraduates as a Factor for Academic Achievement John H. C., Izang, A. A. and Akorede, O. J.

115-122

A Framework for Improved Fitness Calculation in Genetic Mining Ayo, F. E., Folorunso, O. and Ibharalu, F. T.

123-129

An Architectural Model for Recommendation-Based Trace Clustering Approach in Process-Aware Information Systems Fasinu, D. T., Folorunso, O., Ojesanmi, O. A., and Olayiwola O. M.

130-133

An E-voting Authentication Scheme Using Luhn’s Algorithm and Association Rule Hammed M., Ibharalu, F. T. and Folorunso, O.

134-140

An Updated Perspective on Phishing Countermeasures and Their Effectiveness Orunsolu, A. A., Sodiya, A. S. and Akinwale, A. T.

141-148

A Roadmap to the Successful and Secured Adoption of Cloud Computing Mustapha, M., Alonge, C. Y and Arogundade, O. T.

149-155

An improved QOS for Efficient Channel Utilization in Mobile Networks Ugege, P. E., Ojesanmi, O. A. and Folorunso, O.

156-158

An Active Resource Allocation Model for Multimedia Cloud Ojo, O. E., Oluwatope, A. O. and Oyegunle, M. A.

159-164

Blackface Surveillance Camera (BFSC) Database for Evaluating Face Recognition Algorithms in Low Quality Scenarios Abayomi-Alli, A., Omidiora, E. O., Olabiyisi, S. O., Ojo, J. A. and Akingboye, A. Y.

165-174

Mining Android Applications for Anomaly Malware Detection Abah J. and Waziri O. V.

175-180

A Multi-Level Embedded Encryption Scheme Oyeleke, O., Onashoga, S. A. and Ojesanmi, O. A.

181-185

The Study on Principle Applications of Computer Ergonomic among University Workers in Osun State Adegoke, B. Salako, R., and Folorunsho, A.

186-189

Packet Reduction Rate during Forwarding in Switching Network Using Queuing Theory Adenowo, A., Akinwale, A., Vincent, O., Ojo E., and Lawal, M.

190-194

Design and Implementation of Customer Service Complaint Portal Adamu, H., Ayangbekun, O. J. and Muhammad, A. H.

195-201

Web-based Information Retrieval: a Comparative Analysis of Ranking Algorithms Abass, O. A., Folorunso, O. and Sodiya, A. S.

202-210

A Critical Analysis of Existing SMS Spam Filtering Approaches Abayomi-Alli O. O., Onashoga S. A., Sodiya A. S. and Ojo D. A.

v

211-220

3P-GRS: A Model for Privacy Preserving Process-Aware Group Recommender Systems Adeosun, O. E., Folorunso, O. and Sodiya, A. S.

221-227

Crypt-PIR: A Privacy Preserving Architecture for Query Response Oloruntoba C. O., Onashoga S. A., Oladele O. O. and Famuyiwa K. S. A

228-231

A Multi-Agent Route Planning System Based on Fuzzy Associative Memories Dada, O. O., Vincent, O. R., Ojesanmi, O. A., and Makinde, S. A.

232-239

Development of an Automatic Facial and Licence Plate Recognition System Abayomi-Alli, A., Mustapha, A. M., Adeleke, I. O., Adedapo A. O. and Tijani, O. D.

240-248

Information and Cyber Security Threat Analyser Tukur, Y. M. and Ali, S. Y.

249-258

A proposed Health Care Insurance Fraud and Abuse Detection System Ikuomola A. J

259-265

A Descriptive Ontological Approach for Enhancing E-payment Shopping Basket Vincent O. R, Owoade A. Adekoya A. F and Shittu, A. M

266-273

A Survey of Detection Techniques for Packet Dropping Attack in Mobile Ad Hoc Network Sodiya A. S., Folorunso O. O, and Akinola O. C.

274-284

Academic Library Visit and Information Resources Usage Bridging the Gap through Mobile Application Intervention Otuza, C. E. and Okoro, U. R.

285-289

Similarity Measures in Electronic Test at English Language Adesanya, A. A. and Akinwale, A. T.

290-294

Privacy Preserving Data Publishing Of Multiple Sensitve Attributes: A Taxonomic Review Onashoga, S. A., Bamiro, B. A., Akinwale, A. T. and Oguntuase, J. A

295-301

An Onto-Case based Reasoning for Intelligent Negotiation in B2c E-Commerce Oni, O. O., Vincent, O. R., Sodiya, A. S. and Makinde, S. A.

302-311

A Doctor-Centric Mobile Social Network System Adeyemi, T. S., Oladipupo, O. F., Kehinde, E. O. and Odusanya, A. A.

vi

312-318

Preface This is the proceeding of the first international Conference on Applied Information Technology (AIT 2015) jointly organized by the Department of Computer Science, Federal University of Agriculture, Abeokuta and Nigeria Computer Society, Ogun State Chapter. The theme of AIT 2015 conference is “Emerging Trends in Applied Computing” with focus on Cryptography and Information Security, Intelligent Information Systems, Big Data and Cloud Computing, Bioinformatics, Mobile Communications and Networking, etc. We are very pleased at the response to the call for conference papers and those received were targeted at the applications of Information Technology for national development. We received over 70 submissions and experts in the field selected 45 papers after doubleblinded, peer-reviewed process. At least two independent reviewers reviewed each paper. We appreciate the effort of the reviewers for creating time to review the papers. Without their commitment, it would not be possible to have the important referee status assigned to conference papers in proceedings. The quality of these papers is a pride to the authors and to the reviewers who have provided relevant guide for improvement. All staffs of the Department of Computer Science, Federal University of Agriculture, Abeokuta are members of the Nigeria Computer Society, Ogun State Chapter and we are pleased to host this first International Conference on Applied Information Technology (AIT 2015). We would like to thank our Vice-Chancellor and Chief Host, Prof. O. B. Oyewole, the National President of Nigeria Computer Society, Prof. G. A. Aderounmu, other Guest Speakers, authors, reviewers, participants and student volunteers for their contributions that made the conference a success. Most importantly, we appreciate the state executive council and members of the Nigeria Computer Society, Ogun State Chapter for their efforts in bringing this conference to reality. We wish all the participants a fruitful conference and a pleasant stay in Abeokuta.

Editors A. T. Akinwale A. O. Ojesanmi S. A. Onashoga A. A. Abayomi-Alli

vii

Conference Committee Chief Host Prof. O. B. Oyewole, Vice-Chancellor, Federal University of Agriculture, Abeokuta, Nigeria. Host Dr. S. A. Onashoga, Chairman, Nigeria Computer Society, Ogun State Chapter. Dr. A. O. Ojesanmi, Ag. Head, Department of Computer Science, FUNAAB, Abeokuta, Nigeria. General Chair Prof. A. T. Akinwale Conference Secretary Mr. O. Tijani Program Committee Dr. O. Folorunso Dr. A. S. Sodiya Dr. A. O. Ojesanmi Dr. S. A. Onashoga Dr. O. R. Vincent Dr. O. T. Arogundade Dr. F. T. Ibharalu Dr. (Engr.) A. Abayomi-Alli Mr. D. O. Aborisade Mr. S. Agholor Mrs O. E. Ojo Mr. O. S. Salako Miss C. O. Oloruntoba Mr. A. Durosinmi Mr O. E. Adeosun

Mrs A. A. Maruf-Sogeyinbo Mrs O. Abayomi-Alli Mr. T. Akinoso Mrs M. Owoseje Mr. Akinfenwa Mr T. Solanke Mr S. Onaolapo Mr. A. C. Olubiyi Mrs A. Adejimi Mr. T. Ajagbe Mr. A. Ahmed Mr. A. Odusanya Mr. K. Famuyiwa Mr. T. Ajagbe

Student Volunteers T. Daniel A. B. Bamigbade T. Adenowo O. Lawal O. Oyeleke A. Adesanya

viii

Reviewers Prof. M. Yatsymirskyy, Institute of Informatics, Technical University, Lodz, Poland. Prof. A. T. Akinwale, Department of Computer Science, FUNAAB, Abeokuta, Nigeria. Prof. A. O. Mustapha, Department of Physics, FUNAAB, Abeokuta, Nigeria. Dr. T. Hashem, Department of Computer Science, Bangladesh University of Engineering and Technology, Bangladesh. Dr. J. Blocki, Institute of Microsoft Research, New England, United States. Dr. M. Ostrowki, Institute of Informatics, Technical University, Lodz, Poland. Dr. O. Folorunso, Department of Computer Science, FUNAAB, Abeokuta, Nigeria. Dr. A. S. Sodiya, Department of Computer Science, FUNAAB, Abeokuta, Nigeria. Dr. V. Makinde, Department of Physics, FUNAAB, Abeokuta, Nigeria. Dr. A. O. Ojesanmi, Department of Computer Science, FUNAAB, Abeokuta, Nigeria. Dr. S. A. Onashoga, Department of Computer Science, FUNAAB, Abeokuta, Nigeria. Dr. O. R. Vincent, Department of Computer Science, FUNAAB, Abeokuta, Nigeria. Dr. O. T. Arogundade, Department of Computer Science, FUNAAB, Abeokuta, Nigeria. Dr. F. T. Ibharalu, Department of Computer Science, FUNAAB, Abeokuta, Nigeria. Dr. (Engr.) A. Abayomi-Alli, Department of Computer Science, FUNAAB, Abeokuta, Nigeria. Dr. A. P. Adewole, Department of Computer Science, University of Lagos, Lagos, Nigeria. Dr. A. F. Adekoya, Department of Computer Science, Lagos State University, Lagos, Nigeria. Dr. (Engr.) O. M. Olaniyi, Department of Computer Engineering, Federal University of Technology, Minna, Nigeria.

ix

1st International Conference on Applied Information Technology 7-9 October, 2015

MULTI-PROTOCOL LABEL SWITCHING (MPLS) RECOVERY FOR A FAILED MULTICAST NETWORK I. NUBUNGA Computer Science Department, Federal University of Education, Zaria. [email protected] Abstract: in the past years there has been a huge growth in the use of Internet, and new real-time connection oriented services like streaming technologies, time critical transaction oriented services are in use, and new ones are currently emerging. The research on more reliable network becomes an inevitable trend presently. This paper explores fault recovery based on Multi-Protocol Label Switching (MPLS) on links and nodes connectivity. It discusses the mechanism of using MPLS to enable high scalability, end-to-end connectivity in routed networks. It examines efficiency of Multicast network transmission of datagrams to a group of zero or more hosts on a single destination group address. The research investigated the failures on nodes and links with and without the proposed new recovery mechanism and employed simulation in Java programming language in a multicast tree network as an effective tool that can improve and guarantee intrusion-free network. It concluded by recommending a recovery algorithm for a multicast tree network to enhance efficiency and reliability. Keyword: Multi-protocol, Multicast, Network, Intrusion-free, Recovery algorithm overhead, resource management, quality of service (QOS) and robustness are the characteristics of good multicast routing protocols” Muthumari et al. (2015). The main motivation for this work is to overcome the drawbacks of the previously proposed schemes for the restoration mechanism in MPLS networks during link/node failure. Currently there are many algorithms that can be used to reroute traffic fast when a fault occurs in the MPLS domain.

INTRODUCTION In the past few decades, the internet has evolved into a widespread network and inspired the development of a variety of new applications in business and other sphere of human endeavour. Research conducted by Arunkumar (2014) revealed that the increasing demand of complex and data demanding Internet services has negatively affected the quality of service of data transfers in the network. A significant issue in nowadays networks is the support of real-time services or multimedia applications even in the presence of node or link failures. These new applications have driven the demand for increased and guaranteed bandwidth requirements in the backbone of the networks. In addition to the conventional data services currently provided over the internet, new voice and multimedia services are been developed and deployed. Arunkumar (2014) identified two basic techniques for network protection from such failures to be: (i) protection switching where a pre-computed alternative path (usually disjoint from the working path) is set up for every flow, and (ii) rerouting where an alternative path is dynamically recomputed after a fault is detected. For both techniques, the alternative path can be either global or local. The internet has emerged as the network of choice for providing these converged services. However, there is high demand placed on the network by these new applications and services, in terms of speed, bandwidth and accessibility it has strained the resources of the existing internet infrastructures. This transformation of the network toward a packet and cell based infrastructure has introduced uncertainty into what has conventionally been a fairly deterministic network. There are is timely delivery of data without exploitation of all the available resourcesis very much essential in vital application scenarios to a group of destinations (multicasting). “Efficiency, simplicity, control

THE CONCEPT OF MULTI-PROTOCOL LABEL SWITCHING RECOVERY Multi-Protocol Label Switching (MPLS) is a protocol which is used to strength the Internet Protocol (IP) network. According to Arunkumar (2014), MPLS is an architecture developed to combine the dynamic nature of IP routing protocols and the efficiency of label switching. When a packet enters the MPLS network the router that receives it, is responsible to add a label on it. The label is based on certain criteria‟s like the IP address of the recipient and it is used to route the packet through the next routers. Before the packet leaves the MPLS network, the last router is responsible to remove the label. The MPLS path is determined only once when the packet enters the MPLS network. The routers at the length of path do not take any routing decisions they only use the label of the packet as an index to an array which indicates the next router. Also the router must switch the label of the packet, before sending it to the next router. MPLS is one of the most critical high-speed networking technologies and is connection oriented, which implies greater sensitivity to faults, particularly to interruption of services.IXIA report (2014) affirmed that this connection-oriented architecture opens the door to a wealth of new possibilities for managing traffic on an IP network. Lemma (2003) affirmed that MPLS technology gives network operators a great deal of flexibility to divert and route traffic around link failures,

1

1st International Conference on Applied Information Technology 7-9 October, 2015 congestion and bottlenecks. MPLS does not replace IP routing but works in collaboration with existing and future routing technologies to provide high speed data forwarding between Label Switches Routers (LSRs) together with reservation of bandwidth for traffic flows with different QoSrequirements. MPLS will place a vital role in the routing, switching and forward of packets through the next generation network in order to meet the service demands by network users. Multicast is a mode of communication that involves a sender to group of receivers, unlike broadcast that transmits packet to a group of receiver blindly, multicast then to check for the membership of a node before sending to it a copy of the packet. Hence for a node to receive a packet sent it must be a member of the group. Recovery algorithm is a pseudo code on the steps and actions to take when there is a failure on the network. A recovery algorithm could be reactive or proactive. Proactive is a measure that put in place before a failure occurs. For instance, a bath up path can be created to reroute packet(s) when a failure occurs. While reactive is a measure that is taken only after a failure had occurred. A computer network is the connectivity that exists between two (2) or more computer in order to share resources. Resources here could be printers, fax machine, information, file server, internet, etc. Though the internet itself is also referred to as a computer network; computers that are on the network is referred to as a node. Intrusion-free in the context of this research means that there is not cost implication for adding another component to the multicast group.

a network can be reduce and how a segment of the network can be alive by using a bi directional back up path, rather than having the entire network paralysed. But failed the look at the implement of a node not receive a packet completely when there is a broadcast. This will always create a bridge of communication between the members of the multicast group since all will not have the most recently broadcast packet. In networks today link and node failure cause disruption in the flow of packet on a network. There are two (2) types of recovery mechanism: protection and restoration. Protection is a proactive approach while restoration is a reactive approach to failure recovery.Me´rindol et al (2010) author discusses the basic K-Shortest Path First (KSPF) algorithm and hoe to compute multiple paths to the destination. In the bird view model of a wireless sensor network maintaining connectivity between nodes is a big issue, for maintaining connectivity or avoiding congestion, the traditional ad-hoc routing algorithms are used when confronted with mobility. Kumaravel, et al. (2014) opined that the limited energy supply for thenetwork devices is not considered by these algorithmsi.e Distributed Actor Recovery Algorithm (DARA), Recovery through Inward Motion (RIM).The recovery of the MPLS network is based on the algorithm that is applied in order to detect the faults and route the data flow in an alternative path. Some schemes establish connectivityamong the disjoint network segments by placing new nodes Ameeret al (2013), which is only applicable in a wireless sensor network.The published schemes generally differ in the requirementsof the newly formed topology. The dead node is logically place by an active node which will distract the initial topology on which the network was established. One limitation of this approach is that the number of receivers (nodes) during a broadcast will be affected, invariably it will be reduced. Since multicast is a mode of communication between a sender to a group of receivers, then the packet will not be sent to every member of the multicast group. Anuradha et al (2014), in their research discussed and showed how nodes failure can be resolved by simply replacing a wireless sensor node with another active node.

LITERATURE REVIEW

METHODOLOGY Since it will be capital intensive to set up a network to test run and apply the proposed algorithm and recovery mechanism. Simulation of the network will be done for us the see, observe and analyse the performance of the network under the new recovery mechanism. The topology of the network is tree, with a depth of two (2) and each parent node can only have a fixed number of children (nodes) that receive the packet send via the network from the parent. The number of nodes is our network is eighty five (21), for the scope of the work the maximum level or depth of the tree is three (2). The packet will be broadcast from the source (root node) to every member for the network for have a copy. While the

Figure 1: A Segment Multicast Network with Clusters Source: Rohan (2004). Failure Recovery in MPLS Multicast Networks Using a Segmented Backup Approach. Failure is detected by the end nodes for link failure and by upstream and downstream nodes for node failure Rohan (2004). In his research work titled „„Failure Recovery in MPLS Multicast Networks Using a Segmented Backup Approach‟‟he consideredhow the number of the nodes the would not receive a packet (data) in the event of a failure in

2

1st International Conference on Applied Information Technology 7-9 October, 2015 broadcast is on a daemon (a program that works underneath) will also be launch so as to random deactivate a link and a node. Hereby making it to fail, this same daemon will also reactivate the link and node (transceiver and power unit) failure. This will ensure that a no point in time the traffic of the network will be brought to a halt. The algorithm uses a Boolean value 0 or 1 to signify that a link or a node is either alive or dead. For any link or node that returns a 0 when a parameter is passed. The program will have to active it likewise for if it returns a 1 to program may choose to deactivate it. The algorithm was latter implemented using Java programming language. Before then JDK (Java Development Kit)software was first installed on the system.JDK is a program development environment for writing Java applets and applications. It consist of a runtime environment that is „„sit on top‟‟ of the operating system layer as well as the tools and programming that developers need to compile, debug and run applets and applications written in Java language. When a node did not receive a packet due to link failure, it loops between the children (nodes) for which it is of the same parent with node id from 0 to n (where n is the number of children at a particular level on the tree) in other to get its own copy of the packet. What this implies is that a node will always be available to help other siblings of it when there is a failure in that branch of the tree. Hence, a branch of the network will never be caught off during the broadcast.

Source

level 0

Level 1

Level 2 0

1 9

2 10

3 4 5 6 7 11 12 13 14 15

8

Destinations Figure 2: Proposed Multicast Tree Algorithm for Link and Node Failure. Every branch of the tree have a maximum of four(4) children, while the number of children on a particular level of the tree can be obtained from the formula: , where, is the level or depth of the tree. Bi-directional communication is used between children at the same level, this is to give room for node (at the same level) to assist each other in the event of a failure of any node.

RESULT The finding made show that no node in the network will be denial of any packet that is broadcast from the source (root node) in respective of the number of broadcast made. It was also established that the network is never be paralyse in terms of segment or as a whole. This mechanism was able to address the issue of link and node failure which is the common failure encounter in most computer network today. The make the network to be more scalable and reliable. A reliable computer network should be able to guarantee end to end delivery of packets. In this new proposed architecture the topology is still maintain even when there is a failure on the network.

Comparism between Rohan and Ishaya 15

19 1

10

0

10

SINGLE MULTIPLY LINK NODE(S) FAILURE SEGMENTED LINK FAILURE IN A IN A SEGMENT FAILURE SEGMENT Rohan (Nodes that received message) Ishaya (nodes that received message)

Figure 2: Comparism between Rohan and Ishaya Recovery mechanism CONCLUSION Different approaches and routing protocol have been designed and deployed to tackle must of these challenges, all in a view to make the multicast network more efficient and time critical. But we are yet to get a perfect network, so work still needs to be done in these areas. This prompted the need to have a multicast network that is time critical, reducing the number of failed routers (nodes), in other words improving the efficiency of our multicast network. A message (information) shouldn‟t only arrive at the destination, but it should be timely. Node failure is a

3

1st International Conference on Applied Information Technology 7-9 October, 2015 little more complex than that of link. Link failure can simply be solve end by creating a bath up path through which the traffic of the packet could be rerouted. But for the case of a node failure the node have to be given immediate attention. Since it serves as route for which packets are sent. Hence algorithm and network recovery mechanism has to guarantee a continuous flow of packets, this is the goal of the new proposed algorithm, routing protocol and mechanism where was achieved.

13/9/2015http://www.ixiacom.com/sites/default/fles/ resources/whitepaper/mpls.pdf Jamoussi, B, Andersson, L. Callon, R. Dantu R. Wu, L. Doolan, P. Worster, T. Feldman, N. Fredette, A. Girish, M. Gray, E. Heinanen, J. Kilty, T. Malis, A. 2002 “Constraint-Based LSP Setup using LDP(RFC 3212)” http://rfc-3212.rfc list.net/ Kumaravel, K., Marimuthu A. 2014. An Efficient Routing Algorithm (MASH) in Mesh Networks Using DBVM Kompella, K. Swallow, G. 2004. “Detecting MPLS Data Plane Failures”. Lemma, H.G. 2013.„„Enhanced Fast Rerouting Mechanisms for Protected Traffic in MPLS Networks‟‟, PhD Thesis, Technical University of Catalonia, Barcelona, Spain. Me´rindol, P., Franc¸ois,P., .Bonaventure, O., Cateloin,S. PansiotJ.J. 2010. An Ef ficient Algorithm to Enable Path Diversity in Link State Routing Networks. Rekhter, Y. Rosen, E. 2001 “Carrying Label Information in BGP-4 (RFC 3107)” http://rfc3107.rfc-list.net/ Thomas. K. 2002. Multicasting: From Fixed Networks to Ad-hoc Networks. In Handbook of Wireless Networks and Mobile Computing. Ivan Stojmenovic (ed). Pages 495-507,John Wiley & Sons, ISBN 0-471-41902-8. Zeng, G. Wang, B. Ding, Y. 2010 Efficient multicast algorithms for Multichannel Wireless mesh networks, IEEE Transactions on Parallel and Distributed Systems 21 (1) 86–99.

REFERENCES Abbasi, A. A., Mohamed F. Younis,U, Baroudi A., 2013. Recovering From a Node Failure inWireless Sensor-Actor Networks With Minimal Topology Changes Internetworking Technologies Handbook, Fourth Edition Cisco Systems. Publisher: Cisco Press, (2003). Andersson, L. and Doolan, P., Feldman, N. Fredette, A. Thomas B. 2001“LDP Specification (RFC 3036)” http://rfc-3036.rfc-list.net/ Anuradha M. S. Deepa P. 2014 AnImplementation of Recovery Algorithm for Fault Nodes in a Wireless Sensor Network. Arunkumar, C. K. 2014. An Efficient Fault Tolerance Model for Path Recovery in MPLS Networks. International Journal of Innovative Research in Computer and Communication Engineering. Vol. 2, Issue 6 June 2014. IXIA White paper 2014. Multi-Protocol Label Switching (MPLS) Conformance and Performance Testing. Accessed on

4

1st International Conference on Applied Information Technology 7-9 October, 2015

A HYBRID INTELLIGENT FORECASTING MODEL TO DETERMINE MALARIA TRANSMISSION 1 1

O. A. Abisoye and 2R. G. Jimoh

Department of Computer Science, Federal University of Technology, Minna, Nigeria. 2 Department of Computer Science, University of Ilorin, Ilorin, Nigeria. [email protected] and [email protected]

Abstract: Strategies for fighting infectious disease rely on vector control, transmission blocking and medical assistance. Malaria is an infectious disease. According to World Health Organization 200 to 300 million of people are being affected with malaria every year and about 3 million people face fatal death yearly (WHO, 2013). This sporadic occurrence of malaria diseases in human has pushed the need to develop computational approaches for predicting in advance the occurrence of malaria diseases. The need to forecast in advance the occurrence of malaria disease and its outbreak will be helpful to take appropriate actions by individuals, World Health Organizations and Government Agencies and its devastating impact will be reduced. This research work proposes a coupling of Support Vector Machine (SVM), with Fuzzy Logic System (FLS) to determine the rate of malaria transmission. An hybrid forecasting model will be developed by conjoining Support Vector Machine, with fuzzy logic system to form a single model called SVM-FLS. The hybridization is done in such a way that the unique features of Support Vector Machine and Fuzzy Logic System (SVM-FLS) are captured, and then the weakness of one is strengthened by the other. Monthly cross-sectional surveys between January 2012 and December 2015(4 years) of malarial incidences will be collected from sample health centers in Minna Metropolis, Nigeria. Monthly averages of rainfall, temperature and relative humidity altogether with monthly malaria incidences will be considered as input variables. The proposed SVM-FLS will be compared with other existing models like Artificial Neural Networks(ANN), Fuzzy Logic System(FLS) and also with Support Vector Machine(SVM) to check its robustness and viability. Their statistical analysis will be conducted and their results will be compared. Keywords: Malaria, Support Vector Machine, Fuzzy Logic System , Artificial Neural Networks, Classification, Regression, Forecasting, Transmission. This year malaria may strike up to a half billion people. (National Geographic Society, 2015).

INTRODUCTION One of the most important things in life is health. But several diseases affect the proper functioning of human’s health. One of such common disease is malaria. Malaria is an infectious disease. According to World Health Organization 200 to 300 million of people are being affected with malaria every year and about 3 million people face fatal death yearly (WHO, 2014). Malaria is a major public health problem because virtually all humans are being diagnosed of malaria infections at one time or the other and its effects increases drastically and causes great harm to human life. About three billion people are at risk of infection in 109 countries. Each year, there are an estimated 250 million cases of malaria leading to approximately one million deaths, mostly in children under five years of age (WHO,2014). Malaria is caused by a parasite known as Plasmodium specie being transmitted by an Anopheles mosquito. The parasites invade the blood and causes adverse effect on the blood cells. Within 48 to 72 hours the parasites multiply inside the red blood cells and break open, infecting more red blood cells. The first symptoms usually occur between 10-14 days to 4 weeks after infection. Malaria parasites can also be transmitted from a mother to her unborn baby (congenitally), by blood transfusions and by sharing needles used to inject drugs (MDHIL, 2015). In some part of the world, malaria parasites have developed resistance to insecticides and antibiotics. In recent years, the malaria parasite has grown so entrenched and has developed resistance to so many drugs that the most potent strains can scarcely be controlled.

Malaria transmission is site specific due to different climatic change of a region. Temperature, rainfall, relative humidity fluctuations affects the life cycle of malaria parasite (Depinay, Mbogo, Killeen, Knols, Beier, Carlson, Dushoff, Billingsley, Mwambi, Githure , 2004). Only in the past few years has malaria captured the full attention of aid agencies and donors. The World Health Organization has made malaria reduction a chief priority. Bill Gates, who has called malaria ―the worst thing on the planet,‖ has donated hundreds of millions of dollars to the effort through the Bill and Melinda Gates Foundation. The Bush Administration has pledged 1.2 billion dollars. Funds devoted to malaria have doubled since 2003. The idea is to disable the disease by combining virtually every known malaria-fighting technique, from the ancient (Chinese herbal medicines) to the old (bed nets) to the ultramodern (multidrug cocktails). At the same time, malaria researchers are pursuing a long-sought, elusive goal: a vaccine that would curb the disease for good (National Geographic Society, 2015). Conventionally, problems are being solved by writing programs to decode the tasks. But difficulty arises when there is a huge amount of data which is hard to understand and to interpret by humans. A typical example is malarial incidences. A huge amount of malaria incidences is captured every year and there are difficulties in forecasting in advance its future occurrence and analysis of its possible threats.

5

1st International Conference on Applied Information Technology 7-9 October, 2015 So the need for a machine learning method arises. Such a machine processes the data and automatically finds structures in the data, i.e. learns. The knowledge about the extracted structure can be used to solve the problem at hand. Problems being solved by machine learning methods range from classifying observations, predicting values, structuring data (e.g. clustering), compressing data, visualizing data, filtering data, selecting relevant components from data, extracting dependencies between data components, modeling the data generating systems, constructing noise models for the observed data, integrating data from different sensors, using classification. Thus, machine learning focuses on prediction based on known properties learned from the trained data sets (Nilsson, 1998). Malaria is fuzzy in nature because a patient may have this answer to malaria: Yes /no and Much/little/very little (mild/moderate/severe). Many symptoms of different patient may even overlap. A malaria patient may even have characteristics of other diseases. Medical problems, therefore, cannot be generalized and analyzed using imagination. An analytical program is desperately required to integrate this complex network of problems and devise individualized solutions (Onuwa, 2014). The combination of two or more Computational Intelligence schemes as a single model is called Hybrid Computational Intelligence (HCI) and it is becoming increasingly popular. This increased popularity lies in the extensive success of hybrid systems in many real-world complex problems (Giovanni and Vincenzo, 2005). A key prerequisite for the merging of technologies is the existence of a ―common denominator‖ to build upon (Symeonidis andMitkas, 2005). In this research, part of the ―common denominator‖ for the Support Vector Machines (SVM) hybridization of Fuzzy Logic System (FLS) is the inference procedures they deploy and their excellent predictive capabilities. There are three main climatic factors that directly affect malaria transmission. They are temperature, rainfall and relative humidity. Several non-climatic factors, such as human/behavioural factors can also affect the pattern of malaria transmission and the severity of the problem.

In India, 15,000, 000 to 20,000,000 approximately are confirmed cases of malaria yearly. So also malaria is a major public health challenge in our country, Nigeria (MDHIL, 2014). In Nigeria, on the average, each Nigerian suffers at least two or more attacks of malaria every year. Although millions recover, hundreds of thousands are not so lucky. Malaria accounts for about 60 percent of outpatient visits and 30 percent of hospitalizations; 25 percent of deaths in children under one year old; and 11 percent of maternal deaths a heavy burden on Nigerian families, communities, health system, and workforce (Sola and Chioma, 2010). An earlywarning system for malaria epidemics in Punjab based on rainfall, fever-related deaths and wheat prices was developed (Christophers, 1911). Since that initial system, researchers and practitioners have continued to search for determinants of temporal and spatial variability of malaria to improve systems for forecasting disease burden. Malaria forecasting is now being conducted in many countries and typically uses data on environmental risk factors, such as climatic conditions, to forecast malaria incidence for a specific geographic area over a certain period of time.( Kate, Aman, Katia, Timothy, John, Zhuoyu and David 2013). Mathematical, statistical and computational engineering models are playing a most valuable role in shedding light on the problem and for helping make decisions. Over the years, a vast number of approaches have been proposed looking at the problem from different perspectives. These encompass three general categories (see Fig. 1): (1) statistical methods for surveillance of outbreaks and identification of spatial patterns in real epidemics, (2) mathematical models within the context of dynamical systems (also called state-space models) used to forecast the evolution of a ―hypothetical‖ or on-going epidemic spread, and (3) machine learning/ expert methods for the forecasting of the evolution of an ongoing epidemic. For all three of these categories there are again different approaches weaving a big and diverse literature.

LITERATURE REVIEW According to World Health Organization in 2013, there are 97 countries and territories with ongoing malaria transmission, and 7 countries in the prevention of reintroduction phase, making a total of 104 countries and territories in which malaria is presently considered endemic. Globally, an estimated 3.4 billion people are at risk of malaria. WHO estimates that 207 million cases of malaria occurred globally in 2012 (uncertainty range 135–287 million) and 627 000 deaths (uncertainty range 473 000–789 000). Most cases (80%) and deaths (90%) occurred in Africa , and most deaths (77%) were in children under 5 years of age(WHO, 2013).

Fig 1: An Overview Of Mathematical Models For Infectious diseases (Constantinos & Lucia, 2013)

6

1st International Conference on Applied Information Technology 7-9 October, 2015 stochasticity of the phenomena, most available continuum models are often only qualitative caricatures that cannot capture all of the details, therefore compromising epidemiological realism. Empirical/ Machine Learning Based Model Recently, there is very rapid development of the use of machine learning. For instance machine learning is used in medical science to check health condition (Paokanta, Ceccarelli Scrichairatanakool, 2010; Martinez, Montero, Barbieri, Olivas, Mari, Sober, Amato, Lopez, Bassi, Beneddo, Stopper, Guerrero, andGatti, 2014) and diagnose a disease such as cancer (Kourou, T. Exarchos, P. Exarchos, Karanonzix, andFotiadis, 2014; Asadi, Dowling, YanandMitchell, 2014). In pharmacology ML find the right formula and reliable drugs to incapacitate a disease virus (R. Danger, I.S. Bedmar, P. Martinez, P. Rosso, 2010; Urquiza, Rojas, Pomares, Herrea, Florido, Valenzuela, andCeper, 2012). ML is also used to choose the effective therapeutic treatment (Caravaca, Olivas, Bataller, Serrano, Miquel, France andGurrero, 2013). Also ML can also be used in agriculture to increase agricultural production as with predicting pest plants (J. Patel, S. Shah, P. Thakkar andK. Kotecha, 2014). In the business world ML is used to predict the stock market and stock price index movement ( J. Patel et al 2014).

Statistical-Based Methods for Epidemic Surveilance One of the most important aspects in epidemics revolves around the surveillance, early detection of possible outbreaks and patterns that may help controlling a spread. One of the very first success stories in the area is the modeling of cholera epidemic that swept through London in 1854. At that time John Snow, a physician, collected spatiotemporal data and by visualizing them in a map found that there was a particular pattern around the Broad Street water pum which actually was the zero point of transmission (McLeod, 2000). His analysis helped eradicate the disease. In the dawn of 20th century Greenwood an epidemiologist and statistician was the first Professor of Epidemiology and Statistics at the London School of Hygiene and Tropical Diseases establishing a rigorous mathematical connection between fields (Greenwood, 1916). Today, global initiatives to combat epidemics require effective domestic action mechanisms and preparedness through the globe. An intensive worldwide effort led by World Health Organization and Centers for Disease Control is speeding up the developments for the establishment of a global surveillance network. New emerged pandemics such as the AIDS, the Severe Acute Respiratory Syndrome (SARS) of 2002–2003 and the H1N1 swine flu of 2009 pandemics reminds us about the importance of surveillance and prompt outbreak detection. Toward this aim, statistical methods have enhanced our potential in fighting epidemics allowing for rapid assessment of emerging situations. Obviously, the correctness of the data and the selection of the appropriate methodology are crucial for the construction of statistical models that can capture in an efficient robust way the communicable disease characteristics. To date, several statistical methods have been proposed (Unkel, Farrington, Paul, Garthwaite, Robertson, and Andrew 2012) for a review of statistical methods for the detection of disease outbreaks.

Support Vector Machine Support Vector Machine (SVM) is a well-known machine learning approach which has recently applied in the variety of fields such as computing, hydrology and environmental researches (Asefa, Kemblowski, McKee, Khalil, 2006; Ji, Sun, 2013, 1998; Mukkamala, Janoski, Sung, 2002). It has mainly utilized in pattern recognition, forecasting, classification and regression analysis. It has been proved that its applications show superior performance compared to prior developed methodologies such as neural network and other conventional statistical models (Sung, Mukkamala 2003; Vapnik, Golowich, Smola, 1996; Huang, Davis, Townshend, 2002; Collobert, Bengio, 2000; Kasra, Shahaboddin, Chong, Muhammad, Dalibor, Sudheer (2014); Rajasekaran, Gayathri, and Lee, 2008). SVM are supervised machine learning in which the computer is presented with inputs and their desired outputs and the goal is to learn a general rule that maps inputs to outputs (Nilson, 1998). SVM is a machine-learning model that focuses on prediction based on known properties (historical data) learned from the training data. SVMs are a set of related supervised learning (labeled training) data used for classification, recognizing patterns and regression analysis from a given data set. SVM is based on the principle of statistical machine learning and structural risk minimization, which minimizes the upper bound generalization error compared to local training error, which is common technique in previously used machine learning methodologies (Vapnik, 1998). The mentioned technique proved advantages over other machine

Mathematical State Space Model According to the level of the approximation of the reality and increasing complexity mathematical models may be categorized in the following categories: “Continuum” models in the form of differential and/or (integro)-partial differential equations Continuum models describe the coarse-grained dynamics of the epidemics in the population (Brauder, Castillo, 2001; Feng and, Dieckmann, 2006). One might, for example, study a model for the evolution of the disease as a function of the age and the time since vaccination or investigate the influence of quarantine or isolation of the infected part of the population(Hethcote, Zhien and Shenbing, 2002) Such models can be explored using powerful analysis techniques for ordinary or partial differential equations. However, due to the complexity and the

7

1st International Conference on Applied Information Technology 7-9 October, 2015 learning algorithms.

Additional advantages provided in this methodology include: (1) applying high dimensional spaced set of kernel equations, which discreetly include non-linear transformation; thus, there is no assumption in functional transformation which makes data linearly separable indispensable and (2) unique solution due to the convex nature of the optimal problem (Kasra, Shahaboddin, Chong, Muhammad, Dalibor, and Sudheer, 2014). "There are a number of learning parameters that can be utilized in constructing SV machines for regression. The two most relevant are the insensitivity zone e and the penalty parameter C, which determines the trade-off between the training error and VC dimension of the model. Both parameters are chosen by the user (Kecman, 2001).

Figure 1: The structure of a Type-2 FLS (Mendel, 2003).

Fuzzy Logic System

Fuzzy Logic System (FLS) is an intelligent system has become vital in the growth and survival of the healthcare sector. A good number of Fuzzy Logic expert systems have been developed to manage tropical diseases. An expert system was developed on tropical diseases to assist paramedical staff during training and in the diagnosis of many common diseases presented at their clinics. (Adekoya, Akinwale and Oke, 2008). The system was flexible, friendly, and usable by people without much background in computer operations. The study concluded that the implementation of the system reduced doctors’ workload during consultation and eased other problems associated with hospital consultations. A fuzzy expert system was designed for the management of malaria attempted to incorporate fuzzy techniques and develop a fuzzy expert system for the management of malaria. (Djam, Wajiga, Kimbi andBlamah, 2011). Also a decisionsupport model was designed for diagnosing tropical diseases using fuzzy logic (Olabiyisi, Omidiora, Olaniyan andDerikoma, 2011). In another related work, ―cognitive analysis of multiple sclerosis utilizing fuzzy cluster means‖ was designed by (Imianvan andObi, 2012) where neuro solutions and crystal reports were used for neural network analysis and graphical representation to aid in the diagnosis of multiple sclerosis, which eliminates the challenges posed by the shortage of medical experts.

Figure 2. Gaussian MF with uncertain (Mendel, 2003).

mean

Type-1and Type 2 Fuzzy Logic System (FLS) Type-1 Fuzzy Logic System (FLS) is the first established fuzzy logic system to deal with unambiguous or imprecise linguistic information. It is used to create an intelligent control and analyze complex problems. Type-2 Fuzzy Logic System (FLS) was introduced as an extension of the concept of Type-1 FLS. Type-2 FLS has membership grades that are themselves fuzzy. For each value of a primary variable (e.g., pressure and temperature), the membership is a function (not just a point value). The secondary Membership Function (MF) has its domain in the (0, 1) interval. Hence, the MF of a Type-2 FLS is three dimensional, and it is the newly introduced third dimension that provides new degrees of design freedom for handling uncertainties. Figs. 1 and 2 below show respectively the structure of a Type-2 FLS and Gaussian MF with uncertain mean. Further descriptions of the concepts of FLS, including Type-2 FLS and their applications can be found in (Wang, 2008; Castillo and Melin, 2008, Xing et al., 2008).

8

1st International Conference on Applied Information Technology 7-9 October, 2015 the problem of malaria big data we need to develop a machine learning approach, a novel type of artificial neural network model called Support Vector Machine (SVM) to capture this big data and forecast in advance the rate of malaria transmission. Then capture the weaknesses of SVM and optimize it with Fuzzy Logic System (FLS). Finally, the functionality and robustness of the SVM-FLS hybrid model will be tested by comparing its statistical result with Artificial Neural Networks (ANN), Fuzzy Logic System (FLS) and Support Vector Machine (SVM) models.

RESEARCH DIRECTION The primary objective of this research is to develop a Support Vector Machine - Fuzzy Logic System (SVM-FLS) hybrid model to forecast in advance the occurrence of malaria disease. The model will serve as an intelligent hybrid system of higher performance and accuracy that will employ the unique features of the two methods (SVM and FLS) and complement the weakness of one with the strength of the other. To achieve this objective we need to identify the threats, attacks and factors that contribute to being affected by malaria and the possible solutions. Due to

Data Preprocessing Feature extractio n

Data Acquisition

Malaria Historical Data source

Scaling by Stratified Sampling

Online Climatic Database Trainin g Dataset

External Data source

Apply SVM

Testing Dataset Capture SVM weakne sses

Apply Fuzzy Logic

Predicted Output Figure 3: Architecture of the Proposed SVM-FLS Model for Malaria Prediction (Training Phase) stratified sampling technique to divide the dataset In the design framework of the SVM-FLS Model into training and testing dataset. The SVM-FLS Framework for Malaria Prediction malaria data will architecture is divided into both training (Figure. 2) be acquired from historical database of selected and testing phase (Figure. 3). At the training phase health centers. While the factors that contribute to the training dataset will be mapped to the feature having malaria such as rainfall, temperature and space. Then we apply SVM approach on the dataset. humidity data will be collected from online climatic The weaknesses of the SVM approach will be database and other external sources. The features of captured and then optimize with FLS. At the testing these data will be extracted. Then we will use a phase the testing dataset will be used to test the

9

1st International Conference on Applied Information Technology 7-9 October, 2015 robustness and functionality of the proposed SVM-

FLS

model.

CONCLUSION the unique features of the Support Vector machine (SVM) and Fuzzy Logic System (FLS) models and complement the weakness of one with the strength of the other. SVM-FLS will provide a simple way to arrive at a definite conclusion from an imprecise and ambiguous medical data. And this will help individuals, World Health Organizations and Government Agencies to take appropriate actions. Contributions and Suggestions are welcome at this stage of the research.

Malaria has been a major public threat to human health. So the need to forecast in advance the occurrence of malaria disease so that it’s devastating impact will be reduced is of great importance especially to the affected immense society. Support Vector machine (SVM) and Fuzzy Logic System (FLS) model is the nearest response to this call because it has the potential of combining human heuristics into computer assisted decision. In this paper, we have proposed an intelligent hybrid system of higher performance and accuracy that will employ

REFERENCES Effects of quarantine in six endemic models for infectious diseases. Math Biosci. 2002;180:141–60. doi: 10.1016/S0025-5564(02)00111-6. Huang C., Davis L., Townshend J..2002. An assessment of support vector machines for land cover classification. Int J Rem Sen 2002;23(4):725–49 Imianvan, A. A., Obi J, C. 2012. Cognitive analysis of multiple sclerosis utilizing fuzzy cluster means. International Journal of Artificial Intelligence andApplications (IJAIA), 3(1). Information and Control Express Letters 2 (No. 4), 345e350. International Journal of Innovative Computing, Information and Control 4 (No.4), 771e784. Caravaca J.,. Olivas E. S., Bataller M., Serrano A. J. Miquel L. S.. Frances J. V., Gurrero J. F., 2013. ―Application of Machine Learning Technique to analyze the effects of physical exercises in ventricular fibrillation,‖ International Journal of Computer in Biology and Media. Urquiza J. M. I. Rojas I.. Pomares H.. Herrea J. Florido J. P. Valenzuela O., Ceper. M., 2012. ―Using Machine Learning Technique and Genomic/ Proteomic information from known databases for defining relevant features for PPI Classification‖. International Journal of Computer in Biology and Media. J. Patel, S. Shah, P. Thakkar, K. Kotecha, 2014. ―Predicting stock market index using Fusion Machine Learning Technique, International Journal of Expert System with Applications. Ji, Y., Sun, S. 2013. Multi task multi class support vector machines: model and experiments, Pattern Recognition 46(3) 914–924. Kourou K.,. Exarchos T. P., Exarchos K. P., Karanonzix M. V., Fotiadis D. I., 2014. ―Machine Learning application in cancer prognosis and predictions‖, Computational and Structural Biotechnology, Journal, 2014. Mohammadi K., Shahaboddin Shamshirband S., Chong W. T., Muhammad A. D. Petkovic, S. C., 2014. ―A new hybrid support vector machine– wavelet transform approach for estimation of horizontal global solar radiation‖, Energy Conversion and Management. www.elserivier.com Kate, Z., Aman, D., Katia, C., Timothy, F., John, S., Zhuoyu, S., David, L. 2013. March 25. ―:A scoping review of malaria forecasting: past work and

Adekoya, A. F., Akinwale, A. T. Oke, O. E. 2008. A medical expert system for managing tropical diseases. Proceedings of the third conference on Science and National Development, COLNAS, pp 74-86 Asefa T., Kemblowski M., McKee M., Khalil A. 2006. Multi-time scale stream flow predictions: the support vector machines approach. J Hydrol;318:7– 16. Brauder F., Castillo-Chavez C. 2001. Mathematical models in population biology and epidemiology New York: Springer-Verlag, 2001. Castillo, O., Melin, P., 2008. Intelligent systems with interval type-2 Fuzzy logic.computing. Information and Control Express Letters 2 (No.4), 331e337. Christophers S. R., 1911. Epidemic malaria of the Punjab: with a note of a method of predicting epidemic years. Trans Committee Stud Malaria India 1911;2:17–26. Collobert R., Bengio S. 2000. Support vector machines for large-scale regression problems. Institute Dalle Molle d’Intelligence Artificelle Perceptive (IDIAP),Martigny, Switzerland, Tech. Rep. IDIAP-RR-00-17; 2000.Computer Applications 30, 114e132. Constantinos L, 2013. Mathematical modeling of infectious disease dynamics, Virulence. 2013 May 15; 4(4): 295–306. Depinay, C.M. Mbogo., G. Killeen, B. Knols, J. Beier, J. Carlson, J. Dushoff, P. Billingsley, H. Mwambi, J.. 2004. A simulation model of african anopheles ecology and population dynamics for the analysis of malaria transmission, Malaria J. 3(1) 29. Djam, X. Y., Wajiga, G. M., Kimbi Y. H., Blamah, N. V., 2011. A Fuzzy Expert System for the Management of Malaria. International Journal of Pure and Applied Sciences and Technology 5(2), pp. 84-108 Giovanni, A., Vincenzo, L. 2005. Using FML and Fuzzy technology in adaptive ambient intelligence environments. International Journal of Computational Intelligence Research 1 (No. 2), 171e182. Greenwood M. 1916. The application of mathematics to epidemiology. Nature. 1916; xcvii: 243–4. Hethcote H. W., Zhien M., Shengbing L. 2002.

10

1st International Conference on Applied Information Technology 7-9 October, 2015 future directions” bmjopen.bmj.com on, Published by group.bmj.com Kecman, V. 2001. Learning and soft computing. MIT Press Cambridge, Mass. McLeod K. S.., 2000. Our sense of Snow: the myth of John Snow in medical geography. Soc Sci Med. 2000;50:923–35. doi: 10.1016/S02779536(99)00345-7. MDHIL Network Report, 2014. Malaria: Introduction, Causes and Symptoms http://www.mdhil.com/malaria-introduction-causesand-symptoms/ Mendel, J. 2003. Type-2 fuzzy sets: some questions and answers. IEEE Connections Newsletter of the IEEE Neural Networks Society 1, 10e13. Mukkamala S, Janoski G., Sung A. 2002. Intrusion detection using neural networks and support vector machines. In: Neural Networks, 2002. IJCNN’02.Proceedings of the 2002 International Joint Conference on; 2002. IEEE. National Geographic Society, 2015. In the Malaria report titled ―Malaria—Bedlam in the Blood‖, 19962015 Nilson N. J. 1998. Stanford, Machine Learning Lecture Note, Robotics Laboratory, Department of Computer Science, Stanford University, Stanford, CA 94305. Olabiyisi, S. O, Omidiora, E. O, Olaniyan, M. O Derikoma, O. 2011. A Decision Support System Model for Diagnosing Tropical Diseases Using Fuzzy Logic. African Journal. of Comp and ICT. Vol 4, No. 2. Issue 2. p1-6 Onuwa, A. B. 2014. Fuzzy Expert System For Malaria Diagnosis. Orient. J. Comp. Sci. and Technol;7(2). Available from: http://www.computerscijournal.org/?p=1084 Paokanta, P.. Ceccarelli M..,Scrichairatanakool, S. 2010. ―The Efficiency of Data Types for classification Performance of Machine Learning Technique for Screening β – thalassemia‖ Int. Symposium of Applied Sciences in Biomedical and Communication Techn.

Danger, R. Bedmar I. S.. Martinez P,, Rosso P., 2010. ―A Comparison of Machine Learning Technique for Detection of Drug Target Articles‖, International Journal of Biomedical Informatics. Rajasekaran, S., Gayathri, S. Lee, T. L.2008. Support vector regression methodology for storm surge predictions. Ocean Eng ;35(16):1578–87. Ogundipe S. Obinna C. 2010. Malaria: Killer at large. Vanguard Newspaper, September 26, 2010. Special Report Sung A. H., Mukkamala S. 2003. Identifying important features for intrusion detection using support vector machines and neural networks. In: Applications and the Internet, 2003. Proceedings. 2003 Symposium on; 2003. IEEE. Symeonidis, L. A., Mitkas, A. P. 2005. Agent Intelligence through Data Mining, Multiagent Systems, Artificial Societies, and Simulated Organizations Series. In: International Book Series, vol. 14. Unkel S, Farrington P. C, Paul H, Garthwaite P. H, Robertson C, Andrew N. 2012. Statistical methods for the prospective detection of infectious disease outbreaks: a review. J R Stat Soc Ser A Stat Soc. 2012;175:49–82. Vapnik V, Golowich S. E, Smola A.1996. Support vector method for function approximation, regression estimation, and signal processing. Adv Neural Inform Process Syst 1996:281–7. Vapnik, V. N. V. 1998. Statistical learning theory. Vol. 2.: Wiley New YorkWang, Y. (2008). Fuzzy clustering analysis by using genetic algorithm, innovative, ICIC International °c 2008 ISSN 1881803X,Volume 2, Number 4, December 2008 pp. 331—337. World Health Organization, 2015.World malaria report. World Health Organization, 2014.World malaria report. Xing, Y., Wu, X. Xu, Z. 2008. Multiclass least squares auto-correlation wavelet.

11

1st International Conference on Applied Information Technology 7-9 October, 2015

AVAILABILTY ARCHITECTURE FOR DISTRIBUTED DATABASES AGAINST BYZANTINE FAILURE D. O. Aborisade, A. S. Sodiya, A. A. Odumosu, O. Y. Alowosile and A. A. Adedeji 1

Department of Computer Science, Federal University of Agriculture Abeokuta, (FUNAAB) Nigeria. Department of Computer Science, Abraham Adesanya Polytechnic, Ijebu-Igbo, Ogun State, Nigeria.

3,4,5

1

[email protected],ng , [email protected], [email protected], 4 [email protected], and [email protected]

Abstract: Distributed Database Systems have continued to be very useful in making a wide range of information available to users across the World. Be this as it may, there are now growing security concerns, arising from the use of distributed systems, particularly critical ones. Information in distributed databases is susceptible to attacks, failures or accidents. The inappropriateness of the existing security mechanisms coupled with the heightened and growing concerns for intrusion, attack, compromise or even failure owing to Byzantine failure. The importance of survivable distributed databases to other emerging technologies, coupled with the afore-mentioned challenges are the motivation for this research. Furthermore, It has been observed that most of the existing works on distributed database availability or survivability dwelled on maintaining data integrity and availability in the face of attack. There is a dearth of work on the relatively more worrying incidents caused by internal factors such as internal sabotage or storage defects. In this paper, an architecture for engendering availability of Distributed Databases focusing on issues relating to Byzantine failures is proposed. The proposed architecture is tested and found to be capable of entrenching availability of distributed database to the tune of 91.13% in the distributed database setup where it is implemented. Keywords: Availability, Byzantine failure, Distributed Databases, Survivability distributed technology, the research and development of the distributed database systems, with data distributed storage and distributed processing as main features, are receiving increasing attention. In most of these research efforts however, (i) attentions are focused mostly on the general Distributed Database with no particular thinking for the survivability of the Heterogeneous aspect of the Distributed database system. (ii) more attention is given only to ensure the integrity and availability of the database systems in the face of attack with the assumption that the cause of such attack will always come from outside the system, whereas the most common and deadly attack are usually occasioned by internal factors like human sabotage and storage system damage or defects. The growing demand of modern day information access through distributed database, coupled with its attendant challenges necessitated this research effort. The rest of this paper is organized as follows; Section two discusses the related work. Section 3 presents the materials and methods; Section 4 discusses results while section 5 concludes the report.

INTRODUCTION Provision of adequate access to information in their different forms has become a great challenge to the provider and designers of information repositories. One common example of such repository is the Distributed Database system. A Distributed Database is a database where every constituent database (relational and non-relational) runs on different structures (schema) of different Database Management System (DBMS). The continuous growth witnessed in Database Management System (DBMS) and Network Communication technologies are responsible for the increase in available distributed databases and distributed management system (DMS). The growth in the complementary role played by these types of database systems to the Internet in terms of its usefulness in making real time information is still being faced with certain challenges, such as problem of real time access to information owing to internal and external attack. Although several research efforts have been made to ensure that database systems are made to survive any attack capable of rendering the system useless thereby incapable of fulfilling its expected services, however breach of databases has recently observed to be on the increase. Survivability is the capability of a system to fulfill its mission in a timely manner, in the presence of threats such as attacks or large scale natural disaster (James et al., 2010). To prevent a distributed database from malicious attacks, an algorithm is proposed in this work for survivability of Distributed Databases. Just like the Internet, distributed database technology has been useful in providing online access to different types of information for users across the World. With the rapid development of traditional databases and

RELATED WORK A number of recent literatures relating to survivability of distributed database, information and storage systems were reviewed. Some of these include James et al., (2010) which provided an architectural framework or resilience and survivability in communication networks and also provided a survey of the disciplines that resilience encompasses, along with significant past failures of the network infrastructure. According to James et al., (2010), a resilience strategy to defend against, detect and remediate challenges is presented. Arora and

12

1st International Conference on Applied Information Technology 7-9 October, 2015 Gupta (2012) highlighted the common characteristics of cloud databases in the industry and discussed the various descriptions of Cloud databases. An overview of common types of databases, major challenges to develop cloud databases, and summary of the existing cloud databases was also discussed. Their research effort gave a good account of NoSQL cloud database but did not discuss anything about NoSQL cloud database security. Changqing et al., (2011) introduced a survivability framework for distributed systems through the use of virtualization technology and software rejuvenation methodology. They also presented a recovery model and evaluate the steady-state system availability and survivability based on the familiar Markovian analysis through SHAPE tools. However, their software rejuvenation efforts does not prevent removal of faults but rather prevented them from manifesting themselves as unpredictable whole system failure. Chao-Rui et al., (2012) presented a method to measure the survivability of object-oriented software in design phase. In this, each component of the object oriented software is characterized by a composite Petri net which combines the features of State chart and Object Diagram. A fuzzy number is introduced to this net to represent uncertain elements that might affect the survivability. Survival Possibility theory was used to produce survivability measure function for each component. A survivability measure index is defined for the system. They could only prove that this index is monotonic. Jueliang et al., (2009) proposed a survivability evaluation model and analysis performance of Wireless Sensor Networks (WSN). They presented the model by representing the states of Wireless Sensor Networks under attack. The survivability of WSN is expressed as a continuous time Markov Chain to describe the status of real WSN’s in the face of Dos attack. To achieve this, they proposed a threshold condition to trigger the transition between the states of the Wireless Sensor Network. They further presented a survivability model and evaluation of WSN under key compromise. Their study however did not include key revocation scheme and single node software rejuvenation and reconfiguration scheme for mission critical operations, based on self-healing concept. Li, Saroj and Frank (2010) proposed and developed a dependable and secured relational database management system to prevent sensitive information from being lost or stolen. The basic idea used in their work is to include a (k, n) thresholdbased secret sharing scheme (k ≤n) to provide privacy and durability in order to prevent loss of sensitive information and also incorporated an efficient distributed database management design to enhance system performance and minimize interfered accesses contentions. They also integrated private information storage (PIS) schemes to reduce communication overhead and improve robustness of their proposed system. Zhang, Liu, and Zhong (2010) introduced an approach by which an untrusted publisher can answer queries from customers on behalf of the owner, or creator of the data with a few

trusted digital signatures from the owner, the untrusted publisher can use Merkle hash tree –based techniques to provide authenticity and nonrepudiation of the answer to a database query. According to Thandar et al.,(2008) a new distributed B-tree column indexing scheme was devised. It was devised to support indexing for non-row key columns, as well as fast parallel B-tree search in large data table. They also developed a cloud database, called HSQL, based on HBase. HSQL enhances HBase with a SQL query interface, a distributed B-tree column indexing, and support for transactional data processing. Experiment results show that their B-tree index achieves good response time even with large data and large number of queries. Implementation showed that HSQL has very short response time for point query compared with HBase scan filtering. HSQL achieves an average of 6.2X speed up for range query and an average of 12.2X speed up for aggregation. However, the newly developed distributed B-tree column indexing scheme is not made generic, as it is only applicable to HBase database (Shengzhi and Peng, 2010). Thandar et al.,(2008) presented a generic architecture of survivable storage system. The architecture is made up of three modules namely the storage strategy, user management, and security module. The system architecture proposed is observed to be capable of access control and system self-adaptation. Yunghsiang, Soji, and Rong (2010) proposed a storage-optimal and computation efficient primitive to spread information from a single data source to a set of storage nodes which allow recovery from both crash-stop and Byzantine failures. A progressive data from retrieval scheme is employed to retrieve minimal amount of data from live storage nodes. The scheme adapts the cost of successful data retrieval to the degree of errors in the system. Sazia et al., (2012) presented a survivability evaluation model for real time database, by considering factors such as intrusion detection latency and a variety of parameters for real time, thereby culminating in Semi-Markov evaluation model for survival assessment. In their work, this model served as the basis for relevant quantitative criteria to be defined as the important indicators of survivability, such as integrity and availability. Three important factors like false alarm, detection rate, and the intensity of the attack are analyzed in detail using the TPC-C benchmark. A survivability information system based on service self-organization under the precondition of modules redundancy backups (Yongshi et al., 2012). The service self-organization way divides the system into communications modules, services distribution modules, data storage modules according to service processing flow. Through their simulation experiment, they were able to prove that their proposed method can enhance the service survivability both of steady state and instantaneous state by setting up a Web server in the network environment. The survivability of data centers is paramount to the survivability of the whole enterprise computing system (Prem et al., 2000).

13

1st International Conference on Applied Information Technology 7-9 October, 2015 Prem et al., (2000) discussed some set of challenges they viewed as critical in building highly survivable data centers, and presented several potential solutions to tackle them.

architecture is made of three (3) major modules namely the normal, rejuvenated and monitor modules. Module 1: The normal module is made up of the client, database server, and application server while the normal distributed database operation is ongoing.

MATERIALS AND METHODS Proposed Availability Architecture The proposed architecture for the survivable distributed database is as shown in figure 1. The

Figure 1: Proposed Availability Architecture Module 2: The monitor module is the component of the architecture where the the normal module is being regularly monitored and tracked failing components of the system. It is the portion of the architecture where the level of system availability is constantly monitored. This measured of availability is measured here with metrics such as Mean Time between Failure (MTBF) and Mean Time to Repair (MTTR). Module 3: The third module is the rejuvenated module. It is also made up of regenerated and replicated database server and application server.

Definition 1: Application server is a computer server program that provides operational logics for user’s application program in the proposed distributed system architecture. Definition 2: Database server is this architecture represents computer program that provides database services to other computer programs or computers and clients, occasioned by the client– server model. Database server also represents dedicated computer for providing such services. Definition 3: Availability is the measure of capability of a system to render its expected services

14

1st International Conference on Applied Information Technology 7-9 October, 2015 at all times. It is important that the proposed model ensure unrestricted and uninterrupted access to the cloud database at all times. It is an important attribute of survivability. To ensure availability of distributed database at all times, every database server is designed to exhibit capability to render all its services through their application server. According to the architecture, for every service S there exist database servers N and application servers VM’s ranging from 1 to n, i.e If  service S,  database servers N and several VMs. Clearly, a relationship exists between a service (cS) and its database servers (cN), consequently T(cS, 1)=1 for cS  1. Then if cS  cN it is observed that the size of the range which is an integer from 1 to n-1, and the elements of the range which can be combined in C(cN, k) ways and picking an onto the range of function that is not onto from the set with cS elements to the set with cN elements which can be combined in T(cS, k) ways. Therefore, we establish ( ) ( ). that T(cS, cN) = ∑ (1) where cS=cN and cN>1 with initial condition T(cS, 1)=1 is the recurrence relation between the services and the application servers thereby entrenching availability in the proposed architecture.

of the distributed database using Mean Time between Failure (MTBF) and Mean Time to Repair (MTTR) parameters. These parameters are based on the life span of the different storage devices that make up the distributed database system. The moment the measure of availability of the proposed systems is less than the set acceptable threshold, a rejuvenation mechanism is set up to regenerate and create replica of the existing databases on another set of storage devices, resulting into the rejuvenated level of the system. RESULTS AND DISCUSSION For the purpose of evaluating the proposed system, a CloudSim simulator was used to simulate two different distributed databases. One of the distributed databases was designed with the proposed architecture incorporated into it (i.e Enhanced database), while the second distributed database was designed without the proposed architecture. The capability for the Availability of the two databases was tested by making them service both simple and complex queries from 50 instances of virtual machines each. Responses to queries from instances of virtual machines were allowed to run on these databases for twelve (12) hours. Results of observations from the simulated experiments are as stated in tables 1 (Regular Database and table 2 (Enhanced Database). Availability is defined as the ratio of MTBF to sum of MTBF and MTTR where MTBF is Mean time between failure and MTTR is the Mean time to repair. Figure 2 shows the chart representing analysis of the results recorded in tables 1 and 2.

Concept Explanation In the normal module, the client or user’s application program demands for a distributed database service through the application server. Database server provides database transaction services to the clients. This continues until the monitor module detects possible device (storage disk) failure in either the database server or application server. The monitor module calculates the level of continued availability Table 1. Availability of Regular Database component

A V A I L A B I

RegularDatabase MTBF MTTR Availability CREATE 300mins 60mins 83.33 INSERT 240mins 30minutes 88.89 SELECT 300mins 120mins 71.43 MODIFY 120mins 60mins 66.67 Table 2. Availability components

of

Enhanced

Database

Enhanced Database MTBF MTTR Availability CREATE 420mins 60mins 87.50 INSERT 360mins 30minutes 92.30 SELECT 420mins 45minutes 90.32 MODIFY 480mins 30 minutes 94.11

100 L I T Y

50 0

REGULAR DATABASE AVAILABILIT Y ENHANCED DATABASE AVAILABILIT Y DATABASE COMPONENT

Figure 2: Availability of Regular and Enhanced Database

15

1st International Conference on Applied Information Technology 7-9 October, 2015 Table 3. Survivability of Regular and Enhanced Database components

Figure 3: Analysis of Survivability in Regular Database Enhanced Database Survivability

Transact

Database No CREATE T_NODE 80 1min

No. of

1

MTBF Prob. of Survivability

Regular MTTR

Downtime 0 600mins

INSERT T_NODE 600mins 1min

60

SELECT T_NODE 600mins 2min

100

0

0.6 0.4 0.2

MODIFYT_NODE 650mins 0min

1

20

Transact

0

Database

No

CREATE T_NODE 0.5min INSERT T_NODE 1min SELECT T_NODE 1min MODIFY T_NODE 0min

No. of

MTBF

Downtime 80

60

0

600mins

0

650mins

100

0

650min

20

0

650mins

0

0.5

1

1.5

2 2.5 3 Time in Seconds

3.5

4

4.5 4

x 10

Figure 4: Analysis of Survivability in the EnhancedDatabase In the evaluation experiment Availability component of the each of the two distributed databases (Regular database and Enhanced database) were tested over a maximum of 50 application servers and total time of 43,200 seconds. Table 1, table 2 and figure 2 show that Regular database has an average of 77.58 while Enhanced database has an average of 91.13 respectively measured in terms of its CREATE, INSERT, SELECT,MODIFY commands, MTBF and MTTF. Table 3, figure 3 and figure 4 show that probability of Survivability of both Regular enhanced databases decreases with time, however the graphs in figure 3 and 4 show that the probability of the enhanced database is better than that of the regular database. These results and the subsequent analysis show that the cloud database with the proposed architecture integrated is better than the database without the proposed architecture.

Table 4. Survivability of Regular and Enhanced Database components Enhanced MTTR

0.8

CONCLUSION The trend in the world points to the fact that distributed database and cloud computing are the technologies to support future computing, considering the volume and varieties of data that are accessible to people through computers and mobile devices. As more people migrate their data and infrastructures to the cloud, more reliable distributed database technology would be needed to power the cloud. This of course would come with its attendant security challenges, one of which this research effort responded to by proposing a survivable architecture in distributed database. This study established that the present level of fault tolerance in distributed database could be improved upon.

Results in table 3 and 4 as analyzed in MATLAB using Weibull distribution through measures like probability density function (pdf), cumulative distribution function (cdf) is as shown in figures 3.and 4. A probability density function is used to indicate probability of failure at different times. A survivor function gives the survivability of a survival as a function of time defined as 1 (one) minus the cumulative distribution function (i.e 1-minus). Figure 3 shows probability of survivability against time in seconds for the database without the proposed survivability architecture incorporated while Figure 4 depicts the probability of survivability against time in seconds in the database with the proposed architecture integrated. Regualar Database Survivability Prob. of Survivability

1

REFERENCES Arora, I and , Gupta, A. 2012. Cloud Databases: A Paradigm Shift in Databases. International Journal of Computer Science IJCSI Issues, Vol. 9, Issue 4, No 3,pp. 77-83. Changqing C., Heng Z., Weimin W., Gang S. 2011. A Semi-Markov Survivability Evaluation Model for Intrusion Tolerant Real-Time Database Systems. IEEE (2011). Chao-Rui,C., Meng-Ju, H., Jan-Jan, W., Po-Yen, W., Pangfeng, L. 2012. HSQL: A Highly Scalable

0.8 0.6 0.4 0.2

0

0.5

1

1.5

2 2.5 Time in Seconds

3

3.5

4

4.5 4

x 10

16

1st International Conference on Applied Information Technology 7-9 October, 2015 Cloud Database for MultiUser Query Processing. In: 2012 IEEE Fifth International Conference on Cloud Computing. pp. 943-944 IEEE Computer Society Washington, DC, USA 2012. James P.G.S., David H., Egermen K. C., Abdul J., Justin P.R., Marcus S., Paul S. 2010. Resilience and survivability in communication networks: Strategies, principles, and survey of disciplines. Computer Networks 54(2010) 1245-1265. Elsevier B.V. 2010. Jueliang H., Zuohua D., Jing L., Ling Y. 2009. Measuring the Survivability of Object-Oriented Software. In: TASE '09 Proceedings of the 2009 Third IEEE International Symposium on Theoretical Aspects of Software Engineering. Pages 329-330. IEEE Computer Society Washington, DC, USA. Li B., Saroj B., Frank F. 2010. Design of a Reliable Distributed Secure Database System. In: 2010 Fifth IEEE International Conference in Networking, Architecture, and Storage, pp 91-99. IEEE Press 2010. Prem D., Michael G., Chip M., Philip R., Stuart G. S. 2000. Authentic Re-Publication by Untrusted Servers: A Novel Approach to Database Survivability. Citeseer. Sazia P., Farookh K.H., Jong S.P., and Dong S. K. 2012. A survivability model in Wireless Sensor

Network. Computer and Mathematics with Application 2012 Elsevier Ltd. Shengzhi Z., Xi X, and Peng L. 2010. Challenges in Improving the Survivability of Data Centers. In: Workshop on Survivability in Cyberspace 2010. Thandar T., Manish P., Sung-Do C., and Jong S. P. 2008. A recovery Model for Survivable Distributed Systems through the use of Virtualization. In: Fourth International Conference on Neworked Computing and Advanced Information Management. IEEE Computer Society. 2008. Yunghsiang S.H., Soji O., and Rong Z. 2010. Survivable Distributed Storage with Progressive Decoding. In:IEEE INFOCOM 2010 mini conference proceedings. IEEE 2010. Yongshi Z., Jianpei Z., Lejun Z., Mo L., Jing Y., and Lin G. 2010. A Survivability Information System Based on Service Self-Organization. In: 2010 Fifth International Conference on Internet Computing for Science and Engineering. pp 158-161. IEEE Computer Society. Zhang W., Liu S., and Zhong W. 2010. Survivable Storage Architecture. In: Third International Symposium on Information Processing. pp 95-97. IEEE Computer Society 2010.

17

1st International Conference on Applied Information Technology 7-9 October, 2015

SECURING DIGITIZED CAMPUS CLINICAL HEALTHCARE DELIVERY SYSTEM 1

Olaniyi O. M., 1Folorunso T. A., 2Omotosho A. and 1Alegbeleye I. 1

Department of Computer Engineering Federal University of Technology, Minna , Nigeria. 2 Department of Computer Science and Technology Bells University of Technology, Ota, Nigeria [email protected]

Abstract: Tele-ClinicalDiagnostic System (TCDS) isa robust care delivery system with the capability to enhance healthcare services at remote locations. Characteristically, TCDS can be articulated to improve efficiency, trust, cost effectiveness and enhancepractitioners work productivity. In this paper, we present the design, development and qualitative performance evaluation of a Secure Tele-Clinical Diagnostic system for geographically dispersed academic environment in developing country like Nigeria. The system was developed using synergistic application of Advanced Encryption Standard cryptographic technique for medical data confidentiality, Web Real Time communication for clinical Tele-consultation and simplified multi-tier electronic health system. The developed system was evaluated in Federal University of Technology Minna, Healthcare Service Centre using expert’s perceptive qualitative performance evaluation method. The results of the evaluation revealed that the developed system is efficient and effective in delivery of secure clinical healthcare in geographically dispersed tertiary institution healthcare centers and similar institutions in sub-Saharan Africa. Keyword: E-health,Telemedicine, Confidentiality, Privacy, Real-time,Tele-consultation. diagnosis, treatment and prevention of disease and injuries, research as well as for the continuing education of health care provider in the interest of advancing the health of individuals and their communitiesHo & Cordeiro (2010). In view of transforming rural settlements to urban settlements, tertiary institutions in developing countries practiced multi-campus academic systems. This developmental agenda brings economic, social and infrastructural privileges to host rural settlements. However, there is tendency for duplication of scarce infrastructures and human capital resources on the part of these multi campus tertiary institutions. One of these possible scenarios is the provision of medication to students, staffs and host communities. Medical experts in most developing countries are still scarce human capacity and application of ICT to medical healthcare delivery through telemedicine could assists to reduce this duplication of this scarce resource in geographically dispersed academic environment. EHRon the other hand is a type of application that is relatively new to the care delivery system, and definitions of their functionality are constantly evolving as knowledge of an experience with these tools increase. Nonetheless, such applications typically provide access to patient-oriented views of the health care professional’s EHR with selected views of health information retrieved from multiple sources. These consumer-oriented applications may also support the ability for patients to contact their health care professional’s office or clinic via secure e-mail for administrative or non-medical reasons, and provide links to vetted health information sources Rudolph et al. (2008).

INTRODUCTION The application of Information and Communication Technology (ICT) in different facets of life has become increasingly important in many countries in recent years including healthcare. Over International and national standardization for interoperability and data exchange, there has been continuing progressive efforts. Many different applications have been developed for electronic healthcare (like e-health recording) inRau et al. (2010), accounting and billing in Sosian, (2006), medical research and intellectual property in Hsu & Pan (2013) and Tele-consultation with e-health record in Emuoyibofarhe et al., (2014). Particularly, e-health systems like Electronic Health Records (EHRs) decrease the costs of healthcare through avoidance of expensive double diagnoses, repetitive drug administration and improved personal healthcare management. E-health system was introduced to the need of healthcare delivery as a result of inadequate quality facility. E-health system is also a further development of the idea of Telemedicine Barbara et al. (2010). It covers the point of interconnection between patients and healthcare service providers, institution located in one place to another, peer to peer communication between patients and health professionals. E-Health, defined inthese categories of activities, although limited studies suggest an alternative means to improve access and quality of care Lawal (2013). E-health applications include Telemedicine and Electronic Health Recording (EHR).Telemedicine isthe application ofInformation and Communication Technologies for the delivery of health care services, where distance is a critical factor, for the exchange of valid information,

18

1st International Conference on Applied Information Technology 7-9 October, 2015 Apparently e-health systems process and store very sensitive data and should have an appropriate privacy framework. The disclosure of health data may have severe social effect on patients. If confidential health data is leaked outside the e-health system, accidentally or deliberately, the responsible health professionals or IT providers would have to face severe legal penalties for violating privacy laws. The problem of e-Health include: authorization, authentication and accounting as common to other Information Technology applications such as banking and manufacturing Brewer, (2011). E-Health involves information security and privacy as well as physical safety. The security requirements of e-health systems, technically speaking, are not particularly different from those required in other information technology application domain. The security function is based on available of proper mechanism and algorithms of authentication (identification and verification), identity management, confidentiality, integrity as well as availability and accountability. In this paper, data security attribute of Advance Encryption Standard cryptographic algorithm was combined with remote real time communication of Web Real Time Communication framework to provide secure, remote and real time clinical diagnosis for medical experts in geographically dispersed academic environment. The remaining section of the paper is organized into four sections: Section II provides the review of related work; the system design methodology is presented in section III; Results and Discussions were presented in section IV, Section Vconcludes and provides scope for future research endeavor.

number. The assigned tag was used by patient for medical consultation with medical practitioners. This system proposed could only operate in one recording unit and it is not secure, therefore the developed system was inefficient. A robust clinical information tool for electronic medical recordwas developed by authors inBarbara et al (2010). In this work, authors examined that the right to use exact knowledge enhances tendency to respond to medical matter at the point of care as a major element of health care excellence. The developed system provides metasearch for the clinical answers including check-up, training of patient and treatment drug information. The study of information manager reveals that more than half of the question of clinician could be solved. The system is not efficient as a result of its inability to cover more than one unit of the health centre as well as lack of provision of privacy security measure for patient data. Similar medical smart card system for patient record management was developed by Changrui & Arthur (2009) .The developed system could only automate medical health record and did not provide design consideration for medical data security and remote consultation. In Emuoyibofarhe et al., (2014), the development of a robust tele-consultation with electronic health record integrated with three Nigerian major Local languages of Igbo, Yoruba and Hausa was proposed. Although the developed teleconsultation system was proved to be usable after evaluation and could be effective for effective delivery of medical care at distance in the patient natural language, the developed system lacks design consideration for protection of medical data confidentiality and privacy which are critical in ehealth delivery at geographically dispersed sites. Another design limitation was lack of provision of critical unit operations like pre-clinical and laboratory investigations as well as post-medical drug dispensing by pharmacists at remote sites. The development of a functional and wellengineered e-health system for comprehensive automation of clinical healthcare delivery of five operational units of Federal University of Technology Minna healthcare Services was proposed in Lawal (2013). These operational units are medical consultation, nursing, recording, laboratory and pharmacy. The developed system was further evaluated at the University Health center using expert’s perceptive analysis. The developed e-health system lacks design consideration data confidentiality and privacy, billing and remote consultation from scarce medical practitioners in such geographically dispersed academic environment like Federal University of Technology Minna healthcare center. In this work, we improve on these related works by exploiting the capacity of Information and Communication Technology (ICT) to extend automation beyond medical recording as does in (Hans et al 2010; Joseph et al., (2003); Barbara et al

LITERATURE REVIEW A number of related works exists in the application for ICT for provision of medical data privacy, convenience and diagnosis, treatment and prevention of diseases at near and remote distance in literature. Hans and Ahmad-Rezain Hans et al 2010proposed securing the e-health cloud by presenting security architecture for establishing privacy domains in ehealth infrastructures. This proposed system provides solution for client platform security. The work proposed building privacy domains for patients’ medical data as a technical metric to enhance the enforcement of data protection and privacy policies. The proposed system is limited to medical data recording unit and did not provide security for server back end. Also, authors in Joseph et al., (2003) developed computer oriented patient record system in sub Saharan Africa to eliminate duplication of medical files and data recorded in paper form. The system was developed with Microsoft office access database and is maintained by severance power system. The outline of clinics visited, tests perform, diagnosis made and drug prescribed were presented. When a new patient is enrolled into the electronic medical record system, a plastic tag is issued that carries the patient name and electronic media record system

19

1st International Conference on Applied Information Technology 7-9 October, 2015 (2010))and seamlessly apply Real time Communication framework for real time teleconsultations and Advance Encryption Standard of symmetric cryptographic algorithm to provide data

confidentiality and software enhancements for billing to extend limitations of Lawal (2013)and Emuoyibofarhe et al., (2014). beginning from medical recording unit, medical consultancy unit, dentist unit, nursing unit, pharmacy unit, laboratory unit, radiology unit and accounting unit integrated as a system for two sites located at Gidan kwano and Bosso campus linked together as a system. The components of the system from Figure. 1 are: a) Electronic Health Record (EHR) Module: The module archives enrolled electronic record of patient health information provided by patient to medical record keeping. Included in this information are patient demographics, progress notes, problems, medications, vital signs, past medical history, immunizations, laboratory data and radiology reports. EHR module automates and streamlines the clinician's workflow. The module has the ability to generate a complete record of a clinical patient encounter including evidence-based decision support, management and outcomes reporting; b) Electronic-Prescription Module: This module enhances the productivity of medical physician through electronic transfer of an accurate, error-free and understandable prescription directly to pharmacy and/or laboratory technologist for pre-clinical investigation. The model allows the doctor to prescribe drugs which will be sent to pharmacy via communication network; c) Electronic-Clinical Laboratory and Radiological Investigation Module: This module allows the laboratory technologists and radiologist to access investigation instructed by doctors available on the network. The result of the investigation by requirements is privately send back to the physician via the same channel of communication; d) Pre-electronic clinical administration by Nursing Practitioner Module: This module enable nurse(s) to perform pre-clinical data capturing for physician prescription consideration and to have access to the treatment instructed by doctor on specific patient and give feedback electronically; e) Real Time Communication Module: This module facilitates tele-consultation to medical experts through an integration of an API definition drafted by the World Wide Web Consortium for browser-to-browser applications support for voice calling, video chat, and P2P file sharing without the need of either internal or external plugin. The module provides seamless platform for voice and video communication among all units in the secure tele-diagnostics system.

MATERIALS AND METHODS In this section, technical solution that satisfies the functional requirements for the system is presented. The functional specification produced during system requirements analysis was transformed into a physical architecture through system modeling and database design. The transformed system was developed using Hypertext Pre -processor run time, Apache, My Structure Query Language and Node JavaScript. Thereafter, the developed system was tested and evaluated against benchmarks by experts. Requirements Definition for the Secure Teleclinical Diagnostic System The requirement definition follows from the premises that the design of secure tele-diagnostic system for remote and near clinical medical delivery should provide: a) Convenience: The system functional components for individual unit of medical facility should be available to experts for seamless accessibility which makes them an ideal tool for performing personal tasks. These tasks should cover operations in medical record unit, nursing unit, physician prescription unit, pharmaceutical dispensing unit, clinical laboratory investigation unit, dentistry unit and billing unit; b) Usability: The secure tele-diagnostic system must be expert friendly with little or no learning curve to the experts. The experts must also be able to personalize the diagnostic system environment to suit his or her convenience. The graphical user interface and tool tips should be provided to guide the experts to perform vital unit operations; c) Interoperability: The design of the secure telediagnostic system should be based on standards and open technologies that allow various modules of the system to interact with other systems; d) Security, Privacy and Trust: Patient should able to trust and count on medical expert against breach of their medical data. The system should be designed to keep patient data secret. Accessibility to data should be available to authorized experts and/or user only. A threat to confidentiality is disclosure of information. Therefore, each unit of the medical facility will only have access to patient data that is related to their unit. The system should be foolproof, resistant to attacks from an intruder while communicating medical over public communication channels. The integrity of medical data should be established in the design of the overall system. Overall System Architecture The architecture shown in Figure. 1 describes how the system operates using the University Health Service of Federal University of Technology, Minna (FUTMINNA) as the test bed. The system covers eight unit of FUTMINNA healthcare center

20

1st International Conference on Applied Information Technology 7-9 October, 2015

Figure 3: Activity Diagram of Tele-clinical Diagnostic System. System Security Design Considerations: The security design consideration for the system is based on the principle symmetric cryptography using Advanced Encryption standard (AES) for medical data protection from each unit to the database. AES is a symmetric block cipher. By definition, symmetric algorithms have one key. So both the sender and the receiver need to have the same key. A block cipher is a method of encrypting text in which a cryptographic key and algorithm are applied to a block of data at once as a group rather than to one bit at a time. The specification of the AES block cipher, defines two functions: encryption that generates ciphertext and decryption that produces plaintext. The AES has a block length of 128 bits and key length of 128,192 or 256 bits [7,13].Advance Encryption Standard of 192 bit key length is used because the longer the key used for encryption, the stronger the security strength. The encryption of medical data takes place at the middle tier at the point moving data into database and decryption happen at the point of medial data retrieval. Figure.4 describes the application of this security technique in this system.

Figure 1: Secure Tele-clinical Diagnostic System Architectural Diagram

Figure 2: Use Case Diagram of Tele-clinical Diagnostic System System Modeling The structure of the proposed system was modelled using the use-case diagram, activity diagram diagrams and the behavioural/sequence diagram using object oriented design paradigm. The use case scenario of the proposed system is shown in Figure. 2.The administrator controls the activities of the system and major functions of the system. The use case diagram of the secure tele-clinical diagnostic system involves five actors: medical record, doctor/dentist, nurse, pharmacy, dentist, radiology/laboratory, and accounting unit. Figure. 3 shows the activity diagram of the system.

21

1st International Conference on Applied Information Technology 7-9 October, 2015 Figure 4 Security design of Secure Tele-clinical Diagnostic System Database Design Databases are integrated collection of fields, data element, and records information need of an organization. Unit of data are independently retrievable. The database which contains tables of the eight units of Federal University of Technology Minna healthcare center described in Figure.1is graphically depicted in database design shown in Figure. 5.

Figures 6, 7, 8, and 9 shows the impact of the developed system using ICT could have on secure medical consultations for near and remote patient. The system login page shown in figure 5 welcomes the medical experts to the system. This page allows the expert to fill in the login credentials of password and username, if medical expert is an existing user; else the expert consults the administrator for credentials for using the system. If there is mismatch in the log in credentials of username and password, the system triggers an “error login error, check your password and username” , in this case, the medical experts should recheck the password and try logging in again.

Figure 6: Login Page Figure 5: Database design of the Secure Tele-clinical Diagnostic System Figure 7a shows the patient graphical unit interface (GUI) for the provision of patient clinical personal identification number for e-medical record unit after login. The GUI contains the identification number of patient waiting for consultation and time the patient clock in with graphical picture. Figure 7b shows the interface, after the medical record has entered the patient clinic identification number. The list of patients with related number is displayed on Figure 7b.

System Performance Evaluation The performance evaluation of the developed secure tele-clinical diagnostic system was carried out through perceptive assessment by medical practitioners (Physicians, Pharmacists, Nurses, Medical Technologists, Medical health record personnel) on the test-bed: FUTMINNA Health Service through administration of well-structured questionnaire during system pilot testing at the Gidan Kwano Campus. The system was rated against earlier defined requirements: usability, efficiency in healthcare delivery, medical data confidentiality, real time communication and accuracy in billing using Likert descriptive non-parametric data analysis in SPSS. The age range of respondents was between 18 years to 65 years. The values/strength and Linguistic labels for the questionnaire designed used for analysing the performance was 5-point Likert items defined as: 5-Strongly Agree, 4-Agree, 3-Undecided, 2-Disagree, 1-Strongly Disagree. The responses of the respondents were measured based on the linguistic strength with worst response (i.e. Strongly Disagree) given to the lowest strength and the best response (Strongly Agree) given to the highest strength. The results and implications of the findings are presented in the next section.

Figure 7a: Personal profile page of the system registration

RESULTS AND DISCUSSIONS

22

1st International Conference on Applied Information Technology 7-9 October, 2015 contains the list of patient sent by medical doctor on prescription to the pharmacy unit.

Figure 7b: Registered list of patients. The interface on Figure 8a shows real time communication between practitioners and patient.

Figure 9a: Electronic dispensing of drugs to patient.

Figure 8a: Real time communication for Teleconsultations between medical experts and patient Figure 8b shows an interface for Tele-diagnostic session between medical physician and patient. The right side of the screen shows the list of patients on the queue for consultation. The ‘H’ navigation contains tabs for history of complaints, doctor diagnosis, doctor examination, investigations, nurse administration, and operation note. The other black navigation contains tab to write case note on patient complaints, examinations, diagnosis, vital signs, prescription administer admission and check the payment invoice of the patient. From Figure 8b the medical doctor gives medical instructions to other units like nurse to administer treatment, prescription to pharmacy, investigation to laboratory and radiology.

Figure 9b: E-Pharmacy GUI for dispensing drugs Findings of the system performance evaluation from the assessment of confidentiality of the developed system as shown in Table 1 revealed that over seventy percent (70.72%) of the respondents cumulatively agreed that the developed system maintained the data secrecy as shown in secrecy and confidentiality. The findings of the system usability such as friendliness of the system when used by practitioners revealed that over ninety percent (97.55%) cumulatively agreed that the developed secure tele-clinical diagnostic system was user friendly. The findings of dependability of audio and video real time communication of the developed system revealed that over ninety percent (95.2%) cumulatively agree that the developed system real time communication was dependable. The billing management of the system accessed by the practitioners revealed that over eighty percent (85.36%) cumulatively agree that this system gives a correct financial report. The bar chart in Figure 10 shows the pictorial representation of the evaluation result presented in Table 1.

Figure 8b: Tele-diagnostic session between doctor and remote patients Figure 9a and Figure 9b show the GUI for pharmacy to dispense drug. The GUI contains the category of drug available. The right hand side of the GUI

23

1st International Conference on Applied Information Technology 7-9 October, 2015

Table

1:

Results

of

descriptive

non-parametric

data

analysis

of

the

respondents

Strongly Agree

Agree

Neutral

Disagree

Strongly Disagree

User friendliness/Usability

11 26.82%

29 70.73%

1 2.44%

0 0

0 0

Real Communication

22 53.66%

17 41.46%

0

2 4.88 %

0

95.2

9 21.95%

26 63.41%

6 14.63%

0

0

85.36

8 19.51%

21 51.21%

7 17.07%

4 9.76%

1 2.44%

70.72

Time

Billing Report

Secrecy Confidentiality

and

Cumulative Agreement (%) 97.55

35

Strongly Agree

30

Agree

25

Neutral

20

Disagree

15

Strongly Disagree

10 5 0 User friendliness

Figure

10:

Bar

chart

Real Time Communication

representation

of

Billing Report

numeric

Based on the earlier defined requirements, four performance evaluation metrics were formulated to establish the degree to which the system meets the requirements. These metrics are: SystemUsability Index (SUI) for usability requirement, System degree

frequency

Secrecy and Confidentiality

of

response

of

Table

1.

of confidentiality (SDC) for data confidentiality requirement, System degree of accuracy in billing (SDAB) for accurate billing and System degree of Real time Communication (SDRTC) for teleconsultation. Table 2 shows the summary of

24

1st International Conference on Applied Information Technology 7-9 October, 2015

Table2: Performance. Evaluation metrics of the developed Secure Tele-clinical diagnostic system Performance Evaluation metrics

Response designation

Response Mean

System degree of confidentiality (SDC) System usability index (SUI)

>3

3.76

>3

4.42

System degree of accuracy in billing. (SDAB) System degree of real time communication (SDRTC)

>3

4.07

>3

4.44

CONCLUSION In this paper, the requirement definitions, design, development and qualitative evaluationof a functional and secure tele-clinical diagnostic system for effective delivery of medical services to patient in a geographically dispersed academic environmenthave successfully been presented. The results of the developed system show that the synergistic combination of concepts of Telemedicine, Software engineering and Information Security in this study can significantly assists healthcare professionals to improve efficiency, trust, enhance work productivity and increase the operational speed of medical health delivery in developing countries like Nigeria. The developed system ensures the safety of patient data and service reliability in teleconsultation. The full deployment of the system at our test bed, Federal University of Technology Minna healthcare center and similar health care facility in developing countries is expected to improve practitioner’s productivity and improve clinical healthcare like other medical devices like Stethoscope and Electrocardiogram machine. The development of Secure Tele-clinical Diagnostic System helps in carrying out diagnosis; manage patient data, consultation with the aid of information and Communication Technology regardless of location of the patient and health care center. This system can be improved by integrating RFID system to automatically identify enrolled patient and Information hiding techniques such as steganography and watermarking can be applied to improve confidentiality and integrity of patient data. It is recommended that future medical informatics and telemedicine professionals would provide seamless and secure solutions along these research directions.

REFERENCES Rau H. L., W. Chen W.S.Jian. 2010. Developing electronic health records in Taiwan. IT Professional 12: 17-25. Sofsian, D. 2006.An Introduction to Medical billing.Retrieved online from http://www.ehealtharticles.com/Detailed/1449.html on 14th June 2015. Hsu, W.S. Pan J. I. 2013. "Secure Mobile Agent for Telemedicine Based on P2P Networks.Journal of Medical Systems.1(3) :2-4. Ho, K. Cordeiro J. 2010. Global Observatory for eHealth series. Global Survey on e-Health. 2(1): 8-9. David,W.B.,James,M.N.,Sarah,T.C.,Micheal,Z. Jeffrey, P.F. 2008. E-Health and its impact on Medical Practice. Philadelphia: American College of Physicians; 2008: Position Paper. Retrieved online at http://www.panly.net/file/e-health-and-its-impact-onmedical-practice.html on on 17th June 2015 Garg, V. J. Brewer 2011. "Telemedicine Security: A Systematic Review." Journal of Diabetes Science and Technology3(8): 768-777. Retrieved online at http://www.ncbi.nlm.nih.gov/pmc/articles/PMC3192 643/ on 19th June 2015. Manikandan G., S. R., R.Rajaram R., .Venkattesh V. 2013. An Image Based Key Generation For Symmetric Key Cryptography .International Journal of Engineering and Technology (IJET), 5(3):28072814. Lawal, L. A. 2013. Development Of An Electronic Health System For Campus Use. Unpublished Bachelor of Engineering Thesis, Federal University of Technology Minna.Niger State,Nigeria Hans, L., Ahmad-Reza, S. Marcel W. 2010. Securing the E-Health Cloud. Proceedings of the 1st ACM International Health Informatics Symposium.220-229 Joseph, k. R., Terry, J., H., Faye, E. S., John, B. H., Wilson,W. O., Nguyen, V., U., Burke, W. M., Joseph J. M., Robert, M. & William M. T. 2003. Installing and Implementing a Computer Based Patient Record System. Journal of the American Medical Informatics Association. 10(4): 295-303.

ACKNOWLEDGEMENTS The research team is grateful to Medical Director and entire healthcare practitioners at Gidan Kwano unit of the University Health Service for their cooperation and attitude towards change in FUTMinna Smart and Secure University Health Service Project now and in the future. Conference blind and rigorous article reviewers are acknowledged for their efforts towards scholarship.

25

1st International Conference on Applied Information Technology 7-9 October, 2015 International Journal of Cryptography and Information Security (IJCIS).2(3):117-130. Emuoyibofarhe O. J, Ogunwale O. E. Ogunleye O.O 2014. Development of a Robust Teleconsultation with Electronic Health Records Integrating Local Nigerian Languages. Proceedings of Proceedings of the Fifth International Conference on Mobile e‐Services, Ladoke Akintola University of Technology,Ogbomoso,Nigeria:37-47

Barbara A. E., B.W. Charles, Y Frances., John, L. Anthony B. F. 2010. Development of a clinical information tool for the electronic medical record. Journal of Medical Library Association 98(3): 223227. Changrui X. Arthur Y. 2009. Medical smart card system for patient record management. Science, Technology, and Energy policy white paper competition: 1-12. Rahimuna K, Zach M. P., Kumar, S. S. Jayakumar J. 2012. Architectural Optimization of AES transformations and Key expansions.

26

1st International Conference on Applied Information Technology 7-9 October, 2015

EFFECTIVE TEACHING OF PROGRAMMING LANGUAGES AT UNDERGRADUATE: AN OVERVIEW O. Adelakun-Adeyemo1 and S. O. Akinola2 1

2

Computer Science Department, Salem University, Lokoja, Nigeria. Computer Science Department, University of Ibadan, Ibadan, Nigeria.

Abstract: Teaching programming is a difficult task. Many students find it difficult to grasp programming concepts quickly enough to achieve good grades. There is also a myriad of options and approaches to choose from. This paper outlines some of the options and approaches and summarizes that choosing a simple, well-structured language, encouraging collaboration and giving lots of feedback to students are the major effective strategies when teaching programming languages to students. Keywords: Computer programming, teaching approaches to programming, Collaborative learning of programming INTRODUCTION Computer Science (CS) is a broad and diverse field encompassing the fields of mathematics, physics, psychology, art and sociology. Indeed, one can look at computer science as a hybrid field of study.More formally; we can say that computer science falls in the field of applied sciences as opposed to the basic sciences. As diverse as the field of computer science is, one activity that remains dominant through the diverse components is programming (Felleisen 2008). This dominance is also reflected in computer science curriculum(Blake 2011) across the world. At Salem University, Lokoja, Nigeria, 34.3% of the curriculum is focused on programming to some extent (Salem University 2011).This Over the course of an undergraduate programme in computer science, students are exposed to at least four programming languages in core programming courses and are required to apply programming in a few other courses. With so much hinging on the learning and application of programming, the effective teaching of programming languages is no doubt very important. Despite the huge curriculum share given to programming languages, and their importance to the field, research shows that there is still comparatively high rates of failure when it comes to programming language subjects. (Vihavainen et al. 2014)(Kaplan 2009). Students find it difficult to grasp programming at the introductory stage and this has discouraged many from continuing in the field (Gudmundsen & Olivieri 2012). Kak 2013 concedes that teaching programming is a difficult task. This is more so because teaching programming at the level required by industry can only be undertaken by someone who is very much into the act of programming. Most university lecturers are however more immersed in research within their chosen specialities than in writing the next piece of software. He asserts that teaching programming at the university level, must teach how to interact with the machine, demonstrating how to handle program misbehaviour, teaching how to manage memory efficiently, and well as synchronization and process control. In his opinion, real programming for a computer scientist, must go beyond just constructs

but to the level of understanding the implications of the constructs at the system level and be able to make appropriate decisions for program correctness and efficiency. This divergence of interests is one of the causes of low achievement in programming language courses. Learning to program is a very important skill for a computer scientist(Blake 2011). (Kaplan 2009) compares the inability of a computer scientist to program to the inability of a mathematician to understand algebra. A situation he terms ‘very limiting’. Although (Blake 2011) states quite emphatically that computer science is not programming and computer scientists are not programmers; he still agrees to the fact that learning to program is very important. So how can programming languages be taught effectively? METHODOLOGIES OF EFFECTIVE Selection of Appropriate Programming Language Several authors have discussed the issue of the appropriate language for teaching first programming language courses. The debate usually centres on finding a language with minimum memory load i.e. a language in which the concepts to be mastered in order to write the simplest working program in that language is minimal as well as a minimal number of lines of code. A first programming language should be a well-structured language with high computing power, it should be easy to learn and be widely applicable(Howell 2003).(Blake 2011) states that the choice of language to teach is a personal one, owing to the fact that teachers make choices based on their own identities as computer scientists and their definition of the discipline. He however also mentioned that though there might be multiple factors affecting the choice of language to be taught, the learner must not be left out of the equation. That is the characteristics and needs of the learners must also be put into consideration.(Pears et al. 2010) also mention considering the whole curriculum when making the choice. Some authors argue that the first programming language should be an object-oriented language such as Java or C++. So passionate are some of the

27

1st International Conference on Applied Information Technology 7-9 October, 2015 proponents of this view that one such person is quoted to have said that it is impossible to teach any other language to a person who has learnt BASIC as a first language (Kaplan 2009)0. (Warren 2001) however tries to make a point about teaching introductory programming with scripting languages. His argument is that they were built to create small pieces of code and by being more flexible than C++ and Java-type languages (system programming languages), allows the learners to focus on ‘algorithmic issues’. In his paper he classifies four problems with these system programming languages that create huge barriers for programming novices: gratuitous complexity, inconsistency, modes and implementation issues. (Blake 2011) also seems to agree as he states that scripting languages have fewer ‘non-obvious’ (gratuitous complexity) topics that need to be learnt. He reports how using Scala helped his students to learn programming and transit seamlessly to learning Java in their second year. Part of the debate on the choice of first programming language also has proponents speaking from the angle of industrial demands. They feel programming languages to be taught should be in line with what the industry requires. (DeRaadt et al. 2002) carried out a research in which they compared industry demand to languages being taught in universities in Australia. They carried out a census of languages taught in introductory programming courses and compared them with programming language skills demandedin job adverts placed in newspapers. They found a high correlation between programming languages taught as a first language and those demanded by industry. They discovered that the most sort after languages were C, C++, Java, and VB. Also, they found a high demand for object oriented languages and scripting languages over procedural languages with special purpose languages such as SAP and PeopleSoft also making an impressive presence. Their conclusion is that in choosing a language or languages for the CS curriculum, while industry demand is a good factor to consider, pedagogical benefits are even more so especially for introductory courses. Overall, choice of languages over the cause of the programme should include object-oriented languages, scripting languages and possibly special purpose languages like SAP. This mix will ensure that the students are well prepared for employment. Shivers 2008) in her paper alludes to the fact that programming is an important skill in the computer science domain. However, she maintains firmly that the teaching of programming should be focused on the essential ideas that underpin programming and not fads demanded by industry. She emphasised that the teaching of programming should be such that the students develop the capacity to pick up new languages and paradigms by themselves because fads by their very nature, change. The teaching of programming therefore must be focused on the core components and developing problem solving skills.(Felleisen 2008)corroborates this stance in his paper by stating that ‘the quick pace

of changes in the real world demand that we graduate students who understand the principles of programming languages (POPLs); who can use them to navigate the diverse and formidable maze of programming languages; and students who are prepared to design their own special-purpose languages when needed’. In the case for the use of pedagogical languages, i.e. programming languages designed mainly for teaching programming, the Python programming language leads the debate as the most advocated language for teaching introductory programming. (Grandell et al. 2006) make a case for teaching introductory programming with Python. Interestingly, Python is a scripting language. They report the results of an action research carried out in a two High Schools in Finland. The results show that using Python produced better results than using C++ or Java. The students grades were better and some of the students who had had prior programming exposure indicated that Python was easier to learn, more fun to use and that they would continue programming in Python. Python was developed as a language meant for education just like Pascal and Logo were. Overall, it appears that the most effective language to teaching programming is a language that 1. does not have high notational overhead 2. has simple and rich syntax 3. is well supported with tools such as Integrated Development Environments (IDEs), books, tutorial and web documentation These criteria are very important especially for introductory course which serves to build a foundation in algorithmic thinking and problem solving. Later in the curriculum, issues such as industrial relevance can be put into consideration to create a viable mix of programming languages learnt by the students to ensure well-grounded skills and marketability. Such a mix might be Python followed by VB, C++ and Java. This will prepare a student to qualify for 66% of programming jobs (DeRaadt et al. 2002). Selection of Appropriate Teaching Methodology Programming Tools/Environment Programming can be done in a visual or command line environment. (Dillon et al. 2012) conducted an experiment in which they compared the ability of novices to switch successfully between the two kinds of programming environments. Their result showed that students who had been first introduced to a command line environment found it easier to transit to a visual environment. Their conclusion is that learning to program using a visual environment is ‘easier’ to learn because the environment is more familiar to the user. This is because visual environments for programming often use the same WIMP (window, icon, menu and

28

1st International Conference on Applied Information Technology 7-9 October, 2015 pointing device) features that the user will most probably be used to with other visual applications like word editors and browsers. The consistency and affordance of the environment make it easier for the user to navigate and understand the features. However, they also posit that using the visual environment presents the novice programmer with a higher level of abstraction when programming. For example by simply clicking a button on the visual environment, the user can compile/interpret and execute the program unlike in the command line environment where the user has to issue specific commands for each activity. These manual interactions, according to(Dillon et al. 2012), create a different mental model that helps the user to better understand what programming is all about. The manual interactions with the compiler are seen to be beneficial in having the ‘correct’ view of programming as different from using application programs.

Zhu & Zhou 2003 bring another perspective into the discussion of teaching methods by exposing the fact that teaching a programming paradigm is quite different from teaching a programming language. It is quite true that one language maybe used to write programs across paradigms. Therefore, for an effective teaching, the methodology should be taught first and the language second. Their work is focused on the Object –Oriented C++ language. For example, it is possible to use C++ both as an imperative and an object-oriented language because it retains all the qualities of the C language. According to them, when the methodology (paradigm) is not learnt properly, it results in students producing low quality codes which might reflect in low achievements in assessment. They state emphatically that it is of utmost importance to teach methodology first and language second. Their six-step approach helps students to develop the understanding of the concepts of objectorientation by first relating them analogically to the real world and then gradually abstracting them into language constructs.

Masterson & Meyer 2001 present a visual programming language SIVIL (Simple Visual Language) that depicts program syntax completely visually. Relying on the claim that visual aids are generally thought to be more effective and more presenting ideas to learners, SIVIL presents program constructs, elements and data flow using pictures, symbols and icons. Like the other visual programming environments, it naturally creates a level of abstraction. This can be seen as an advantage as it lowers the learning curve and may help more students have success with learning programming. Gudmundsen & Olivieri 2012 demonstrate a similar tool called Visual Logic. The tool allows users to create programs via interactive graphical flowchart symbols which are executable. The graphical flowchart symbols help the users to better understand abstract programming concepts such as branching, looping and so on. By almost eliminating the need to learn syntax at an introductory stage, the authors claim that Visual Logic © helps students move on more easily to industrial grade languages.

Recent study by Akinola & Nosiru (2014) showed that the attitudes, punctuality and regularity of the lecturers as well as the interest of students are important factors to be considered when seeking for ways of improving the skills of students in computer programming. Classroom based lectures The traditional setting for teaching has been the classroom based, with the teacher teaching from the front and the students taking notes. This has also been the mode of teaching programming language courses for a long time. However, it is not very effective as students find it difficult to translate what was written on the board to actual codes on the computer. More so, they can find the programming environment challenging to use especially if it is a command driven environment. Classroom based lectures plus separate practical lab sessions

Teaching Approach

Another setup is to combine classroom based lectures with separate practical lab sessions. This is becoming the norm when teaching programming. The arrangement is made such that, the programming concepts are introduced during the lectures and then exercises relating to those concepts are worked out during the lab sessions. Usually, the lab session is taken by a different person such as a graduate assistant in the university setting or a technologist.

Olsen 2005 and Doyle 2014 discuss what they call a ‘pseudocode approach’ and a ‘problemsolving’ approach respectively. This method of teaching focuses more on learning how to analyse a problem and deconstruct it into logical steps and actions that will create a solution without bordering about a specific language syntax. This method is supported by many researchers (Olsen 2005) and is generally called the Algorithm-First method. There are other methods namely: Imperative-first, Objectsfirst, Functional-first, Breadth-first, and Hardwarefirst. While the algorithm-first approach helps students to develop strong problem-solving skills, one down side is that algorithms cannot be executed on a computer, so, the learning experience might be perceived to be boring. This disadvantage can be overcome however by making students implement their algorithms in a programming language after they have been developed.

This arrangement is certainly an improvement over the purely classroom based style but can be riddled with problems if not properly managed by the course lecturer. This system has helped many students to grasp programming concepts and languages more easily which resulted in better grades for the students.

29

1st International Conference on Applied Information Technology 7-9 October, 2015 Practical lab sessions Full-fledged practical sessions are becoming pervasive. They are the dominant style being used in IT certification-focused institutions such as NIIT and Aptech in Nigeria. In this setting, usually, all teaching takes place in a computer lab with each student having access to a personal computer. The lecturer demonstrates via a projector and the students replicate what is being done instantly. This approach creates a rapport between the student and the teacher and can help them learn faster since problems can be dealt with immediately. This arrangement is however resource intensive and time consuming. Other Teaching Interventions More and more programming courses seem to be thought using extreme programming. As agile development has continued to gain ground, it has filtered its way into education as well. A number of researchers have reported positive experiences with extreme programming as well as pair programming.(Karn & Court 2003) describe a ‘software hut’ at the Universityof Sheffield, United Kingdom, where students work in teams on real life projects. Though their research was focused on how personality affects team success, the scenario in which the research was carried out goes to show that schools are adopting industry-like teaching and learning environments. Several researchers have reported improvement in performance of students when pair programming was used. Pair programming has also been reported to enhance achievement of students (Akinola, 2014;Brain Hanks, 2008). (Shaffer & Edwards 2007) in their research however, did not notice any impact of pair programming on the performance of their subjects. Vihavainen et al. 2014 carried out a systematic literature review of interventions to improve students’ achievement in programming language courses. In their research, they discovered thirteen interventions which had been used in different scenarios. The result of their study revealed that Media Computing topped the list of interventions that helped students grasp the concept of programming and hence achieve success. Media Computing with pair programming came second, Cooperative third, Using a visual programming tool fourth, extreme apprenticeship and team based learning came fifth and sixth. Having a preliminary introductory course also produced good results coming seventh. Reducing class size, Improving resources, Using games, pair programming, modifying assessment and collaboration with games ranked eighth to thirteenth in order. Their study focused on introductory programming and there is evidence that as students mature, some interventions such as pair programming, become more effective.

method of assessment might have an impact on students’ achievements without necessarily indicating their actual skills. Howthen should programming courses be assessed effectively? A programming language course should test students’ ability to understand problems and formulate algorithms to solve them, their knowledge and understanding of language syntax and semantics. It should also test their ability to debug programs. Assessment Method The main forms of assessment for programming courses are highlighted below. Written Exams Pen and paper exams are the simplest to conduct. Students are required to answer questions ranging from identifying language syntax to actually writing pieces of code in an exam answer booklet. Practical Exams Students are required to write programs on a computer using a live compiler/ interpreter. The exams can be submitted over a server or on storage devices such as CDs and memory cards. Project A project is a significant piece of code/software that the students create as part of the assessment. It can be done singly, in pairs or in teams. Projects are beneficial because they give students the opportunity to use a breadth and depth of the language in one program than may not be possible during the course lecture. The projects can carry any mark from 30100% of the final grade. Feedback Instructor Feedback: The research by(Chen & Tu 2011) indicate that instructor feedback encourages students to work harder in producing better code. They identified ‘bad smells’ which are essentially indications of problematic code segments that can lead to unmaintainable and potentially buggy programs (Fowler 2006). Identifying this bad program codes for the students helped them direct their energies for effectively and finally achieve more on the course. Time Management: Shaffer & Edwards 2007 in their research discovered that helping the students schedule their work into incremental milestones helped students to achieve more in programming courses. Grading Method Traditionally, assessment is made up of a major final written exam weighting 60-70% of the total marks while in-term continuous assessment tests and assignments carried 30-40% of the final score. Given the multidimensional nature of programming, many institutions have moved away from this traditional

Selection of appropriate assessment and feedback method In the university setting, effectiveness can be measured by students’ achievements. However, the

30

1st International Conference on Applied Information Technology 7-9 October, 2015 grading composition to include elements such as Labs (15%), Project (33%), Class participation(2%)(Neasbitt 2011). At the Princeton University’s COS126 ‘Introduction to computer science’ course website, the grading is partitioned as follows: Two written exams(34%), two programming exams (12%), 9 programming assignments (40%) and one final project (10%) (Princeton University 2015). At the University of Ibadan, Nigeria, Grading of students in CSC 232 (Structured Programming) is done as follows: Written examination (60%), two collaborative projects (10%), Labs (20%) and Mid-Semester’s Test (10%). When assessments are turned in by students, it is left to the instructor to grade such assignments according to a standard set by him. The standards for grading assignments should intuitively be based on the learning objectives of the course. When grading computer programming assignments, what standards and methods should be adopted?Since programming cannot be divorced from the broader subject of software engineering, (Chen & Tu 2011) highlight that the traditional method of grading programming assignments based on functionality alone is counter effective. Learning to program also entails writing good quality code that is readable and maintainable. They proposed a system for grading code quality and providing feedback to students so that code can be refactored and improved upon. Their grading system highlighted 12 ‘bad smells’ which were the basis of quality used to assess the assignments submitted by students. Over the course of the term, they discovered that the students’ achievement greatly improved as they were motivated by the feedback to work more on their code and improve its quality. A survey of a few university websites revealed how programming assignments are graded. From the Stanford university CS107 website, assignments are graded based on functionality and code quality (Zelinski 2015). The Ohio State university course titled ‘software component engineering’, had the following grading criteria: solution adequacy, high quality (expected of a professional ),(Ohio State University 2015). The University of California, Davis sighted results, knowledge of concept, output, documentation and due date as criteria for grading its ‘Introduction to software engineering’(Joy 2013). It shows that many schools have moved away from the traditional thinking to a more robust view of programming courses.

objectives, the profile of the students and other available resources, this can be done. This paper has highlighted the following preferable practices for effectiveness: 1. Simple, structured and generally applicable programming language 2. Simple development environment with minimum levels of abstraction away from the working of the compiler 3. Effective practical sessions. 4. Copious instructor feedback and strict time (project) management 5. Encouragement of student collaboration (group work) 6. Contributory continuous assessment REFERENCES Akinola, O.S., 2014. An Empirical Comparative Analysis of Programming Effort, Bugs Incurrence and Code Quality Between Solo and Pair Programmers. Middle-East Journal of Scientific Research, 21(12), pp.2231–2237. Akinola, O.S. Nosiru, K.A., 2014. Factors Influencing Students’ Performance in Computer Programming: A Fuzzy Set Operations Approach. International Journal of Advances in Engineering & Technology, 7(4), pp.1141–1149. Blake, J.D., 2011. Language considerations in the first year cs curriculum *. Consortium for Computing Sciences in Colleges, pp.124–129. Chen, W. Tu, P., 2011. Grading Code Quality of Programming Assignments Based on Bad Smells. , p.4577. DeRaadt, M., Watson, R. Toleman, M., 2002. Language Tug-Of-War : Industry Demand and Academic Choice., 2002. Dillon, E., Anderson, M. Brown, M., 2012. Comparing Mental Models of Novice Programmers when Using Visual and Command Line Environments. In Proceedings of the ACMSE. Doyle, B., 2014. C# PROGRAMMING: From Problem Analysis to Program Design 4th ed., Boston, MA: Cengage Learning. Felleisen, M., 2008. Why Teach Programming Languages in this Day and Age and How to Go About it. SIGPLAN Workshp on Progrmming Language Curriculum, 43(11), pp.59–61. Fowler, M., 2006. Code Smell. Available at: martinfowler.com/bliki/CodeSmellhtml. Grandell, L, 2006. Why Complicate Things ? Introducing Programming in High School Using Python. In Eighth Australasian Computing Education Conference. Gudmundsen, D. Olivieri, L., 2012."Reducing The Learning Curve In An Introductory Programming Course Using Visual Logic". Journal of Computing Sciences in Colleges, 27(6), pp.10–12. Howell, K., 2003. First computer languages *. Consortium of Computing in Small Colleges, pp.317–331. Joy, 2013. ECS 40- Grading of the Programming Assignments. Available at: graphics.cs.ucdavis.edu~joy/ecs40/How-the

CONCLUSION Many factors which may contribute to the effective teaching of programming have been highlighted. While it may not be possible to implement every option on trial, it is instructive in constructing a better teaching/learning environment for any programming language course. By taking into consideration the course and entire curriculum

31

1st International Conference on Applied Information Technology 7-9 October, 2015 Programming-Projects-are-Graded.html [Accessed February 4, 2015]. Kak, A., 2013. Teaching Programming. Avinash Kak’s Home page, (October), pp.1–5. Available at: https://engineering.purdue.edu/kak/TeachingProgram ming.pdf [Accessed February 6, 2015]. Kaplan, R., 2009. Choosing a First Programming Language. In Proceeding of the ACM SIGITE 2010. pp. 163–164. Karn, J.S., Court, R., 2003. An Initial Study of the effect of personality on group cohesion in software engineering projects. , (Saeki 1995), pp.1–49. Masterson, T. F. Meyer, R.M., 2001. SIVIL : A True Visual Programming Language For Students. Journal of Computing in Small Colleges, 4(May 2001), pp.74–86. Neasbitt, C., 2011. CSCI 1301: Introducton to Computing & Programming Spring 2011 Course Information. , pp.1–6. Available at: cs.uga.edu/~neasbitt/. Ohio State University, 2015. Software Component Course Grading Criteria. Available at: web.cse.ohiostate.edu/sce/now/lab-grading.html [Accessed February 4, 2015]. Olsen, A.L., 2005. Using Pseudocode To Teach Problem Solving. Journal of Computing Sciences Colleges, 27(2), pp.231–236. Pears, A., 2010. A Survey of Literature on the Teaching of Introductory Programming., pp.204– 223.

Princeton University, 2015. COS126: Syllabus. Available at: www.cs.princeton.edu/courses/archive/spr15/cos126/ syllbus.html [Accessed February 6, 2015]. Salem University, 2011. Salem University Handbook (2011-2014). Shaffer, C.A., Edwards, S.H., 2007. Scheduling , Pair Programming , and Student Programming Assignment Performance. IEEE Transactions on Education, 1(11), pp.1–6. Shivers, O., 2008. Why Teach Programming Languages. In SIGPLAN Workshp on Progrmming Language Curriculum. Vihavainen, A., Airaksinen, J. Watson, C., 2014. A Systematic Review of Approaches for Teaching Introductory Programming and Their Influence on Success. In Proceedings of the ACM ICER. pp. 19– 26. Warren, P., 2001. Teaching programming using scripting languages. Consortium for Computing in Small Colleges, pp.205–216. Zelinski, J., 2015. CS107 How assignments are graded. Available at: web.stanford.edu/class/cs107/advice-grading.html. Zhu, H., Zhou, M., 2003. Methodology First and Language Second : A Way to Teach Object-Oriented Programming. In Proceedings of ACM OOPSLA. pp. 140–147.

32

1st International Conference on Applied Information Technology 7-9 October, 2015

A FASHION COLOUR COMBINATION VISUALIZATION MODEL USING GENETIC ALGORITHM 1

O. S. Salako, 2C. O. Oloruntoba, 3O. V. Sanusi and 4A. A. Maruf-Sogeyinbo 1, 2, 3

4

Department of Computer Science, Federal University of Agriculture, Abeokuta, Nigeria Department of Computer Science Education, Federal College of Education, Abeokuta, Nigeria 1

[email protected], [email protected] and [email protected]

Abstract: Selecting appropriate colours poses great challenge for expert fashion designers and users. At times, different coloured fabrics and textiles have to be manually placed side by side to see how well they combine. In this paper, a model was developed for fashion colour combination visualization for ladies using concepts in genetic algorithm to achieve a display of colour variations.This research involved 26 users to suggest rules that guide choosing fashion colour combination for ladies in the initial stage. Analysis of the questionnaire was carried out in an online survey site. We considered two of the suggestions made by the users. These are light colours on dark colours and stripped colours on plain colours. The system was implemented using C# programming language and XAML. It was found to be a useful tool to users and fashion designers for the visualization of fashion colour combination for ladies. Keywords: Colour Combination, C# programming, Fashion Design, Genetic Algorithm, Visualization, User Satisfaction

term of all finishing ornaments. The general details of a females dress as shown in figure 1 below include detail elements like necklace, collar, sleeve, cuffs, waistline etc. (Lee and Park, 1998; Lee, 1998; Mckelvey, 1996). This paper is focused on detail elements with two subdivisions: Blouse and Skirt.

INTRODUCTION Expert fashion designers and even consumers spend time in trying to figure out what colours match or combine well. This also applies to textile and fabric designers. At times, different coloured fabrics and textiles have to be manually placed side by side to see how well they combine. As most consumers are not professional at fashion design with respect to combining colours for fashion, a computer aided system might be helpful to choose what they like. It can be a solution that fashion designers produce designs after which they visualize what the outcome looks like, but it is this is not efficient in terms of cost and time. A computer-aided system may provide visualization for fashion/textile colour combinations giving suggestions until the taste of the user is suited. In this paper, we develop a fashion colour combination aid system for ladies using domain specific knowledge from fashion experts. We have classified women’s dress into two parts and provided colour combinations from these. Through interaction with a user, our system could effectively suggest a colour combination the user would prefer. This paper is organised as follows: Section 2 examines some related literature about fashion design, conventional fashion design aid systems and visualisation. Section 3 describes our system design. Section 4 and 5 gives the system implementation using C# programming in Visual Studio and XAML and also shows our experimental results.

Blouse

Figure 1: General details of females dress (Kim and Cho, 2000) Fashion Design Aid Systems When designers design clothes, they sketch first and later detail it into an illustration. With clippings from magazines, journals and photographs of similar designs from fashion shows, they then make these concepts into some sample piece (Kim and Cho, 2000). There are many systems that aid fashion designing. Examples include AutoCAD from Autodesk, ApparelCAD, an apparel design software/plug-in designed to work with AutoCAD (Miller, 2004). Others include Photoshop and Illustrator from Adobe (Kim and Sul, 1998; Lee, 1999). Also, some design-aid systems have been developed using evolutionary computations (EC). A

LITERATURE REVIEW Fashion Design Fashion design means to make a choice within various styles that clothes can take (Sharon, 1984). Fashion design consists of three shape parts: Silhouette, detail and trimming. Silhouette refers to outline or outlook shape that expresses the whole characteristic of a cloth. Detail is composed of subdivided parts of Silhouette. Trimming is a generic

33

1st International Conference on Applied Information Technology 7-9 October, 2015 fashion design aid system using genetic programming (GP) was developed in 1996 (Nikanishi, 1996a, 1996b). He encoded a number of dress lengths into chromosomes. The system evolved each dress according to the user’s selection. Kim and Cho (2000) performed research to enhance women’s dress design. They developed an encoding scheme that describes a dress with three parts: body and neck, sleeve and skirt. They then used interactive genetic algorithm to produce various dress designs for women implementing their system with OpenGl and VRML to enhance the system interface. Volinoet al. (2005) also in their research used a framework of virtual garment design and prototyping with details on interactive design, simulation and visualization features. This involved the use of algorithms from the field of mechanical simulation, animation and rendering. Current researches like Paul et al. (2015) and Zhou et al. (2015) gives insight into the benefits of design and visualizations in solving problems in other domains like Urban Systems and environment. However, these researches have not been able to look into fashion and particularly colour combination visualization for ladies. This research aims to develop an interactive computer aided visualization tool that would help ladies and fashion designers visualize colour combinations in order to make suitable choices in dressing and fashion design.

of the colours. This is done using the formula given below. Z=

(

) (

) (

)

Dark Contrast = Light Contrast = 1 The RGB values were also used during our prototype display. The RGB values for the colours stored in the data file are also temporarily stored in the program on initialisation and this values are called when the colours are about to be displayed (when the users clicks “View” as illustrated in the implementation section of this research). Some concepts in Genetic Algorithm (GA) were borrowed to implement our colour combination system. These include encoding, fitness value, selection, cross-over and mutation. These were implemented with the aim of obtaining varied colour combinations and not for optimisation as most GA systems do. How the GA concepts were utilized in this project is further explained in the following sections. Encoding of Colours The RGB values are being read from a “.dat” file. The chromosomes that make up the colour selection are being guided by these values e.g. RED has RGB of 255, 0, 0 and these values can be used to get the darkness and lightness fraction used in the selection process. The Chromosomes (individual colours) that guide the crossover and selection act as a form of memory for our algorithm to make selections from.

MATERIALS AND METHODS This section covers the detailed explanation of the system design of our computer-aided tool for colour combination in fashion design for ladies. User-Centric Approach This research involved 26 users in the initial stage of the creation of our computer-aided tool for fashion colour combination. They were asked to suggest rules that guide choosing fashion colour combinations for ladies. We designed an online questionnaire using an online survey at www.goo.gl/Z6SLsR. The analysis of the questionnaire was also carried out on the online survey site. Some of the suggestions made by the users that guide fashion colour combination include light colours on dark colours (96% agreed to this), stripped colours on plain colours (68% agreed to this), skin colour determines colour of dress put on (72% agreed to this), weather of the environment determines the type of clothing etc. This project therefore considers two of the suggestions made by the users for ladies. These are light colours on dark colours and stripped colours on plain colours.

Selection of Colours Selection of colours is based on the contrast difference. As contrast is a deciding factor in dressing as suggested earlier by fashion experts (i.e. light colours on dark colours, stripped on plain colours), our system based its analysis on this. Fitness range was used for the selection. Based on this fact, our system selected a changeable fitness range and once a colour fits into this range, it is selected for the cross over process. LIGHT is selected when Light fraction >= lowerFitnessValue and = lowerFitnessValue and = Lower fitness value and = Lowerfitness value and = Lowerfitness value and 0.05), “2-4 Hours” (β = than 8 Hours altogether explain about 53.0% of the 0.254, p > 0.05), “4-6 Hours” (β = 0.224, p > 0.05), difference in the effect of time spent on social “6-8 Hours” (β = 0.327, p > 0.05) are not media on the academic performance of the students. significant but for “More than 8 Hours” (β = 0.320, The F Value is equal to (2.139) and hence is p < 0.05) and constant are significantly and significant at (p 0.05) but alpha value obtained for more than 8 hours and the constant are both less than p value (i.e. 0.009 and 0.000 5 1 50 100 >5 1 50 150 1 1 50 200 2 1 50 250 2 1

Table ii: Effect of varying maximum generation for Equation 1 Maximum No of Runs Best Fitness Generation Required to Per Run obtain the closest/best fitness 10 2 1 20 9 1 30 12 1 40 15 1 50 18 1 Table iii: Effect for Equation 2 Maximum Generation Per Run

No Solution

=1 =0 =1 =2 =3 =1 =2 =3

Best Fitness

Table vi: Effect of varying population size for Equation 2 (3x3) Max Gen Population No of Best Runs Fitness 10 50 6 1 10 100 2 1 10 150 2 1 10 200 4 1 10 250 8 1 50 50 3 1 50 100 3 1 50 150 2 1 50 200 3 1 50 250 3 1

1 1 1 1 1

Table iv: Effect of varying maximum generation for Equation 3 Maximum No of Runs Best Fitness Generation Required to Per Run obtain the closest/best fitness 10 1 1 20 1 1 30 1 1 40 1 1 50 1 1

Table vii: Effect of varying population size for Equation 4 (4x4) No of Max Gen Population Best Runs Fitness >10 10 10 0.9943978 7 10 20 1 6 10 30 1 6 10 50 1

79

1st International Conference on Applied Information Technology 7-9 October, 2015 1 1 3 4 2 1 1

10 50 50 50 50 50 50

100 10 10 20 30 50 100

Goldberg, D. E 1989. Genetic Algorithms in Search, Optimization and Machine Learning. Addison-Wesley, USA. Holand J. L. 1975. Adaptation in Natural and Artificial System Adaptation in Natural and Artificial Systems: An Introductory Analysis with Applications to Biology, Control, and Artificial Intelligence. University of Michigan Press, USA Holland, J. L. 1994. The Self-Directed Search. Odessa, FL: Psychological Assessment Resources Ibrahiem M.. El Emary M., Mona M. Abd E . 2008. On the application of Genetic Algorithm in Fingerprint Registration. World Applied Science Journal.5(3), 276-281 Ikotun, A., Lawal M., Olawale N. Adelokun A. P. 2011. The Effectiveness of Genetic Algorithm in Solving Simultaneous Equations. International Journal of Computer Applications 14(8):38–41 Isaac S. 2013. Pratical Portfolio Optimisation. Apex Research Limited, London. Lawal N. O. 2003. Genetic Programming: Applications In Econometrics. An MSc Dissertation Submitted To The Department Of Computer Sciences, School of Postgraduate Studies, University Of Lagos, Lagos Nigeria. Lipson, M., Lipschutz, S. 2001. Schaum's outline of theory and problems of linear algebra. New York: McGraw-Hill. Mafteiu-Scai L. O., Mafteiu-Scai E. J. 2013. Solving Linear Systems of Equations using a Memetic Algorithm. International Journal of Computer Application. 58(13),16-22 Marjan K. R., Sadegh E. 2012.The Effect of a New Generation Based Sequential Selection Operator on the Performance of Genetic Algorithm Indian Journal of Science and Technology. 5 (12) Mhetre, P. S. 2012. Genetic algorithm for linear and nonlinear equation. Int. Journal of Advanced Engineering Technology. 3, 114-118. NiKos E. M. 2005. Solving Non-Linear Equations Via Genetic Algorithms. Proceedings of the 6th WSEAS Int. Conf. on Evolutionary Computing, Lisbon, Portugal, June 16-18. 24-28 Olympia R., Stefka F., Paprzycki M. 2013. Influence of the Population Size on the Genetic Algorithm Performance in Case of Cultivation Process Modelling. Federated Conference on Computer Science and Information Systems. 371– 376 Roshni V., Jignesh P., Patel S. 2012. Optimization of Linear Equations using Genetic Algorithms. Indian Journal of Applied Research. 2(3) Sarac V. Cvetkovski G. 2011. Different motor models based on parameter variation using method of genetic algorithms .Electrical Review. ISSN 00332097, R. 87 NR 3/2011 Turing, A.M. 1950. Computing Machinery and Intelligence .MIND, 59,433-460. Michalewicz Z. 1996. Genetic Algorithms + Data Structures = Evolution Program, Third, Revised and Expanded Edition, Springer, USA.

1 1 1 1 1 1 1

DISCUSSION The effect of small/large population size on the implementation of genetic algorithm. It was observed that small population size does not produce perfect solutions as fast as when large population size is used. Large population size guarantees wide search for candidate solutions, from which good and better solutions could be derived in successive generations. However, as population size gets larger, it produces an overhead cost on the processing speed and storage. As the storage gets filled up with more candidate solution solutions, it hampers the processing speed of the computer system on which the GA is being implemented. Thus, the population size should not be allowed to become outrageously large. The effect of small/large number of generation on genetic algorithm paradigm. It was observed that small or large number of generations did not really have so much impact on the attainment of perfect solution as much as population size. At times small number of generations (e.g. 10) produces perfect results after a few runs of the GA program, while at some other times, large number of generations produces (e.g. 50 and above) perfect solutions after several runs of the program. Conclusion: The efficiency of the GA program is dependent on the availability of enough storage and processing speed of the computer system being used for its implementation. As the problem gets more complex, more storage and faster processing speed are required. Large population size is required for complex problem to obtain perfect solutions; since larger population of candidate solutions guarantees attainment of good and better solutions in successive generations. REFERENCES Avni R., Adnan M., Agni D. 2013. Analysis of the impact of parameters values on the Genetic Algorithm for TSP. International Journal of Computer Science Issues, 10(1). Benny R., 2000. Gaussian Elimination code in Java, Version 0.0. retrieved from http://www.wiley.com/WileyCDA/WileyTitle/produ ctCd-0471487155.html Fogel, D. B. 1998 Evolutionary Computation. The Fossil Record, IEEE Press, New York. Franz Rothlauf 2006. Representations for Genetic and Evolutionary Algorithms, Second Edition, Springer, USA

80

1st International Conference on Applied Information Technology 7-9 October, 2015

DEVELOPMENT OF AN AGENT AND WEB-BASED MODELS FOR CAMPUS EMERGENCY COMMUNICATION 1

O. B. Alaba, 2G. A. Ayeni, 3O. A. Ojesanmi and 4J. Soyemi

1

Department of Computer Science, Tai Solarin University of Education, Ijagun, Ogun State, Nigeria. 2&4 Department of Computer Science, The Federal Polytechnic, Ilaro, Ogun State, Nigeria. 3 Department of Computer Science, Federal University of Agriculture, Abeokuta, Ogun State, Nigeria. 1

[email protected],[email protected], [email protected] and [email protected]

Abstract: Campus is a large-scale environment which embodied the main buildings of a university or other higher institutions of learning with residential programmes and academic activities. Every campus should be properly secured to protect lives and properties through instant response to criminal or violence perpetration and natural disasters. Recently, agent-based systems and/or web-based systems are often integrated as automaton mechanism in the design and implementation of campus security and emergency communication systems. In this paper, we present a conceptual explorations of agent-based system and web-based system for securing, monitoring and to alert people in an institution whenever a danger or disastrous incidence is perceived from strategic places and critical locations on campus using functional models in harnessing the communication lapses for safety on our campuses. Keywords: Agent, Campus, Communication, Emergency, Security Systems, Web emergency could also result in shutting down of business, disruption of operations, and physical destruction in public places or environmental damages such as fire explosion, flood, hurricane and earthquake. In university, polytechnic and colleges of education campuses where critical positions and buildings such as administrative blocks, faculties, departments, laboratories, lecture theatres, health centres, staff quarters, cafeteria, students‟ hall of residence, library and learning infrastructure are located; security control and monitoring are germane to planning, awareness and quick response to hazardous incidences in academic community. This research explores ubiquitous technologies or solutions provided through intelligent information systems, and also depict their conceptual comparativeness through model which determines the preference for suitability, adequacy, efficiency, usability, rationality and functionality to support campus security and emergency notification. In developing countries, information dispersal on emergency and hazardous events is quite poor, thereby causing untimely deaths, destruction of structures and basic infrastructures. Inability to discover, respond and intensify recovery efforts during violence, riot, attack, abduction, massacre, robbery, fire explosion; and to prepare adequately with possible restoration from natural disasters on our campuses are attributed to the inept and inconsistency of communication channels. Hence, the need for a conceptual comparative of sustainable framework and solutions in harnessing the communication lapses for safety.

INTRODUCTION The need for effective communication in any society can not be overemphasized, particularly in the twenty-first (21st) century where the whole world had transformed to a global village. Communication is an act, a process or means of interaction among people living in a geographical area at a particular period of time. Communication can take two major forms which are verbal and non verbal; verbal form of communication is an oral pattern of dispersing information, exchanging ideas and pleasantries such as speech making, telephone conversation, public speaking, group deliberation and so on. On the other hand, non verbal communication is usually created with ink, written or printed as the mode of discourse attributed to formal settings. Modern methods of communication evolve around multimedia and/or mass media. Mass media is concerned with the dissemination of information and crucial message to the people residing in a community, city or society at large. Alese, Thompson, Iwasokun & Omoniyi (2013, p. 2) „interpersonal communication is the communication where two or more people transactional influence one another, or have a mutual and simultaneous effect on one another‟. In emergency situation, communication plays a vital role in averting danger and disastrous incidences that could cause loss of lives, and as well as properties and community damages. Emergency communication is the exchange of information on emergency related events such as fire outbreak, arm robbery, violence or accident which may require medical need for ambulance (Nada, Myung, Gaynor & Moulton, 2005). An emergency springs-up unplanned event that can cause death or significant injuries to employees and employer in an organization or customers in public places (Garda, 2010; Nada, Myung, Gaynor & Moulton, 2005). Alese, Thompson, Iwasokun & Omoniyi (2013)

RELATED WORKS Most organizations and institutions containing critical locations need to be secured and monitored continuously for safety and preventive measures (Alkhateeb, Al-fakhry, Maghayreh, Aljawayr & Al-

81

1st International Conference on Applied Information Technology 7-9 October, 2015 taani, 2010). Securing a campus to forestall any stampede and prepares for unforeseen circumstances may not be adequately achieved by security guards alone. Chakraborty (2010); Rovatsos (2015) opined that security agents ensure the safety of lives and properties in the campus; having stationed them in strategic places to watch over the main gates, inner offices and critical infrastructures. Preventive measures could help to avert dangers and to manage emergency that unavoidably emanates. Alkhateeb, Al-fakhry, Maghayreh, Aljawayr & Al-taani (2010) argued that traditional campus security can only be monitored by a person on fly, foot or vehicle; whereas an attacker may be dressed as a security personnel or officer on patrol to avoid being suspected. At about a decade back, the efficacy and reliability of campus security system was quite questioning, when one experiences a situation where terrorist wore a mask to disguise and eventually launched an attack that caused serious atrocities on campus (Nada, Myung, Gaynor & Moulton, 2005). Often times, inadequate communication contributes to the intensity of common emergencies like fire outbreak, motor accidents, bank robberies and natural hazard (Amarande, 2007). Lack of sensitisation and ineffective communication channel are the broken links between emergency victims and the rescuers. Emergency services provider must be contacted in timely manner in order to put a disastrous incidence under control. Alese, Thompson, Iwasokun & Omoniyi (2013) presented a web enabled emergency communication system; it is an internet-based solution to emergency management in tertiary institutions. It addressed a communication and interoperability problem through information exchange via browser supported mobile devices among staff/student, resident/internal security officers and external security/emergency agency with accessibility and availability considerations. Garda (2010); Nada, Myung, Gaynor & Moulton (2005) emergency response and recovery may require multiorganizational efforts involving government, volunteer and media organizations. Voice over Internet Protocol (VoIP) also allows an institution to integrate phone service into its emergency notification plan, along with other network resources such as e-mail, text messaging, networked signs, and alarms. In addition, cell networks are often overloaded in emergency situations, and a VoIP phone system provides an institution with additional

capacity to make and receive calls even if cell service is disrupted. In these ways, the institution can effectively communicate with constituents in the event of an emergency (Amarande, 2007). Alkhateeb, Al-fakhry, Maghayreh, Aljawayr & Altaani (2010) multi-agents based system for securing university campus was built using intelligent agents and wireless sensor network. It detects security attack and any hazardous incidence through environmental monitoring across faculties and residential buildings using physical conditions such as motion, temperature, vibration, sound, pressure and smoke at different locations, in order to alert the nearest and available security guard to the scene of incidence. Wireless Sensor Network (WSN) is a wireless network consisting of spatially distributed autonomous devices that jointly monitor environmental conditions using sensor (Arango, Dugan, Elliot, Huitema & Pckett, 2008). An agent-based system implemented by (Rovatsos, 2015), is a location-aware, automated ubiquitous commerce using mobile agent interaction facilitated by wireless radio transmission medium. Amarande (2007) networked micro-sensors are deployed in natural space to enable long-term data collection at scales and resolutions that are difficult. The relevance and adequacy of agent-based architecture in (Chakraborty, 2010), wireless sensor network also has a significant application in commercial lighting control, which can benefit directly from artificial intelligence techniques. “This application requires decision making in the face of uncertainty, with needs for system self-configuration and learning”. Securities systems are commonly equipped with distributed sensors and are used to retrieve incidence notification; it communicates with emergency dispatchers which assist in determining the appropriate emergency personnel (Nada, Myung, Gaynor & Moulton, 2005). Frameworks provided for emergency response and recovery in (Arango, Dugan, Elliot, Huitema & Pckett, 2008; Amarande, 2007; Garda, 2010) delivers safety, security and information services using wireless technology and Global Positioning System (GPS) satellite network. It helps in stolen vehicle location assistance, emergency services, roadside assistance with location, automatic airbag deployment and remote door unlock. However, existing systems for campus security and emergency have limited usage and high cost of installation and maintenance thereby requiring conceptual exploration of selected systems.

CONCEPTUAL FRAMEWORK Agent-Based Systems Agent-based system is a technological artefact resulting from computer science research and artificial intelligence techniques. An intelligent agent perceives its environment and takes some actions that maximize its chances of success using rules based on reasoning and past experience. Chakraborty (2010) described intelligence as the computational part of the ability to achieve goals. It relate to tasks or behaviours involving higher mental processes such

as perceiving, thinking, reasoning, learning, knowledge, creativity and communication. An agent is anything that can perceive its environment through sensors and act upon that environment through its effectors (Rovatsos, 2015). Agent-based system is a computer system that is positioned in some environments with autonomy to meet its design objective. An agent is only autonomous and rational if it does not depend on the prior knowledge of its designer, but could adjust its behaviours by experience and percept sequence that

82

1st International Conference on Applied Information Technology 7-9 October, 2015 makes it to be successful. Thus, agent-based architecture is synonymous to heuristic system or intelligent agent system. In system engineering, preexecution review in software design ensures that functional requirements are met according to the methods, tools, techniques, approaches, methodologies, processes, standards and quality assurance implored during software project. Sometimes, operating environment of an agent may not be the real world because it could be programmed to simulate a natural incidence, though

in artificial and complex environment. This type of agent is called software agent. Software agents are developed as the solutions in task environments where problems exist. The practical application of agents‟ technology is found in distributed systems, personal software assistants, process aware systems, electronic commerce, virtual environments, security or safety systems and accident reporting systems. The proposed structure of an agent and autonomous entity is shown in figure 1.

Percept Sequence…

Perceive

Act

AGENT Environment Fig. 1 Generic Architecture for Autonomous Agent Multi-agent systems can be used to solve problems which are difficult for an individual agent to solve. Alkhateeb, Al-fakhry, Maghapreh, Aljawayr & Altaani (2010 In web development, internet application has real-time functionality for computation and information processing on web platform. The design of a web enabled or web based information processing system usually adopts a three-tier architecture involving web server, database server and the client. Web server is the domain name server/system (DNS) that hosted the web directory; it is an identity of the computer that accommodates the website or portal URL on the international network called INTERNET. URL means Uniform Resource Locator simply referred to as the address to a web page directory or website address. Network Operating System (NOS) like Microsoft Windows Server is a control program required on the server, also uses any of Apache, XAMPP, WAMP, IIS to transverse data and information. Database Management System (DBMS) like MySQL, SQL Server, Microsoft Access or Oracle is conveyed on Database server as software component at the backend where information relating to system context is stored and retrieved at both client and server sides. In the architecture, web browsers like Firefox, Opera, Chrome or Explorer operates as the user software or functional component of the client which forms the interface between web user and the server. Ekpenyonga & Chinyio (2013) emphasized the major

tasks of a web browser in converting the web addresses or URLs to Hyper Text Transfer Protocol (HTTP) requests. Like a stand-alone system or every other software development project, the quality of a web software or web-based system can be measured at every phase of development life cycle. Productivity of software is partially determined by factors like tools, methods, project speed and so on (Ekpenyonga & Chinyio, 2013). Nowadays, technology driven approaches and cross platform compatible tools like HTML5, CSS3, JavaScript/VBScript, Jquery, PHP, Dream weaver, Adobe CS6 suite, Macromedia Flash are all attributed to web authoring practice. The complexity of a software product or web application could effectively predict its maintainability especially in distributed systems. Thus, flexibility is of concern when designing a web-based system. (Ekpenyonga & Chinyio, 2013) recommended careful considerations of design and choice which is understandable to the involved parties, when communicated by the key actors in web development project. FUNCTIONAL MODELS In this paper, use-cases model was proposed for functional comparison of agent-based system and web-based system using Unified Modelling Language (UML). UML was used to describe the functional behaviour and scenarios of the selected systems which extend relationship in use-cases. Use-

83

1st International Conference on Applied Information Technology 7-9 October, 2015 cases model describes functionality of the system from users‟ point of view. The proposed use-cases model of agent-based system and web-based system are depicted in figure 2 and and figure 3 respectively. ) multi agent system (MAS) is a system composed of multiple interacting intelligent agents. These agents interact with one another representing terminal users or components with different goals in multi-agent systems (Rovatsos, 2015). Nada, Myung, Gaynor, Moulton (2005) agents manage and maintain a context that constitutes mobile users, and then seeks

to adapt and personalize content based upon perceived individual user needs. Context-aware services provide quick information that characterizes the state of an entity such as a person, building, infrastructure, location and so on. Agent-based system is quite open and extensive for deploying autonomous and proactive software and/or hardware components. Web-Based Systems

«extends» Display Map on PDAs Detect Attacks / Incidence

Confirm Proximity to Alert Zone

Security Guard

Determine the Sensor & Location

«subsystem» Directory Facilitator Interfacing Agents «extends»

«extends» Check Alarm Logs

Respond with Actions Send System Signal

Emergency Personnel

Figure 2: Proposed use-cases model of agent-based system

84

1st International Conference on Applied Information Technology 7-9 October, 2015

«extends» Witness Incidence «extends» External Agency -End1 Report Emergency

Eye Witness

1 End2 End1

-End2 Respond to Request *

«extends» Contact Agency «extends»

Send Request

System Admin... Security Officer

Figure. 3 Proposed use-cases model of web-based system The environments are not fixed neither do the constituents or habitants of any environment static. Agent-based system can responds quickly to current circumstance due to autonomy. Sensors and effectors forms the perceptive and reactive components in agent-based system. Therefore, lack of fault tolerance would result in delay or inability to exert the expected actions in emergency situations

DISCUSSION Autonomy and rationality of web-based system is rarely determined as judged by comparative parameter; other issues emanating from web platform is the usability and design principles. Web development is a practice of designing for the unknown, in terms of users, device, platform, configuration, browser and so on. Web system could not be independently operational because it relies on the signal prompt by an eye witness when emergency situation or security attack arises. In addition, lack of training and funds may impede its success; if the security /emergency personnel are not ICT compliant in using the modern technology and gadgets which provide multimedia features and web/mobile browsers that can connect the internet application in order to report an incidence for quick response. Nonetheless, its suitability and interoperability are worthy of consideration; Amarande (2007) also proved the efficacy of Internet Protocol Telephony to incorporate voice and video data with traffic intensity in web/internet enabled system for emergency notification via calls, SMS, emails. Though, an agent may not completely control its environment but, it influences a control measure when abrupt changes and unplanned events arise.

CONCLUSION The engineering approach to the development of intelligent information systems particularly in multiagents perspective for distributed systems that operates independently and cooperatively with one another to achieve their design objectives had replaced control with communication. Rovatsos (2015) also agreed that individual agents are capable of autonomous action because they don‟t need to be told exactly what to do before they exhibit intelligence. Meanwhile, pervasive issues emanating from the design process of agent-based or multiagents system generates questions like how should agents act and interact to carry out tasks; what language should agents used to exchange information; how should agents coordinate the activities of autonomous components from the users.

85

1st International Conference on Applied Information Technology 7-9 October, 2015 Hence, an integration of both systems regarded as „trade-off‟ would enhance the reactivity, efficiency and rationality of intelligent information system for security and emergency communication on campus. In view of the proposed Agent and Web-based Models for Campus Emergency Communication, we hope to design a simulation program possibly with real wireless sensors to experiment with the models in distributed environment. Quantitative data would be collected from the experiment through Participant Observation and Thurston Rating scale; thus, qualitative analysis of the observed phenomenon and data would be used to verify the performance and functional comparison of these models. This study is a research in progress; we also plan to incorporate digital video cameras in future design to enhance campus emergency communication system, so as to use image processing techniques to extract security attacks features in visual pattern. REFERENCES Alese, B.K; Thompson, F.B; Iwasokun, G.B; Omoniyi, V.I. 2013. Web Enabled Campus Emergency Communication System. Book of Proceedings of the iSTEAMS Research Nexus International conference. Vol. 4, Pp 197-210. Alkhateeb, F.; Al-fakhry, Z.A; Maghayreh, E.A; Aljawavr, S.; Al-taani, A.T. 2010. A Multi-AgentBased System for Securing University Campus. International Journal of Research and Applied Studies; Vol. 2, No. 3, Pp 223-231. Arango, M.; Dugan, A.; Elliot, I.; Huitema, C.; Pickett, S. 2008. “Media Gateway Control”, San Fransisco; Dutch Incorporation. Amarande, S.M. 2007. Voice over Internet Protocol Security: A Layered Approach. Las Vegas; Brangluse Printing. Chakraborty, R.C. 2010. Introducing Artificial Intelligence. Viewed in URL on 26/12/2010 at 5pm. Ekpenyonga, F.E; Chinyio, D.T. 2013. Web Designers‟ Guide on Development Technologies: An Evaluation Approach. African Journal of Computing & ICTs (IEEE sect). Vol. 6, No. 1, Pp 165-172. Garda, A.S. 2010. A Framework for Major Emergency Management. Retrieved from URL on 21/10/2010 at 11am. Nada, H.; Myung, D.; Gaynor, M.; Moulton, S. 2005. A Sensor-based, Web service-enabled, Emergency Medical Response System, Book of Proceedings of EESR: Workshop on End-to-End, Sense-and-Respond Systems, Applications and Services. Vol. 2, Pp 85-98. Rovatsos, M. 2015. Agent-Based Systems: New Challenges for Computer Systems. Book of Readings on Informatics; published by the University of Edinburgh. Vol. 4, No. 2, Pp 1-20.

86

1st International Conference on Applied Information Technology 7-9 October, 2015

VARIABILITY OF SURFACE DUCT IN ABIDJAN-IVORY COAST TROPOSPHERE USING ADVANCED REFRACTIVE EFFECTS PREDICTION SYSTEM (AREPS) 1 1, 2

Ikharo A. B., 2Okereke U. O. 3Jiya J. D.

Dept. of Computer and Communication Engineering, Abubakar Tafawa Balewa University, Bauchi, Nigeria. 3 Dept. of Mechatronic Engineering, Abubakar Tafawa Balewa University, Bauchi, Nigeria. [email protected], [email protected] and [email protected]

Abstract: Most Radio communication networks located in coastal areas are potentially prone to anomalous propagation as radio signals very often experience outages and distortions, thereby causing some grave consequences on their dependant network supports. This is partly attributed to ducting phenomenon - a worst case of anomalous propagation in radio communications. In this work, AREPS is employed to characterize the tropospheric condition of Abidjan troposphere over which radio signals propagate. The results showed that in Abidjan, the altitude where pronounced ducting phenomenon occurs majorly is within the first 300m above sea level. More so, there is the presence of an increasing order of variability and well-formed duct layers. The mean thickness of the layer over which ducting conditions occurred is usually very small for near surface events and large for the upper tropospheric events. Duct occurrence tends to be less as the atmosphere becomes thicker and higher. Radio signals will be more and severely affected at the lower troposphere than at higher layer. Duct presence is throughout the year and conspicuously varied all year round. Key words: Refractivity, Radio Signals, Anomalous Propagation, Tropospheric layer, AREPS, Variability and November and only 20 – 30% of time for December and January. Strong Subrefractive condition with corresponding increase transmission loss occurs for more than 2 % of time in this region. Lenouo (2012) determined the AP days at the coastal site of Douala in Cameroun and observed that the surface ducts occur less frequently in the dry season over the Gulf of Guinea. However, Douala location is not sufficient to generalize the AP of the entire Gulf of Guinea region. Kaissassou et al (2014) found that most duct occurrences are in the night, morning (0000, 0600 UTC) and late afternoon (1800 UTC) respectively in the West Africa region. Abidjan lies on the south-east coast of the country Cote D’Voire, in the Gulf of Guinea and is located at 5° 25′ N, 4° 2′ W, and 26 feet (8 meters) above sea level. Three seasons - warm and dry (November to March), hot and dry (March to May), hot and wet (June to October) are concurrent. The city has a tropical monsoon climate with a long rainy season from May through July; a short rainy season (September–November) and two dry seasons, though rain is seen even during these dry seasons (Mongabe, 2011; Wikitravelpedia, 2011). The climate of Abidjan is constantly changing and does not dependent on the climate of other locations in Cote d’Ivoire. This is the reason that meteorological observation must be carefully carried out at points widely separated in the vertical direction over a long period of time. This work is aimed at characterize the variability of Abidjan troposphere and their potential effects on communication networks that is in use or to be developed and deployed. Because of the reliability communication signals are for human use, the need to have precise assessment of the variability of propagation environment in particular, Abidjan,

INTRODUCTION It is a well-known fact that meteorological conditions affect radio waves that propagate through the atmosphere. The meteorological conditions are the temperature, pressure and humidity of the atmosphere that vary chaotically and affect radio communication signals in the atmosphere. These chaotic variations cause anomalous propagation (AP) which is the outcome of the tropospheric behaviour that consequentially causes variations in the refractive index (Žilinskas et al., 2011). In the worst case of AP, known as ducting, radio waves are trapped and may travel within duct layers just like in a waveguide. In extreme cases, this effect may extend (Bech, 1998, 2000) or shorten the horizon even beyond its range. Vertical gradients of refractivity are traditionally used to classify meteorological AP. Ducts exist whenever the vertical refractivity gradient at a given height and location is less than –157 N/km. The atmospheric zone in which such refractive conditions exist is called a ducting layer. The presence of tropospheric ducts leads to various effects on the radio-wave propagation, such as trapping, deep slow fading, strong signal enhancement and multipath fading (Isaakidis, et al. 2007). Ducts provide a mechanism for high frequencies to propagate far beyond their normal line-of-sight range, giving rise to potential interference with other services (Recommendation; International Telecommunication Union ITU-R P.453). Coastal areas of the world are well known to be “rich” in super-refractive layers and the ducts that is formed affect microwave propagation (Sirkova and Mikhalev, 2003). It has been reported in literature that on the Gulf Coast of West Africa, ducting condition occurs for about 50% of time in February

1

1st International Conference on Applied Information Technology 7-9 October, 2015 allows for these effects to be mitigated and resources deployed to their best effect. In Abidjan, communication systems designed without accounting for ducting phenomenon could potentially suffer interference and frequent signal fades.

profiles, and propagation condition summaries based on model calculations. It was fed with preloaded environmental variables which are the raw radiosonde data of temperature, pressure and humidity of the atmosphere obtained from 65578 DIAP Abidjan observation station at 12Z. These meteorological data were inputted into AREPS and simulated to obtain results which were succinctly discussed in the next section. In this work, each year is divided along quarterly symmetry in order to aid discussion and comprehension. For the purpose of discussion, the base of the lower troposphere (surface layer) is considered as between the station level (8m) and a vertical height of 300m. The upper troposphere is considered as between vertical height of 300m and 1000m above sea level. AREPS program computes and display a number of tactical decision aids. This decision aid is displayed as a function of height. All calculations depend on atmospheric refractivity data obtained from radiosondes. Table I clearly specify Abidjan station and the years considered for the study.

MATERIALS AND METHODS As anomalous propagation (anaprop) is due to relatively small variations of the air refractive index n, the magnitude known as refractivity N, defined as one millionth of n - 1, is commonly used in anaprop studies. Bech et al. (2002) had shown from the works of Bean and Dutton (1968) that N can be written as:

N  (n  1) 

77.6  4810e  p  ….(1) T  T 

where T is the air temperature (K), p atmospheric pressure (hPa) and e is the water vapour pressure (hPa). A related magnitude is the modified refractivity M, which is defined as:

M N

z 10 6 r

…………………..(2)

where z is the altitude and r is the radius of the Earth in metres. A negative gradient of M is considered useful indicator as to the occurrence of ducting (Falodun et. al., 2000). The gradient of the modified refractivity gradient determines the refraction type, while tropospheric ducting phenomena occur when the following conditions is met (Isaakidis et al., 2007):

Table 1: Abidjan Station, Years and Months considered Abidjan Station Month Year 2000 January – December 2001 January, February, March, April, May and June 2008 January – December, except April January – December 2009

dM dN  0, or  157 .… (3) dh dh Radio Duct Properties and Radiosonde Data Radio duct properties are important factors in estimating multipath parameters necessary for radio system design (Sasaki and Akiyama, 1982). These properties are defined by the following parameters; duct height H, duct layer thickness H , duct intensity M and negative gradient of refractive modulus in the inversion layer. Radiosonde data of 64910 FKKD Douala observation station at 12Z obtained from the University of Wyoming, College of Engineering, Department of Atmospheric Science USA was used. The datasets cover the period as indicated in table 1 and the radiosonde parameters considered were the temperature, relative humidity, pressure and height. Analysed meteorological data spanned a maximum height of 1000m (1 km) above the ground because radio duct that trap VHF/UHF radio signal are mainly formed in the lower troposphere (Dedryvere, et al., 1999). Advanced Refractive Effects Prediction System (AREPS) AREPS has been employed to study the effects of radio ducting in Abidjan troposphere. AREPS is a Graphics User Interface (GUI), that incorporates environmental and communications system input with the Advanced Propagation Model (APM). The output is two-dimensional views of vertical M-

RESULTS Abidjan Scenario From the results shown by the various figures (displayed in the next section), it is found that for Abidjan troposphere, duct occurrence varies during these years that were studied. Considering the fact that Abidjan station is 8m above sea level, this level is used as the elevation datum. The present study encompassed 41 months with 122 days consideration of year 2000, 2001, 2008 and 2009 respectively. A total of 122 profiles were plotted out of which 103 showed ducting phenomena. This is 84.43% of the total consideration. DISCUSSIONS Thickness of Ducting Layer Radio duct occurrence is defined as the existence of negative gradient layer in the vertical refractive index structure (Sasaki et. al, 1982). The mean thickness over which ducting conditions occurred for the total event for Abidjan is 51.73m. For near the surface events (lower troposphere), the mean thickness is 40.02m, this accounts for 63.7% of duct occurrences. This shows that duct occurrence at the surface layer is large in number and thin in thickness. Events at higher altitude show a mean thickness of 110.83m and this as well accounted for 36.3% of total

88

1st International Conference on Applied Information Technology 7-9 October, 2015 occurrence. This shows that duct occurrence at the upper layer is small in number, thicker and elongated. Implication of these attributes is that duct occurrence for lower troposphere is more in number than that for upper layer and that the relationship between duct occurrence and height or thickness of radio duct is that duct occurrence probability tends to be less as the atmosphere becomes thicker and higher. The altitude where ducting phenomena occurred majorly is within the first 300m of atmosphere above sea level. Previous studies by Faloduna and Kolawole (2000) and Von-Engeln et al. (2002) had shown that ground-based temperature inversions associated with large humidity lapse rate result in the formation of ducting layers. However, the formation of ducting layers in Abidjan is primarily caused by high water vapour content present in the atmosphere because of the stronger influence it exerts on the refractivity than does the temperature gradient. A glance at table II shows that the 1st Quarter (Qtr) in year 2008 and 2009 has the highest percentage duct thickness. The 4th quarter of year 2000 and the 2nd quarter of year 2001 have highest percentile values for their year running. The duct thickness in the 3 rd quarter is generally low for all the period considered.

We could observe that duct presence is throughout the year and duct thickness is conspicuously varied in each quarter. This is in conformity with the findings of Von-Engeln et al. (2002).

Variability of Ducting Levels Variability of the ducting layer is investigated by analysing the plots of figures 5 and 6 respectively. Fig 5 shows the mean strength (intensity) of duct variableness as consistently widespread over the entire troposphere. The distribution of duct intensity with respect to the refractivity gradient has clearly shown the presence of multipath propagation and radio range extensions which conspicuously prevailed in Abidjan atmosphere and this is further elucidated in figure 6. Figure. 6 shows that the layer thickness tends to be directly proportional to the negative refractive gradient of Abidjan troposphere. That is, a decrease in duct layer thickness corresponds to a decrease in negative refractive gradient and vice versa. More so, the figure shows a concentration of duct thickness (between 8 and 60m) at the base of the troposphere with higher values of refractive gradient (between – 2.0 and 0 MUm-1). By their concentrations and coverage, duct thicknesses at Abidjan lower troposphere are slightly variable. Near surface events show the lowest gradients. Thick and elongated duct layers at higher altitude of Abidjan troposphere are concentrated at 0 MUm-1 value of the refractive gradient with weak and lesser variability.

over a vertical height of 426.03m to 729.4m which trapped communication signals causing it to have an extended coverage. Day 15 experienced a thin layer of ducting and trapping phenomenon between 594m and 603m height. Day 30 manifested surface ducting at the base of the troposphere. In Figure. 10, 5th of December 2000 exhibited two inone ducting phenomenon, which is, a surface duct and a surface-based duct as shown in figure 12. We could see that two trapping layers were formed and in between these layers is sub refraction condition with its dominance over the remaining part of the first 1 km troposphere. At higher altitudes we have normal and then super refractive layers. The 12 th day has surface duct and elevated duct characteristics while the 24th day had only the surface duct phenomenon. In Figure 11, surface duct and surface based duct were features of the month of January 2001 with the surface duct virtually present in the three days profile. Extended ranges for all transmitters or Aircraft (i.e. unmanned plane or drones) communication signals is experienced from surface to 96 m and between 892 to 937 m for 12 th January and from surface to 105 m and between 715 to 955 m for 25th January. In Figure. 12, surface duct is absolutely absent but exhibited elevated duct condition. Surface duct is experienced on the 19th day while none was present on the 30th day. In Figure. 13, surface duct is present at the base of the lower troposphere for 1st and 27th days of the month. In the case of 17th day, surface duct, surface-base duct and elevated duct are present, showing the presence of multiple duct phenomena.

Table 2: Percentage Distributions of Duct Thickness 2000 2001 2008 2009 1st Qtr 5.2 11.3 11.9 10.6 2nd Qtr 6.9 12.5 5.9 6.2 3rd Qtr 4.7 -* 5.1 3.2 4th Qtr 7.5 -* 3.6 5.4 -* Data not available Duct occurring at altitudes between 8m and 300m of the Abidjan atmosphere can therefore be said to severely affect the propagation of radio communication signals than at higher altitude. Moreover, looking through figures 1, 2, 3 and 4, the 1st quarter has 7 duct occurrences in year 2000, 10 in year 2001 and 2008, and 12 in year 2009. The 2 nd quarter has 9 duct occurrences in year 2000 and 2009, 11 in 2001 and 4 in 2008. The 3 rd Quarter has 7 duct occurrences in year 2000, 9 in 2008 and 6 in 2009. The 4th Quarter has 11 duct occurrences in 2000, 6 in 2008 and 8 in 2009 respectively.

Figure. 7 shows the strength of duct thickness as evidently strong within the values of 0 – 40 MU respectively. Whereas, the STD values for the mean duct thickness are majorly low (between 0.2 and 1.2) as shown in Figure. 8. Further analysis shows that more ducts are actually at the lower tropospheric region as shown in figures 9 13. In the month of April 2000 (Figure. 9), the first day exhibited a wide span of ducting phenomenon

89

1st International Conference on Applied Information Technology 7-9 October, 2015

300

Abidjan 2008

140

1st Qtr 2nd Qtr 3rd Qtr 4th Qtr

200

120

Duct Thickness (m)

Duct Thickness (m)

1st Qtr 2nd Qtr 3rd Qtr 4th Qtr

Abidjan 2000

250

150

100

100

80

60

40

50 20

0 1

2

3

4

5

6

7

8

9

10

0 1

No of Ducts

2

3

4

5

6

7

8

9

10

11

No of Ducts

Fig 3: Duct thickness versus number of duct

Fig 1: Duct thickness versus number of duct

160

Abidjan 2009

250

1st Qtr 2nd Qtr 3rd Qtr 4th Qtr

140

Abidjan 2001 200

100

Duct Thickness (m)

Duct Thickness (m)

120

80 60 40

1st Qtr 2nd Qtr

150

100

50

20 0 1

2

3

4

5

6

7

8

9

10

11

0

12

1

2

3

4

5

No of Ducts

6

7

8

9

10

11

No of Ducts

Fig 2: Duct thickness versus number of duct

Fig 4: Duct thickness versus number of duct Mean Duct Intensity (MU) 5.00 0.00

8.00

11.00

14.00

17.00

20.00

23.00

26.00

29.00

32.00

120

35.00

Abidjan

Duct Intensity (MU)

Abidjan -0.40

-0.60

80

60

40

-0.80 20

-1.00 0 0

50

100

150

200

250

300

350

Duct Thickness (m)

-1.20

Fig 5: Mean refractivity gradient for all

Fig 7: Relationship between duct layer thickness and duct intensity

350

100.0

Abidjan

90.0

300

Abidjan

200

150

100

Mean Duct Thickness (m)

80.0

250 Duct Thickness (m)

-1

Mean Refractive Gradient (Mum )

100

-0.20

70.0 60.0 50.0 40.0 30.0 20.0

50

0 -12.0

-10.0

-8.0

-6.0

-4.0

-2.0

0.0

10.0 0.0 0.0

0.5

Fig 6: Refractivity gradient found for all duct height as affected in Abidjan

1.0

1.5

2.0

2.5

3.0

3.5

4.0

Std Dev. of Refractive Gradient (MUm-1)

Gradient of Refractivie (MUm-1)

Fig 8: Standard Deviation of Refractive Gradient and Mean duct thickness

90

1st International Conference on Applied Information Technology 7-9 October, 2015

CONCLUSION (2010) had stated in their work that consideration of refractive properties of the lower troposphere is important when planning and designing terrestrial communication systems mainly because of multipath fading and interference due to trans-horizon propagation.

We have explicitly looked into the meteorological condition of the troposphere of Abidjan over which radio communication signals propagate and have been able to establish a correlation between radio duct occurrence in the tropospheric layers and refractivity gradient variation. In Abidjan, the altitude where pronounced ducting phenomena occur majorly is within the first 300m of atmosphere above sea level. This study reveals that ducting phenomenon is a continuous occurrence and governed by the meteorological patterns of the troposphere which are evident on the Abidjan troposphere. Duct occurrence varies during the year as seen in the results; this is in conformity with the works of Sasaki and Akiyama (1982) and Lenouo (2012). This also confirms what Agunlejika and Raji

ACKNOWLEDGEMENT The authors are very grateful to the University of Wyoming, College of Engineering, Department of Atmospheric Science USA for providing free radiosonde data from their online upper air climatology site.

91

1st International Conference on Applied Information Technology 7-9 October, 2015 Nigeria. Nigeria journal of pure and applied physics. 1: Pp. 5 – 10. Isaakidis, S.A., Dimou, I.N., Xenod, T.D. and Dris, N.A. 2007. An artificial neural network predictor for tropospheric surface duct phenomena. Nonlinear processes in geophysics. 14: Pp. 569-573. Recommendation International Telecommunication Union (ITU-R P.453). The radio refractive index: Its formula and refractivity data. (Question ITU-R 201/3). Geneva. Kaissassou, S., Lenouo, A., Tchawoua, C., Lopez, P and Gaye, A. T. 2014. Climatology of radar anomalous propagation over West Africa. ERAD 2014 - The eighth European conference on radar in meteorology and Ydrology. Lenouo, A. 2012. Climatology of anomalous propagation radar over Douala, Cameroon. Presented at the 4th AMMA international conference. Held on the 2nd – 6th July, Toulouse, France. Mongabe 2011. http://www.mongabay. com/reference/country_studies/ivory-coast/ geography.htm Sasaki, O. and Akiyama, T. 1982. Studies on radio duct occurrence and properties. IEEE transanction on antennas and propagation, AP-30 (5): Pp. 853 – 858. Sirkova, I. and Mikhalev, M. 2003. Influence of tropospheric duct parameters changes on microwave path loss. Microwave review. Pp. 43-46. Von-Engeln, A., Nedoluha, G. and Teixeira, J. 2002. An analysis of the frequency and distribution of ducting events in simulated radio occultation measurements based on ECMWF Fields. A paper submitted to the Journal of geophysics research (JGR-A). Wikitravelpedia. 2011. http://www.wikit ravelpedia.com/IVORY_COAST.html

REFERENCES Agunlejika, O. and Raji, T. I. 2010. Emperical Evaluation of Wet-Term of Refractivity in Nigeria. International Journal of Engineering and Applied Sciences (IJEAS). 2 (20): Pp. 63 – 68. Bean, B. R. and Dutton, E. J. 1968. Radio Meteorology. In: Statistical analysis and modelling of weather radar beam propagation conditions in the Po Valley (Italy). Fornasiero, A., Alberoni, P. P and Bech, J. Natural Hazards Earth System Science, 6: Pp. 303–314, Bech, J., Bebbington, D., Codina, B., Sairouni, A. and Lorente, J. 1998. Evaluation of atmospheric anomalous propagation conditions: An application for weather radars. Part of the EUROPTO conference on remote sensing for agriculture, ecosystems, and hydrology Barcelona, Spain SPIE 3499: 0277786X. Bech J., Sairouni A., Codina B., Lorente J. and Bebbington D. 2000. Weather radar anaprop Conditions at a Mediterranean coastal site. Phys. chem. earth (B). 25(10-12): Pp. 829-832. Bech J., Cordina B., Lorente J. and Bebbington D. 2002. Seasonal variations of radar anomalous propagation conditions in a coastal area. URSI comission-F open symposium on radiowave propagation and remote sensing, Institut für Hochfrequenztechnik, Deutsches Zentrum für Luftund Raumfahrt, D-82234, Wessling, Germany. Dedryvere, A., Roturier, B, and Chateau, B. 1999. Anomalous propagation (ducting) effects in aeronautical VHF band. Aeronautical mobile communications panel (AMCP/ WG-D/ /WP7) Working group D Honolulu, HAWAII. Falodun E.S. and Kolawole B. L. 2000. Studies of Super-refractivity and ducting of radio waves in Žilinskas, M., Tamošiunas, S., Tamošiunaite, M. and Tamošiuniene, M. 2011. Yearly, seasonal and daily variations of radio refractivity. ACTA Physica Polonica A. 119 (4): Pp. 533 – 536.

92

1st International Conference on Applied Information Technology 7-9 October, 2015

SIMILARITY MEASURE ON E-ASSESMENT H. Raji-Lawal, A. T. Akinwale and O. Folorunso Computer Science Department, Federal University of Agriculture Abeokuta, Ogun State, Nigeria. Abstract: E-assessment a branch of e-learning has been applied to computer-based test in all subjects. It is done electronically which relieves the examiner from the stress of marking. The system has been criticized by many examiners, due to student’s inability to express themselves very well. They pick answers at times by gambling. Subjective examination which is contrary to computer-based test is being examined in this paper, by using existing similarity measures. Three samples of subjective approach to questions and answers were considered. They are match, mismatch and spelling error of answers of the students and tutors. The essence is to give fair judgment to students who make minor spelling error based on omission, transposition and substitution of letters during subjective examination. Keywords: Similarity measure, subjective examination, e-learning, mismatch letter. improving naïve string matching which was used in information retrieval and bibliographic search.

INTRODUCTION The issue of problem solving is all encompassing in various fields and aspects of life. It is one of the most significant means of measuring individual’s capability mentally. Broadly speaking problem solving had been widely adopted, but the method of adoptions varies. Initially, problem solving had been based on paper work, i.e testing candidates manually and also evaluating their performance manually. However, according to philosophical literature, during Hellenic time, similarity means fidelity of property conservation between an object and its reference. Also according to the Platonist, it is defined as sharing of features of ideal objects. As the trend of information technology threw substantial light on the world of learning, the problem solving aspect of learning is not left out. The technology of solving problems through an electronic means was embraced, and evaluation of solved problems through an electronic means is not exempted. The research is focused on subjective examination, where answers supplied by the student could be fairly evaluated, by applying existing similarity measures. The aim of the paper is to evaluate e-subjective pattern matching between student and tutor’s answers, using existing similarity measures with higher similarity value and low computational time. It would also select similarity measures that proffer a fair judgment to misspell answers by students.

Exact string matching means finding one or all exact occurrences of a pattern in a text, in which naïve brute force, Boyer Moore and Morris Pratt fit into this category. Approximate string matching is the technique of finding approximate match, which may not be exact but Rabin Karp matching technique fits in this area. Moreover, Rami and Jehad, actually improved the slow processing of naïve string matching by varying its algorithm to reduce its processing time. The variation is based on the matching position. For example, Rami and Jehad algorithm searched first character by using the occurrence list, which determined the positions of the first character of the pattern to be searched. This actually reduces the number of search through the pattern by considering the first and last character of the pattern. [10] Vidya Saikrishna researched on string matching and its application in diversified field. Intrusion detection system makes use of Aho Corasick string matching algorithm. This is an automaton based multiple string matching algorithm which locates all the occurrences of key words in a string. Another application of string matching is the detection of plagiarism, which has to do with text mining. Arpit Trivedi and Shreya Mahida worked on implementation of Bayesian theory in sentence classification for online subjective test. This research classified answers using one of the classification techniques like Naïve Bayes, and evaluation was based on the nearness of the result to the answer. This problem of automatic subjective marking is more of a natural language processing, whose existence will be tested in the answers given by the user. Extraction of keywords is one of the techniques that can be explored for answer evaluation, but in this context similarity measure is preferred.

LITERATURE REVIEW Adegbija conducted research on how positive the adoption of e-exam is, using National Open University of Nigeria as a case study. Numbers of IT staffs opinion were sampled on the use of e-exam, and after analysis it was deduced that e-exam is a viable and reliable. [2] Aahul B. Diwate did a systemic review on pattern matching which were used in applications of parser, spam, filters, digital libraries, computational molecular biology, natural language processing and word processors. It was deduced that internet search is best done by using Boyer Morris and Knuth Morris Pratt algorithm. [1] Rami H. Mansi and Jehad Q.Odeh researched on

METHODOLOGY This research will be based on using different similarity measure techniques to grade answers

93

1st International Conference on Applied Information Technology 7-9 October, 2015

D  i0    i * d D  o, j    j * d

supplied by students. These techniques will be weighed based on its nearness to lecturer’s judgment, thus the best method will be the closest to lecturer’s judgment. Objective based e-exam is a medium of evaluating student’s performance using multiple choice questions. The performance is evaluated by comparing the student’s answer to the correct answer stored in the data base. Subjective based e-exam is proposed to improve the weakness of student’s inability to express themselves in objective based eexam. Selected similarity and distance measures :

(7) Recurrence Relation

 DDii,j1,1j dd D  i, j   min  Di1, j 1s xi, yi    (8)

Overlapping similarity Measure Overlapping

Termination D (N,m) is distance

Similarity

| xI y|  x, y   min(| x |,| y |)

Edit Distance Measure Minimum Edit distance Base conditions:

(1)

D  i, o   i D

Cosine similarity Measure Cosinesimilarity

 x, y  



N

(9)

 o, j  

j

(10)

Termination:

D  N , M  is distance

x . yi

i 1 i

i1 xi2 . N



N

2 i 1 i (2)

y

(11)

Recurrence Relation

For each i  I .M For each j  I N

D  i, j 

Jaccard similarity Measure

| xI y| Jaccard Similarity  x, y   | | xUy|

=

  (3) min  DD ((ii,j1,1)j ) 11deletion insertion Dice Similarity Measure i  yisubstitution  Di 1, j 102 ifx ifxi  yi [  2  n  gram  s1  s 2   sim  s1, s 2    n  gram  s1   ( n  gram  s 2   (12) (4) 3.1.5

N-gram similarity Measure

sim  s1, s2   F  n1, n2 

n2 N  n 1

  h  i, j  i  n1

j 1

(5)

f  n1; n2 

The

Hamming Distance Measure Hamming distance between two strings of equal length is the number of positions at which the corresponding symbols are different. It thus, measures the minimum number of substitutions required to change one string into the other or the minimum number of errors that could have transformed one string into another. Jaro Winkler Distance

2 ( N  n1  1)( N  n2  2)  ( N  n2  1)( N  n1)

expansion

of

f  n1, n2 

  0 d j   01ifm  m m m t      otherwise   3  s1 s2 m 

(6) gives:

(13)

dj= jaro distance for strings s1 and s2

2 N  N2

Where m – number of characters T–

Needleman Wunch Distance Measure Initialization

1 the number of transpositions 2

Two characters from s1,s2 are considered matching only if they are the same and not

94

1st International Conference on Applied Information Technology 7-9 October, 2015 father than

Table 1: Matched pattern and text Ov Co Ja Di Ge Ne erl sin cc ce ne edl app e ar ral e ing d n- W gr un am ch

max( s1 , s 2 ) 2

t = number of matchingcharacter(but different matching order) (14) L – length of common prefixes, at the end of starting string, maximum of four characters. P – constant scaling factor In most cases, p = 0.1 but not greater than 0.25 bt= lp(1- dj) (15)

C Al A gor ith m

 d w   diifdi bt  d  lp 1d otherwise   j   j  

S Al A gor ith m

(16)

S 1 M

Each of the listed methods will be explored to determine the most suitable for this problem.

Al go rit h m Al go rit h m 1

Al go rit h m Al go rit h m 1

Al go rit h m Al go rit h m 1

Al go rit h m Al go rit h m 1

Al go rit h m Al go rit h m 9

Table 2: Mismatch pattern and text Ov Co Ja Di Ge Ne erl sin cc ce ne edl app e ar ral e ing d n- W gr un am ch

EXPERIMENTAL RESULT Experiment was conducted on three types of data set, which consists of matched, mismatched and spelling error of answers of the student with the correct answer by tutor. The results are depicted in table 1, 2 and 3. The flow chat in figure 1 depicts the steps involved in determining the values of match, mismatch and spelling errors. The similarity measures in section 3.1 were used for evaluating the similarity between a student’s answer and lecturer’s answers. These were done to test for match, mismatch and spelling error. Table 1 shows the similarity measure of exact match of student and tutor’s answers. Table shows mismatch of student and tutor’s answer, where overlapping, jaccard , Dice and Gen n-gram are closer to expert judgment. Also hamming distance is closer to expert judgment, followed by edit distance. Thus cosine similarity measure is knocked off here. Moreover, Dice is exactly equal to expert judgment and thus preferable for the string matching.

C Al A gor ith m S Pro A gra m S 0.1 M 43

95

Al go rit h m Pr og ra m 0. 51

Al go rit h m Pr og ra m 0. 1

Al go rit h m Pr og ra m o

Al go rit h m Pr og ra m 0. 01 82

Al go rit h m Pr og ra m 13

Ed it

Ha m mi ng

Al go rit h m Al go rit h m 0

Al go rit h m Al go rit h m 0

Ed it

Ha m mi ng

Al go rit h m Pr og ra m 10

Al go rit h m Pr og ra m 8

Ex pe rt ju dg em ent Al go rit h m Al go rit h m 1

Ex pe rt ju dg em ent Al go rit h m Pr og ra m 0

1st International Conference on Applied Information Technology 7-9 October, 2015

Dice SM

Edit Distance

Expert 1

3 4 5 6 7 8 9 10

Saprophyte

0.85

0.88

0.63

0.857

0.73

0.5

0.7

0.6

SA

Sapopites

CA

Protophyta

0.56

0.98

0.71

0.67

0.92

0.6

0.5

0.8

0.6

SA

Protophite

CA

Protozoa

0.85

0.95

0.75

0.71

0.95

0.75

0.5

0.9

0.7

SA

Protozua

CA

Euglena

SA

Egulean

0.42

0.46

0.43

0.17

0.82

0.43

0.5

0.7

0.4

CA

Hypha

0.8

0.9

0.8

0.75

0.92

0.6

0.5

0.8

0.7

SA

Hyphe

CA

Thallophyta

SA

Talophyta

1

0.98

1

0.67

0.94

0.82

0.5

0.7

0.6

CA

Sargassum

0.83

0.46

0.71

0.71

0.94

0.71

0.5

0.7

0.6

SA

Sagasum

CA

Tracheophyta

SA

Trachoephyta

0.83

0.79

0.83

0.73

0.98

0.83

0.5

0.8

0.7

CA

Rhizome

0.75

0.94

0.86

0.67

0.92

0.71

0.5

0.8

0.7

SA

Rhyzome

CA

Annelida

SA

Anelida

1

0.84

0.86

0.83

0.97

0.88

0.5

0.8

0.7

Average

0.77

0.82

0.78

0.65

0.92

0.71

0.5

0.77

0.63

Expert 3

Overlaping SM

2

CA

Expert 2

Cosine SM

0.7

Jaccard SM 1

Jaro Winkler SM

Table 3: Spelling errors made by Students with corresponding answer

Expert 3 graded by considering students error based on transposition and omission, which is condoned to a certain extent. For instance, the error should not be more than 30% of the answer. The average of each measure and expert results was computed, and thus compared. It was deduced that the e-assessment gives a fairer judgment compared to old method adopted by the experts by assigning 0 if there is no exact match. This is as a result of the accuracy in the similarity and distance measure computation of the mismatch and transposition in spellings of student’s answer compared to the correct answer. Considering the average of each of the similarity measures, the expert’s judgments are closer to the dice similarity and edit distance measures.

Table 3 depicts the analysis of distance measure on spelling errors made by students during examination. The content is to give a fair treatment to students if there is spelling error due to examination tension and other similar factors. From the evaluation of the similarity measures, it was observed that measures like Jaccard, Overlapping, Cosine and Jaro Winkler consider the commonality of the content of the strings and not their arrangement. This will not give us a true picture of the commonality of the terms. On the other hand, Dice and Edit measures consider transposition and omission which gives the true picture of the errors in the string, and a better evaluation of the similarity between the strings. The measures are compared with the average of expert’s result. The experts graded the students based on the following orientation: Expert 1 graded by assigning half of the full mark(1 in this case) to student’s answer if the spelling error is just about 50% Expert 2 graded by ensuring that if student answer is close to the correct answer, then the student is given a fair mark.

CONCLUSION Multiple choice questions is not that reliable for testing the capability of students, due to the fact that students can gamble, copy and they are not able to express themselves. Thus marking of subjective

96

1st International Conference on Applied Information Technology 7-9 October, 2015 questions is introduced; specifically fill in the gap questions. During the automation of the marking of this mode of questions, exact matching and nearness to answer based on spelling errors is considered. Misspelling pattern matching entails comparing student’s answer and expert answer, which was addressed in this paper. There is a tendency for the student to get full mark if the pattern and text matching are the same. In case, the pattern and text matching are not the same due to minor errors, a fair judgment was proposed by the similarity measures. REFERENCES Rahul, B. D., Statish J. A. 2013. Systemic review on pattern matching, international journal of advanced research in computer science and software engineering, Volume 3 issue 3, pages 615-620, India. AdegbijaM.V. 2012. The new technologies and the conduct of E-Examinations: A case study of National Open University of Nigeria, volume 3, pages 59-65, Nigeria Akinwale, A.T., Niewiadomski, A. 2013. Efficient n-gram based string matching in electronic testing at programming, Computational collective intelligence technology and applied lecture notes in computer science, volume 8083,pages 661-670, Poland. Akinwale, A.T., Niewiadomski, A. 2012. Effective similarity measure in electronic testing at programming languages, Journal of applied computer science, volume 20, number 2, pages 7-26, Poland. Medelyan, A. 2015. Natural Language Processing keyword extraction tutorial with RAKE and Maui, Air pair writing competition. Hussaineta, I. 2013. Improved approach for exact pattern matching, International journal of computer society,volume 10,issue 3 number 1, pages 59-65, Pakistan. Lovic, C., Baud R.H. 2000. Fast exact string pattern matching algorithm adapted to the characteristic of the medical language, J AM medical information association, volume 7, number 4, pages 378-391, Switzerland. Shinde, A.A., SumedhaC.2013. A novel approach with subjective assessment for E-Examination, International Journal of Engineering research. Volume 3, issue 4, pages 32-36, India Rami, H. M., Jehad Q. O. 2009. Improving Naïve string matching , Asian Journal of Information Technology, volume 8, pages 14-23, Asia. Vidya, S. 2012.String matching and its application, international journal of computer society, volume 9, issue 1, number 1, pages 219-226.

97

1st International Conference on Applied Information Technology 7-9 October, 2015

ROUGH SET THEORY BASED INTELLIGENT DISTRIBUTED VIDEO CODING SIDE INFORMATION GENERATION M. O. Akinola Next Generation Communications, Control and Instrumentation Technologies (NGCCIT) Research Group, Department of Electronics and Electrical Engineering, Federal University of Agricuture, Alabata, Abeokuta, Nigeria Abstract: In Distributed Video Coding (DVC), also known as Wyner-Ziv (WZ) coding, when video with multiple objects and complex spatial-temporal characteristics are compressed, employing a more accurate higher order trajectory has been shown to improve Side Information (SI) generation and codec performance, though artifacts remain primarily because of the block matching algorithm employed in higher order motion compensation interpolated SI generation, due to the spatialtemporal characteristics of the video and fixing of algorithms, thresholds and parameters. In order to adequately tackle these artifacts, to further improve SI generation and DVC codec performance, algorithm parameters and thresholds need to be intelligently changed as thresholds and parameters that are maximal for one video degrades for another video. Also, within the same video sequence with multiple and complex object motion, algorithm, thresholds and parameters cannot be kept constant on frame and macro-block (MB) level for improved performance. In this paper, rough set theory is applied to the spatial-temporal characteristics of the video being coded to intelligently determine which MB should be selectively employed to create the SI from two different algorithms thereby generating an improved WZ SI and DVC performance with some sequences giving up to 3dB improvement in SI peak signal to noise ratio. Keywords: DVC, Wyner-Ziv, SI, Rough set theory, Spatial-temporal characteristics, video compression. INTRODUCTION The main bottleneck to Distributed Video Coding (DVC) performance compared to conventional codecs such as H.264 is the quality of Side Information (SI), an approximation of the original video that are not available at the decoder (Akinola, Dooley and Wong, 2010; Petrazzuoli, Cagnazzo and Pesquet-Popescu 2010; Akinola, Dooley and Wong 2011; Martins, et al. 2009). The SI have been mostly generated in literature employing Linear Motion Compensated Interpolation (LMCTI) which degrades when video contains multiple, fast and complex motion such as American Football, Foreman and Coast Guard sequences. Thus higher order piecewise temporal trajectory interpolation (HOPTTI) (Akinola, Dooley and Wong 2010) and higher order motion interpolation for side information improvement (Petrazzuoli, Cagnazzo, and Pesquet-Popescu 2010) was introduced to mitigate the degradation of LMCTI based SI generation framework, with substantial SI improvement reported (Akinola, Dooley and Wong, 2010; Petrazzuoli, Cagnazzo and Pesquet-Popescu 2010). Further refinements with Adaptive Overlapped Block Motion Compensation was introduced in (Akinola, Dooley and Wong 2011) to further improve SI. However, not all macro-blocks (MBs) in the frame of complex, multiple object video sequences provide improved quality from these algorithms because parameter settings for SI improvement for these algorithms vary between different videos, frames and MBs due to varying spatial-temporal characteristics between and within video sequences. In (Akinola, Dooley and Wong 2011) it was shown how inaccurate MV estimations from forward and backward trajectories cause overlapping and how multiple deformable object parts with different motions occupying the same MB causes blocky artifacts. Example frames of SI generated employing

HOPTTI framework from the American Football sequence with persistent artifacts are shown in Figure 1. This shows a particularly complex frame with ghosting and holes in HOPTTI output due to Block Matching Algorithm (BMA) caused overlapping and blocking. Frame #61 Original original No: 65 original frameframe No: 65

SI for all blocks on Frame HOPTTI Cubic SI No: frame 65 PSNR: 23.0302 CubicPSNR=24.6dB Traj SITraj frame 65No: PSNR: 23.0302

Figure 1:Sample Illustration of Artefacts causing challenges for Qualitative performance of HOPTTI in American Football Sequence.

original frameframe No: 65 PSNR: Inf Traj AOBM SI frame 65 No: PSNR: 24.994524.9945 original No: 65 PSNR: InfCubic Cubic Traj AOBM SI No: frame 65 PSNR:

Furthermore, in (Akinola, Dooley and Wong 2011; Martins et al. 2010; Martins et al. 2011; Weerakkody et al. 2007), it was established that the algorithms, thresholds and parameters of sequences cannot be held constant between sequences and within sequences whose spatial-temporal characteristics changes significantly, especially for complex videos. The algorithm, threshold or parameter that maximizes performance for one sequence is different from those that will maximize quality for another and this applies within different parts of the sequences as well. An Empirical MS solution was introduced in (Akinola, Dooley and Wong 2011) showing that learning from spatialtemporal characteristics improve SI by switching to the better algorithm mode. Intelligent learning algorithms needed to be explored as the various mode changes and learning based algorithms (Akinola, Dooley and Wong 2011;

98

1st International Conference on Applied Information Technology 7-9 October, 2015 Martins et al. 2010; Martins et al. 2011; Weerakkody et al. 2007; Abou-El Ailah et al. 2012) have shown there is a gain in learning and intelligently applying what is learnt in improvement of the SI. Intelligence will both increase the correct application of knowledge gained and maximize the quality of SI output. In (Abou-El Ailah et al. 2012) support vector machine was employed in SI generation, where local and global SI was fused intelligently to improve SI generation. In contrast, this work fuses the HOPTTI algorithm and the AOBMC generated SI employing rough set theory to optimally generate a higher quality SI.

RST AND INTELLIGENT MODE SWITCHING To evaluate the improvement that could be further achieved by the HOPTTI framework by intelligently applying the spatial-temporal characteristics of videos in changing algorithms, thresholds and parameters, an RST based intelligent MS on MB basis is investigated in this paper. Figure 2 shows the DVC architecture of the detailed block diagram of the RST based intelligent MS (IMS) of the SI generation framework with the RST mode switching block highlighted. RST is an AI algorithm which systematically extracts knowledge from various types of data to produce a reduced (core) decision database containing discrete essential information for increasing the efficiency of any decision making that involves the data under consideration, used extensively in applications where video content determines parameter setting (Yuan et al. 2006; Jeon et al. 2007). In (Jeon et al. 2007), RST was successfully applied to selection of and switching between various re-sampling methods, depending on video content parameters used for de-interlacing which is a similar problem as switching between the algorithms for SI generation in DVC. In contrast, this work applies RST to generation of higher quality SI and overall DVC codec improvement

Figure 2:Detailed Blocks of SI Generation and Improvement Framework with RST Based IMS Module

Rough set information table for DVC SI generation In RST based IMS, the information table is used to describe MBs. It consists of a table where each column contains attributes derived from spatialtemporal characteristics of the MBs, and the attributes of each row is describing a particular MB (object in RST term).

Spatial-temporal characteristics of sequences impact on key parameters of the various algorithms. While a priori and posteriori knowledge of the video has been proposed to improve DVC performance with (Brites, Ascenso, and Pereira 2013) proposing perceptually driven error correction, the effect of video characteristics on algorithms, thresholds and parameters is investigated in this work, employing rough set theory (RST) based artificial intelligence (AI) to maximize SI generation improvement and DVC performance. RST has been chosen because it offers a method of learning and exploiting the implicit complex relationship within the spatial-temporal characteristics of the video sequences, eliminating cumbersome empirical experimentation and maximizing the improvement in SI. Furthermore, empirical experiments in (Akinola, Dooley and Wong 2011) showed that carefully changing algorithms and thresholds based on video characteristics in a macro-block (MB) mode switching (MS) arrangement yields improvement to the SI thus generated and DVC overall performance (Akinola, Dooley and Wong 2011). Experimental results using the RST and video characteristics for improving SI generation show that after training, the intelligently switched HOPTTI (HOPTTI-RST) can produce up to a 3dB peak signal to noise ratio (PSNR) improvement over HOPTTI. Furthermore, qualitative results from the complex American Football sequence show substantially improved SI quality.

The video content parameters employed is the sum of mean absolute difference (SMAD) and sum of boundary absolute difference (SBAD) (Choi et al 2007). SMAD is defined as:  1 M 1 N 1  SMAD   |F1 (i  x0 , j  y0 )  F2 (i  x0  MVx , j  y0  MVy ) |  MN i  0 j    1 M 1 N 1     |F3 (i  x0 , j  y0 )  F2 (i  x0  MVx , j  y0  MVy ) |  MN i 0 j 

(1) Where

( x0 , y0 ) is the coordinate of the top left

corner of the MB under consideration in the interpolated frame F1 , F2 is the HOPTTI SI frame used as the reference since the original frame is unavailable at the decoder ( MVx , MVy ) is candidate MV and ( M , N ) are the row and column dimensions of the MB, F3 is the future frame and F2 the reference frame as earlier. SBAD is defined as:

99

1st International Conference on Applied Information Technology 7-9 October, 2015 SBAD 

1 M

M 1

 | F (i  x , y )  F (i  x i 0

1

0

0

2

0

 MVx , y0  MVy  1) |

1 M 1  | F1 (i  x0 , y0  N  1)  F2 (i  x0  MVx , y0  MVy  N ) | M i 0 1 N 1   | F1 ( x0 , j  y0 )  F2 ( x0  MVx  1, j  y0  MVy ) | N j 0 



1 N

N 1

| F (x j 0

1

0

 M  1, j  y0 )  F2 ( x0  MVx  M , j  y0  MV y ) |

(1.2)

Input: Table spatial-temporal characteristics of Video for each MB Output: Decisions between AOBMC-H or HOPTTI for SI generation Processing: Algorithm 1 RST based IMS Algorithm STEP 1 Initialize variables: SMAD, SBAD, Mean Pixel, Conditional MAD, Conditional BAD. 2. FOR i = 1 to n where n is number of MB entries for particular video sequence. 3. Read in Variables SMAD, SBAD, Mean Pixel, Conditional MAD and Conditional BAD MB entries 4. Determine which algorithm HOPTTI or AOBMC-H is improved by each variable. 5. IF attribute improves HOPTTI Variable is essential Rule for decision HOPTTI Save Variable and it's characteristics 6. IF attribute improves AOBMC-H Variable is essential Rule for decision AOBMC-H Save Variable and it's characteristics 7. ELSE Variable is not essential Discard non-essential Variable ENDIF ENDIF ENDFOR STEP II 8. FOR i = 1 to k where k is number of MB entries for new Video sequence 9. Read in Variables SMAD, SBAD, Mean Pixel, Conditional MAD and Conditional BAD for new Video MB entries 10. Compare attributes with Saved Variables and their characteristics in STEP I. IF Attributes Match HOPTTI Output HOPTTI as decision ELSE Output AOBMC-H ENDIF ENDFOR END 1.

Each MB is described by five attributes which are de-rived from the spatial-temporal characteristics of the video sequence namely; Mean Pixel (M) which gives the mean pixel value of each MB, SMAD defined in equation 1.1 and SBAD defined in equation 1.2. Sample illustration of how M, SMAD and SBAD fluctuates for the American Football video is shown in Figure 3. Condition MAD is obtained by digitizing SMAD using the RST classification tool and Condition BAD also obtained by digitizing SBAD.

RU (MB) The upper Rules/Con ditions Members hip from each MB

RX (MB) The unknown set

RL (MB) The set of all Objects

The lower approxim ation

Figure 3: Detailed Blocks of SI Generation and Improvement Framework with RST Based IMS Module

Table 1: Pseudo-Code For RST-Based Mode IMS.

100

1st International Conference on Applied Information Technology 7-9 October, 2015 decision as to which algorithm the MB of the set RX (MB) will be generated with, for improved SI, is made by employing characteristics of the MBs.

the

spatial-temporal

SIMULATION, TESTING AND RESULTS The simulations employing RST use the rules deduced from predictive performance of the classifier algorithm i.e. the correctly classified instances. The spatial-temporal characteristic attributes of American Football, Hall and Coastguard sequences, are employed to generate the rules during training for a generic RST based IMS classifier. The three sequences are chosen because of the range from low to complex spatial-temporal characteristics that they possess. Furthermore, they are all multiple object sequences with a variety of object types. The generic RST classifier is used to generate SI output by switching between HOPTTI and AOBMC-H as predicted. The pseudo code employed for the classification is shown in Table I, where the output are the decisions of which algorithm will provide a more improved SI MB.

Figure 5: Frame by frame normalized M, SBAD and SMAD for American Football.

PSNR Vs Frame No. for Traj HOPTTI and HOPTTI+AOBMC+AMS SI AMERICAN FOOTBALL SEQUENCE 35 Original HOPTTI[2] Switched HOPTTI-AOBMC Switched RST

30 PSNR in dB

The attributes have an association with the decision to switch to and employ one of the two algorithms of HOPTTI or AOBMC-H. In the training phase, known outcomes are put in the place of the decisions such that rules are induced from the attributes and outcome. In contrast, outcomes are deduced from attributes and rules in the test phase. Conditional BAD and Conditional MAD are used to deepen the relationship between SBAD, SMAD and M of MBs in the table looking from different perspectives. The scope of spatial-temporal fluctuations that various algorithms try to cope with, pointing to reasons why thresholds and parameters being kept constant result only in marginal improvements or failure of the algorithm can be further appreciated with Figure 4 which shows the fluctuation in SMAD, SBAD and M for the American Football.

25

RST basics and mode switching RST was introduced by (Pawlak 1982) for reasoning about data. It provides a formal robust method for manipulating the various features and attributes in data sets which leads to the determination of the nature of the data. This is illustrated in Figure 3, where RX ( MB) is a set where the rough imprecise

20

0

20

40

60 80 Frame No.

100

120

140

Figure 5: Frame-wise SI-quality of Original HOPTTI, Switched HOPTTI-AOBMC and Swiched RST for the American Football sequence.

(unknown) boundary lies which in terms of IMS, and DVC is the set of MBs (these are usually MBs from a new video sequence whose SI we wish to improve) where we are not sure that generating the MBs with either HOPTTI or AOBMC-H algorithm will improve the SI quality of the video, thus a decision has to be made concerning them. MB  X - the universal set of all the MBs generated either by HOPTTI or AOBMC-H. RL ( MB) is the lower approximation,

Table II shows the average PSNR improvement in SI generated employing the generic RST rules induced during training for various video sequences, giving an improvement of about 3dB for the American Football sequence over HOPTTI and about 1.2 dB over empirically switched SI. The qualitative result of the same sequence in Figure 5 shows how the artifacts improve from HOPTTI to IMS and over empirically switched SI.

which is the known set of MBs that will be generated by HOPTTI and included in the improved SI. RL ( MB) is the upper approximation, which is the known set of MBs that will be generated by AOBMC-H and are included in the improved SI. The

101

1st International Conference on Applied Information Technology 7-9 October, 2015

Sequences

Coastguard

Empirical Switched HOPTTIAOBMC (Akinola, Dooley and Wong 2011) 37.9

HOPTTI (Akinola, Dooley and Wong 2010)

Switched RST (IMS)

36.4

39.45

Hall American Football Carphone

39.9

38.5

41.42

25.8

24.5

27.04

36.2

35.3

37.34

Mother

48.4

47.3

49.12

Foreman

36.7

35.1

38.11

AVERAGE

PSNR (DB) FOR EMPIRICAL SWITCHED HOPTTI-AOBMC, SWITCHED RST (IMS) AND HOPTTI FOR THE SELECTED TESTING SEQUENCES

Likewise, the frame by frame SI for the American Football sequence in Figure 6 shows the PSNR improvement over HOPTTI, Empirically switched MS and IMS SI. CONCLUSION RST based IMS is employed to further improve the empirical mode switching which produced up to 1.2dB improvement in PSNR over the empirically switched HOPTTI-AOBMC. Furthermore, about 3dB improvement is achieved over the HOPTTI SI generation algorithm. Furthermore, the qualitative results show a substantially improved RST based IMS SI with almost all traces of artifacts no more visible. REFERENCES Abou-El Ailah, A., Dufaux, F., Cagnazzo, M., Farah, J. 2012. ”Fusion of Global and Local Side Information Using Support Vector Machine in Transform-Domain DVC” European Signal Processing Conference (EUSIPCO), pp. 574-578. Akinola, M.O., Dooley, L. S., Wong, K. C. P. 2010. “Wyner-Ziv Side Information Using a Higher Order Piecewise Trajectory Temporal Interpolation Algorithm,” International Conf. on Graphic and Image Processing (ICGIP), Manila, Philippines, pp. 116-121.

102

Akinola, M.O., Dooley, L. S., Wong, K. C. P. 2011. “Improved Side Information Generation Using Adaptive Overlapped block Motion Compensation and Higher-Order Interpolation,” 18th International Conference on Systems, Signals and Image Processing (IWSSIP), Sarajevo, Bosnia & Herzegovina, pp. 97-100. Brites, C., Ascenso, J., Pereira, F. 2013. "Side information creation for efficient Wyner–Ziv video coding: Classifying and reviewing". Signal Processing: Image Communication, vol. 28, no. 7, pp. 689-726. Choi, B-D., Han, J-W., Kim, C-S., Ko, S-J. 2007. “Motion Compensated Frame Interpolation and Adaptive Overlapped Block Motion Compensation” IEEE Transaction on Circuits and Systems for Video Technology, Vol. 17 (4), pp. 407-416. Jeon, G., Won, J., Lee, R., Jeong, J. 2007. “A rough set approach for video deinterlacing” IEEE International conference on Multimedia and Expo (ICME) Beijing, China, pp. 19421945. Martins R., Brites C., Ascenso J., Pereira F. 2009. "Refining Side Information for Improved Transform Domain Wyner-Ziv Video Coding", IEEE Transactions on Circuits and Systems for Video Technology, Vol. 19, no. 9, pp. 13271341. Martins R., Brites C., Ascenso J., Pereira F. 2010. "Statistical Motion Learning for Improved Transform Domain Wyner-Ziv Video Coding", IET Image Processing, Vol. 4, no. 1, pp. 28-41. Pawlak, Z. 1982. “Rough sets” International Journal of Computer and Information Sciences, Volume 11, Issue 5, pp 341-356. Petrazzuoli, G., Cagnazzo, M., Pesquet-Popescu, B. 2010. "High order interpolation for side informationimprovement in DVC" in IEEE International Conference on Acoustics Speech and Signal Processing (ICASSP), pp 2342 – 2345, Dallas Texas, USA. Weerakkody W., Fernando W., Martinez J., Cuenca P., Quiles F. 2007. "An Iterative Refinement Technique for Side Information Generation in DVC", IEEE International Conference on Multimedia and Expo (ICME), Beijing, China. Yuan, Z., Wu, Y., Wang, G.Y., Li, J.B. 2006. “Motion-Information-Based Video Retrieval System Using Rough Pre-classification” Lecture Notes in Computer Science, Book Transactions on Rough Sets V, 4100:pp 306-333.

1st International Conference on Applied Information Technology 7-9 October, 2015

A NOISE PERTURBATION FRAMEWORK TOWARDS ENHANCING PRIVACY IN BIG DATA COMPUTING C. O. Oloruntoba and A. S. Sodiya Department of Computer Science, Federal University of Agriculture, Abeokuta [email protected] and [email protected] Abstract: As data becomes increasingly voluminous and complex, leading to the rise of Big Data computing, individuals are concerned over the privacy of their health data, browsing history, purchasing habits, social, religious and political preferences, financial data, etc. Privacy-preservation is a big hurdle that needs to be overcome as privacy concerns continue to hamper users who outsource their private data into the cloud storage, thus causing drawbacks in the benefits of Big Data computing. The sensitivities around privacy of Big Data centers on the use of the insecure java-based frameworks of Hadoop. Previous works directed towards preserving data focused on methods of cryptography, which have been identified as neither computationally effective nor cost efficient. We propose an approach of Differential privacy, a noise perturbation methodology which revolves around hiding the presence of an individual in datasets. In this paper, any query on big data analytics datasets is returned with a perturbed response with generated noise from Laplace distribution. The proposed framework when implemented is expected to enhance privacy of Big Data in the cloud. Keywords: Big data, Cloud computing, Differential privacy, Hadoop, Laplace distribution, Query and prescriptive analytics guarantees optimized value. Big Data environments demands a great number of clusters of servers to support the tools that process the large volumes, high velocity, and varied formats of Big Data projects. The need to store, process and analyze these large amounts of datasets has driven many organizations and individuals to adopt Cloud computing (Huan, 2013). Cloud computing offers a cost-effective way to support Big Data technologies and advanced analytics applications. Cloud computing provides the underlying engine through the use of Hadoop, a class of distributed dataprocessing platforms (Hashem et al, 2015). Some of the first adopters of Big Data in cloud computing are users that deployed Hadoop clusters in highly scalable and elastic computing environments provided by vendors, such as IBM, Microsoft Azure, and Amazon AWS (Chang et al, 2013).

INTRODUCTION Data has become a driving force behind almost every interaction between individuals, businesses, and governments. Across many sectors, including banking, financial services, energy, healthcare, media, education among others, the exponential automation of business processes is enlarging the scope of data usage and analytics. Big Data, which are high-volume, high-velocity, high-variety and highly complex information assets that demand cost-effective, innovative forms of information processing for enhanced insight and decision making (Gartner, 2014), creates enormous value for the global economy, driving innovations, productivity, efficiency and growth. Highperformance analytics is required for Big Data computing and as such, using high-performance data mining, predictive analytics, descriptive analytics Many challenges abound in Big Data computing, which includes: a) Data Privacy b) Security of Data c) Data Analytics d) Data Retrieval e) Lack of IT infrastructure, skills and expertise

Preserving privacy of Big Data has been challenging due to the following: a) Massive increase of data volumes b) Rise of new forms of interaction data, such as social media c) Increasingly complex IT environment d) Use of insecure java-based frameworks, such as Hadoop and its programming paradigm MapReduce.

Individuals are concerned over privacy of their health data, browsing history, purchasing habits, social, religious and political preferences, financial data, etc. Concerns over privacy are causing drawbacks in the benefits of Big Data computing. (Kaufman, 2009) emphasized that the ease and efficiency of cloud computing comes with privacy and security risks. Privacy of data is the main hurdle in the implementation of cloud services.

A single data privacy breach comprising millions of records can result in multimillion-dollar losses and other devastating consequences for the victimized organization. De-anonymization is not a feasible solution to preserving privacy of large datasets as the anonymous datasets can be correlated with other publicly available information to identify individuals in those datasets, which will expose private information that the individuals disclosed when they thought their privacy was guaranteed. Arvind and Vitaly. (2008), illustrated the sensitivity of

103

1st International Conference on Applied Information Technology 7-9 October, 2015 supposedly anonymous information. In 2013, a public release of a New York taxicab dataset was completely de-anonymized. Consequently, the data eventually revealed cab drivers’ annual incomes and more alarming, their passengers’ weekly travel habits (Neustar Inc., 2014).

Big Data Privacy Framework Driven by the need to solve privacy issues in Big Data computing, a privacy-enhancing framework of Differential privacy is proposed. Differential privacy aims to minimize the chances of individual identification in datasets.

We are of the opinion that privacy-preservation of Big Data can be enhanced with alternative methods. This paper therefore aims to present a framework useful for enhancing privacy of Big Data in the cloud.

In Differential Privacy, a randomized function A gives -differential privacy if for all datasets D1 and D2 that differs on a single element (i.e., data of one person), and all S ⊆ Range(A),

The rest of this paper is organized as follows: Section 2 presents an overview of related works and Section 3 provides the proposed Big Data privacy framework. The paper concludes in Section 4 followed by recommendations for future work.

(1) The function A is the mechanism for adding noise. Since differential privacy is a probabilistic concept, any differentially private mechanism is necessarily random. We consider the Laplace mechanism that involves adding random noise that conforms to the Laplace statistical distribution. The output function of A is defined as a real valued function (called the transcript output by A) as:

LITERATURE REVIEW Currently, encryption is being utilized by most researchers to ensure data privacy in the cloud (Hsiao-Ying and Tzeng, 2012) (Ning et al, 2011). Waziri et al. (2014), proposed the use of Fully Homomorphic Encryption (FHE) scheme in a cloud environment to protect an organization’s datasets from unnecessary disclosure. The FHE allows computations on encrypted data and yet, when the outputs of the computations of the encrypted data are decrypted, they still conform to the operations of the original plaintext. Hence, a cloud computing environment can store encrypted data, computations on the encrypted data can be done and the encrypted output delivered can be decrypted by the owner to obtain the original plaintext. The system comprised of a bootstrapping Somewhat Homomorphic Encryption scheme to strengthen the implementation of the Fully Homomorphic Cryptosystem Scheme. The FHE implementation on big data analytics in the cloud was discovered to have boosted confidentiality and integrity of the big data resources, but suffered a great deal of impracticability. Xuyun et al. (2013), argued that encrypting all intermediate datasets in the cloud is neither computationally effective nor cost effective as much time is required to encrypt or decrypt data.

(2) where and f is the original real valued function to be executed on the datasets. can be considered to be a continuous random variable, where

(3) which is at most, (4) We can therefore consider to be the privacy factor . The Laplace distribution which is directly proportional to its standard deviation, or noisiness , thus depends on the sensitivity of the function f and the privacy parameter . We tend to think of  as, say, 0.01, 0.1, or in some cases, ln 2 or ln 3. Research concludes that a smaller  epsilon value creates a more enhanced privacy. The sensitivity of a function gives an upper bound on how much an output can be perturbed to preserve privacy. One noise distribution naturally lends itself to differential privacy (Dwork and Roth, 2014). A query is the function to be applied on a dataset. Thus, the mechanism A that adds independently generated noise with distribution Lap ( /) to each of the query response enjoys -differential privacy. The added noise is targeted at the following: a) Anonimizing: Hiding the customer. b) Hashing: Disguising a customers’ identity. c) Cloaking: Making a customer invisible. d) Blurring: Decreasing accuracy of a query

Fan and Huang. (2013), proposed a variant of symmetric predicate encryption in cloud storage to control privacy and preserve search-based functionalities, such as undecrypt and revocable delegated search. Li et al. (2013), proposed a flexible Multi-Keyword Query (MKQE) scheme that significantly reduces the maintenance overhead during keyword dictionary expansion. MKQE considers the keyword weights and user access history to generate query results. MKQE improves the performance of multi-keyword ranked query over encrypted data to prevent information leakage. (Itani, Kayssi and Chehab, 2009) presented privacy as a service model that involves a set of security protocols to ensure the confidentiality of customer data in the cloud.

104

1st International Conference on Applied Information Technology 7-9 October, 2015 e)Lying: Intentionally giving false information Proposed Privacy-Enhancing Framework

The proposed framework combines three concepts, Big data, Cloud computing and Differential privacy. The architecture is shown in Figure 1 below.

Figure 1: Privacy-Enhancing Big Data System Architecture As the cloud provides facilities for the computation and processing of Big Data, Big Data from several sources are analyzed with Hadoop using its programming model, MapReduce and Hadoop Distributed File System (HDFS). MapReduce accelerates the processing of large amounts of data in a cloud while HDFS is a distributed file system designed to store extremely large files suitable for streaming data access.

On query f, the output bits are represented as 0/1 values in Af(D), for a large dataset D. We denote this set {0, 1} Af(D), where Af(D) is the perturbed response. If Af(D) = 0, the privacy of the big data analytics has been enhanced. The framework can be analysed based on two measures, namely, 1. Privacy breach 2. Effect of noise

For any query sequence f1.......fm on the analytics datasets, the mechanism A generates noise distribution Lap ( f/) on each query to give a perturbed response. Representing the query as n-bit characteristic vector of the dataset D, D= {di........dn}, the true answer to the query is: A(D) =∑ but the privacy mechanism will respond with: A(D) + Random noise

CONCLUSION AND FUTURE WORK The potential benefits of Big Data computing are hampered by challenges that include data privacy, security, analytics, its retrieval, as well as lack of infrastructure, expertise and skills. Sensitivities around privacy are a big hurdle that needs to be overcome as privacy concerns continue to hamper users who outsource their private data into the cloud storage. As any mechanism satisfying Differential privacy addresses all concerns that any individual might have about the leakage of her personal information to an adversary, as achieving differential privacy revolves around hiding the presence of an individual, we proposed a framework based on Differential Privacy. In this study, a framework of Noise addition from Laplace distribution was presented to transform any query on big data analytics datasets to give a perturbed response. Future work will be on the implementation of the proposed system and its evaluation.

Consider any feasible perturbed response R. For any M, if M is the true answer of the query and the response is R then the random noise must have value . Similarly, if is the true answer and the response is R, then the random noise must have value . For the response R to be generated in a differentially private approach, it suffices that:

105

1st International Conference on Applied Information Technology 7-9 October, 2015 Itani, W., Kayssi, A., Chehab, A. 2009. Privacy as a Service: Privacy-Aware Data Storage and Processing in Cloud Computing Architectures, Dependable, Autonomic and Secure Computing. In Proceedings of the 8th IEEE International Conference, pp. 711-716. Kaufman, L. 2009. Data Security in the World of Cloud Computing. IEEE Security and Privacy, Vol. 7, No. 4, pp 61-64. Li, R. et al. 2013. Efficient multi-keyword ranked query over encrypted data in cloud computing. Future General Computer System. Vol. 30, pp 179190. Neustar Incorporation, 2014. Riding With the Stars: Passenger Privacy in the NYC Taxicab Dataset. Ning, C. et al. 2011. Privacy-preserving multikeyword ranked search over encrypted cloud data. In IEEE 2011 Proceedings, pp.829–837. Waziri, V. et al. 2014. Big Data Analytics and the Epitome of fully Homomorphic Encryption Scheme for Cloud Computing Security. International Journal of Developments in Big Data and Analytics, Vol. 1, No. 1, pp 19-40. Xuyun, Z. et al. 2013. A Privacy Leakage Upper Bound Constraint-Based Approach for CostEffective Privacy Preserving of Intermediate DataSets in Cloud, Parallel and Distributed Systems. IEEE Transactions, Vol. 24, pp. 1192-1202.

REFERENCES Arvind, N., Vitaly, S., 2008. Robust Deanonymization of Large Sparse Datasets. In Proc. of 29th IEEE Symposium on Security and Privacy, pp. 111-125. Chang, L. et al. 2013. Public Auditing for Big Data Storage in Cloud Computing – a Survey, In 2013 IEEE 16th International Conference, pp. 1128-1135. Dwork, C., Roth, A. 2014. The Algorithm Foundations of Differential Privacy. Foundations and Trends in Theoretical Computer Science, Vol. 9, Nos. 3-4, pp. 211-407, DOI: 10.1561/0400000042. Fan, C., Huang, S. 2013. Controllable privacy preserving search based on symmetric predicate encryption in cloud storage. Future General Computing System, Vol. 29, pp. 1716-1724. Gartner IT glossary Big data, 2014, June 25. Accessed from http://www.gartner.com/itglossary/big-data Hashem, I.A.T. et al. 2015. The rise of ‘big data’ on cloud computing: Review and open research issues. Information Systems, Vol. 47, pp 98-115. Hsiao-Ying, L., Tzeng, W. 2012. A secure erasure code-based cloud storage system with secure data forwarding, parallel and distributed systems. IEEE Transactions, Vol. 23, pp. 995-1003. Huan, L. 2013. Big data drives cloud adoption in enterprise. IEEE Internet Computing, Vol. 17, pp 6871.

106

1st International Conference on Applied Information Technology 7-9 October, 2015

DYNAMIC CONGESTION CONTROL SCHEME FOR VIDEO STREAMING IN PEER-TO-PEER NETWORK O. E. Ojo, A. B. Ajobiewe and T. D. Ajayi Department of Computer Science, Federal University of Agriculture, Abeokuta, Nigeria. [email protected], [email protected] and [email protected] Abstract: The huge request for video applications in today’s network have resulted in finding the fastest, cheapest and most reliable means of transmitting video across the Internet. Peer –to- peer (P2P) network is gradually becoming the most suitable and acceptable network architecture for video streaming. Burst loss and excessive delay caused by network congestion in P2P network have withered effect on video quality. This paper proposes a new dynamic congestion control scheme (DCCM) suitable for video streaming in a P2P network. The DCCM consist of a new rate controlling scheme located before the transport layer of the network and a bandwidth allocation scheme embedded within the network layer. The rate controlling scheme adopts highest ratio next (HRN) algorithm to moderate encoded video frames before it goes into the transmission control protocol (TCP) buffer. Also, the new bandwidth allocation scheme adopts a priority scheduling scheme to effectively and dynamically allocate bandwidth based on the weight that is attached to each peer within the network. Further work will include analysis and simulation of DCCM using network simulator 3 (NS3) to test the effectiveness of the scheme and comparing it with existing schemes. Keywords: Video Streaming, Congestion Control, Peer-to-Peer Network, Bandwidth Allocation. streaming, providing services to a large number of viewers creates very difficult technology challenges on both system and networking resources (Thampi, 2013). The Quality of service (QOS) in video streaming can be affected severely due to network congestion that occurs as a result of dynamic characteristics of P2P networks. Therefore, designing the appropriate congestion control scheme that will ensure fair allocation of available bandwidth to peers and schedule video frames to peers at a defined control rate is important. The rest of this paper is organized as follows. Section 2 presents some related works, the proposed dynamic congestion control model is described briefly in section 3. Finally, conclusion and further work are presented in section 4. RELATED WORKS This section describes previous congestion control schemes in P2P networks. An Appraisal was conducted on the problem of supporting bandwidth heterogeneity and congestion control in the context of P2P multicast streaming. Several challenges were identified that are peculiar to the P2P setting, including robustness concerns arising from peer unreliability and the ambiguity of packet loss as an indicator of congestion. Based on these, a hybrid parent- and child-driven bandwidth adaptation protocol for P2P multicast streaming was proposed (Padmanabhan et al, 2005). A friendly P2P system for congestion detection and avoidance was presented, the congestion control scheme was designed to alleviate the impact of P2P traffic on traditional Internet traffic. The friendly P2P system allows P2P applications to switch to a friendly mode as soon as network congestion occurs. The scheme requires neither support of routers nor any TCP modification, so it can be easily deployed in the Internet (Liu et al, 2008). A decentralize

INTRODUCTION Internet video streaming is now a popular area of research in academia and industry. The vast spread of video applications has ensued in the joint efforts of discovering the cheapest and reliable means of streaming across the Internet. Unlike conventional client/server distributed system, P2P networks are self-organizing networks that aggregate large amounts of heterogeneous computers called peers. In P2P systems, peers can communicate directly with each other for the sharing and exchanging of data, these distinct attributes of P2P make it preferable for streaming and sharing video content across the network (Mushtaq and Ahmed, 2006). A P2P network is a distributed system in which peers employ distributed resources to perform a critical function in a decentralized fashion. Nodes in a P2P network normally play equal roles; therefore, these nodes are also called peers. A typical P2P network often includes computers in unrelated administrative domains. These P2P participants join or leave the P2P system frequently; hence, P2P networks are dynamic in nature (Li and Wu, 2006). Video streaming in P2P networks can be classified into two categories: live streaming and video on demand (VoD). The live streaming systems disseminate live video contents to all the peers in real time while the VoD streaming system enables peers to enjoy the flexibility of watching a video at any point in time (Liu et al, 2008a). The P2P networks are more suitable for video streaming because of two reasons. First, P2P does not need support from Internet routers and thereby cost effective and simple to deploy. Second, a peer simultaneously acts as a client as well as server, thus downloading a video stream and at the same time uploading it to other peers watching the program (Liu et al, 2008b). In spite of these distinct features of P2P video

107

1st International Conference on Applied Information Technology 7-9 October, 2015 bandwidth allocation algorithm was designed for P2P streaming system. Given a mesh P2P topology, the algorithm explicitly reorganizes the bandwidth of data transmission on each overlay link, such that the streaming bandwidth demand is always guaranteed to be met at any peer in the session, without depending on any a priori knowledge of available peer upload or overlay link bandwidth. The algorithm is especially useful when there is no or little surplus bandwidth supply from servers or other peers. It adapts well to time-varying availability of bandwidth, and guarantees bandwidth supply for the existing peers during volatile peer dynamics (Wu and Li, 2008). Another optimization framework was designed for allocating server bandwidth to minimize distortion across the peer population. The framework was applied to P2P multicast live video streaming with virtual functionality. In the application, each user can watch arbitrary regions of a high-spatialresolution scene yet the system exploits overlapping interests by building multicast trees. Experimental results show that the system is capable of delivering quality video across the peer population (Mavlankar et al, 2008). A P2P streaming framework, called Hierarchically Clustered P2P Video Streaming (HCPS) was presented. HCPS is capable of providing live streaming service to a large number of users with video rate approaching the optimum upper bound. Peers share chunks (video frames) with other peers using the distributed scheduling mechanism. The peer uplink bandwidth resources are efficiently utilized, and the system as a whole operates close to the optimal point. Experimental results showed the effectiveness of HCPS (Guo et al, 2012). Another study was conducted on the capacity of P2P adaptive streaming by developing utility maximization models that take into account peer heterogeneity, taxation-based incentives, and multiversion videos at discrete rates. It was demonstrated that incentive-compatible sharing between peers watching different video versions can be enabled through taxation. The capacity regions of P2P adaptive streaming was characterized with peer transcoding, layered video encoding, or helper-based distribution. Furthermore, stochastic models were developed to study the performance of P2P adaptive streaming in face of bandwidth variations and peer churn. The research showed that P2P adaptive streaming not only significantly reduces the load on the servers, but also improves the stability of userperceived video quality in the face of dynamic bandwidth changes (Xu et al, 2013). A bandwidth allocation mechanism for layered video streaming in P2P networks was proposed. The scheme efficiently allocates sender peers’ upload bandwidth to receiver peers. The upstream peer bandwidth is allocated depending on the quality level (requested layers) of the receiver peers, starting by allocating bandwidth for the lower layers first. In order to allocate bandwidth for a certain layer, an auction game is established to distribute the

bandwidth among the receiver peers, where the sender peers “sell” their items (upload bandwidth) according to bids submitted by receiver peers. The approach favored high priority peers while ensuring a minimum quality level to all peers (Bradai et al 2014). Another congestion avoidance algorithm for a higher level of congestion avoidance in Edge RED routers was developed. The Edge RED routers were designed to accompany a transport-layer congestion control protocol such as TCP, UDP. In particular, an active queue management (AQM) algorithm was adopted in the forwarding board to guarantee the UDP flow fairness. Extensive simulations showed that the scheme achieved better fairness and data flow protection (Bharathi and Manu, 2014). Also, a P2P live streaming traffic aware congestion control protocol was developed. The protocol is capable of managing sequential traffic heading to multiple network destinations, efficiently exploits the available bandwidth and avoids network congestion (Efthymiopoulos et al, 2015).

PROPOSED DYNAMIC CONTROL MODEL (DCCM)

CONGESTION

The proposed DCCM as displayed in figure 1 was designed to work within the transmission control protocol/internetworking protocol (TCP/IP) protocol suite and the network architecture considered is the peer-to-peer network. At the source, raw video and audio are captured from different peers (Internet users) and are sent to the codec (coder-decoder) buffer . The codec buffer is located in the presentation layer embedded within the application layer of the TCP/IP protocol suite because the application layer of the TCP/IP performs the function of the session, presentation and application layers of the open system interconnection (OSI) model. The encoding and decoding scheme in this research adopts the scalable video coding (SVC). The new rate controlling scheme resides between the codec buffer and TCP buffer. This scheme control encoded video frames and send it directly to the TCP buffer in the transport layer. From the TCP buffer, video frames are transmitted into the Internet layer (which is equivalent to the network layer in the OSI model). At the Internet layer, a dynamic bandwidth allocating scheme was introduced to ensure efficient and fair allocation of bandwidth among peers. Similarly, at the destination; frames move from the Internet layer to the TCP buffer, then to the codec buffer. At this point frames are decoded using SVC as well. Finally, the decoded frames are supplied to the playout buffer which in turn disseminates video to the required peers(users). It is important to note that in this model, any of the peers can act as a server and at the same time as a client.

108

1st International Conference on Applied Information Technology 7-9 October, 2015

DESTINATION

SOURCE CAPTURE RAW VIDEO/AUDIO

SVC ENCODER & DECODER

TCP BUFFER

TCP BUFFER

RATE CONTROLLING SCHEME

SVC ENCODER & DECODER

PLAYOUT BUFFER

INTERNET NETWORK LAYER

PEER 1

PEER 3

PEER 5

PEER 2 PEER 4

BANDWIDTH ALLOCATION SCHEME

Figure 1: Proposed DCCM scheme This work presents a new model for congestion control schemes in peer-to-peer networks. The model is targeted at providing an efficient scheme for transmitting video application across P2P networks. An effective deployment, rate controlling and bandwidth allocating schemes were proposed. The rate controlling scheme modulates encoded video frames and the bandwidth allocating scheme ensures fair allocation of bandwidth to available peers within the network. To validate this research, further work will be carried out on the analysis and simulation of the model

The DCCM Algorithm Algorithm 1 : Rate Controlling Scheme 1. Begin 2. Let getch: 3.

For

, Let

(

)

where

4.

For , Order all and schedule request. 5. Repeat 2, 3 and 4 until . 6. End. Algorithm 2: Dynamic Bandwidth Allocating Scheme Step 1: Start Step 2: Arrival of peers. Step 3: Compute Bandwidth for peer where {

REFRENCES Bharathi, M., Manu, G. 2014. Cooperative Congestion Control in P2P Networks Edge Router. International Journal of Computer Trends and Technology (IJCTT), 13(2):50-55. Bradai, A., Ahmed, T., Boutaba, R., Ahmed, R. 2014.Efficient content delivery scheme for layered video streaming in large-scale networks. Journal of Network and Computer Applications, 45:1-14. Efthymiopoulos, N., Christakidis, A., Efthymiopoulou, M., Corazza, L., Denazis, S. 2015. Congestion Control for P2P Live Streaming,

}

Step 4: peers release resources Step 5: Stop. CONCLUSION

109

1st International Conference on Applied Information Technology 7-9 October, 2015 International Journal of Peer to Peer Networks (IJP2P), 6(2):1-21. Guo, Y., Liang, C., Liu, Y. 2012. Hierarchically Clustered P2P Video Streaming: Design, Implementation, and Evaluation. Computer Networks, 56(15):3432-3445. Li, X., Wu, J. 2006. Searching techniques in peerto-peer networks. Handbook of Theoretical and Algorithmic Aspects of Ad Hoc, Sensor, and Peer-toPeer Networks, 613-642. Liu, Y., Wang, H., Lin, Y., Cheng, S., Simon, G. 2008. Friendly P2P: Application-level congestion control for peer-to-peer applications. In Global Telecommunications Conference (IEEE GLOBECOM), pp. 1-5. Liu, Y., Guo, Y. and Liang, C. 2008a. A survey on peer-to-peer video streaming systems. Peer-to-peer Networking and Applications, 1(1):18-28. Liu, J., Rao, S., Li, B. and Zhang, H. 2008b. Opportunities and Challenges of Peer-to-Peer Internet Video Broadcast, Proc. IEEE, 96(1):11-24.

Mushtaq, M. and Ahmed, T. 2006. Adaptive Packet Video Streaming Over P2P Networks Using Active Measurements. Proceedings of the 11th IEEE Symposium on Computers and Communications (ISCC'06), 423-428. Mavlankar, A., Noh, J., Baccichet, P.and Girod, B. 2008. Optimal server bandwidth allocation for 468-473. Padmanabhan, V., Wang, H. and Chou, P. 2005. Supporting heterogeneity and congestion control in peer-to-peer multicast streaming. In Peer-to-Peer Systems III, 54-63. Thampi, S. 2013 . A Review on P2P Video Streaming. arXiv preprint arXiv:1304.1235. Wu, C. and Li, B. 2008. On meeting P2P streaming bandwidth demand with limited supplies. Electronic Imaging, 68180C-68180C. Xu, Y., Liu, Y. and Ross, K. 2013. Capacity analysis of peer-to-peer adaptive streaming. In Peer-to-Peer Computing (P2P), 2013 IEEE Thirteenth International Conference, 1-10.

110

1st International Conference on Applied Information Technology 7-9 October, 2015

NATURAL LANGUAGE PROCESSING OF ENGLISH LANGUAGE TO YORÙBÁ LANGUAGE 1 1,2

B. S. Obalalu, 2F. T. Ibharalu and 3O. O. Fagbolu

Department of Computer Science, Federal University of Agriculture Abeokuta 3 Department of Computer Science, The Polytechnic Ibadan, Ibadan.

1

[email protected], [email protected] and [email protected]

Abstract: Machine translation (MT) is a subfield of computational grammar that explores the use of computer software to translate text or speech from one natural language to another. Natural Language Processing (NLP) deals with the process of analyzing natural human languages, converting the Source Language (SL) into digital representation. NLP would aid translation of words and phrases from SL into its functionally equivalent Target Language (TL). In this paper, we provide NLP for translating English language to Yorùbá language. This research work looks into the numerous methodologies to natural language translation (NLT) which is a key application in the field of natural language processing and its requirements to deliver more robust and dependable system that will be resistant to failure irrespective of users’ inputs. In our design, the input is text only and the direction of translation is English to Yorùbá language, although in the future extension of this work, speech would also be accepted as input and the direction of translation would be expanded. NLP of Yorùbá Language would enhance knowledge transfer and communication using the Yorùbá language. Keywords: Communication, knowledge, Natural Language Processing (NLP), part of speech (PoS), source-target language (SL-TL), translation, English-Yorùbá Language. written and diacritic system of Yorùbá Language has been the focal points to the development of this processor, while delivering hands-on solutions to translate words, phrases or expressions and offer basic survival terms to both learner, visitors, business partners or tourist to Yorùbá nation who might need to communicate or do business with Yorùbá people in their home land. Design, implementation, testing, deployment, and evaluation of natural language processing of English to Yorùbá language are what achieved in this paper. Yorùbá is been spoken by well over 50 million speakers in West African region in some communities in the following countries Nigeria, Togo, Benin, Ghana and Sierra Leone while it is also spoken in Brazil and Cuba. Yorùbá descent that migrated to advanced countries like United Kingdom, U.S and Canada are speaking this

INTRODUCTION Natural Language Processing (NLP) is a computational model of human language processing which operate internally as humans do. A computational system that proficiently process both text and speech and share the behavioural pattern of human whereby programs acts, interacts and handle languages like humans. In this field of research, computers perform useful and interesting tasks with human languages, taking as input one natural language such as English Language and output its translation in another Target Language (TL), pronounce the source language (SL), or give semantic knowledge of the source language (SL). The input and output of NLP can be text only, speech or both. However speech recognition and synthesis is outside the scope of this paper. Figure 1 below shows the representation of NLP translation.

SL

NLG

NLU

TL

Figure 1: Diagrammatic representation of Natural Language Processing. language in large proportion and it is consider the third most spoken native African language. Yorùbá In the translation scheme above, the source language has ancestral speakers who according to language is fed into the Natural Language their oral traditions is Oduduwa (son of Olúdùmarè), Understand (NLU) unit for processing and the output the supreme god of the Yorùbá (Biobaku, 1973). is passed as input to the Natural Language Generated Yorùbá first appeared in writing during the 19th (NLG) unit of the system to generate the target century, and the first publications were a number of language. teaching booklets produced by John Raban in 1830 – Translation is inevitable because communication is 1832 and another major contributor to orthography of the lifeblood of business or transaction, hence the Yorùbá was Bishop Samuel Ajayi Crowther (1806 – need for NLP of one of the African languages 1891) who studied many of the languages of Nigeria (Yorùbá Language) which has not received research (Oyenuga, 2007), he wrote and translated some of attention like its European or Asian counterparts the Yorùbá phrases and words. Yorùbá orthography (Tyers, 2010, Fagbolu et al, 2014, Fagbolu et al, appeared in about 1850 although with many inherent 2015). The necessity of the spoken language over changes since then.

111

1st International Conference on Applied Information Technology 7-9 October, 2015 In the 17th century, Yorùbá was written in the Ajami script (Ogunbiyi, 2003) and major development in the documentation of Yorùbá words and phrases were done by Anglican (CMS) missionaries that were working in places like Sierra Leone, Brazil, Cuba and they assembled the grammatical units in Yorùbá together which were published as short notes (Adetugbo, 2003), in 1875 Anglican communion organized a conference on Yorùbá orthography. Johnson (1921) remarked that several fruitless efforts made to either invent new characters or adapt the Arabic; which to the Moslem Yorùbá are well known. Finally, Roman characterbased alphabets that were acquainted with Anglican (CMS) missionaries were adopted (Johnson, 1921). Yorùbá anthology can be traced to the publication of several Yorùbá newsprints in Lagos, Nigeria in 1920s such as Eko Akete in 1920 with Alaagba Isaac B Thomas as the editor, Akede Eko in 1922, Eletiofe in 1925 with E.A Akintan as the editor and many more which enhance the numerous usage of the language in the area of economic, political, diplomatic and cultural relations. Computing processes of Yorùbá language will allow intending visitors or learners of the language to tap into numerous advantages to be derived in its usage but non-existence of English – Yorùbá corpus can inhibits. The ability to process human language by computers is as old as computers themselves, it is then imperative for computers to perform useful tasks involving human language like enabling human-machine communication, improving humanhuman communication or simply doing useful processing of text or speech. This paper proposes the use of computational power and resources in handling human languages with the following advantages. It can give clear-cut definitions of Yorùbá words, simple expressions in English, provide means of teaching and tutoring Yorùbá language and hence the Yorùbá word processor can beautify various tourist centers in Yorùbá nations. RESEARCH OBJECTIVES Series of difficulties abound in the realization of NLP of Yorùbá Language but because of its numerous advantages, its objectives are: 1. Design a platform for NLP of English Language to Yorùbá Language. 2. Deploy the platform on any operating system and 3. Evaluate its usefulness among English and nonYorùbá speakers RELATED WORKS Although Yorùbá Language is not well research in this domain but several research works of Nigerian universities and other universities outside the country well considered and reviewed. Of emphatic mention are Development of Web-enabled Yorùbá Phrasebook, Ph.D thesis in FUTA, Development of an English to Yorùbá Machine Translation System, Ph.D thesis in OAU Ile-Ife (Eludiora, 2014), Development of Yorùbá language Text-To-Speech

E-Learning system of LAUTECH Ogbomoso (Oloruntoyin, 2014), Global Yorùbá Lexical Database of University of Pennsylvania, Making of English-Yorùbá translator and other theses motivated this research work. In lieu of this, there are several research works in this domain and key insight of last 50 years of research in language processing are captured through the use of models or theories, these models were drawn from standard tool kits of computer science, mathematics and linguistics. Various approaches been represented in NLP which includes Direct Translation, Rule-Based Translation and Data-Driven Translation. Direct approach is the first generation of NLP, earliest and historic without intermediate processes, programming were done primitively because early computers were not as sophisticated as today’s hand held computers. Rule based approach requires the expertise knowledge and thinking patterns that are captured as linguistic rules which give literally meaning to generate set of rules and data in the antecedent and consequent framework of selection in any programming techniques. Data-driven approach requires voluminous data as found in Statistical Machine Translation and Example Based Machine Translation. RESEARCH METHODOLOGY We design a Yorùbá corpus which serves as a backend database for NLP integrated with PHP framework, API, MySQL, AngularJS framework, Android Studio, JAVA and Android SDK, and fundamental features of web and internet were used in this research work which enhance the NLP of Yorùbá language and the following modules were proven: a. Training the system with training corpus; b. Input Text Font Conversion into Unicode Format; c. Yorùbá Text Normalization; d. Finding and Replacing Collocations; e. Finding and replacing named entities; f. Word for word translation using lexicons; g. Resolving Ambiguity among words; h. Transliteration of words; i. Post Processing; j. Improving the accuracy of the system through machine learning during every translation job; k. Testing the system using test corpus other than train corpus. Preprocessing of word or phrase in Yorùbá language is done and is then tokenized that is multi-word or phrase are tokenized into single word unit, matched with the developed corpus and then translated as the case may be, when translation is complete, it is post processed to its original format. In the corpus, there are over six thousand (6,000) words in Yorùbá Corpus (Fagbolu et al; 2015) which are separated as part of speech (POS) and it is depicted in table 1 and figure 2 is the graph of the POS:

112

1st International Conference on Applied Information Technology 7-9 October, 2015 Table 1: Part of Speech.

different operating systems. Different samples of the use of constructed Yorùbá corpus for searching numerous phrases or words are given in figure 3a-3b below.

Figure 3a: A screenshot of the Web interface translating.

Figure 2: A Graph of POS in Table 1. The above graph represents all the available part of speech and total number of each corpus generated from Table 1 which is query from the corpus databank. Based on the graph, it is shown that noun has the highest number of occurrences follow by verb, adjective, adverb, pronoun, preposition, conjunction etc.

Figure 3b: A screenshot of the Web interface of translated noun phrase.

RESULTS NLP of Yorùbá is constructed as an electronic database consisting of collection, computerizing and checking of corpus data (databank). Its activities include identification of data sources, defining criteria for sampling, computerizing the data and checking and revising both the corpus data and text. Annotation of the corpus involves the steps of developing parts of speech tagging software for Yorùbá. The next stage is text annotation and parts of speech tagging, preparing a lexicon of roots and affixes for parts of speech tagger; developing a parts of speech tagger that would tag at least 6000 lexemes; testing and upgrading the tagger. In developing the corpus interface, we consider query criteria, visual design and cross platform compatibility of the software that will operate the corpus. Finally, a user friendly graphic interface that would ease access to the NLP is developed; defining query criteria and query fields that would appear in the interface in accordance with the fundamental design of the corpus; checking and upgrading compatibility of the interface (Windows, Linux, MacOS, SunOS, and Pardus) for different users and

DISCUSSION After the design and testing, deployment was carried out with 200 phrases and words and five (5) native speakers of Yorùbá language who are illiterate and five (5) speakers who can speak both Yorùbá and English did the survey. Their ratings were based on two different criteria namely intelligibility and accuracy, based on the evaluation the mean opinion score of the evaluator are:  50.1 % words got the score 3 i.e. they are perfectly clear and intelligible;  25.4 % words got the score 2 i.e. they are generally clear and intelligible;  20.5 % words got the score 1 i.e. they are hard to understand;  14 % words got the score 0 i.e. they are not understandable. So we can say that about 75.5 % words are intelligible. The responses of the evaluators were analyzed based on accuracy and the following are the results obtained:  60 % words got the score 3 i.e. they match perfectly

113

1st International Conference on Applied Information Technology 7-9 October, 2015 

business trip will find it useful in learning Yorùbá language.

25 % words got the score 2 i.e. they match with more than 50% as against the correct translation;  14.4 % words got the score 1 i.e. they match with less than 50% as against the correct translation;  10.6 % words got the score 0 i.e. they found unfaithful. The overall score for accuracy of the translated text in percentage is found to be 75% as shown in figure 4 below. CONCLUSION The aim and objectives of this research was successfully achieved; its design and implementation on web platforms were tested. During this research, Yorùbá language which is tending towards extinction would be reawakened, this platform promotes indigenous African languages to native and non-native speakers, tourists or learners from another ethnic group in Nigeria that may want to associate with Yorùbá people during their visit or on It serves as one of the collective efforts to expand words, phrases and expressions in Yorùbá language and make Yorùbá language normal and natural means of spoken and written communication for whosoever wish, consequently the language will be more prevalent, gain value and reputation and no one will denigrate it. New words and expressions that are suitable for situations, legislation, science, engineering, commerce, computing, mass communication and other domain of life will be cater for. Developing digital Yorùbá corpus for NLP proved to be a hard nut to crack if all details and expectations of NLP are considered. One of the challenges is the non-availability of digital text with diacritics and data collection of Yorùbá words. It is recommended that efforts at building corporal for national languages in Nigeria be encouraged, as this will reduce time spent on research and development of languages computational tools. There is also an urgent need for the authorities conferred with

Figure 4: Graphical representation of mean opinion score of evaluators based on intelligibility and accuracy. development of Information and Communication Technologies (ICT) and Languages in the Nigeria to present request to UNICODE consortium so that the characters used in the orthographies will come as pre-composed characters. This will afford any languages to use the computer platform and resources to process such language. In addition, research work like this needs funding by the government, institutions and corporate bodies because of their contributions to the society, Ministry of Tourism and Ministry of Science and Technology would find its significance extreme for those who favourably inclined to the Yorùbá language. FUTURE WORK To increase the direction of translation, and a need to provide the corpus databank to include all Africa major languages, Yorùbá keyboard version can be integrated with its diacritics, and thereby attaining 100% intelligible, logical and precise Natural Yorùbá Language Processing. Ogunbiyi, I. A. (2003). The Search for a Yorùbá Orthography since the 1840s: Obstacles to the Choice of The Arabic Script. Sudanic Africa: A Journal of Historical Sources, 14:77–102. Oloruntoyin, S.F. (2014). Development of Yorùbá Language Text-to-Speech Learning System. International Journal of Scholarly Research Gate. 2(1):19-36 Source at: http://onlinejournals.oscij.com Oyenuga, S. (2007). Learning Yorùbá Web Available at: http://www.yorubaforkidsabroad.com/ Oyenuga, S. and Oyenuga, T. (2007). Learn Yorùbá in 27 days, Canada, Saskatoon, Gaptel Innovative Solutions Inc. Tyers, F. M. (2010). ”Ru e-Based Breton to French Machine T ans ation”. St. Raae F ance. European Association for Machine Translation, EAMT. Available online at http://www.mtarchive.info/EAMT-2010-Tyers.pdf, Accessed on 23/11/2011

REFERENCES Adetugbo, A. (2003). The Yorùbá Language in Yorùbá History. Biobaku, S. O. (1973). Sources of Yorùbá History, London, Oxford Clarence Press Eludiora, S. I. (2014). Development of English to Yorùbá Machine Translation System, Ph.D thesis, Obafemi wo owo nive sity - f Nigeria. Fagbolu, O. O, Alese, B. K. and Adewale, O. S. (2014). Development of a Digital Yorùbá Phrasebook on a Mobile Platform, in Proc. 25th International Conference, Nigerian Computer Society (NCS), Nike Lake Resort Enugu, Vol 25. Pp. 13–19. Fagbolu O. O., Ojoawo A. O, Ajibade K. A. and Alese, B. K (2015). Digital Yorùbá Corpus, International Journal of Innovative Science,Engineering and Technology, India, ISSN 2348-7968, 2, No.8 918-926. Johnson, S. (1921). The History of the Yorùbá. C.M.S. Nigeria Bookshops, Lagos.

114

1st International Conference on Applied Information Technology 7-9 October, 2015

INFORMATION AND COMMUNICATION TECHNOLOGY (ICT) COMPETENCE AND LITERACY AMONG UNDERGRADUATES AS A FACTOR FOR ACADEMIC ACHIEVEMENT H. C. John, A. A. Izang and O. J. Akorede Postgraduate School, Educational Foundations & Instructional Technology, Tai Solarin University of Education, Ogun State. Nigeria. Department of Computer Science and Information Technology, Babcock University, Ogun State, Nigeria. Educational Foundations & Instructional Technology, Tai Solarin University of Education, Ogun State, Nigeria. [email protected], [email protected] and [email protected] Abstract: Due to the convergence of Information and Communication Technology (ICT), humans have evolved over time, so as technology too. Humans have attempted to use technology to improve the length and quality of life, and education has never been left out in this great paradigm shift. This paper focused on the Information and Communication Technology competence and literacy of undergraduate students in Ogun State, with particular emphasis on the aspect of information literacy skills/competence, as a determinant of undergraduate’s academic achievement and descriptive survey design was adopted for this study. The population studied consist of 10,713 students from TASUED which comprises 4 Colleges, Babcock University population consist of over 10,000 students with 9 colleges; Simple random sampling was used to select a sample of 170 respondents from Babcock University and 130 respondents from TASUED. Three hundred respondents were sampled which comprises students from 100-500 level. Well-structured questionnaire was used as the mean instrument for obtaining primary data. The findings of this study shows that over 80% of the undergraduates in TASUED and BU are competent in the use of ICT, information literate on the area of being able to source for materials and information for their research and assignments. Furthermore, this study has proved that the use of ICT has improved the academic performance of students. Keywords: Information Literacy, Academic Achievement, Undergraduates, Higher Education, ICT. INTRODUCTION As the pace of global change has increased, so has our need for learning. Consider the tremendous changes in both the amount and variety of information resources, as well as great change in technology that has affects our lives from education to communication and health. Higher education has an important role to play through its graduates who provide leadership roles in education as researchers, teachers, consultants and managers, that will create and apply new knowledge and innovations, and who should provide analytical perspectives on development problems and service to public and private sectors. Ebo Edith C. (2013) in (Trucano, 2005; Burnett, 1994) explains that the word Information and Communication Technology (ICT) is the technology used for handling information, including multi media and the internet, and devices such as video, cameras and mobile telephones. Quadri and Abomoge (2013) defined University undergraduate as “a student of university who has not yet received a first degree or the body member of a university or a college who has not taken his first degree; a student in any school who has not completed his course”. In attempt to clarify the concept of “competence”, Weinert (2001) relates the term to the Greek notion of arête, meaning excellence, in this sense of being the best; also with the Latin term virtus, a kind of moral excellence, while it is generally understood as being concerned with „ what people can do rather than what they know‟.

Competence can be captured by such synonymous as ability, aptitude, capability, effectiveness and skills. The letter denotes discrete skills and activities that individuals can perform Allan (2011). Kyoshaba (2009) in Cambridge University Reporter (2003) states that Academic achievement is frequently defined in terms of examination performance, academic achievement and it is characterized by performance in tests, in course work and performance in examinations of undergraduate students. Due to the convergence of ICT, and so many different information resources, students are faced with information explosion and require certain special skills; the skills of information literacy to seek out information and to understand, evaluate, and apply what they find. Logho and Nkiko (2014) observed that, most undergraduates contract their research projects and assignments, due to their embryonic information literacy competence in ICT to source for information, with the various information and communication technology available. Undergraduates in Nigerian Higher Institutions, have always considered their Academic achievements and performance as a vital part of their academic career, negligence of not performing well in their academic endeavors have led to Expulsion, academic probation, recommendation to change current course of study to another, academic insecurity during their course of study, low selfesteem due to poor academic performance, etc. This has made students embrace Information and communication technology, which has the potential for not only introducing new teaching and learning

115

1st International Conference on Applied Information Technology 7-9 October, 2015 practices, but can also empower teachers and learners and promote the growth of skills necessary for the 21st century work place. It is at this light that this research tends to examine the Information and Communication Technology Competence and Literacy among Undergraduates in Selected Universities in Ogun State. The significance of this study will bring to the limelight, the following areas; how Information and Communication (ICT) competence of TASUED and BU students have improved their academic achievement, determine the information literacy level of the students, the problems and solutions encounter in using ICT to improve their academic performance and illustrate the effect of ICT competence in their academic achievement

education system. It can empower teachers and learners and promote the growth of skills necessary for the 21st century work place. Academic achievements among university undergraduate Student‟s Academic Achievement has always been an area of great concern for teachers, parents and the entire university administration, which is a determinant factor for outcome of learning, teaching and curriculum development. The endpoint or aftermath of students‟ academic achievement at the end of the school calendar which varies among Nigerian institutions of higher learning, may include the following effects; Prizes and Award winning, direct academic and non- academic employment for students who showed high distinctions in their academic performance, Recognition and leadership among their colleagues, and for those with poor performance the aftermath may include the following; Expulsion, academic probation, recommended to change current course of study to another, academic insecurity during their course of study, low self-esteem due to poor academic performance, etc. Kyoshaba (2009) states that Academic achievement is frequently defined in terms of examination performance, academic achievement and it is characterized by performance in tests, in course work and performance in examinations of undergraduate students, and also The Universities Admission Center (2006) reports that tertiary institutions in Austria have found that a undergraduate student‟s overall academic achievement is the best single predictor of tertiary success for most tertiary courses. The most widely used term for academic achievement among undergraduates is by their Grade Points Average (GPA) or Cumulative Grade Points Average (CGPA), and is also the “yard stick” that can be used to measure students, teachers, and the university‟s academic achievements and output. In other not to be lagging behind, undergraduates are now been charged to improve or advance existing knowledge to improve their academic achievement or performance through the use of best sources and resources to support their academic functions. (ICT) is regarded as the best technology used for handling information, including multi media and the internet, and devices such as video, cameras and mobile telephones, and with the use of personal computer (PC) or laptop, Smart phones, when attached to the internet can provide access to large quantity of information (Ebo, 2013).

LITERATURE REVIEW The Use of ICT among Students in Higher Learning Due to information explosion, teachers are now educating students on how to think carefully about what they want to find on the Internet and determine which key words will be most helpful before going to a computer. Information and communication technology (ICT) is therefore the combination of networks, hardware and software as well as the means of communication, collaboration and engagement that enable the processing, management and exchange of data, information, idea and knowledge. In order words, ICT includes the use of GSM Mobile phones, personal computer (PC) and internets, which have been central tools that gave impetus to the most radical changes known today. These technologies are fast and automated, interactive and multimodal, and provides avenue for students to control how and when they learn. ACARA (2010). Undergraduates of an institution of higher learning are being groomed to become knowledge workers in the society, they are expected to acquire knowledge, skill, and attitude using Information and communication Technologies during their academic spire, to enable them improve their academic performance. ICT can enhance instructional delivery through its dynamic, interactive, and engaging content; and it can provide real opportunities for individualized instruction. ICT has the potential to accelerate, enrich and deepen skills; motivate and engage students in learning (Eze and Nwangbo, 2013). Students can play important roles in technologically infused literacy classrooms. They have responsibilities for using technology as an effective tool in their pursuit of learning, using technology wisely and ethically, and for helping others gain expertise with technology, and they are feeling empowered by this opportunity they sense they have added value to knowledge when they put together a set of materials for a presentation in a way that no one else had done before. Information and communication technology has the potential for not only introducing new teaching and learning practices, but also for acting as a catalyst to revolutionize the

ICT Competence and Literacy among Undergraduates Technology has now become the most preferable means of generating and dissemination of knowledge; hence, the society is increasingly conscious of technology literacy. It is seen as a continuum of knowledge, skills and strategies that individuals acquire over the course of their lives as a

116

1st International Conference on Applied Information Technology 7-9 October, 2015 

result of interactions with peers, information and communities around them (Panel, 2002) of ICT literacy. The 21st century, also called (ICT)literacy or new literacy, includes not only the traditional concept of literacy, being able to read and write fluently, but also includes the ability to judiciously utilize and incorporate the new technologies that abound in order to communicate with others (21st century skills, 2006).Quoting Oye, N. D., A.Iahad, N. and Ab. Rahim, N. (2012). “The term ICT literacy or technological literacy, can be considered as the ability to know and to use technology skillfully. ICT literacy refers to the application of technology effectively as a tool to research, organize, evaluate and communicate information, it also includes the use of digital technologies (computers, PDAs, media players, GPS, etc), communication/networking tools and social networks appropriately to access, manage, integrate, evaluate and create information to successful function in a knowledge economy”. In higher institution of learning, information literacy and ICT competence is a necessary skill for students to recognize when information is needed and have the ability to locate, evaluate, and use to enable them improve their academic performance. ICT literacy may be grouped into three classes: class one pertains to knowledge of technology, the second class, to skills relevant to using the technology, and the third to attitudes accruing from critical reflection of technology use.” Ogunlana, Oshinaike, Akinbode, and Okunoye (2013) in Kurbanoglu (2003) explained that information literacy augments students‟ competency with evaluating, managing, and using information, it is now considered as a vital competency for all university students. ICT competencies is now of high priority in every aspect of life in order to fit into the digital world Ofoegbu and Asogwa (2013) in (Kosakwoski, 2005; kainth and Kaur, 2010) indicated the potentials of ICT to improve instruction. It itemize some of the benefits of ICT as a teaching and learning resources as follows:  Helps to present information in many forms, Makes learners to be more confident in learning process,  Makes learners to communicate effectively on any process,  Makes students to become independent learners and good beginners,  helps to increase students writing skills,  Gives rise to greater problem solving and critical thinking, .

Develops in the learners the spirit to interact with their fellow students, Helps students to work collaboratively.

Quoting Rao (2009), “Use of technology to facilitate research within a student project, such as having a student develops a hypermedia program to teach a particular topic, can also help make the maximum use of student instructional time. Such a blend of student research and technology can enable students to work on self-paced and meaningful projects while avoiding the typically unproductive time of waiting for help or waiting to be told what to do next”. METHODOLOGY The study investigates the Information and Communication Technology (ICT) Competence and Literacy among undergraduates as a factor for academic achievement in Tai Solarin University of Education (TASUED), Ijagun, and Babcock University, both in Ogun State. Nigeria. Descriptive survey design was adopted for this study. The population studied consisted of 10,713 students from TASUED which comprises 4 Colleges, (COSIT, COHUM, COSMAS and COAEVOT). Babcock University population consist over 10,000 students and has the following 9 colleges; School of Agriculture & Industrial Technology, Babcock Business School, College of Health & Medical Sciences, School of Basic & Applied Science (formerly known as Science & Technology), School of Computing & Engineering Sciences, School of Education and Humanities, School of Law & Security Studies, School of Nursing, School of Public & Allied Health. Simple random sampling was used to select a sample of 170 respondents from Babcock University and 130 respondents from TASUED. Total being 300 respondents which comprises students from 100-400 level. A structured questionnaire was used as the mean instrument for obtaining primary data. The questionnaires were distributed to the students to fill, during Hall worship at BU and OGD Library at TASUED, and was collected immediately for analysis. DISCUSION OF FINDINGS Based on the questionnaire responses, the percentage of students who correctly answered every question was analyzed descriptively using statistical package and service solution (SPSS). Table one above shows the summary of the demographic data

117

1st International Conference on Applied Information Technology 7-9 October, 2015 Table 1: Summary of the Demographic Data. Demographic Percentage Response Information (%) LEVEL 100L 46 15.3% 200L 63 21% 300L 66 22% 400L 114 38.0% 500L 11 3.7% GENDER Male 162 53.3% Female 138 46.7% AGE 15-20 138 46.0% 21-25 92 30.6% 26-30 65 21.7% 31-45 5 1.7% Figure 1 shows that Babcock Business School (BBS) and Science and Technology Students in Babcock University responded more on the questionnaire more than other colleges and faculties, while in Tai Solarin University, College of Applied Education and Vocational Technology (COAEVOT) and College Social and Management Science (COSMAS) responded more than other colleges in Tai Solarin University.

Figure 1: Demographic information of students. Table 2: Level of ICT Competence among Students. STATEMENTS

Yes

(%)

No

(%)

Computer /Smart Phone Operation Ability to install and uninstall 289 (96.3) 11 (3.7) applications Create and manage files and folders 277 (92.3) 23 (7.7) in my computer Save files into my Google drive, sky drive, ICloud, flash drive or 268 (89.3) 32 (10.7) CDs. Print documents 279 (93.0) 21 (7.0) Protect my computer from virus 199 (66.3) 101 (33.7) Download and view documents and 285 (95.0) 15 (5.0) files Word Processing (Microsoft Word), Spreadsheet (Microsoft Excel) and Presentation (Microsoft PowerPoint) Create, Save and exit documents 284 (94.7) 16 (5.3)

118

1st International Conference on Applied Information Technology 7-9 October, 2015 Ability to edit a document (Bold, italicize and underline, change font color, Cut, copy and paste text or graphics) Use shortcut icons Make a cell active Change slide design Ability to create and add a new slide Use PowerPoint for my presentations Internet Operation Open internet explorer and other web browsers Ability to search for information using different search engines Ability to compose, attach file to email and send e-mail messages Access my Emails Download and save files online I use the social media to get updates on my academic field of study

251 (83.7)

49 (16.3)

264 (88.0) 211(70.3) 238 (79.3) 250 (83.3)

36 (12.0) 89 (29.7) 62 (20.7) 50 (16.7)

253 (84.3)

47 (15.7)

292 (97.3)

8 (2.7)

275 (91.7)

25 (8.3)

272 (90.7)

28 (9.3)

285 (95.0) 292 (97.3)

15 (5.0) 8 (2.7)

252 (84.7)

48 (16.0)

Table 2 clearly indicates that over 80% of the virus, however on the average most of the undergraduates in TASUED and BU are competent respondents are very competent in the use of ICT. in the use of ICT, except on the aspect of protecting 29% of the respondents cannot make an active cell in their computers from Virus, which indicated that Microsoft excel. Table 3 gives us information about 66.3% of both university undergraduates can protect the level of information literacy among the their computer from virus, while 33.7% of the undergraduate‟s students in both schools respondents cannot protect their computers from . Table 3: Level of Information Literacy among Undergraduates. Information literacy Level Yes No (%) (%) Can you limit search strategies by 195 105 subject, language and date? (65.0) (35.0) Can you decide where and how to 201 99 find your information for your (67.0) (33.0) research and assignments? Can you determine the 188 112 authoritativeness, correctness and (62.7) (37.3) reliability of the information sources? Can you select information most 122 178 appropriate to the information you (40.7) (59.3) need/want for your assignment and research? I have learned from my 259 41 information problem solving (86.3) (13.7) experience and have improved my information literacy skills? Table 4: Student‟s ICT Competence on ICT before. Student’s ICT SA A D SD Competence before or (%) (%) (%) (%) during their academic admission I got my training on the 33 74 115 78 use of ICT from my (11.0) (24.7) (38.3) (26.0) University, through the general courses been

119

1st International Conference on Applied Information Technology 7-9 October, 2015 taught on computer applications and use. Etc. GNS, GEDs, Vocational Training and Departmental courses. I got my training from professional training courses on computer applications and use. E.g. New Horizon, Microsoft certifications etc. I got my training from my parents, colleagues, classmates, friends, and self-development. I got my training by attending a diploma or certification course training in computer sciences, e.g. HND, Dip, ND1 and NDII. Etc.

113 (37.7)

87 (29.0)

77 (25.7)

23 (7.7)

76 (25.3)

104 (34.7)

107 (35.7)

13 (4.3)

35 (11.7)

48 (16.0)

128 (42.7)

89 (29.7)

Table 5: To Determine the Effect of ICT Usage in student‟s Academic performance among Undergraduates. Academic effect of ICT usage among TASUED Undergraduates The use of ICT has helped the improve my academic grades I earned better grades when I apply or use ICT during class presentation, research and assignments My ability to use ICT has made me able to assist my colleagues when they face problems in using ICT I will like to teach my course mate on how to use various software‟s ICT have made me get instant message on current issues on my field of study via my computer /smart phone. With my knowledge in ICT sourcing for information is no longer as difficult as before

SA (%)

A (%)

D (%)

SD (%)

49 (16.0)

50 (17.3)

123 (41.0)

76 (25.3)

98 (32.7)

146 (48.7)

31 (10.3)

25 (8.3)

60 (20.0)

187 (62.3)

47 (15.7)

6 (2.0)

108 (36.0)

103 (34.3)

63 (21.0)

26 (8.7)

114 (38.0)

111 (37.0)

53 (17.7)

22 (7.3)

76 (25.3)

150 (50.0)

51 (17.0)

23 (7.7)

Table 4 shows the responses of the undergraduate students in both schools regarding how they got their ICT competence. Table 5 shows

responses of students from booth schools on how the use of ICT improves their academic performance.

120

1st International Conference on Applied Information Technology 7-9 October, 2015 The above result also indicates that majority of the respondents (Over 50%), when we merge the two groups together (SA+A) and (SD+D) the result reveals that the respondents in both schools have better grades when they apply or use ICT during class presentation, research and assignments, their ability to use ICT has made them capable of assisting their course mate when they are faced with problems in using ICT,

It has also revealed that ICT has made them able to teach their course mate on how to use various software‟s and the that ICT have made them receive instant message on current issues on their field of study via my computer /smart phone. Finally, the knowledge of ICT has made sourcing for information is no longer as difficult as before. The table 6 above shows the various problems that can cause students from both schools their ICT competency.

Table 6: Problems That May Cause ICT Incompetence among Undergraduates Problems that may SA A D SD cause ICT (%) (%) (%) (%) Incompetence Fear of Addiction 86 87 74 33 (28.7) (29.0) (24.7) (17.7) Poor/Inadequate 113 147 31 9 information literacy and (37.7) (49.0) (10.3) (3.0) training programme in the university Lack of finance to 93 105 79 23 purchase devices (31.0) (35.0) (26.3) (7.7) Network authentication/ 108 110 49 33 restriction from students (36.0) (36.7) (16.3) (11.0) Lack of finance to 120 106 49 25 subscribe or purchase (40.0) (35.3) (16.3) (8.3) Data for browsing Slow Bandwidth of my 146 113 22 19 Network Provider (48.7) (37.7) (7.3) (6.3) Epileptic electrical 148 113 28 11 power supply (49.3) (37.7) (9.3) (3.7) decide where and how to source information for their research and assignments, and have also learned from information problem solving experience and have improved their information literacy skills and can limit search strategies by subject, language and date too.

Implications to Learning The findings of this study have great implications on university undergraduate Information and Communication Technology (ICT) competence in Computer Literacy and Information Literacy and its determinant to their academic achievement. The use of ICT in a digitalized world is a vital tool for providing opportunities for students not only to learn, but to define, locate, recognize, evaluate, and use acquired information knowledge to solve practical educational problems within and outside the four walls of the classroom. The use of ICT, particularly a computer stimulates a new atmosphere where students can utilize modern ICT resources for effective instructional learning in order to promote their academic achievement.

From this study, despite the various efforts of the university, Training from parents, colleagues, classmates, friends, self-development and training from a professional training courses on computer applications and use have been the major source of student‟s ICT competence and literacy. Furthermore, this study showed that students earned better grades when they apply or use ICT during class presentation, research and assignments; assist their course mate when they face problems in using ICT. However, network authentication/restriction from students, lack of power supply and slow bandwidth of network provider and Poor/Inadequate information literacy and training programme in the university are identified as the major problem facing them in the use of ICT. The following recommendation where made at the end of this study, which include: ICT competence should be a major area of concern of students, parents, university administrators and should be regarded as been a factor for the academic performance of the students, in the area of improving their academic grades.

CONCLUSION This paper investigates the Information and Communication Technology competence and literacy of undergraduate students in Ogun State. Babcock University and Tai Solarin University of Education and has resolved the following conclusions: Regarding computer literacy of the students, undergraduates in TASUED and BU are competent in the use of ICT. The research also reveals that Students are information literate in the area of being able to

121

1st International Conference on Applied Information Technology 7-9 October, 2015 The universities curriculum on the GNS, GEDs, Vocational Training in Computer and Departmental courses and should be well structured to augment‟s students computer literacy skills. Problems deterring ICT usage should be addressed such as poor electricity supply, to encourage the frequent use of ICT in the teaching and learning process. And the university administration should allow students use the Internet facilities (Wi-Fi) and some websites can be filtered to reduce abuse and unnecessary wasted of Internet data by students. Information literacy should be included in their curriculum to help give better understanding on how to really use the available skills acquired in ICT to boost their academic achievement and performance.

State. Journal of Educational Media and Technology, 17:126-127. Kyoshaba M. 2009, Factors Affecting Academic Performance of Undergraduate Students at Uganda Christian University; MSc. Thesis in Educational Management, Makerere University, Uganda. Quadri, Ganiyu O. & Abomoge, Solomon O. 2013. A Survey of Reading and Internet Use Habits among Undergraduate Students in Selected University Libraries in Nigeria, Information and Knowledge Management. 3(11). Danner R. B., Pessu O. A. 2013. A Survey of ICT Competencies among Students in Teacher Preparation Programmes at the University of Benin, Benin City, Nigeria. Journal of Information Technology Education Research, 12(2013). Eze P. I., Nwangbo A. F. 2013. Harnessing Information and Communication Technology (ICT) Tools in Instructional Delivery of Secondary School Subjects. Journal of Information Technology Education Research, 12(2013). Oye, N. D., A.Iahad, N., Ab. Rahim, N. 2012. ICT Literacy among University Academicians: A Case of Nigerian Public University, ARPN Journal of Science and Technology. 2(2), March 2012. Ogunlana, E. K., Oshinaike, A. B., Akinbode, R. O., Okunoye, O. 2013. Students‟ Perception, Attitude and Experience as Factors Influencing Learning of Information Literacy Skills in Public Universities in Ogun State, Nigeria. Information and Knowledge Management, 3(5)2013. Ilogho, J. E., Nkiko C. (2014). Information Literacy Search Skills of Students in Five Selected Private Universities in Ogun State, Nigeria: A Survey. Library Philosophy and Practice. Paper 104 http://digitalcommons.unl.edu/libphilprac/1040 ACARA 2010. Information and Communication Technology (ICT) competence, Australian Curriculum Assessment and Reporting Authority, Australia, http://consultation.australiancurriculum.edu.au/Gener alCapabilities/ICT/ConceptualStatement

REFERENCES Rao V. K. 2009. Educational Technology: Technology Integration for Higher Education. APH Publishing Cooperation, 4435-36/7, Ansari Road, Daya Ganji. New Delhi-110002. pp.1-3. Mishra R. C. 2005. Teaching Technology; Understanding Information Literacy, APH Publishing Cooperation. 5, Ansari Road, Daya Ganji. New Delhi-110002. pp. 182-189. Mishra R. C. 2005. Teaching Technology; Information Technology for Higher Education, APH Publishing Cooperation. 5, Ansari Road, Daya Ganji. New Delhi-110002. pp 182-189. Ofoegbu T. O., Uche Asogwa D. 2013. Information and Communication Technology Competencies of Lower and Middle Basic Science and Technology Teachers in Enugu State, Journal ofEducational Media and Technology, 17:28. EBO E. C. 2013. The Role of Information and Communication Technology in Enhancing Effective Instructional Delivery in Tertiary Institutions. Journal of Educational Media and Technology, 17:84-85. Dorah N. D, Davwet H. M., Shamle H. N. 2013. Appraising the Availability and Use Of Information Communication Technology (ICT) Among Geography Teachers in Jos South L.G.A. Of Plateau

122

1st International Conference on Applied Information Technology 7-9 October, 2015

A FRAMEWORK FOR IMPROVED FITNESS CALCULATION IN GENETIC MINING F. E. Ayo, O. Folorunso and F. T. Ibharalu Department of Computer Science, Federal University of Agriculture, Abeokuta. [email protected], [email protected] and [email protected] Abstract : Naturally, Genetic Algorithm perform global comparison of all the individuals in the population in order to identify the best individuals. This global comparison reduces the efficiency of the fitness calculation of the algorithm if the entire population is considered, because the population is a mixture of good and bad individuals. In this paper, a framework that will select only those traces in the event log constituting of only good individuals for a better performance of the fitness calculation is designed. Hence, Bayesian scoring functions based on fuzzy logic prediction is proposed to preprocess the log in order to select the best traces that will serve as the initial population to the genetic algorithm plug-in in ProM framework. The simulation in ProM framework confirmed the originality of our proposed approach. Keywords: Genetic Algorithm, Bayesian Scoring Functions, Fuzzy Logic, Process Aware Information Systems, Process Mining. performance of the fitness calculation of this algorithm. The event log is first preprocessed using the scoring functions from Bayesian network. The results of this preprocessing determine those traces that will form the initial population of the genetic process mining based on a fuzzy prediction. The traces with high lift values from the scoring functions is used as input into the genetic mining instead of the entire log. This paper also proposed a new genetic process mining algorithm that will enhance the processing of these high lift traces for an efficient fitness value calculation and for the discovery of a sound process model. In the remainder of this paper, section 2 explore some related works. In section 3, we introduce Event, Event logs, Traces, Process discovery, Petri nets. The Design methodology of the proposed framework, and algorithms are presented in section 4. Section 5 present the discussion of the proposed framework, and section 6 conclude the work.

INTRODUCTION A great deal of information are recorded by today’s information systems in the form of event log. The need for event log is to allow monitoring of operational processes for better adjustment to real life processes based on the recorded information (Van der Aalst and Verbeek, 2013). This monitoring capability is supported by an information system known as Process Aware Information Systems (PAIS). PAIS is a software system that manages and executes operational processes involving people, applications, and/or information sources on the basis of process models (Dumas et al., 2005). Process mining is a method for discovering these operational processes recorded in logs (van der Aalst, 2011). One of the aims of process mining is to retrieve a process model from an event log. However, current techniques have problems when mining processes that contain invisible tasks, redundancies and/or when dealing with the presence of noise in the logs (van der Aalst et al., 2005). Genetic mining can solve most of these problems because of its ability to perform global search. This is because Genetic Algorithm (GA) compare the fitness of an individual process model with all the cases in the event log. The problem of noise is naturally tackled by the GA because, per definition, these algorithms are robust to noise (van der Aalst et al., 2005). However, the main challenge in a genetic approach is the definition of a good fitness measure because it guides the global search performed by the GA. The global search performed by GA reduces the efficiency of the algorithm since the entire population is considered (Raja and Bhaskaran, 2013). Considering the whole population is panacea to dealing with the population that has both good and bad process model. The performance of genetic mining can be improved better if the population has only good individuals (Raja and Bhaskaran, 2013). Hence, this paper proposed a framework for genetic process mining based on improving the

RELATED WORK Hong et al. (2014) proposed a parallel geneticfuzzy mining algorithm based on the master–slave architecture to extract both association rules and membership functions from quantitative transactions. The master processor uses a single population as a simple genetic algorithm does, and distributes the tasks of fitness calculation to slave processors. The evolutionary processes, such as crossover, mutation and production are performed by the master processor. The time complexities for both sequential and parallel genetic-fuzzy mining algorithms was also analyzed by their work, with results showing the good effect of their proposed parallel approach. When the number of generations is large, the speedup can be nearly linear. The authors conclude that applying master–slave parallel architecture to speed up the genetic-fuzzy data mining algorithm is thus a feasible way to overcome the low-speed fitness evaluation problem of the original algorithm.

123

1st International Conference on Applied Information Technology 7-9 October, 2015 Raja and Bhaskaran (2013) developed a new Population Reduction method in order to identify the best individuals from among the initial population. The authors believes that the efficiency of the genetic algorithm is reduced by considering the whole initial population and thus a reduced population of good individuals will improve the precision of the fitness value calculation. Van Eck et al. (2014) present an approach that improves the performance of the Evolutionary Tree Miner (ETM) algorithm by enabling it to make guided changes to process models, in order to obtain higher quality models in fewer generations. The ETM is a genetic process discovery algorithm that guide the discovery of models based on the process model quality dimensions such as fitness, precision, simplicity and generalization. The approach first create an initial population of process models with good quality and it then use information from the alignment between an event log and a process model to locate quality issues in a given part of a model, and correcting those issues using guided mutation operations. (Borja et al., 2014) present in their work a genetic algorithm with a hierarchical fitness function based on the process model quality dimensions. The authors focus the search of the genetic operators on those parts of the model that generate errors during the processing of the log and reducing the search space to those models that are supported by the information in the log, thus

case id

activity id

case1 case2 case3 case3 case1 case1 case2 case4 case2

activity A activity A activity A activity D activity B activity H activity C activity A activity H

Origi Nator John John Sue Carol Mike John Mike Sue John

speeding up the iteration at which the best individual is found. Li et al. (2014) proposed an improved pseudoparallel genetic algorithm using asexual reproduction to ensure good gene mixing. The initial population is produced by greedy algorithm in order to enhance convergence speed. Material exchange between subgroups employs island model in pseudoparallel genetic algorithm to reduce complexities and enhance convergence speed, as well as increasing global searching ability of the algorithm. EVENT, EVENT LOG, TRACES, PETRI NETS, PROCESS DISCOVERY Definition 1(Event, Trace, Event Log): Let A be the set of tasks or events and t∈ A* be a trace i.e. t is the arrangement of tasks or events in different order. Let L ∈ M (A*) be an event log with multiple traces of different lengths. For example, the case id column in table 1 represent 4 traces (case 1, case 2, case 3, case 4). Each of these traces have sequence of activities in some particular order. The first trace form case 1(A, B, H), the second trace form case 2(A, C, H), the third trace form case 3(A, D, E, F, G, H) and the last trace form case 4(A, D, F, E, G, H). For each of the traces, individual activity in the brackets represent event, the combination of those events form traces and the combination of those traces form event log.

Table 1: Event log (Van der Aalst et al. 2005) timestamp case activity id id 09-3-2004:15.01 case1 activity E 09-3-2004:15.12 case2 activity F 09-3-2004:16.03 case3 activity D 09-3-2004:16.07 case3 activity G 09-3-2004:18.25 case1 activity H 10-3-2004:09.23 case1 activity F 10-3-2004:10.34 case2 activity E 10-3-2004:10.35 case4 activity G 10-3-2004:10.34 case2 activity H

Definition 2 (Petri nets): A Petri net PN = (P, T, F) is a 3- tuple model where: 1. P is a final set of places 2. T is a final set of transition such that P ∩ T =ϕ

3.

124

Origi Nator Pete Carol Pete Sue Pete Sue Clare Mike Clare

timestamp 10-3-2004:12.50 11-3-2004:10.12 11-3-2004:10.14 11-3-2004:10.44 11-3-2004:11.03 11-3-2004:11.18 11-3-2004:12.22 11-3-2004:14.34 11-3-2004:14.38

F is a set of directed arrows called flow relation such that F ⊆ (P X T) ⋃ (T X P). Figure 1 shows an example of petri net discovered from the event log L = [abh, ach, adefgh, adfegh] of table 1.

1st International Conference on Applied Information Technology 7-9 October, 2015 distribution that can be used to predict the membership or causal dependencies of a task in traces of an event log using the notion of degree of support, degree of confidence and Lift, i.e. let {degOfSupp, degOfConf, Lift } ∈ BN. (a) Degree of support: The degree of support denoted degOfSupp (A ∪ B) of an association rule A⇒B is the percentage of traces that contain all the items included in the association rule. ( )= ∪ = ;A∩B= (1) Where x is the number of traces containing all the items of A and B; n is the total number of traces of the event log and A and B are two independent tasks. (b) Degree of confidence: The confidence of an association rule A⇒B is a fraction that shows how frequently B occurs among all the cases containing A, i.e., the degree of support between task A and B is divided by total number of cases that contains A in the log. = (2)

Figure 1: Petri net discovered based on the event log L (Van der Aalst et al., 2005). Petri net is a tool for representing knowledge discovered from an event log in a graphical manner. A petri net represent an individual process model and the output from any process discovery technique. Definition 3 (Process discovery): Let L be an event log as defined in definition 1. A process discovery algorithm is a function f that relates any event log L onto a Petri net f (L) = (N, M). A petri net in this instance is a workflow net in the form of Figure 1 that is sound and that correspond to possible firing sequence of L. N and M represent soundness and possible firing sequence respectively. A sound workflow net N, in this context is a petri net consisting of a start place as the source and an end place as the sink as represented by the empty circle before event A and after event H in Figure 1. The possible firing sequence M, is a function of how the workflow net is able to replay all the traces recorded in L.

(c) Lift: The lift value of an association rule A⇒B is the ratio of the confidence of the rule to the support of B. = (3) A lift value greater than 1 indicates that A and B appear together more often than expected; a value less than 1 indicates that A and B appear together less often than expected; a value close to 1 indicates that A and B appear together almost as often as expected. These scoring functions will be used to preprocess the event log and the results of the preprocessing will represent only traces with high lifts based on the fuzzy logic defuzzification value before the application of our genetic process mining algorithm. Definition 6 (Fuzzy logic): Fuzzy logic is normally used to partially express the concept of false or true [0 or 1]. The addition of fuzziness to normal logic is to capture the intermediate values in the interval [0, 1]. The building blocks of fuzzy logic is the definition of membership functions, the degree of membership and the definition of fuzzy rules. In this paper, the membership function will be {degOfSupp, degOfConf, Lift}. The degree of membership will be {low, average, high, very_high} and the fuzzy rules for example, will be of the form: IF degOfSupp is high AND degOfConf is very_high THEN Lift is very_high. The purpose of fuzzy logic in this paper is to predict the minimum lift value that will help to select those preprocessed traces that will form the initial population for our genetic process mining algorithm. For this prediction, the triangular membership function will be used and the Fuzzification process for the degree of memberships {low, average, high, very_high} will use equation 4.

RESEARCH METHODOLOGY This section highlights the design procedures for the improved fitness value calculation of the genetic process mining using high lift traces of the given event log. For the purpose of the fitness value improvement, we define the following steps. Definition 4 (Association rule): Let A⇒B represent the association rule of event A and B. An A⇒B is the causal dependency relation between tasks in a trace with each association rule having a predecessor and a successor. The association rule A⇒B is an imply expression that translate as the prediction that B will always follow in a log trace given A. For example, the association rule of the first trace [abh] in log L = [abh, ach, adefgh, adfegh] of table 1 will be 0 -> A, A -> B, AB -> H. The association rule 0 -> A means that event A has no predecessor, A -> B means that the predecessor of event B is A and conversely the successor of event A is B, AB -> H means that event H will occur given that A and B has occurred in the given trace. The predecessor of event H in this case are A and B and conversely the successor of event A and B is H. Definition 5 (Bayesian network): Let BN represent Bayesian network of probability

The fuzzy inference method that will be used for this work is the Root Mean Square (RSS). The RSS formula is given by: =√ (5) √

125

(4)

1st International Conference on Applied Information Technology 7-9 October, 2015 R12 + R22 + R32 + …..+ Rn2 are values of different rules with the same conclusion in the fuzzy rule base. RSS will find the sum of all the resultants of the same firing rules and compute the centre of the aggregate area. The defuzzification method that will be used is centre of gravity (CoG). The CoG method will be adapted because of its simplicity and accuracy. The value from our defuzzification will be used to take decision on those complete traces that will be passed to the genetic process mining Algorithm. Definition 7 (Genetic process mining): The traces with minimum high lift value corresponding to the prediction of the fuzzy logic will enter into the genetic mining as initial population. The main idea of our proposed framework is that the original event log is preprocessed as defined in this section. Since the search space of genetic algorithm can lead to inefficiency in the fitness values calculation if very large, the framework will provide the genetic mining with only the search space that has high degree of fitness and those leading to efficient and fast fitness value calculation. Genetic process mining algorithm Genetic process mining is a mining technique that uses the concept of genetic algorithm. Genetic algorithm were first proposed by (Holland, 1975) and have been successfully applied to the fields of optimization, machine learning, neural network, fuzzy logic controllers, and so on (Alcala et al., 2007; Gautam et al., 2010). Naturally, petri nets are the individuals in a genetic process mining but because petri nets consists of addition of places in the workflow net it cannot be used (Van der Aalst et al., 2004). This is because the genetic mining only deals with the tasks alone for the evaluation of the genetic operators such as crossover and mutation. Hence, an internal representation called causal matrix is used for individual process model when dealing with genetic process mining. So, there is always a mapping from petri nets to causal matrix in genetic process mining. Causal matrix: A Causal Matrix is a tuple CM = (A, C, I, O), where  A is a finite set of activities,  C ⊆ A × A is the causality relation,  I ∈ A → P(P(A)) is the input condition function,  O ∈ A →P(P(A)) is the output condition function, Such that i. C = {(a1, a2) ∈ A × A\ a1∈⋃I(a2)}, ii. C = {(a1, a2) ∈ A × A\ a2∈⋃O(a1)}, iii. ∀aϵA ∀s, s᾽ϵI(a) s ∩ s᾽≠ ⇒ s = s᾽, iv. ∀aϵA ∀s, s᾽ϵ O(a) s ∩ s᾽≠ ⇒ s = s᾽, v. C ∪ {(a1, a2) ∈ A × A\ ao •C = ⋀ •C ai = } is a strongly connected workflow net. A causal matrix is an individual process model consisting of all the tasks A in the log, a function C that randomly generate the dependency of tasks in the individuals (i and ii) with input and output condition that satisfies the proceeding and succeeding tasks of the individuals. (iii and iv) means

that some tasks A may appear only once in the conjunction of disjunctions, e.g., {{A, B}, {A, C}} is not allowed because A appears twice. (v) do not allow the causal matrix to be partitioned in two independent parts. Table 2 shows the mapping of the petri net of Figure 1 onto causal matrix. Basically, when genetic algorithms are used to mine process models, there are three main steps: i. Define the internal representation. The internal representation which is the causal matrix define the search space of a genetic algorithm. Table 2: Causal matrix of individual (Van der Aalst et al., 2005). ACTIVITY INPUT OUTPUT A {} {{B, C, D}} B {{A}} {{H}} C {{A}} {{H}} D {{A}} {{E}} E {{D}} {{G}} F {} {{G}} G {{E}, {F}} {{H}} H {{C, B, G}} {} ii.

Fitness measure. This evaluate the quality of a process model in the search space against the event log. A genetic algorithm searches for individual process model whose fitness is maximal. The fitness measure of an individual process models that parse all the traces in the event log is normally indicated as 1. This particular step is a major determinant of how good the genetic mining would be and the main focus of this paper. According to van der Aalst et al., (2004) the exact fitness of an individual in a given log is given by equation 6. =

+

(6) Where numberOfActivitiesAtLog = number of activities in the log; numberOfTracsAtLog = number of log cases; allParsedActivities = sum of parsed activities for all traces; and allProperlycompletedLogTraces = number of log traces that were properly parsed. iii.

126

Genetic operators (crossover and Mutation). All points (individual process models) in the search space defined by the internal representation should be reached when the genetic algorithm runs. The pseudo-code of the basic Genetic Process Mining Algorithm is illustrated in Figure 2. The basic genetic process mining take as input the entire event log for the generation of the initial population and is faced with the problem of having to compare the fitness of an individual in the population with all other individuals in the population. This can cause the evaluation of a fitness value that is not good and may result into the selection of less fit individuals into the next population. We now present

1st International Conference on Applied Information Technology 7-9 October, 2015 our genetic process mining algorithm (algorithm 2) in the next section. Algorithm 2 takes in as input the high lift traces from the preprocessed event log using Bayesian scoring functions based on fuzzy logic prediction. These high lift traces represent a limited search space of reliable individuals for our genetic process mining algorithm. This approach make the discovery for a

good process model feasible based on the fitness value calculation. RESULTS AND DISCUSSION The structure of our proposed framework is as shown in Figure 3. The original log is preprocessed by first calculating the association rules of tasks in all traces, the scoring functions for these rules are then computed to determine the degree of support, degree of confidence and Lift. Input: HighLiftTraces Output: process model// fittest individual Process: 1. Begin 2. C ← Read HighLiftTraces 3. CP ← random (C) // randomly generate current population from C 4. Calculate individuals’ fitness from eq. 6 5. If any of the individual fitness value evaluate to 1 do 6. Stop and goto step 27 7. else do: 8. for i ← 0 to CP length 9. NP ← elitism rate x CP 10. Divide NP into two groups x and y // to improve the fitness value 11. for j ← 0 to x 12. for k ← 0 to y 13. P[j] ← tournamentSelection(x) 14. P[k] ← tournamentSelection(y) 15. r ← Random[0,1] 16. If r < crossover rate do 17. crossOver(p[j], p[k]) 18. else 19. P[j] ← offspring1 20. P[k] ← offspring2 21. return new population and goto step 4 22. end if 23. end for 24. end for 25. end for 26. end if 27. return fittest individual 28. end

Input: Event log Output: Fittest individual Process: 1. Begin 2. Generate random population n from the event log // causal matrices 3. Np ← m x n // copy elitism rate x population size of best individuals to the next population 4. While Np is not empty do // while there are individuals to be created 5. P1 ← tournamentSelection(Np) 6. P2 ← tournamentSelection(Np - P1) 7. Select a random number r ⱻ 0 ≥ r < 1 8. If r > p do // if r is less than the crossover rate 9. crossover(P1, P2) // generate two new offsprings 10. else return offspring 1 ← P1, offspring 2 ← P2 11. mutation(offspring1, offspring2) 12. k ← offspring1, offspring2 13. return k // return new population 14. End else 15. End if 16. End while 17. End Figure 2: Basic Genetic Process Mining Algorithm (Van der Aalst et al., 2004). Modified genetic process mining algorithm Algorithm 2: Modified Genetic Process Mining

and the results support the originality of our proposed framework. The set parameters used for this comparison are: Population size = 100, Initial population type = No duplicate, Maximum no of generation = 100, Elitism rate = 0.02, Fitness type = ExtraBehaviorPunishment, selection method = Tournament, crossover rate = 0.8 and mutation rate = 0.2.

A fuzzy logic prediction is then used to determine the minimum lift value for those traces that will be selected into our proposed genetic process-mining algorithm. This framework will improve the fitness value calculation of the genetic mining for the discovery of fittest individual process model. The aim of our proposed framework will be validated by a small demonstration in the ProM framework. This demonstration shows that a reduction in population to a fitter population generate high fitness values within good elapsed time. Table 3 shows fitness value comparison between a complete population and a reduced population of fit individuals. This demonstration was carried out with genetic algorithm plug- in inside ProM framework

Table 3: Fitness Comparison. Complete population Reduced population Fitness Elapsed time Fitness Elapsed time (ms) (ms) 0.41 6.4 0.52 7.2 0.76 13.4 0.58 15.7 0.81 21.8 0.85 23.6 0.81 28.7 0.86 31.7

127

1st International Conference on Applied Information Technology 7-9 October, 2015 0.82 0.83

37.0 45.7

0.87 0.87

time measured in micro-seconds and the visual shows that reduced population of better individuals perform better in terms of the fitness value calculation.

39.4 48.6

In order to have a visual representation of the fitness comparison in table 3, the Figure 4 shows a graphical view of the fitness improvement comparison between large population and reduced population of fit individuals. The fitness is plotted against the elapsed

Preprocessing

Original Log

Fuzzification

Inference System

Defuzzificati on

Sto p

Stop and return fittest individual

Calc. fitness

Initial pop.

Calc. dependency

Next pop. Figure 3: Structure for the proposed framework.

128

1st International Conference on Applied Information Technology 7-9 October, 2015

Fitness comparison

Fitness

Complete population

Reduced population

1 0.8 0.6 0.4 0.2 0 0

10

20

30

40

50

60

Elapsed time (ms)

Figure 4: Graphical representation of Fitness comparison. CONCLUSION This paper presented a framework for efficient fitness value calculation based on Bayesian scoring functions and fuzzy logic prediction. GA is an optimization algorithm, which perform global search by comparing each individual fitness value with all other individuals in the population. Hence, GA performs better with a reduced population of fitter individuals. In this paper, we try to get the traces with high degree of probability of better individual process model as the initial population for our improved genetic process mining algorithm. The demonstration in ProM framework supports our framework for an improved fitness value calculation. We can therefore conclude that, if this approach is applied to genetic mining, the fitness evaluation will be improved and with good elapsed time. We hope to implement this framework fully using Java programming language, mysql and ProM framework in the next article.

mining. Expert Systems with Applications, 41(2), 655-662. Li, A. H., Li, B. K., Liu, C. L., Yao, D. S. 2014. A multi-step process mining approach based on the markov transition matrix. In Proceedings of the International Conference on Software Engineering Research and Practice (SERP). The Steering Committee of The World Congress in Computer Science, Computer Engineering and Applied Computing (WorldComp). Van der Aalst, W. M., de Medeiros, A. A., Weijters, A. J. M. M. 2005. Genetic process mining. In Applications and theory of Petri nets. Springer Berlin Heidelberg, pp. 48-69. Van der Aalst, W. M. P. 2011. Process Mining: Discovery, Conformance and Enhancement of Business Processes. Springer-Verlag, Berlin. Van der Aalst, W. M. P., Song, M. 2004. Mining Social Network: Uncovering interaction patterns in business processes, International Conference on Business Process Management (BPM), Eds. J. Desel, B. Pernici and M. Weske, LNCS 3080:244-260, Springer-Verlag Berling Heidelberg. Van der Aalst, W. M. P., Verbeek, H. M. W 2013. Process Discovery and Conformance Checking Using Passages. BPM Center Report BPM, pp 12-21. Van Eck, M. L., Buijs, J. C. A. M., Van Dongen, B. F. 2014. Genetic Process Mining: AlignmentBased Process Model Mutation. In Business Process Management Workshops. Springer International Publishing. pp. 291-303. Vázquez-Barreiros, B., Mucientes, M., Lama, M. 2014. A genetic algorithm for process discovery guided by completeness, precision and simplicity. In Business Process Management, Springer International Publishing. pp. 118-133. Vishnu Raja P., Murali Bhaskaran.V. 2013. Improving the Performance of Genetic Algorithm by Reducing the Population Size, International Journal of Emerging Technology and Advanced Engineering, 3(8).

REFERENCE Alcalá, R., Gacto, M. J., Herrera, F., Alcalá-Fdez, J. 2007. A multi-objective genetic algorithm for tuning and rule selection to obtain accurate and compact linguistic fuzzy rule-based systems. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems, 15(05), 539-557. Dumas, M., W. M. P. van der Aalst, A. H. ter Hofstede editors 2005. Process-Aware Information Systems: Bridging People and Software through Process Technology. Wiley-Interscience, Hoboken, NJ. Gautam, S. K., and Goyal, N. 2010. Improved particle swarm optimization based load frequency control in a single area power system. In India Conference (INDICON), Annual IEEE. pp. 1-4. Holland, J. H. 1975. Adaptation in natural and artificial systems. Ann Arbor, MI: University of Michigan Press. Hong, T. P., Lee, Y. C., and Wu, M. T. 2014. An effective parallel approach for genetic-fuzzy data

129

1st International Conference on Applied Information Technology 7-9 October, 2015

AN ARCHITECTURAL MODEL FOR RECOMMENDATION-BASED TRACE CLUSTERING APPROACH IN PROCESS-AWARE INFORMATION SYSTEMS D. T. Fasinu, O. Folorunso, O. A. Ojesanmi and O. M. Olayiwola Department of Computer Science, Federal University of Agriculture, Abeokuta. [email protected], [email protected], [email protected] and [email protected] Abstract: Process discovery is the learning task that bring about the construction of process models from event logs of information systems. Characteristically, the event logs are records of large data sets that contain the process executions of the sequence of activities has taken place at a definite moment in time. The most difficult challenge for process discovery algorithms is that this technique generate sphaghetti-like and inaccurate models from highly flexible environments. Event logs from this type of environments frequently have a large variability of process executions which makes process mining application very interesting. Nevertheless, the inaccuracy and complexity of existing process discovery techniques often yield highly incomprehensible process models. To tackle this problem, a very interesting approach - trace clustering has been applied because it helps in facilitating the knowledge discovery process by splitting up of an existing event log. In this paper, a recommendation-based approach to trace clustering technique is proposed and it expressively differs from previous approaches. By employing a machine learning approach, the k-closest objects will be got and then, the recommendation algorithm will rate the event logs based on the similarity metrics then recommend it for clustering after the scoping of the event log. Scoping here is used to reduce the size of the process models to be produced. Keywords: Process mining, trace clustering, recommendation algorithm, event logs, and trace clustering. INTRODUCTION Dumas et al., (2005) defines Process-Aware Information System (PAIS): “a software system that manages and executes operational processes involving people, applications, and/or information sources on the basis of process models”. The main responsibilities of an organization are the operational processes and it determines to a great degree how they are able to compete with their counterparts in the face of a dynamic business environment. A process-aware information system support business operations and provides monitoring capability to business processes. However, process mining is concerned with the extraction of knowledge about business processes from information systems logs (van der Aalst, 2011). The basic idea is to extract knowledge from event logs recorded by an information system. In particular, process mining techniques are highly suitable in flexible environments such as healthcare, customer relationship management (CRM), product development and so on (G ̈ nther, 2009). Accordingly, process mining proves to be valuable by discovering the actual process at hand (De Weerdt et al., 2013). The starting point of analysis is event log, which is fundamentally a set of process executions capturing the different business activities that were performed in the context of a certain case (De Weerdt et al., 2013). However, typical event logs will contain much more information, for instance organizational information concerning the performers of the different activities (Song and van der Aalst 2008). A trace is referred to as the sequence of events within a case (a row in a log file) (Song et al., 2008). Process discovery, which is the vital part of process mining, is the learning task that is responsible for the reconstruction of process models from event logs.

According to De Weerdt et al., 2013, process discovery is a largely unsupervised learning task in nature because event logs rarely contain negative events to record that a particular activity could not have taken place. Regardless of the proven usefulness in flexible environments, it has been shown that process discovery is most challenging in this context because of the difficulties encountered to render accurate and interpretable process models out of event logs stemming such environments. This is as a result of high variability in the behaviour of the captured logs. Consequently, different techniques have been proposed to tackle this issue e.g. event log filtering, event log transformation(Bose and van der Aalst, 2009) and tailor-made discovery techniques such as Fuzzy Mining (G ̈ nther and van der Aalst, 2007), trace clustering can be taken as an adaptable solution for reducing the complexity of the models produced. Multiple process models can be relied on to represent the variety in the behaviour of a certain event log by the separation of the execution traces into different groups, which is the purpose of clustering process executions as shown in Figure. 1 below. Dividing traces into diverse groups helps in improving the accuracy and comprehensibility of process models when process discovery techniques are applied on subsets of behaviour.

130

1st International Conference on Applied Information Technology 7-9 October, 2015 currently available trace clustering algorithms suffer from a severe divergence between the clustering bias and the evaluation bias. This problem was resolved with an active learning inspired approach that centered on optimizing the combined process model accuracy. ActiTraC, without optimization of its parameters, significantly improved the accuracy and complexity of the process models underlying the discovered trace clusters as compared to existing trace clustering techniques. Ribeiro et al., (2014) described a recommender system for process discovery using portfolio-based algorithm selection techniques. They incorporated machine learning and information retrieval techniques for recommending process discovery algorithms. The approach being general allows for the easy incorporation of new techniques, measurements and log features.

Figure. 1. Illustration of the purpose of trace clustering in process mining (De Weerdt et al., 2013). In this paper, existing knowledge is being built on for the clustering event log traces in order to reduce the complexity of the process discovery learning task by the removal of unwanted logs and recommending accurate logs. Therefore, a novel approach is proposed that aims to improve available techniques in use by directly improving the accuracy of the cluster’s core process models. Thereby, bridging the gap between clustering and evaluation bias. Different approaches to trace clustering have been proposed. Many techniques apply a kind of translation to the learning problem so as to make use of the existing distance-based clustering algorithms. For instance, by converting an event log into a vector space model, a distance metric can be defined between each couple of traces. However, there exist techniques that define the distance between two traces without the translation to an attribute value context. Furthermore, model-based clustering techniques were shown to be applicable for trace clustering as well. Daniela and Marcos (2012) proposed an approach that combined the sequence of activities to group the traces in different clusters in addition with starting time of each process instance. The clusters formed shared both a structural similarity and a temporal proximity. The incorporation of the time dimension to the Trace Clustering technique, showed positive results when the different versions of the process are similar in the control-flow perspective. The approach is relevant because the real-life business processes are dynamic in time, and over a long period of time may have different versions. Rafael & Thomas (2012) proposed a trace clustering approach to support process discovery of configurable, evolving process models. Their clustering approach was interactive and consisted of two phases. The first phase determined the cluster cuts for every observed activity pair and the second phase merged these individual results by counting the number of activity pairs at time point that would cut the log at that position. De Weerdt et al., (2013) proposed a new approach to trace clustering. The technique, called ActiTraC, has its foundations in the observation that

METHOD Algebraic model of event logs A log generated by PAISs comprises of process instances, referred to as traces in this work. It represents the order in which activities are executed with all information recorded for every event. Thus, a trace [a b c d e] indicates that activity a finished before activity b, and that activity b finished before activity c, and so on. The log data can be in the form of audit trails, transaction logs, and data warehouses, depending on application domain the PAIS is supporting. In the context of this study, the event log of PAIS is defined as a 3-turple model P = {T, L, LS}. Model P is a finite set which contains elements which are themselves set. The formal definition of the model is explained as thus: Definition 1: Trace, T Given a set A of activities, a trace represents a sequence of activities such that trace t A* where A* is a power set of A. That is, assuming that A is an alphabet, and A∗ denotes all possible words over A, then t is a word based on this alphabet. Definition 2: Log, L Given T = {t | t A∗} to be a set of all traces defined over A and T’ ⊆ T. Log L is a set or multi-set defined over traces T’. Where L = {(t, n) | t T′ ∧ n IN}. Where is the multiplicity of trace t in log L. Hence, the size of a log L is the number of trace instances in it. Such that , Size (L) = ∑ n. Definition 3: Scoped Log Given a Log L as defined in Definition 2, and a set AS of scoped activities such that AS ⊆ A. Then, a scoped log LS is a set of traces t based on scoped activities AS such that: LS = {filter(t, AS) | t L ∧ complete(t)}; where scope(t, AS) removes all activities in t that are not in AS . Figure 2 is the architecture of the proposed model and is divided into three modules: Pre-processing Module, Clustering Module and Recommendation Module.

131

1st International Conference on Applied Information Technology 7-9 October, 2015

Figure. 2: Recommendation-based trace (RTC) clustering proposed architecture Given an event log LS’ ( ) and a set of event log LS ( ) which is the training set, the objective is to compute the average similarity between LS’ and the k closest event log. Averagesim = ∑ LS’, ) (2) th where represents the i nearest neighbour as determined by the Ball tree search algorithm, k represents the number of the nearest neighbour, sim(LS’, ) is the Jaccard similarity coefficient.

Pre-processing Module The first step of the proposed system’s approach is concerned with keeping (or removing) some activities from the original log that are (not) appropriate and important for analysis based on the decision of domain analyst. The first step is called scoping because it represents the moment when the domain analyst defines what is important to consider in the analyses. It is clear that unwanted input can affect the output of a Recommender System.

Algorithm: Clustering algorithm CS = Set of clusters in dendrogram USC = Clusters not in the dendrogram USCM = Most similar USC L = Level in dendrogram t’ = Set of recommended logs Input: Training set: T{ t1, t2,…tn}, Test set {t’}, threshold k, Output: Dendrogram i.e. a set of clusters, Cs Begin 1:SimNeighbours [similarities] = construct_balltree 2: Averagek = Averagesim 3: if Averagek < threshold 4: t’ = Low recommendation 5: else 6: t’ = Top-N 7: let USC = N // Convert all logs to cluster 8: L=0, //first level is 0 Cs=USC[0], // cluster in USC is assigned to CS CS=null //set of clusters is empty 9: while(USC!=empty){ USCM=SIM (CS, USCI) CS=cluster (CS, USCM, L) CS=CS+CS L=L+1; USC=USC - USCM } 10: Output CS

Recommendation Module The recommendation module is the heart of the processing that reduces computational complexity. This algorithm recommends the traces to be clustered based on some metrics. In the Recommendation module, a training set from the filtered log is created. Then, k-NN is used to get the k-closest objects and similarity values. It returns average similarity score as the result. Ball tree as the data structure will be used to minimize search time required by the k-NN in getting the similarity index of the two nearest neighbours. Jaccard index will be used to measure the rate of similarity based on the number of intersecting activities in this case. It returns similarity between two logs i.e. the Test instance and each visited Training log (Tr). The Recommendation algorithm takes the average similarity score as input and compares it to the threshold. Thereafter, any log that the average similarity score that is below the threshold is rated low and taken as noise and clustered in noise clustering while those rated Top-N is clustered in top-N rated log and is clustered in the trace clustering. Jaccard = Where A and B are two different logs. A = Test log B = ith training set

132

1st International Conference on Applied Information Technology 7-9 October, 2015 G ̈ nther, C.W. and van der Aalst, W.M.P. 2007. Fuzzy Mining - Adaptive Process Simplification Based on Multi-Perspective Metrics. In: Fifth Int’l Conf. Business Process Management (BPM), Pp 328-343. Rafael, A. and Thomas, S. 2012. Discovering Workflow Changes with Time-Based Trace Clustering. SIMPDA, IFIP, LNBIP 116, pp. 154– 168. Ribeiro J., Carmona J., Misir M., and Sebag M. 2014. A Recommender System for Process Discovery. Business Process Management, Springer, 8659:67-83. Song, M. and van der Aalst, W.M.P. 2008. Towards Comprehensive Support for Organizational Mining. Decision Support Systems. 46(1):300-317. Song, M., G ̈ nther C., and van der Aalst, W.M.P. 2008. Trace Clustering in Process Mining. Business Process Management 17:109-120. Van der Aalst, W.M.P. 2011. Process Mining Discovery, Conformance and Enhancement of Business Processes. Springer.

Clustering Module A set of recommended logs are converted to clusters in step 7. While USC is not empty, the systems repeatedly iterates through the set of clusters formed in the dendrogram and assigns the most similar cluster in the USC to the present cluster which is CS in the dendrogram. After this, the level is incremented (step 9). The final output which is the dendrogram is Cs. CONCLUSION In this paper, a new approach to trace clustering is proposed. One possible technique to resolve the problem in trace clustering that currently available process discovery algorithms are unable to discover accurate and comprehensible process models out of event logs stemming from highly flexible environments. This technique has its foundations in the observation that currently available trace clustering algorithms does not seek to reduce the size of the process models. This problem is resolved with the introduction of the removal of unwanted activities called scoping and also the introduction of a recommendation algorithm that recommends the logs to be clustered based on the defined threshold, thereby, optimizing the combined process model accuracy. In further work, we will implement the proposed system. REFERENCES Bose, R. P. J. C. and van der Aalst, W.M.P. 2009. Trace Clustering Based on Conserved Patterns: Towards Achieving Better Process Models,” Proc. Int’l Business Process Management Workshops, pp. 170-181. Bose, R.P. Jagadeesh Chandra and van der Aalst, W.M.P. 2009. Abstractions in Process Mining: A Taxonomy of Patterns. In: Seventh Int’l Conf. Business Process Management (BPM), Pp 159-175 Daniela L., and Marcos S. 2012. Applying Clustering in Process Mining to Find Different Versions of a Business Process That Changes over Time. Business Process Management Workshops, 99:153–158. De Weerdt, J., Broucke, S., Vanthienen, J. and Baesen, B. 2013. Active Trace Clustering for Improved Process Discovery. IEEE Transactions on Knowledge and Data Engineering 25(12):2708-2720. Dumas M., van der Aalst W., and ter Hofstede A. 2005. Process-Aware Information Systems: Bridging People and Software through Process Technology. Wiley, ISBN 13 978-0-471-66306-5. Ferreira, D.R., Zacarias, M., Malheiros, M. and Ferreira, P. 2007. Approaching Process Mining with Sequence Clustering: Experiments and Findings,” Proc. Fifth Int’l Conf. Business Process Management (BPM), pp. 360-374. G ̈ nther, C.W. 2009. Process Mining in Flexible Environments. PhD dissertation, TU Eindhoven

133

1st International Conference on Applied Information Technology 7-9 October, 2015

AN E-VOTING AUTHENTICATION SCHEME USING LUHN’S ALGORITHM AND ASSOCIATION RULE M. Hammed, F. T. Ibharalu and O. Folorunso Department of Computer Science, Federal Polytechnic Ilaro, Nigeria. Department of Computer Science, Federal University of Agriculture Abeokuta, Nigeria. [email protected], [email protected], [email protected] Abstract: The traditional voting system involves many flaws: inconveniences, time consuming delays and risks. All these threats brought about the existence of e-voting system. However, with increasing use of the internet causes, many e-crimes committed daily and this has led to challenges in the e-voting system. There are a number of researches on security issue on e-voting system, but most of these efforts did not take authentication into cognizance, whereas authentication is the most important phase that could determine the faith of the whole electoral process. This work proposed a secured authentication system for e-voting. The secured authentication system provides security efficiency through the luhn’s algorithm augmented with association rule mining algorithm. The ideal of Luhn’s algorithm is to detect errors in the identification number entered by the voters; this forms part of criteria to determine the activation and deactivation of voters. The ideal of using association rule mining algorithm is to uncovering the relationship between the identification number and voter’s information already stored in the database. We also proposed a multi-server queue model to take care of performance problem in the case many voters intend to cast their votes at the same time. This proposed system efficiently secure authentication phase of evoting system. Keywords: E-voting System Luhn’s algorithm. Association Rule Mining Algorithm, Multi-server Queue System. accuracy, and lower risk of human and mechanical errors, it offers improved accessibility for the people with disabilities, and it provides multiple-language support for the ballots. Electronic voting will increase voter convenience and voter confidence in the accuracy of election results (Shubhangi et al., 2013). Voting systems are in two forms as it shown in figure 1 below, offline voting system (i.e. voter uses ballot paper to cast his vote) and internet voting system (i.e. voter uses internet to cast his vote).

INTRODUCTION Free and fair elections and voting are the essential ingredients for a democratic nation. Elections allow the populace to choose their representatives, express their preferences for how they will be governed. Thus, the integrity and accuracy of election process is fundamental to the integrity of the democracy itself. Today, many new technological innovations are changing the way we do things; such innovations include e-government, e-commerce, and e-voting etc. (Ciprian 2008). Despite the fact that traditional voting system involves a systematic process or procedure, frauds are still possible and the processes are cumbersome with inconveniences to the stakeholders, especially during the authentication phase, where long queues generated often lead to violent protest, loss of lives and destruction of public and private properties. It is therefore, imperative to evolve a reliable and generally acceptable electioneering mechanism that will boost the confidence of voters guarantee the legitimacy and wide acceptability of election results (Jegede et al., 2012). E-voting system is a system that allows the eligible voters to cast their votes via a computer normally connected to internet or intranet from anywhere like home or office. In contrary to the traditional way of voting, electronic voting is essential because it considers ways in which the polling task can be performed electronically without sacrificing voter privacy or introducing opportunities for fraud (Ajiboye et.al, 2013).

Voting system

Traditional (Use of ballot paper) internet) Figure 1: Types of voting system

Online (Use

of

The e-voting system has so many advantages over the traditional voting system: the electronic voting machine is intended both to reduce errors and to speed the authenticating, voting and counting processes. In e-voting system, either web-based or machine-based should meet the certain criteria or requirements such as eligibility and authentication, uniqueness, accuracy, integrity, verse, viability, reliability, secrecy, flexibility, convenience, transparency and cost effectiveness. Among these, Authentication can be viewed as the most artificial

Electronic voting has many advantages over the traditional way of voting. Some of these advantages are lesser cost, faster tabulation of results, greater

134

1st International Conference on Applied Information Technology 7-9 October, 2015 issue. As online voting is risky, it is difficult to come up with a system, which is perfect in all senses (Linu and Anilkumar, 2012).Unfortunately, machine-based e-voting system is liable to the process of modification, which could lead to changes in the properties of Electronic Voting Machine (EVM) or total replacement of biometric template or card reader. Least significant bit insertion is a common approach to embed information in a cover file (Sutaone and Khandare, 2008). An attacker could attacks machinebased e-voting system by inserting the information that will change the election records and the results. (Ciprian, 2008) talked about conventional security measures such as firewalls or SSL communications for machine-based e-voting system. He further said mechanisms that form the structure of security are: Personal identification numbers or passwords; Encryption; Digital signature; Smart cards biometric identifiers. Attacks on the templates of biometric machine in machine-based e-voting system can come from two directions (i) A third part could replace a member of biometric templates against other templates which would allow them manipulate the results of the vote. (ii) Even if the risk of the above attack is seen as neglectable, there is one attacker that has a much more direct access to the biometric templates: the electoral authority. No matter what methods are used to realize dynamic property of password for each authentication, the core is to ensure the randomness of factors added into the authentication. Many current OTP applications use mathematic methods like Hash function for dynamic passwords but still will suffer potential attacked risks Using static passwords for authentication, as it is commonly done, has quite a few security drawbacks: passwords can be guessed, forgotten, written down and stolen, eavesdropped or deliberately being told to other people. A better, more secure way of authentication is the so-called "two-factor" or "strong authentication" based on one time passwords, instead of authenticating with a simple password (Do van et al., 2009). But, for the proposed e-voting system, a unique Personal Identification Numbers (PIN) or password will be given to individual voters. The election identification number is a “long number” which identifies the voters in specific election. Unique Personal Identification Number (PIN) allows voters an access to e-voting server, to be able to cast their votes and anybody with wrong PIN will not be authorized to cast his votes. In this work, we proposed a strong algorithm that detects errors in voter‟s identification number and the algorithm that compares the voter‟s PIN and voter‟s information already stored in the database during the registration to see whether they match each other before the system could activate or deactivate the voter. This

process will determine the legitimate voters and illegitimate voters. RELATED WORK Many researchers have proposed a number of techniques as a security mechanism for authentication system. Linu and Anilkumar (2012), proposed an authentication scheme for online voting using steganography and biometrics. In this scheme, each individual voter is provided with voter Identification Number or PIN (Personal Identification Number). This is needed for maintenance of voter accounts in the database. Secondly, we need facial images and fingerprints of all the individuals. Thirdly, during the account creation every individual will be provided with a system generated Secret key which he/she should not disclose to anybody. This will be needed to cast the vote. Voter can cast vote after login, which is done after authenticating the voter‟s facial image, fingerprint, PIN number and secret key. The stegoimage database is made by embedding secret key and PIN. Voter‟s fingerprints and facial images are also stored in the database. This system greatly reduces the risks, as the hackers have to find the secret key, pin number, fingerprint and facial image, which makes the election procedures to be secure against a variety of fraudulent behaviour. One of the shortcomings of this steganography is Fridrich‟s set steg analysis that has a very large feature to achieve stego-image. Another shortcoming is the attacker (e.g. the state in political elections) who has much more direct access to the biometric template may replace a number of biometric templates against other templates, which would allow them to manipulate the results of the vote. According to Kekre and Bharadi (2009), a biometric authentication is the advanced form of authentication. A biometric authentication is nothing but it scans the user‟s characteristics such as finger print and eye retina and stores in the form of a string. When the user tries to authenticate it matches with the stored data and then gives access when a commonality is achieved and when the user has gained access he can enter the password to view the required information. The drawbacks of this approach are: - Biometric authentication is convenient only for limited applications, since the system becomes very slow for a large number of users. - Finger prints can be taken on a small tape and can be provided for the hardware - Additional hardware is required to detect the fingerprints and eye retinas (Harish and Karthik,2010). Harish and Karthik (2010), describes how effectively we can achieve the strong authentication using mobile phone without the need to carry the extra hardware for the one time password. Although, this system is robust and secured, but the scheme did not consider the performance problem that may occur since everybody has an access to the mobile phone.

135

1st International Conference on Applied Information Technology 7-9 October, 2015 Even though fewer than eighteen children will also terrorise the e-voting server with his/her mobile phone, which can cause congestion on server. There is also a wide range of different security mechanism for e-voting systems. Most of these works did not cover the problem of securing the performance process, for example, Aneta and Zbigniew (2006) proposed An efficient e-voting system with distributed trust, the scheme is an example of the mix-net model where the trusted party randomly distributed messages to users so that any eavesdropper is unable to trace the sender or recipient of a given message. One of the shortcomings of the scheme is performance problem that may occur when many voters want to authenticate and cast their vote at the same time. The proposed framework for authentication system, provides secured authentication process with Luhn‟s algorithm and associative rule mining algorithm as well as efficiency performance of server with multi server queuing model .The Luhn‟s algorithm and associative has been used in many ways to detect fraud in credit card e.g. Mahesh et al. (2015). So also multi server queuing model has been used to model the arrival and the departure of customer/or voter in a system in order to tackle performance issues e.g. Mohammed and Mohammed (2013).

Voter

Evoting server Figure 3: Stages in Identification number Generating Process. We adopted a programming language that is linearly congruent, i.e. a language with a random number generating function that has these three properties suitable for e-voting: it generates evenly distributed numbers, the values are unpredictable, and it has a long and complete cycle. In other words, this programming language should be capable of generating large number of different values and all of the values in the cycle that can be generated are appropriate for computing identification number or password for this particular work. Figure 3 depicts this identification number and password process. Every voter is provided with an identification number and a password. This is needed to maintain voter‟s information in the database.

METHODOLOGY The authentication voting system using Luhn‟s algorithm augmented with Associative Rule Mining algorithm is to prevent hackers and unauthorized voters to login into the voting server, but authenticate all legitimate voters to cast their vote. The voting system consists of three phases and three parties. The phases are registration phase, vote casting phase and counting and tallying phase. The parties are voter, the server that will authenticate the voters and authority that would count and tallying the vote.

Vote Casting Phase This is a critical phase, where authentication will take place. In election process, voter login with generated identification number obtained from evoting server. The server performs adapted Luhn‟s algorithm as it shown in figure 4 below to verify whether the voter‟s number is authentic before decision could be made whether to activate or deactivate a particular voter.

Registration Phase In the registration phase the voter login to obtain Personal Identification Number (PIN) from the evoting server as it is shown in figure 2,the voter provides his/her detail information, the server store the voter‟s information, generates and send a random number to the voter.

Voter

Login with name, address, age, sex, occupation

Generate identification no or password

Name, address, age, sex, occupation, phone number

Formula (Mod 10) Algorithm Step 1: Starting with the second to the last digit and moving to the left, double the value of all alternating digits. If the product obtained from this step is greater than 9, then subtract 9 from the product. Step 2: Add the digits of the products together with the digits from the original number. Exclude the check digit. 3. Step 3: Divide the sum by 10 and check on whether the remainder is 0. If so, then that is the check digit. However, if the number is not equal to 0, then subtract the remainder from 10. The Figure 4: Luhn‟s algorithm (Khalid et al., 2013)

E-voting server

Random ID number

Figure 2: Identification number generating process.

136

1st International Conference on Applied Information Technology 7-9 October, 2015 Adapted Luhn‟s algorithm in figure 3 is demonstrated using an example below. In the example, we want to validate the voter‟s PIN number 5342135411422512, for election. Voter‟s PIN digits

5

Voter‟s PIN digits Doubled Result

10 1

3

4

2

8 8

Step 1: Starting with the second to the last digit and moving left, double the value of all alternating digits. If product of this doubling operation is greater than 9, then subtract 9 from the product, as it is previously described above (Figure 3). 1 2 2

Table 1: First Step of Luhn‟s Algorithm Step 2: Add the digits of the products together with the digits from the original number. Exclude the check digit (digits in brackets are the products from Step 1). (2) + 5 + (4) + 2 + (8) + 1 + (2) + 4 + (1) + 3 + (2) + 2 + (8) + 3 + (1) = 48 Step 3: Divide the sum by 10 and verify whether the remainder is equal to 0. If the remainder is 0, then that is the check digit. If the number is not equal to 0, then subtract the remainder from 10. The resultant number is the check digit. 48 mod 10 = 8 10 – 8 = 2 Result (2) matches the check digit (2), which shows that the voter‟s PIN number is valid. Thereafter the administrator on the e-voting server subsequently validates the voters: compare ID number of each voter to the voter‟s information stored in the database using associative mining rule. The ideal of associative rule is to determine the relationship between the voter‟s PIN and information stored in the database since it is an IF/THEN statement. In this work, association rules was develop for mining voters information from the database: If X as a voter‟s PIN and Y as a voter‟s information, X and Y are conjunctions of attribute value-pairs, and s (for support) is the probability that X and Y appear together in a database and c (for confidence) is the conditional probability that X appears in a database when Y is present. The association rule X→Y is interpreted as data set that satisfies the conditions in X and also likely to satisfy the conditions in Y. This indicates that if voter should be authorized X (PIN) must satisfies Y (Voter‟s information) i.e. IF X satisfies Y THEN Authorize the voter ELSE Unauthorized the voter END IF END The flowchart in figure 4 depicts the entire operation involved in the detection of correct and incorrect PINs in the e-voting system, which determines voter‟s activation or deactivation. The performance problems may occur when the evoting server needs to authenticate many users who are login in to generate id number, generate ballot or to cast their vote and check the election result at the same time, delays could be guaranteed and it may be risky.

3 5 10 1

4 1 1 4 2 2 2

8 8

2 4 4

5

1

2

2 2

The remote internet voting systems need to have a quick response time. If voters become frustrated with request processing time, they will abandon the system, perhaps before they had a chance to vote. It is important to know where potential bottlenecks may reside whether with the servers, network, or applications and to be able to handle peak traffic loads without having to over-allocate resources, which can be costly and inefficient (Mohammed and Mohammed, 2013). In this scheme, Queuing Modelling System was used to sensibly select number of voters per server to minimize the risk, delay and improve server‟s performance in the system. The queuing modelling system in this research work was implemented based on an adapted queue discipline and service mechanism used by Sharma (2009). (1) Arrivals are described by Poisson probability distribution and come from an infinite population. (2) Single waiting line and each arrival waits to be served regardless of the length of the queue (i.e. infinite capacity) and that there is no balking or reneging. (3) Queue discipline is „first-come, first-served‟. (4) Single voter‟s server and service times follow exponential distribution. (5) Voters‟ arrival is independent but the arrival rate (average number of arrivals) does not change overtime. (6) The average service rate is more than the average arrival rate. Multi-Server Queuing Models In our scheme, this queuing system, the arrivals follow a Poisson Probability distribution at an average rate of λ voters per unit of time. They are also served on a first-come, first-served basis by any of the servers. The service times are distributed exponentially with an average of voters unit of time. When there are n-voters in the queuing system at any point in time, then the following two cases arise: i. If n threshold value (TI_threshold/CDP_threshold) 20. Apply DCA to search for appropriate channel 21. IF channel is available 22. Assign dynamic channel 23. N_calls = N_calls +1 24. ELSE 25. Block call 26. NC_rej = NC_rej +1 27. ELSE 28. IF fixed channel is available 29. Assign fixed channel 30. N_calls = N_calls +1

Figure 1: Proposed Algorithm for Handover Management.

CONCLUSION This work proposes a new handover management algorithm that is an improvement on existing works by using multiple parameters (call

158

1st International Conference on Applied Information Technology 7-9 October, 2015

AN ACTIVE RESOURCE ALLOCATION MODEL FOR MULTIMEDIA CLOUD O. E. Ojo1, A. O. Oluwatope2 and M. A. Oyegunle3 1,3

Department of Computer Science, Federal University of Agriculture, Abeokuta, Nigeria. Department of Computer Science and Engineering, Obafemi Awolowo University, Ile-Ife, Nigeria.

2

1

[email protected], [email protected], [email protected]

Abstract: Cloud Computing has emerged as a prominent attribute in today’s network. Several applications deployed on the Internet are now embedded within cloud platforms which makes its more popular and suitable for various services and organizations. Multimedia cloud (MC) is an aspect of cloud computing that allow users to use multimedia services effectively within cloud computing environments. Ensuring quality of service (QoS) in multimedia cloud computing is essential. Low bandwidth, high packet delay, service response time and cost of cloud resources are Qos factors militating against the wide deployment of cloud computing. Research has shown that service response time is an important QoS factor in MC due to the delay-sensitive characteristics of multimedia applications. This paper presents an active resource allocating model (ARAM) suitable for distributing multimedia applications in the cloud effectively. The model employs round-robin scheduling technique with the aim to achieve better QoS and the model was tested within the CloudSim simulation environment. From the simulated results , it was observed that ARAM achieved better response time at ≥ 150ms. keywords: Cloud computing, Multimedia applications, Multimedia cloud and Cloudsim. the cloud, therefore require consistent support from the cloud. Multimedia cloud is an aspect of cloud

INTRODUCTION Cloud computing is a fast growing technology targeted at rendering various computing and storage services over the internet. The main components of cloud computing are infrastructure, platform and software as services. Cloud service providers rent data center hardware and software to provide storage and computing services through the internet. With cloud computing, Internet users can receive services from a cloud as if they were deploying a super computer and can easily store data in the cloud instead of on their own devices, hereby making farflung data access possible (Ramesh et al., 2013). Cloud computing has become a very promising area in computing for both consumers and researchers applicable in various fields of endeavor, such as science, engineering and business (Lee and Zomaya, 2012). The cloud on its own is a large pool of easily and accessible virtualized resources (such as hardware, development platforms and services). These resources can be dynamically reconfigured to adjust to a variable load and provide optimum resource utilization. This pool of resources is typically exploited by a pay-per-use model in which guarantees are offered by the infrastructure provider by means of customized service-level agreements (Qaisar and Khawaja, 2012). Basically, the Internet was originally designed for simple data types like text where reliability is of much importance than quality. However, with the introduction of multimedia applications like video conferencing, real-time video, telemedicine etc., quality of service must be guaranteed (Berliner et al., 2005). Recently, increased numbers of applications were migrated to the cloud, thereby making cloudbased applications to gain popularity (Wang and Dey, 2013). Research has shown that multimedia applications occupy huge space on the Internet and

computing that integrates the concept of cloud computing in handling multimedia applications and services effectively and efficiently Tan et al., 2011; Hui et al., 2012). Processing multimedia content such as video, audio, image requires complex hardware or software and intensive power requirements. Media applications such as streaming from the cloud will act as an alternative for progressive downloads where the user needs to maintain or store the media content and the cloud helps in maintaining the purchased data (Kesavan et al., 2012). The major challenge with cloud based multimedia services is Quality of Service (QoS) provisioning Therefore, resources within the cloud should be managed more efficiently for better QoS (Vani et al, 2014). The key parameters in QoS are bandwidth, jitter, delay, response time and resource cost. Due to the delay-sensitive characteristic of multimedia, the response time is taken as an important QoS factor in multimedia cloud. The response time in relation to cloud computing is the duration from the time when a request arrives at a data center to the time when the requested application has been completely served (Nan et al , 2013). Although, researchers had attempted to improve the quality of service rendered in the cloud for the past few years, but due to the low QoS nature of the cloud environment, delivering high QoS in multimedia cloud computing is highly demanding. This paper focuses on quality of service provisioning for multimedia services within cloud computing environments using response time as the main factor. The rest of this paper is organized as follows. Section 2 presents background study on multimedia cloud, the proposed active resource allocating model is

159

1st International Conference on Applied Information Technology 7-9 October, 2015 described in section 3. Finally, discussion and conclusion are presented in section 4.

platform (Hossain et al, 2012). MC maintains the media content and presents it to the users with the help of media signaling protocols. For example the Media content from the cloud can be streamed to dummy clients residing in car players/ smart phones. This involves streaming of media content, synchronizing them and rendering the content. Almost all the processing is done over the cloud. With the clouds, it might be possible for the users to share playlists, ratings to the multiple users in the cloud community. (Shamily and Durga, 2012). Just like the social networking, the users of the cloud can interact with one another, share content without redundant purchases and do lots more. The media cloud with the aid of available streaming protocols will stream the media content to the dummy clients. Restrictions can be imposed on streaming the specified authenticated contents using more proprietary protocols. This will enable the private cloud to stream content in a controlled environment without the risk of data compromise. Streaming of media content from the cloud involves buffering of data, decoding, rendering, mixing and rating them over the standard set of application programing interfaces (APIs) that the application provides. The cloud takes care of the packetizing and profiling based on the streaming protocols (Broberg et al., 2009). Media cloud provides a cost-effective and powerful solution for the coming tide of the media consumption. The integration of cloud computing and media processing is called media cloud. The emergence of media cloud not only has great impact on the related research and technologies such as the architecture of the cloud computing platform, media processing, storing, delivering, and sharing, but also has a profound impact on the commercial model, industry strategy, and even the society. A Media cloud architecture consists of five components, cloud administrative services, ingest services which accept media input from a wide range of sources, streaming services, video services, storage subsystems for content cache and movement, storage, and asset management. (Tan et al., 2011). In recent years, the multimedia streaming technology becomes increasingly mature, and as network bandwidth and computing power of personal handheld devices are developed; therefore, the need for multimedia quality increased (Cho and Lai, 2014) Delivering media content to cloud users within the required time frame without trading visual quality is very important. Therefore, ensuring high quality of service (QoS) is essential in the media cloud where users are able to stream with minimal delay, lower packet loss ratio , greater throughput and response time. In the last few years, an attempt has been made to improve quality of service in a cloud computing environment, a generic framework to facilitate a unified design and development process for software components that deliver life cycle support for different QoS requirements within a cloud

BACKGROUND TO MULTIMEDIA CLOUD Cloud computing is the use of computing resources that are delivered as a service over a network, typically the Internet (Zhu et al., 2011). The name emanates from the use of a cloud-shaped symbol as an abstraction for the complex infrastructure. Cloud computing entrusts remote services with a user's data, software and computation. Cloud computing was developed from distributed computing and grid computing techniques. Cloud computing is a way to enhance and extend Information Technology capabilities dynamically without investing in new infrastructure, training new personnel, or licensing new software. For half a decade now, cloud computing has grown rapidly, becoming more useful to individual and organizations. As the content placed on a cloud increases, the more concerns for safety and security within the cloud environment increases as well. Despite this growth, individual and organizations are still reluctant to deploy their business in the cloud (SO, 2011). To provide rich media services, multimedia computing has emerged as a noteworthy technology to generate, edit, process, and search media contents, such as images, video, audio, graphics and so on (Reshma and Jasmine, 2014). There is a rapidly growing demand for multimedia services, such as video streaming, video conferencing and mobile devices like smart phones and laptops. These are becoming popular and powerful with the ability to access and present rich multimedia contents(Luo and Shyu, 2011). For multimedia applications and services over the Internet and mobile wireless networks, there are strong demands for cloud computing because of the significant amount of computation required for serving millions of Internet or mobile users at the same time. In multimedia cloud paradigm the users store and process their multimedia application data in the cloud in a distributed manner, eliminating the full installation of the media application software on the users‟ computer or device and thus alleviating the burden of multimedia software maintenance and upgrade as well as sparing the computation of user devices and saving the battery of mobile phones ( Peerzada and Chawla, 2014; Guleria and Vatta, 2013). MC focuses on how cloud can provide QoS provisioning for multimedia applications and services. In MC, cloud service providers deploy cloud resources as utilities to process multimedia requests and then deliver computing results or media data to users. By using the multimedia cloud service, users do not need to pay for costly computing devices. Instead, they can process multimedia applications on powerful cloud servers and pay for the utilized resources by the time (Nan et al, 2011). The composite media service combines a set of media services like transcoding, delivery, streaming and sharing which are provided by different application service providers executed on a cloud

160

1st International Conference on Applied Information Technology 7-9 October, 2015 edge of the cloud. It‟s composed of storage, central processing unit (CPU) and graphics processing unit (GPU) clusters to provide distributed parallel processing and QoS adaptation for various types of devices, thus achieving a shorter delay (Zhu et al., 2011). Obviously, the application of cloud computing as a whole is encompassing. Although much has been done in this area since it has been a lucrative research area in computing and other discipline due to the multimedia services offered by the cloud However, it is by no means exhaustive.

environment was presented (Liu et al., 2011). Also, a scheduling model to schedule workflows in cloud environment was formulated. The model accommodated both heterogeneous and homogeneous computing environments in terms of tasks and there was a set of dependencies between these tasks (Lin et al., 2011). Cloud-DLS: Dynamic trusted scheduling for Cloud computing was also presented, through theoretical analysis and simulations, Cloud-DLS algorithm proved to be efficient in meeting the requirement of Cloud computing workloads in trust, sacrificing fewer time costs, and assuring the execution of tasks in a secured way (Wang et al., 2012). EXACT and Fully Polynomial Time Approximation Scheme (FAPTS) algorithm was introduced to ensure quality of serve in a cloud computing environment and to optimize users‟ experiences for Cloud services (Dubey and Agrawal, 2013). Furthermore, an efficient QoS based resource scheduling algorithm using potentially all pairwise rankings of all possible alternatives (PAPRIKA) was designed. The tasks were arranged based on the QoS parameters and the resources are allocated to the appropriate tasks based on PAPRIKA method and user satisfaction. The algorithm was tested within CloudSim environment and results showed that it reduces task completion time and improves resource utility rate (Lawrance and Silas, 2013). Another scheduling scheme was proposed using an optimized version of the first come first serve (FCFS) scheduling algorithm to address the major challenges of task scheduling in the cloud. The incoming tasks were grouped on the basis of the task requirement like minimum execution time or minimum cost and prioritized (FCFS manner). Resource selection was done on the basis of task constraints using a greedy approach (Marphatia et al, 2013). Also, another algorithm was developed using fuzzy neural network algorithm for Job scheduling, user‟s tasks were classified based on QoS parameters like bandwidth, memory, CPU utilization and size. The classified tasks are given to fuzzier where the input values are converted into the range between 0 and 1. Neural network contains input layer, hidden layer and an output layer for adjusting the weight of user task and match with system resources. The function of de-fuzzier is to reverse the operation performed by fuzzier. The exemplar input is matched with the exemplar output label by adjusting weights. The algorithm was implemented using CloudSim and results showed reduction in the total turnaround time and also increase the performance (Vankatesa and Dinesh, 2012). Media-edge cloud (MEC) architecture was introduced to provide better QoS for multimedia services. MEC is a Cloudlet which is located at the

PROPOSED ACTIVE RESOURCE ALLOCATING MODEL (ARAM) The proposed ARAM has shown in figure 1 consists of the virtual machine module, the data center module, scheduling module, broker module and resource module. All the modules are connected directly to the cloud. The virtual machine modules represent the software implementation of the model in which an operating system or program is installed and run. The virtual machine typically emulates a physical computing environment, but requests for CPU, memory, hard disk, network and other hardware resources managed by a virtualization layer which translates these requests to underlying physical hardware. The data center module is a centralized repository for the storage, management and dissemination of resources in the cloud. The Broker module simply represents several cloud users. The resource module contains the applications running within the cloud and lastly, the scheduling module adopts the round robin scheduling scheme to schedule media content within the cloud environment to avoid congestion. The scheduler is located between the data center module and the cloud. This scheduling model adopts the method of round robin scheduling technique to scheduling incoming multimedia applications (MAs) from cloud data center before it moves to the cloud. The incoming unscheduled Mas are stored in the waiting buffer and served based on the arrival rate with a feature of time slice set at specified threshold. If the time frame of execution of any of the Mas exceeds the threshold, it will go back to the end the waiting buffer. The scheduler frames will now be sent as an output to the cloud for the use of brokers. The ARAM Algorithm Assumptions: The applications running in the resource module are multimedia applications and arrival rate of applications are random.

161

1st International Conference on Applied Information Technology 7-9 October, 2015

Figure 1: Proposed Active Resource Allocating scheme. List of terms λm: arrival rate of multimedia applications Rq: resources on ready queue TS: time slice TAt: turnaround time Wt: waiting time Rt: request time Input : random arrival of multimedia applications Output: scheduled release of resources Initialization: λm, Rq, TAt, Wt, Rt λm ← video and audio trace data 1. Begin 2. Brokers request for resources 3. Let Rq= (R1, R2, ………. Rn) 4. Assign TS = α 5. Compute TAt (TAt = Wt + Rt) 6. Sort Rq in ascending order 7. If TAt ≤ TS then release scheduled resources 8. Else return to step 3 9. End If 10. Repeat step 3-8 until Rq = 0 11. Stop.

Figure 2: Creation of Cloudlets.

Simulation Setup To test the behavior and effectiveness of the proposed model, the model was tested in the CloudSim simulation environment. CloudSim is a library for simulation of cloud computing scenarios; it supports the modeling and simulation of large scale cloud computing infrastructure, including data centers on a single physical computing node. It provides basic classes for describing data centers, virtual machines, applications, users, computational resources, and policies. Also, all the modules contained in the cloud architecture can be easily deployed in CloudSim (Kumar and Sahoo, 2014; Semwal, A. and Rawat, 2014). ARAM was implemented in CloudSim and monitored under several simulation scenarios. Figure 2 displayed ten Cloudlets each with its unique identification (ID), Cloudlets are task running on the virtual machine.

Figure 3 : Creation of Cloudlet properties.

Figure 4: Virtual machine properties.

162

1st International Conference on Applied Information Technology 7-9 October, 2015

Figure 5: Assigning Broker to Virtual Machine. Figure 9: Response time against CloudletID. Figure 3 shows how properties are assigned to the Cloudlets, the properties assigned are length, file size and output size. Figure 4 displayed the virtual machine properties and how brokers are assigned to the virtual machine is shown in Figure 5. Figure 6 displayed how brokers are assigned to each Cloudlet and Figure 7 displayed the simulation running time. CONCLUSION Based on the simulated results, the graph for the cloud start time against the Cloudlet ID is presented in Figure 8. It shows that multiple applications were transferred across the cloud environment at the same time and the applications were tagged with a unique Cloudlet ID ranging from 10-100. Also, the Cloudlet response time of these resources was monitored as displayed in Figure 9. It was observed that between 100-150ms the response time was low, but from ≥ 150ms the response time was high. Quality of service in multimedia application needs to be monitored to prevent congestion in the cloud. This research is aimed at maintaining quality of service provisioning for multimedia services in the cloud which has been achieved to a certain degree. ARAM was able to distribute resources to brokers in a fair and efficient manner. The simulation results showed that the start time, finish time and response time of the Cloudlet and brokers assigned resources in a circular form. Although, the low service response time reflected at ≤ 150ms suggests startup delay which makes this scheme unsuitable for realtime multimedia applications. However, for further work, the scheme will be extended to real-time multimedia applications. A packet-level modeling and simulation will be carried out with the aim to carry out performance analysis of packet loss ratio, average packet delay, jitter, service response time and cost of cloud resources. Also, the scheme will be evaluated with selected existing schemes.

Figure 6: Assigning Broker to Cloudlets.

Figure 7: Start time and finish time of each Cloudlet.

EFERENCES Berliner B., Clark B., Hartono, A. 2005. QOS Requirements of Multimedia Applications”. Department of Computer Science and Engineering, The Ohio State University. Broberg, J., Buyya, R., Tari, Z. 2009. MetaCDN: Harnessing „Storage Clouds‟ for high performance

Figure 8: Start time against CloudletID.

163

1st International Conference on Applied Information Technology 7-9 October, 2015 content delivery, Journal of Network and Computer Applications, 32(5):1012-1022. Cho, W., Lai, C-F. 2014. Adaptive Multimedia Cloud Computing Center Applied on H. 264/SVC Streaming. In Cloud Comp, 14-26. Dubey, S., Agrawal, S. 2013. Methods to Ensure Quality of Service in Cloud Computing Environment. International of Advanced Research in Computer Science and Software Engineering, 3(6): 406-411. Guleria, S., Vatta, D. S. 2013. To Enhance Multimedia Security In Cloud Computing Environment Using Crossbreed Algorithm, International Journal of Application or Innovation in Engineering and Management (IJAIEM), 2(6):562568. Hossain, M. S., Hassan, M. M., Qurishi, M. A., Alghamdi, A. 2012. Resource allocation for service composition in cloud-based video surveillance platform, 2012 IEEE International Conference on In Multimedia and Expo Workshops (ICMEW), 408412. Hui, W., Lin, C., Yang, Y. 2012. MediaCloud: A New Paradigm of Multimedia Computing. KSII Transactions on Internet & Information Systems, 6(4). Kesavan, S., Anand, J., Jayakumar, J. 2012. “Controlled multimedia cloud architecture and advantages”, Advanced Computing, 3(2), 29-40. Kumar, V., Dinesh, K. 2012. Job Scheduling Using Fuzzy Neural Network Algorithm in Cloud Environment,. Bonfring International Journal of Man Machine Interface, 2(1):01-06. Kumar, R., Sahoo, G. 2014. “Cloud Computing Simulation using Cloudsim”. International Journal of Engineering Trends and Technology (IJETT), 8(2):82-86. Lin, C., Lu, S. 2011. Scheduling scientific workflows elastically for cloud computing. In Cloud Computing (CLOUD), 2011 IEEE International Conference on, pp. 746-747. Liu, X., Yuan, D., Zhang, G., Li, W., Cao, D., He, Q., Yang, Y. 2011. The Design of Cloud Workflow Systems”. Springer briefs in computer science. Luo, H., Shyu, M. L. 2011. Quality of service provision in mobile multimedia-a survey. Humancentric computing and information sciences, 1(1):115. Lee, Y. C., Zomaya, A. Y. 2012. Energy efficient utilization of resources in cloud computing systems. The Journal of Supercomputing, 60(2), 268280. Lawrance, H., Silas, S. 2013. Efficient Qos Based Resource Scheduling Using PAPRIKA Method for Cloud Computing. International Journal of Engineering Science and Technology (IJEST), 5(03). 638-643. Marphatia, A., Muhnot , A., Sachdeva , T., Shukla, E., Kurup, L. 2013. Optimization of FCFS

Based Resource Provisioning Algorithm for Cloud Computing. IOSR Journal of Computer Engineering (IOSR-JCE), 10(5): 1-5. Nan, X., He, Y., Guan, L. 2011. Optimal resource allocation for multimedia cloud based on queuing model. In Multimedia Signal Processing (MMSP), 2011 IEEE 13th International Workshop, 1-6. Nan, X., He, Y., Guan, L. 2013. Optimization of workload scheduling for multimedia cloud computing, 2013 IEEE International Symposium: In Circuits and Systems (ISCAS), 2872-2875. Peerzada, A., Chawla, E. 2014. An Analytical Review of the Multimedia Data and Encryption Mechanism at Cloud Server, International Journal of Innovative Research in Computer and Communication Engineering, 2(2):3041-3048. Qaisar S., Khawaja K. 2012. Cloud Computing: Network/Security Threats and Counter measures. Interdisciplinary Journal of Contemporary Research in Business, 3(9):1323-1329. Ramesh, B., Savitha, N., Manjunath, A. E. 2013. Mobile Applications in Multimedia Cloud Computing, International Journal of Computer Technology and Applications , 4:97-103. Reshma T., Jasmine J. 2014. Mobile Streaming: Android Based Mobile Tv, IOSR Journal of Computer Engineering (IOSR-JCE), 16(2):80-86. SO, K. 2011. Cloud Computing Security Issues and Challenges”. International Journal of Computer Networks (IJCN), 3(5):247-2011. Shamily, P., Durga, S. 2012. A Review on Multimedia Cloud Computing, its Advantages and Challenges, International Journal of Advanced Research in Computer Engineering & Technology (IJARCET) , 1(10):130-133. Semwal, A., Rawat, P. 2014. Analysis of Cloud Service Provisioning Policies using GUI Simulator, International Journal of Engineering and Technical Research (IJETR), 2(4): 341-344. Tan, M., Su, X. 2011. Media cloud: When media revolution meets rise of cloud Computing, in Proc. IEEE 6th Int. Symp. Service Oriented Syst. Eng., 251–261. Vani, S., Bhosale, B., Shinde, G. , Shinde, R., Pawar, M. 2014. Cloud-Based Multimedia Storage System with QoS Provision”,. International Journal of Computer Science and Information Technologies (IJCSIT), 5(2):1173-1176. Wang, W., Zeng, G., Tang, D., Yao, J. 2012. Cloud-DLS: Dynamic trusted scheduling for Cloud computing. Expert Systems with Applications, 39(3):2321-2329. Wang, S., Dey, S. 2013. Adaptive mobile cloud computing to enable rich mobile multimedia applications. Multimedia, IEEE Transactions on, 15(4):870-883. Zhu, W., Luo, C., Wang, J., Li, S. 2011. Multimedia cloud computing. Signal Processing Magazine, IEEE, 28(3):59-69.

164

1st International Conference on Applied Information Technology 7-9 October, 2015

BLACKFACE SURVEILLANCE CAMERA (BFSC) DATABASE FOR EVALUATING FACE RECOGNITION ALGORITHMS IN LOW QUALITY SCENARIOS A. Abayomi-Alli1, E. O. Omidiora2, S. O. Olabiyisi3, J. A. Ojo4 and A. Y. Akingboye5 1

Department of Computer Science, Federal University of Agriculture, Abeokuta, Nigeria. Department of Computer Science and Engineering, Ladoke Akintola University of Technology, Ogbomoso, Nigeria. 4 Department of Electrical and Electronic Engineering, Ladoke Akintola University of Technology, Ogbomoso, Nigeria. 5 Department of Electrical and Computer Engineering, Igbinedion University Okada, Nigeria. 2,3

1

[email protected], [email protected], [email protected], 4 [email protected], [email protected]

Abstract: Many face recognition algorithms perform poorly in real life surveillance scenarios because they were tested with datasets that are already biased with high quality images and certain ethnic or racial types. In this paper a black face surveillance camera (BFSC) database was described, which was collected from four low quality cameras and a professional camera. There were fifty (50) random volunteers and 2,850 images were collected for the frontal mugshot, surveillance (visible light), surveillance (IR night vision), and pose variations datasets, respectively. Images were taken at distance 3.4, 2.4, and 1.4 metres from the camera, while the pose variation images were taken at nine distinct pose angles with an increment of 22.5 degrees to the left and right of the subject. Three Face Recognition Algorithms (FRA), a commercially available Luxand SDK, Principal Component Analysis (PCA) and Linear Discriminant Analysis (LDA) were evaluated for performance comparison in low quality scenarios. Results obtained show that camera quality (resolution), face-to-camera distance, average recognition time, lighting conditions and pose variations all affect the performance of FRAs. Luxand SDK, PCA and LDA returned an overall accuracy of 97.5%, 93.8% and 92.9% after categorizing the BFSC images into excellent, good and acceptable quality scales. Keywords: Algorithm, Databases, Face-recognition, Performance, Pose, Quality and Surveillance. affect its performance. Most face recognition systems are usually not tested in the surveillance conditions in which they are usually deployed (Abayomi-Alli et al., 2015). Thus, when performing recognition, one or more combinations of these variations come into play, thereby making recognition more difficult with attendant low performance from the FRS (AbayomiAlli, 2015). It is therefore important to put in place a framework for the performance evaluation of a FRS implementing a particular algorithm before deployment to have a clue regarding what its eventual performance will be like and to determine if it will be acceptable for its intended purpose (Omidiora et al., 2013).

INTRODUCTION Face recognition is an important research problem spanning various fields and disciplines (Abayomi-Alli et al., 2015) with numerous practical applications such as ATM card identification, access control, Mug shots verification, security monitoring, and surveillance systems (Amir, 2008). It is the identification of humans by the unique characteristics of their faces (Draper et al., 2003) and can automatically identify or verify an individual in a digital image by analyzing and comparing patterns (Face-rechomepage, 2013). Facial recognition is an active area of research due to its clandestine or covert capability (Jain, 2008) as a camera from some distance away can capture a person’s face and the subject will not necessarily know he has been observed. Thus, there is a departure from the easy scenario leading to real world scenario of low quality images, this makes the face recognition system to experience severe problems (Omidiora et al., 2013b) such as pose variation, illumination conditions, scale variability, aging, glasses, moustaches, beards, low quality image acquisition, occluded faces etc. Although there have been significant improvement in face recognition performance in the past decade, it is still below acceptable levels for use in many applications (Abayomi-Alli, 2015; Grgic, Delac and Grgic, 2011) as a face recognition system (FRS) must cope with real world, uncontrolled and dynamic environments (Poh, Kittler, Marcel, Matrouf, and Bonastre, 2010; Park, 2009). These intrinsic and extrinsic variations plague the FRS and directly

LITERATURE REVIEW For a facial recognition system to be complete, a facial database is required. Several databases have been used in the evaluation of facial recognition algorithms to enable performance comparison between biometric systems. For effective, performance measurement of FRS it is necessary to test the recognition algorithms on well-known and widely available databases. Different researchers have collected a comparatively large number of face databases (FaceRecHomePage, 2012). Many of these databases are tailored to the specific needs of the algorithm under development or investigation. In order to assert claim that any face recognition system is efficient, robust, and reliable, it must undergo rigorous testing and verification, preferably on real-world datasets. Also for researchers to

165

1st International Conference on Applied Information Technology 7-9 October, 2015 appropriately measure the performance of an algorithm and directly compare the results, it is recommendable to use a standard test data (Omidiora et al., 2013a). While there are many databases in use currently, the choice of an appropriate database to use should be made based on the task and/or research

direction. Another method is to choose the dataset specific to the property being tested for example the performance of an algorithm on images with different facial expressions and varying lighting conditions.

Table 1: Summary of some existing face recognition databases (Abayomi-Alli, 2015). Name and Description of Database with Date FERET (August, 1993 – July, 1996) (Phillips et al., 2000) AT &T (1992 -1994) (Samaria and Harter, 1994) AR (PURDUE) (1998) (Martine and Benavente, 1998) CMU- PIE (October –December, 2003) (Sim, Baker and Bsat, 2003) CAS-PEAL (August, 2002 –April, 2003) (Gao et al., 2004)

Number of Subjects 1199

40

116

68

1040 377 438 233 297 296 66

Indian Face (February, 2002) (Jain and Mukherjee, 2002) VT_AAST (2007) (Abdallah, El-Nasr and Abbott, 2007) SCFace 5 days (Grgic et al., 2011)

130

Conditions

Number of Images

Image Resolution

Facial expression Illumination Pose Time Varying lighting Facial expression Facial details

2 2 9-20 2

256x 384 pixels (8 bit grey scale)

14,051

4 2

92 x 112 pixels (PGM, grey scale)

400

Facial expression Illumination Occlusion Time Pose Illumination Facial expression

4 4 2 2 13 43 3

768 x 578 pixels

41,368

640 x 480 pixels

41,368

Pose Facial expression Accessory Illumination Background Distance-fromcamera Time Pose Facial Expression

21 6 6 9-15 2-4 12

Pose Orientation Race Structural Components Camera quality IR frontal mug shot Visible light mug shot Distance-fromcamera Different pose

3 2 4 3

Owing to the large body of literatures, an exhaustive review of publicly available databases that are of demonstrated use in the facial recognition community will be out of scope. However, details and descriptions of existing face databases used by researchers are updated on the FaceRecHomePage (2012). Table 1 summaries the features of some of the existing face databases. Although there are many

2 7 4

7 1

360 x 480 (Cropped images)

grey

scale

640 x 480 pixels (JPEG, 256-grey levels)

30,900

440

300 x 225 (JPEG & GIF) 1,027

1

100x75, 144x108 224x168 pixels 1,600x1,200 pixels 426x320 pixels

3 9

3,072 x 2,048 pixels

4,160

databases in use currently, the choice of an appropriate database to use should be based on the face recognition task at hand (Face-rec homepage, 2013). Some of these databases include the Yale Face Database, PIE Database, AT&T, MIT-CBCL Face Recognition Database, NIST Mugshot Identification Database, and Surveillance Camera Face Database (SCface) (Gross et al., 2005). Using

166

1st International Conference on Applied Information Technology 7-9 October, 2015 still images from low-resolution surveillance cameras in controlled conditions as input, it is reasonable to omit the face normalization stage. However, when locating and segmenting a face in complex scenes under unconstraint environments, such as in a video scene, it is necessary to define and design a standardized face database. The FERET database contains monochrome images taken in different frontal views and in left and right profiles. Only the upper torso of an individual (mostly head and neck) appears in an image on a uniform and uncluttered background (Philip et al., 2000). Turk and Pentland created a face database of 16 people. The face database from AT&T Cambridge Laboratories, formerly known as the Olivetti database and also known as the ORL-AT&T database, consists of 10 different images for 40 persons. The images were taken at different times, varying the lighting, facial expressions, and facial details (ORL, 2013). The Harvard database consists of cropped, masked frontal face images taken from a wide variety of light sources. There are images of 16 individuals in the Yale face database, which contains 10 frontal images per person, each with different facial expressions, with and without glasses, and under different lighting conditions (Belhumeur et al., 1997). The XM2VTS multimodal database contains sequences of face images of 37 people. The five sequences for each person were taken over one week. Each image sequence contains images from right profile (-90 degree) to left profile (90 degree) while the subjects count from 0 to 9 in their native languages. The UMIST database consists of 564 images of 20 people with varying poses. The images of each subject cover a range of poses from right profile to frontal views. The Purdue AR database contains over 3,276 color images of 126 people (70 males and 56 females) in frontal view (Martine and Benavente, 1998). This database is designed for face recognition experiments under several mixing factors such as facial expressions, illumination conditions, and occlusions. All the faces appear with different facial expressions (neutral, smile, anger, and scream), illumination (left light source, right light source, and sources from both sides), and occlusion (wearing sunglasses or scarf). The images were taken during two sessions separated by two weeks. All the images were taken by the same camera setup under tightly controlled conditions of illumination and pose. This face database has been applied to image and video indexing as well as retrieval. Zhao et al. (2003) can be referred to for the details of preparation of face databases.

database (BFSC) and the evaluation of three face recognition algorithms in low quality scenarios. The BFSC database was collected primarily to mimic real life surveillance scenarios just like the SCface database. Only black faces were used to populate the database. Each participant is required to fill a consent form and a brief orientation is done before capturing. The database consists of fifty (50) subjects, collected over a period of four weeks. Variations in the database include pose, face distance to camera, resolution, contrast and illumination. The capturing of image took place in computer science laboratory at the Computer Science Department, Federal University of Agriculture, Abeokuta. The capturing equipment includes four surveillance cameras, high quality digital professional photo camera, and a computer. For many shots image acquisition and pose image acquisition we use a quality video camera, for surveillance camera image acquisition we make use of four surveillance cameras of different models and functions, which include one IR digital video camera. BFSC Database Description The surveillance images were taken in controlled lighting environment using two head lamps tilted at angle 45 on both sides of the surveillance cameras. All the cameras were installed and kept in a fixed position at a height of 2.25m from the ground as shown on Figure 1. The images were then captured using the Multiviewer software for windows XP that has 4 channels (see figure 3). The resulting images were first cropped out and later resized using the following dimensions: 76 x 111, 58 x 82, 46 x 58 and 51 x 72 for the first, second, third and fourth images from the four cameras respectively.

Figure 1: Heights and positions of the surveillance cameras.

RESEARCH METHODOLOGY The methodology for this study involves the collection of the Black Face Surveillance Camera

167

1st International Conference on Applied Information Technology 7-9 October, 2015

Figure 3: Image acquisition using multiviewer software.

Figure 2: Four surveillance cameras used for the BFSC database. Subjects’ images were taken at three distinct distances with their heads looking straight. Subjects were captured at 1.4m, 2.4m and 3.4m face to camera distances as shown on figure 2 and figure 3. The headlamps had all of these states- left light on (LL), right light on (RL), both lights on (BL) and no light on (NL), this was done using two switches. For each distance, the headlamps had a constant intensity throughout the process. The pose variation dataset was collected with a 12-mega pixel professional digital camera mounted on a tripod stand at a fixed position to capture nine different pose angles. The angles ranged from 0 to 180 with an increment of approximately 22.5. Protocol for Capturing Images In order to ensure consistency, all volunteers (subjects)must pass through and adhere strictly to the database collection protocol as described in subsection Phase I (surveillance image dataset) and subsection Phase II (pose variation dataset), respectively.

Figure 4: Surveillance camera Images for subject 19 in the database. Phase II Participant post is taken at 9 different angles in between 22.5 degree from +90 to -90 degree from left to right and one frontal mug shot. The labeling includes FF (frontal), R1, R2, R3, R4, L1, L2, L3, and L4. See Table 2, figure 5 and figure 6. The protocol for phase II includes: 1. Subject stand in between FF and face forward and image taken; 2. Subject stand in between R1 and face forward image taken; 3. Subject stand in between R2 and face forward image taken; 4. Subject stand in between R3 and face forward image taken; 5. Subject stand in between R4 and face forward image taken; 6. Subject stand in between L1 and face forward image taken; 7. Subject stand in between L2 and face forward image taken; 8. Subject stand in between L3 and face forward image taken; 9. Subject stand in between L4 and face forward

Phase I Participant should walk in front of the surveillance cameras. See figure 3 and 4. Subject stand at distance 1.4m from the camera: 1. Right light on (RLN) image captured; 2. Left light on (LLN) image captured; 3. Both lights on (BLN) image captured; 4. Both lights off (BLO) image captured; Subject stand at distance 2.4m from the camera: 5. Right light on (RLN) image captured; 6. Left light on (LLN) image captured; 7. Both lights on (BLN) image captured; 8. Both lights off (BLO) image captured; Subject stand at distance 3.4m from the camera: 9. Right light on (RLN) image captured; 10. Left light on (LLN) image captured; 11. Both lights on (BLN) image captured; 12. Both lights off (BLO) image captured.

168

1st International Conference on Applied Information Technology 7-9 October, 2015 image taken.

represent distances of 1.4m, 2.4m and 3.4m, respectively from the surveillance cameras. For example, the filename 001_cam1_L1.jpg means that this image shows subject 001 captured with surveillance camera 1 when left light is on at a distance of 1.4 m to the cameras, e.g. 001_cam1_L1, 001_cam2_L1, 001_cam3_L1, 001_cam4_L1, 001_cam1_R1. The same protocol is repeated for distance two and distance three.

Naming Convention For the surveillance camera images the naming of the subjects, camera, light label and distance is as follows: Sub Number_CamNumber_Light Label_ Distance. See Figures 4 and 6. The naming convention for the images obtained from the digital camera is as follows: Subject ID_angle Label.

Table 2: Pose variation label and angles. Label IVQA number F Frontal mug shot R1 22.50 R2 450 R3 67.50 R4 900 L1 22.50 L2 450 L3 67.50 L4 900 Figure 5: Frontal mug shot Image for subject 19 in the database.

Naming different pose images: SubjectID_angleLabeled.jpg. For example the file name 001_F means that the subject identity 001 taken at angle 90 degree which is the frontal mug and there is a different of 22.5 degree interval both to the right labeled R1, R2, R3, R4, and to the left L1, L2, L3, L4, of which 9different poses where captured per subject. See Table 2. Example for subject 001: 001_F, 001_R1, 001_R2, 001_R3, 001_R4, 001_L1, 001_L2, 001_L3, 001_L4.

The angles are labeled as shown on Table 2 while Figure 6 shows an example of pose variation images. Using this naming convention every image in the database gained a unique name, carrying information both about a subject’s unique ordinal and at what distance and surveillance conditions was the subject’s picture taken. Distance labels 1, 2 and 3

Table 3: shows a summary image sets and description of the BFSC database. Camera

Description

Images Subject

Frontal facial Mug shot images

1 Frontal mug shot camera

Facial mug shots of high quality static colour images.

1

50

36

1800

12

600

8

400

Surveillance Cameras images (Visible light)

Camera 2and 3

1,

Surveillance cameras images (IR night vision).

Camera 4

Pose images

Professional digital camera

variation

Images taken with cameras of different qualities at three discrete distances (3.40, 2.40 and 1.40m). Four illumination levels (indoor light only, left control light only, right control light only and both control lights on). Images are in gray scale at three discrete distances (3.40, 2.40 and 1.40m). Four illumination levels (indoor light only, left control light only, right control light only and both control lights on). Images taken at different pose angles with an increment of 22.5o.

169

per

Total number images

Image gallery

of

1st International Conference on Applied Information Technology 7-9 October, 2015 on the BFSC database to test their strength in low quality surveillance scenario. The performance comparison of the recognition algorithms was done through structured face verification experiments carried out based on the face authentication protocol proposed by Wallace et al. (2011). The recognition threshold was set at 0.4 in order to reduce the number of returned false reject (FR) due the low quality of the BFSC images. The face recognition images evaluated with BFSC are Luxand face SDK (Luxand, 2013), Principal Component Analysis (PCA) (Turk and Pentland, 1991) and Linear Discriminant Analysis (LDA) (Cai, He and Han, 2007). Each frontal mug shot images of the fifty database subjects was compared (Verification) with the low quality surveillance and pose variation images across the three recognition algorithms. These resulted in 2,850 verification trails. For each algorithm , if the probe samples are of uniformly high quality then the probe sample’s quality is sufficient to predict algorithm ’s performance. The matching algorithm will produce a recognition score for a given pair of images, . If the recognition score is above a predefined threshold, the verification task is considered successful and the result is returned. Other metrics that affect and measure the accuracy and performance of face recognition systems include algorithm recognition time, true accept (TA), false reject (FR), false accept (FA), true reject (TR), failure-to-acquire rate (FTA) (Mansfield and Wayman, 2002; Du and Chang, 2007, Wayman, 2010). The mean recognition score (MRS) and the number of successful recognition (SR) also was used to measure the performance of a facial recognition algorithms on the BFSC database.

Figure 6: Pose Variation Image of Subject 19 in the database. From Table 3, frontal mug shot images per subjects will give fifty (50) mug shot images, surveillance cameras 1, 2 and 3 will give 1800 images with 36 images per subject, while camera 4 has 600 night vision images with 12 images per subject in gray scale. The pose variation dataset contains 400 images with 8 images of per subject. Finally, the total number of images in the BFSC is 2,850 images (50frontal, 2400-surveillance and 400-pose variation). Equipment used in Database Collection 1) A personal computer; a) Intel(R) Core [email protected] (4 CPUs), b) 4096MB RAM, c) 500 GB HDD; d) 1366*768 (32 bit) (60Hz) current display mode 2) 4 Low resolution surveillance cameras; 3) Professional digital camera; a) 12.1-megapixel Super HAD CCD image sensor. b) 5x optical zoom, 28mm wide-angle Carl Zeiss Vario-Tessar lens; c) Optical Steady Shot image stabilization; d) 720p high-definition movie capture; BIONZ image processor e) 3.0-inch (230K pixels) Clear Photo LCD. 4) Camera tripod stand; 5) RealTime Color Quad Processor RT-404 QD (4 Channel Digital Multiplexer); 6) EasyCAPture (4 channel USB 2.0 DVR surveillance system); 7) AV Cables and other connection wires; 8) Electrical Switches and Extension box; 9) 2 Head lamps. Software Requirements 1) Windows XP/Vista/7 operating system; 2) Multiviewer application for XP; 3) Microsoft picture manager 2010; 4) Picasa software - version 3.9 for Windows XP/Vista/7.

RESULTS AND DISCUSSION Results from the verification experiments of the BFSC database on Luxand SDK, PCA and LDA recognition algorithms shows that the Mean Recognition Score (MRS) was quite low across the three algorithms, Failure-To-Acquire (FTA) was the same at 87 (See table 4). The low MRS was due to the low quality and resolution of the BFSC images, which informed the choice of 0.4 as the decision threshold for the Face Recognition Algorithms (FRAs). Table 4: Summary of verification experiment with recognition algorithm’s performance. Algorithm Luxand SDK PCA LDA

SR

FTA

TA

FR

FA

TR

MRS

2713

87

879

1834

0

0

3.433

2713 2713

87 87

742 723

1971 1990

0 0

0 0

2.976 2.904

** Decision threshold = 0.4 Figure 7 shows the effect of varying camera quality on the FRA’s performance. Camera 5 represents the frontal mugshot dataset of 50 images. Camera 5, 4 and 3 returned 0, 1 and 11 FTA, respectively.

BFSC Database Testing Three facial recognition algorithms were evaluated

170

Number of SR/FTA of Probe Images

1st International Conference on Applied Information Technology 7-9 October, 2015 700 600 500 400 300 200 100 0

1

2

3

4

5

6

CAMERA SR

598

595

589

599

50

332

FTA

2

5

11

1

0

68

Number of SR/FTA of Probe Images

Figure 7: Graph showing the effect of varying camera quality on the algorithms performance.

900 800 700 600 500 400 300 200 100 0

Figure 9: Graph showing the effect of varying camera quality and face to camera distance on average recognition time. From Table 5, results showed that pose variation images at extreme angles of 90 degrees returned the highest number of FTA. The variations in the lighting condition under which the images were taken was of no significant difference to the performance of the FRA’s as seen from Table 6.

1 (3.4m)

2 (2.4m)

Table 5: Effect of Pose variation/angles on Algorithm Performance. Label Pose Angle SR FTA F Frontal mug shot 50 0 R1 22.50 50 0 R2 450 50 0 R3 67.50 50 0 R4 900 22 28 L1 22.50 50 0 L2 450 50 0 L3 67.50 50 0 L4 900 10 40

3 (1.4m)

Distance SR

787

798

796

FTA

14

2

3

Figure 8: Graph showing the effect of subject’s face to camera distance on algorithms performance.

Table 6: Effect of lighting variation on algorithm performance. Lighting Condition SR FTA Indoor light only 594 6 Left control light only 595 5 Right control light only 596 4 Both control light on 596 4

Figure 8, shows the effect of subject’s face to Camera distance with distance 1 (3.4m) having the 14 FTAs. This is consistent with the recommendations for face image data on conditions for taking pictures in (ISO/IEC, 2006). Figure 9 shows that camera 5 (Pose variation images) returned the lowest average recognition time (Secs) of 1.64 seconds while camera 3 at distance 3.4m had 4.27 seconds. This proves that the lower the quality or resolution of an image the more time the FRA will take to detect facial features and carry out recognition.

Table 7 shows the categorization of the BFSC database images into different quality scales using the Image Verification and Quality Assessment (IVQA) number proposed by Abayomi-Alli (2015). The database images was classified based on the returned algorithm matching scores (AMS) of range zero to one as against the Overall Quality Scores (OQS) as originally proposed by (Abayomi-Alli, 2015).

171

1st International Conference on Applied Information Technology 7-9 October, 2015 Table 7: Categorization of BFSC database images across IVQA quality scales. Overall quality Score range

IVQA number

0.9 - 1.0

5

Excellent

64

0.80 – 0.89

4

Good

246

0.60 – 0.79

3

Acceptable

1047

0.40- 0.59

2

Poor

1406

0 – 0.39

1

Unacceptable

87

Description

AUC= 0.929

Number of images

Figure 10: ROC curve of LDA classification Performance on the new BFSC dataset.

With the IVQA classification, a new BFSC dataset was obtained containing only the images with an AMS of equal or greater than 0.6. Thus, 1,493 images was discarded as having poor or unacceptable quality while 1,357 images was recorded as either acceptable, good or excellent quality. The new BFSC database was applied on Luxand SDK, PCA and LDA for another set of verification trials, and the result obtained is summaries on Table 8 with zero FTAs and an increased MRS of 0.92, 0.90 and 0.89, respectively. Table 9 shows other statistical analysis results obtained from the verification experiment with Luxand SDK having the lowest standard error of 0.8% and the highest accuracy of 97.5%.

AUC= 0.938

Table 8: Summary of Luxand SDK, PCA and LDA’s performance on the BFSC high quality images.

Figure 11: ROC curve of PCA classification Performance on the new BFSC dataset.

Algorithm

SD

FTA

TA

FR

FA

TR

MRS

Luxand SDK

1,357

0

1,357

0

0

0

0.92

PCA

1,357

0

1,357

0

0

0

0.90

LDA

1,357

0

1,357

0

0

0

0.89

AUC= 0.975

** Decision threshold = 0.6 Table 9: Other Performance Results of Luxand SDK, PCA and LDA on the new BFSC dataset.

FRA

Accuracy (%)

Std. Errora (%)

Asymptotic Confidence Interval (95%) Lower bound

Upper bound

Total verification trials

Luxand SDK

97.5

0.8

0.964

1.0

1,357

PCA

93.8

1.7

0.914

0.978

1,357

LDA

92.9

2.2

0.909

0.953

1,357

Figure 12: ROC curve of Luxand SDK classification Performance on the new BFSC dataset. CONCLUSION A Black Face Surveillance Camera database (BFSC) was populated with 50 volunteer subjects and 2850 images was collected. The BFSC was tested on a commercially available Luxand SDk, PCA, and LDA for performance evaluation. Results obtained were consistent with those obtained by Abayomi-Alli (2015), Omidiora et al. (2013a), Omidiora et al. (2013b), Omojola (2012); Grgic, Delac & Grgic (2011) and Chen, Flynn & Bowyer (2005). It was observed that pose variations is the major cause of

The classification accuracy of Luxand SDK, PCA and LDA using the Receiver Operating Characteristics (ROC) and the Area Under the Curve (AUC) was obtained as shown in figures 10, 11 and 12. The AUC of Luxand SDK, PCA and LDA represent the Accuracy of the FRA in the verification experiment as 97.5, 93.8 and 92.9, respectively.

172

1st International Conference on Applied Information Technology 7-9 October, 2015 low performance of FRA’s in detecting and recognition facial images in real life or low quality surveillance scenarios as compared to lighting, expression, aging or resolution. The height of surveillance cameras may contribute to the difficulty of FRA’s in recognizing or detecting faces in extreme pose angles. 3D zoom cameras may be recommended to tackle this. Finally, Luxand SDK was observed to consistently outperforms PCA and LDA.

Grgic, M.; Delac, K; and Grgic, S. 2011. SCfaceSurveillance Cameras Face Database, Multimed Tools Application, 51:863–879. Gross, R. 2005. Face database, handbook of face recognition, Eds. Stanz li and Arilk. Jan, Springer– verlag February, 2005. ISO/IEC 2006. Proposed Draft Amendment to ISO/IEC 19794-5 Face Image Data on Conditions for Taking Pictures, ISO/IEC JTC 1/SC 37 N 1511. Jain, A. 2008. Biometrics, Microsoft Encarta 2008, Microsoft Corporation, Redmond, WA, 2008. Jain, V. and Mukherjee, A. 2002. The Indian Face Database, Available at http://viswww.is.umass.edu/~vidit/IndianFaceDataba se2002 Luxand 2013. Detect and Recognize Faces with Luxand FaceSDK, Luxand Incorporation, USA, Available online at http://www.luxand.com/facesdk/, Accessed on 23rd August, 2013. Mansfield, A. J. and Wayman, J. L. 2002. Best Practices in Testing and Reporting Performance of Biometric Devices, Centre for Mathematics and Scientific Computing, National Physical Laboratory, Middlesex, TW110LW. Version 2.01 NPL Report CMSC 14/02. Martine A. M. and Benavente, R. 2002. The AR Face Database, CVC Technical Report #24, June 1998. Omidiora, E. O.; Olabiyisi, S. O.; Ojo, J. A.; Abayomi-Alli, A.; Abayomi-Alli, O. and Erameh, K. B. 2013a. Facial Image Verification and Quality Assessment System FaceIVQA, International Journal of Electrical and Computer Engineering (IJECE), 3(6), 863-874. Omidiora, E. O.; Olabiyisi, S. O.; Ojo, J. A.; Abayomi-Alli, A.; Izilein, F.; and Ezomo, P. I. 2013b. Mace correlation filter algorithm for face verification in surveillance scenario, IJCSE, UK, 18(1):6-15 Omidiora, E. O.; Olabiyisi, S. O.; Ojo, J. A.; Ganiyu, R. A. and Abayomi-Alli, A. 2014. Enhanced Face Verification and Image Quality Assessment Scheme Using Modified Optical Flow Technique, Lecture Notes in Engineering and Computer Science: In Proceedings of the International Conference on Signal Processing and Imaging Engineering (ICSPIE), University of California, Berkeley, San Francisco, USA, 22nd-24th October, 2014. Omojola, S. O. 2012. Performance evaluation of facial recognition algorithm in surveillance scenario: a case study of correlation filter, Computer Science BSc. Thesis, Federal University of Agriculture, Abeokuta, Nigeria. ORL 2013. ORL face database, Avalaible online at http://www.uk.research.att.com/facedatabase.html, accessed on 13/09/2013. Park, U. 2009. Face recognition: face in video, age invariance, and facial marks, Ph.D Dissertation, Department of Computer Science, Michigan State University, U.S.A.

REFERENCES Abayomi-Alli, A. 2015. Image Verification and Quality Assessment Models for Predicting Facial Recognition System Performance, PhD Computer Science and Engineering Thesis, Ladoke Akintola University of Technology, Nigeria. Abayomi-Alli, A.; Omidiora E. O.; Olabiyisi S. O. and Ojo J. A. 2015. Adaptive Regression Splines Models for Predicting Facial Image Verification and Quality Assessment Scores, Balkan Journal of Electrical and Computer Engineering (BAJECE), Vol. 3(1): 17-26. Abdallah, A. S.; El-Nasr, M. A. and Abbott, A. C. 2007. “A New Colour Image Database for Benchmarking of Automatic Face Detection and Human Skin Segmentation Techniques”. Proceedings of World Academy of Science, Engineering and Technology, 20:353-357. Amir, F. 2008. Robust Face Detection Using Template Matching Algorithm. Masters of Applied Science thesis, University of Toronto, Canada. Belhumeur, P. N.; Hespanha, J. P. and Kriegman, D. J. 1997. Eigenfaces vs. Fisherfaces: Recognition using class specific linear projection, IEEE Trans. on PAMI, 19(7):711-720. Cai, D.; He, X. and Han, J. 2007. Semi-supervised discriminant analysis, Proc. IEEE 11th International Conference on Computer Vision, 14:1–7. Chen, X., Flynn, P. J., and Bowyer, K. W. 2005. IR and visible light face recognition. Computer Vs Image Understanding, 99(3):332–358. Draper, B.; Kyungim, B.; Marian, S. B. and Ross, J. B. 2003. Computer Vision and Image Understanding: Recognizing faces with PCA and ICA. Retrieved from http://www.elsevier.com/locate/cviu Du, Y. and Chang, C. I. 2007. Rethinking the effective assessment of biometric Systems, SPIE Newsroom, Available online at http://spie.org/x2412.xml, accessed on 13th November, 2014. FaceRecHomePage 2012. Facial Recognition Homepage, Available online at http://www.facerec.org/algorithms/new-papers/databases, accessed on 11/05/2013. Gao, W.; Cao, B.; Shans, S.; Zhou, D.; Zhang, X. and Zhao, D. 2004. CASP-PEAL Large Scale Chinese Face Database and Evaluation Protocols Technical Report. JDL-TR-04FR-001, Joint research Development laboratory. Available at: http://www.jdl.ac.cn/peal/index.html

173

1st International Conference on Applied Information Technology 7-9 October, 2015 Florida, pp. 138-142. Sim, T.; Baker, S. and Bsat, M. 2003. The CMU Pose, Illumination and Expression Database, IEEE Transactions on Pattern Analysis and Machine Intelligence, 25(12):1615-1618, 2003. Turk, M. and Pentland, A. 1991. Eigenfaces for recognition. J CognNeurosci 3(1):71–86. Wallace, R.; McLaren, M.; McCool, C. and Marcel, S. 2011. Inter-session variability modeling and Joint Factor Analysis for Face Authentication, In Proc. International Joint Conference on Biometrics (IJCB), 11th-13th October, Arlington, Virginia, USA, pp. 1-8. Zhao, W.; Chellappa, R.; Rosenfeld, A. and Phillips, P. J. 2003. Face recognition: A literature survey, ACM Computing Surveys, 35(4):399-458.

Phillips, P. J.; Moon, H.; Rizvi, S. A. and Rauss, P. J. 2000. The FERET Evaluation Methodology for Face-Recognition Algorithms, IEEE Transaction on Pattern Analysis and Machine Intelligence, 22(10):1090-1104. Poh, N; kittler, J; Marcel, S; Matrouf, D. and Bonastre, J. 2010. Model and score adaptation for biometric systems: coping with device interoperability and changing acquisition conditions, In Proc. international Conference on Pattern Recognition, IEEE Computer Society, 23rd-26th, Istanbul, Turkey, pp. 1229-1232. Samaria, F. and Harter, A. 1994. Parameterization of a Stochastic Model for Human face Identification, 2nd IEEE Workshop on Applications of Computer Vision, 5th-7th December, Saratosa,

174

1st International Conference on Applied Information Technology 7-9 October, 2015

MINING ANDROID APPLICATIONS FOR ANOMALY MALWARE DETECTION J. Abah and O.V. Waziri Department of Computer Science, Federal University of Technology Minna, Nigeria. Department of Cyber Security Science, Federal University of Technology Minna, Nigeria. [email protected] and [email protected] Abstract: In order to apply a machine learning algorithm, it is necessary to first collect relevant data representing the features of the system under consideration. This is important in the field of dynamic analysis approach to anomaly malware detection systems. In this approach, the behaviour patterns of applications while in execution is analysed. This paper discusses Android applications feature extraction for the purpose of anomaly malware detection on the Android platforms. The features that Android as a system allows access permissions to depend on the type of device; rooted or unrooted device. In this work, information that include installed applications and running services, date/time stamp, incoming calls, outgoing calls, short messaging services (SMSs) sent, SMSs received, and status of the device are collected and used to build feature vectors that describes the Android application’s behaviour. To realize this objective, a Monitoring System called Device Monitoring application is developed to extract applications data for the purpose of Anomaly detection on unrooted Android devices. Results showed that the Device Monitoring application was able to monitor, intercept and record successfully the specified information that would be used by a trained supervised machine learning model or classifier. This is intended to improving the security of Android mobile devices in general. Keywords: Android, Anomaly detection, Application behaviours, Feature vectors, Malware detection, mobile device, rooted device, unrooted device. INTRODUCTION Android is one of the most used Smartphone‟s operating System in the World (Srikanth, 2012). Android is open source with huge user community and documentations; it allows any programmer to develop and publish Applications to both the Official or Unofficial market. It has a very huge adoption and market penetration globally. Android was predicted to be the most used mobile Smartphone platform by 2014 (You, Daeyeol, Hyung-Woo, Jae and Jeong, 2014) which has become a reality. There are over seven hundred thousand Android Mobile Applications published via the Official Android market, the Google Play Store (Zack, 2012). As a result of these, Android has become a target for attacks for most malware developers. The ubiquitous gains of Android brings along with it security risks in terms of malware attacks targeted at this platform. Malware attack is a challenging issue among the Android user community. It therefore becomes necessary to make the platform safe for users by providing defence mechanism especially against malware. There are basically three approaches according to (Aswathy, 2013; Burquera, Zurutuza and NadjmTehrani, 2011; Lovi and Divya, 2014) to mobile malware detection approaches; static, dynamic and manifest file analyses. While Static analysis focused on the use of patterns of strings called signatures to detect malware presence, dynamic analysis approach to malware detection uses the behaviour pattern of Applications while in execution. The third approach involves the analysis of Android Manifest file. All these approaches involve the acquisition of relevant data for analysis at some points in the design of

malware detection systems. This paper presents a model for mining Applications behaviours for detecting malware on the Android platform using dynamic analysis. A Malware detector attempts to help protect the system by detecting malicious behaviour (Aswathy, 2013). The malware detector performs its protection through the manifested malware detection approaches. Detection methods for attacks on mobile devices (Burquera et al., 2011; Wei, Mao, Jeng, Lee, Wang and Wu, 2012; Wu, Mao, Wei, Lee and Wu, 2012; Ham, Choi, Lee, Lim and Kim, 2012) have been proposed to reduce the damages from the distribution of malicious applications. However, a mechanism that provides more accurate ways of determining normal applications and malicious applications on Android mobile devices is yet to be developed and a procedure for obtaining the features undefined. Android malware detection systems available currently employs static approach to malware detection by scanning files for byte sequences of known malware Applications. Anomaly-based detection is still in a developmental stage and researches are ongoing. As a result, the current approaches are not able to detect unknown attacks which are generally referred to as „zero day attacks‟. Zero day attacks are attacks carried out by unknown malware whose signatures have not been analysed and obtained. Several approaches with different metrics for defining Android application behaviours have been developed and are discussed. (You Joung et al. 2014; You Joung and HyungWoo, 2014) presented an approach for determining malicious attack on Android using System Call Event Pattern Analysis. In their work, system calls invoked

175

1st International Conference on Applied Information Technology 7-9 October, 2015 by executing Applications of different categories and their frequency of occurrences is used as the metrics for defining Applications behaviour. Their analysis was carried out on Linux system rather than on mobile device. (Abela, Joshua, Kristopher, Delas, Jan, Tolentino and Gomez, 2013) developed AMDA an automated malware detection system for the Android platform. The core modules of the system included the Feature Extraction Module and the Behaviour Analysis Module. The Feature Extraction Module generates activity log from running applications retrieved from the application repository of the system. The activity log contains the system calls from application activity which are the features that the module retrieves. (Mohammed, Atif and Hassam, 2014) in the Automatic Feature Extraction part of their work proposed and implemented an approach to detect malicious applications statically through a set of well-defined APIs. Similarly, Tchakounté and Dayang (2013) used a static approach to analyse System calls of malware on the Android platform. Lin, Yuan-Cheng, Chien-Hung, and Hao-Chuan, (2013) proposed SCSdroid, which uses the threadgrained system calls sequences, because these sequences can be regarded as the actual behaviour of the application. Their approach is a step further from just system calls of Applications to carter for malware repackaged applications. Luoxu and Qinghua, (2013) presented a static approach to their Runtime-based Behaviour Dynamic Analysis System for Android Malware Detection. They used Loadable Kernel Module Hooking to hook the Android system and then collect data. The collected data consist of IMSI, SIM, IMEI, TEL, call log, SMS, MAIL and so on. The technology of analysis is semantic analysis and regular expression. Yousra, Wenliang and Heng, (2013) used APIs as the feature for describing Android behaviours used for detecting malware. To select the best features that distinguish between malware from benign applications, API level information within the bytecode were used since it conveys substantial semantics about the apps behaviour. More specifically, they focused on critical API calls, their package level information, as well as their parameters. Dini, Martinelli, Saracino and Sgandurra, (2012) employed two-layer applications behaviour features in order to properly described Android malware behaviours. These include System calls from the kernel layer and other features from the Applications layer. This approach tend to provide a better description of the system than a monolithic view of just a single layer as it considered both the Operating System layer behaviours and the Applications layer behaviours. It is observed from all the reviewed literatures that System calls pattern analysis played a critical role in providing Android Applications behaviour pattern. It is therefore clear that System calls as features could best be used either singly or in addition to other features to describe Application behaviours not just in Android but any mobile platform.

System calls is deprecated in modern versions of Android (Jelly bean upward). Therefore access to system calls features requires rooting the Android device since permissions are restricted to the application layer by the Android system. The implication of rooting a device is grave since it opens up the entire file system to attacks. This idea is inimical to the concept of building mobile security and hence, not a welcome approach when designing a security system for mobile devices. This research employs Anomaly-based detection in a host-based manner and the first phase of this work is to monitor activities that occur on the target host system. To achieve this aim, a model for extracting Android application behaviours through events of normal applications and malicious applications, using a customized approach is developed. This model is capable of monitoring features of the Android system such as running applications, running services, calls received, calls initiated, SMSs received, SMSs sent and device status of the target device. Anomalybased detection systems use a prior training phase to establish a normality model for the system activity. In this method of detection, the detection system is first trained on the normal behaviour of the application or target system to be monitored using a defined normality model of behaviour for the system. With this, it becomes possible to detect anomalous activities by looking for abnormal behaviour or activities that deviate from the defined normal behaviour occurring in the system. Though this technique look more complex, it has the advantage of being able to detect new or unknown malware attacks. Anomaly-based detection requires the use of feature vectors to train the classifier before subsequent classification can be carried out. These feature vectors are obtained from features or data collected from the system. The objective of this work is to extract android applications data from an unrooted android device and using the data to effectively describe Android system behaviour that could be used for detecting malware using anomaly detection approach. The structure of this paper is given as follows: section one provides introduction and review of related works; section two present materials and methods; section three present and discusses results; finally section four provides summary and conclusion to the work. MATERIALS AND METHODS This research adopts a data mining approach to extracting data from the Android system. The various activities carried out and the different modules implemented to ensure application feature behaviours are intercepted for use in malware detection process are discussed. Figure. 1 shows the schematic of the data extraction system.

176

1st International Conference on Applied Information Technology 7-9 October, 2015

Figure. 2: The Android Applications Data Collection Process

Figure. 1: The Architecture of the Android Applications Data Extraction System (Dini et al., 2012).

The collector module in conjunction with the monitors will help to collect as much information as possible from the Android Applications installed on the device. This information include the Date/Time stamp, the application and services running on the device, out-going calls, incoming calls, out-going SMS, incoming SMS, and Device screen status. This information is collectively referred to as feature of application or behaviours. For each .apk file, the device user interaction is created or the emulator simulates user interaction by randomly interacting with the application interface.

Materials The experimentation was carried out on a laptop machine with the Intel Core-i3-370M Processor, 3GB of available memory and 500GB Hard Disk Drive (HDD). This machine runs Windows 7 Operating System while Android Studio 1.2.2 Integrated Development Environment (IDE) was used as the Software Development Kit (SDK). Methods The procedures involve the acquisition of Android applications from both official and unofficial markets. Android applications were downloaded and stored in the application repository folder and afterward installed on the Virtual or real device. The applications could be executed in an instrumented Android emulator via Android Virtual Device (AVD) this is the only medium to automate the generation of application system activity logs without using an actual mobile device. There is no much actual difference to using human input to be able to activate the behavioural activity of an application. However, the log data contains activities which are irrelevant for detection of malicious activity. With this problem of noise in the log data, the system utilizes a selfdeveloped parser which is customized as to which features are to be collected.

Android Feature Collection In order to apply any machine learning algorithm or classifier, it is fundamentally important to first and foremost collect relevant features. The features that Android as a system allows access permissions to depend on the type of device. The type of device here implies whether the device has been rooted or not. Android is based on the Linux kernel at the bottom layer, all layers on top of the kernel layer run without privileged mode. That is, all applications and system libraries are inside a virtual application sandbox. As a result of this architecture, applications are prohibited from accessing other application data (unless explicitly granted permission by other applications called the rooting applications). Thus, if a feature vector is created from features of Android API in unrooted mode, then only system information made available by Android can be used. On the other hand, having a rooted device allows one to install system tools that could gather features from underlying host and network behaviour but doing this subject the device to serious security vulnerabilities as the entire device file system will be opened up to attacks. In this Work, an unrooted device is used in order to collect Android application data. To be able to do this, a feature mining model which is a selfdeveloped application module that will be part of the detection system is used. This application is able to collect essential information from Android application such as installed applications and services running within the device before or after the

The Data Collection Processes In order to collect the Android Applications data, the various monitors described in Figure 1 are implemented as Android java programs in the Device Monitoring Application. This application is actually a module implementing the data mining model of the entire malware detection system. This application serves as the feature mining model which runs on the Android device to collect the features while the users interacts with installed applications on the device. The feature mining model monitor Android application activities implemented using a broadcast receiver and records activities taking place on the device. Figure. 2 shows the data collection stages by the feature mining model.

177

1st International Conference on Applied Information Technology 7-9 October, 2015 Monitoring application was started, the date/time stamp, calls initiated from the device (outCalls), calls received by the device (InCalls), sent SMSs (OutSMS), SMSs received (InSMS), and the status of the device (Screen) as at when the event took place. This information is written into a log file and stored on the SD card of the device. This log file is a comma separated value in .csv format. Parsing these data with another self-developed code module will produce the feature vectors which is in .arff file format; the format acceptable by WEKA. This selfdeveloped code module that serves as a feature mining model for application enable us to create a folder were all monitored/recorded application logs in csv file format will be stored. This csv file will be parsed by another parser to make feature vector file in arff. This arff file of feature vectors will be used as input to the Classifier in the Android malware detection system. Figure. 3 shows the feature mining processes.

} Within this class, the methods for the calls (out-going and in-coming calls) and the in-coming SMS are implemented in a single method with a nexted if .. else statement. The Inner broadcast receiver for monitoring the screen condition is implemented with the class ScreenReceiver which implements the onReceive method using special observer “intent”. The service monitoring is implemented by a class ServiceMonitoring with a method that records the services running on the device and the features to be extracted. The Binder function initiates the monitoring process when the start button is clicked and to stop the monitoring when the stop button is clicked. All monitored events and activities are written to a file in a comma separated value format. The method checks for the presence of an SD card and create a folder there where the file will be stored or setup a Gmail account where the file will be sent to without user interference. The file is named using the device date/time stamp.csv. Figure. 4 shows a screenshot of the feature mining model application for the malware detection system.

Figure. 3: Features Mining Processes The data mining application performs the following major task as it runs either in foreground or background. This is represented in Figure. 3. i. First, the Android application runs either on the emulator or real device, the Device Monitoring which implements the feature extraction model; a self-developed module that implements the monitors runs in the background to intercepts and records the specified features (out call, in call, out SMS, in SMS, and device status). ii. Secondly, the log stream is input to the parser in the Device Monitoring application and is parsed by filtering and formatting the log data to a readable form in a comma separated value (.csv) format. iii. Finally, the csv file will then be parsed by another parser to generate .arff file that will be used by the classifier. Although the code for the Device Monitoring application cannot be given here, the skeletal description of the different modules representing the respective monitors is presented. The broadcast receiver class for the calls and receiving incoming SMS record the calls and SMS events into app preferences, there is no proper receiver for the outgoing SMS so special observer class is used in the service class. When this receiver is started in service, it doesn't work on real device, so it is registered in the manifest and the preferences is used. The structure of the public class; ReceiverCallSms that implements the calls and the SMS is given as; public class Receiver CallSms extends BroadcastReceiver { . . .

Figure. 4: Android Applications Feature Mining Model App. The settings menu provides the avenue for creating folder where reports will be stored on the SD card and to also specify a Gmail account and mail subject if the report is to be sent to a remote recipient or possibly server for analysis. TESTING, RESULTS AND DISCUSSION To test the developed model, the application was installed on a TECNO P5 device running Android version 4.2.2. When the monitoring is started, it goes to the background where it listen to all activities going on within the device as the user interacts with installed applications. A reduced sample report obtained from a single run of the feature mining model implementation is given in Figure. 5 and discussed as follows;

178

1st International Conference on Applied Information Technology 7-9 October, 2015 Monitoring Device application was started, the time stamp is indicated in a Date/Time format. It is indeed very difficult to know which application performs a given activity since certain tasks are deprecated at application layer. Therefore, any activity that occurred without knowing which application perform the activity is given „?‟ as the value for the AppName attribute at that point. For the OutCall, InCall, OutSMS, InSMS and Screen attribute, the attributes have Boolean values; the value 0 is entered to represent the absence of the attribute and 1 is entered to represent the presence of that attribute at the given time stamp. For the Screen attribute that represents the device status which is either idle or active, the value 1 means that the screen is in „ON‟ or active state while 0 imply „OFF‟ or idle state. Finally, the last attribute Class is not actually extracted from the applications or services by the Device Monitoring application but appended to the log file to indicate the class after running the file through a classifier. Since the classification has not yet been carried out on the data, the classes of the instances are undetermined and so they all have the value of „?‟ that means unknown class; the classes are normal and malicious. When the Device Monitoring application is stopped, the event together with the Time stamp of the event is registered and finally the report gives a summary of all the events in the form of count or tally. Table 1 gives a summary of events within the specified time interval. It is clear that within this time, 25 applications were recorded to be running on the device either in foreground or background. One out-bound call and one inbound call were recorded whereas; one Inbound SMS and 0 outbound SMS were also recorded with their respective device state. This shows that the monitoring and recording of the events was successfully achieved by the device monitoring application.

Figure. 5: Captured Output of Monitored TECNO P5 Android Device. Table 1: Summary of Event Log Du R O I O In rati u u n u S on n t C t M (M . C a S S ins A a ll M .) p l S p l s 45 2 1 1 0 1 5

SUMMARY AND CONCLUSION In this paper, the development of a feature mining model used to extract Android application behaviour for anomaly malware detection is developed and used to successfully extract Android application data for use in anomaly malware detection. Although the work is ongoing, it is evidently shown that the needed data for analysis have been obtained by this developed model. Further experimentation on the data will be carried out to determine the effectiveness of the data in anomaly malware detection. The data are obtained from the application layer; the type of information that can be extracted depends on whether the device has been rooted or not. Rooting a device is a bridge of security and therefore opens up the device to attacks. Since the aim is to improve security of mobile devices and applications with Android platform, an unrooted device is used. The information that were extracted and used to describe Android application behaviours include date/time stamp of the running application and services given as Date/Time, applications and services names (AppName), Outbound call (OutCall), Inbound call

The result shows the date/time the Monitoring Device application was started. Immediately after that line is the field or attributes of the collected information in a csv format. After the attributes names are the attribute values entered in the order of the specified attributes. The first attribute is the Time, followed by AppName, OutCall, InCall, OutSMS, InSMS, Screen, and finally the Class in that order. For applications and services running before the Monitoring Device application was started, the Time stamp is indicated as “before” while the applications and services started after the

179

1st International Conference on Applied Information Technology 7-9 October, 2015 (InCall), Outbound SMS (OutSMS), Inbound SMS (InSMS) and the device status (Screen). The device status indicates whether there is an active interaction with the device by the user or not. When the screen is active (value of 1), it means there is active interaction with the device by the user and when the screen is idle or hibernated (value of 0), it implies no active user interaction. Activities like sending SMS and initiating calls requires active user interaction. If these attributes have values of 1 when the screen state is idle (value of 0), it implies a suspicious or malicious behaviour is taking place on the device by background application. Although other features could be added, these were used as a test base to realise the concept of anomaly detection system. To be able to access more information that could be used to describe application behaviour for anomaly detection purposes, it is recommended that access to certain information like system calls, network traffic and other system level information which are presently deprecated in Android systems should be allowed access by Google in some ways.

Extraction, Categorization and Detection of Malicious Code in Android Applications. International Journal of Information & Network Security (IJINS) 3(1), pp. 12-17, February 2014. Srikanth, R., 2012. Mobile Malware Evolution, Detection and Defence. Unpublished Term Survey Paper, Institute for Computing, Information and Cognitive Systems, University of British Columbia, Vancouver, Canada. Tchakounté F. and Dayang P., 2013. System Calls Analysis of Malwares on Android. International Journal of Science and Technology 2(9), pp 669-674 September, 2013. Wei T.E., Mao C.H., Jeng A.B., Lee H.M., Wang H.T. and Wu D.J., 2012. Android Malware Detection via a Latent Network Behaviour Analysis, IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications. Wu D.J., Mao C.H., Wei T.E., Lee H.M. and Wu K.P., 2012. DroidMat: Android Malware Detection through Manifest and API Calls Tracing, 7th Asia Joint Conference on Information Security. Ying-Dar Lin, Yuan-Cheng Lai, Chien-Hung Chen, and Hao-Chuan Tsai, 2013. Identifying Android Malicious Repackaged Applications by Thread-grained System call Sequences, Elsevier: Computers & Security, pp 1-11, http://dx.doi.org/10.1016/j.cose.2013.08.010 You Joung Ham and Hyung-Woo Lee, 2014. Detection of Malicious Android Mobile Applications Based on Aggregated System Call Events. International Journal of Computer and Communication Engineering, 3(2), pp 149 -154, March 2014. You Joung Ham, Daeyeol Moon, Hyung-Woo Lee, Jae Deok Lim and Jeong Nyeo Kim, 2014. Android Mobile Application System Call Event Pattern Analysis for Determination of Malicious Attack. International Journal of Security and Its Applications, 8(1), pp.231-246, http://dx.doi.org/10.14257/ijsia.2014.8.1.22 Yousra Aafer, Wenliang Du, and Heng Yin, DroidAPIMiner, 2013. Mining API-Level Features for Robust Malware Detection in Android, pp 1-18. Retrieved from http://www.google.com Zack Islam, 2012. Google Play Matches Apple's iOS With 700,000 Apps. Businessweek, 30 October 2012. Retrieved from http://www.tomsguide.com/us/Google-Play-AndroidApple-iOS,news-16235.html

REFERENCES Abela Kevin, Joshua Angeles L., Don Kristopher E., Delas Alas, Jan Raynier P., Tolentino, Robert Joseph and Gomez, Miguel Alberto N., 2013. An Automated Malware Detection System for Android using Behavior-based Analysis AMDA. International Journal of Cyber-Security and Digital Forensics (IJCSDF) 2(2), pp 1-11 The Society of Digital Information and Wireless Communications. Aswathy Dinesh, 2013. An Analysis of Mobile Malware and Detection Techniques, pp 1-13. Retrieved from http://www.google.com Burquera I., Zurutuza U. and Nadjm-Tehrani S., 2011. Crowdroid: behavior-based malware detection system for Android, Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices, pp. 15-26. Dini, G., Martinelli, F., Saracino, A. and Sgandurra, A., 2013. MADAM: A Multi-level Anomaly Detector for Android Malware. Computer Network Security, Lecture Notes in Computer Science, 7531, pp. 240-253. Ham Y.J., Choi W.B., Lee H.W., Lim J.D. and Kim J.N., 2012. Vulnerability monitoring mechanism in Android based smartphone with correlation analysis on event-driven activities” 2nd International Conference on Computer Science and Network Technology, pp. 371-375. Lovi Dua and Divya Bansal, 2014. Taxonomy: Mobile Malware Threats and Detection Techniques. Dhinaharan Nagamalai et al. (Eds): ACITY, WiMoN, CSIA, AIAA, DPPR, NECO, InWeS–2014 pp. 213– 221. Luoxu Min and Qinghua Cao, 2014. Runtimebased Behaviour Dynamic Analysis System for Android Malware Detection 2013, pp. 1-4. Retrieved from http:// www.google.com Muhammad Zuhair Qadir, Atif Nisar Jilani, and Hassam Ullah Sheikh, 2014. Automatic Feature

180

1st International Conference on Applied Information Technology 7-9 October, 2015

A MULTI-LEVEL EMBEDDED ENCRYPTION SCHEME 1

O. Oyeleke, 2S. A. Onashoga, 3O. A. Ojesanmi and 4A. A. A. Agboola

123Department of Computer Science, Federal University of Agriculture, Abeokuta, Nigeria. 4

Deparment of Mathematics, Federal University of Agriculture, Abeokuta, Nigeria.

1

[email protected], [email protected], [email protected] and [email protected]

Abstract: Confidentiality, authorization and authentication of messages are the three major factors that must be put into consideration when sending any information as transmission of information are done via unsecured channel (internet). This works aims at embedding techniques that would take care of these three major factors at once. The method is multi-level because it comprises of a key exchange protocol, a message authentication code, a key derivation function and a symmetric encryption which is polyalphabetic substitution that makes use of a 94 x 94 vignerecipher table. All these four techniques are combined together to give an output which secures the message to be sent. Kewords: Cryptography, Vigenere Cipher, Elliptic Curve Integrated System, Polyalphabetic substitution. INTRODUCTION Cryptography is an efficient means of protecting sensitive information as it is transmitted over any untrusted medium which includes any network particularly the internet (Asafe et al., 2014). Producing a cipher text with use of encryption algorithm and Message Authentication Code (MAC) gives the message a more secured platform and also the parties involved would be able to verify the identity of one another. Cryptography is the practice and study of techniques for secure communication in the presence of third parties otherwise known as adversaries (Yekinni et al., 2014). Cryptography is the science and study of secret writing. It is about the design and analysis of mathematical techniques that enable secure communications in the presence of malicious adversaries (Hankerson et al., 2003). Cryptography not only protects the data from theft or alteration, but also be used for user authentication. Cryptography is combination of encryption and decryption. Encryption is a process of converting the plain text to cipher text using with some keys, while decryption is process of converting the cipher text to plain text using same key or another key (Reddy et al., 2012). Cryptography algorithms are mainly into two ways based on the key distribution. They are Symmetric Key algorithm (Private Key algorithm), Asymmetric key algorithm (Public Key algorithm) (Reddy et al., 2012).

called secrete key algorithm private key, or single key. In secret key algorithm, both the sender and receiver will use the same key to encrypt and decrypt the data. Symmetric schemes are generally faster as compared to asymmetric keys and used to establish session keys since it involves only a key. Examples of symmetric key algorithms are data encryption standard (DES), Triple DES, Cipher Block Chaining (CBC) and Blowfish (Reddy et al., 2012). Symmetric key ciphers are implemented as either block ciphers or stream ciphers. A block cipher enciphers input in blocks of plaintext that is work on blocks of plaintext and cipher text, as opposed to individual characters, the input form used by a stream cipher. Block Cipher When a block cipher algorithm is used for encryption and decryption purposes, the message is divided into blocks of bits. These blocks are then put through substitution, transposition, and other mathematical functions. The algorithm dictates all the possible functions available to be used on the message, and it is the key that will determine what order these functions will take place. Strong algorithms make reengineering, or trying to figure out all the functions that took place on the message, basically impossible.

VIGENERE CIPHER The Vigenere cipher is a method of encrypting alphabetic text by using series of different Ceaser ciphers based on the letters of a keyword. It is a simple form of polyalphabetic substitution. Giovan Battista Bellaso originally described what is now known as the Vigenère cipher in his 1553 book La cifra del. Sig. Giovan Battista Bellaso. He built upon the tabula recta of Trithemius, but added a repeating "countersign" (a key) to switch cipher alphabets every letter (Wiki, 2015).

Stream Cipher A stream cipher does not divide a message up into blocks; instead, a stream cipher treats the message as a stream of bits or bytes and performs mathematical functions on them individually When using a stream cipher, the same plaintext bit or byte will be transformed into a different cipher text bit or byte each time it is encrypted. Some stream ciphers use a key stream generator, which produces a stream of bits that is XORed with the plaintext bits to produce cipher text. Exclusive OR (XOR) is an operation that is applied to two bits. It is a function in binary mathematics. If both bits are the same, the result is zero (1 + 1= 0). If the bits are different than each other, the result is one (1 + 0= 1) (Asafe et al., 2014).

SYMMETRIC KEY CRYPTOGRAPHY This type of cryptography uses the same key (or keys that are trivially related) for both encryption and decryption of data. Symmetric algorithm is also

181

1st International Conference on Applied Information Technology 7-9 October, 2015 Cipher Block Chaining (CBC) Mode

Plain Text Plain Text

Cipher Block Chaining (CBC) does not reveal a pattern because each block of text, the key, and the value based on the previous block is processed in the algorithm and applied to the next block of text. This gives a more random resulting cipher text. A value is extracted and used from the previous block of text. This provides dependence between the blocks and in a sense they are chained together. This is where the title of Cipher Block Chaining (CBC) comes from, and it is this chaining effect that hides any repeated patterns (Asafe et al., 2014).

Encryption

Cipher Text

Decryption

Figure 1: Secret key algorithm. ASYMMETRIC CRYPTOGRAPHY Asymmetric key algorithms are also called public key algorithms. In public key algorithm both parties (sender and receiver) have their own different keys. In public key cryptography each user or the device taking part in the communication generally have a pair of keys, a public key and a private key, and a set of operations associated with the keys to do the cryptographic operations. The sender encrypts the data with his own key, and the receiver decrypts the data with his own key. First they will do the encryption or decryption with the same key, and again do the encryption or decryption with their own key. (Reddy et al., 2012). Commonly used public key schemes are: i. RSA public key encryption and signature schemes. ii. The discrete logarithm (DL) problems whose hardness us essential for the security of the ElGamal public key encryption and signature schemes and their variants such as the Digital Signature Algorithm (DSA). (whitepaper, 2012) iii. The elliptic curve discrete logarithm problem whose hardness is essential for the security of all elliptic curve cryptographic schemes (Hankersonet al. 2004).

Data Encryption Standard (DES) DES is a symmetric algorithm based on block encryption algorithm (that is, message is divided into blocks of bits. These blocks are then put through substitution, transposition and other mathematical functions). DES uses a 64-bit key in which 56 bits makes up the main key and 8 bits are used for parity. When DES is applied to data, it splits the message up into blocks and performs operation on them one at a time (Asafeet al., 2014). Advantages of symmetric-key cryptography 1. Symmetric-key ciphers can be designed to have high rates of data throughput. 2. Keys for symmetric-key ciphers are relatively short. 3. Symmetric-key ciphers can be employed as primitives to construct various cryptographic mechanisms including pseudorandom number generators, hash functions and computationally efficient digital signature schemes. 4. Symmetric-key ciphers produce stronger ciphers. which are easy to analyze, can be used to construct (Menezeset al., 1997).

Se cr Ke et y

secret key

RELATED WORKS Kester, (2012) presented a cryptosystem based on Vigenere Cipher with varying key. Vigenere cipher encryption algorithm automatically changes the cipher key after each encryption step. The successive keys will be dependent on the initial key value during the encryption process. The algorithm ultimately makes it possible for encryption and decryption of the text and also makes the Vigenère cryptosystem more difficult against frequency attack using varying keys. Asafe et al., (2014) designed a crypto system for preventing unauthorized access using stand-alone software that implements cryptography using polyalphabetic substitution. The algorithm is a simple method of encrypting alphabetic text using a series of different shift ciphers based on the letters of a keyword. The system does have a high confidentiality rating in order to defend against sniffing and man-in-the-middle attacks.

can be composed to Simple transformations but on their own weak, strong product ciphers

Disadvantages of symmetric-key cryptography 1. In a two-party communication, the key must remain secret at both ends. 2. In a large network, there are many key pairs to be managed. Consequently, effective key management requires the use of an unconditionally trusted third party 3. In a two-party communication between entities A and B, sound cryptographic practice dictates that the key be changed frequently and perhaps for each communication session. 4. Digital signature mechanisms arising from symmetric-key encryption typically require either large keys for the public verification function.

METHOD This work makes use of a scheme known as Multi-level Encryption Scheme (MLES) which is

182

1st International Conference on Applied Information Technology 7-9 October, 2015 based on the idea of the Elliptic Curve Integrated Encryption Scheme (ECIES).

symmetric keys k1 and k2. Key k1 is used to encrypt the plaintext using a symmetric-key cipher, while key k2 is used to authenticate the resulting cipher text. Intuitively, the authentication guards against chosen cipher text attacks since the adversary cannot generate valid cipher texts on her own. The following cryptographic primitives would be used: Definition: Domain Parameters: i. The field order q. which indicates number of elements in Fp ii. Two coefficients that define the equation of the elliptic curve E over ( ) in a prime field. iii. Two field elements that define a ( ) finite point ( ) in affine coordinates. P has prime order and is called the base point. iv. The order n of P. v. The cofactor ( ) . (It is necessary ( ) that be divisible by a sufficiently large prime n. At a minimum, one should have n.

Elliptic Curve Integrated Encryption Scheme The Elliptic Curve Integrated Encryption Scheme (ECIES) was proposed by Bellare and Rogaway, and is a variant of the ElGamal public-key encryption scheme. It has been standardized in ANSI X9.63 and ISO/IEC 15946-3, and is in the IEEE P1363a draft standard. ECC is a good choice for low power environments. ECC has applications as a public key sharing scheme and as digital signature authentication scheme. The applications of ECC are: A. Elliptic Curve Diffie-Hellman (ECDH) Key Exchange B. Elliptic Curve Menezes-Qu-Vanstone (ECMQV) Key Exchange and Verification C. Elliptic Curve Digital Signature Algorithm (ECDSA). (Malik, 2010). The best known ECC schemes and protocols are ECDH (Elliptic Curve Diffie Hellman), a key agreement protocol (Martinez and Encinas 2013). In the scheme, an Elliptic Curve DiffieHellman(ECDH) key exchange is used to derive two MULTI-LEVEL ENCYRPTION SCHEME (MLES) Begin

Begin

Input plaintext

Get C, MAC

Receiver

Sender

Compute receiver's MAC (HMC') from Ciphertext

Perform ECDH

Generate initial key using KDF

NO Is HMC = HMC' Generate final key from Vigenere table

Reject cipher text

YES Generate initial encryption key from KDF

Perform polyalphabetic substitution

Perform polyalphabetic substitution

Compute HMAC (HMC)

Generate final key from Vigenere table Generate and send Ciphertext (C), MAC

Get Plaintext

End End

Figure 2:Multi-level Encryption Scheme (MLES) flow diagram. The scheme consists of the following sub modules (iii) HMAC algorithm, which would be used for the (i) Elliptic Curve Diffie-Hellman was be used for key signature of the message to verify if it is truly from exchange protocol in the proposed scheme. Public the claimed sender. HMAC is a hash function based keys would be exchanged between the sender and message authentication code. The algorithm is given the receiver prior to encryption and decryption. in algorithm 4 H denotes the SHA-256 hash (ii) A Key Derivation Function (KDF) would be used function, C denotes the ciphertext to be transmitted and it would be constructed from a hash function and KD is the unique HMACkey generated by the (SHA-256). SHA-256 (secure hash algorithm, FIPS KDF. 182-2) is a cryptographic hash function with digest (iv) A symmetric encryption technique would be length of 256 bits. It is a keyless hash function; that combined with the above to get the cipher text. is, an MDC (Manipulation Detection Code). The Polyalphabetic Substitution is a simple method of KDF would be used in generating encryption key encrypting alphabetic text by using a series of and Hash based Message Authentication Code different shift ciphers based on the letters of a (HMAC) key for the Message Authentication. keyword. For this work, a polyalphabetic substitution using one-time pad key system

183

1st International Conference on Applied Information Technology 7-9 October, 2015 including a Vigenere cryptosystem would be employed. The polyalphabetic encryption and decryption procedures involved in this work are outlined in figures 3 and 4 respectively.

The proposed scheme was implemented using Java object oriented programming language and Netbeans Integrated Development Environment (IDE) with Java 1.8.0 version.

Algorithm 1: Polyalphabetic Encryption Input: Plain text M, Encryption Key K. Output: Ciphertext C. Process: Step 1: Generate a 94 X 94 vigenere table consisting of lowercase alphabets, uppercase alphabets, andspecialcharacters. Step 2: Convert derived key from integer to ASCII characters. Step 3: Convert integer k to string S. Step 4: If S.length> 1 Sum up all elements of S to get int R Convert R to ASCII character Else, Convert integer k to ASCII character Step 5: Return initial encryption key Step 6: While (Encryption key < plaintext) Step 7: Get the character at plaintext [Encryption key.length] = x Step 8: Get the character at plaintext [Encryption key.length-1] = y Step 9: Convert x and y to binary. Step 10: Get the complement of the binary of x and y Step 11: XOR the complements of x and y to get Z Step 12: Add Z to each initial encryption key Step 13: NewEncKey = Number of characters in InitialEncKey equivalent to plaintext length. Step 14: For int i = 1 to plaintext length N introwpos = row position of EncKey: in vigenere table intcolpos = column position of plaintext: in vegenere table ciphertext i= vigeneretable[rowpos][colpos] returnciphertext. Step 15: End Algorithm 2: Polyalphabetic Decryption Input: Ciphertext C Output: Plaintext Process: Step1: Generate a 94 X 94 vigenere table Step 2: Convert derived key from integer to ASCII characters. Step 3: Convert integer k to string S. Step 4: If S.length> 1 Sum up all elements of S to get int R Convert R to ASCII character Else, Convert integer k to ASCII character Step 5: Return initial encryption key Step 6: While (decryption k]=1-Pr[N≤k]=1-( ∑ (19).

192

(

)

(

)

1st International Conference on Applied Information Technology

7-9 October, 2015

1.0 IMPLEMENTATION Tail Measurement

SERVER, CLIENT, CLIENT, SERVER, CLIENT, SERVER,11, 11, 10 10 CLIENT10, CLIENT, SERVER, 10,99 CLIENT, SERVER, PERFOR PERFOR CLIENT, SERVER, 8,8,779,9,88 CLIENT, SERVER, MANCE, CLIENT, SERVER, 6,6,557,7,66 MANCE, PERFOR CLIENT, SERVER, CLIENT, SERVER, 4,4,335,5,44 SERVER, CLIENT,2,3,3,23, MANCE, 2 SERVER 2,2,110.6677 1, 1, 0.8366 00 PERFOR MANCE, 4,Client/Server 1.5589

Performance

This paper gives a design queuing system which helps reduce the waiting time in a switching network considering the number of efficient servers at a number of service facilities .The decision variable for these are the server which are represented by n and μ as the mean service rate per busy server and λ as the mean arrival velocity of each facility. The architecture for the proposed queuing model is many servers- to- many- clients and the system capacity ( Πnλ) is measured together with system utilization (R=λ/M μ). Where M is the finite capacity parameter of the system, and = λ/ μ is the number of clients served.

Figure 3: The number of clients served RESULTS AND DISCUSSION The simulation with regards to server and client relationship using the queuing theory, from Figure 1, shows that the constant flow of data request highly has no delay, when small sizes of packet flows between server and clients. Hence, the Maclaurin equation for data flow rate is reasonable, compare to the usual theory that says: If λ is the arrival rate and μ is the service rate of a single server, then the queue will grow to infinity. The queue will also grow to infinity if λ = nμ (random walk), except if it’s a D/D/n queue. However, figure 2 shows the performance depreciation when larger size of packet lowing from client to server service which means that the server responds to client request based on its sizes and arrival time. Server to client ratio according to Tail theory in figure 3, shows that the depreciation of client-to-server performance is higher irrespective of the sizes, number and time of request.

Hence, the steady state measurement of packet of data is related: Πn= , where Π n is the distribution of the number of full-size and half size packets. This is compared with the performance of the network related with the function: (

)

, Where k >n and

is the

inertial performance probability of the network. Precisely, ( , the number of clients served). The performance of the network and the steady state measurement of the packet of data are simulated with JAVA programming language.

REFERENCES Nilesh. A.M., Sanjay .L. B. (2012), Reduction in Packet Delay Through the use of Common Buffer over Distributed Buffer in the Routing Node of NOC Architecture, International Journal of Innovative Technology and Creative Engineering 2, 5-12. Christos T, George X., Yannis T, (2014), Reducing Forwarding State in Content-Centric Networks with Semi-Stateless Forwarding, proceedings of the IEEE INFOCOM, 1-10. Mary G., Jansi R., Selvin T (2014), Implementation of Source Routing Protocol in Figure 1: Network Performance Hierarchical Mobile Ad Hoc Networks, International Journal of Engineering and Technology, 4, 191-195. Rajendra A., Pankaj C., Nirmal R (2013), Trust 8, SEVER,SEVER, 7, value Algorithm: A Secure Approach against Packet 90 SEVER, 6, 80 Drop Attack in Wireless Ad-hoc Networks, SEVER, 5, 70 International Journal of Network Security & Its SEVER, 4, 60 Applications (IJNSA), Vol.5, No.3 SEVER, 3, 50 SEVER Sheng M., Natalie E. J., Zhiying W, (2012) Whole SEVER, 2, 40 PERFORM PERFORMANCE Packet Forwarding: Efficient Design of Fully SEVER, 1,30 PERFORM Adaptive Routing Algorithms for Networks-on-Chip, PERFORM ANCE,PERFORM 5, PERFORM PERFORM PERFORM 20PERFORM 7, 8, International symposium on high performance ANCE, ANCE, 6, ANCE, 0.814470 ANCE, 4, ANCE, 3, 2, ANCE,ANCE, 1, 0.997494 0.97193 0.919444 9 0.71016 0.618369 0.49425 0.3271 computer architecture. 112. PERFORMANCE Lei Zhou Y., Harry H., Ruifeng Z, (2006), Reduced-Rate Retransmissions for Spread-Spectrum Packet Radio Multimedia Networks, IEEE Figure 2: Server Performance SERVER, CLIENT, CLIENT, SERVER, 11, 11, 10 10 CLIENT, SERVER, 10, 10,99 CLIENT CLIENT, SERVER, 9,9,88 CLIENT, SERVER, 8,8,77 CLIENT, SERVER, 7,7,66CONSTA CONSTA CONSTA CONSTA CONSTA CONSTA CONSTA CONSTA CONSTA CONSTA CONSTA CLIENT, SERVER, 6,6,55 SERVER, NT DATA NT NT DATA NT DATA NT DATA NT DATA NT DATA NT DATA NT CLIENT, DATA DATA NT NT DATA 5,5,44 SERVERDATA CLIENT, SERVER, 4,FLOW 4,33 FLOW FLOW FLOW FLOW FLOW FLOW FLOW FLOW FLOW FLOW CLIENT, SERVER, 3,3,22 VALUE, VALUE, VALUE, VALUE, VALUE, VALUE, VALUE, VALUE, VALUE, VALUE, SERVER, CLIENT, 2, 2,11VALUE, 11, 10, …… 9, … 7, … 8, … 6, … 5, … 4, … 3, … 2, … 1,000 1, 1, Server

SERVER

Client

Network Performance

193

1st International Conference on Applied Information Technology Transactions on Wireless Communications, 5, 4, 779-788. Gagandeep K., Poonam A., Baba F. (2014), To Reduce the Packet Collision by Using Adaptive Technique in WSN, International Journal of Advanced Research in Electrical, Electronics and Instrumentation Engineering, 3, 8, 11336-11341.

7-9 October, 2015

Paul E., Daniel R., Florian W.,G. (2014), Performance Characteristics of Virtual Switching, International Conference on Cloud Networking, 1-6. Ting-Lan L., Jihyun S., Pamela C (2010), Packet dropping for widely varying bit reduction rates using a network-based packet loss visibility model, Data Compression Conference.

194

1st International Conference on Applied Information Technology

7-9 October, 2015

DESIGN AND IMPLEMENTATION OF CUSTOMER SERVICE COMPLAINT PORTAL 1

H. Adamu, O.J. 2Ayangbekun, 3A.H. Muhammad

Department of Computer Science, Binyaminu Usman College of Agriculture, Hadejia, Nigeria. 1

[email protected],[email protected]

Abstract: This study investigated the effect of Customer Service Portal and its effects to customer satisfaction at Kano Electricity Distribution Company (KEDCO) Hadejia Business Unit. It is a research based design purposely to give an easier way for receiving marketing and technical complain from the customers through the web portal. Designing the proposed system would enable the faraway customers to render complain easily and swiftly and the system would help the organization to address the issue of proper documentation and retrieval of their customer’s complaints. The study adopted descriptive survey design involving quantitative research and targeted customers of the KEDCO Hadejia Business Unit. The customers were classified into two segment that is corporate customers who were 180 and domestic customers who were 460 totalling to 640. Probability random and stratified random sampling techniques were used to select 90 corporate customers and 230 domestic customers for the study sample size. The study used both primary and secondary sources of data using questionnaires and interview schedules as the research instruments. Data were analyzed using descriptive statistics. Therefore, introduction of the computer oriented approach would overcome the challenges faced in the manual based which is expected to eliminate the shortcomings of the existing system. Keywords: Business, Customer, Distribution, KEDCO, Network, Service feelings of delight; also as Avgerou (2008) conducted extensive research on discourses on innovation and development in Information Systems (IS) in developing countries. This proposed study will make an enhancement in the current technical support mechanism used by the KEDCO Hadejia Business Unit technical support department. It will be conducted based on Problem Tracking Technique which help to ensure consistent and quality support, track the information and problems that come into the Help Desk and assign or forward the problems to the appropriate workgroup and follow-up to make sure the problems are corrected or amended.

INTRODUCTION In traditional markets, customer complaints are considered an important source of information. Therefore since complaint management is recognized as being central to customer satisfaction, any measure of complaint behavior should consider the degree and quality of the underlying customer satisfaction (Jackson Hole, Wyoming, 2001). Customer Service portal in this research context is a status granted an individual‟s, typically the customers at Kano Electricity Distribution Company (KEDCO) Hadejia Business Unit by allowing them to have an access to the portal and give them chance to send their complaints via internet wherever they are. However Kano, Katsina and Jigawa State are under Kano Electricity Distribution Company which comprises of ten different Business Units, including Hadejia Business Unit. The main goal of customer service is to provide better service to the customer when they contact the customer service employees, either through email, or a phone call. This will ensure prompt delivery of responses and satisfaction via correct solution in a timely manner. This is achieved in a proactive manner thereby resolving many issues before the customer even notices any lapses. The customer should notice an improvement in the turnaround time when a help request is submitted, as well as a reduction in the number of times they have to ask for help until the solution provided. Johnston (2004), cited in Otiso et al (2012), posits that the aim for service excellence does not imply that organizations should continually and always exceed expectations; service excellence is to provide the customers with what they value in order to induce

However, the Electronic Customer Relationship Management (e-CRM) is gaining the attention of ebusiness managers who are interested in increasing repeat business and customer loyalty Julta, D., Craig, J. (2001). Power Sector Power sector in Nigeria are the organization responsible to provides the nation with sufficient electricity supply across the country. This sector is being control by the federal government through the power minister. The Nigerian Power Sector (Fig. i) is made up of three (3) major sub - sectors as depicted below:  Generation (GENCO)  Transmission (TRANSISCO)  Distribution (DISCO) All the above list of companies / subsectors reports to their MD‟s (Managing Director) at Zonal Headquarter in Abuja who then reports to the Minister of Power and steel. Then the Power

195

1st International Conference on Applied Information Technology Minister reports directly to the Mr. President of the federal republic of Nigeria.

7-9 October, 2015

through lost of sales and productivity. However, technology properly used can help employees work more efficiently and ease customer frustrations. There are various ways technology can be used to improve customer service. Bloom et al. (2009) ascertain that ICTs play a major role in networking and communication as firms use these technologies to facilitate communication among employees and reduce co-ordination costs. According to Hanna (2003), ICT enhances the production process in organizations as monitoring technologies could be used to reduce the number of supervisors required in the process. Increased Automation Contact centers are increasingly using voice recognition and call-routing technologies. The customer can speak to a computer or press keys that will route him or her to the appropriate department to handle the request. Call routing improves customer service by allowing the customer to go straight to the person that can handle his or her needs. This saves the customer from repeating the request to numerous representative and ultimately saves time for the customer and saves money for the organization. Research technologies and consultants can help automate routine processes.

Figure 1: Power Sector Statement of the Problem Based on the fact that Hadejia Business Unit is a large organization that covers 13 local government areas of Jigawa State, receiving customer‟s complaint reports is always being made through only one desk officer (Customer Service or Care) under the Business Unit in Hadejia Town. Customer comes from far and near to table down their complaints or requests manually through only one medium thereby posing the following problems:  Less efficiency  Less effectiveness  Less reliability  Time consuming  Waste of material resources The proposed new system would takes control of all the above mentioned problems efficiently.

Customer Empowerment & Education Online technology also empowers and educates customer. With technology, the customer can get what is needed from the company. Self-checkout lines have become popular in retail outlets. The customer goes into the store to get what is needed and can check out without interacting with the company's associates. The customer is satisfied because he or she can quickly get exactly what is needed, purchase and pay for the item without a long wait. The customer may also choose not to selfcheckout and prefer to use a cashier line. This also increases customer service because he or she has an option. The customer has control over how he or she interacts with the organization and also see what the company can allow the customers to access themselves.

LITERATURE REVIEW Roles of ICT in any Customer Service enterprise system can not be over emphasized. Basically, ICT describes the technology that enables recording, processing, retrieving and the transmission of information or data. Herselman and Hay (2003) also describe ICT as technologies that support the communication and co-operation of “human beings and their organizations” as well as “creation and exchange of knowledge. Furthermore, Yu (2010) considers ICT as a range of technologies that allow the gathering, exchange, retrieval, processing, analysis and transmission of information. In order words, ICT can be described as any tool that facilitates communication, process and transmit information and share knowledge through electronic means. Customer service is the lifeblood of any organization, and it is not just a department but must be the attitude of the entire company. Employees can be trained to provide the best service possible to the customer. But if the technology is not adequate, customers and employees will quickly become disheartened and frustrated. A frustrated customer (or employee) can lead to lower company revenues

CUSTOMER SERVICE TECHNOLOGY There are a few major areas in which technology now is able to help provide key advantages to businesses in engendering customer loyalty by improving customer service: Websites Providing areas on your website where customers can answer their own questions and seek answers from others. E-mail Using e-mail is a way to improve customer service and more quickly respond to certain needs or help requests.

196

1st International Conference on Applied Information Technology

7-9 October, 2015

2 3 Table I: Sample of customer complain report book

Communication Unifying communication so that you know that the customer who left a voice mail also sent an e-mail with the same request a few days ago.

DISTRIBUTION NETWORK Electrical distribution systems are primarily designed to meet the consumer's demands for energy. This is achieved by taking energy from primary substations and delivering it to various customer substations through either underground cables or above ground lines, the line can either be a H.T (High Tension) or L.T (Low Tension). Each distribution transformer has its own name and location in every environment that has a power supply. The single line color coded which indicate the voltage level of each line starting from 330KV=Black, 132KV=Blue, 33KV=Green, 11KV=Red and 0.415KV= yellow, this will enable the user to know the capacity of voltage in every networks as shown in Fig. ii and Fig. iii below for the 33KV single line and 11KV single line distribution network respectively.

Software Better managing customer relationships with more sophisticated data-gathering tools, such as customer relationship management software. GENERAL ANALYSIS OF EXISTING SYSTEM The major complains being reported by customers to the Customer Service Office can either be a Technical or Marketing issue. Technical Complaint In this research context, Technical complaint are mostly reported by the customers on Transformer problems such as Fuse cut up from the Feeder‟s Pillar, Service wire cut or partial contact, and some major problem like H.T (High Tension) and L.T (Low Tension), Pole broken or bent, H.T (High Tension) and L.T (Low Tension), Aluminum conductor wire cut or twisted and others. Marketing Complaint Marketing complain is a problem reported by the customers such as non-picking of Meter reading, non-reflection of payment on new bill, Present bill not received by the customer and other relevant problems which may include: change of name, change of area code and other similar issues. RECEIVING A CUSTOMER’S COMPLAINS MANUALLY With the manual approach, customers comes physically to the KEDCO‟s office to present his / her bill for complaint to the KEDCO‟s Hadejia Business Unit customer service officer. This bill contains details about the customer such as Customer Name, Customer Account Number, Customer Address, Customer Last Payment with Date and other information placed on the Bill. This will enable the customer service officer or care officer to record the customer information in his report book which is then processed later manually. This manually procedures take a very long time to materialised. The adopted old manual format is depicted (Table I) below. S / n

Na me of Cu sto me r

Cu sto me r Ac cou nt

Cu sto me r Ph one

Ti me

Nat ure

of

of

Co mpl aint

Co mpl aint

A cti on T ak en

Ti me A me nd ed

Fig. ii: 33KV Single line diagram of Distribution Network

ZZZZZZZZ

Fig. iii:11KV Single line diagram of Distribution Network

R e m a r k s

PROPOSED SYSTEM DATA FLOW DIAGRAM A data flow diagram (DFD) is a graphical representation of the „flow‟ of data through an information system, modeling and its processing phase. A DFD is often used as a preliminary step to create an overview of the system, which can later be elaborated. DFDs can also be used for the

No No

1

197

1st International Conference on Applied Information Technology visualization of data processing (also known as structured design). DFD shows what kind of information will be supplied (input to) and output from the system, where the data will come from and go to, and where the data will be stored for appropriate use (Fig. iv).

quantitatively. A Microsoft excel 2010 was used to analyze the descriptive statistics and presented in form of frequency distribution tables and pie charts. RESULTS AND DISCUSSION Items related to customer satisfaction with Customer Complaint Portal Delivery includes: Strongly Disagree, Disagree, Neutral, Agree and Strongly Agree. This results were eventually arranged into four categories: (1) satisfaction with KEDCO‟s services; (2) fulfilment of expectations, and (3) disappointment.

Homep

Sing UP

Sing In

Safety

Cus tom

Net wor

Ad min

Contac t Us

The number of respondents in which a particular item on customer satisfaction was involved is as reported in Fig. v.

Complai n 11KV Networ

Technic al

7-9 October, 2015

Adm in

33KV Netw

Marketin g

Viewi ng Sing Up User

Activ ate User

View ing Tech nical Com plain

Vie wing Mar keti ngC omp

Viewi ng An Inquir y

Deac tivat e User

Dele te User

Solvin g Cases

Fig. v: Fully satisfied with KEDCO services. As shown from the figure above, 1% of the customers strongly disagreed with being satisfied with KEDCO services, 2% just disagreed. On the contrary, 45% of the customers strongly agreed that they were fully satisfied with KEDCO services; 40% agreed. Consequently, a cumulative percent of 12 tended to be neutral to being fully satisfied with KEDCO‟s services.

Figure 4: DFD of the new system

MATERIALS AND METHODS The study was conducted at the Kano Electricity Distribution Company (KEDCO) in Hadejia Business Unit. It adopted explanatory research design. Specifically, the study targeted customers of the Kano Electricity Distribution Company in Hadejia Business Unit. The customers of the KEDCO were classified into two segments: i.e. corporate customers - 180 and domestic customers who were 460 bringing it to a total of 630 (KEDCO Information Desk, 2015). The respondents were randomly selected after considering factors such as accessibility and the significance of the study information to the researcher and other stakeholders. Therefore, these target population provided the required sample size for the study. Stratified sampling technique was however adopted and used for both primary and secondary sources of data. The instruments of data collection comprises of Questionnaires, Oral Interview schedules and personal observatory analysis; and the collated data then analyzed

Figure 6: Fulfilment of expectations

198

1st International Conference on Applied Information Technology The above figure shows that close to 1 percent strongly disagreed to KEDCO fulfilling their expectations, 2 percent disagreed, 35% agreed to KEDCO fulfilling their expectations and 49 percent strongly agreed. Thus a total of 13% were neutral to their expectations being fulfilled against a cumulative total of 48% who agreed.

7-9 October, 2015

Fig. viii: Homepage Sign up Module This is the part whereby the customer register or create new account that will help him/her have a full access to the customer service portal (Fig. ix).

Figure 7: Disappointment Similarly, the figure above shows that 1 percent strongly disagreed that KEDCO has never disappointed while 4% disagreed. This gives a cumulative total of 5% who disagreed with the motion that KPLC has never disappointed. On the contrary, 52% strongly agreed that KPLC has never disappointed while 28% agreed. Thus a total of 15% were neutral to the motion that KEDCO was never disappointed.

Figure 8: Customer‟s Registration Administrator Module This is one of the most important part of this system, this is the part that allows the system administrator to manage users (customers). He can activate user, deactivate user, and delete any user. It also allows the admin to view the communication that occur between customer and customer service and the cases that have been solved or resolved (Fig. x).

PROPOSED SYSTEM MODULAR DESIGN Modular design is a design approach that subdivides a system into smaller parts called modules or skids that can be independently created and then used in different systems.This research is made up of eight main modules that contain some basic components such as data storage, data call, user identity, certification, data security and lots more. However the eight basic modules of this very system are: Sing Up, Administrator, Sing In, Technical complain, Marketing complain, Contact Us, Network and Safety (Fig.viii).

Fig.x: Admin Log in Sign in Module The Sign In module is where the registered customer with valid meter‟s account number will be able to select the appropriate option: technical or marketing complain and fill all the information required, then click on submit (Fig. xi) to be able to send their complain to the customer service database.

199

1st International Conference on Applied Information Technology

7-9 October, 2015

Fig. xiii: Marketing Complain Contact Us Module This is an inquiry module that allows customers to make enquiries and also ask questions associated with electricity supply and other service connection matters (Fig. xv).

Fig. xi: Customer‟s Log in Technical complain Module Here is one out of the two option in which the customer make use of their KEDCO‟s electricity bill information to fill all the required information specified in the text fields. Technical complain deals with issues with transformer, high and low tension networks problems (Fig. xii). Fig. xiv: Inquiry module Network Module This module is use to guide the customer to learn or know the single line diagram of electricity voltage level because most of the distributional substations voltage level of customer were 33KV (Fig. ii) and 11KV (Fig. iii) network, also this will enable the customer to follow the network map to know their voltage level of provider and the actual location of his distributional transformer. Safety Module This module provides guidelines to customers using electricity supply in different locations on how they can take care of their appliances, control them and other safety measures associated with electricity thereby protecting them from danger.

Figure xii: Technical Complain Marketing complain Module Here is another option in which the customer make use of their KEDCO‟s electricity bill information to filling all the required information provided in the text field. Marketing complain deals with bill problems and cash collection issues (Fig. xiii).

CONCLUSION Evidently, the poor customer service delivery affects customer satisfaction. Considering how fast the world are moving in the development, procurement and of information and communication technology, KEDCO Hadejia Business Unit should make immediate step to catch up with the new technological trends involving the adoption of customers service complaints portal to keep tracks of customers needs. This research however has clearly stated this out and can bring in a lot of advantages with great impact on human and business daily life. We can therefore categorically states that ICT development is the best choice in helping KEDCO to stay on track to maintain and improves their productive moves in the future ahead. With this development, the proposed Online Customer Service Portal would solve the associated problems with traditional system which is the entirely manual. With the present ICT evolutionary

200

1st International Conference on Applied Information Technology trend, many customer services are now beginning to advice and discuss issues with their customer using the internet which is a web-based medium. One important area of application of the web technology is in the development of a web based consultation portal.Therefore the use of computer based for online customer service system for receiving customers complain should forms the basis of the KEDCO‟s management decision. It aims at providing the

7-9 October, 2015

management with adequate, effective, well documented and prompt up-to-date and efficient planning and decision making for a better customers satisfaction. It however improves the quality of internal and external communications thereby improving the operational efficiency and flexibility via an improved customer – service management relationship. Julta, D., Craig, J., Bodorik, P. 2001. Enabling and Measuring Electronic Customer Relationship Management Readiness, Proceedings of the 34th Hawaii International Conference on System Sciences, Hawaii. Kelly S. W., Davis, M. A. 1994. Antecedents to Customer Expectations for Service Recovery, Journal of the Academy of Marketing Science, pp. 52-61 Otiso K.N., Chelangat D., Bonuke R.N. 2012. Improving the Quality of Customer Service through ICT Use in the Kenya Power and Lighting Company‖, Journal of Emerging Trends in Economics and Management (JETREMS), p461-466, © Scholarlink Research Institute Journals, 2012, ISSN: 2141-7024, jetems.scholarlinkresearch.org, http://jetems.scholarlinkresearch.org/articles Reichheld, F. F. and Schefer, P. 2000. E-Loyalty: Your Secret Weapon on the Web, Harvard Business Review, pp. 105-113. Yu, E. 2010. Information and communications technology in food assistance. [online] Available: http://home.wfp.org/stellent/groups/public/document s/newsroom/wfp225972.pdf

REFERENCES Avgerou, C. 2008. Information systems in developing countries: a critical research review, Journal of Information Technology, pp 133-146. Bloom, N., Garicano, L., Sadun, R., Reenen, J. 2009. The distinct effects of information technology and communication technology on firm organization. Cho, Y., Im, I., Ferjemstad, J., Hiltz, R. 2001. Analysis of Pre- and Post-Purchase Online Customer Complaining Behavior, Proceedings of Conference on Customer Satisfaction, Dissatisfaction & Complaining Behaviour. Fornell, C., Wernerfelt, B. 1987. Defensive Marketing Strategy by Customer Complaint Management: A Theoretical Analysis, Journal of Marketing Research, pp. 337-46. Hanna, N. 2003. Why National Strategies are needed for ICT-enabled Development. Information Systems Group (ISG) Staff Working Paper, No. 3, June 2003. Herselman, M. E., Hay, H. R. 2003. Challenges Posed by Information and Communication Technologies (ICT) for South African Higher Education Institutions. Informing Science, 931-943.

201

1st International Conference on Applied Information Technology

7-9 October, 2015

WEB-BASED INFORMATION RETRIEVAL: A COMPARATIVE ANALYSIS OF RANKING ALGORITHMS 1 1

O. A, Abass, 2 O. Folorunso, 3A.S. Sodiya

Department of Computer Science, Tai Solarin College of Education, Omu-Ijebu, Nigeria Department of Computer Science, Federal University of Agriculture, Abeokuta, Nigeria

2, 3

1

[email protected], [email protected], [email protected]

Abstract: The information explosion has created diverse challenges in the Web for effective and efficient relevant search of information to meet user’s need using Information Retrieval System (IRS). The major challenge facing IRS is the possibility of retrieving only the relevant documents for the user’s queries. The use algorithm that provides precision and recall which will afford the user to get precise data that satisfies his/her area of interest. Page ranking is helpful in web searching. Hence, search engine uses page ranking algorithms. In this paper, an attempt is made to compare the two algorithms (PageRank and Weighted PageRank) using connectivity-based ranking i.e. link analysis using GOOGLE website as a domain. It was observed that WPR (which used both inbound and outbound links) computes values at index time and results are considered on the basis of Page importance/popularity while PR (which used only inbound links) considered the results on the priority of pages and WPR show higher rank values. The results from iterative calculations showed that WPR produced higher rank values than PR which makes WPR algorithm yielding better ranking than PR. Keywords: Information Retrieval, Information Retrieval System, PageRank, Ranking Algorithms, Web Mining, Weighted PageRank these large text databases was search engine and IRS became ubiquitous (Sanderson and Croft, 2012). The Web is a suitable channel of interacting with sources of information across the Internet but the channel is faced with the challenge of little guidance to assist the user to locate relevant and interesting information in the highly explosive data storage environment. Hence, IR has played a critical role in making the Web using a productive and useful tool, especially for researchers (Silberschatz, et. al., 2011). In the context of the Web, each page is considered to be a document. As at today, the World Wide Web (WWW) has grown extremely large in terms of unimaginable usage as information repository for the purpose of knowledge reference. The information explosion has created diverse challenges in the Web. Hence, for effective and efficient relevant search of information to meet user‟s need, the quest for understanding and analysing the data structure of the Web is very important. Information Retrieval (IR) along with other areas like Database (DB), Web mining techniques, Natural Language Processing (NLP), Machine Learning etc. can be used to solve the above challenges. Currently, great number of web users use IR tools like search engines (e.g. popular Google, Yahoo, Bing etc.) to find information from the WWW because of their crawling and ranking methodologies. Ranking mechanism is a very important factor for search engines as they daily answer millions of queries and subsequently download, index and store hundreds of millions of web pages. For a user query, ranking determines the sequence (arranged in descending order) of the return pages in result based on the popularity of the pages and the Web pages with high popularity

INTRODUCTION Information Retrieval (IR) is becoming an important research area in the field of computer science. IR is generally concerned with the searching and retrieving of knowledge-based information from large database (Sharma and Patel, 2013) and is generally considered as a subfield of computer science that deals with the representation, storage, and access of information (Mohameth-François, et. al., 2012). IR is the process by which a collection of data is represented, stored, and searched for the purpose of knowledge discovery in response to a user request, i.e. query (Anwar and Alhenshiri, 2013) and it involves stages initiated by representing data and ending with returning relevant information to the user. Intermediate stage includes filtering, searching, matching and ranking operations (Sharma and Patel, 2013). An ideal retrieval system is expected to retrieve only the relevant documents while irrelevant ones are ignored. The term “IR” as used in this paper refers to the retrieval of unstructured records which consists of mainly free-form natural language text in which reasonable emphasis of IR research is focused on (Greengrass, 2000). Information Retrieval System (IRS) searches the collections of either unstructured or semi-structured data of documents, video, images, web pages to retrieve relevant information based on user‟s query and the need for the system arises when the collection of documents are of the size far beyond the scope of traditional retrieval techniques. With the growth of digitised unstructured (i.e. textual data) information via high speed networks, rapid global access to enormous quantities of information, the only viable solution to finding relevant items from

202

1st International Conference on Applied Information Technology

According to Sharma and Patel (2013), “the main goal of IRS is to finding relevant information or a document that satisfies user information needs”. To achieve this goal, IRSs usually implement following processes”: i. In indexing process the documents are represented in summarized content form. In filtering process all the stop words and common words are remove. iii. Searching is the core process of IRS. There are various techniques for retrieving documents that match with users need. A document-based IRS typically consists of three main subsystems: document representation, representation of users' requirements (queries), and the algorithms used to match user requirements (queries) with document representations. The basic architecture and the processes are as shown in Fig. 1.

come up in the returned results. Popularity is also known as Page ranking and its calculation is very critical part of search engine. For this purpose, search engine uses page ranking algorithms (Rawat et al, 2014). Basically page ranking algorithm are used to present the search results by considering the relevance, importance and content score (Ashutosh and Ravi, 2009). ii. Consequently, the motivations of this paper is to explain the concepts and architecture of information retrieval with its inherent benefits; explore important algorithms based on Page Rank and compares two of these algorithms; show the comparison results of the algorithms, and present future research direction. LITERATURE WORK

REVIEW

AND

7-9 October, 2015

RELATED

Basic Architecture of Information Retrieval System (IRS)

Data Collection

and Burdak,

Filtering Query formulation Indexing User query Document Indexed

Matching Algorithm

Document matched

Document retrieved

Fig 1: A General Framework of Information Retrieval System (Sharma and Patel, 2013) There are three basic processes an IRS has to support: representation of the content of the documents, representation of the user's information need, and comparison of the two representations. In the figure, squared boxes represent data and rounded boxes represent processes. Document representation process, which takes place off-line, is usually called the indexing process where the end user of the IRS is not directly involved. Representing users‟ information need is often referred to as the query formulation process. The primary concern in representation is how to select proper index terms. Typically, representation proceeds by extracting keywords that are considered as content identifiers

and organizing them into a given format (Pathak, et. al, 2000). The resulting representation is the query (Hiemstra, 2009). Comparing the two representations is known as the matching process. Retrieval of documents is the result matching process. Queries transform the user's information need into a form that correctly represents the user's underlying information requirement and is suitable for the matching process. Pathak, et. al, (2000) opine that query formatting depends on the underlying model of retrieval used - Boolean, Vector space, probabilistic, fuzzy retrieval models and models based on artificial intelligence techniques. Characteristically, the user based on the information

203

1st International Conference on Applied Information Technology need rates documents presented as either relevant or non-relevant after the matching algorithms calculate matching numbers for documents retrieved in the decreasing order of these numbers. However, the major challenge facing IRS is possibility of retrieving only the relevant documents for the user‟s queries. Various system performance criteria like precision and recall have been used to gauge the effectiveness of the system in meeting users‟ information requirements. Recall is the ratio of the number of relevant retrieved documents to the total number of relevant documents available in the document collection. Precision is defined as the ratio of the number of relevant retrieved documents to the total number of retrieved documents. Relevance feedback is typically used by the system to improve document descriptions (Gordon, 1988), or queries (Salton and Buckley, 1990) with the expectation that the overall performance of the system will improve after such a feedback.

7-9 October, 2015

capture their content, (3) they allow searchers to issue queries, and they employ information retrieval algorithms that attempt to find for them the most relevant pages from this universe. Search engines differ from each other along all these dimensions. A search engine can gather new pages for its universe in two ways. First, individuals or companies who have created Web pages may directly contact the search engine to submit their new pages. Second, search engines employ so called Web `spiders/crawlers/robots' which traverse known Web pages, link to link, in search of new material. Differences among spiders determine the database of documents that a given search engine accesses as well as the timeliness of its contents (Gordon and Pathak, 1999). As the design of search engine is meant for searching for information on the World Wide Web, the results generated by search engine are presented to the user in a list of results commonly called „hits‟. On the web, there exist many general-purpose search engines.

Information Retrieval and the Web The advent of the World Wide Web caused a dramatic increase in the usage of the Internet. The World Wide Web is a broadcast medium where a wide range of information can be obtained at a low cost. Information on the World Wide Web is important not only to individual users, but also to the organizations especially when the critical decision making is concerned. Most users obtain information on the World Wide Web using a combination of search engines (Leighton and Srivastava, 1997) and browsers. However, these two types of retrieval mechanisms do not necessarily produce all the information needed by the user because of irrelevant documents returned in response to a search query. To overcome this problem, we need one effective search engine which produces maximum relevant information with minimum time and low cost.

According to Choudhary and Burdak, (2012), there are 3 important components in a search engine. They are and of Ranking The Fig. Crawler, 2: Simple Indexer Architecture a Searchmechanism. Engine (Choudhary crawler, also called a robot or spider, tracks the web to download the web pages and the downloaded pages are forwarded to an indexing module which assigns the web pages and builds the index generally maintained in accordance with the keywords pages. A query sent by a user via an interface is matched with the index by a query processor and the URLs such pages are returned to the user after ranking mechanism is executed by the search engines to display the relevant pages in descending order. This process affords user to easily go through the search results.

Gordon and Pathak (1999) opine that there are four different methods for locating information on the Web: (i) You may go directly to a Web page simply by knowing its location. (ii) The hypertext links emanating from a Web page provide built-in associations to other pages that its author considers to providing related information. (iii) `Narrowcast' services can `push' pages at you that meet your particular user profile. (iv) Search engines allow users to state the kind of information they hope to find and then furnish information that hopefully relates to that description. Information Retrieval and Search Engines A “search engine” is a resource that provides the ability to search information on the Internet. According to Gordon and Pathak (1999), search engines provide three chief facilities: (1) they conceptually gather together a set of Web pages that form the universe from which a searcher can retrieve information, (2) they represent the pages in this universe in a fashion that attempts to

Natural Language Processing (NLP) The classical IR search engine operates by taken both the query and the retrieved documents as same language and regards the documents in foreign language as the unwanted “noise” (Abusalah, et. al., 2005). Conversely, in the current dispensation of massive use of the Internet characterised by modern IRS, the user‟s queries and retrieved documents are

204

1st International Conference on Applied Information Technology in different languages. This has called for the presentation of new IRS capable of handling all retrieved documents without any language disparity or barrier. This is where the three types of NLP techniques - bilingual (BLIR), cross-lingual (CLIR) and multilingual (MLIR) - play major role in order to improve the IRS which matches the semantic contents of both the queries and documents. According to Faloutsos and Oard (1995), natural language techniques have been applied with some success on the large Text Retrieval Conference (TREC) corpus.

7-9 October, 2015

Information Retrieval Algorithms Solving the problem of retrieving everincreasing saved data necessitated the IRS introduction. When a query is initiated, IRS yields results related to any of the words in the query. The system generates large volume of results, sometimes in thousands, for a particular query in which few are relevant and needed by the user leading to imprecision and time wastage while the presence of that extra data can lead to skipping of the useful data (Bhatia, et. al. 2013). Consequently, many researchers are working on this system to find the best algorithm for data search. Hence, the use algorithm that provides precision and recall which will afford the user to get precise data that satisfies his/her area of interest.

Information Retrieval and Web Mining Web mining is the application of data mining techniques to automatically find and retrieve information from the World Wide Web (Choudhary and Burdak, 2012). There are three areas of Web mining according to the usage of the Web data used as input in the data mining process. Namely: Web Content Mining (WCM), Web Usage Mining (WUM) and Web Structure Mining (WSM) (Singh and Kumar, 2009) as depicted in Figure 3. WCM focuses on the retrieving information quickly from the WWW in more structured form using indexing process. WUM deals with recognising the browsing patterns and user‟s navigational behaviour. WSM finds out the model inherent in the link structures of the Web pages, list them and generate information on the similarity and /relationship between the links maximising the advantage of their hyperlink structure analysis thereby promoting retrieval of more relevant information. WCM relies on agent-based approach and database-based approach. The former approach use features of a particular to find relevant information while the latter use the semi-structure data from the web. Some applications of the WCM are to identify the topics, categorize web documents, from different servers to find similar web pages, relevance applications, task based relevance applications, to provide list of relevant documents from collection and filters these documents on the basis of relevance score (Choudhary and Burdak, 2012) .

Ranking Algorithm As today‟s search engines may return millions of pages for a certain query, it is not possible for a user to preview all the returned results. So, page ranking is helpful in web searching (Chitroda and Patel, 2014). Web ranking techniques are employed to extract only the most relevant documents from the database and provide the users with the desired information (Jaganathan and Desikan, 2015). Generally today, the order of the web pages depends on popularity of the pages where web pages having high popularity come up in the returned result. Popularity is also known as Page ranking (PR). Search engine‟s results for a query should be arranged on descending order of PR and its calculation is very critical part of search engine. For this purpose, search engine uses PR algorithms (Rawat et al, 2014). Basically, PR algorithm are used to present the search result by considering the relevance, importance and content score (Ashutosh and Ravi, 2009). Hence, algorithms rank the search results in descending order of relevance to the query string being searched. A web PR for a specific query depends on factors like (i) relevance to the words, (ii) concepts in the query (iii) overall link popularity etc. Content-Based and Connectivity-Based Ranking Algorithms Chitroda and Patel (2014) opine that ranking are classified into two categories: (i) content-based and (ii) Connectivity-based. In content-based ranking, ranking activity is based on the number of matched terms, frequency of terms, location of terms etc. This technique adopts Web Content Mining approach. Conversely, connectivity-based ranking is on the basis of link analysis technique. The technique use Web Structure Mining approach. Web mining approach provides additional information through hyperlinks where different documents are connected. The Web is viewed as a directed graph whose nodes are the documents or pages and the edges are the hyperlinks between them. This directed graph structure in the Web is called as Web Graph. In this

Fig. 3: Web Mining Categories

205

1st International Conference on Applied Information Technology

7-9 October, 2015

paper, the emphasis is laid on the link analysis of the web pages. If Page1, Page2, Page3 and Page4 are denoted by A, B, C and D respectively, the above picture translates into the web graph below.

Page Ranking Algorithms Five Page Rank-based algorithms exist. These are PageRank (PR), Weighted PageRank (WPR), Hypertext Induced Topic Search (HITS), DistanceRank and DirichletRank algorithms (Ashutosh and Ravi, 2009).

METHODOLOGY In this paper, the focus is on PageRank and Weighted PageRank algorithms. Attempt is made to compare the two algorithms using connectivity-based ranking i.e. link analysis. The GOOGLE website is used as the domain. PageRank Algorithm PageRank (PR) algorithm based on citation analysis used by the popular search engine (Google) was developed by Brin and Page at Stanford University in 1996 and the focus was to provide advanced and better way to compute the importance or relevance of a Web page instead of mere counting the number of pages that are linking to it (i.e. “backlinks”). Higher weighting is given to backlink if it comes from an “important” page rather than backlink from non-important pages. A link from one page to another page is regarded as a „vote‟. However, not only the number of votes a page receives is considered important, but the “importance” or the “relevance” of the ones that cast these votes as well (Duhan et al, 2009). This algorithm is query independent and it operates on the whole Web and assigns a PR to every web page (Grover and Wason, 2012). PR is displayed on the toolbar of the browser if the Google Toolbar is installed. The Toolbar PageRank goes from 0-10, like a logarithmic scale with 0 is the low page rank and 10 is the highest page rank. The PR of all the pages on the Web changes every month when Google does its re-indexing. In practice, PR scores can be computed using power iteration. Since PR is query-independent, the computation can be performed off-line ahead of query time and this property has been key to PageRank‟s success (Najork, et. al., 2007)

A

D

B

C

Fig 5: Web Graph showing Hyperlink

Suppose Page A has pages T1…Tn which point to it i.e., are links. The PageRank of a page A is given by the following formula: ( ) ( ) ( ) ( ) ( ( ) ( ) ( (

) )

)

Eq. 1

Where PR(A) is the PageRank of Page A, the variable d is a damping factor (which value can be set between 0 and 1 but usually set the value of d to 0.85), PR(T1) is the PageRank of a site having back link to Page A, C(T1 ) is the number of outgoing links from that page. The damping factor is use to stop the other pages having too much influence. PageRank formula is recursive. Hence, to calculate PageRank of a page we need to know the PageRank of other pages. Therefore we started with any random value (normally with 1 for all pages) of PageRank and iteratively update these ranks using above formula and wait until they converge (Jain et. al, 2013). Let us assume the initial PageRank as 1 and do the calculation. The value of damping factor d is put to 0.85.

Measuring and Calculating PageRank Measuring PageRank starts by picturing the Web as a directed graph with web pages and links between them considered as nodes and edges. Suppose we have a small Internet consisting of just four websites referencing each other in the manner suggested by the picture below:

PR(A)

= (1-d) + (PR(B)/C(B)+PR(C)/C(C)+PR(D)/C(D)) = (1-0.85) + 0.85(1/3+1/3+1/1)

d

= 1.5666667 (2A) PR(B) = (1-d) + d((PR(A)/C(A) + (PR(C)/C(C)) = (1-0.85) + 0.85(1.5666667/2+1/3) = 1.0991667 PR(C) = (1-d) + d((PR(A)/C(A) + (PR(B)/C(B)) = (1-0.85) + 0.85(1.5666667/2+1.0991667/3) = 1.127264

206

1st International Conference on Applied Information Technology

PR(D)

Xing and Ghorbani (2004) proposed a Weighted PageRank (WPR) algorithm which is an extension of the PageRank algorithm. This algorithm assigns a larger rank values to the more important pages rather than dividing the rank value of a page evenly among its outgoing linked pages. Each outgoing link gets a value proportional to its importance. The importance is assigned in terms of weight values to the incoming and outgoing links and are denoted as Win(m, n) and Wout(m, n) respectively. Win(m, n) as shown in Eq. 10(a) is the weight of link(m, n) calculated based on the number of incoming links of page n and the number of incoming links of all reference pages of page m.

(2C) = (1-d) + d((PR(B)/C(B) + (PR(C)/C(C)) = (1-.085) + 0.85(1.0991666/3+1.127264/3) = 0.7808221 (2D)

The second iteration is performed by taking the above PageRank values from (Eq. 10), (Eq. 11), (Eq. 12) and (Eq. 13). The second iteration PageRank values are as following: PR(A) = 0.15 + 0.85((1.0991667/3) (1.127264/3)+(0.7808221/1)

+

(

= 1.4445208

PR(B)

(3A) = 0.15 + 0.85((1.4445208/2) + (1.127264/3)) = 1.0833128

PR(C)

(3B) = 0.15 + 0.85((1.4445208/2) + (1.0833128/3)) = 1.07086

PR(D)

(3C) = 0.15 + 0.85((1.0833128/3)+(1.07086/3)) = 0.760349

7-9 October, 2015

)



( )

( )

( ) ∑ ( ) Where In and Ip are the number of incoming links of page n and page p respectively. R(m) denotes the reference page list of page m. Wout(m, n) is as shown in Eq. 10(b) is the weight of link(m, n) calculated based on the number of outgoing links of page n and the number of outgoing links of all reference pages of m. Where On and Op are the number of outgoing links of page n and p respectively. The formula as proposed by Wenpu et al for the WPR is as shown in Eq. 11 which is a modification of the PageRank formula. ( ) ( ) (

(3D) During the computation of 34th iteration, the average of the all web pages is 1. Some of the PageRank values are shown in Table 1. The table with the graph is shown in the simulation results section. Table 1: Iterative Calculation for PageRank

)

( )



(

)

(

)

( )

Measuring and Calculating Weighted PageRank

One thing is noted here that the rank of a page is divided evenly among its out-links to contribute to the ranks of the pages. The original PageRank equation is a recursive which follows recursive process, starts with a given by default PageRank value i.e. 1 and computes the all iteration until all pages starts to repeat same PageRank values individually (convergence) and at last find their average PageRank value that should be 1. PageRank can be calculated using a simple iterative method and corresponds to the principal an eigen vector of the normalized link matrix of the web. In the above Table I, it can be noticed that PageRank of A is higher than PageRank of B, C and D. It is because Page A has 3 incoming links, Page B, C and D have 2 incoming links as shown in Fig. 5. Page B has 2 incoming links and 3 outgoing link. Page C has 2 incoming links and 3 outgoing links. Page D has 1 incoming link and 2 outgoing links. From the Table I, after the iteration 34, the PageRank for the pages gets normalized.

Iteration

A

B

C

D

1 2

1 1.566667

1 1.099167

1 1.127264

1 0.780822

3

1.444521

1.083313

1.07086

0.760349

4.

1.406645

1.051235

1.045674

0.744124

… … 17

… … 1.3141432

… … 0.9886763

… … 0.9886358

… … 0.7102384

18

1.313941

0.9885384

0.98851085

0.71016395

19

1.3138034

0.98844457

0.98842573

0.7101132

… … 33

1.31351

0.988244

0.988244

0.710005

34

1.313509

0.988244

0.988244

0.710005

35

1.313509

0.988244

0.988244

0.710005

(WPR) Using the same hyperlink structure as shown in Fig. 5 to perform the WPR calculation, the WPR equations ( ) for Page A, B, C and D are as follow.

Weighted PageRank Algorithm

207

1st International Conference on Applied Information Technology (

)

( )

∑ ( ) ( )

(

)

(

)

(

)

(

)

(

)

(

)

( ) (

)



( )

(

)

(

( )

(

)

(

)

( )

(

)

(

)

)

Iteration

A

1 2 3 4 5 6 7 8

1 1 1 1.1275 0.47972 0.3912 0.425162 0.27674 0.25727 0.355701 0.244128 0.24189 0.34580 0.247110 0.239808 0.34454 0.23957 0.23953 0.34438 0.23950 0.23950 0.34436 0.23950 0.23949 = 2/(2+2+2) = 1/3

( ) (

)



( )

(

)

(

7-9 October, 2015 B

C

)

(

)

( )

( )

∑ (

)

(

(

)

= 1/2 Eq. 16

)

(

)

(

)

= OA/(OA+OC +OD) = 2/(2+3+1) = 1/3

)

= IA/(IA+IB) = 3/(3+2)

= IB/(IB+IA + IB) = 2/(3+2)

= 2/5 Eq. 17

(

)

= OB/(OA+OB + OD) = 3/(2+3+1) = 1/2 Eq. 18

Eq. 8

To calculate WPR(B), the values in Equations 15, 16, 17 and 18 are put into Eq. 5. Here, the initial value of WPR(C) is set to 1. WPR(B) = (1- 0.85) + 0.85(1.127*1/ 3*1/2 + 1*2/5 *1/ 2) = (0.15) + 0.85(1.127*0.33*0.50+1*0.40*0.50) = 0.4989 Eq. 19 = I /(I +I I ) C B C+ D ( ) = 2/(2+2+2) = 1/3

Eq. 9 (

)

)

Before getting the value of WPR(A), there is need to calculate the value of incoming links and outgoing links weight as bellow: = IA/(IA+IC) ( ) = 3/(3+2) = 3/5

(

1 0.19935 0.18026 0.177541 0.17719 0.17714 0.17714 0.17714

Eq. 15 = OB/(OB+OC) = 3/(3+3)

( ) (

D

= 3/5 Eq. 10

= OA/(OA+OB +OD) ( ) = 2/(2+3+1) = 2/6 = 1/3

Eq. 20 Eq. 11 (

)

= IA/(IB+IC) = 3/(2+2)

(

)

= OC/(OB + OC) = 3/(3+3) = 1/2

=¾ Eq. 21 Eq. 12

(

)

= OA/(OA = 2/2

(

)

= IC/(IA+IB) = 2/(3+2)

= 2/5

=1

Eq. 22 (

Eq. 13

)

= OC/(OA + OC + OD) = 3/(2+3+1) = 1/2

Eq. 23 Substituting the values of Equations 14, 19, 20, 21, 22 and 23 into Equation 6, we obtain the WPR of Page C by taking d as 0.85. WPR(C) = (1 - 0.85) + 0.85((1.127 *1/ 3 *1/ 2) + (0.499 * 2 / 5 *1/ 2)) = (0.15) + 0.85((1.127*0.33*0.50) + (0.499 * 0.40 * 0.50)) = 0.392 Eq. 24 ( ) = ID/(IB+IC) = 2/(2+2) = 1/2

Now using these inlinks and outlinks weight from Equations 8, 9, 10, 11, 12, 13, the values are put in the Equations 4, 5, 6 and 7 to calculate the weighted rank of the nodes A, B, C, and D respectively. For WPR(A) calculation, the value of d is set to 0.85 (standard value) and the initial values of WPR(B), WPR(C) and WPR(D) is considered as 1. So the calculation for 1st iteration follows: WPR(A) = (1- 0.85) + 0.85(1* 3 / 5 *1/ 3 +1* 3 / 5 *1/ 3 +1* 3 / 4 *1) = 1.127 Eq. 14 = I /(I +I I ) B B C+ D ( )

(

208

)

=

Eq. 25 OD/OA

1st International Conference on Applied Information Technology = 2/2

=1

shown for the PageRank and Weighted PageRank algorithms and compare the values to show which has higher rank values. It was observed that WPR (which used both inbound and outbound links) computes values at index time and results are considered on the basis of Page importance/popularity while PR (which used only inbound links) considered the results on the priority of pages.

Eq. 26 (

)

= ID/(IA+IB) = 2/(2+3)

= 2/5 Eq. 27

(

)

7-9 October, 2015

= OD/(OA + OB + OD) = 2/(2+3+1) = 1/3

The future work will describe a large-scale evaluation of the effectiveness of HITS algorithms in web-based information retrieval in comparison with other popular link-based ranking algorithms. Emphasis will also be laid on determining their effectiveness using three common performance measures: the mean reciprocal rank, the mean average precision, and the normalized discounted cumulative gain measurements using two major criteria for evaluating IRS performance.

Eq. 28 Substitute the values of Equations 19, 24, 25, 26, 27, and 28 into Equation 7 to obtain WPR(D) by taking d as 0.85. WPR(D) = (1- 0.85) + 0.85((0.499 *1/ 2 *1) + (0.392 * 2 / 5*1/ 3)) = (0.15) + 0.85((0.499 *0.50 *1) + (0.392 * 0.40*0.33)) = 0.406 Eq. 29

ACKNOWLEDGEMENTS We hereby acknowledge all authors whose their works were cited in this paper. We are indeed grateful for their wealth of knowledge that serves as reference point to us. The contributions of other great academics and mentors are also acknowledged. You are all appreciated immensely.

Table 2: Iterative Calculation Values for Weighted PageRank Comparison of PageRank and Weighted PageRank Algorithms The values of WPR(A), WPR(B), WPR(C) and WPR(D) are shown in Equations 14, 19, 24 and 29 respectively. The relation between these are: WPR(A)>WPR(B)>WPR(D)>WPR(C). This results shows that the Weighted PageRank order is different from PageRank. For the same above example, the iterative computation of Weighted PageRank algorithm is computed. The some Weighted PageRank values are shown in Table 2. So we can easily differentiate the WPR from the PageRank, categorized the resultant pages of a query into four categories based on their relevancy to the given query. They are: (i) Very Relevant Pages (VR) i.e. pages that contain very important information related to a given query; (ii) Relevant Pages (R) i.e. pages that do not have important information about given query; (iii) Weak Relevant Pages (WR) i.e. pages that do not have the relevant information but may have the query keywords; and (iv) Irrelevant Pages (IR) i.e. pages that do not have both relevant information and query keywords. Both the PageRank and WPR algorithms provide pages in the sorting order according to their ranks to users for a given query. So the order of relevant pages and their numbering are very important for users in the resultant list.

REFERENCES Abusalah, M., J. Tait., M. Oakes. 2005. Literature Review of Cross Language Information Retrieval. World Academy of Science, Engineering and Technology 4, 175-177. Anwar A. Alhenshiri. 2013. Web Information Retrieval and Search Engines Techniques. Al-Satil Journal, PP: 55-92. Ashish J., Rajeev S., Gireesh D., Varsha T. 2013. Page Ranking Algorithms in Web Mining, Limitations of Existing methods and a New Method for Indexing Web Pages. CSNT. IEEE. Ashutosh K. S., Ravi K. P. 2009. “A Comparative Study of Page Ranking Algorithm for Information Retrieval”. World Academy of Science, Engineering and Technology Vol:3, 4-20. Christos F., Douglas W. O. 1995. A Survey of Information Retrieval and Filtering Methods, CSTR-3514. Djoerd H. 2009. Information Retrieval Models. Published in Goker, A., and Davies, J. Information Retrieval: Searching in the 21st Century. John Wiley and Sons, Ltd., ISBN-13: 978-0470027622, Pg 1-2. Greengrass, E.D. 2000. Information Retrieval: A Survey. CSCE 561. Gerard, S., Buckley, C. 1988. Term-weighting approaches in automatic text retrieval. Information Processing and Management, 24(5):513-523. Gordon, M.D. 1988. “Probabilistic and genetic algorithms for document retrieval”, Communications of the ACM, 31(10), pp: 12081218 Leighton, H.V., Srivastava, J. 1997. Precision among www search services (search Engines).

CONCLUSION AND PROPOSED WORK The main purpose of this work is to inspect the important page ranking-based algorithms used for information retrieval and compare two of the algorithms. A typical search engine should use web page ranking techniques based on the specific needs of the users because the ranking algorithms provide a definite rank to resultant web pages. The work calculates PageRank values by using PageRank (PR) and Weighted PageRank (WPR) algorithms which are both query independent. Iterative results are

209

1st International Conference on Applied Information Technology

7-9 October, 2015

Page Ranking Algorithms: A Survey. IEEE Jaganathan B., Kalyani D. 2015. Penalty-based International Advance Computing Conference, 978-1PageRank Algorithm. Asian Research Publishing 4244-1888-6/08. Network (ARPN) Journal of Engineering and Applied Nidhi, G., Ritika, W. 2012. Comparative Analysis Sciences. Vol. 10, No. 5. Of Pagerank And HITS Algorithms. International Laxmi, C., Bhawani S. B. 2012. Role of Ranking Journal of Engineering Research & Technology Algorithms for Information Retrieval. International (IJERT). Vol. 1 Issue 8. Journal of Artificial intelligence & Applicatins Nidhi, K., Chitroda., K. M. Patel. 2012. Improve (IJAIA), Vol.3, No.4, pp203-220. Page Rank Algorithm using Normalized Technique. Manish, S., Rahul P. 2013. A Survey on International Journal of Computer Science and Information Retrieval Models, Techniques and Engineering (IJCSE) Vol. 3, Issue 4, 37-42. Applications. International Journal of Emerging Praveen, P., Michael, G., Weiguo, F. 2000. Effective Technology and Advanced Engineering, volume 3, Information Retrievaal using Genetic Algorithm-based Issue 11, pp:542-545. Matching Functions Adaptation. Proceedings of the Marc, N., Hugo Z., Michael T. 2007. SIGIR ‟07, 33rd Hawaii International Conference on System July 23–27, Amsterdam, The Netherlands. Sciences. Sanderson, M., Bruce W. C. 2012. The History of Information Retrieval Research. A proceeding of Poonam, R., Shri, P. D., Haridwari, L. M. 2014. An IEEE ’12. Adaptive Approach in Web Search Algorithm. Mohameth-François, S., Sylvie, R., Jacky, M., International Journal of Information & Computation Armelle, R., Michel, C., Vincent, R. P. 2012. UserTechnology. Vol. 4, No. 15, pp. 1575-1581 centered and ontology based information Retrieval Salton, G., Buckley C. 1990. “Improving retrieval system for life sciences, BMC Bioinformatics, 1471performance by relevance feedback”, Journal of the 2105. American Society for Information Science, 41(4), pp: 288-297 Neelam, D., A. Sharma, K., Komal, K. B. 2009. Silberschatz, A., Henry F. K., Sudarshan, S. 2011. Database System Concepts. 6th Edition. Published by McGraw-Hill. Pg 915-943. Parul, K. B., Tanya M., Tanaya G. 2013. Survey Xing, W., Ghorbani, A. 2004. “Weighted PageRank Paper on Information Retrieval Algorithms and Algorithm”, Proc. Of the Second Annual Conference Personalized Information Retrieval Concept. on Communication Networks and Services Research International Journal of Computer Applications (CNSR ’04), IEEE. (0975 - 8887) Volume 66- No.6.

210

1st International Conference on Applied Information Technology

7-9 October, 2015

A CRITICAL ANALYSIS OF EXISTING SMS SPAM FILTERING APPROACHES O. O. Abayomi-Alli1, S. A. Onashoga2, A. S. Sodiya3, and D. A. Ojo4 1,2,3

Department of Computer Science, Federal University of Agriculture, Abeokuta, Nigeria. Department of Microbiology, Federal University of Agriculture, Abeokuta, Nigeria.

4 1

[email protected], [email protected], [email protected] and 4 [email protected]

Abstract: SMS spam, which refers to an unsolicited message sent by a sender without prior relationship to the user mostly for commercial or financial purposes, is still a major problem to all Global System for Mobile communication (GSM) subscribers. This paper critically reviewed the existing SMS spam filters by identifying and analyzing their problems. Some of these problems are adaptability to spammers’ concept drift, SMS flooding on the network, overhead during training and testing; memory and computational robustness. Furthermore, a taxonomy for existing SMS Spam filtering techniques was constructed. This paper finally concludes by recommending the use of an adaptive and collaborative SMS spam filtering system. Keywords: SMS, Spam, Ham, False Positive, False Negative, Accuracy. announces its arrival once it is received by the mobile phone (Rafique and Farooq, 2010). Mobile Network Operators (MNO) are also interested in reducing the SMS spam on their network because it generates SMS flooding thereby causing high volume of traffic which overloads the network, Yadav et. al. (2011). MNO‟s are concerned with filtering SMS spam as it affect customer‟s satisfaction due to poor service delivery resulting from high traffic of spam SMS. The amount of SMS spam is still on the rise hence there is a need for a technical approach to combat it (Nuruzzaman et. al., 2012). In addition, more effective approaches are required to filter SMS spam automatically and accurately (Xu et. al., 2012). Therefore, this paper critically reviews the existing SMS spam filtering approaches and techniques. The remaining part of this paper is organized as follows: section two examines the general background of SMS and spam while section three presents the existing literatures on SMS spam filtering system. The paper is concluded in section five.

INTRODUCTION Short Messaging Service (SMS) is a fast growing GSM value added service that is supported by all GSM handset and by wide range of network standards worldwide (Le Bodic, 2005). It allows subscribers to exchange short text messages at either a subsidized cost or no cost at all. Text messaging (SMS) is one of the simplest and easiest means of personalized one-to-one communication and has helped Mobile Network Operators (MNO) significantly to offset the effects of falling voice revenue (Portio Research, 2012). However, the low cost of sending SMS and the reliable network bandwidth has attracted a large amount of SMS spam (Yoon et al., 2010; Uysal et al., 2013). Spam is generally defined as an unsolicited or unwanted messages sent indiscriminately by a sender with no prior relationship to the user mostly for commercial reasons (Graham, 2002; Zeltsan, 2004). In Nigeria, an average user get at least 8 to 10 spam SMS daily either from Mobile network operators advertising their products, banks or the popular “419” scammers giving out free gift, job offer and raffle draws e.t.c. (Abayomi-Alli., 2009). Millions of SMS are going around the world over mobile networks per seconds about 33.3% of these SMS are spam (Chaminda et al., 2013). The SMS spam threat is very clear, because users feel the mobile handset is a personal piece of technology that should be kept useful, personal and free from invasions such as spam and viruses (Hildalgo et al., 2006). Spam is also defined as flooding the Internet with multiple copies of the same message, in an attempt to force the message on people who would rather not receive it (Mueller, 2012). The opposite of spam is called „Ham‟ which is referred to as legitimate, genuine or desirable message. SMS Spam is not only annoying, it is also frustrating and time wasting because the end users are helpless in controlling the number of SMS spam they receive (Nuruzzaman et al., 2012) and it

Short Message Services SMS has been in existence since the second generation (2G) to the present fourth generation (4G) mobile phone (Pereira and Sousa, 2004). This GSM data service has established itself as the simplest and easiest means of personalized one-to-one communication, it has been the longest and the most popular messaging service (Portio Research, 2012). Consequently, the low cost of SMS and network reliability has made sending of SMS messages an economical option for GSM subscribers (Yoon et al., 2010).

Spamming in Different Media

211

1st International Conference on Applied Information Technology

7-9 October, 2015

Blog spam also called the “blam” is a type of media spam that takes advantage of the open nature of comments in the blogging software. It is done by repeatedly placing comments to various blog posts that provides link to a spammer‟s commercial website.

Spam exist in different media such as email spam, mobile (SMS) spam, Instant message spam (SPIM), Usenet newsgroup spam, social network spam, spamdexing (Spam in search engines) and internet telephony spam. The technical differences between all these spam media makes spam in general too complex for one overview (Blanzieri and Bryl, 2008).Thus, there is a need to briefly discuss the spamming in other media as well. Figure 1 shows the different spamming media.

Spamdexing This type of spam targets search engines. Spamdexing, in a layman terms is using unethical means to unfairly increase the rank of sites in search engines. It is referred to the web practice of deliberately modifying HTML pages to increase their chances of being highly placed on search engine relevancy lists. Mobile Phone Spam Mobile phone spam, also known as SMS spam is directed to the text messaging services of a mobile phone. It is a subset of spam that involves unsolicited advertising text messages sent to mobile phones users through the SMS. SMS Spam SMS Spam is classified as 32.3% annoying, 24.8% time wasting and (21.3%) violating personal privacy (Nuruzzaman et al., 2012). For example, Zain, a GSM operator in Nigeria would send an average of five (5) text messages a week to a subscriber advertising their numerous products (Olalere, 2012), while in countries like India, an estimate of over 100 million SMS spam is received per day (Yadav et al., 2011). Skudlark (2014) described SMS spam as annoying and also incurring significant cost on both the Mobile Network Operators and the customers as well. SMS spammers can easily reach their victims by simply enumerating all numbers from the finite phone number space unlike the email spam, where the number of possible email addresses is unlimited. This type of spam appears to breach the privacy and electronic communication regulations because they are sent to the subscribers without prior consent from the sender (Chaminda et al., 2013), hereby allowing users fall victims of fraudulent activities such as phishing, identity theft and fraud. Figure 4 shows an example of an SMS spam.

Figure 1: Different types of spam in the media Email Spam Email is the most common form of spamming on the internet. It involves sending unsolicited messages to a large number of recipients. Spammers obtain email addresses by a number of means: harvesting addresses from Usenet postings, DNS listings or Web pages; guessing common names at known domains. SPIM (Instant Message Spam) SPIM makes use of instant messaging systems, such as AOL Instant Messenger or ICQ. Most instant messenger system offers a directory of users, which includes demographic information. Advertisers use this information to sign on to a system and send unsolicited messages. To send an Instant Message (IM) to thousands of users, it only requires scriptable software and the recipients‟ IM usernames. Social Network or Newsgroup Spam Social network or Newsgroup spam predates e-mail spam, and target usenet newsgroups. Newsgroup spamming has to do with repeatedly posting about a certain subject in a manner that is unwanted or annoying to the general population of that group. In addition, unwanted advertisement forum is known as spamming and generally seen as annoying. Blog Spam

SMS Spam sources There are several sources of SMS spam; one of the typical spam sources is number harvesting, which is carried out by Internet sites offering “free” ring tones download. The end users receive mobile spam from three main sources (Gomez Hidalgo et al., 2006): i.Organizations and individuals that pay MNO to deliver SMS to the subscribers: They are responsible for the highest number of spam received on subscribers‟ mobile phones. Although, MNOs have adopted and enforced use of opt-out, or even opt-in processes for the user to stop receiving promos or ads. ii.Organizations that do not pay for the SMS that are delivered to the subscribers: they are usually worse

212

1st International Conference on Applied Information Technology and considered as fraud because it damages MNO brands. iii. Individual originated messages that disturb recipients.

datasets and the success rate reaches its maximum on all the messages and words in the training corpus. Ahmed et al. (2014) described an SMS classification based on Bag of Words (BoW) using Naïve Bayes classifier and Apriori algorithm. The study introduced the method of categorization that integrates the association rule mining with the classification problem. The performance of the system was dependent on the statistical character of the database and they concluded that the application of user-specified minimum support and minimum confidence gave a significant improvement on the accuracy than the traditional Naïve Bayes approach using the UCI data repository. Shahi and Yadav (2014) proposed a Mobile SMS spam filtering for Nepali text using Bayesian and SVM methods. The main aim of the study was to examine the efficiency of Naïve Bayes and SVM spam filters. The comparison of the two spam filters was done on the basis of the accuracy, precision and recall. The study concluded that Naïve Bayes is a better classification technique than SVM-based. Narayan and Saxena (2013) examined a comparative study on using email spam filters on SMS spam and developed a two-level stacked content-based classifier for SMS spam. The study compared existing android platform with the two-level stacked classifier and their result showed that the two-level stacked classifier using (SVM and Naïve Bayes) gave a better accuracy than the traditional Naïve Bayes email spam filter. Chaminda et al. (2013) presented a hybrid filtering system for SMS Spam. The work was deployed at both the server side and the client side. The server level solution consists of a backward propagation neural network located at the proxy level, along with a Bayesian filter. At the server, SMS contents are extracted and the text is preprocessed for further using Bayesian Filter and the independent outputs from the neural network are considered for SMS classification. SMS that are classified as spam are sent to a data warehouse for further data mining purposes. At the Client side, the system uses the black listed numbers and a Bayesian filter for further classification. The limitation stated by the authors include: highly computational intensive processes at the client side, the inability to evaluate the accuracy of the mobile based spam filter and the effectiveness of the data mining approach to the SMS filtering context.

EXISTING SMS SPAM FILTERING APPROACHES Most existing approaches to combating SMS spam were exported from successful email anti-spam solutions (Wang et al., 2010). However, not all solutions to email spam are applicable to SMS due to the small message size of 140 byte (160 English Alphabet characters), lack of some information such as edit format, header and Multi-purpose Internet Mail Exchanger (MIME), use of unstandardized abbreviation and acronyms and lastly, support for only textual representation. Spam filter have been deployed in either the client side (user mobile phone) or the server side (mobile network operators‟ side) or at both ends (client and server side approach). The basic idea of spam filtering is shown in figure 2.

Spam

SMS Mess

Learning based Spam Filtering

7-9 October, 2015

Classification

Ham

Figure 2: The Basic Idea of Spam Filtering ( Shahi and Yadav, 2014) There have been few surveys on SMS spam filtering, thus part of the goal of this work is to critically review the various approaches to SMS spam filtering in order to guide future research efforts. REVIEW OF RELATED WORK A critical review was done based on the approaches, architecture and the media. This section therefore categories each of the related work based on their approaches. Content-based Filter Sethi and Bhootna (2014) developed a content-based SMS spam filter in an Android phone. Their study focused on combining the mechanism of NaïveBayes and dynamic nature into a single algorithm to filter spam messages automatically. The work ensured protection of blacklist words from unauthorized access by providing a password scheme. It was concluded that dynamic training can improve spam filters but the drawback of the work is non-adaptive to spammers‟ drift. Wadhawam and Negi (2014) described a novel approach for generating rules for SMS spam filter using the Rough-set and Naïve-Bayes algorithm. Experimental tests were performed with varying number of

Uysal et al. (2013) investigated the impact of several features extraction and feature selection approaches on filtering SMS spam messages in two different languages namely Turkish and English. The feature set consists of the combinations of the bag of words (BoW) model along with structural features (SF). The filter methods utilized are based on chisquare (CHI2) and Gini index (GI) metrics and the feature set was fed into the k-NN and SVM pattern classification algorithm. The study concluded that for Turkish spam classification, the combination of BoW and structural features offers a better classification

213

1st International Conference on Applied Information Technology performance than BoW alone. However, the limitation of the study is high performance run time. Nuruzzaman et al. (2012) presented an SMS spam filtering on independent mobile phone using text classification techniques. A probabilistic Naïve Bayes classifier using word occurrences for screening was applied. The experiment was deployed on an Android mobile phone using usability-based approach to reduce the number of entries in the word occurrences table. The text classification technique was based on Naïve Bayes and SVM. The combination of Blacklist, Whitelist and Edit Distance was employed. Drawback is limited bag of words and the non-adaptive. Yadav et al. (2011) developed a mobile-based system SMS Assassin using Naïve Bayes and sender‟s blacklisting mechanism. The SMSAssassin uses crowd sourcing to keep itself updated. Classification of the mobile application is dependent on Bayesian score and its major drawback is the insecure channel to SMS Assassin since spammer‟s can also have access. Rafique and Farooq (2010) proposed a different client side approach which considered a byte-level representation of the messages. The approach was deployed at the access control layer of a smart mobile device. First-order Hidden Markov Model (HMMs) was used to model the probabilities of occurrence of particular byte sequences for both spam and ham messages. These probabilities were used to calculate a spam score for an unseen message which was classified as spam if the score exceeded a specific threshold. The study provided a lightweight client-side solution that was deployable on resource-constrained mobile devices, while the drawback is the difficulty in updating the filter to handle spammer‟s concept drift. Cormack (2006) presented a study to test for email spam filters on SMS messages using feature representation. The study selected a number of high performing filters according to TREC evaluations and they evaluated each filter on each corpus using 10-fold cross validation. The result showed the effect of shorter and sparser text. Bogofilter and Orthogonal Sparse Bigrams with confidence Factor (OSBF-Lua) performed poorly on the raw messages and much better on the textualized feature vectors. OSBF-Lua reports few misclassifications, with only five false negatives and no false positives. The study concluded that the differences among all the filters are not clear, so a larger dataset is recommended for more experiments. Gomez Hidalgo et al. (2006) employs a number of classification features on bag of words (BoW) and employs character bigrams and trigrams to increase performance. The study concluded that SVM classifiers better. However, Shirani-Mehr, (2011); Almeida et al. (2011) and Almeida et al. (2012) employed a new SMS spam database consisting of 5,574 text messages (4,827 legitimate messages and 747 unsolicited messages). A comprehensive analysis of the dataset was done to ensure unduplicated messages did not come from previous datasets. Final simulation result showed that

7-9 October, 2015

multinomial Naïve Bayes with Laplace smoothing and SVM with linear kernel are among the best classifier for SMS spam detection. The study concluded that SVM is a better classifier. Non-Content Filters Androulidakis et al. (2013) developed an SMS spam filter (FIMESS) using external features such as invalid characters, time inaccuracies and blacklisted keywords to filter SMS on Android operating system. However, the performance of the filter was not evaluated due to incompatibility of the algorithm with the available SMS public dataset. Yoon et al. 2010 and He et al. 2008 presented hybrid approaches which combine both content-based filtering with challenge-response. Yoon et al. (2010) uses challenge-response for a limited subset of SMS messages called uncertain. The filter is operated centrally at the server side and is based on the Completely Automatic Turning point to Tell Computer and Human Apart (CAPTCHA) method, which is used for classification. The strength of the study is that spammers will not respond to such request due to volume of messages they send. However, the approach will increase network traffic, its time consuming and will return high false positive error rate. Liu and Wang (2010) presented a study of spammer behavior and selected features. The experiment was based on the analysis of temporal and social network features. Two index model were investigated by comparing the performances of several granularities for English and Chinese SMS messages. The results from the English dataset showed the relevant of feature among words which increases the classification confidence and the trigram co-occurrence. The result for Chinese collection showed that applying word-level index model is better than applying document-level index model. In addition, the result demonstrated the discrimination between spammers and legitimate users, with accurate spam detection of low false positive rate and acceptable detection latency. Drawback of the work is its time complexity. Xu et al. (2012) presented SMS spam detection using Non-content features and was deployed at the server-side. The aim of the study was to detect spammers without checking into the contents of the messages. SVM and kNN algorithms were evaluated. Experimental result on SMS dataset indicated that comparing static features, network properties and temporal information can help achieve better performance with SVM classifier. The strength of the study is the ability to classify spam messages without sacrificing the privacy of the user. However, the limitations include the network traffic overhead, message delay and additional computational time for classification. Collaborative Filters Collaborative filters have two basic features, which are mechanism for creating message signatures and a mechanism for sharing these signatures with other

214

1st International Conference on Applied Information Technology users in the community (Timmis et al., 2008). It involves combining collective classifying power and accuracy from a community of users to form a superclassifier (Lahmadi et al., 2011). Sarafijanovic and Le Boudec (2007) presented a collaborative email spam filtering using Artificial Immune System. The study involves local processing of the signatures created from the emails and the representation of the email content, based on a sampling of text strings of a predefined length and at random positions within the emails. The goal of the study was aimed at achieving a better resistance to spam obfuscation that means better detection of spam, and a better precision in learning spam patterns. Limitation is the time complexity of the system. Lahmadi et al. (2011) presented a social network collaborative approach using bloom filters and content hashing. The system relies on two components, a local filter maintained by the mobile user and the core engine located on one of several collaborative servers. It contains a group filter shared by trustworthy users and a global filter shared by different groups. From the result, increase in the size of bloom fil ter decreases the probability of false positives. The strength of the research is that it allows users to share their filters with the basic concept of friend “trustworthy friends”. The drawback stated by the author is the inability to evaluate the energy consumption of the filtering approaches on a smartphone.

7-9 October, 2015

contains features such as blacklist phone book, blacklist words, blacklist detectors and it also contains analysis engine, tokenizer, stop word filter, training process and the AIS engine. An evaluation on NUS corpus that contains 1002 ham and 322 spam SMS showed the different result at different threshold and it concluded that AIS (on the client side) is a better classifier than Naïve Bayes. The drawbacks includes limited bag of words for retraining and high memory consumption since it is resident in a memory constrained device. Onashoga et al. (2015) presented a server side collaborative and adaptive filtering system using Artificial Immune system. The study deployed the learning abilities of the human immune system to learn and unlearn SMS keywords. A dataset of 5240 SMS messages was collected and used for the study. The dataset was divided into ten weeks for the purpose of training and testing respectively. The approach was divided into five major sections which includes the innate mechanism, User feedback for the adaptivity nature of the system, Tokenizer, Quarantine and the Immune Engine. The immune engine which acts as the heartbeat of the study was also subdivided into four parts which are Detector Database, Clonal Selection, Spam Weight and decision and Kill- the- Detector. To further show the robustness of the work, it was benchmarked with Naïve Bayes and Artificial Immune System (Mahmoud and Mahfouz, 2012). The result obtained showed that the server side collaborative system gave a better accuracy than the Naïve Bayes and AIS (client side). However, authors fail to mention the mechanism to ensure privacy and security between users in the collaborative system. Table 1 shows a summary of some existing spam filters that are related to this work along with their strength and weaknesses.

Existing Adaptive Filters Mahmoud and Mahfouz (2012) presented a client side SMS spam filtering technique using Artificial Immune System. They utilized a set of features that served as inputs to spam detection model. The system classifies messages using trained dataset that

215

1st International Conference on Applied Information Technology

7-9 October, 2015

Table 1: Summary of Reviewed Related Work S/N

AUTHOR(S)

METHODOLOGY

1

Onashoga et al., (2015)

Collaborative Content based.

2

Chaminda (2013)

Content based.

Server and Client/SMS

3

Uysal et al. (2013)

Content-based filtering using special features.

Client side/SMS

4

Mahmoud and Mahfouz (2012)

Content-based filtering using AIS.

Client SMS

5

Xu et al. (2012)

Content-less filtering.

Server side

Based on concept drift.

6

Nuruzzaman et al. (2012)

Content-based filtering and Edit distance.

Client side/SMS

Less word attributes for classification.

7

Lahmadi (2011)

Social network based using Collaborative approach.

Server side/SMS

Low Positive.

et

et

al.

al.

and

STRENGTH

DEPLOYED/ MEDIA Server side

side/

Used AIS.

False

8

Yadav et al. (2011)

Content based.

Server Client side

9

Yoon et al. (2010)

Content based + Challenge Response.

Server side

Interaction between client and server.

10

Sarafijanovic and Boudec (2007)

Collaborative.

Server side/Email

Used AIS.

ii. iii.

iv.

v.

Based on concept drift.

content based al., 2012).

SUMMARY OF PROBLEMS WITH EXISTING APPROACHES The challenges with existing SMS spam filtering approaches include: i.

and

An adaptive system to spammers drift Involves end users participation. Focuses on English and Turkish Languages.

WEAKNESS No mechanism to ensure privacy and security of collaborative users. Computational intensive process at the client side. High computational time. Limited Bag of Words to train with. High Memory Consumption. Network traffic overhead, message delay and additional computational time. Not adaptive to spammers concept drift. Client side deployment is liable to energy consumption. Additional user involvement and extra cost (crowdsourcing compensation). Network Traffic Problem of Misclassification. High computational complexity.

approach (Nurruzzaman et

However, despite previous efforts on SMS spam filtering, there is still a need for a good taxonomy. In this paper, the previous works on SMS spam filters are broadly classified using taxonomy to relate different techniques and approaches in order to guide future research efforts

Limited Bag-of-Words is a critical problem with content based filtering approaches Problem of overhead during testing Challenges with memory consumptions both at the client and server side;

PROPOSED TAXONOMY FOR SMS SPAM FILTERS The proposed taxonomy is categorized into Architecture, Approach and Feature set.

High false positive rate is a major challenge with bulk sending using behavioral based detection; High consumption of cellular network bandwidth is a major problem with non-

Architecture The architectural sections are divided into three parts: client, server and the hybrid. The client side

vi.

216

1st International Conference on Applied Information Technology architecture involves the filtering or classification model being deployed on the user‟s mobile device while at the server side architecture, the filtering system is deployed at the mobile network operators‟ end or at the Short Message Service Centre (SMSC) which does the classification and forwards the messages into the appropriate folder on the client‟s device. The Hybrid architecture is based on both the client and server side, whereby the filtering system is deployed at both ends.

7-9 October, 2015

Feature sets In designing SMS spam filtering system, some features set are needed for classification and must correctly identified. According to Xu et al., (2012), such features include Bag of Words (BoW), Static, Temporal and Network. Bag of Words (BoW) In Natural Language Processing, BoW model is used to represent documents, where all the words in the entire set are put together without regard to their order. The most frequent words can then be used as features in the term-document matrix.

Approaches Spam filtering approaches are classified into four types namely: listing, content-based, non-content based and collaborative approach.

Static features This category of static features uses the number of messages and the size of SMS message within a time period as a property for describing a sender. It is assumed that spammers usually send a large number of short messages simultaneously to make up for the cost, unlike normal users do not have a pattern except for special holidays such as New Year (Xu et al., 2012).

Listing Approach This technique is a conventional way of filtering SMS and its classification depends on two features called the whitelist (legitimate sender number) and blacklist (unwanted or unsolicited sender‟s number). Content based Approach This approach is a rule based classification that uses pattern recognition algorithm such as Bayesian, Support Vector Machines (SVM), Decision Tree, Hidden Markov Model (HMM) and K-Nearest Neighbor (KNN) to distinguish between spam and Ham messages.

Temporal features It uses the timing of an SMS which include number of messages during a day, size of messages during a day, and most importantly time of the day when the message was sent.

Non-Content based Approach It is a behavioral-based detection system which uses the sending patterns such as temporal, static and network features of a spammer to classify SMS messages.

Network features This category uses the number of recipients and clustering coefficients to describe the sender. Spammers tend to send an invalid message to a large number of receivers without any measure of connectivity, while normal users usually have a limited set of familiar persons. Figure 3 shows a taxonomic of existing SMS spam filtering systems based on our critical analysis.

Collaborative Filtering Approach Collaborative content filtering takes a server-based approach to combating SMS spam by collecting millions of messages of users around the globe or combining collective classifying power and accuracy from a community of users to form a super-classifier.

217

1st International Conference on Applied Information Technology

7-9 October, 2015

SMS SPAM FILTERING SYSTEM

FEATURE SET

APPROACH

ARCHITECTURE

NETWORK FEATURES BAG OF WORDS (BoW) CLIENT

SERVER

HYBRID

STATIC FEATURES TEMPORAL FEATURES CAPTCHA

LISTING

WHITELIST

ARTIFICIAL IMMUNE YSTEM HIDDEN MARKOV MODEL

CONTENT

COLLABORATIVE

NON- CONTENT BASED

CHALLENGE RESPONSE

BLACKLIST

TRAFFIC ANALYSIS

MACHINE LEARNING TECHNIQUES DECISION TREE

SUPERVISED LEARNING

UNSUPERVISED LEARNING

K-NEAREST NEIGHBOR (KNN)

K-NEAREST NEIGHBOR (KNN) NAÏVE BAYES SUPPORT VECTOR MACHINE (SVM) ARTIFICIAL NEURAL NETWORK

Figure 3: Taxonomy of Existing SMS spam Filters

218

1st International Conference on Applied Information Technology CONCLUSION Due to the limitations associated with existing SMS spam filtering approaches especially the Client side SMS spam solutions, the following drawbacks are identified: i. Limited memory space, ii. Limited Bag of Words (BoW), iii. Energy and computational requirements and iv. Limited processing capabilities. Hence, the above listed shortcomings makes it impossible to apply computational intensive solutions on the client side (Androulidakis et al., 2013). This study hereby proposes an adaptive and collaborative server side SMS spam filtering solution with intrusion detection mechanism to ensure privacy and security of the users. The adaptive nature of the proposed system is enable it adapt to spammer‟s concept drift such as misspellings, compounding, hyphenation, toggles etc.

7-9 October, 2015

Gomez Hidalgo, J. M, Bringas, G. C., Sanz, E. P., Gracia, F.C., 2006. Content-based SMS Spam filtering. In Proceedings of the 2006 ACM Symposium on Document Engineering (DocEng‟06), New York, USA, pp. 107-114. Graham, P., 2002. A Plan For Spam. Available online at http://www.paulgraham.com/spam.html He, P., Sun, Z. W., Wen X., 2008. Filtering Short Message Spam of Group Sending using CAPTCHA. In Proceeding Workshop on Knowledge Discovery and Data-mining, IEEE, Adelaide, Australia, pp. 558-561. Lahmadi, A., Delosi’ere, L., Festor, O., 2011. Hinky: Defending Against Text-Based Message Spam on Smartphones. In IEEE International Conference on Communications (ICC2011), 5-9th June, Kyoto, pp. 1-5 Le Bodic, G., 2005, Mobile Messaging Technologies and Services SMS, EMS and MMS. Second Edition, John Wiley and Sons Ltd. Liu, W. and Wang, T.,2010. Index-based Online Text Classifications for SMS Spam Filtering. Journal of Computers, 5:844-851. Mahmoud, T. M., Mahfouz, A. M. 2012. SMS Spam Filtering Techniques Based on Artificial Immune System. International Journal of Computer Science. IJCSI. Issues, 9(2):1,589-597. Mueller, S., 2012. What is Spam? Retrieved 15 March 2014. Available at http://spam.abuse.net/overview/whatisspam.shtml. Narayan, A., Saxena, P., 2013. The Curse of 140 Characters: Evaluating the Efficacy of SMS Spam Detection on Android. Proceedings of the Third ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM ‟13), Berlin, Germany, November 8th 2013, pp. 33-42. Nuruzzaman, T. M., Lee, C., Abdullah, M.F. A. And Choi, D., 2012. Simple SMS Spam Filtering on Independent Mobile Phone. Journal of Security and Communication Networks, John Wiley and Son, USA, 5 (10):1209–1220. Olalere E., 2012. “Dear Airtel Nigeria, Seriously, Please Stop Spamming me” Retrieved 15 Feb, 2013. Available at http://mobility.ng/dear-airtel-nigeria-seriously-pleasestop-spamming-me/ Onashoga, A., Abayomi-Alli, O., Sodiya, A., Ojo, D., 2015. An Adaptive and Collaborative Server- Side SMS Spam Filtering Scheme Using Artificial Immune System. Information and Security Journal: A Global Perspective. USA. Pereira, V., Sousa T., 2004. Evolution of Mobile Communications: from 1G to 4G. In proceedings of the 2nd International Working Conference on Performance Modeling and Evaluation of Heterogeneous Networks, HET-NETs‟04, llkley, West Yorkshire, U.K., July 2004. Portio Research, 2012. Mobile Messaging Future 20122016. Retrieved March 22, 2014. Available at http://www.marketresearch.com/Portio-Research-Limitedv3272/MobileMessaging-Futures/.376pagesSKU: PORT3806195. Rafique, M. Z., Farooq, M., 2010. SMS Spam Detection by Operating on Byte-Level Distributions Using Hidden Markov Models (HMMs). In Proceeding of the 20th Virus

REFERENCES Abayomi-Alli, A., 2009. Content Analysis of Fraudulent Nigeria Electronic Mails to Enhance E-Mail Classification using E-SCAT. MSc Thesis, Department of Computer Science, University of Ibadan, Nigeria. Ahmed, I., Guan, D., Chung, T. C., 2014. SMSClassification Based on Naïve Bayes Classifier and Apriori Frequent Itemset. International Journal of Machine learning and computing, 4(2):183-187. Ali, C., 2006. Time Efficient Spam E-mail spam filtering for Turkish. MSc Thesis, Department of Computer Science, Bogazici University, Turkey. Almeida, T., Gomez Hidalgo, J. M., Tiago P. Silva., 2012.Towards SMS Spam Filtering: Results under a New Dataset. International Journal of Information Security Science, 2(1):1-18. Almeida, T., Gomez Hidalgo, J., Yamakami, A., 2011. Contributions to the Study of SMS Spam Filtering: New Collection and Results. In Proceedings of the 11th ACM Symposium on Document Engineering (DOCENG‟ 11), Mountain View, CA, USA, pp. 259-262. Androulidakis I., Vlachos V., Papanikolaou A., 2013. FIMESS: filtering mobile external SMS spam. In Proceedings of the 6th Balkan Conference in Informatics (BCI '13). ACM, New York, USA, pp. 221-227. Blanzieri, E., Bryl, A., 2008. A survey of Learning – Based Techniques of Email Spam Filtering. Technical Report #DIT-06-056, University of Trento, Italy. Available online at http://www.eprints.biblio.unitn.it/archive/00001070/01/05 6.pdf Chaminda, T., Dayaratne T. T., Amarasinghe H. K. N., Jayakody, J. M. R. S., 2013. Content-Based Hybrid SMS Spam Filtering System. In Proceedings of ITRU Research Symposium, University of Moratuwa, Sri Lanka, December 2013, pp. 31-35. Cormack, G., 2006. TREC 2006 Spam Track Overview. In NIST Special Publication: The Fifteenth Text Retrieval Conference Proceedings (TREC 2006). http://trec.nist.gov/pubs.html Delany, S. J., Buckley, M., Greene, D., 2012.SMS spam filtering: Methods and data. Expert Systems with Applications, El-Sevier. 39(10):9899–9908.

219

1st International Conference on Applied Information Technology Bulletin International Conference, September 9th October 1st, 2010, Vancouver, Canada. Sarafijanovic S., LeBoudec J. Y., 2007. “Artificial immune system for collaborative spam filtering”.In Proceedings of the second workshop on Nature Inspired Cooperative Strategies for Optimization (NICSO, 2007), Acireale, Italy. Sethi, G., Bhootna, V., 2014. SMS Spam Filtering Application using Android. International Journal for Computer Science and Information Technologies, 5(3): 1424-1426. Shahi, T. B., Yadav A., 2014. Mobile SMS Spam Filtering for Nepali Text using Naïve Bayesian and Support Vector Machine. International Journal of Intelligence Science, Computer Science and Communications (IJIS), USA, 4 (1):24-28. Shirani-Mehr, H., 2013. SMS Spam Detection using Machine Learning Approach. CS229 Project 2013, Standford University, USA, pp. 1-4. Sinha, S., Bailey M., Jahanian F., 2010. Improving Spam Blacklisting Through Dynamic Thresholding and Specultive Aggregation. NDSS Symposium 2010, San Diego, USA, pp. 55-69. Skudlark, A., 2014. Characterizing SMS Spam in a Large Cellular Network via Mining Victim Spam Reports. Available Online at http://itsrio2014.com/public/download/Ann%20Skudlark %20%20Characterizing%20SMS%20Spam%20in%20a%20La rge%20Cellular%20Network%20via%20Mining%20Victi m%20Spam%20Reports.pdf Timmis, J., Hone, A., Stibor, T., Clark E., 2008. Theoretical Advances in Artificial Immune System. Journal of Theoretical Computer Science, Elsevier, 403:11-32. Uysal, A. K., Gunal, S., Ergin, S., SoraGunal, E.,2013. The Impact of Feature Extraction and Selection on SMS Spam Filtering. Journal Elektronika IR Elektrotechnika, KTU, Lithuania, 19(5):67-72. Wadhawam, A., Negi, N., 2014. Novel Approach for Generating Rules for SMS Spam filtering using Rough Sets”, International Journal of Scientific and Technology Research, 3(7):80-86. Wang, C., Zhang, Y., Chen, X., Liu, Z., Shi, L., Chen, G., 2010. A Behavior-based SMS Anti-Spam System. IBM Journal of Research and Development, NJ, USA, 54(6):651-666. Xu, Q., Evan, W. X., Qiang, Y., Jiachun, D., Jieping, Z., 2012. SMS Spam Detection Using Non-Content Features. In IEEE Intelligent Systems, 27(6): 44-51. Yadav, K., Kumaraguru, P., Goyal, A., Gupta, A., Naik, V., 2011.SMSAssassin Crowdsourcing Driven Mobile-Based System for SMS Spam Filtering. In Proceedings of the 12th workshop on Mobile Computing Systems and Applications (HotMobile 2011), Phoenix, USA, pp. 1-6. Yoon, J. W., Hyoungshick, K., Huh, J. H., 2010. Hybrid Spam Filtering for Mobile Communication Journal of Computers and Security, Elsevier, Oxford, UK, 29(4): 446-459.

7-9 October, 2015

Zeltsan Z., 2004. General Overview of Spam and Technical Measures to Mitigate the Problem. ITU-T SG 17. Interim rapporteur meeting, November, 2004. Available online at http://www.docstoc.com/docs/3731634/businessproposal-letters.

220

1st International Conference on Applied Information Technology

7-9 October, 2015

3P- GRS: A MODEL FOR PRIVACY PRESERVING PROCESS-AWARE GROUP RECOMMENDER SYSTEMS O. E. Adeosun1, O. Folorunso2 and A. S. Sodiya3 1,2,3

Department of Computer Science, Federal University of Agriculture, Abeokuta

[email protected], [email protected], and [email protected] Abstract: Concepts like Collaboratory Filtering (CF) and Group Recommender Systems (GRS) present the problems of finding active users group and modeling of users’ group affective state respectively. Hence, using group ratings for individual recommendation becomes essential for enhancing the combine problems of CF and GRS as well as providing secured and accurate recommendations. This paper propose an architectural model for Privacy Preserving Process-aware Group Recommender Systems (3P-GRS) in the library domain for the recommendation of Top k book items for individual library users using group preferences. The full implementation of the proposed method based on process awareness will solve the cold-start problems in recommender systems and deals with the issue of privacy during the aggregation of group preferences. Keywords: Group Recommender Systems, Privacy, Collaborative Filtering, Cold-start, Process Aware Information Systems.

Web and information technology has made our everyday life easier and more comfortable through recommendations, but standard recommendation approaches used in various domains focus mostly on a single-user as the recipients of the personalized system’s output. Although, the perspective of delivering shared recommendation for groups as a whole is an improvement on the single- user recommendation but has the problem of modeling the affective state of all the users in the group (Cantador and Castells, 2014). However, suggesting items from a group of users especially in the application area where it requires to share information with public domain will need a strong privacy concerns (Neumann, 2009). Therefore, usage of Elliptic Curve Cryptosystem (ECC) to provide accountability, fairness, accuracy, and confidentiality to the aggregation of group preferences is appropriate since, ECC make use of a much shorter key length than other public key cryptography to provide an equivalent level of security (Henri et al., 1998). Elliptic Curve Cryptography (ECC) is a public key encryption technique based on elliptic curve theory that can be used to create faster, smaller, and more efficient cryptographic keys. Yvonne (2002) stated that ECC promises an increased server’s capacity to handle secure connections. Hence, a 3PGRS method for Top retrieval and recommendation of scientific information such as book items to individual library user is presented, since the number of products in library catalogs are often counted in tens or hundreds of millions, exceeding by far the number of products of any consumer store. The rest of the paper is organized as follows. In section 2, we discuss the relevant work in the areas of group recommender systems. Section 3 is on methodology, 3P-GRS architectural model design and multicriteria, Section 4 presents results simulation and discussion; and Section 5 concludes the work.

INTRODUCTION In recent time, Recommender Systems (RS) has become an important research area and a usual phenomenon in virtually all electronic transactions to suggest or select particular interesting items to users (Hill et al., 1995). Various online stores, social web, information economics platforms have integrated different kinds of recommender systems in their online activities. Many earlier works on RS were focused on recommending items to individual users and there are many scenarios where it may be good to recommend to a group of users rather than to an individual. For example, suggesting a movie or TV show to watch by a particular group of people or recommending books to a particular research group. DeCampos et al. (2008) explicitly describes how group recommenders are classified and distinguishes between passive and active groups. In addition, it also enumerates two other dimension usages of how individual preferences are obtained and whether recommendations or profiles are aggregated. These two dimensions are related to how the group recommender is implemented rather than being inherent to the usage scenario. Traditionally, Collaborative Filtering (CF) is the early recommender system with the problem of having all users in the collaborative network to be active online. This major drawback of CF led to vigorous researches on group recommender system which is an upgrade on the individual recommender system of the CF but recommendation to a group of users has its own drawbacks as well with the most prominent problem of how to model the group affective state. In this paper, the use of aggregated recommendation of group of users in recommending items for an individual in order to tackle both problems of CF and group recommender systems is proposed. This is unique in the area of process awareness that is, the ability of the proposed method to keep record of the processes in form of event log of past users’ group preferences in recommending for an individual user.

221

1st International Conference on Applied Information Technology

7-9 October, 2015

recommender, and the issues involved in distributed or peer-to-peer recommenders. It was concluded by setting research focus for researchers that have interest in the area. Chen and Pu (2013) presented Group Recommender Systems that was using emotions to enhance social interaction tagged CoFeel. It is an interface that allows expressing through colors the emotions given by a song chosen by the GroupFun music group recommender system. This also allows users to give a feedback about how much they liked the song and the system considers the preferences expressed through the emotions, in order to generate a playlist for a group. In Boratto and Carta (2014), the impact of content novelty on the accuracy of a group recommender system was presented by introducing a constraint on the percentage of a group for which the recommended content has to be novel. The paper did a comparative analysis in terms of different values of the percentage of the group and groups of varying sizes were validated through statistical tests in order to evaluate when the difference in the accuracy values is significant. The work thereafter opens a new research area, related to finding the properties and analysis of a group that characterize the performances of the system as future work.

RELATED WORK This section presents and discusses some related works that are relevant to our research ideas and purpose stated earlier. O’Connor et al. (2001) presented PolyLens, a Collaborative Filtering (CF) recommender system designed to recommend items for groups of users which was designed specifically for users of a movie recommendation site called MOVIELENS. MOVIELENS recommended movies based on an individual’s preference as shown from rating and social filtering. The authors also, reviewed the design space for group recommenders to help others design group recommender applications. Ardissono et al., (2002) described the recommendation techniques tagged INTRIGUE (INteractive TouRist Information GUidE) which is a recommender system that support s the organization of guided tour. It recommends the places to visit by taking into consideration the characteristics of the group of people and addressing the problems associated with their preferences within the group. Yu et al. (2006) proposed recommendation for a television programme for a group to watch. The authours based their recommendations on individual preferences for programme features such as genre, actors and keywords. Jung (2012) developed an approach to identify long tail users, that is, users who can be considered as experts on a certain attribute. The paper pointed out that users are the information sources for improving the performance of recommendation. So, the ratings given by the long tail user groups are used, in order to provide a relevant recommendation to the non-expert user groups, which are called short head groups. The work was evaluated by integrated MovieLens dataset with IMDB which showed that the long-tail user groups are useful for the recommendation process. Yu and Tommi (2014) introduced two dimension of privacy where there is a small set of "public" users who are ready to share their preferences with others, and a large set of "private" users who require privacy guarantees. Shyong et al., (2007) stated that the personal information collected by recommender systems could generate different kind of security issues and risk such as: Risk of Exposure that is, undesired access to personal user information, Bias which is manipulation of users’ recommendations to inappropriately change the items that are recommended and also, malicious users can sabotage the recommendations that are provided to other users by intentionally reducing the recommendation accuracy of a recommender. Furthermore, the paper raised three important research questions relating to exposure and bias in recommender systems as follows; the value and risks of the preference information shared with a recommender, the effectiveness of shilling attacks designed to bias a

METHODOLOGY Group Recommender Systems Most researches on recommender systems until now are based on recommendation to an individual users but the problem of deciding the most optimal recommendation when dealing with a single person motivated some researches in the area of suggesting item to a group of users instead of an individual users. This means that a recommender system may recommend to a group of users based on the preferences of all group members in situations such as selection of television programme for a group to watch and selection of party leader in elections (Masthoff; 2011). Although group recommender systems is an improvement on the traditional recommender systems but has many drawbacks such as how to get information about individual’s preferences, how will the system know how many people present, how to aggregate users preferences and how to satisfy all individuals in the group which is the main problem of group recommender systems. Masthoff (2011) proposed to model group members’ satisfaction based on what is known about their likes and dislikes in order to have a common affective state for individual user in the group. Masthoff (2011) noted that modelling the affective state of users help the system in recommending items that falls between like and dislike in some cases, so as to balance users’ interest. Figure 1 shows a view of group recommender system on internet items.

222

1st International Conference on Applied Information Technology

7-9 October, 2015

individual users in the library domain. It was observed that the major problem of Collaborative Filtering (CF) recommender systems is offline problem (Ricci et al., 2011) with the collaborative members. Since the ratings of active similar users are required in CF it is not always possible for all the similar users to be active online. Also, the major challenge of group recommender systems is how to model the affections of the individual users in order to provide a balanced satisfaction to all the users based on the suggested item. Based on these problems, a 3P- GRS approach is proposed for suggesting book items to an individual users based on the aggregate preferences of similar group users. The purpose of process awareness in the 3P- GRS approach is to solve the offline problem of CF through the logging of users’ ratings in the past and then using these group ratings in the past in the form of event log to aggregate preferences for a new user. The problem of modeling users’ satisfaction as in the case with group recommender systems will be tackled by the fact that we are still recommending for a single user even though the recommendation is based on aggregation of preferences.

Figure 1: A group recommender system (Adapted from Jianming and Wesley, 2010) Group Recommendation to Individual Users This work exploit both the challenges of collaborative filtering and recommendation made to a group by applying aggregate recommendation to Architectural model for 3P-GRS The 3P- GRS is an architectural model for the recommendation of Top book items in a University library domain. The model adopt the idea of group recommender systems and a little concept of Collaborative Filtering recommender systems in its design. The 3P- GRS model is about using group preferences for more optimal recommendation result. Since group recommendation is used for individual library user recommendation the model also adopt the use of ECC for preservation of users rating information during rating aggregation. The flow of information in the model is represented by numbers and important definitions of the model modules are well defined and represented. Figure 2 shows the overall design for the 3P-GRS architectural model and the definitions of the modules follows.

223

1st International Conference on Applied Information Technology

External Ratings

1. Library User

SEARCH ENGINE

Logs of Ratings

2. Request Materials

6. Log Individual Ratings 5. Attribute

Rating Information Point

Rating Evaluator Point

Results Point 3. Attribute Query

4. Get Attributes

12. Top item Recommendation 9. Rate & Weight Query

11. Rate & W eight Val ue 7a. Individual Ratings

10a. Rate Value

10b. Weight Value

GROUP RATINGS POINT

10a. Rate Value

tea R p u o r G

Authors

Publishers

10b. Wei ght Value

ro ta lu lca C

Group Recommender

Decode ratings

th gi ro e ta W lu p lc u o r ac G

GroupRate Calculator

Books

GroupWeight Calculator

7 b .E xt ra ct re la te d u se rs ’g ro u p p re fe re n ce s

7b. Extract related users’ group preferences

7c. Extract related users’ group preferences

7 c. Ex tr ac t re la te d u se rs ’g ro u p p re fe re n ce s

7-9 October, 2015

ECC 8. Group Ratings

Figure 2: Architectural Design for 3P- GRS Model. In this paper, some mathematical models were developed to explain components of the proposed model. The mathematical models are defined as follows:

presents this attribute information to the user for rating. The RIP then gets the different ratings of user on each book items selected based on the U k. The user U is required to rate each book title, author’s name and publisher on a Likert scale of 5 to 1 representing decreasing order of rating. The user individual rating is then logged in L for future reference. Based on the user logged rating, related users’ group rating R1, R2, R3, R4,…, Rn is then extracted from L. Ratings from external database is also extracted in order to improve the recommendation through increased users’ group preferences. In order to prevent multiple ratings, a user can only rate an item once.

Definition 1: Let L = {R1, R2, R3, R4,…, Rn} represent the log of users’ group ratings in the past on similar book items. L is therefore a record of past ratings on similar items that can be used to aggregate ratings for individual recommendation. Definition 2: Let U = {u1, u2, u3, u4,….., un} denote the numbers of user group in L and i a requesting user at a point in time searching for a book item through the search engine.

Definition 4: Let Cipher = Enc(R, PK) represent to transformation of users’ rating information into a cipher using the public key PK. The need for privacy of this nature is to preserve illegal access to users’ private information during aggregation of preferences.

Definition 3: Let RP = Uk → RIP be the result point representing the mapping of user’s search keywords U k to rating information point RIP. The RIP gets the attribute information based on the result point RP query. It then

224

1st International Conference on Applied Information Technology Definition 5: Let G = (𝓥, +) represent group ratings point of multiple operator + on group preference 𝓥. G perform combined ratings from users’ group with that of similar users’ group preferences from external database. The information from G is then passed to the group recommender system for the calculation of group rating and group trust for the selected book items.

Definition 7: Let Er = (Gr, Gw) → Rp represent the rating evaluator point that map the group rate value Gr and group weight value Gw to the result point Rp for recommendation decision. The rating evaluator point Er fetches the order of recommendation from the group recommender system based on the group rate value G r and the group weight value Gw and then return the order of recommendation to the Rp for Top item recommendation. Now, the model for the 3P- GRS will be illustrated by the following equations. Equation 1 represent the aggregate product of the preferences of similar user j to user u and the ratings provided by similar users j on the unseen item di in the past. R (u, di) = ∑ (u, uj) R (uj, di) (1) Where k is the number of j Since the recommender system is supposed to find similarity between the items rated by a new user and the items rated by group of similar users in the past, one can re-write equation 1 as in equation 2. R (u, di) = ∑ (di, dj) R (u, dj) (2) Where dj represent the subset of previously rated items similar to those of unseen item di and R (u, dj) is the ratings in the past based on the preferences of the new user u. In order to get accurate similarity measure, the Pearson correlation will be used. According to Herlocker et al., (1999) the Pearson correlation is the best similarity metric to use for finding similar items rated by similar users. The Pearson correlation for calculating the similarity between an unseen item di of the user and the past similar rated item dj is as shown in equation.

√∑

̅ ̅

̅ ∑

̅

√∑

̅



̅

√∑

̅

(5)

Multi-Criteria In the case of multi-user in-group recommendation, it is a good practice to treat every members of the group equally but this is not always the case in multi- criteria. In multi- criteria or multi preferences, some criteria are regarded more important than the others. In this work, the approach is to aggregate group recommendation to a user based on the user’s request. Since the focus is on library materials, let us assume that a new user is requesting for a book on a particular subject but do not know the best book to buy for that subject. The new user will be required to provide ratings, which will be logged, for some set of selected books that deals on that subject in order to solve the problem of code- start. A code- start problem is the situation whereby the system cannot decide the similar users’ group to a new user since there is no past records of the new user’s preferences. The criteria for the ratings will be based on the attributes such as Author’s name, Book title and Publishers of the book and on a Likert scale of 5 (highest) to 1 (lowest). The system must have pre-assigned weights to each of these criteria based on the past ratings on those materials. The system can assigned a weight of 4 to a renowned author name, weight of 3 to a renowned publisher of a book and weight of 2 to the book title. At the same instance, the system can decide to assign a weight of 3 to another author of less popularity, weight of 2 to another publisher and weight of 1 to the title of that book. The weights provided by the system for each of these criteria will be used as an exponent of the ratings by users. In this way, equation 2 can be re-written as indicated in equation 6. R (u, di) = xjwj (6) Where wj = (di, dj) and xj = R (u, dj). Provided that xj,wj ≥ 0 the function R (u, di) is an aggregation function. In order to preserve privacy for individual ratings in the preparation to aggregate users’ group ratings, an encoding scheme of equation 7 will be used. C = Enc (di, PK) (7) Where C represent the cipher-text of individual ratings and PK is the public key for the encoding scheme. The final group rating for an item is then determined by the aggregation of equation 6 as in equation 8. wj R(u,c) = ∑ (8) j The addition of privacy to the scheme is to protect the preferences of each user group members and to protect the log of user’s preference in a particular domain from the log of users’ preferences from another domain during possible sharing of information for enhancing the recommendation results. Since the more the number of users’ group preferences the better the recommendation that will be provided by the group recommender system. In this work, the ECC will be used to provide the needed privacy during preferences aggregation and sharing of information between two different domains of similar

Definition 6: Let Gr represent the group ratings from past users for similar book items and G w be the group weight of system generated ratings on a multi-criteria basis of the items selected.





7-9 October, 2015

̅

Where is rating by user x for item i; is the rating of user y for item i; ̅ is the mean rating for user x and ̅ is the mean rating for user y. The result of equation 3 is the similarity between user x and y and the range of is between [-1, 1]. Minus sign represent no similarity and positive sign represent perfect similarity between users that have rated similar items. For simplicity, equation 3 can be re-written as in equation 4 and 5 respectively. ∑ Where,

225

1st International Conference on Applied Information Technology users’ group. The decoding scheme for the operation in equation 7 is shown in equation 9. M = Dec (c, SK) (9) Where M is the decoded group ratings using the secret key SK. In the context of this work, a combined algorithm is provided to show the steps for achieving the proposed 3P- GRS model. Algorithm 1: 3P- GRS Algorithm Input: query keywords Output: Top k item Process: 1. float weights[N] = 0 2. float ratings[N] = 0 3. for each query keywords t 4. do fetch similar documents di for t and assign weightdi, t 5. L ← user’s ratings for di // log user’s ratings for di 6. for each pair [weight (w), Rating(x)] in di 7. do R (u, di) = xjwj 8. Read the array length [di] 9. for each di 10. // encode each di as c and aggregate ratings 11. C = Enc (di, PK) wj 12. do R (u, c) = ∑ j 13. // decode aggregated ratings 14. M = Dec (c, SK) 15. Return Top k items of M to requesting user U. RESULT AND DISCUSSION Consider a situation where a user query term to get a suitable book fetches five similar books A, B, C, D and E along with the criteria such as Book Title, Author Name and Publisher. Assuming that the system pre-assigned weights for each of the five books on Book Title, Author Name and Publisher respectively is as follows: A (5, 4, 3), B (4, 4, 2), C (4, 3, 1), D (3, 2, 1) and E (2, 2, 1). Similarly, assume that the aggregated past ratings of users on each of the five books is as represented on the table 1 below. Table 1: Ratings by past users A B C D E Book Title 5 4 3 4 5 Author Name 1 3 4 4 2 Publisher 5 5 2 3 3 Group 11 12 9 11 10

Publisher Group

125 3251

7-9 October, 2015 25 362

2 147

3 83

27 56

A 3P-GRS model was presented and the result simulation of this model was illustrated by a simple book recommender system. A new user may prefer a book title, the user may also prefer the name of an author to another and similarly a user may prefer the name of the publisher of a book to others. In this work, the book title, author name and publishers are regarded as multi criteria for users’ preferences. Since there is always a log of past ratings of any selected books, the system will pre-assign a weight value for each of the criteria attributes between 5(highest) down to 1(lowest) for those selected books based on previous ratings for each books. The ratings provided by the user for each of these criteria will then be logged and based on the user’s rated books the system will fetch similar ratings in the past on those user rated books. In order to get the rating for each book, each of the weights generated for each book’s criteria is used as an exponent of the ratings in the past. The aggregated rating is calculated by summing the ratings for each criterion under a particular book item. The results in table 2 shows that book item A is the Top k item for recommendation to the new user, since it has the highest group ratings. CONCLUSION In this work, 3P- GRS model for library books was presented to solve the problems with the traditional collaborative filtering (CF) and group recommender systems. The problem with CF is getting all the users active online at all time and that of group recommender system is how to model the affective state of the group. These identified problems were solved by keeping logs of past ratings and using aggregate recommendation for a single user respectively. Since aggregation of individual ratings is involved there is need for privacy and hence the inclusion of ECC to solve the problem of privacy. The aim of this framework is to recommend Top k library items for individual users using group ratings in the past. The authors hope to show the effectiveness of the proposed method in recommending Top k item with full implementation in the next article. REFERENCES Ardissono, L., Goy, A., Petrone, G., Segnan, M., Torasso, P. 2002. Tailoring the Recommendation of Tourist Information to Heterogeneous User Groups. Springer Verlag, Berlin. Boratto, L., Carta, S. 2014. Impact of Content Novelty on the Accuracy of a Group RecommenderSystems.http://people.unica.it/ludovicoborat to/files/2014/12/dawak2014_1.1.pdf Burke, R. 2007. Hybrid web recommender systems. The Adaptive Web, Pp 377–408. Cantador, I., Castells, P. 2014. Group Recommender Systems: New Perspectives in the Social Web. Universidad Autonoma de Madrid, Spain. De Campos, L. M., Fernandez-Luna, J. M., Huete, J.F., Rueda-Morales, M. A. 2009. Managing uncertainty in group recommending processes. UMUAI 19: 207-242.

Table 2 presented the ratings for each book on all the criteria using equation 3 and the group rating for each book is shown in row 5 of the table 2 using equation 5. The group rating in row 5 is the aggregate sum of all the ratings computed by equation 3. At each stage of the ratings aggregation, privacy is ensured to protect individual user’s information and to prevent malicious manipulation of the rating values. Table 2: Applying weights on ratings of past users A B C D E Book Title 3125 256 81 64 25 Author Name 1 81 64 16 4

226

1st International Conference on Applied Information Technology Dumas, M., Van-der, W. M. P., Aalst, A. H. 2005. Process-Aware Information Systems: Bridging People and Software through Process Technology. WileyInterscience, Hoboken, NJ Henri, C., Atsuko, M., Takatoshi, O. 1998. Efficient elliptic Curve exponentiation using mixed coordinates. In Advances in Cryptology-ASIACRYPT ’98 Proceedings. Springer-Verlag. 1514: 51-65 Herlocker, J. L., Konstan, J. A., Borchers, A., Riedl, J. 1999. An Algorithmic Framework for Performing Collaborative Fltering. In: SIGIR ’99: Proc. of the 22nd Annual Int. ACM SIGIR Conf. on Research and Development in Information Retrieval, pp. 230–237. ACM, New York, NY, USA. Hill, W., Stead, L., Rosenstein, M., Furnas, G. 1995. Recommending and Evaluating Choices in a Virtual Community of Use,” Proceeding Conference Human Factors in Computing Systems Jianming, H., Wesley W. C. 2010. Design Consideration for a Social Network-Based Recommendation System (SNRS). Community-Built Database: Research and Development. Lam, S. K., Frankowski, D., Riedl, J. 2007. Do You Trust Your Recommendations? An Exploration of Security and Privacy Issues in Recommender Systems. Mahmood, T., Ricci, F. 2009. Improving Recommender Systems with Adaptive Conversational Strategies. In: C. Cattuto, G. Ruffo, F. Menczer (Eds.), Hypertext, Pp. 73– 82. ACM. Masthoff, J. 2011. Group Recommender Systems: Combining Individual Models, University of Aberdeen, AB24 3UE Aberdeen UK, Springer Science Business Media, LLC. Neumann, A. W. 2009. Recommender Systems for Information Providers, Physica-Verlag O’Connor, M., Cosley, D., Konstan, J. A., Riedl, J. 2001. PolyLens : A Recommender System for Group of Users. http://www.cs.umn.edu/Research/GroupLens/polycamera-final.pdf Resnick, P., Varian, H. R., 1997. Recommender Systems. Commun. ACM 40(3): 56–58. Ricci, F., Rokach, L., Shapira, B., Kantor, P. B. 2011. Recommender Systems Handbook, DOI 10.1007/978-0387-85820-3_14, © Springer Science Business Media, LLC. Yu, X., Tommi, J. 2014. Controlling Privacy in Recommender Systems. Advances in Neural Information Processing Systems 27. Yu, Z., Zhou, X., Hao, Y., Gu, J. 2006. TV Program Recommendation for Multiple Viewers Based on User Profile Merging. UMUAI Yvonne, H. 2002. Implementing an efficient elliptic curve cryptosystem over GF(p) on a smartcard. Manning Publication.

227

7-9 October, 2015

1st International Conference on Applied Information Technology

7-9 October, 2015

Crypt-PIR: A PRIVACY PRESERVING ARCHITECTURE FOR QUERY RESPONSE 1 1,2,3

C. O. Oloruntoba, 2S. A. Onashoga, 3O. O. Oladele and 4K. S. A. Famuyiwa

Department of Computer Science, Federal University of Agriculture, Abeokuta, Nigeria. 4 Department of Computer Science, D. S. Adegbero ICT Polytechnic, Itori, Nigeria.

[email protected] 1, [email protected], [email protected] and [email protected] Abstract: A fundamental privacy problem in the client-server setting is the retrieval of information from a database maintained by a database administrator. Databases are queried constantly for retrieving up-to-date information, but they pose a significant risk to the privacy of the user. Many users find it undesirable to reveal the sensitive information contained in their queries by the simple act of querying a server and thus demand confidentiality for their queries. This paper designs an architecture based on Private Information Retrieval (PIR) technique (coined Crypt-PIR), that preserves query privacy and verifies integrity of the server's response on a standard Cryptosystem. The proposed architecture is divided into three modules namely: Registration, Query and Verification modules. At the query module, the anonymizing proxy, a trusted party hides the private attributes of a query from the untrusted server so that only the encrypted sub-query is seen and decrypted by the server. The verification module entails ascertaining the integrity of the servers’ response and checking the response against the private attributes. We demonstrate that the proposed architecture when implemented will preserve the privacy of a user and her query. Keywords: Cryptography, Database, Digital Signature, Private Information Retrieval, Query registration, etc. (Dmitri, 2004). While today’s most developed and deployed privacy techniques, such as onion routers and mix networks, offer anonymizing protection for users’ identities, they cannot preserve the privacy of the users’ queries (Olumofin and Goldberg, 2009). One of the efforts made to solve this problem is an idea in (Chor et al., 1995) attempting to send several queries to several databases. The queries are constructed in such a way that they give no information to the servers about the record that the user is interested in. By using the answers from the queries, the user can construct the desired record. We are of the opinion that asides preserving the privacy of a users’ query, the integrity and authenticity of a query response from the server is of utmost importance as users must be assured that the response has not been altered by an attacker. (Popa, 2014) submitted that much work has been done in the area of information confidentiality but little attention has been devoted to integrity and authenticity of server responses. Cryptography forms the backbone of encryption and decryption processes. It entails that the parties involved in communication can encrypt and decrypt queries sent or received. Encryption assures integrity, authenticity, privacy, access control, etc. (Pradhan and Sharma, 2013). Digital signature was birth from the need to produce evidence that a party actually participated in a transaction between two entities (i.e. a sender and a receiver), so as to avoid false denial of having taken part in the transaction. In digital signature, the private key is used to append signature on response by the server while the corresponding public key is used by the recipient of the message to verify the signature if the message is from the right source. In this paper, a combined concept of Cryptography and Private Information Retrieval (coined Crypt-PIR) is

INTRODUCTION Users’ concern for query privacy is alarming as they are increasingly aware of the problem of privacy and the need to maintain privacy in their queries. Private Information Retrieval (PIR) addresses this problem by providing such users with a means to retrieve data from a database without the database (or the database administrator) learning any information about the particular item that was retrieved (Beimel and Stahl, 2007; Chor et al., 1995). PIR enables the private retrieving of the i-th bit out of an N-bit string stored at the server without the server learning which bit the client is interested in. The PIR protocol is a privacy preservation technique that operates based on clientserver architecture and allows the client/user to send encoded query to the server and thus computes the encoded result blindly (Olumofin et al., 2010) and when the encoded result is received, the client derives the actual result. The three important requirements for any PIR scheme are Correctness (returns the correct result to the user), Privacy (leaks no information to the database about the items retrieved) and Non-triviality (communication complexity is sublinear) (Crescenzo, 2006). Every PIR scheme consists of three basic algorithms: query generation, response encoding and response decoding. For a given n-bit database X, organized into r b-bit blocks, a user intending to hide his query from the database block Xi uses the query generation algorithm to encode the input index i before sending it to the database. The database then uses the response encoding algorithm to combine each database entry Xj where j ϵ {1….r} with the query and returns an encoded response to the user. With the response decoding algorithm, the user decodes the server’s response. PIR gains relevance in many important application domains like location-based services, patent databases, online censuses, real-time stock quotes, online behavioral analysis for ad networks, internet domain

228

1st International Conference on Applied Information Technology proposed to develop a system that satisfies query privacy and integrity of server responses. The paper progresses with related works and furthers to present the proposed architecture. Emphasis is laid on the proposed system leading to a conclusion and recommendations for future work.

7-9 October, 2015

approach is low server efficiency since the size of the cloaking region and its boundaries are controlled by the user and not the server. In the afore-mentioned techniques, there exists tradeoffs between quality of service and user’s privacy (Shokri et al., 2012). When hiding of user queries is employed, the tension between quality of service and user privacy is maximized because it minimizes user information unveiled to the server on one hand and increases privacy of the user on the other hand.

RELATED WORKS (Sassaman et al., 2005) presented a system known as the Pynchon Gate which helps preserve the anonymity of users as they privately retrieve messages using pseudonyms from a centralized server. The goal of the Pynchon Gate is to maintain privacy for users’ identities. It does this by ensuring the messages a user retrieves cannot be linked to his or her pseudonym. The construction resists traffic analysis, though users may need to perform some dummy PIR queries to prevent a passive observer from learning the number of messages she has received. Their approach neither preserves the users’ query nor verifies the integrity of query response. (Reardon et al., 2007) similarly proposed the TransPIR prototype system. TransPIR performs traditional database functions (such as parsing and optimization) locally on the client. It uses PIR for data block retrieval from the database server, whose function has been reduced to a block-serving PIR server. The benefit of TransPIR is that the database will not learn any information even about the textual content of the user’s query. The drawbacks are poor query performance because the database is unable to perform any optimization, and the lack of interoperability with any existing relational database system. (Dmitri, 2004) developed a location privacy model which runs on a client-server architecture. The client uses PIR to encode the plaintext message into an incomprehensible query. Then the server computes the encoded result blindly. The client derives the actual result from the encoded result sent by the server. This work is built on computational PIR (cPIR) protocol introduced in (Kushilevitz and Ostrovsky, 1997) where clients make use of PIR to query a Location Based Service (LBS) provider for nearby points of interest and allowing the client retrieve a small fraction of the LBS database which is cost effective. The system ensures message confidentiality but no integrity is guaranteed. An approach was presented by (Ghinitia et al., 2008) who developed a hybrid scheme that can achieve efficient query privacy for location based services. Cloaking technique and PIR protocol were combined to complement each other which guarantee strong location privacy, flexibility and scalability. The approach achieved strong location privacy where user determines his or her privacy level, forms a cloaking region around his location and the area of interest and uses PIR protocol to query the database. An extension of PIR, the Symmetric PIR (sPIR) which establishes database secrecy by assuring that no information other than what is relevant to the current location is unveiled to the querying user, thereby giving a stronger privacy protection to the server in the presence of a malicious client or an attacker. However, the setback of this

THE PROPOSED SCHEME The scheme employed in this paper involves the use of Advanced Encryption Standard (AES-256), RSA Cryptosystem and RSA Digital Signature Scheme (RSA-DSS) as basic tools applied to the concept of Private Information Retrieval. AES-256, a standard secret-key encryption algorithm was employed to encrypt the sub-query before its transmission to the server, as it has been generally designed to be highly resistant to cryptanalysis attack. The RSA technique was used for symmetric insecure channel (by generating public/private key pairs) between client and server. The RSA-DSS was employed to verify the correctness of server’s response to queries. The RSADSS stands to accomplish two purposes in the verification phase, to know whether the response is coming from the right source and if the response has not been altered in transit. The proposed architecture, as shown in Figure 1, is made up of three modules namely, Registration, Query and Verification modules. Registration Module At the registration module, before communication commences, a client registers with the server if he is a new user ui by supplying username, uid on a secure website (https). This module involves a key generation phase where the server generates public/private key pair for each client. For a new user ui, the server S computes public (eui, nui) and private key pair (dui, nui). The server keeps the public key (eui, nui) in its database so that when another user, ui+1 signs up, there will be no duplicate public keys which can lead to redundancy. The private key (dui, nui) of each new user ui the server generates is discarded following registration since the public key pair (eui, nui) is known to everyone but (dui,, nui) is known only to the owner of the key ui . By default, the server generates its own public/private key pair (es, ns) and (ds, ns) respectively. The server keeps its private key (ds, ns) secret while the public key (es, ns) is made known to everyone. The steps are outlined as follows: Step 1: Server chooses two large prime numbers p ui, qui. Step 2: Server computes the product of p ui, qui as: nui = pui . qui Step 3: The server computes ø(nui) = (

qui  1

pui  1

) Step 4: Server chooses public key e such that gcd (e, (nui)) = 1 and 3≤ e ≤ ø (nui)-1

229

) (

1st International Conference on Applied Information Technology Step 5: Server computes private key d as: dui = eui -1 mod ø(nui). Step 6: Server sends public/private key pair (eui, nui), (dui, nui) to ui.

Figure 1: The Proposed Crypt-PIR System

230

7-9 October, 2015

1st International Conference on Applied Information Technology Query Module At the query module, the client ui identifies his private attributes pui which are the sensitive or highly classified information that should not be revealed to the server. He presents a sub-query mui, a subset of the query, void of the private attributes pui. The anonymizing proxy ai,, a trusted third party based on the client side receives the sub-query and private attributes. ai, hides the private attributes such that it is not revealed to the server, chooses an integer as the session key kui for sub-query encryption. mui is encrypted with kui as Cmui (ciphertext of the sub-query) using AES-256 algorithm. ai, sends Cmui to the server. The Server S decrypts the encrypted request, searches its database for results that matches the request, encrypts the response as Crs (ciphertext of the server response). Server S then signs on the leftmost bit of Crs with its private key (ds, ns) using RSA-DSS computed as: Eds(Crs)→ Crs dsmod ns = DSig.

7-9 October, 2015

query and returns final response to the client ui. The security robustness of this system relates to issues of query confidentiality, user privacy as well as the integrity of query response. An adversary cannot successfully obtain session key if the transaction is intercepted because he/she has to derive private key d through which the session keys (kui, ks) can be recovered. The secret knowledge of d increases the computational hardness of this attack.

CONCLUSION This paper presents the application of Cryptography to Private Information Retrieval. The Crypt-PIR system maintains the computational advantage of the cryptosystem to provide an architecture for preserving query responses. A scheme based on symmetric encryption (AES-256), RSA and RSA-DSS was adopted. The system eases out many challenges associated with existing systems. Query confidentiality and response integrity was aimed at in the Crypt-PIR system. Future work should be directed towards S signs on the leftmost bit of Crs instead of the whole message an efficient implementation of the proposed system and also its in a bid to increase the speed of computation and conserve evaluation. memory space. S then sends (Crs, DSig) to the trusted third party, the anonymizing proxy. REFERENCES Beimel, A., Stahl, Y. 2007. Robust Information-Theoretic The digital signature scheme guarantees the source of the Private Information Retrieval. Journal of Cryptology, Vol. 20 response rs is genuine, correct and message has not been (3): 295–321. altered in transit as correctness is one of the requirements for Chor, B., Goldreich, O., Kushilevitz, E. , Sudan, M. 1995. any PIR scheme. Private information retrieval. In FOCS, pages 41–50. Crescenzo, G. 2006. Towards Practical Private Information Verification Module Retrieval: Achieving Practical Private Information Retrieval. At the verification module, the anonymizing proxy verifies if Dmitri, A. 2004. Querying Databases Privately: A New the response is from a genuine server by using the server’s Approach To Private Information Retrieval. SpringerVerlag. public key to verify on the encrypted symmetric key. After it Ghinitia, G., Kalnis, P., Khoshgozaran, A., Shahabi, C. has verified, it decrypts. Tan, K. 2008. Private queries in locationbased services: Verification phase Anonymizers are not necessary. In Sigmod, pp. 121-132. ai verifies DSig with (es, ns) as: Kushilevitz, E., Ostrovsky, R. 1997. Replication is not Des (DSig) → DSiges mod ns = Crs needed: single database, Computationallyprivate information retrieval. In 38th Annual Symposium on Crs = Crs mod ns → valid result Foundations of Computer Science - FOCS ’97. IEEE Computer Society pp. 364–373. Crs ' mod ns → invalid result Popa, R. 2014. Research statement. Available at:web.mit.edu/ralucap/ww/researchstatment.pdf.Pradhan, S., Sharma, B.K. 2013. A New Design to Improve the Security Aspects of RSA Cryptosystem. International Journal of Decryption phase Computer Science and Business Informatics. Vol. 3, No. 1 After verification is done, the message is decrypted with the ISSN: 1694-2108. querying client’s private key. Olumofin, F., Goldberg, I. 2009. Privacy-preserving Queries Step 1: ai decrypts Cks with (dui, nui) to give ks as: over Relational Databases. Technical report, CACR 2009-37, Deui (Cks) → Cks dui mod nui = ks University of Waterloo. Step 2: ai uses ks to decrypt Crs to get rs as: Olumofin, F., Tysowski, P., Goldberg, I. 2010. Achieving Dks(Crs) = rs. efficient query privacy for location-based services. Technical The response of the sub-query rs is checked against the private Report CACR Tech Report 2009-22, University of Waterloo, attributes pui, the anonymizing proxy ai extracts the result of the Centre for Applied Cryptographic Research.

231

1st International Conference on Applied Information Technology

7-9 October, 2015

A MULTI-AGENT ROUTE PLANNING SYSTEM BASED ON FUZZY ASSOCIATIVE MEMORIES 1

O. O. Dada, O. O., 2O.R. Vincent, 3O. A. Ojesanmi, 4S. A. Makinde 1,2,3,4

1

Department of Computer Science, Federal University of Agriculture, Abeokuta

[email protected], [email protected], [email protected], [email protected]

Abstract: In this paper, a novel decentralized route planning system based on user’s preference is proposed using agent technologies and fuzzy associative memories (FAMs). The system is classified into three layers: the input/request stage, Processing and Output Stage. Driver make their route requests and input variables are gathered by various agents in the environment in the input/request stage. The agents could be stationary or mobile as they interact with each other to give recent information to the user. The output from the input/request stage is the input to the processing stage which uses the user’s preference and fuzzy associative memories to quickly parse the data and produce route recommendations to the users. Coping with dynamic changes in the traffic volume is one of the biggest challenges in intelligent transportation system (ITS). Our main contribution is a real-time route planning system for drivers based on their preference. Our aim is to guide drivers to an optimum route based on their preference. The system only succeeds when the drive accepts the highest ranked feasible route as his route choice else it undergoes re-training. Hence, the route selection function is adaptive to the decision making of the driver. Keywords: Fuzzy Associative Memory, Intelligent-based, Mobile Agents, Multi-agents, Road Transportation, Route Planning System. points on the road network for instance, junctions and costs could be assigned on a node-by-node basis. These costs can be calculated from travel time, distance, queue length, safety, and weather amidst other important factors. Many route planning systems are only concerned with helping drivers find the shortest path to their respective destinations but drivers want other experiences like routes that are lively for special occasions like when they are touring a city, on holidays, want to hang out, etc. Some peculiar situations like drivers who have problems with their eye sight may want to drive along routes with good weather and have high safety ratings which current systems do not offer. Existing RPSs also do not take System overhead and resource management into consideration. This would have an adverse effect time taken to propose routes to users and could cause poor quality of route recommendation. They also were not implemented in real-life nor simulated properly hereby not making comparisons with other state-of-art algorithms possible.

INTRODUCTION Road transportation involves the movement of passengers and goods from one location to another. One of the problems associated with road transportation is traffic congestion, which is a situation that occurs on road networks as its usage increases. This is characterized by slower speeds, longer trip times, and increase in queuing. The negative effects of congestion are increase in emission of Carbon Dioxide (CO2) vehicle, wastage of fuel, increase in the waiting and trip time of drivers, and increase in accidents on roads. Many ways to mitigate this problem have been proposed but the cost implication, in terms of infrastructure improvements have held back the implementation of these approaches. The proposed approaches have looked to solve the problems through two main mitigation methods which are urban traffic light optimization and Intelligent Transportation Systems (ITSs). Recent developments in advanced technologies has made real-time information on traffic conditions easily available to drivers. For instance, estimation of queue length, traffic flow in a traffic network, degree of congestion on a road node, etc. can be obtained from inductive loop detectors, surveillance cameras, traffic control centers, etc. (Pang et al., 1999). Route Planning Systems (RPSs) are traffic information systems that offer routes that solve traffic problems. RPSs have been identified to provide optimal route solutions and traffic information prior to and amid a trip with the aim of helping drivers arrive at their destination as quick as possible (Ji et al., 2012). Routes that lead to a destination from a current location to a destination may be more than one. To assist drivers in selecting the best route that suits their preference, assigning costs to these routes may aid the decision making process. Nodes are important

In Real-time Route Planning System (RRPS), the driver makes his preference and destination known to the system while his preferred Origin can be input into the system directly or gotten automatically from a global positioning system (GPS) agent. RRPS would route drivers using current traffic conditions such as: congestion, safety, weather and scenery as input variables. The system then provides actual routing advice based on the real-time information gotten from the environment. The objective of the system is to guide drivers from a location to their preferred destination based on their preference. This is borne out of the fact that some users may want routes that are not only short (as

232

1st International Conference on Applied Information Technology conventional systems focus on), but are safe, have good weather amidst other criteria. The driver has the sole choice of accepting the recommendation through the system which is modeled as a fuzzy expert system. If the recommendation is not accepted, his reaction to the advice and information provided by the system is stored. To ensure that the system is adaptive and users’ trust, the previous choices of the driver, and his recent deviation from the recommendation are used for training. The core of this system is an adaptive selection algorithm based on a fuzzy associative memory approach.

7-9 October, 2015

presented was hierarchical and based on AGRE (Agent Group Role Environment) meta-model suggested by Ferber et al., (2005). Three type of agents were proposed Vehicle Agents (VAs), Road Supervisor Agent and City Agents (CAs) which operate at different levels of the hierarchical system. The system was implemented and simulated on an improved multi-agent platform in order to discuss the improvement of the global road traffic quality in terms of time, fluidity and adaptivity. Current web and mobile mapping services only offer to help drivers find the shortest routes from their current location hereby neglecting other experiences users complain of (Quercia et al., 2014). The importance of how quiet, beautiful and happy the street scene of the route which drivers plough are important to them in some cases. Quercia et al., (2014) got users’ view of various street scenes from a crowd-sourcing platform on which users vote on which street is more beautiful, quiet and happy. The system is scalable, and was deployed in a real-life scenario.

LITERATURE REVIEW To have a system that can be easily deployed in reallife scenario especially in developing and underdeveloped countries, Kammoun et al., (2014) proposed an adaptive multi-agent system based on the ant colony behavior and hierarchical fuzzy model. Although the proposed system permits the adjustment of the road traffic efficiently in tandem with real-time changes in road, few factors were used to describe routes. Chen et al., (2009) were the first to apply mobile agent to this field. In the Mobile-C based system, Mobile agent technology was integrated with multi-agent systems to enhance the ability of the traffic management systems in dealing with the uncertainty in a dynamic environment and reduce incident response time and data transmission over the network. Chou et al., (2011) aimed to minimize the error rate that may result from recommendation by proposing an adaptive navigation systems using FNN. The learning capability of NN when brought into fuzzy systems makes the system capable of online adaptation. The system requires the driver to set his destination, his location and the decision attribute is converted into a fuzzy value. The system then gives a recommended route in real time. If the driver does not follow the recommended route, the system will learn it by Adaptive Neuro-Fuzzy Inference System (ANFIS). Finally, the system changes the weight of the route attribute based on the driver’s previous decision, which is now based on his preference. Kammoun et al., (2014) proposed an adaptive multiagent system based on the ant colony behavior and hierarchical fuzzy model. Road traffic is adjusted according to the real-time changes in road networks by the integration of an adaptive vehicle route guidance system in the proposed system. All vehicles are assumed to be equipped with GPS so that the real-time traffic flow can be computed and in case of unavailability of GPSs especially in developing countries, Global System for Mobile communication is used to compute the traffic flow. The architecture SYSTEM DESCRIPTION

A comprehensive review of previous researches that have applied ant colonies in this area was carried out by Jabbarpour et al., (2014). The technique, strategy, topology, infrastructure, freeness from loops and ability to load balance traffic was all used to rate them. The problems identified with previous works were mainly four: their system overhead and resource management, improper simulation procedures, poor evaluation techniques, no functional framework for Vehicular Transportation Systems (VTSs) has been developed. A generic sixcomponent framework for ant-based VTS was hence presented. These components are: Segmentation component (where road maps are divided into a number of segments with different sizes), Data gathering Component (where historical and real-time traffic information are gathered), Link assignments Components (where weights are assigned to road map links), Forward ant Component (ants explore their segment based on user preferences), Probability function Component (where probabilistic or heuristic functions are used to calculate the probability of choosing the next hop) and Backward ants Component (where the ant backtracks to increase the pheromone levels of the links in the discovered path). The proposed framework was however not implemented.

233

1st International Conference on Applied Information Technology

As shown from figure 1 above, the overall system is made up of three stages: Input/Request Stage where route request is made, Processing Stage, where routes are recommended based on the driver’s preference and the output from the Input/Request Stage. The last stage is the output stage, where the recommended routes are presented to the driver. If the highest ranked route is accepted, then the driver is guided through the route. Else, the processing stage is fired up again and retraining occurs. RRPS Setup A. Path Characteristics: Drivers may select a path based on the factors highlighted below: i. Traffic load ii. Travel Distance iii. Safety of route iv. Weather along Path and v. Scenery of paths B. Path Attributes: A feasible path has some attributes which describe it. The attributes used on the course of this work as stated in (A) have their values range between zero (0) and one (1). i. Traffic Load: This denotes the rate of traffic flow on a particular path. 0 denotes a free flow of traffic path while 1 denotes a grid lock state on the path. ii. Travel Distance: This denotes the path with the shortest measurable travel distance, relative to other paths in the set of feasible routes. The attribute for this is decided based on a linear scale. iii. Safety of route: This denotes how often accident occur on a path, frequency of attacks and the path terrain. 1 denotes the safest route while 0 denotes the worst situation. iv. Weather along Path: Some drivers prefer paths with good weather condition for example with weak wind gust, and good visibility. This might be as a result of medical complications or gender. 1 denotes the best weather along the path while 0 denotes the worst weather to drive in. v. Scenery: Sometimes, it is not just about the shortest or safest path, the scenes along the path of travel may be important to people like tourists, excursionists and so on. 1 denotes the best scenery while 0 denotes the worst scenery.

234

C.

7-9 October, 2015

Fig 1: RRPS System Architecture Some of these attributes are considered static (Travel Distance) while others are dynamic. Driver’s Preference settings: Drivers may have a constant preference and, a special trip may also warrant the driver to have a special preference. The following panel adapted from Pang et al., (1999) can be used as weights for the routing algorithm after the driver has specified how important a path attribute is to his preference. Each path attribute is multiplied by the driver’s preference weight to diminish or maintain its value before further processing is done. For example, if a couple are on vacation in a new city, they may not be concerned about the route with the least traffic load or travel distance, they may assign more importance to scenery, safety, and weather. So therefore, travel distance and traffic load will not be taken into consideration by the routing algorithm. The suggested values for determining the degree of importance of the path attributes are shown in table 1 below:

Table I: Degree of Importance for Path attributes Importance Suggested Value Don’t care 0.0 Not important 0.4 Normal 0.7 Important 1.0 D. Route Selection Decision: Drivers are proposed various feasible routes based on the set preference and they have the sole choice of route. If they do not follow the proposed route, then the system adapts by learning the driver’s choice so as to avoid such mistakes again. The objective of this is to design an intelligent route system in an in-car navigation system which will have the following features: i. It can help the driver to make routeselection decisions. ii. It can adapt and learn from the histories of decisions of the driver. iii. It can guide the driver through an unfamiliar route.

1st International Conference on Applied Information Technology Agents in RRPS An agent is a computer system that is situated in some environment, and is capable of autonomous action in this environment in order to meet its design objectives (Wooldridge and Jennings, 1995). Agents’ autonomy, sociality, reactivity and proactivity are the general properties of agents (Jennings and Wooldridge, 1998). Agents can be stationary or can have mobility which is an orthogonal property of agents (Lange and Oshima, 1999). Multi-agents were used because the transportation domain is geographically distributed, therefore large volumes of data and interaction is involved and its subsystems exist in a dynamic environment (Adler and Blue, 2002). Mobile agents were used to enhance the flexibility and adaptability of large-scale traffic control and management systems (Chen et al., 2009) and also make the system converge quickly. Fuzzy Associative Memories Approach (FAMs) Fuzzy associative memories (FAMs) was used to model the driver behavior because it converges quickly and can identify noisy input patterns. FAMs are fuzzy neural networks (FNNs) which exists if the associative mapping is given by a fuzzy neural network and the input patterns are fuzzy sets for every occurrence. A FNN is an artificial neural network (ANN) whose input patterns, output patterns, and/or connection weights are fuzzy-valued (Buckley and Hayashi, (1994), Fuller, (2000)). FAMs are fuzzy truth tables which shows all possible outputs for all possible inputs. For this application, the input patterns will be the various attributes of a path and the output will be the score of the route. The real-time execution of FAM will be extremely fast because of its one-pass convergence. Different patterns can be stored for various drivers of a particular car so their preferences are particular to each driver. The combination of Fuzzy and Neural networks is to combine their advantages. This will make RRPS system more intelligent and therefore result in better recommendations made to the user. Agent Based Fuzzy Associative memory RRPS A. Vehicle Agent: Every vehicle is represented by a vehicle agent which is deployed in (a smart device inside) the vehicle. This can access information about various vehicular parameters such as his current location, destination and speed. This agent is responsible for communicating with the driver and the environment. To enable swift communication with the environment, the car dispatches lightweight agents which are act as data collection agents visiting each node. This will be modelled as an undirected connected graph . The environment is represented by the tuple and defined as follows: Definition 1: Let Q be the set of lightweight agents dispatched into the environment that will perform information gathering on the Road Nodes.

235

7-9 October, 2015

Definition 2: Home base and Initial States of Agents Let S0 be the initial state of an agent a starting at some node N of G. Let denote a function that represent the initial placement of agent in G. For any is called the home base of agent a. Definition 3: Agent Communication Let be a communication function that enable a mobile agent detect the presence of another agent at node for the purpose of communication in of the proposed architecture. Definition 4: Navigation of Agent/ Portnumbering In order to enable navigation of the agents in the graph , at each node the edges incident to are distinguishable to any agent at node n. In other words, there is a bijective function which assigns unique labels to the edges incident at node (where is the degree of ). The function is the local orientation or port-numbering. Definition 5: Nodes Label Let be a function that uniquely labelled each node in . The unique label L is predefined to enable for differentiation and communication between the agents in the environment. Definition 6: Coordinating Agent Let represent a vehicle agent in our proposed framework and be the mobile agents in the proposed architecture such that denote a two- way communication function between the and . is called the coordinating agent that serve as an intermediary between the driver and the lightweight agents in the proposed architecture. B. Global Positioning Device (G.P.S.) Agent: This is one of the main vehicle-based data collection systems and is the worldwide form of satellite navigation (‘Sat-nav’) systems developed and operated by the United States military. The GPS device Agent serves as a source for variables such as distance, time, locations, and real time traffic updates. C. Routes Database: This is a database of various road map routes which can be used to build maps, get various routes to a destination from a specific location. The routes gotten from this database is collapsed so as to mitigate the problem of multi-agent distribution and the administrator agent is responsible for updating the routes in the routes database as new routes may sprout up and be torn down. D. Environment Agent: The vehicle agent sends an R.C. request to the Environment Agent which responds with a R.C. response. The

1st International Conference on Applied Information Technology response returns consists consists of the various factors (weather, safety, scenery, traffic load and distance) used to describe each route. ( )(1) Where and is the number of feasible routes and (set of feasible routes). E. Traffic Load Estimation Agent (TLEA): This agent is responsible for estimating the traffic load on a particular route. ∑



(2) (3)

(

)(4

7-9 October, 2015 (6)

F.

Weather Condition Estimation Agent (WCEA): Drivers should be warned against driving on a slippery road, roads with low visibility, and adverse weather conditions. Sensors placed on the road should be able to indicate and classify icy or wet road pavement and to indicate the visual range. Due to the ambiguity, uncertainty and dynamicity of weather factors, it is very hard to formulate a suitable mathematical model. Thus, the development of fuzzy controller in this situation seems justified as its capability to approximate a real continuous function with good accuracy is advantageous as shown in figure 2

(5)

Fig 2: Weather Estimation Fuzzy Agent 2003), Strong wind gusts have speed greater than 30mph, and weak or no wind gusts will have speed less than 30mph. 3. Visibility Distance (vis): This refers to the surface visibilities on the roads. Bad/poor visibilities will have negative effect on transportation and may affect drivers negatively. 4. Pavement Condition (pcon): This is an inferred input. Cloud cover, air temperature, humidity, precipitation intensity and wind speed were used to estimate pcon.

The observational elements used are: 1. Precipitation type and Intensity (precip): The adjectives used for intensity are light and heavy. Moderate intensities have no adjective attached. A combination of observed weather, precipitation type and intensity are used to create the four ‘precip’ categories. They are none, light Rain/Snow, heavy rain, and heavy snow/ sleet. 2. Wind: This parameter was chosen because very strong wind gusts may affect the handling and stability of vehicles, especially high profiled vehicles. According to (Stern,

Table II: Input Variables for Weather fuzzy inference system Input variable

Membership Function Very Good, Good, Bad, Very Bad Very High, High, Low and Very low

Range

Very Good when pavement is dry, Good when it is wet, Bad is when it is Snowy/Icy, Very Bad when it is Black ice. Very Low when there is little or no precipitation, Low when there is light rain/snow, High when there is Heavy rain, Very high when there is heavy snow or sleet. Very good, Good, Very good when visibility is greater than 0.5miles and Good when Bad, Very Bad. visibility is less than 0.5 miles and greater than 0.25 miles, Very Bad when it is less than 0.25 miles. Strong, weak Strong when wind speed is greater than or equal to 30mph and weak when wind speed is less than 30mph The fuzzy truth table representation of the rules Table III: Fuzzy truth table for Weather fuzzy generated is presented in table III. inference system

236

1st International Conference on Applied Information Technology

The centroid defuzzification technique was employed here: ∑ ∑

7-9 October, 2015

during a specified period (Hauer E. (1997)), the road terrain and susceptibility to attacks on a route also define what safety on a route should be. In this work, the safety of a route will be estimated via fuzzy logic based on three inputs: predicted accidents, road terrain, and attacks susceptibility as shown in figure 3.

(7)

G. Safety of Route Agent (SORA): Safety as regards to transportation involves more than the number of crashes, or accident consequences, by kind and severity, that is expected to occur on the specified entity

Fig 3: Safety Fuzzy Agent Architecture (8)

The membership functions used are presented below and the outcome of the fuzzy logic system on a normalized domain, are three different fuzzy sets low, normal, and high.

Where: 0 ≤ ≤ 1, Y = number of years, μ = Safety performance function (accidents (/km.yr)), ϕ = overdispersion parameter Table IV: Input Variables for Safety fuzzy inference system Input Membership Range Variable Function High, marginal and High when value is between 1 and 0.7, Marginal when value is low between 0.4 and 0.7, and low when value is between 0 and 0.4. Low, medium and High when value is between 1 and 0.7, Marginal when value is high between 0.4 and 0.7, and low when value is between 0 and 0.4. Low, medium and High when value is between 1 and 0.7, Marginal when value is high between 0.4 and 0.7, and low when value is between 0 and 0.4. The fuzzy truth table representation of the rules Table V: Fuzzy truth table for Safety rules generated is presented in table V.

The centroid defuzzification technique was also used here: ∑ ∑

(9)

H. Information on Route Agent (IORA): This agent is gets static properties of transport infrastructure which are requested once at the beginning of the driver’s request for

I.

237

example length of road, public transport segments, number of lanes per segment, speed limit on the lanes, width of road, and type of road and so on. Other Factors Estimation Agent (OFEA): Other factors may be complicit in ensuring that the driver has a route that suits his

1st International Conference on Applied Information Technology preference. The other factor that was looked at was scenery. The Scenery factor was chosen because we also aim to propose routes that are also emotionally pleasant to users based solely on crowd-sourced data (Quercia et al. 2014) and user’s preference which are stored in the system. To score a

route based on scenery, fuzzy logic will employed because of its nonlinearity, uncertainty and ambiguity. The settings from the user’s panel are essential to this module as various users may have different definition for beauty, silence and quietness

Fig 4: Scenery Estimation Architecture The Scenery Fuzzy inference system is based on rules as which are generated from the settings set on the user’s panel below. The outcome of the fuzzy logic system on a normalized domain are two different fuzzy sets bad and good as shown in figure 4. The centroid Defuzzification technique was also used here: ∑ ∑

J.

7-9 October, 2015

into , aggregates Scenery Estimation Agent (SE) outputs into . The centroid or geometric center technique which is the arithmetic mean ("average") position of all the points in the set is used for the aggregation for each of the factors. The centroid of a finite set of points in is

(10)

Attributes Aggregation Sub module: This is module aggregates each path’s attributes: aggregates WCEA outputs ( ) into , aggregates SORA outputs into , aggregates TLEA outputs

(11) K. Agent Preference (A.P.): This is an interface where the driver to specifies the relative importance of each of his route attributes.

L. Preprocessing: The panel weights are multiplied by the panel settings here. For example if a driver is more concerned about driving through a place that is beautiful and noisy and less concerned about the route’s congestion, travel distance and other factors, then the scenery will be taken into consideration more than other factors. ALGORITHM 1: Multiplication Algorithm Input: Set of feasible routes S, Set of Agent preference P. Output: Personalized Route Attributes R. multiply(S[[1..p],[1..p],…,q], P[1..p]) Step 1: R = [[1..p]..q] //Allocate space for result Step 2: for bi = 1 to q

Fig 5: Driver Panel Interface Step 3: for ai = 1 to p Step 4: R[bi][ai] = S[ai] * P[ai] Step 5: return R Step 6: End The input vector to the FAM is denoted by and the output vector by and is ranges from to . Weight matrix W is obtained as: (12) M. Route Scoring and Ranking: Each feasible route is assigned a score. For each feasible route, let be the output of the FAM network, which is the score of the feasible route. The FAM network can be viewed as a nonlinear mapping from to . That is, ̅̅̅ ( ) (13)

238

1st International Conference on Applied Information Technology

7-9 October, 2015

for distributed traffic detection and management systems. Transportation Research Part C: Emerging Technologies, 17(1): 1-10. Chou, S. Y., Tyasnurita, R. 2011. Adaptive Navigation Systems by Using Fuzzy-Neural Network. Proceeding of Industrial Engineering and Service Science. Quercia, D., Schifanella, R., Aiello, L. M. 2014. The shortest path to happiness: Recommending beautiful, quiet, and happy routes in the city. In Proceedings of the 25th ACM conference on Hypertext and social media 116-125. Jabbarpour, M. R., Malakooti, H., Noor, R. M., Anuar, N. B., Khamis, N. 2014. Ant colony optimisation for vehicle traffic systems: applications and challenges. International Journal of BioInspired Computation, 6(1): 32-56. Pang, G. K., Takabashi, K., Yokota, T., Takenaga, H. 1999. Adaptive route selection for dynamic route guidance system based on fuzzyneural approaches. Vehicular Technology. IEEE Transactions 48(6): 2028-2041. Jennings, N. R., Wooldridge, M. 1998. Applications of intelligent agents. In Agent technology. Springer Berlin Heidelberg (pp. 3-28). Lange, D. B., Oshima, M. 1999. Seven good reasons for mobile agents. Communications of the ACM, 42(3): pp. 88-89. Adler, J. L., Blue, V. J. 2002. A cooperative multi-agent transportation management and route guidance system. Transportation Research Part C: Emerging Technologies, 10(5): 433-454. Buckley, J. J., Hayashi, Y. 1994. Fuzzy neural networks: A survey. Fuzzy sets and systems. 66(1): 1-13. Fullér, R. (2013). Introduction to neuro-fuzzy systems. Springer Science & Business Media 2. Kammoun, H. M., Kallel, I., Casillas, J., Abraham, A., Alimi, A. M. 2014. Adapt-Traf: An adaptive multiagent road traffic management system based on hybrid anthierarchical fuzzy model. Transportation Research Part C: Emerging Technologies, 42: 147-167. Ferber, J., Michel, F., Báez, J. (2005). AGRE: Integrating environments with organizations. In Environments for multi-agent systems. Springer Berlin Heidelberg. 48-56. Reardon, J., Pound, J., Goldberg, I. 2007. RelationalComplete Private Information Retrieval. Technical report, CACR 2007-34, University of Waterloo. Sassaman, L., Cohen, B., Mathewson, N. 2005. The Pynchon Gate: a Secure Method of Pseudonymous Mail Retrieval. In Proceedings of the 2005 ACM Workshop on Privacy in the Electronic Society (WPES ’05), pages 1–9. Shokri R., Theodorakopoulos G., Troncoso C., Hubaux J.P., Le Boudec Y.J. 2012. Protecting Location Privacy: Optimal Strategy against Localization Attacks. Proceedings of ACM Conference on Computer and Communication Security.

Where and is the number of feasible routes. Given S (set of feasible routes), feasible routes in S are ranked according to its score. This route ranking function is very important to the driver as it serves as a decision-support for the driver and ranking is carried out in accordance with the preference of the driver specified by the rules in FAM by the algorithm below: Algorithm 2: Algorithm for Ranking of Routes Input: Set of feasible routes scores〖 u〗_j, Set of all feasible routes S Output: Ranked routes RR Function rankedRoutes(TW, NL) Step 1: Set RR() ← Array()() Step 2: Repeat the steps until i = n 2.1: thisWeight ← u_j [i] 2.2: NR ← count(RR) 2.3: Repeat the Steps until j = NR + 1 2.3.1 if NR = 1 then RR ← (u_j [i],j) Exit loop 2.3.2 else if nodeWeight(u_j [i]) ≥ thisWeight then Shift other weights forward and insert thisWeight into RR at position i Step 4: Return RR END N. Error in Ranking: Since making the system more stable and balance is important, once the proposition made by the system is not followed by the driver, the error in recommendation is gotten from the cost of the recommended link and the chosen link as shown below:

(14) CONCLUSION This study has proposed a better route planning system (RRPS) to help drivers to make their route selection decisions. This proposed system is a modified version of the system proposed by Pang et al., 1999. However, RRPS is able to address the faults of many previous techniques such as: convergence time, using few factors to describe routes and neglect of user preference. REFERENCES Ji, M., Yu, X., Yong, Y., Nan, X., Yu, W., 2012. Collision-avoiding aware routing based on real-time hybrid traffic informations. J. Adv. Mater. Res. 396– 398, 2511–2514. Kammoun, H. M., Kallel, I., Casillas, J., Abraham, A., Alimi, A. M. 2014. Adapt-Traf: An adaptive multiagent road traffic management system based on hybrid ant-hierarchical fuzzy model. Transportation Research Part C: Emerging Technologies, 42: 147-167. Chen, B., Cheng, H. H., Palen, J. 2009. Integrating mobile agent technology with multi-agent systems

239

1st International Conference on Applied Information Technology

7-9 October, 2015

1st International Conference on Applied Information Technology

7-9 October, 2015

DEVELOPMENT OF AN AUTOMATIC FACIAL AND LICENCE PLATE RECOGNITION SYSTEM 1

A. Abayomi-Alli., 2A. M. Mustapha, 3I. O. Adeleke, 4O. A. Adedapo and 5O. D. Tijani

1,2,5

Department of Computer Science, Federal University of Agriculture, Abeokuta, Nigeria. Department of Electrical and Computer Engineering, Igbinedion University Okada, Benin City, Nigeria. 4 Department of Computer Science and Engineering, Ladoke Akintola University of Technology, Ogbomoso, Nigeria. 3

1

[email protected], [email protected], [email protected], and [email protected]

Abstract: Licence plates (LP) recognition has been applied in car access control, toll collection and other applications in recent times. However, car thefts remain a problem. In this study, an automatic facial and licence plate recognition system (AFLPRS) was designed and developed. AFLPRS combined licence plate recognition and facial recognition to track the car and the driver at the entry and exit point of the University premises. AFLPRS was tested at FUNAAB main gate for 5 working days and the results obtained shows that 9176 characters were detected from 618 LPs during testing. When deployed from the (side) and (middle) of the road, AFLPRS average Successful Detection (SD), Failure-to-detect (FTD) and Correct Recognition (CR) for LP characters was 512, 47, 115 and 594, 24, 127, respectively. SD and CR for overall LP characters was 96.26% and 19.74%, respectively. While AFLPRS face recognition performance on entry was SD=608 and 586; ED=10 and 37; CR=600 and 561, for side and middle deployment, respectively. True Positive (TP), True Negative (TN), False Negative (FN), False Positive (FP) and overall face recognition accuracy of AFLPRS on exit was 587, 16, 8, 7 and 97.6%, respectively. Future studies will target an enhanced AFLPRS with presence of smaller noisy characters, colour variations, extreme weather and uncontrolled illumination scenarios. Keywords: access control, Character Recognition, facial recognition, Licence plate. no additional transmitter or responder is required to be installed on the car. LPR system has a significant advantage of keeping image records of vehicles, which is useful in order to tackle criminal and fraudulent acts (Ozbay and Ercelebi, 2005). However, despite the advantages of the LPR system, there are shortcomings of car theft, which are faced by different organizations. This occurs due to illicit use of a legitimate plate on another vehicle, which is not that of the original owner, use of duplicate plate number, which would similarly signal a need for verification, and the LPR identifies the plate and not the driver, which means any driver, can go away with a car. This study is focused on identifying problems with existing LPR systems, designed, developed and tested an Automatic Facial and Licence Plate Recognition System known as AFLPRS. The rest of paper is presented with literature review in Section 2, research methodology is in Section 3 while Section 4 shows the testing, results and discussion of the AFLPRS and the paper concludes in Section 5.

INTRODUCTION The advancement of technology in a networked environment has necessitated the need to maintain the security of information or physical property. In most crimes, the criminals took advantage of a fundamental flaw in the conventional access control systems: the systems do not grant access by "who the individuals are", but by "what individuals have", such as ID cards, keys, passwords, PIN numbers, e.t.c. None of these means really defines an individual. Rather, they merely are means to authenticate us. It goes without saying that if someone steals, duplicates, or acquires these identity means, he or she will be able to access protected data or personal property any time (Shang-Hung, 2000). Biometric systems identify a person by biological characteristics such as facial features or fingerprints, which are difficult to forge or falsify (Abayomi-Alli, 2015). Licence Plate Recognition (LPR) is an imageprocessing technology used to identify vehicles by their licence plates. This technology is used in various security and traffic applications, such as the access-control system (Puloria et al., 2015; Accum et al., 2005). LPR system plays an important role in numerous applications such as unattended parking lots (Accum et al., 2005), security control of restricted areas, traffic law enforcement (Devkate et al., 2015), congestion pricing, and automatic toll collection. Due to different working environments, LPR techniques vary from one application to another. This technology is gaining popularity in security and traffic installations. LPR systems assume that all vehicles already have the identity displayed (the licence plate), so

RELATED WORKS Chin-Chiang and Jun-Wei (2007) presented a novel hybrid method for extracting licence plates and recognizing characters from low-quality videos using morphological operation and Adaboost algorithm. The Adaboost algorithm worked well in detecting licence plate (LP) characters with lower intensities, but failed to detect skewed LPs, which necessitated the morphologicalbased scheme to compliment it. Xianfeng et al. (2011)

240

1st International Conference on Applied Information Technology carried out an image pre-processing which aims to improve the image quality and extract the outstanding information that is needed; this is expected to be favourable to subsequent processing. MATLAB was used to convert the colour images obtained into a gray scale image by using histogram equalization. Thus, selfadaptive median filter was developed to improve image quality by getting rid of the noise. Akoum et al. (2005) and Tsai and Kao (2010) used Hopfield and Multilayer perceptron (MLP) Neural Network algorithms for extracting LP features, isolating LP characters and identification of the characters. The comparative analysis carried out showed that the Hopfield Network had a better accuracy than MLP architecture. Shapiro et al. (2004), presented an approach that included pre-processing, edge detection, filtering, LP position detection, slope evaluation, character segmentation on Isreali and Bulgarian LP images obtained at different daytime and weather conditions. The approach was robust to illumination, plate slope and scale which is also insensitive to plate country peculiarities. Cano and Perez-Cortes (2003) presented a robust method for plate recognition in a wide range of LP image acquisition conditions, including unrestricted scene environments, light, perspective and camera-to-car distance. The segmentation techniques were highly dependent on the classifier performance. Devkate et al. (2015) reviewed the maximum entropy algorithm for segmentation on Automatic Licence Plate Recognition (ALPR). The paper concluded that environmental factors such as background images, indoor and outdoor conditions, dirt, lightning and towering accessories on the car, all affect the state of LP extraction. Findly et al. (2013) described an experiment designed for the development of a comprehensive and thorough understanding of the readability of North Carolina LPs with ALPR system. It focused on law enforcement applications and made use of two infrared camera systems for data collection in a controlled environment. They found out that the current, standard issue, blue ink LP has the highest capture and read rate. Khalil (2010) applied the template matching approach for LP character image recognition. The approach was initiated on Egyptian and Saudi Arabian LPs but was proposed to be used in more countries. It was based on keeping the names of these countries along with a list of Arabic characters as entries in a table and then matching these entries one after the other with the car plate. Chitkara et al. (2013) made use of connected component, which is applicable to both character segmentation and plate segmentation of LP. Number plates were extracted using the maximum area

7-9 October, 2015

and segmentation was done using labelled components on a single line Punjab number plate. Prates et al. (2014) employed a sliding window approach based on Histogram of Oriented Gradients (HOG) features. It was used for Brazilian licence plates detection. This approach scanned the whole image in a multistage fashion such that the LP was precisely located. Azad et al. (2013) took car images to HSI colour space, analyzed the location of the plate, the operation of morphology such as erosion and dilation was applied, and the plate extraction was done with vertical and horizontal projection among various candidates. Sobiya and Priya (2014) employed multistep detection method along with fuzzy logic classifiers, which helped in identifying the LPs and characters with better accuracy and faster pre-processing speed. Kumar (2009) used National Instrument Vision assistant tool, which is a desktop application for LP recognition of vehicles, which acquired the image, extracted the characters, segmented the LP characters and recognized them. About 100 vehicles with India licence plates were recorded to measure the efficiency of the system. Shaaban (2011) proposed a system, which carried out the detection and extraction of LP area by video cameras, segmentation of the plate characters and digits as well as character and digit recognition. Neural network classifier was utilized to recognize the characters based on edge moment invariants and principal component analysis features of wavelet coefficient matrix. All the previous related literatures were only techniques that tend towards achieving better LP recognition but none considered the problem of facial as a biometric mechanism to combat car theft and tool collection. RESEARCH METHODOLOGY Two access control techniques was combined in this study, namely: licence plate recognition and facial recognition. It is expected that every car should have a licence plate number, which would be detected, the character recognised and then saved in a database along with the drivers and other vehicle’s credentials. At the same time, a facial recognition of the vehicle’s driver is done and the face is saved in the database. On exit, the face of driver is compared again with the one saved in the database earlier on entry. Only when the gallery and probe driver’s facial images match, will AFLPRS allow the driver to leave the organization’s premises with the car without further questioning or clarification. Figures 1and 2 shows the entry and exit activity diagram for the Automatic Facial and Licence Plate Recognition System (AFLPRS).

241

1st International Conference on Applied Information Technology

7-9 October, 2015

Figure 1: Activity diagram of the proposed system on car entry

Figure 2: Activity diagram of the facial and licence plate recognition system on car exit

242

1st International Conference on Applied Information Technology From Figure 1 and Figure 2 AFLPRS captures the driver’s face and the LP of the vehicle. It describes the used of the system and shows the courses of events that will be performed as well as defining what happens in the system. The system requires the involvement of an administrator who is tasked to take appropriate actions when the system gives signals such as inability to capture driver’s face or LP’s characters, false positives or negatives during face verification, mismatch between entry and exit driver’s faces, mismatch between captured LP characters and registered car credentials, etc.

7-9 October, 2015

The whole recognition process involves two steps, the initialization process and recognition process, respectively. The Initialization process involves the following operations: 1. Acquire the initial set of face images called the training set. 2. Calculate the Eigen faces from the training set, keeping only the highest eigenvalues. These M images define the face space. As new faces are experienced, the Eigen faces can be updated or recalculated. 3. Calculate the corresponding distribution in Mdimensional weight space for each known individual, by projecting the face images on to the “face space”. These operations can be performed from time to time whenever there is a free excess operational capacity. This data can be cached which can be used in further steps eliminating the overhead of re-initializing, decreasing execution time thereby increasing the performance of the entire system. Having initialized the system, the following steps are executed: 1. Calculate a set of weights based on the input image and the M Eigen faces by projecting the input image onto each of the Eigen faces 2. Detect a face in the image (known or unknown) by checking to see if the image is sufficiently close to a “free space”. 3. If a face is detected, then classify the weight pattern as either a known person or as unknown. 4. Update the Eigen faces or weights as either a known or unknown if the same unknown person face is seen several times then calculate the characteristic weight pattern and incorporate into known faces. Let гbe and nX1 vector representing an n X n face. Step1: Obtain training faces I1, I2… IM Step2: Represent each Ii as гi Step 3: Determine the average face from each ∑ Ψ= (2) Step 4: Subtract the average face from each гi: Ф = гi – Ψ (3) Step 5: Determine the matrix A such that each column of A is a face: A = [Ф1, Ф2, …,ФM] (4) Step 6: Find the n2 x n2 covariance matrix C of A and calculate its eigenvectors ui: C = AAT (5) Note however that the matrix is very large and one can reduce the problem’s complexity by using the matrix ATA (which is M X M) and computing it’s eigenvectors vi. The two matrixes have the same eigenvalues and their eigenvectors are related as follows: ui = Avi (6) It should be noted that the M eigenvalues of ATA are the M largest eigenvalues of AAT. Therefore the M best

Face Recognition A simple face recognition application was designed based on Principal Component Analysis (PCA) while a commercially available standard development kit from Luxand incorporation was used for the facial features extraction and face detection. PCA make use of mathematical procedures that transform a number of correlated variables into smaller number of uncorrelated variables called principal components. The first principal component represents the remaining variance. To explain PCA mathematically, a random vector x, where x = (x1,…,xn)T. The mean of the population is denoted by µx = E(x), where E is the statistical expectation operator. The covariance matrix of the same data set is: Cx = E{(x-µx)(x-µx)}T (1) The eigenvectors ei and the eigenvalues λi are the solutions of equation Cxei = λiei, where i=1,…, n. These values can be found by finding the solutions of equation |Cx – λI| = 0, where I is the identity matrix having the same order than Cx and |.| denotes the determinant of the matrix. The principal component pi = eiTx. The eigenfaces may be considered as a set of features which characterize the global variation among face images. Then each face image is approximated using a subset of the eigenfaces, those associated with the largest eigenvalues. These features account for the most variance in the training set. To extract the relevant information from a face image, it is encoded as efficiently as possible, and compared with a database of models encoded similarly. A simple approach to extracting the information contained in an image is to somehow capture the variations in a collection of face images, independently encode and compare the individual face images. Mathematically, it is simply finding the principal components of the distribution of faces, or the eigenvectors of the covariance matrix of the set of face images, treating an image as a point or a vector in a very high dimensional space. The eigenvectors are ordered, each one accounting for a different amount of the variations among the face images. These eigenvectors can be imagined as a set of features that together characterize the variation between face images. Each image locations contributes more or less to each eigenvector, so that the eigenvector can be displayed as a sort of “ghostly” face which is called an Eigen face.

243

1st International Conference on Applied Information Technology eigenvectors, where k is calculated theoretically or experimentally. Step 7: Each Фi can now be represented as a linear combination of k eigenvectors: ФI = ∑ (wj = UjTФI) (7) 2 Recognition is done by projecting the (n x 1) input image onto the Eigen space calculated in Step 7 above i.e. it is represented as a linear combination on the eigenvectors. We then find the minimum of the distances of all of the faces stored in the database, and the closest matching one is recognized. It should be noted that if the distance is greater than some threshold t, then the person is classified as unrecognized.

7-9 October, 2015

Minimum Hardware and Software Requirements The minimum hardware required for the successful implementation of AFLPRS is a Pentium Intel Celeron, minimum of 2GB RAM, 250GB Hard disk, four digital surveillance cameras (one for face recognition and the other for LP detection on entry and exit). The minimum software requirement is a Windows 7 operating system, Java Development Kit 6.0 or 5.0 (JDK 6.0 or JDK5.0), Java Runtime Environment (JRE 6.9), Luxand Face Detection Development kit (Luxand SDK), DTK Automatic Number Plate Recognition Setup, WampServer or XampServer (MySQL engine). Implementation Phases The prototype implementation of the proposed system is divided into three major phases: i. Vehicle capture and LP extraction on entry/Driver’s facial image capture; ii. Vehicle capture and LP extraction on exit/Driver’s facial image capture; iii. Verification of details.

Face Recognition Process The following steps are required for obtaining Eigen images: Step1- Select database image and resize by chosen amount; Step2- Convert database image to grey scale; Step3- Calculate the mean of the image; Step4- Subtract the value of the mean from pixel in the database image; After step 1-4, the probe or test image is obtained: Step5- Subtract the mean of the database image from each pixel of the test image; Step6- The image obtained in Step4 and step5 are known as Eigen images or faces; Step7- Compare each pixel in the database Eigen image to its corresponding pixel in the test image; Step 8- Check if similarity score (recognition rate) is equal to choice threshold; Step 9- If recognition rate is greater than or equal to threshold value, test image is said to be recognized else test/captured image is not a database image i.e. Threshold value is set by taking factors such as light, reflection and posture into consideration.

AFLPRS Actions on Entry AFLPRS is first launched from where it has been deployed. Then the user captures vehicle first so that the system can extract and read the characters on the LP before the face of the driver is detected and captured. After which the captured details as well as the time of car entry are sent to the database, which will be needed for future enquiry. AFLPRS Actions on Exit AFLPRS carries out the same operation as described above, except for requiring information to verify if it’s the same driver who came into the premise with the car during entry with the particular vehicle and LP number. If there is a mismatch, the system sends a signal for the driver to be questioned. This singular act will prevents car theft in many organizations or public car packs. In addition, the entry and exit time of the authenticated driver is updated as part of the vehicle’s record in the database for future references.

Licence Plate Recognition Process Five primary steps involved in LP recognition include: 1. Plate localization– Responsible for finding and isolating the LP within the camera’s field of view; 2. Plate orientation and sizing– compensates for the skew of the plate and adjusts the dimensions to the necessary side; 3. Normalization– adjusts for brightness and contrast of the image; 4. Character segmentation– finds the individual characters of the plate; 5. Send characters or query characters detected into/from the database. All the five algorithms were implemented in DTK Automatic Number Plate Recognition SDK, which was incorporated into AFLPRS.

Testing of AFLPRS AFLPRS was tested at the main gate of the Federal University of Agriculture, Abeokuta, Nigeria for at least four hours between the hours of 8am-10 am and 3pm-5pm for Seven (7) days. The capturing of the driver’s face and the licence plates was monitored for oncoming cars in the morning and outgoing cars later from noon. The efficiency of AFLPRS at recognising the driver’s face and the LP characters was tested when the cameras are in the middle of road or on one side of the road. AFLPRS was also tested for the ability to capture and read the LP characters, Capture only, or no capture.

IMPLEMENTATION AND TESTING The AFLPRS was implemented and tested using the design specifications discussed in the sections above.

244

1st International Conference on Applied Information Technology

7-9 October, 2015

It was observed that the number of Failure-to-Detect (FTD) was higher when AFLPRS was located on one side of the road (Table 1) than when it was deployed in the middle of the road (Table 2). No. of Licence Plate Characters

RESULTS AND DISCUSSION AFLPRS was able to efficiently detect and recognise the driver’s faces accurately recognise the LP characters of a vehicle as well as record the date and time of capture. The facial image and LP was recaptured again for a proper verification that both the probe and gallery images match. The time of verification if the condition is true was also updated into the database as shown on figure 3. If the condition is false i.e. the facial image does not match, the system prompts the user to take necessary actions. The facial images captured must also be reasonably captured on a close range for the facial recognition to be efficient and effective for detection and verification.

10000 9000 8000 7000 6000 5000 4000 3000 2000 1000 0 1

2

3

4

5

Tota l

LP char 2037 2019 1755 1902 1463 9176 SD

1925 1953 1703 1861 1391 8833

ED

112

66

52

41

72

343

Figure 4: Showing the daily AFLPRS LP characters against successful detection (SD) and Error detection (ED). 10000 9000 No. of Licence Plate Characters

Figure 3: Diagram showing the captured image of a vehicle and the characters read from the licence plate. Table 1: Showing LP Detection rate when AFLPRS was deployed on one side of the road. No. of Day SD FTD CR LPs 1 142 129 13 23 2 137 130 7 29 3 114 108 6 24 4 129 120 9 15 5 96 84 12 24 Total 618 512 47 115

8000 7000 6000 5000 4000 3000 2000 1000 0

1

2

3

4

5

Total

SD 1925 1953 1703 1861 1391 8833

Table 2: Showing LP Detection rate when AFLPRS was deployed in the middle of the road. No. of Day SD FTD CR LPs 1 142 135 7 25 2 137 132 5 32 3 114 110 4 24 4 129 126 3 19 5 96 91 5 27 Total 618 594 24 127

CR 372

423

319

258

372 1744

ER 1553 1530 1384 1603 1019 7089 Figure 5: Showing the AFLPRS LP characters successful detection (SD), Correct Recognition (CR) and Error Recognition (ER). It was also observed that despite the high Successful Detection (SD) of the licence plates, the

245

1st International Conference on Applied Information Technology

7-9 October, 2015

AFLPRS LP Character Recognition Accuracy (%)

number of Correct Recognition (CR) was quite low as shown on Table 1 and 2. The total numbers of LPs were 618 for the five testing days. AFLPRS had an average SD of 512, FTD=47 and CR=115 when deployed on one side of the road while SD=594, FTD=24 and CR=127 when deployed in the middle of the road. 30

26.7

25 20 15

21.7 19.3

20.1

18.7

Figure 8: A typical United Kingdom and South Africa’s licence plate.

13.9

10 5 0 1 2 3 4 5 Avg Testing Day 1-5 and Average Accuracy Figure 9: A typical United States’ licence plate.

Figure 6: showing the daily and average AFLPRS LP Recognition Accuracy (RA).

The low LP character recognition can be attributed to the image (Nigerian map) behind the licence plate characters, other smaller characters such as “the federal republic of Nigeria”, the state and their motto as shown on Figure 7. All these make a typical Nigerian LP too wordy and noisy for the OCR to recognise the characters accurately. The blue, green or red on White colour of the licence plates is also a disadvantage as LP OCRs performs better with white on black or black on white LP characters like the United kingdom and south Africa’s LP on Figure 8. Although the United States’ LP on Figure 9 is similar to its Nigerian counterpart, the US registration number is clearly written in bold black characters making it easy to read and less susceptible to fade.

From Figure 4, the total characters from the 618 licence plates was 9,176, 8,833 characters was successfully detected giving an overall LP character detection rate of 96.26% and LP character error detection rate of 3.74%. Although AFLPRS detected the LP characters efficiently, the result of the Correct Recognition (CR) was quite low as shown on Table 1, Table 2 and Figure 6. Figure 5 shows that total correctly recognised LP character is 1,744 of the 8,833 that was successfully detected. Thus giving a correct recognition rate of 19.74% and error recognition tares of 80.26%, respectively. Figure 6 shows the 5-days LP Correct Recognition (accuracy) and the Average as 19.3, 21.7, 18.7, 13.9, 26.7 and 20.1.

Table 3: AFLPRS face recognition performance on car entry when deployed on one side of the road. No. of Day Face SD ED CR rec. 1 142 140 2 138 2 137 134 3 133 3 114 111 3 108 4 129 129 0 127 5 96 94 2 94 Total 618 608 10 600

Figure 7: A typical Nigerian licence plate.

246

1st International Conference on Applied Information Technology Table 4: AFLPRS face recognition performance on car entry when deployed in the middle of the road. No. of Day Face SD ED CR rec. 1 142 133 9 133 2 137 125 12 123 3 114 111 8 101 4 129 124 5 113 5 96 93 3 85 Total 618 586 37 561

and verification. On the other hand, LP Recognition system has been a highly recommended technology for uniquely identifying a vehicle that passes through a particular environment at any time. Making use of these pattern recognition approaches has made it possible to identify a car’s driver and the vehicle’s licence plate characters. Since, no two cars can have the same plate number; therefore, an individual can’t drive two cars with the same LP number at the same time neither can two individual drive the same car into a premise at the same time. This study recommends that AFLPRS be deployed in a controlled and well-illuminated environment for effective performance. In addition, the facial images of the driver must be well collected through the side window of the vehicle and not in front of the car because the frontal widescreen does not make the driver’s image clear enough for detection. AFLPRS will be more effective when the LP characters are black on white. It is recommended that the Federal Road Safety Corps (FRSC), Vehicle Inspection Operatives (VIO) and other stack holders in the transport sector should consider reverting to the black on white LPs. Future research will focus improving the robustness of AFLPRS in uncontrolled weather and illumination conditions as well as enhancing the recognition of AFLPRS LP characters despite the other noisy texts and colour.

Table 5: Showing AFLPRS face recognition performance on car exit. No. of Day Face TP TN FN FP rec. 1 142 134 3 4 1 2 137 129 5 1 2 3 114 111 2 0 1 4 129 124 3 2 0 5 96 89 3 1 3 Total 618 587 16 8 7 Table 3, shows AFLPRS face recognition performance on car entry when deployed on one side of the road with the 618 recognised drivers faces, 608 successful detection (SD), 10 error detection (ED) and 600 correct recognition (CR). From Table 4 also on entry, 586 driver’s faces was successful detected, 37 faces were not, and 561 was correct recognised by AFLPRS. The accuracy of AFLPRS in correctly recognising driver’s faces was tested on the cars exit from FUNAAB gate. At this point, AFLPRS will match the driver’s face on exit with the gallery face image obtained on last entry. Table 5, shows AFLPRS face recognition performance on car exit with true positive (TP), true negative (TN), false positive (FP) and false negative (FN). The overall face recognition accuracy of AFLPRS is given as: ⁄

(8)



= 97.6%.

7-9 October, 2015

REFERENCES Abayomi-Alli A. 2015. Image Verification and Quality Assessment Models For Predicting Facial Recognition System Performance, PhD Computer Science Thesis, Ladoke Akintola University of Technology, Nigeria. Akoum A., Daya B., Chauvet P., 2005. Two Neural networks for licence number Plates Recognition, Journal of Theoretical and Applied Information Technology, JATIT, 2005-2009. Azad R., Davami F., Azad B., 2013. A novel and robust method for automatic licence plate recognition system based on pattern recognition. ACSIJ Advances in Computer Science: an International Journal, 2 (3): 4, July 2013. Cano J., Perez-Cortes J. C., 2003. Vehicle License Plate Segmentation in Natural Images. Vol. 2652, Lecture Notes on Computer Science, SpringerVerlag, pp.142 -149. Chitkara P., Chowdhary N., Malhotra J., 2013. Optimizing Automatic number Plate Recognition system using Template Matching, Australian Journal

Although, AFLPRS face recognition performance is high from the test, this level of performance will be impossible in bad weather or poor lightning conditions. CONCLUSION Facial recognition (FR) system has been a matured technology, which provides biometric and high security services in increasing number of applications. FR will continue to gain acceptance as a reliable form of access control through identification

247

1st International Conference on Applied Information Technology of Information Technology and Communication. 2 (2):42-51. Chin-Chiang C., Jun-Wei H., 2007. Licence Plate Recognition from Low-quality videos, MVA 2007 IAPR conference on Machine Vision Applications, May 16-18, 2007, Tokyo, Japan. Devkate P. D., Deosarkar D. R., Mhetre A. B., Pattanaik S. S., 2015. Automatic Licence Plate Recognition, International journal of Emerging Trend in Engineering and Basic Science, 2(1): 384387. Findly D. J., Cunningham C. M., Change J.C., Hovey K.A., Corwin M. A., 2013. Effect of Licence Plate Attributes on Automatic Licence Plate Recognition, 92nd Annual Meeting of the Transportation Research Board, Jan. 13-17, 2013. Khalil M. I., 2010. Car plate Recognition Using the Template Matching Method, International journal of Computer Theory and Engineering, 2(5):1793-8201. Kumar M., 2009. A real Time Vehicle Licence Plate Recognition (LPR) System, M.Eng. Thesis report in Electronics Instrumentation. Ozbay S., Ercelebi E., 2005. Automatic Vehicle Identification by Plate Recognition, World Academy of Science, Engineering and Technology, 9:222-225. Prates R. F., Camara-Charez G., Schwartz W. R. Menotti D., 2014. Brazilian Licence plate Detection using Histogram of Oriented Gradients and sliding windows, International Journal of Computer Science and Information technology (IJCSIT), CoRR, abs/1401.1990, 2014.

7-9 October, 2015

Puloria K., Mahajan S., 2015. A review on Automatic Number Plate Recognition System, International Journal of Software & Hardware Research in Engineering, 3 (1), January, 2015. Shang-Hung, L. 2000. An Introduction to Face Recognition Technology, informing Science special issues on multimedia informing Technology, 3:1-2. Shaaban Z. 2011. An Intelligent licence plate Recognition System, International Journal of Computer Science and Network Security, 11(7):5561. Shapiro V., Boncher S., Velchkov V., Gluhchev G., 2004. Adaptive multi-National Licence Plate Extraction, Cybernetics and Information Technologies, Bulgarian Academy Of Sciences, 4(1):76-88. Sobiya J. L., Priya P. A., 2014. Automatic Multistyle licenced Plate detection by using fuzzy logic classifier, International Journal of Advanced Research in Computing Engineering & Technology (IJARCET), 3 (4):1194-1202 Tsai Y., Kao K., 2010. Licence Plate Detection on Autonomous Surveillance System, Journal of Computational Information Systems, 6(14):49414949. Xianfeng Z., Fengcheng X., Yan S., 2011. Research on the Licence Plate Recognition based on MATLAB, Elsevier Procedia Engineering, 15(2011):1330-1334.

248

1st International Conference on Applied Information Technology

7-9 October, 2015

INFORMATION AND CYBER SECURITY THREAT ANALYSER Y. M. Tukur and S. Y. Ali 1

Department of Mathematics, Usmanu Danfodiyo University, Sokoto, Nigeria. Department of Mathematics, Ahmadu Bello University, Zaria, Nigeria.

2

[email protected] and [email protected] Abstract: Computer information systems have in recent years found increasing applications in all facets of human endeavour, owing to the rapid improvement in processing and storage technologies, the advent of the internet, as well as availability and reduced costs of computing resources. Consequently, organisations, corporations and businesses heavily depend on computer information systems and the internet. They employ applications that depend on networked information systems to effectively manage their operations which often bear valuable proprietary information. This exposes important computing resources to security threats, and makes securing the assets a principal concern to individuals and businesses. This paper examines and evaluates different methodologies to information security risk assessment that can be used to identify and protect the assets against attacks. The authors then employed java language’s GUI programming to develop a graphical, intuitive, interactive tool based on appropriate qualitative methodologies. The tool visualises the entire risk assessment process and helps organisations analyse cum manage threats to their information security systems. Data from supply chain management are used to demonstrate the working of the tool. The resultant tool enhances and simplifies the risk assessment activity and helps organisations make informed decisions about risks. Keywords: Assets, Computer, Information Security, Risk Assessment, Threats vulnerabilities, and threats facing an information system (Schneider, 2010). ―Cyber security‖ encompass safeguarding information through avoiding, identifying, as well as reacting to ―cyberattacks‖ (Razzaq et al., 2013). Information Security (IS) is to protect our valuable information assets from accidental or deliberate damages whereas Cyber Security (CS) is a whole set of procedures and systems providing protection of computer systems and networks from intentional and unintentional damages or dangers in the cyberspace through services like confidentiality, integrity, authentication, availability, nonrepudiation, auditing, and digital signature (Khan and Hussain, 2010). The increasingly changing threats to information security perhaps necessitate most IT security programmes in organisations owing to the vulnerabilities of the system, with a view to mitigating them. ―Threat analysis‖ is a fundamental element of the overall process of assessing risks to information security as outlined in (Stoneburner et al., 2002). It requires a thorough understanding of potential threat sources aimed at ranking susceptibilities intended for treatment as well as appraising current safeguards (SANS 2003).

INTRODUCTION With the rapid improvement in processing and storage technologies, the advent of the Internet, and resultant rapid development of information communication technologies (ICTs) across the globe, there has been continual growth in the number of people with access to the Internet and the information disseminated through its use (Schneider, 2010). This growth is attributable to increased processing power, reduced cost and ubiquitous availability of computing resources more than ever before (Rabai et al., 2012). The trend makes our world a global village today (Khan and Hussain, 2010). Consequently, corporate, administrative, as well as academic institutions turn out to be progressively in need of computing systems accompanied by the World Wide Web. Authorities and many businesses employ applications that require linked data communication and distributed systems for effective management of processes which at times, bear precious, branded data (Van Leeuwen et al., 2010). This development makes important computing resources more prone to greater security threats, and hence, securing the assets an additional worry for persons and organisations (Im and Baskerville, 2005). Whilst organizations use automatic computer technology procedures to manage their data aimed at improved backing for their missions cum successful operations, risk management takes part in protecting the information assets of a corporation, and thus its mission, from IT-related risks (Stoneburner et al., 2002). Information security management within any organization involves some kind of managing probable risks,

RELATED WORK Information security risk analysis has earned momentous interest over the years. It may have become a significant part of many corporations’ security programmes. Methodologies/tools for assessing these risks may be regarded as effective means through which overall security of information systems could be attained.

249

1st International Conference on Applied Information Technology

Many works have been done on the subject of risk analysis in recent years. For example, risk analysis of information security systems was being explored by (Baskerville, 1993) from the middle of 1980s where he detected worksheets meant for tools applied in planning security standards for information systems. Initial information security risk assessment methods saw the introduction of the concept of business processes to get around concentrating merely on technological security problems (Taubenberger et al., 2013). Afterward, using annual loss expectancy, (Suh and Han, 2003) offered an information security risk analysis technique that comprises business continuity. Numerous other information security risk analysis methodologies exist; including those focused on asset-function assignment tables and paired comparison (Lee, 2014). There also exists a matrixbased approach to risk analysis (Goel and Chen, 2005). Over time, some complex tools/methodologies were created by researchers to assist in the risk analysis process for information security. Methodologies such as OCTAVE (Alberts et al., 2001; Elky, 2006) offer techniques to enable the identification, evaluation, and management of risks to information security systems. Other frameworks include among others, the NIST Risk Management Guide (Stoneburner et al., 2002; Elky, 2006) CRAMM (TREATY, nd; Yazar, 2002; Elky,2006), ISRAM (Karabacak and Sogukpinar, 2005), FRAP (Elky, 2006; Behnia et al., 2012), and COBRA (Elky, 2006). Hybrid approaches arise from the integration of two or more of the existing methodologies.

7-9 October, 2015

Conversely, the Qualitative approach grades the degree of the likely effect of a threat as high, medium, or low. Threat impacts are most frequently measured using the qualitative approach, a technique which enables assessment of total possible effects by entities involved. The technique employs a number of interrelated factors namely threats, vulnerabilities and controls which could be restrictive, precautionary, corrective or detective. After a study of the different methodologies some of which have just been mentioned, two of the methodologies were chosen and are succinctly explained in a moment. That is to say the analyser presented in this work draws on techniques which support the overall process of risk analysis and treatment, from asset identification to threat elicitation to application of cost-effective controls. This is justified by the explanations that follow. Meanwhile, the tools used to design the analyser are standard java compiler, Java Development Kit (JDK) version 1.8.0 update 45 (jdk1.8.0_45) with all its standard libraries; JCreator Integrated Development Environment (IDE); additional MigLayout library; as well as additional jfreechart library. The underlying principle of the analyser is based on the chosen methodologies. 1.

National Institute Of Standards and Technology 2. National Institute Of Standards and Technology 3. (NIST) Special publication (SP) 800-30, Risk 4. Management Guide for information technology 5. System is the United States Government’s risk 6. management standard. The approach, which is 7. principally created to be qualitative, centres on a 8. synergy between expert security analysts and 9. system proprietors and technical specialists 10. through which information technology (IT) risks 11. are painstakingly recognised, analysed and 12. managed (Elky, 2006). The approach is highly 13. inclusive, comprising the whole lot from 14. identifying threat-source to continuing evaluation 15. and assessment. Nine steps that make up the NIST approach are as follows (Elky, 2006; TREATY): System Characterisation, Threat Identification, Vulnerability Identification, Control Analysis, Likelihood Determination, Impact Analysis, Risk Determination, Control Recommendations, and Results Documentation. Execution of the steps is in the listed order. The architecture for this methodology is shown in Appendix A.

MATERIALS AND METHODS Companies and organisations willing to perform information security risk analysis are confronted with the challenge of choosing a methodology. At the moment, several ―risk analysis‖ tools and methodologies exist, some of which appear to be qualitative or quantitative in nature. These methodologies and tools focus on different aspects of an information security system. However, they pursue a common objective of assessing the complete value of risk. Therefore, it is unto organisations and businesses to choose a method that best suits their exclusive requirements (Vorster and Labuschagne, 2005). The Quantitative technique employs two fundamental factors viz.: the likelihood of an incident happening and the resultant damages that could be sustained (Rot, 2008). The approach uses a figure generated from those two factors. It is termed Expected Annual Loss (ALE) or Estimated Annual Cost (EAC), and is determined for an incident by basically computing the product of the likelihood of possible damages.

250

1st International Conference on Applied Information Technology

Octave The OCTAVE (Operationally Critical Threat, Asset and Vulnerability Evaluation) methodology is formed by the Software Engineering Institute (SEI) at the CERT Coordination Centre (CERT/CC) of Carnegie Mellon University. It is asset-centric, that is to say, it focuses on assets, as well as threats and vulnerabilities to those assets. Moreover, it jointly reflects on technical and managerial problems, as well as examines everyday use of organisation’s computing systems. Selfmotivation is among the central notions promoted by OCTAVE; whereby individuals within an organisation are required to run the entire process of assessing information security risk. This achieves a key objective of assisting organisations enhance their competence to handle and safeguard themselves from risks linked to information security. A crew comprising members from an organisation’s IT and corporate sections should be in charge of running as well as documenting the results of the risk assessment. The OCTAVE method is also seen as workshopcentric rather than tool-centric. That is to say, members in a risk analysis process require a grasp of the risk and its factors, instead of incorporating enormous security skills in a tool. The workshopcentric method promotes the notion that the organisation will surpass a tool in comprehending the risk and be able to make verdicts rather than depending on a tool. Three phases of workshop exist, which make up the OCTAVE methodology. Each of these phases is split into processes; every process takes in specific requisite activities, and every single activity in turn comprises distinct mandatory steps which are precondition for the realisation of preferred outputs. Summary of threats to various assets is the ultimate outcome upon which verdicts on risks can be centred. Every ―threat profile‖ includes information that forms the core of management verdict regarding risks, viz. prevention, mitigation, transfer, and acceptance. The OCTAVE methodology calculates the probable value of a risk using an Expected Value Matrix, to which the impact and likelihood values are usually employed since they are biased, in order to obtain a complete risk value. The formula is given below: Risk/Loss = Impact/Consequence x Likelihood/Probability OCTAVE does not execute any arithmetic calculations and hence, holds on to a value of 3 for ease and a value of 1 for accuracy. This approach makes a first-class fit for organisations that focus on ease as opposed to accuracy (Vorster and Labuschagne, 2005; Shukla and Kumar, 2012; Elky, 2006; Alberts et al., 2001).

7-9 October, 2015

Justification for Chosen Methodologies The above methodologies are qualitative. The reason for choosing them is that the quantitative approach, despite being the orthodox means of assessing risks in a number of disciplines, is not frequently employed in measuring risks to information systems. Some of the justifications to that are: recognising and allocating values to assets are tricky; and dearth of numerical data which could make calculation of frequency feasible; hence rendering it uneconomical (Elky, 2006). Consequently, the majority of risk assessment methodologies/tools presently used for information systems are qualitative. Underlying Methods of the Analyser Design After careful study of the critical steps involved in risk assessment as offered by the selected methodologies and the needs assessment of information security systems, the authors summarise the whole activity of risk assessment into four phases as represented by the different sections of the analyser. A chart summary is also included in the design to give a graphical representation of the actions for easy interpretation. Asset Classification Starting with the asset classification, it is worth noting that the information security risk assessment ultimately centres on securing the assets from security breach. Information assets are any gadgets and applications that play a role in the process of information creation, storage, transfer, dissemination or retrieval within the system together with the information itself (in whatever form – automated or non-automated). The level of security assigned each asset depends on its criticality to the organisation. Normally, the risk assessment team takes that into account and prioritise the assets by ranking each of the requirements of confidentiality, integrity and availability for every asset. The ranking could be done on a scale of 1 – 3 or 1 – 5, but the latter has been chosen as can be seen in Fig. 1. The rationale behind it is that the authors have settled on using five-level rankings each for likelihood and impact, and by implication, the risk. Therefore it becomes binding to use the same ranking level consistently throughout the exercise, as stated in (Elky, 2006). That will also enable the determination of acceptable risk level by comparing treated risk level with that of the overall security requirement of an asset. An acceptable level of risk is a reasonable state of security or defence attained by a system such that the prevailing risks are at levels that pose no noticeable harm to the mission-critical assets or the overall business goals of an organisation.

251

1st International Conference on Applied Information Technology

7-9 October, 2015

Qualitative equivalent obtained after completing all 3 requirements

Figure 1: determination of security requirements for assets It may be interesting to know why numeric values are assigned as the security requirements even when it was stated categorically that qualitative methodologies are employed in this work. It is to enable the computation of the mean (to the scale of 100) of the three individual security requirements, which is the one security requirement for an asset needed in the exercise; since it is practically impossible to combine, let alone compute the mean of qualitative values which are merely descriptions. The action is chiefly justified by the National Vulnerability Database (NVD - http://nvd.nist.gov) of the NIST; the main methodology for this work. The NVD uses a scoring system known as the Common Vulnerability Scoring System (CVSS http://nvd.nist.gov/cvss.cfm) and a vulnerability calculator. The calculator computes the numerical value for a vulnerability to a particular scale (0 10) and then gives the qualitative equivalent depending on the ranking levels employed (3 or 5). Although the NIST normally use three-level ranking, it is made clear that five-level ranking may be used.

source to successfully exercise (accidentally trigger or intentionally exploit) a particular vulnerability.‖ (Stoneburner et al., 2002) while the vulnerability, also as defined by (Stoneburner et al., 2002) is ―a flaw or weakness in system security procedures, design, implementation, or internal controls that could be exercised (accidentally triggered or intentionally exploited) and result in a security breach or a violation of the system’s security policy.‖ In the course of risk assessment, relationship often exists between threats and vulnerabilities because there can be no risk without a vulnerability which is exploitable by a threat-source and vice versa. That is so because risk has been defined as ―the exercise of a threat against a vulnerability‖ (Elky, 2006). The relationship is termed ―threatvulnerability (T - V) pairing‖. However, it is worth noting that not every threat-source can exercise vulnerability and vice versa. Therefore, care should be taken when relating threats to vulnerabilities. In order to determine the value of risk, it is necessary to get some values associated with threats and vulnerabilities respectively. Since the two are not measurable, likelihood and impact have been adopted as factors which can be measured to obtain these values.

Threat and Likelihood Determination Other vital steps in the risk assessment activity are threat and vulnerability identification respectively. A threat is ―the potential for a particular threatTable 1: Likelihood Definition for the Analyser Level Definition Very Low 1 – 20% possibility of a threat occurrence against a vulnerability Low 21 – 40% possibility of a threat occurrence against a vulnerability Medium 41 – 60% possibility of a threat occurrence against a vulnerability High 61 – 80% possibility of a threat occurrence against a vulnerability Very High 81 – 100% possibility of a threat occurrence against a vulnerability

252

1st International Conference on Applied Information Technology

Likelihood has been defined by (Elky, 2006) as ―the probability that a threat caused by a threatsource will occur against a vulnerability.‖ Impact on the other hand has been defined by (Stoneburner et al., 2002) as the unfavourable effect ensuing from ―a successful threat exercise of a vulnerability.‖ It could best be described in terms of the negative influence upon any or all of the three requirements of confidentiality, integrity and availability. These factors play very crucial roles in information security risk assessment as they are central to determining the risk. Due to limited space, full explanations of these factors cannot be given. However, their definitions are presented in Table 1 and Table 2 respectively, as they are used in the analyser.

calculation is one of the most important phases of the overall risk assessment/management programme which main goal is to evaluate the amount of risk threatening the information system of an organisation. Risk may be stated in terms of (Stoneburner et al., 2002):  The likelihood of a given threat-source’s attempting to exercise a given vulnerability  The magnitude of the impact should the threatsource successfully exercise the vulnerability  The adequacy of planned or existing security controls for reducing or eliminating risk. Before the actual risk calculation, it is indispensable to establish a ―risk scale.‖ This should importantly be the same as the levels of probability and impact that were earlier settled for. For example, if the probability and impact were assessed on a 3-level scale; Low, Medium, High, the risk should also be on the same scale (Elky, 2006). In this paper however, a 5-level scale is used as may be seen in Tables 1 and 2.

Risk Calculation Once the threats and vulnerabilities have been identified and their probabilities and impacts respectively determined, all has become complete for the risk assessment team to embark on yet another daunting task; determination of risk. Risk

systems may be caused to experience should some particular vulnerabilities be exercised.

Table 2: Impact Definition for the Analyser Level Definition Very Low

(1-20) least effect on the organisation ensuing from loss of C, I, or A

Low

(21-40) limited effect on the organisation ensuing from loss of C, I, or A

Medium

(41-60) serious effect on the organisation ensuing from loss of C, I, or A

High

(61-80) severe effect on the organisation ensuing from loss of C, I, or A

Very High

(81-100) extremely severe effect on the organisation ensuing from loss of C, I, or A

7-9 October, 2015

Risk Management Once the risk determination is completed and risk levels of different assets established, the next crucial challenge is handling or treating or mitigating or managing those risks. Risk management phase is arguably the most important aspect of the overall risk assessment/management activity. It is the ultimate task of the whole programme because the goal of every risk assessment is to identify and evaluate risks with a view to managing those risks (by any of the management options) to a well defined acceptable level. Often referred to as ―risk mitigation‖ and viewed as one half of the whole risk management, it is described as ―the process of taking actions to eliminate or reduce the probability of compromising the confidentiality, integrity, and availability of valued information assets to acceptable levels. ―(NYS, 2012) The process comprise identification & prioritisation, selection & evaluation, as well as implementation of suitably chosen control options to reduce the risk (Stoneburner et al., 2002), (Elky, 2006).

To determine the actual risk, a ―risk-level matrix‖ is required; which uses likelihood/impact pair to arrive at a risk level. The risk matrix of our analyser is presented in Table 3. The calculated risk levels in the risk matrix denote the amount of risk organisational information Table 3: Risk Determination Matrix for the Analyser Likeliho Impact od Ver Lo Mediu High Very y w m (80) High

Very Low (0.2)

253

Lo w (20 ) Ver y Lo

(40 )

(60)

Ver y Lo

Very Low 0.2 X

(100)

Very Low 0.2 X

Very Low 0.2 X

1st International Conference on Applied Information Technology

Low (0.4)

Medium (0.6)

High (0.8)

Very High (1.0)

w 0.2 X 20 =4 Ver y Lo w 0.4 X 20 =8 Ver y Lo w 0.6 X 20 = 12 Ver y Lo w 0.8 X 20 = 16 Ver y Lo w 1.0 X 20 = 20

w 0.2 X 40 =8 Ver y Lo w 0.4 X 40 = 16 Lo w 0.6 X 40 = 24

60 12

=

80 16

=

100 = 20

Low 0.4 X 60 = 24

Low 0.4 X 80 = 32

Low 0.4 X 100 = 40

Low 0.6 X 60 = 36

Mediu m 0.6 X 80 = 48

Mediu m 0.6 X 100 = 60

Lo w 0.8 X 40 = 32

Mediu m 0.8 X 60 = 48

Mediu m 0.8 X 80 = 64

High 0.8 X 100 = 80

Lo w 1.0 X 40 = 40

Mediu m 1.0 X 60 = 60

High 1.0 X 80 = 80

Very High 1.0 X 100 = 100

7-9 October, 2015

consideration, or bear in mind the business mission and objectives of an organisation prior to taking any decision on risk. That is to say, precedence must be given to the treatment of risks that have the capability to inflict substantial damage on business mission and goals of the organisation. Although there could be different alternatives to managing risks, four basic options are the most widely and acceptably used; avoidance, mitigation/limitation, acceptance/assumption and transference (Stoneburner et al., 2002; Elky, 2006; NYS, 2012; University of Oxford, 2014). RESULTS This section presents the design of our analyser. This is the result of transforming the otherwise daunting activity of risk analysis/management into the visual, interactive prototype shown in Figs. 1, 2 and 3 of this paper. It makes the activity easier, faster, accurate and more interesting. It also presents a chart summary for easy interpretation and to facilitate an informed decision on risk. Fig. 2 and Fig. 3 below show more phases of the designed analyser. The results are obtained following careful analysis of the risk assessment activities and translating them into algorithms, representing them into programs which later culminate into processes whenever in execution. Fig. 3 particularly helps team members to summarise in writing and document an activity they have carried out. It also offers information to ultimately determine whether the level of risk is acceptable. DISCUSSION Going through this paper, the reader will observe that a lot of time was dedicated to study, research into and analyse the information security risk analysis/assessment process. The actions facilitated the discovery of various methodologies and activities that lead to an effective risk assessment exercise. These findings were utilised in the design of the analyser presented in this paper, which aims to simplify and enhance the overall activity of information security risk assessment. The first figure in this paper, Fig. 1 presents the assets classification phase of our analyser. The coverage is quite complete in terms of both the identification and assignment of values to assets, as well as computation of the overall security requirements. The simplification cum enhancement are noticeable in that the users need not bother about all the computations and conversions involved in this phase, as that has been successfully handled by the analyser. All a user needs to do is select some assets from the inventory of assets within the organisation, tell the analyser how important those assets are to the organisation by assigning them security requirements based on confidentiality, integrity and availability.

Risk Scale: Very Low (1-20); Low (>20-40); Medium (>40-60); High (>60-80); Very High (>80-100)

The above matrix, is what the analyser uses to determine risks to assets. Appropriate action to take on a particular risk level depends on the criticality of the item (asset) to the organisation. Treatment of realised risks is the responsibility of an organisation if it wants to ensure continued safety of all of its assets. However, a very prudent decision should be made on the risk mitigation alternative that best suits the circumstance. As it is rather impracticable to treat or manage all risks that have been identified (Stoneburner et al., 2002), or yet again reduce the risks to a zero level (Peltier, 2005), it is paramount to respect, take into

254

1st International Conference on Applied Information Technology

Calculated risk value

7-9 October, 2015

Mitigation Risk after

Figure 2: Risk determination and management

Button to update the chart after possible changes Figure 3: Chart summary of the overall activity

255

1st International Conference on Applied Information Technology

7-9 October, 2015

Figure 4: NIST Methodology Architecture (Stoneburner et al., 2002)

256

1st International Conference on Applied Information Technology The analyser then takes the work from there and computes the mean to the scale of 100 to get the overall security requirement for an asset as well as convert that result to a qualitative equivalent. It also copies the details of an asset together with its qualitative security requirement to the risk assessment/management phase where it is needed for proper risk analysis and management. The risk assessment/management phase represented in Fig. 2 does much of the work of this analyser, since it handles the work of computing the level of risk to an asset and moving to reduce the risk to an acceptable level. It could be recalled that the likelihood and impact are the factors of risk. So the values are needed to determine the risk level for every single asset of the organisation. When the user supplies the likelihood and impact values, the analyser takes these values and applies the risk matrix to determine the risk level. The simplification here is that the user is relieved of the burden to make the computation that leads to determining the risk. Furthermore, the user can go ahead to select one from among the list of controls and applying it to the risk with a view to reducing the computed risk to an acceptable level. The user in this case, only selects a control to apply but may be oblivious of what the analyser has to do to bring down the level of risk. That is, the user only makes the selection but the analyser takes the burden of evaluating the applied control to determine by how many levels should the risk value be reduced and/or whether the reduction is necessary. This is a remarkable enhancement in the risk assessment process offered by our analyser. The final phase of our analyser is called the bar chart. Although not a part of the risk assessment activity in reality, it plays a role in that it simplifies the summarisation and documentation of the activity. Normally, there is need to report every risk assessment activity that has been conducted. Therefore, the bar chart shown in Fig. 3 offers a summary that provides a complete, graphical representation of the outcome of the whole activity which the risk assessment team can use to easily compile their report. The process is simplified and enhanced by this phase in that pictures are unambiguous, easily and better interpreted with little or no errors compared to texts that are involved in the normal risk assessment activity.

7-9 October, 2015

calculating and appropriately responding to risks facing IT systems of organisations REFERENCES Alberts, C. J., Dorofee, A. J., Allen, J. H. 2001. OCTAVE SM. Baskerville, R. 1993. Information systems security design methods: implications for information systems development: ACM Computing Surveys (CSUR), v. 25, p. 375-414. Behnia, A., Rashid, R. A., Chaudhry, J. A. 2012. A survey of information security risk analysis methods: Smart Computing Review, v. 2, p. 79-94. Elky, S. 2006. An introduction to information systems risk management. Goel, S., Chen, V. 2005. Information security risk analysis—a matrix-based approach: Proceedings of the Information Resource Management Association (IRMA) International Conference. Im, G. P., Baskerville, R. L. 2005. A longitudinal study of information system threat categories: the enduring problem of human error: ACM SIGMIS Database, v. 36, p. 68-79. Karabacak, B., Sogukpinar, I. 2005. ISRAM: information security risk analysis method: Computers & Security, v. 24, p. 147-159. Khan, M. A., Hussain, M. 2010. Cyber security quantification model: Proceedings of the 3rd international conference on Security of information and networks, p. 142-148. Lee, M.-C. 2014. Information Security Risk Analysis Methods and Research Trends: AHP and Fuzzy Comprehensive Method: International Journal of Computer Science. NYS, 2012, Cyber Security: Risk Management Guide. [ONLINE] Available at: http://www.dhses.ny.gov/ocs/localgovernment/documents/Risk-Management-Guide2012.pdf. [Accessed 10 February 14]. Peltier, T. R. 2005. Information security risk analysis, CRC press. Rabai, L. B. A., Jouini, M., Nafati, M., Aissa, A. B., Mili, A. 2012. An economic model of security threats for cloud computing systems: Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), 2012 International Conference on, p. 100-105. Razzaq, A., Hur, A., Ahmad, H. F., Masood, M. 2013. Cyber security: threats, reasons, challenges, methodologies and state of the art solutions for industrial applications: Autonomous Decentralized Systems (ISADS), 2013 IEEE Eleventh International Symposium on, p. 1-6. Rot, A. 2008. IT risk assessment: quantitative and qualitative approach: Resource, v. 283, p. 284. SANS 2003. Accessing Threats to Information Security in Financial Institutions, Version 1.4 Schneider, R. M. 2010. A comparison of information security risk analysis in the context of e-government to criminological threat assessment techniques: 2010 Information Security Curriculum Development Conference, p. 107-116.

CONCLUSION Through this work, different approaches and methodologies to risk assessment have been successfully and comprehensively explored, respectively. The authors also comprehensively analysed the various methodologies and chose the best for the analyser. The paper successfully researched techniques for risk determination and presented risk calculation matrix as a guide to computing the level of risk. Different risk mitigation options as well as techniques to evaluate when a selected mitigation option is effective or when a level of risk is acceptable were also explored and the relevant used in our analyser. As the grand contribution of this work, the authors have successfully designed and implemented an operational Information and Cyber Security Threat Analyser; a functional risk analysis prototype that will assist with

257

1st International Conference on Applied Information Technology Shukla, N., Kumar, S. 2012. A Comparative Study on Information Security Risk Analysis Practices: IJCA Special Issue on Issues and Challenges in Networking, Intelligence and Computing Technologies ICNICT, v. 3, p. 28-33. Stoneburner, G., Goguen, A., Feringa, A. 2002. Risk management guide for information technology systems: Nist special publication, v. 800, p. 800-30. Suh, B., Han, I. 2003. The IS risk analysis based on a business model: Information & Management, v. 41, p. 149-158. Taubenberger, S., Jürjens, J., Yu, Y., Nuseibeh, B. 2013. Resolving vulnerability identification errors using security requirements on business process models: Information Management & Computer Security, v. 21, p. 202-223. TREATY, N. A. nd. Improving Common Security Risk Analysis. University of Oxford, 2014. Risk Assessment of Information. [ONLINE] Available at: http://www.it.ox.ac.uk/infosec/istoolkit/riskassessmentofi nformation/. [Accessed 20 August 14]. Taiwo, .O., Tajudeen, J., Ebenezer, Y. 2011. Electronic Payment System in Nigeria: Implementation, Constraints and Solutions. Journal of Management and Society. 1, 2, 16-21. Thavani, T., Pranav, P. 2008. Trustworthy Semantic Web Technologies for Secure Knowledge Management. IEEE/IFIP International Conference on Embedded and Ubiquitous Computing. 978-0-7695-3492-3/08. Theodosios, T., George S. 2005. The Concept of Security and Trust in Electronic Payments. Computers and Security. 24, 10-15. Thusitha, M., Jim, W. 2009. An Ontology-Based Approach to Enhance Querying Capabilities of General Practice Medicine for Better Management of Hypertension. Artificial Intelligence in Medicine. 47, 87103. Van Leeuwen, B., Urias, V., Eldridge, J., Villamarin, C., Olsberg, R. 2010. Cyber security analysis testbed: Combining real, emulation, and simulation: Security Technology (ICCST), 2010 IEEE International Carnahan Conference on, p. 121-126. Vorster, A., Labuschagne, L. 2005. A framework for comparing different information security risk analysis methodologies: Proceedings of the 2005 annual research conference of the South African institute of computer scientists and information technologists on IT research in developing countries, p. 95-103.

7-9 October, 2015

Wang, J., Lui, J., Li, X., Kou, W. 2009. Fair E-Payment Protocol Based on Blind Signature. The Journal of China Universities of Posts and Telecommunications. 16, 5, 114118. Yazar, Z. 2002. A qualitative risk analysis and management tool–CRAMM: SANS InfoSec Reading Room White Paper Yu, T., Wu, G. 2007. Determinants of Internet Shopping Behavior: An Application of Reasoned Behaviour Theory. International Journal of Management. 24, 4, 744-762, 823. Zhen, L., Shunsheng, G., Yingsong, Y., Libo, S. 2014. Ontology Representation of Online Shopping Customers Knowledge in Enterprise Information. Applied Mechanics and Materials. 403, 603-606.

258

1st International Conference on Applied Information Technology

7-9 October, 2015

A PROPOSED HEALTH CARE INSURANCE FRAUD AND ABUSE DETECTION SYSTEM IKUOMOLA ADERONKE J. Ondo State University of Science and Technology, Okitipupa. [email protected] ABSTRACT: Due to the complexity of the processes within healthcare insurance systems and the large number of participants involved, it is very difficult to supervise the systems for fraud. The healthcare service providers’ fraud and abuse has become a serious problem. The practices such as billing for services that were never rendered, performing unnecessary medical services and misrepresenting non-covered treatment as covered treatments etc. not only contribute to the problem of rising health care expenditure but also affect the health of the patients. Traditional methods of detecting health care fraud and abuse are time-consuming and inefficient. In this paper, the health care insurance fraud and abuse detection system (HECIFADES) was proposed. The HECIFADES consist of six modules namely: claim, augment claim, claim database, profile database, profile updater and updated profiles. The system was implemented using Visual Studio 2010 and SQL. After testing, it was observed that HECIFADES was indeed an effective system for detecting fraudulent activities and yet very secured way for generating medical claims. It also improves the quality and mitigates potential payment risks and program vulnerabilities. Keywords: Claims, Fraud, Detection System, Healthcare, Insurance characteristics of a claim without paying attention to the comprehensive picture of a provider’s behavior (Rashidian et al., 2012). This method is time-consuming and inefficient. Due to the complexity of the processes within healthcare insurance systems and the large number of participants, it is very difficult to supervise healthcare insurance systems for fraud and abuse. Detecting service provider’s fraudulent and abuse, needs intensive medical knowledge and currently the task is often conducted by experts that manually review insurance claims and identify suspicious ones. Therefore, an effective fraud detection system is necessary for improving the quality and reducing the cost of health care services. In order to assure the healthy operation of a healthcare insurance system, fraud and abuse detection mechanisms are imperative. In this work, a healthcare insurance fraud and abuse detection system is proposed. The system is capable of detecting service providers who are practicing inappropriately, such as those who perform more services more than necessary, see their patient more often than warranted or even bill non-rendered services. The development of this system will overcome the limitation of existing approaches.

INTRODUCTION Electronic health records and growing use of computerized systems has led to newly emerging opportunities for better detection of fraud and abuse (Joudaki et al., 2015). Frauds occur in different forms, and are conducted by different participants of the healthcare domain: patients, suppliers of medicine and medical technical devices, and medical service providers, etc. Therefore, insurers’ investigators are not only fighting fraud in the narrow sense of the word, but also losses, caused by anomalies, bad practices, errors, irregularities, abuse and insufficient control. Health care fraud is an intentional deception used in order to obtain unauthorized benefits (Busch, 2007; NHCAA, 2001). Health care abuse is produced when either the provider practices are inconsistent with sound fiscal, business or medical practices, and result in an unnecessary cost or in reimbursement of services that are not necessary medically or that fail to meet professionally recognized standards for health care (NHCAA, 2001). Health insurance systems are either sponsored by governments or managed by the private sector, to share the health care costs in those countries (Yang and Hwang, 2005; Opit, 1984). Processing medical claims is an exhausting manual task that involves analysis, checking, resolution and audit of high volumes of medical claims daily within a limited period of three days from their reception. These control activities are done by few medical experts who have the responsibility of approving, modifying or rejecting the subsidies solicited. In traditional methods of health care fraud and abuse detection, a few auditors handle thousands of paper healthcare claims. In reality, they have little time for each claim, focusing on certain

Fraudulent and Abusive Acts The common fraudulent and abusive behaviour pertaining to the three parties (service providers, insurance subscriber’s and insurance carriers) involved in healthcare insurance services cannot be overemphasized. The service providers fraud and abuse include: billing for services that were never rendered, performing more expensive services and procedures, performing unnecessary medical services solely for the purpose of generating insurance payments, misrepresenting non-covered

259

1st International Conference on Applied Information Technology treatment as necessary medically covered treatment for the purposes of obtaining insurance payments and falsification of patients diagnosis and/or treatment histories. The insurance subscriber’s fraud and abuse include: misrepresenting application for obtaining lower premium rate, falsification of records of employment/eligibility and falsification of medical claims. The insurance carrier’s fraud and abuse include: falsification of reimbursements and benefit/ service statements. LITERATURE REVIEW A study for fraud indicators and rules from the knowledge and experience of human experts to develop a computer-based expert to facilitate the work of insurance carriers were carried out by Herb and Tom (1995). A neural networks was used by Brockett et al. (1998) to classify fraudulent and non-fraudulent claims for automobile bodily injury in healthcare insurance claims. The classification algorithm C4.5 was applied for fraud and abuse detection by using the discovered temporal patterns as predictive features. Some data mining-based approaches which can be used to extract medical knowledge for diagnosis,3.1 screening, prognosis, monitoring, therapy support or overall patient management were presented by Lavrac (1999). Wei et al. (2000) and Hwang et al. (2004) presented a temporal pattern mining algorithms to identify a set of frequent temporal patterns gathering insurance claim instances about pelvic inflammatory disease from regional hospitals in Taiwan. Tasks performed in support of a data mining project for Health Care Financing Administration (HCFA) such as customer discussions, data extraction and cleaning, transformation of the database, and auditing of the data was described in Sokol et al. (2001). Shapiro (2002) in his overview applied the merger of neural networks, fuzzy logic and genetic algorithms to the insurance industry. A data mining framework that uses the concept of clinical pathways (or integrated care pathways) was utilized for detecting unknown fraud and abusive cases in a real-world data set gathered from the National Health Insurance (NHI) program in Taiwan (Yang and Hwang, 2005). A supervised method was used by Liou et al. (2008) to review claims submitted to Taiwan’s National Health Insurance for diabetic outpatient services. The authors selected nine expense-related variables and compared them in two groups of fraudulent and non-fraudulent claims for building the detection models. The input variables were average drug cost, average diagnosis fee, average amount claimed, average days of drug dispense, average medical expenditure per day, average consultation and treatment fees, average drug cost

260

7-9 October, 2015

per day, average dispensing service fees and average drug cost per day. They further compared three data mining methods including logistic regressions, neural networks and classification trees for the detection of fraudulent or abusive behavior. Liou et al. (2008) concluded that while all three methods were accurate, the classification tree model performs the best with an overall correct identification rate of 99%. Shin et al. (2012) carried out a study to identify abuse in 3705 internal medicine outpatient clinics'. In their study, they gathered data from practitioner outpatient care claims submitted to a health insurance organization. The authors calculated a risk score for indicating the degree of likelihood of abuse by the providers; and then classified providers using a decision tree. The advantage is that they used a simple definition of anomaly score and extracted 38 features for detecting abuse. Ekina et al. (2013) applied Bayesian co-clustering methods to identify potential fraudulent providers and beneficiaries who might have perpetrated a “conspiracy fraud.

METHODOLOGY Architecture of a health care insurance fraud and abuse detection system (HECIFADES) The architecture of HECIFADES is presented in figure 1. The HECIFADES consist of six components namely: claim, augment claim, claim database, profile database, profile updater and Updated Profiles.

Figure 1: Architecture of a health care insurance fraud and abuse detection system (HECIFADES) System Architecture (a) Claim: A medical claim typically includes data such as date of service, performing provider (as well as billing and referring providers), amount paid, patient ID, service-code, diagnosis codes, etc. (b) Augment Approach: medical claims are evaluated using repeated service and/or pair wise

1st International Conference on Applied Information Technology

7-9 October, 2015

co-occurrence approach to derive an augmented claim record. (c) Claim Database: usually found in the healthcare line of insurance either follows the professional services standard format, the facilities standard format or the dental standard format. (d) Profile Database: includes profiles of providers, clients, and provider/client pairs. (e) Profile Updater: The augmented claim records are combined with the profiles database to update the profiles according to profile updater. (f) Updated Profiles: are sent to a scoring/analysis engine (e.g., a predictive model) so that a decision can be made whether to investigate suspicious activity, either at the claim, client, or provider level.

Choice of Software Tools Visual Studio 2010 was chosen as the application programming language for the development of the GUI and the front-end applications. Similarly, SQL was chosen as the choice language for our back-end applications. Internet Information System 7 (IIS 7) and Entity Framework 5 are other software requirements that support the running of developed system.

Conceptual Flow In figure 2, the provider provides a service to client. A transaction record of the service is submitted as claim to, e.g., a health insurance company for reimbursement. Analysis engine scores the claim to determine the likelihood that the claim is fraudulent. The claim and score are provided to a claims analyst. If the score is below a certain threshold, the claim is reimbursed or otherwise disposed of without investigation. If the score is above the threshold, the claim, the client, and/or the provider are further investigated for fraudulent activity. Depending on the outcome of the investigation, the claim is either reimbursed or not.

Database Model and Structure Figure 3 show the database model and structure while figure 4 shows the class diagram of the HECIFADES design.

Choice of Hardware Tools This project works fully with the following hardware components: a Pentium® Dual-Core CPU, 256MB RAM, 10GB HDD and at least 1200MHZ processor’s speed.

Claims ClaimId InsurerId ProviderId ServiceId HospitalId Amount Date MedicalBillNo Status Comment

FK_Claims_Insurers FK_Claims_Services FK_Claims_Hospitals

FK_Claims_Providers

Hospitals HospitalId

StandardRates

Name

Id

Address StateId City

HospitalId FK_StandardRates_Services

Services

FK_StandardRates_Services1 ServiceId

ServicesId

Name

Rate

PhoneNo

FK_HospitalServices_Services FK_HospitalServices_Hospitals

Insurers

HospitalServices

InsurerId

Id

Surname

HospitalId InsurerId ServiceId Charges Date ProviderId

OtherName

Providers FK_HospitalServices_Providers

Sex

ProviderId ProviderNo Name

Address FK_Insurers_Providers

MedicalBillNo

StateId City DateOfBirth ProviderId

Figure 3: Database Model and Structure

Figure 2: Flow Chart of a Health Care Insurance Fraud and Abuse Detection

IMPLEMENTATION AND SYSTEM PERFORMANCE In this section the HECIFADES design was implemented based on the following software and the hardware requirements.

Figure 4: Class Diagram

261

1st International Conference on Applied Information Technology

7-9 October, 2015

User Interface Interfaces of the HECIFADES design shows the home page, setup, operation, report, contact and help menu respectively. The hospital setup interface as shown in figure 5, is where the hospital name, address, city id, phone number are been created while figure 6 shows the hospital standard service rate setup where the hospital name, the service render and the rate for each services are been created.

Figure 7: Provider Setup

Figure 5: Hospital Setup

Figure 8: Insurer Setup Data about the service render by the hospital are created under the operation menu of the HECIFADES as shown in figure 9. The data entered include hospital name, insurer id, types of service render, charges, date in which the service was rendered, provider name and medical id number.

Figure 6: Hospital Standard Service Rate Setup Figure 7 shows the provider setup where the provider number and name are been created while figure 8 shows the insurer setup interface where the insurer surname, other name, sex, address, state, city, date of birth and provider name are entered.

Figure 9: Operation - Hospital Services The report generated on services provider, hospital standard rate, hospital services, list of insurer and claims are shown in figure 10, 11, 12, 13 and 14 respectively.

262

1st International Conference on Applied Information Technology

7-9 October, 2015

Figure 14: Report on Claims

Figure 10: Report on Services Provider

CONCLUSION As more people commit health care fraud, the more complex types of fraud are been created. This study has presented architecture for health care insurance fraud and abuse detection. The new design targeted at minimizing fraudulent activities and abuse of claims found in health care insurance. The system detects, prevents and decreases improper payments associated with fraud, and also improves the ability to identify and mitigate potential payment risks and program vulnerabilities. The best way to prevent health care fraud and abuse is to address these issues now, and in order to do so it is expected that in future mobile devices (e.g., smartphone, tablet PC’s, etc) which are increasingly becoming an essential part of human life which is the most effective and convenient communication tools will be incorporated into the health care insurance system. It might also be necessary that cloud technology will be adapted to health care insurance.

Figure 11: Report on Hospital Standard Rate

REFERENCES Brockett P. L., Xia X., Derrig R. A. (1998): “Using Kohonen’s self-organizing feature map to uncover automobile bodily injury claims fraud,” The Journal of Risk and Insurance, 65(2), 245–274. Busch, R. S. (2007). Healthcare fraud: auditing and detection guide. New Jersey: John Wiley and Sons, Inc. Ekina, T., Leva, F., Ruggeri, F., & Soyer, R. (2013). Application of Bayesian Methods in Detection of Healthcare Fraud. In Chemical Engineering Transaction, 33. Herb W., Tom M. (1995): “A scientific approach for detecting fraud,” Best’s Review, 95(4), 78–81 Hwang S. Y., Wei C. P., Yang W. S., (2004): “Process mining: Discovery of temporal patterns from process instances,” Computers in Industry,53(3), 345-364. Joudaki H., Rashidian A., Minaei-Bidgoli B., Mahmoodi M, Geraili B., Nasiri M., Arab M. (2015). Using Data Mining to Detect Health Care Fraud and Abuse: A Review of Literature. Global Journal of Health Science; 7(1).

Figure 12: Report on Hospital Services

Figure 13: Report on List of Insurer

263

1st International Conference on Applied Information Technology

7-9 October, 2015

health insurance claims. Expert Systems with Applications, 39(8), 7441-7450. Sokol L., Garcia B., West M., Rodriguez J., Johnson K. (2001): “Precursory steps to mining HCFA health care claims,” Proceedings of the Hawaii International Conference on System Sciences, Hawaii, 6019. Sokol L., Garcia B., Rodriguez J.,West M. Johnson K.(2001): “Using data mining to find fraud in HCFA health care claims, “Top Health Information Management, 22(1),1-13 Wei C. P., Hwang S. Y., Yang W. S. (2000): “Mining frequent temporal patterns in process databases,” Proceedings of International Workshop on Information Technologies and Systems, Australia: Brisbane, 175-180, Yang W. S. A, Hwang S. Y. (2005): “A processmining framework for the detection of healthcare fraud and abuse,” Expert Systems with Applications, Article in Press.

National Health Care Anti-Fraud Association (NHCAA) (2005): Health care fraud, “Health care fraud: A serious and costly reality for all Americans”. Available on http://www.nhcaa.org, April 2005. Opit L. J. (1984): “The cost of health care and health insurance in Australia: Some problems associated with the fee-for-service,” Soc. Sci. Med. 18(11), 967–97. Rashidian, A., Joudaki, H., Vian, T. (2012). No Evidence of the Effect of the Interventions to Combat Health Care Fraud and Abuse: A Systematic Review of Literature. PlOS One, 7(8). Shapiro A.F. (2002): “The merging of neural networks, fuzzy logic, and genetic algorithms,” Insurance: Mathematics and Economics, 31, 115– 131. Shin, H., Park, H., Lee, J., Jhee, W. C. (2012). A scoring model to detect abusive billing patterns in

264

1st International Conference on Applied Information Technology

7-9 October, 2015

A Descriptive Ontological Approach for Enhancing E-Payment Shopping Basket 1

O. R. Vincent, 2A. Owoade, 3A. F. Adekoya, 4A. M. Shittu

1, 2

Department of Computer Science, Federal university of Agriculture Abeokuta 3 Department of Computer Science, Lagos State University, Ojo, Lagos 4 Department of Agricultural Economics, Federal university of Agriculture Abeokuta 2 1 [email protected], [email protected], [email protected], [email protected] Abstract: Details and specific features of products such as quantity, price, shopping and payment methods are apparently still lacking in the current on-line shopping. The rigour of scatter information always results in waste of time. Antonio accepted this fact that there is need to improve and expand the specification of the payment systems. An e-payment system should be reliable, acceptable, efficient, convenient, scalable, secured and more importantly, speed up business transactions. This paper introduces the concept of e-basket with ontology to combat some of these problems. The paper uses ontology to enables customers to do business without any barrier interoperability and availability of shopping details by developing ontology in protégé which communicate with Jena in order to generate OWL/RDF for a semantic page. Non-semantic web, semantic web with negotiation and non- semantic web without negotiation were considered for evaluation. Performance shows that semantic web without negotiation had a minimum time taken. The time spent and cost during transaction reduced spontaneously therefore access was also increased. Keywords: E-Payment, Ontology, Owl representation and Shopping basket. merchant and customers before prices are concluded (Antonio, 2012). Attempts were made by different researchers such as; pyaepyae (2008) presented secure e-payment system with the fact that it must be secured for transaction purpose. The security architecture of the system was designed by RC5 encryption/decryption algorithm which eliminates the fraud that occurs with stolen credit card numbers. Javier (2002) worked on how details and specific features of each electronic payment system were ignored and the need for customer to know how epayment is executed ontology was used for this purpose. Antonio (2012) argued on the need to have a uniform payment protocol so that vendors and service provider that might want to obtain benefits by charging for their electronic contents and services. Despite all attempts, they have not been able to solve all these problems and none has focussed transaction process in e-basket.

INTRODUCTION Electronic shopping allows customer to perform business without barriers of distance and time It therefore saves energy, enables comparison of price, fast, and users have easy access to online products (Butler and Peppard 1998; Yu and Wu 2007; Panagiotis, 2009; Changsu et al, 2010). Sequel to this, customers are motivated on on-line business transaction which includes payment with electronic cash, prepaid cards, electronic check and debit card, etc. However, there are difficulties like intangibility of product, technology problem, bothersome of e-mail, and unsecured payment which inhibits them from getting along (Chayapa, 2011). The bottleneck of getting germane information when searching poses problems to customers (Franziska and Kertin, 2010). The success of online shopping would therefore lies on proper customer-orientation which may also serve as an improvement of customer satisfaction and loyalty (Zhen et al, 2014). Although security of issue of on-line shopping is a concern of many customers, it has been minimised through cryptographic mechanisms but, the details and specific features of products, quantity, price, shopping and payment methods are apparently still lacking. The rigour of scatter information always results in waste of time. Antonio accepted this fact that there is need to improve and expand the specification of the payment systems (Antonio 2012). An e-payment system should be reliable, acceptable, efficient, convenient, scalable, secured and more importantly, speed up business transactions (Changsu et al, 2010). Another issue of concern is the worsen latency experience in automated negotiation. When negotiation is involved in on-line payment, the time taken may sometimes be greater than the traditional offline payment system (Javier, 2002). Negotiation involves sending several messages to

Ontology is defined as a formal, explicit specification of a shared conceptualization (Studer, 1998; Gruber and Borst, 1998). The main benefits of using ontologies are that it enables the developer to reuse and share application domain knowledge using a common vocabulary across heterogeneous software platforms. Ontology can be used to overcome some of these inaccuracies (Javier, 2002). Ontology defines the basic terms and relations comprising the vocabulary of a topic area as well as the rules for combining terms and relations to define extensions to the vocabulary (Neches et al, 1991); Negotiation needs to be avoided so that customers can perform transaction without delay and this will help in accomplishing transaction in good time and also reduce cost.

266

1st International Conference on Applied Information Technology This study is introducing the concept of e-basket. Ebasket is a piece of e-commerce software on the web server that allows customer creates transactions’ orders which are necessary for efficient and effective handling and managing online-purchases of goods and services. It is used in payment settlement and also provides the technological platform for products selection, accumulation of selected products, computation of total purchase amount, associated taxes and shipping rates, selection of payment mode and third-party payment with submission of orders. (Ninad et al, 2014). E-basket entails effective and efficient capturing of full information, transaction process and also to maintain a semantic conversation with buyer. In other to facilitate this, ontology is used to enhance the functionality of the e-basket. The use of ontology would enable sharing of common understanding of information among human and software agents, facilitate interoperability among the terms, attributes, relationships, meaning and sequence of interactions involved between various components e-shopping.

customer during transaction. That is, it wastes customer’s time. However, there is need to avoid negotiation and expand the specification and details about payment system. The need to have a uniform payment protocol for vendors and service provider was recently proposed. The work was on a model to obtain benefits by charging for electronic contents and services which might need to offer different payment protocols to make payment. The research presented an approach built on the set of generic payment protocol for supporting payment with different protocols and also involves negotiation with the vendor. The approach facilitates the discovery of payment information associated to electronic contents and services and performance of the payment process in a uniform way. It also aids reusability and increase user’s trust. It intends to broadly extend and improve specification and main component defined in the payment schemas, payment ontology and wallet API (Antonio, 2012). Different payment frameworks appeared but none provided a comprehensive solution to the payment protocol to perform the purchase. PyaePyae in 2008 presented e-payment system with the fact that it must be secured for client such as customer and shop owners. The security architecture of RC5 encryption/decryption algorithm eliminates the possibility of fraud that occurs with stolen credit card numbers. The system used simple user name, password, user ID, and user type and cipher authentication mechanism for identification. The secure e-payment system enabled the authorized owner to use the system, and allow administrator to get desired reports and other management activities. Singh discussed how emergence e-commerce created new financial needs that cannot be fulfilled by the traditional payment. He also classified electronic payment system into four; online credit card payment system, online electronic cash system, electronic cheque system and smart cards based electronic payment system. E-payment was distinguished based on what is transmitted over the network and analysed the difference of each electronic payment system by evaluating their requirement (Singh, 2009).

RELATED WORKS Previous research works have been carried out on payment system using semantic web technology but ontologies representation were only concentrated on payment system and not shopping process. Javier and Antonio et al in 2002 and 2012 works respectively, were closely related to this concept, presenting ontological approach to electronic payment system but considered electronic products and services. The two ontologies involved negotiation protocol, which consumes potential time of customer. Chayapa in 2011 discussed how customers were been motivated towards online shopping. Offline and online decision making were compared and also identified factors responsible for customer to decide whether to purchase online or not. Some of the factors are unsecured payment, slow shipping, intangible of online product etc. Maximum security during transaction must be ensured. Javier 2002 also discussed about essence of security during payment which cryptography technique was applied in solving the problem. But customers still have issues with not knowing details of payment made during transaction. Due to this ontology was used in resolving this issues but application of automated negotiation in the system serve as delay for potential

ONTOLOGY-BASED E-PAYMENT SYSTEM The architecture for the system is illustrated in figure 1.

Checkout

search

USER

7-9 October, 2015

Shopping list select

Register or Login

ATM OR PoS

Confirmation

Teller

Payment at delivery feedback

267

Basket

Figure 1: Architecture for Electronic Shopping Basket and Payment Methods

1st International Conference on Applied Information Technology

Customer/User: this is the potential user of the internet that searches/browses through the web for goods wanted to purchase with affordable price, quality wanted and description of the product shopping list. This is where the list of item in stock is displayed for customer to view the price and description about the goods.

7-9 October, 2015

selected the goods and satisfied with the price, the total amount will be displayed on checkout. Basket: this enables customer that wants to purchase on the internet to select items, to also accumulate a list of items for purchase “add to basket”, after selection of items. This is added up automatically and the total is displayed. Shipping cost and tax are included.

Check out: this is updated through the shopping list from the item database. Once the customer have

BASKET Add product

update

PRODUCT IS ADDED

View basket

CUSTOMER VIEW

CUSTOMER Delete product request Customer change /add more

Feedback

delete

CUSTOMER WISHES TO DELETE

CUSTOMER CHANGE/ADD MORE PRODUCT

BASKET DATABASE

update Change update

Figure 2: The Shopping Basket Registration/Authentication: once the customer is satisfied with goods ordered for, the buyer will be ask to register if new or sign-in of existing customer with email. For new customer the following information will be requested like first name and surname. Existing customer can login with their e-mail to view their account details such as; current order, order history, reordered items, and also update their information etc. Mode of payment determines the type of payment the customer wants to use in making payment to the seller. E-payment database contains information about payment, Items in shopping list, basket information and customer information showing relationship between all the databases. Payment confirmation is done once payment has been made; the payment information or alert is sent to the merchant and also the customer. Feedback gives the status of the goods purchased by customer which is sent through e-mail.

ontology at the knowledge level. The main purpose of ontology concept is to describe the elements in table 1, showing the terms and vocabulary, their relationships and the rules of the given domain. Algorithm 1: The Basket Algorithm for E-Shopping Input: Quantity, add_Item Output: Mode of payment, payment confirmation Step 1: Display B details Step 2: I, Q Step 3: if I is added Then MP Elseif I is deleted Then return to S Elseif More I added then return to B else payment confirmation to customer

Ontology for E-Shopping and Payment The ontology for electronic shopping and payment is based on in figure 1. This enables the construction of

268

1st International Conference on Applied Information Technology

7-9 October, 2015

Table 1: The excerpt from Glossary of terms of Electronic shopping and payment systems Ontology Products

Goods

--

Items purchased by Customer Description or specification of goods Cost of the goods or product Price per product

Description

Requirement

--

Price

Sale details

--

Rate

--

Quantity

Number of item

--

Basket

Cart

--

Check out

--

--

ATM

--

Discount

Credit card Debit card --

--

Discount can be given to customer on product purchased

Delivery details

--

--

Delivery mode

--

Delivery date

FEDEX DHL --

Delivery of product location with details Means of delivery

--

Date of delivery

Delivery time

--

--

Time of delivery

Delivery location

--

--

Place to deliver goods

Acknowledgement

Remark

--

Receipt of payment and supply of goods

Quantity of goods to purchase Carrying or keep product Display of product added to basket Type of payment

at

Concept Instance Attribute Instance Attribute Instance Attribute Instance Attribute Instance Attribute Instance Attribute Instance Attribute Instance Attribute

Concept Instance Attribute Instance Attribute Instance Attribute Instance Attribute Concept

Web Comparisons Non-Semantic web: For non-semantic, processes of searching the World Wide Web through search engine returns different list of goods related to the product in need by customer. This consumes customer’s precious time for not getting the exact product at once. Semantic web with negotiation: The processes of searching the web through search engine return the exact product in need of and not a large number of items. Customer can easily get what they want at real time or immediately after browsing through the world wide web for a particular product using semantic method of meta data. It is also precise and gives description about the products. The involvement of negotiator to complete transactions consumes customer’s precious time. Semantic web without negotiation: Figure 4 shows that it is very fast and customer can easily get what they want at real time or immediately after browsing through the web for a particular product using semantic method of meta data. Since this did not involve any negotiator it

IMPLEMENTATION AND EVALUATION This work is analysed based on the subclass, properties of the domain ontology, attributes and relations. A communication of protégés with Jena was used to generate web ontology language called owl which was further accessed to develop the domain ontology. The Owl showing relationship among classes and subclasses of the proposed basket in e-payment is represented using ontology in figures 3. Figure 4 describes a Jambalaya’s representation showing properties and relationships among classes and subclasses in basket ontology. It appropriates Jambalaya’s classes as nodes, and slots in arcs. In figure 4, the basket owl shows a semantic web representation of e-shopping and payment system displaying its representation on the web. It shows the classes, objects, data type properties, annotation properties.

269

1st International Conference on Applied Information Technology saves customer’s time. It is also precise and gives description about the products. Flexibility: Semantic web without negotiation worked effectively and moderately. It has been made flexible to

7-9 October, 2015

contain payment at delivery and use of teller to encourage customer that are still having issues with electronic payment security.

Figure 3: Jambalaya Relationships of Owl among Shopping Classes

Figure 4: The Basket Owl

270

1st International Conference on Applied Information Technology

7-9 October, 2015

Table 2: The Shopping Basket Title 2001 sales & marketing letters

Price NGN 700.00

DISPUTE RESOLUTION

1

Subtotal NGN 700.00

Delete

NGN 700.00

1

NGN 700.00

Delete

LEARNING FLASH 5

NGN 800.00

1

NGN 800.00

Delete

ACTIVE SERVER PAGES TRAINING LEARNING FRENCH

NGN 700.00

1

NGN 700.00

Delete

NGN 700.00

2

NGN 1,400.00

Delete

PRACTICE MAKES PERFECT FRENCH C++ TRAINING(CD-ROM 1)

NGN 700.00

3

NGN 2,100.00

Delete

NGN 700.00

1

NGN 700.00

Delete

MASTERING QUICKBOOKS 2002 (2CDs MATHS BLASTER

NGN 700.00

2

NGN 1,400.00

Delete

NGN 700.00

1

NGN 700.00

Delete

MULTIMEDIA CALCULUS 1

NGN 700.00

2

NGN 1,400.00

Delete

Die By The Sword

NGN 700.00

3

NGN 2,100.00

Delete

ADOBE PHOTOSHOP 6.0 CLASSROOM IN A BOOK CHILDREN’S BIBLE STORIES

NGN 700.00

2

NGN 1,400.00

Delete

NGN 700.00

5

NGN 3,500.00

Delete

MATHS ADVANTAGE 2000 (PREALGEBRA, ALGEBRA & GEOMETRY INTRODUCTION TO VISUAL BASIC THE FAMILY BIBLE EXPERIENCE MULTIMEDIA BUSINESS WRITTING Java

NGN 700.00

3

NGN 2,100.00

Delete

NGN 700.00

3

NGN 2,100.00

Delete

NGN 700.00

2

NGN 1,400.00

Delete

NGN 700.00

2

NGN 1,400.00

Delete

NGN 700.00

2

NGN 1,400.00

Delete

EASY TUTOR LEARN COMPUTING

NGN 700.00

3

NGN 2,100.00

Delete

271

Quantity

1st International Conference on Applied Information Technology

Figure 8 and 9 illustrate the comparison between the three webs which are non-semantic web, semantic web with negotiation and semantic web without negotiation. The time taken by each web is displayed at five different occasions. From the figures 8 and 9, it clearly shows that from the least square method, semantic web without negotiation has the lowest total number of time taken (384 minutes) than semantic web with negotiation (695 minutes). This indicated that semantic web without negotiation performed better.

7-9 October, 2015

Time taken

Semantic web with Semantic Negotiati web with NonNegotiation, 40, Semantic Semantic on, 35, 50 Web Semantic Semantic NonNonweb with 45 web with Semantic web Semantic Semantic Semantic Negotiati Negotiati Nonweb with without web Web, 35, Semantic on, 30, Web, 40, Semantic Semantic Semantic on, 25, Negotiati Semantic Negotiati without 34 web Non33 33 web web with 30Web, on,web 20, 30, on, 35,Negotiati Nonwithout Semantic without Negotiatio without 25 25Web, 25 on, 40,n Semantic 25, Negotiati Negotiati Negotiati 20 Web, 20, 19 on, 25, on, 30, on, 20, Semantic 15 15 14 12 web

CONCLUSION In this research, we present an ontology based framework for e-payment system (OEPS). When compare with other works, it gives more detailed procedures and descriptions of e-shopping and payment

without Negotiatio n

systems. In order to manage customer’s time, possibilities of avoiding rigorous negotiation was explored and affirmed. The method reduces computational cost and improves security through lesser time of operation thereby reducing vulnerability. The issue of third party also does not arise here. The basket provides some of the supposed said missing information of previous interaction with the customer

Web representation Figure 8: Web comparison of three semantic processes

TIME

The work presented knowledge representation of epayment system using semantic web technology. The system did not involve negotiation with merchant in order to reduce time spend during transaction period and gives more details on purchasing process. Ontology-based framework for electronic payment system is on-going and will continue to improve. The purchasing and payment processes have been expanded in this research work to contain full details about products, delivery mode, warranty on goods, tax and payment at delivery. Also the time spend by customer has been reduced in this work because there is no negotiation during transaction.

SEMANTI SEMANTI C WEB C WEB WITH SEMANTIWITH NEGOTIA SEMANTI NONSEMANTI NONTION, 40, NONSEMANTIC WEB C WEBNEGOTIA SEMANTI SEMANTI C WEB SEMANTI TION, 35, SEMANTI WITH 50 NONC WEBSEMANTI WITHSEMANTI WEB C WEB C WEB, WITHOU 45 NEGOTIA CC WEB, SEMANTI SEMANTI WITHNEGOTIA NONC WEB 35,WITHOU C WEB 34 33 TION, 30, T40, CNONWEBSEMANTI NEGOTIA C WEB, TION, 25, WITHOU T WITHOU NEGOTIA 33 SEMANTI WITHOU 30,T25 NEGOTIA TION, 20, C WEB, 30 T TION,SEMANTI 35, T 25, 19 C WEB, 25 NEGOTIA TION, NEGOTIA C WEB40, 25 20, 15 NEGOTIA TION, 30, WITH 20 TION, 25, TION, 20, NEGOTIA 15 14 12 TION

PACKE T SENT Figure 9: Results of the three webs

REFERENCES Abrazhevich, D. 2004. Electronic payment systems: A User-Centered Perspective and Interaction Design. Technische Universiteit Eindhoven. ISBN 90-386-1948-0; NUR 788. Antonio, R. O., Antonio, F. 2012. Payment Frameworks for the Purchase of Electronic Products and Services. Computer Standards and Interfaces, 34, 80-92. Aristeidis. M., Dimitris, K. 2010. An Ontology-based Approach for Product Lifecycle Management, Computers in Industry. 61,787-797. Austin, B., Laurence, B. 2011. Electronic Payment Systems Development in a Developing Country: The Role

272

1st International Conference on Applied Information Technology

7-9 October, 2015

of Institutional Arrangements. Electronic Journal on Information System in Developing Countries. 49, 3, 1-16.

Academy of Science, Engineering and Technology. 48, 2008.

Butler, P., Peppard, J. 1998. Consumer Purchasing on the Internet: Processes and Prospects. European Management Journal, 16, 5, 600-610.

Singh, S. 2009. Emergence of payment systems in the age of electronic commerce. Asia Pacific Journal of Finance and Banking Research. 3, 3, 204-225.

Changsu, K., Wang, T., Namchul, S., Ki-soo, K. 2010. An Empirical Study of Customers’ Perceptions of Security and Trust in E-payment Systems. Electronic Commerce Research and Applications, 9, 84-95.

Taiwo, .O., Tajudeen, J., Ebenezer, Y. 2011. Electronic Payment System in Nigeria: Implementation, Constraints and Solutions. Journal of Management and Society. 1, 2, 16-21.

Javier, C. 2002. Ontological Approach to Electronic Payment Systems-Based Intelligent. Information Engineering Systems and Allied. 131-134.

Thavani, T., Pranav, P. 2008. Trustworthy Semantic Web Technologies for Secure Knowledge Management. IEEE/IFIP International Conference on Embedded and Ubiquitous Computing. 978-0-7695-3492-3/08.

Kambiz, H., Somayeh, A. 2012. An Investigation about Customers Perceptions of Security and Trust in EPayment Systems among Iranian Online Consumers. Journal of Basic and Applied Scientific Research. 2, 2, 1575-1581.

Theodosios, T., George S. 2005. The Concept of Security and Trust in Electronic Payments. Computers and Security. 24, 10-15. Thusitha, M., Jim, W. 2009. An Ontology-Based Approach to Enhance Querying Capabilities of General Practice Medicine for Better Management of Hypertension. Artificial Intelligence in Medicine. 47, 87103.

Loannis, S., Nick, B. 2009. A Process-Oriented Ontology-Based Knowledge Management System for Facilitating Operational Procedures in Public Administration. Expert system with application. 36, 44674478.

Wang, J., Lui, J., Li, X., Kou, W. 2009. Fair E-Payment Protocol Based on Blind Signature. The Journal of China Universities of Posts and Telecommunications. 16, 5, 114118.

Mafruz, Z., See, K. 2009. Privacy-Preserving E-Payment Using One-Time Payment Details. Computer Standards and Interfaces. 31, 321-328. Nenad, S., Ljiljana, S. 2002. Usage-Oriented Evolution of Ontology-Based Knowledge Management Systems. CoopIS/DOA/ODBA SE, LNCS 25, 9, 1186-1204.

Yu, T., Wu, G. 2007. Determinants of Internet Shopping Behavior: An Application of Reasoned Behaviour Theory. International Journal of Management. 24, 4, 744-762, 823.

Panagiotis, K. 2009. A Roadmap to Electronic Payment Transaction Guarantees and a Coloured Petri Net Model Checking Approach. Information and software Technology. 51, 235-257.

Zhen, L., Shunsheng, G., Yingsong, Y., Libo, S. 2014. Ontology Representation of Online Shopping Customers Knowledge in Enterprise Information. Applied Mechanics and Materials. 403, 603-606

PyaePyae, H. 2008. Design and Implementation of Secure Electronic Payment System (client). World

273

1st International Conference on Applied Information Technology

7-9 October, 2015

A SURVEY OF DETECTION TECHNIQUES FOR PACKET DROPPING ATTACK IN MOBILE AD HOC NETWORK A. S. Sodiya1, O. O. Folorunso2, and O. C. Akinola3 1,2,3

Department of Computer Science, Federal University of Agriculture, Abeokuta. Nigeria 1 [email protected], [email protected], [email protected]

Abstract: Mobile Ad hoc Network (MANETs) is a collection of wireless mobile nodes forming a network without using any existing infrastructure. In recent years, security has become important to mobile ad hoc networks due mainly to their use for many mission and life-critical applications. Also, MANET is a combination of nodes with limited power, bandwidth and processing capability, with these above mentioned constraint, many different approaches have been followed in order to increase its detection efficiency but the constraint make the these IDSs ineffective and inefficient for MANET environment. This paper aims to explore and to classify existing detections and protection mechanisms that have been proposed in the literature. A comparative study about the existing detection is presented. Finally, we identify areas where further research could focus. INTRODUCTION Mobile Ad hoc network (MANET) is a new paradigm in wireless revolution, which is a self-configured network of wireless mobile nodes. Due to proliferation of miniature yet powerful mobile computing devices, it is gaining acceptance and popularity. However, MANET is vulnerable to security attacks due to its inherent characteristics such as dynamic topology, lack of a centralized coordinator and limited bandwidth e.t.c. Besides of these characteristics, understanding potential type of attacks is usually the first step towards developing good security solutions. Two classes of approaches, prevention based such as user authentication and detection based such as intrusion detection can be used to protect high security MANETs. User authentication is critical in preventing non authorized users from accessing or modifying network resources in high security MANETs.



Manet Vulnerabilities Goyal et al. (2010) stated that vulnerability is a weakness in security system. A particular system may be vulnerable to unauthorized data manipulation because the system does not verify a user’s identity before allowing data access. MANET is more vulnerable than wired network. Some of the vulnerabilities are as follows: Lack of centralized management: MANET doesn’t have a centralized monitor server. The absence of management makes the detection of attacks difficult because it is not east to monitor the traffic in a highly dynamic and large scale adhoc network. Lack of centralized management will impede trust management for nodes.  Resource availability: Resource availability is a major issue in MANET. Providing secure communication in such changing environment as well as protection against specific threats and attacks, leads to development of various security schemes and architectures. Collaborative adhoc environments also allow implementation of self organized security mechanism.  Scalability: Due to mobility of nodes, scale of adhoc network changing all the time. So scalability is a major issue concerning security. Security mechanism should be capable of handling a large network as well as small ones.

Routing Attacks In Manets Routing plays a very important role in MANETS. It can also be easily misused, leading to various types of attack in the network. Routing protocols in general are more easily attacked by malicious nodes. These protocols are usually not designed with security function and often they are very vulnerable to node misbehavior attacks. It is true for MANET routing protocols because they are designed for minimizing the level of overhead and for allowing every node to participate in the routing process.





Cooperativeness: Routing algorithm for MANETs usually assume that nodes are cooperative and nonmailicious. As a result a malicious attacker can easily become an important routing agent and disrupt network operation by disobeying the protocol specifications. Dynamic topology: Dynamic topology and changeable nodes membership may disturb the trust relationship among nodes. The trust may also be disturbed if some nodes are detected as compromised. This dynamic behavior could be better protected with distributed and adaptive security mechanisms. Limited power supply: The nodes in mobile adhoc network need to consider restricted power supply, which will cause several problems. A node in mobile adhoc network may behave in a selfish manner when it is find that there is only limited power supply.

Figure 1: Taxonomy of Routing Attacks in MANET

274

1st International Conference on Applied Information Technology Various routing attacks caused by various reasons, which in turn can be grouped into the following categories:  Unsteadiness of the medium i.e. A packet may be dropped due to contention in the medium.  A packet may be dropped due to congestion and corruption in the medium  A packet may be dropped due to broken link  A packet may be dropped due to overflow of the transmission queue  A packet may be dropped due to lack of energy resources  A packet may be dropped due to the selfishness of a node to save its resources  A packet may be dropped due to the malignant act of a malicious node Malignant act of a malicious node can be subdivided to the following attackers in MANET are: a) Black Hole Attack: In this attack a malicious node makes use of routing protocols to misrepresents that it having the shortest and fresh enough route to destination without checking the availability of routes and drops data packets without forwarding further, thereby degrading network performance. b) Gray-hole Attack: This attack is also known as routing misbehavior attack which leads to dropping of messages. It has two phases. In the first phase the node advertise itself as having a valid route to destination while in second phase, nodes drops intercepted packets with a certain conditions. d) Selective packet dropping attack: selective packet drop is a kind of denial of service where a malicious node attracts packets and drops them selectively without forwarding them to the destination. This type of attack is very hard to detect as the malicious nodes pretend to act like a good node. The selective packet dropping attacks have a great negative influence over the performance metrics of conventional protocols. d)Stealthy Packet Dropping: In stealthy packet dropping, the attacker achieves the objective of disrupting the packet from reaching the destination by malicious behaviour at an intermediate node. However, the malicious node gives the impression to its neighbours participating in local monitoring that it has performed the required action. This class of attacks is applicable to packets that are neither acknowledged end to end nor hop by hop. Due to the resource constraints of bandwidth and energy, much traffic in multihop ad hoc wireless networks is unacknowledged or only selectively acknowledged. e) Jellyfish attack (Purohit et al. 2005) is a type of selective black hole attack. When Jellyfish (JF) node gets hold of forwarding packet it starts delaying/dropping data packets for certain amount of time before forwarding normally. Since packet loss is common in mobile wireless networks, the attacker can exploit this fact by hiding its malicious intents using compliant packet losses that appear to be caused by environmental reasons. Jelly fish attacks are targeted against closed-loop flows. The goal of jellyfish node is to diminish the good put, which can be achieved by dropping some of packets. When a malicious nodes launches forwarding rejection attacks it also may comply with all routing procedures.

7-9 October, 2015

f) Cooperative black hole attack is two or more nodes of blackhole attack cooperating to gain the path between the source and the destination nodes. One node gains the path and selectively drops or forwards the data packets to one of its cooperating nodes. Cooperation between black hole nodes helps malicious nodes to escape from monitoring techniques.

Figure 2: Co-operative Blackhole Attack Source: Tamilselvan et al. (2008) On the receipt of data packets, B1 simply drops them, instead of forwarding to the destination or B1 forwards all the data to B2. B2 simply drops it instead of forwarding to the destination. Thus the data packets get lost and hence never reach the intended destination. These malignant acts clearly indicate loss of packet delivery to the end point. It is referred as Packet Drop Attack. Packet dropping attack can be considered as the most vulnerable attack. Malicious node in the network drops packets intentionally which are supposed to be forwarded to reach destination. Routes that pass through such kind of nodes fail to establish path from source to destination [8]. As a result, network performance degrades abruptly. Even it leads to complete failure of network as stated in figure 2 below.

Figure 3: Packet Drop in MANET

275

1st International Conference on Applied Information Technology S – Sender Node D – Destination Node N - Intermediate Node

7-9 October, 2015

In the time past, several approaches were proposed to deal with Packet dropping attacks. In this section some of the existing approaches which are mainly used are discussed.

The figure 2 explains an illustration for packet drop in manet. There are 9 nodes in which a Sender Node (S) packet to Destination node (D) using some intermediate nodes. But when the packet is forwarded from Sender, the next intermediate node usually forwards the packet to the next node. The node n3 which acts as a malicious node does not forward the packet to next node and drops the packets. So no node after n3 receives the packet. It is an unrealistic anticipation to find all the mobile nodes in an independent network like MANET. The consequence of not forwarding the packets or dropping the packets in a MANET leads to a serious problem. Therefore, the need to address the packet dropping event takes higher priority for the mobile ad-hoc networks.

SURVEY OF LITERATURE Watchdog is a trust based routing protocol proposed by Marti et al. (2000) is used to detect misbehaving node in a network. This mechanism maintains a buffer to store the transmitted packets and it performs overhearing operation. Then it compares overheard packet with the packet which is stored in the buffer. If both the packets are same then this mechanism clears that packet from the buffer. If the packet is placed in the buffer for more than an assertive period then the failure rate of the node (which does not forward the packet) will be increased. If the failure rate exceeds certain threshold value, it conclude that the node as misbehaving node and inform about this to source node. Watchdog cannot detect malicious node in the presence of receiver collision, limited power for transmission or false misbehaviours report

Intrusion Detection System Intrusion means any set of actions that attempt to compromise the integrity, confidentiality, or availability of a resource. Intrusion prevention is the primary defense because the primary step is to make the systems safe from attacks by using passwords, biometrics etc. Even if intrusion prevention methods are used, the system may be subjected to some vulnerability. So we need a second wall of defense known as Intrusion Detection Systems (IDSs), to detect and produce responses if necessary. Hence Intrusion Detection System (IDS) is security software designed to monitoring system activity through examining vulnerabilities in the system and automatically alert administrators when system information is being compromise through malicious activities or through security policy violations.

Patcha et al. (2003) used an extension approach to the watchdog approach. In this approach, the nodes in the network are classified into trusted and ordinary nodes. The nodes which are involved in initial network formation are called as trusted nodes. The nodes which are joining later in to the network are called as ordinary nodes. The ordinary node can be promoted as trusted node if the node proves its trustworthiness. Another assumption in this approach is that all the trusted nodes should not be a malicious or selfish node. The watchdog nodes are selected from the set of trusted nodes for a given period of time based on the node energy, available node storage capacity and node computing power. The watchdog node has the additional duty to monitor other nodes in the network for a fixed period of time to detect the malicious behavior. Watchdog node maintains two threshold values SUSPECT_THRESHOLD and ACCEPTANCE_THRESHOLD to measure the trustworthiness of the non trusted nodes. If any node crosses the SUSPECT_THRESHOLD, it will be declared as malicious node by the watchdog node. If a node crosses the ACCEPTANCE_THRESHOLD, it will be declared as trusted node. The existing AODV protocol was extended with six extra packet types send_data, nodes_neighbors, trusted_enc_request, trusted_enc_reply, is_watchdog and is_malicious to implement the security. However, the additional packet types increases the network overhead.

Intrusion Detection in Manet Intrusion detection (ID) in MANETs is more complex and challenging than in fixed networks, because of the difficulty in fulfilling the requirements of IDS. It is used to detect the malicious nodes and to avoid packet drop in MANET. IDS should be cooperative and energy efficient for a constant changing topology and limited battery of mobile nodes in MANET. It can improve packet delivery ratio and to reduce routing overhead in MANET. IDS varies in approach and its goal of detecting suspicious traffic comes in different ways. It provides the following:  Monitoring and analysis of user and system activity  Auditing of system configurations and vulnerabilities  Assessing the integrity of critical system and data files  Statistical analysis of activity patterns based on the matching to known attacks  Abnormal activity analysis  Operating system audit  Take corrective steps: Once an attack is detected by the system, the active systems also take measure to tackle the attack.  Storage: It also stores the events either locally or otherwise in case of an attack.

Ko et al. (2012) proposed the monitoring agent technique. The technique is based on capturing packets sent by neighboring nodes within a transmission range. All the nodes in a network collect information about their one hop neighbors within a certain period of time. The collected information include; the total number of packets transmitted from a particular node (WLi), the average number of transmitted packets from all its one hop neighbors (AWL), the packet drop rate of a particular one hop neighbor (DRi), and the average packet dropping rate by all its one hop neighbors

276

1st International Conference on Applied Information Technology (ADR ) which are used for identifying a malicious node. Figure 6 is an illustration of the concept and S is the monitoring agent. S uses information collected from its neighbors to determine whether there are legitimate or malicious nodes.

7-9 October, 2015

a new protocol named SAODV, which is different from AODV for security features. SAODV includes RSA based encryption scheme and MD5 based checksum calculation. A coordinator node is introduced to manage all network operation. Coordinator is responsible for identifying packet dropping attack and find reasons for drop whether it is due to link error or due to the presence of malicious node. Coordinator can also perform corrective action against packet dropping. In this approach after identifying the source to destination path, all nodes included in the path should forward it on public key to source node. Then the source node can encrypt the packet using public-key crypto-system such as RSA. Before the encryption process, the checksum value is calculated for the whole message. Message is then divided into packets. Each packet and its checksum is encrypted using RSA algorithm. Encryption is starting by using the public key of the destination node and end by the public key of nearest neighbour node of source. Checksum calculation is done by using MD5 algorithm

Marti et al. (2000) PathRater run by every node in the network. A node maintains ratings for every other node it knows in the network basing on the knowledge of misbehaving nodes and link reliability data in order to choose the most suitable path. A path metric is calculated by averaging the ratings for nodes in the path. In case there is more than one path to the destination, the path with the highest metric is chosen. A pathrater node assigns a neutral rating of 0.5 to nodes known to it. It normally assigns itself a rating of 1. The ratings are updated in intervals of 200ms. The ratings for nodes in active path are increased by 0.01 and the maximum rating a node can attain is 0.8. A node’s rating is decreased by 0.05 when a link break is detected and the node becomes unreachable. A negative path metric value indicates presence of misbehaving nodes in the path. Due to faults or false accusations, a node may be marked as a misbehaving node. It is generally better not to permanently mark it as misbehaving node. Therefore, the marked misbehaving nodes’ rating should be increased slowly or set back to 0.0 after a long time period. When a pathrater detects a misbehaving node in a path it is using and fails to get an alternative path free of misbehaving nodes, it sends out a route request message called Send Route Request (SRR). This way, a new metric can be constructed from which a new path can be determined.

Hernández-Orallo (2012) used a collaborative watchdog approach to reduce the detection time of selfish nodes in the network, based on contact dissemination. In this approach, initially the collaborative node does not have any information about the selfish nodes. The collaborative node gets the information about the selfish node when a contact occurs based on either as a selfish contact or as a collaborative contact. When the watchdog node receives packets from a new node it is considered as a new contact. Then, the node transmits a message specifying all known selfish nodes to this new node. The main overhead of this approach is the number of messages needed for this transmission. Moreover, the effects of false positives and false negatives are not measured.

Traceroute designed by Jacobson of Traceroute Computer software is used to determine the route to a destination node. It sends probing UDP messages with increasing Time-to-Live (TTL) values towards the destination. The first probe is assigned a TTL value of 1. This enables the message to travel only the first hop in the path to destination. Once the TTL elapses, the packet gets dropped and an ICMP time exceeded message is sent back to the probing node. The probing node then keeps on increasing the TTL value for the successive probing UDP messages until it reaches all the intermediate nodes between the source and the destination. Every time the UDP packet gets dropped, an ICMP port unreachable message is sent back to the source. It sends probing UDP messages with increasing TTL values until it reaches the destination node. In case a malicious packet dropping node is in the route between the source and the destination, the sent UDP messages get dropped and fail to reach the destination. Since, for every dropped packet an ICMP message containing the address of the dropping node is sent back to the source, it is possible to isolate and identify the malicious node.

Zeshan et al. (2008) proposed a two-fold approach for detection and isolation of nodes that drops data packets. First approach attempts to detect the misbehavior of nodes and will identify the malicious activity in network. It is done by sending an ACK packet by each intermediate node to its source node for confirming the successful reception of data packets. If the source node does not get ACK packet by intermediate nodes then source node send again its packet for destination after a specific time. If same activity was observed again then source node broadcast a packet to declare the malicious activity in the network. Other approach identifies exactly which intermediate node is doing malicious activity. It is done by monitoring the intermediate nodes of active route by the nodes near to active path which lies in their transmission range and by the nodes which are on the active route. Since monitoring nodes are in promiscuous mode and are in the transmission range of intermediate nodes of active route, they can receive all the packets sent along the active route. Monitoring nodes count the number of packet coming into and going out of the nodes of active route. Each monitoring node maintain a list of sent and dropped packets and when number of dropped packets by a particular node exceeds certain threshold, the monitoring node in that range declares that node as

Noble et al. (2012) proposed Truthful Detection of Packet Dropping Attack in MANET. This work deals with detection and prevention of packet dropping attack. Link error and malicious packet dropping are two sources for packet losses in wireless ad hoc network. Work proposes

277

1st International Conference on Applied Information Technology misbehaving node and broadcast this information. Upon receiving broadcast packet all neighboring nodes will cancel their transmission to that particular node and enter it into the list of misbehaving nodes. Main disadvantage of this scheme includes the overhead due to transmissions of acknowledgement packets by every intermediate node to the source and working of all nodes in promiscuous mode uses Bloom filters to make proofs for the forwarding of packets from each node. While the Bloomfilter scheme is able to provide a packet forwarding proof, the correctness of the proof is varying and there is a chance that it contain errors. In the case of detecting the selective packet dropping attack accuracy of this scheme is very low.

7-9 October, 2015

forwarded through intermediate nodes along the source– destination path in multi-hop wireless ad hoc networks. Without having any control on packets forwarding, an intermediate node can behave selfishly or maliciously to drop packets going through it. The author used Merkle tree principle for implementation to justify the proposed approach. It first modeled different legitimate packet discard situations such as those generated by collisions, channel errors or mobility related droppings. Then propose an anomaly-based IDS system based on an enhanced windowing method to carry out the collection and analysis of selected cross-layer features. The design finally deploy the IDS collect selected features in a distributed manner. A simulated framework and the experimental results shows better perfomance when compared with the watchdog and the 2-hop ACK which are well-known approaches.

Buchegger et al. (2002) designed CONFIDANT protocol running in each node has four components - a) The Monitor, b) The Reputation System, c) The Path Manager and d) The Trust Manager. Each node monitors its environment through the Monitor. Upon detecting a deviating behavior, it invokes the Reputation System. The rating in the Reputation System gets altered once the action exceeds the threshold limit. Further, if the rating of misbehaving node surpasses intolerable level, then the Path Manager is called to take action. The Path Manager apart from deleting the misbehaving node in its routes generates an ALARM message to the Trust Manager, which can also receive ALARM message externally from the friends or other nodes through the Monitor component for trust examination and evaluation. The generated ALARM messages are sent to friends or to the route initiator. The model did not address how to integrate the Monitor component with fault tolerance techniques, so that it can mitigate the confusions that may arise in distinguishing the misbehaviors from the genuine faults. The cyclic chain’s strength completely relies at two spots: Reputation System and Trust Manager. In general, the Reputation System operates at two stages, one to tick the rating if the misbehaving exceeds the threshold and second to generate a serious action if the rating exceeds the tolerable level. As time proceeds, this two-stage operation indirectly allows the malicious nodes and selfish nodes to conduct selective misbehaving – a new form of attack. Moreover the time limit used to refresh false accusations, fault rating and list blow-up, allows the nodes to get away with selective misbehaving. Questions on how to decide the threshold factor and the intolerable level are not addressed. The Trust Manager fails to handle the issue of how to establish the friends’ list. ALARM flooding is another attack that can exploit a node’s energy, whereby the incoming ALARM from a non-friend is checked for its trustworthiness and there is no pre- defined limit in committing a node’s energy for the Trust Manager. Also, the system becomes entangled if two friends report each other to be malicious through ALARM messages. The trust captured is neither dynamic to reflect the malicious and benign behavior of the monitored node, nor displays push-pull behavior to accommodate repenting nodes and exclude compromised nodes. Sánchez-Casado et al. (2015) approach stated that, the packets are to be

Patolia et al. (2015) designed a new algorithm title KEAM- (Key Exchange and Monitoring), which is used to isolate and prevent Selective Packet Drop Attack in MANET”, this approach isolate malicious node on selective path in AODV routing protocol and secure the channel. It is based on Diffie-Hellman Key exchange and monitor mode technique. The concept use in the proposed technique is based on the monitoring mode and key exchange technique. The schema detects the malicious node from routing path in network so when new route establish it would be free from malicious activity and the result improvement in the packet delivery ratio and minimize the end-to-end delay. Simulation shows that monitor node technique easily detecting the misbehaving node and increase 80% throughput in network. The designer hope to make further improvement in the acknowledgement and key exchange model and also work on multiple packet drop attack. Balakrishnan et al (2005), introduce a TWOACK to inhibit selfishness in adhoc networks. TWOACK is an acknowledgement based schema. That means when a node sends a packet, the node’s routing agent checks that the packet is received successfully or not by using this approach. This is done by sending TWOACK packet back through the same path by receiver. In this process if the sender or intermediate node does not receive a TWOACK packet then this approach considers the next hop as a misbehaving node. The main drawback of this protocol is that it can’t identify exactly which node is misbehaving node. Djamel et al. (2015) approach deals with misbehaving nodes in mobile ad hoc networks (MANETs) that drop packets supposed to be relayed, whose purpose may be either saving their resources or launching a DoS attack. It proposed a solution to monitor, detect, and safely isolate such misbehaving nodes, structured around five modules: (i) The monitor, responsible for controlling the forwarding of packets, (ii) the detector, which is in charge of detecting the misbehaving of monitored nodes, (iii) the isolator, basically responsible for isolating misbehaving nodes detected by the detector, (iv) the investigator, which

278

1st International Conference on Applied Information Technology investigates accusations before testifying when the node has not enough experience with the accused, and (v) finally the witness module that responds to witness requests of the isolator. These modules are based on new approaches, aiming at improving the efficiency in detecting and isolating misbehaving nodes with a minimum overhead. The design perform better when analyze assess its performance with the watchdog, which is also a monitoring technique employed by almost all the current solutions.

7-9 October, 2015

Mahmoud et al. (2015) proposed an Integrated Stimulation and Punishment Mechanism for Thwarting Packet Dropping Attack in Multihop Wireless Networks. develop a novel mechanism that can thwart the rational and irrational packet dropping attacks by adopting stimulation and punishment strategies (TRIPO). In multihop wireless networks, the rational packet droppers may not relay the others' packets because packet relay consumes their resources without benefits, and the irrational packet droppers intentionally drop packets to disrupt the packet transmission process, which may make multihop communication fail. Cooperation stimulation mechanisms can motivate the rational packet droppers to relay packets, but they cannot identify the irrational packet droppers. TRIPO uses micropayment to stimulate the rational packet droppers to relay the others' packets and enforce fairness and uses reputation system (RS) to identify and evict the irrational packet droppers. The design also propose a novel monitoring technique to measure the nodes' frequency of dropping packets based on processing the payment receipts instead of using the medium overhearing technique. The receipts was processed to extract financial information to reward the cooperative nodes that relay packets, as well as contextual information, such as broken links, to build up the RS. Extensive analytical and simulation results demonstrate that TRIPO can secure the payment and precisely identify the irrational packet droppers with almost no falsepositive nodes, which can improve the network performance in terms of packet delivery ratio.

The main goal of Abdalla, et.al.(2013) is to detect successfully and isolate the data packet dropping attackers from routing path in OLSR routing protocol for MANETs. In this approach, a new IDS mechanism is presented based on End-to-End connection for securing OLSR routing protocols. This new mechanism DIPDAM is based on three ID messages Path Validation Message (PVM) enables E2E feedback loop between the source and the destination, Attacker Finder Message (AFM) to detect attacker node through the routing path, and Attacker Isolation Message (AIM) to isolate the attacker from routing path and update the black list for each node then trigger to neighbors with updated information. To save nodes resources, DIPDAM avoids monitoring every node at all times and it is a fully distributed detection approach. DIPDAM is also a scalable approach and allows the source to monitor its data messages with minimal overhead. Simulation results shows that perform better than it previous approach.

Chaudhary et al. (2014) design an anomaly based fuzzy intrusion detection system for packet dropping attack in mobile ad hoc networks This author developed an anomaly based fuzzy intrusion detection system to detect the packet dropping attack from mobile ad hoc networks and this proposed solution also save the resources of mobile nodes in respect to remove the malicious nodes. The design used sugeno-type fuzzy inference system to make the fuzzy rule base in order to analyze the results. Simulation was carried out using Qualnet simulator 6.1 and the results proved that proposed system is more capable to detect the packet dropping attack with high positive rate and low false positive under each level (low, medium and high) of speed of mobile nodes.

279

1st International Conference on Applied Information Technology

7-9 October, 2015

Swetha et al. (2013) presented a security architecture for unmasking Packet Drop Attack in MANET. This design proposes a simple yet effective scheme to identify the misbehaving nodes that drops the packet. Each packet is encrypted and bloom key is generated so as to hide the original packet. The design uses a customized packet drop protocol to forward the packets from one node to another node. The sender node initially checks to which node the packet should be forwarded. The node information of each node is known to another node. The sender node usually maintains the sequence number count when a packet is forwarded from one node to another. When a packet is forwarded from one node to another node a sequence number is added. The sender node usually tests the sample packet before forwarding the actual packet being sent. At first, the sender node calculates the Bloom key (Bk1), encrypts the packet and forwarded to next node. When a packet is forwarded from one node to another node, an acknowledgement should be received in a fixed time T1 and sequence number should be added at sender node. If the acknowledgement is not received in Time T1, the sender node checks for packet audit request. Then the trace file shows the node which drops the packet and the Bloom key (Bk2) is generated after the packet is received. The difference in both the bloom keys also detects the packet drop attack. If the acknowledgement is received to sender in a fixed time T1, then there is no packet drop and there is a secured transmission of data in the network. The future work is to design a mechanism using standard protocols to identified packet drop nodes that are isolated from the network for secure data transmission.

Sen et al. (2007) proposed a distributed protocol for detection of packet dropping attack in mobile ad hoc networks. The design which is a mechanism for detection of packet dropping attack is presented based on cooperative participation of the nodes in a MANET. The redundancy of routing information in an ad hoc network is utilized to make the scheme robust so that it works effectively even in presence of transient network partitioning and Byzantine failure of nodes. The proposed scheme is fully cooperative and thus more secure as the vulnerabilities of any election algorithm used for choosing a subset of nodes for cooperation are absent. Simulation results show the effectiveness of the protocol. According to Kaur et al. (2015) proposed an algorithm for Detection of Packet-Dropping Attack in Recoverable Concealed Data Aggregation Protocol for Homogeneous Wireless Sensor Networks. In wireless sensor networks, communication cost is higher as compared to computational cost, so it is important to minimize the amount of data transmission to extend the network lifetime. To minimize the volume of data to be transmitted, data aggregation is mostly used. As sensor nodes are being deployed in remote and unattented environments, they are prone to node compromise attacks and various other security issues. Hence, it is mandatory that data aggregation protocols must be designed by considering security issues on priority basis. Although, there is a trade-off between data aggregation and security of data, but both aspects are essential. Therefore it is challenging task to maintain data aggregation along with security in these networks. Recoverable Concealed Data aggregation Protocol for Homogeneous wireless sensor networks provides both security as well as aggregation. Despite of its strong security mechanism, this protocol is prone to Packet dropping attacks. The design is aims at detection of packet-dropping attack in Recoverable Concealed Data aggregation Protocol for Homogeneous wireless sensor networks.

PROBLEMS WITH THE EXISTING DETECTION METHOD FOR MANET  Most of the existing approaches are used to detect only the misbehavior links rather than the malicious nodes  Some approaches that rely on cryptography and key management are too expensive.  Some approach can work only with specific attack. The approaches that work well in the presence of one malicious node are not suitable for multiple colluding attackers.  The pitfall of the techniques is inability to decide the criterion for choosing threshold value. Deciding the criteria for maintaining the co operating node is difficult.  Some approach generate false ALARMS. There might be a situation where two nodes declare each other misbehaving through ALARM messages.  Another possible drawback includes lot of routing overhead to resolve problem of packets dropping or due to transmissions of acknowledgement delivered packet  Some approach rely on independent decision-making by mobile agents which is susceptible to single point of failure problems  Some techniques required authentication mechanism to make sure that the packets transmitted are genuine

Aishwarya et al. (2010) designed a Detection of Packet Dropping Attack Using Improved Acknowledgement Based Scheme in MANET, This approach is used for detection and isolation of misbehaving nodes. The approach was integrated on top of source routing protocol such as DSR and is based on sending acknowledgement packets for reception of data packets and using promiscuous mode for counting the number of data packet such that it overcomes the problem of misbehaving nodes. Although the approach has lesser routing overhead and more advantageous than previous similar schemes because it requires lesser number of acknowledgement packet transmission the effectiveness and results of proposed approach which is implementation on Network Simulator 2 is still in progress. Its future works includes some authentication mechanism to make sure that the ACK packets are genuine and also includes mechanism to punish misbehaving nodes.

280

1st International Conference on Applied Information Technology



and need for mechanism to punish misbehaving nodes. There is a need to develop secure routing protocol that utilizing only the trusted nodes in the network.

CONCLUSION Mobile ad hoc networks are widely used in military and civilian applications. Security which is a critical factor is a concern in these kinds of networks due to lack of centralized control. This results into launching of different attacks including the packet dropping attack. In this paper we have presented a survey of the state-of-the-art on securing MANETs against packet dropping attack in Mobile ad hoc networks considering the three common routing protocols AODV , DSR and OLSR as example cases. We comparatively analyzed some of the malicious packet dropping detection techniques proposed to assess their effectiveness and limitations.. Most of the existing approaches are used to detect only the misbehavior links rather than the malicious nodes. Moreover, they fail to detect selective dropping of packets in MANET. Some approaches that rely on cryptography and key management are too expensive. Each approach can work only with specific attack. The approaches that work well in the presence of one malicious node are not suitable for multiple colluding attackers. The focus on all possible types of attack for more secure and reliable MANET with minimizing the cost can still improve the effectiveness and efficiency of the security schemes. We also proposed a way forward to build an efficient defense-in-depth strategy to secure mobile ad hoc networks

SUGGESTED WAY FORWORD MANETs required for more concentration for researchers. It can be a fastest growing area for future research in terms of detection techniques, response mechanism and selection of node features for misbehaviors nodes. In future, the researchers should concentrate on the following areas:   









7-9 October, 2015

Develop techniques that generates relatively low network routing overhead If probe messages does not experience delay or dropped data packets Develop a detection system that can be used to classify the normal and malicious activities in the network. Collaborative approach that will supercede independent decision-making by mobile agents which is susceptible to single point of failure problems. Also most of the available mobile agent frameworks used by the researchers are heavyweight and can often be the targets of attacks themselves. Special attention should be paid to the fact that the existing detection system could be employed for various routing protocols. The researchers possible extension of these work can examine the performance of other types of tools like neural networks, Artificial immune system e.t.c and can select features from other layers (e.g. network layer) in order to detect packet dropping and other type of attacks. The researchers techniques should equipped the algorithm with technique that can identify and isolate the malicious nodes from the active data forwarding and routing. Future approach should be efficient defense-in-depth strategy that will secure mobile ad hoc networks through the integration of three layers -- prevention layer (based on cryptographic techniques), detectionreaction layer (based on monitoring technique) and enforcement layer (based on obligations) As a future scope of work, the proposed security mechanism may be extended so that it can defend against other attacks like resource consumption attack and packet dropping attack. Adapting the protocol for efficiently defending against grayhole attack- an attack where some nodes switch their states from blackhole to honest intermittently and vice versa, is also an interesting future work.

REFERENCES Abing-Ray Chen, Jia Guo, Fenye Bao, Jin-Hee Cho, 2014, Trust management in mobile ad hoc networks for bias minimization and application performance maximization. Elsevier B. V Journal with ISSN:15708705, Aikaterini Mitrokotsa, Rosa Mavropodi, Christos Douligeris, 2006 “Intrusion Detection of Packet Dropping Attacks in Mobile AdHoc Networks”, Ayia Napa, Cyprus. Aishwarya Sagar Anand Ukey, Meenu Chawla, 2010, “Detection of Packet Dropping Attack Using Improved Acknowledgement Based Scheme in MANET”, IJCSI International Journal of Computer Science Issues, Vol. 7, Issue 4, No 1, ISSN (Online): 1694-0784 ISSN (Print): 1694-0814 Amir Khusru Akhtar, G. Sahoo, 2010, "Mathematical Model for the Detection of Selfish Nodes in MANET" IJCSI, 2010 ISSN 2231 –5292, Amudha Bharathi.B, Dr.S.Usha, 2013 ,“Fortify Manets From Invasion Using Hybrid Cryptographic Techniques”, IRACST,vol 3,. Angel Mary Alex, M. Ashwin, 2013, “Detection of Stealthy Attacks of Packet Dropping in Wireless Ad Hoc Networks”, In the proceedings of International Journal of Science, Engineering and Technology Research (IJSETR).

281

1st International Conference on Applied Information Technology

7-9 October, 2015

System for MANETs”,IEEE Transactions on industrial electronics, VOL. 60, NO. 3,

Ashok M. Kanthe, Dina Simunic, Ramjee Prasad, 2012, "The Impact of Packet Drop Attack and Solution on overall Performance of AODV in Mobile Ad-hoc Networks" IJRTE, ISSN: 2249-8958, Volume-2,

Forootaninia and M. B. Ghaznavi-Ghoushchi, 2912, “International Journal of Network Security & Its Applications (IJNSA)”, Vol.4, No.4, July 2012.

Ashok M. Kanthe, Dina Simunic, Ramjee Prasad, 2012, “The Impact of Packet Drop Attack and Solution on Overall Performance of AODV in Mobile Ad–hoc Networks”, In the proceedings of the International Journal of Recent Technology and Engineering (IJRTE) ISSN: 2249-8958, Volume-2, Issue-2,

Gaganpreet Kaur, Manjeet Singh, 2013, “Packet Monitor Scheme for Prevention of Black-hole Attack in Mobile Ad-hoc Network”, JCSCE, NCRAET-2013. Hernandez E., Serrat M.D.,2012, Improving Selfish Node Detection in MANETs Using a Collaborative Watchdog, IEEE Communications Letters, Vol.16, No.5, .

Balakrishnan K., Deng J., and Varshney P.K.,” 2005, TWOACK: Preventing selfishness in Mobile Ad Hoc Networks,” Proc. IEEE Wireless Comm. and Networking Conf. (WCNC’05).

Jacobson V .. “Traceroute Computer software”, Available from ftp://ftp.ee.lbl.gov/traceroute.tar.gz.

Balakrishnan K., Jing D. and Varshney, P.K. 2005, “TWOACK: Preventing Selfishness in Mobile Ad Hoc Networks”, Wireless Communications and Networking Conference, IEEE, 2005.

Jaydip Sen, 2010, “A Distributed Trust Management Framework for Detecting Malicious Packet Dropping Nodes In A Mobile Adhoc Network”, International Journal of Network Security & Its Applications (IJNSA) 2010, Vol.2, No.4

Bhalaji N., Shanmugam .A., 2009, ”Reliable Routing against Selective Packet Drop Attack in DSR based MANET”, In the proceedings of journal of software, vol. 4, no. 6,

Jaydip Sen, M. Girish Chandra, P. Balamuralidhar, Harihara S.G., Harish Reddy, 2007, “A Distributed Protocol for Detection of Packet Dropping Attack in Mobile Ad Hoc Networks”, Telecommunic-ations and Malaysia International Conference on Communications, 2007. ICT- MICC 2007. IEEE International Conference, Page(s):75 – 80, E-ISBN :978-1-4244-1094-1,Print ISBN:978-1-4244- 1094-1

Buchegger S. and Boudec J-Y.L., 2005 , “Performance analysis of the CONFIDANT protocol”, In Proceedings of the 3rd ACM Symposium on Mobile Ad Hoc Networking and Computing, pp. 226-236, 2002. Djahel S., Na¨ıt-abdesselam F., and Zhang Z., “Mitigating Packet Dropping Problem in Mobile Ad hoc Networks: Proposals and Challenges”, IEEE Communications Surveys & Tutorials, vol. 13, no. 4, Fourth Quarter 2011. International Journal of Network Security & Its Applications (IJNSA), Vol.6, No.5, September 2014

Jin-Hee Cho, Ing-Ray Chen, 2013, On the tradeoff between altruism and selfishness in MANET. Elsevier B. V Journal with ISSN:2217-2234, Julian Benadit.P, Sharmila Baskaran and Ramya Taimanessamy,2011, “Detecting Malicious Packet Dropping Using Statistical Traffic Patterns”, IJCSI International Journal of Computer Science Issues(2011), Vol.8, Issue 3, No. 2, ISSN (Online): 1694-0814

Djahel, S. Abdesselam F.N., Zonghua Zhang, 2014, Mitigating Packet Dropping Problem in Mobile Ad-hoc Networks : Proposals and Challenges, IEEE Communications Surveys & Tutorials, Vol.13, No.4, Fourth Quarter 2011.

Ko J., Seo J., Kim E. and Shon T.,2012, “Monitoring Agent for Detecting Malicious Packet Drops for Wireless Sensor Networks in the Microgrid and Grid-enabled Vehicles”, International Journal of Advanced Robotic Systems,

Djenouri D. and Badache N., 2011, “A Survey on Security Issues in Mobile Ad hoc Networks”,

Ko J., Seo J., Kim E. and Shon T., 2012, “Monitoring Agent for Detecting Malicious Packet Drops for Wireless Sensor Networks in the Microgrid and Grid-enabled Vehicles”, International Journal of Advanced Robotic Systems,

Djenouri D., Badache N., 2006, Cross-Layer Approach to Detect Data Packet Droppers in Mobile Ad-Hoc Networks, IWSOS 2006, LNCS 4124, pp.-163-176, 2006. Elhadi M. Shakshuki, Nan Kang, and Tarek R. Sheltami, 2013, “ EAACK- A Secure Intrusion-Detection

282

1st International Conference on Applied Information Technology

7-9 October, 2015

Li X., Lu R., Liang X., and Shen X., 2011, “Side Channel Monitoring: Packet Drop Attack Detection in Wireless Ad hoc Networks”, publication in the IEEE ICC proceedings, Marti S., Giuli T. J., Lai K., and Baker M., , 2000, ―Mitigating routing misbehavior in mobile ad h oc networks,‖ in Proceedings of the Sixthannual ACM/IEEE International Conference on M obile Computing and Networking, , pp. 255–265.

Based on Modified ACKbased Scheme Using FSA” International Journal on Emerging Technologies 2(2): 102-105(2011).

Marti S., Giuli T. J., Lai K., and Baker, M. 2014. , “Mitigating Routing Misbehavior in Mobile Ad Hoc Networks”, Available from: http://www.cs.cmu.edu.

Soufiene Djahel, Farid Nat-abdesselam and Zonghua Zhang, 2011, ”Mitigating Packet Dropping Problem in Mobile AdHoc Networks: Proposals and Challenges”, IEEE communications surveys & tutorials(2011), vol. 13, No. 4

Shukla Banerjee, 2008, “Detection/Removal of Cooperative Black and Gray Hole Attack in Mobile AdHoc Networks,” Proceedings of the World Congress on Engineering and Computer Science 2008, USA

Muhammad Zeshan, Shoab A. Khan, Ahmad Raza Cheema, and Attique Ahmed, 2008, "Adding Security against Packet Dropping Attack in Mobile Ad Hoc Networks," in 2008 International Seminar on Future Information Technology and Management Engineering, , pp. 568- 572

Sun B., 2004, “Intrusion detection in mobile ad hoc networks,” Ph.D. dissertation, Texas A&M Univ., College Station, TX, 2004. Swetha P. and Bhupathi V., 2013, “Unmasking Of Packet Drop Attack In Manet”, International Journal of Emerging Trends & Technology in Computer Science (IJETTCS), Volume 2, Issue 6, Swetha P., Vinod Bhupathi, “Mitigation of Packet Drop attack in Manet”, In the proceedings of National Conference on Advances in computing and Networking (NACACN) ISBN:9789383038114.

Muhammad Zeshan, Shoab A. Khan, Ahmad Raza Cheema, and Attique Ahmed, 2008, "Adding Security against Packet Dropping Attack in Mobile Ad Hoc Networks," in 2008 International Seminar on Future Information Technology and Management Engineering, , pp. 568- 572 Muhammad Zeshan, Shoab A.Khan, Ahmad Raza Cheema and Attique Ahmed 2008, ,“Adding Security against Packet Dropping Attack in Mobile Ad hoc Networks”, Future Information Technology and Management Engineering, 2008. FITME '08. International Seminar( 2008 IEEE), Page(s):568 –

Tanapat Anusas-amornkul, 2008, “On Detection Mechanisms and Their Performance for Packet Dropping Attack in Ad Hoc Networks”, Submitted to the Graduate Faculty of the School of Information Sciences in partial fulfillment of the requirements for the degree of Doctor of Philosophy University of Pittsburgh 2008

Parker J., Undercoffer J., Pinkston J., and Joshi A., 2004, “On intrusion detection and response for mobile ad hoc networks,” in proc. IEEE Int.Conf.Perform.,Comput.,Commun., 2004, pp. 747 – 752.

TaoShu and Marwan Krunz, Fellow, IEEE. 2015, “Privacy-Preserving and Truthful Detectionof Packet Dropping Attacks in WirelessAd Hoc Networks,” IEEE Transactions on Mobile Computing, vol. 14, no. 4, Usha S., Radha S., 2009, "Co-operative Approach to Detect Misbehaving Nodes in MANET Using Multi-hop Acknowledgement Scheme," in 2009 International Conference on Advances in Computing, Control, and Telecommunication Technologies, December 2009, pp. 576-578.

Patcha and A. Mishra, 2003, “Collaborative security architecture for black hole attack prevention in mobile adhoc networks,” in Proc. Radio Wireless Conf. , 2003, pp. 75–78. Peethambaran P. and Jayasudha J. S., 2014, “Survey Of Manet Misbehaviour Detection Approaches”, International Journal of Network Security & Its Applications (IJNSA), Vol.6, No.3, .

V. L. L. Thing and H. C. J. Lee, 2014, “IP Traceback for Wireless Ad-hoc Networks”, Available from: http://www.diadem-firewall.org/publications,

Ramandeep Kaur and Jaswinder Singh, 2013, ”Towards Security against Malicious Node Attack in Mobile Ad Hoc Network”, IJARCSSE, vol.3, Satyendra Tiwari, Anurag Jain and Gajendra Singh Chowhan: 2011, “Migrating Packet Dropping in Adhoc Network

Venkatesan Balakrishnan and Vijay Varadharajan, 2014, “Packet Drop Attack: A Serious Threat To Operational Mobile Ad Hoc Networks”.

283

1st International Conference on Applied Information Technology

7-9 October, 2015

International Conference, Page(s): 1-5, ISSN : 1550-3607, E-ISBN :978- 1-61284-231-8, Print ISBN: 978-1-61284232-5

Vishvas Kshirsagar, Ashok M. Kanthe, Dina Simunic, 2013, “Analytical Approach towards Packet Drop Attack in Mobile Ad-hoc Networks.” IEEE ICCIC 2014, Volume 2, Issue 6 November – December 2013 Page 213

Zhang Y., Lazos L., and Kozma W., 2013, “AMD: Audit-based misbehaviour detection in wireless ad hoc networks,” IEEE Trans. MobileComput., PrePrint, Vol. 99.

Xu Li, Rongxing Lu, Xiaohui Liang, and Xuemin (Sherman) Shen, 2011, “Side Channel Monitoring: Packet Drop Attack Detection in Wireless Ad Hoc Networks”, Communications (ICC), 2011 IEEE

284

1st International Conference on Applied Information Technology

7-9 October, 2015

ACADEMIC LIBRARY VISIT AND INFORMATION RESOURCES USAGE BRIDGING THE GAP THROUGH MOBILE APPLICATION INTERVENTION C. E. Otuza and U. R. Okoro Department of Information Resources Management, Babcock Business School, Babcock University, Nigeria. Department of Computer Sciences, School of Computing and Engineering Sciences, Babcock University, Nigeria. [email protected] and [email protected] Abstract:: Most 21st patrons now have multiple options for information seeking but prefer to utilize electronic or online information services than using the physical library for services such reference services, bibliographic services, current awareness services, document delivery, interlibrary loan, audio-visual services, and customer relations; these services are maximally enjoyed through a deliberate physical access to the library. The outcome of this work is a mobile solution called Ravan, which has a pro-cultural design approach intended to bridge the gap, which exists between library information service use by patrons and the physical visit/usage of the library facility in the 21st century in Babcock University. The observed decline in the percentage of users visiting the library and what is expected to reaffirm the library’s relevance in this era was a key issue in this paper as well as the solution proffered to bridge the observed gap was adequately considered. A cooperative prefix design approach model has been adopted for design of the mobile solution. Although, intended to be applied for LOM library, this solution holds an equal contribution to other academic libraries in Nigeria and beyond. Keywords: Mobile App, Academic Library visit, Dashboard, Information Resources Usage. information access. In a survey report across some academic libraries in the USA by ALA (2013) it observed that 73% of patrons make use of online research services; 69% gain access to technology to try out new devices and e-books/online information resources; 64% on Amazon customized book/audio/video schemes; 63% have Apps-based access to library materials and programs; and 62% enjoy GPS navigation apps that help in locating local information materials inside the library building. This study points to the fact that large proportion of American patrons of ages 16 and above would continue to embrace a wider use of technology at libraries in their respective institutions. It is evident from recent findings that visit to university libraries by respective patrons have continued to decline significantly. Although, many factors are perhaps contributory but the emergence of specialized information technology tools and mobile applications was noted to account for other means of accessing the library resources in place of physical presence in the library. Krubu and Osawaru (2010) observed that the emergence of internet as the largest repository of information has caused a shift in the role of the library and information professionals from having to play an intermediary function to facilitators of new tools in terms of information dissemination. Concurrently, there is a shift from the physical to virtual service environment- bringing to near extinction some conventional information services, and the emergence of new innovative web based services. As observed by Mairaj and Naseer (2013), patrons now have multiple options for information seeking but prefer to utilize online information

INTRODUCTION Long before now the intention for library establishment within academic environment was achieved to a large extent through the regular visit of intended users and patrons, and their usage of available information resources. The library that is established in an academic environment or institution of higher learning (known as academic library) is saddled with the responsibility of providing support for academic programs of the University through the provision of relevant information that takes care of the information needs of both students and faculty members (Nkamnebe, Udem & Nkamnebe; 2014); selecting and acquiring information resources relevant to the academic community; preparing these materials for use- through cataloguing, classification and processing; circulating the resources through easy access to open shelving, and reserve section at the circulation desk; provision of reference services by assisting users in locating information and resources; and offering both formal and informal instruction in the use of the library (Odiase, Unegbu & Haliso; 2001). Despite such a clear definition roles/ areas of intervention that is expected to aid excellent academic pursuit, this era is witnessing a gradual decline of patrons’ physical presence in the library especially in institutions where access to online resources is highly available, even when the library has not failed yet in its role to the academic community. The picture is not the same in the advanced economy, for them, patrons are observed to continuously patronize the libraries even with the heavy presence of IT tools and online

285

1st International Conference on Applied Information Technology

services than using the library. Despite the fact that libraries are required to use electronic technologies to satisfy their users even in such service areas as reference services, bibliographic services, current awareness services, document delivery, interlibrary loan, audio-visual services, and customer relations; these services are maximally enjoyed through a deliberate physical access to the library. It was until 2010 before digital libraries were established in 3 federal universities in Nigeria with MTN as a major sponsor. The universities include Ahmadu Bello University, Zaria; University of Lagos; and University of Nigeria Nsukka. Till date, not much has been added to this three. On the part of private universities, the picture is yet unclear as there is not much difference between the public and private universities as at date to encourage users to access the library in addition to their mobile phone usage. The decline in the visit of patrons perhaps is hinged on certain unresolved factors, which further reiterates the fact that, indeed, the existing lacuna still questions the relevance of the physical library in this era of continuous change, occasioned by constant technological advancements. For instance Gbaje and Kotso (2014) observed that only few Nigerian academic libraries incorporate information service provision using Blogs, Flickr, and Twitter indicated by 8%, 5% and 0% respectively. Despite that Wikis, Blogs, RSS feeds, and Podcast were identified as very useful tools for academic libraries, most academic library websites are none interactive and does not allow for collaboration with patrons; could this account for some measure of discouragement on the part of library patrons? Nkamnebe et al (2014) found out that library visit/use has declined over time as only 6.5% of students visited daily, 19.6% visited once a week, and 29% do not visit between 2013 and 2014 in Paul University library, Nigeria. This implies that satisfaction is derived outside the library. The picture is not the same in the IT compliant environment as reported by the University of Chicago Library- UCL (2011) which showed that between 80% and 90% of users are very satisfied with using the services within the library between 1% and 4% are dissatisfied. This work presents a mobile solution called Ravan. Ravan as a mobile app is developed using C#, Java for Android and IOSSDK platform. Section 1 discusses the state of Academic Libraries in Nigeria. Section 2 summarizes the global phone user demography and paradigm shift in library services Section 3 presents the proposed mobile solution with a pro-cultural design interface, Section 4 gives conclusion and recommendations.

7-9 October, 2015

observed that there is a rapid pace of development in the field of information technology, which has birthed networked information services, and a total review of the library and information science practice. Abubakar (2011) agreed that the global trend is the shift from traditional environment to e-environment, so that greater emphasis is placed on the acquisition of eresources (information materials) as well as on-line databases. He further deduced that despite this development, the traditional library information services/ functions are still very relevant. The shift includes a sophisticated pattern in the information needs and seeking behavior of users, the transition from the standalone libraries to library networks, from printed information materials to digital documents, and from ownership to access. All of these are as a result of ICT’s impact, the internet, and web presence (Singh and Kaur, 2009). Libraries in the 21st century are expected to provide a range of information and communication technologies that can support the information seeking process of patrons. According to Abubakar (2011) these technologies may be in specialized applications or software that can retrieve information quickly from both immediate and remote databases, and provide a platform for library cooperation and consortium initiatives. ONLINE READERS/USERS; MOBILE APP USAGE IN ACADEMIC LIBRARIES Going by the trend, Smartphones are identified as the fastest growing mobile communication tool in the 21st century especially in Africa. The mobile phones are portable (easy to handle, moveable) communication gadgets but according to Okoro, Kuyoro, Makinde, Otuza & Egwuonwu (2014), not all mobile phones qualifies as Smartphones. This means that the special feature of Personal Digital Assistant (PDA) incorporated to the other existing mobile phone features makes it unique. They defined the Smartphone as “a mobile phone that can make calls, have internet access, a touch screen interface and still incorporates the functions of a computer and an operating system which can allow users to install and run apps” p.34. Smartphones constitute a heavily used personal device in terms of accessing information as well as some information services that library patrons could have had if they had visited the facility. In February 2014, there were about 63million smartphone users in Nigeria, but as at February 2015, statistics showed that 83million subscribers are active users, with a penetration increase from 45% in 2014 to 57% in 2015 which is ahead of India and South Africa by the close of the first quarter of 2015 with up to 77%-data traffic. This is estimated to increase up to 17 times by 2019 which makes Nigeria the leading nation in subSaharan Africa (Ojabo, 2015). It can be deduced that access to online or virtual libraries will as well increase considerably over time since a good percentage of university students formed the chunk of smartphone users in Nigeria. Chances are high that

THE PARADIGM SHIFT IN SERVICE PROVISION From the foregoing, it is obvious that information technology in congruence with communication technology has, and is still redefining conventional practices thereby changing the status quo. Okon (2005)

286

1st International Conference on Applied Information Technology

users (university library patrons) will continue to access information via their smartphones other than visit the library for their information need, especially in the absence of a dedicated or specialized mobile app that seek to connect users to the library services while reaffirming the need for the physical library facility. The University of Notre Dame Library in San Antonio had sought to institute a mobile app for library interaction since 2012. Despite this, users still visit the library to complete an information seeking process already initiated through personal mobile device thereby strengthening the relevance of library visit. Brach (2012) gave a breakdown of queries initiated through smartphones or other supporting mobile device as iPhone 55.7%, iPod 21.3%, Android 15.4%, iPad 3.87%, and BlackBerry 3.14%. He admitted that since global sales of Smartphones will top 1billion units in 2014, hence, the need for academic libraries to go mobile as its users will overtake users of personal computers in 5years as shown in fig 1 below:

7-9 October, 2015

Figure 2: User case diagram for Ravan Dashboard

Figure 3: Library Mobile App dashboard showing user interfaces.

Fig 1: Chart showing increasing trend in Mobile internet users (Brach, 2012). Academic institutions are shifting their attention from stand-alone applications that are downloadable from an app store to mobile-optimized version of their web sites.

Find Books Interface

PROPOSED SOLUTION Considering the impressive growth in the number of Library patrons who use mobile devices such as Iphone, Ipads, Android Devices and other smart phones, Ravan as a mobile app has been developed using C#, Java for Android and IOSSDK platform. A cooperative prefix design approach model by Okoro et al (2014) was adopted. Below are figures of the user case diagram and the snapshot of the interfaces. 1. THE MOBILE APP DASHBOARD The Library mobile app dashboard contains user friendly four (4) pages or interfaces namely: The Request for Books Page, The Enquiry Page, The News Page and the Lib. Branches Page. See figure 2 and 3.

Figure 4: User case diagram showing Book Catalog Interface Mechanics

287

1st International Conference on Applied Information Technology

7-9 October, 2015

Figure 5: Snapshot of the Book Catalog Menu Figure 8: User case diagram for Enquiry Interface

Figure 6: Snapshot of the Book Catalog Menu

Figure 9: Snapshot of an activated form on Ravan App Find Our Branches Page

Figure 10: User case diagram for Library Branches Mechanics

Figure 7: Snapshot of the Read or borrow a book Catalog and its link to customized Library software Enquiry Page

288

1st International Conference on Applied Information Technology

7-9 October, 2015

2011, available at: www.webpages.uidaho.edu/~mbolin/abubakar.htm American Library Association ALA 2013. The state of America’s libraries: a report from the American Library Association. American Libraries-special issue ,p81. Brach, C. A. 2012. Libraries: thriving in our information-rich environment. Mobile Devices and Libraries, ASEE 2012 San Antonio, Texas. Gbaje, E. S.. Kotso, J. A. 2014. Assessing the contents of Nigeria academic library website. Information and Knowledge Management, 4(7):6-12 Mairaj, M. I., Naseer, M. M. 2013. Library services and user satisfaction in developing countries: a case study. Health Information and Libraries Journal, 30(4), 318-326. Nkamnebe, E. C., Udem, O. K. Nkamnebe, C. B. 2014. Evaluation of the use of university library resources and services by the students of Paul University, Awka, Anambra State, Nigeria. Library Philosophy and Practice (e-journal), Paper 1147. Available at: http://digitalcommons.uni.edu/libhilprac/1147 Odiase, J. O. U., Unegbu, V. E., Haliso, Y. 2001. Introduction to the Use of Library and Information Sources, pp. 198. Benin City, Nationwide Publications. Ojabo, D. 2015. Technology. Business Day June 14 2015. Okon, H. 2005. Effective communication and smooth administration of academic libraries in the 21 st century: a new paradigm in Nigeria. Library Philosophy and Practice, 8(1). Okoro, U. R., Kuyoro, S. O., Makinde, A., Otuza, C. E., Egwuonwu, T. 2014. The Cooperative Prefix Design Approach: A Worked Sample-BUHR Mobile Solution. Proceedings of 1st International Conference on Advanced Computerized Systems and Emerging Technologies ICASET 2014, 1:34-38 UCL 2011. Library Survey 2011: undergraduates. The University of Chicago Library. Assessment Project Team, Executive Summary-Survey analysis. 30pp Singh, J. and Kaur, T. 2009. Future of academic libraries in India: challenges and opportunities. Being a paper presented at the international conference on academic libraries (ICAL) held at the University of Delhi, India 2009. P.52 Krubu, D. and Osawaru, K. 2010. The impact of information and communication technology in Nigerian university libraries. Library Philosophy and Practice, available at: http://digitalcommons.unl.edu (date retrieved: 15/08/2015).

Figure 11: Snapshot of the Find-our-Library Branches Interface

CONCLUSION The practicability of utilizing the customized mobile app for library information services is hinged on the degree of acceptance, staff mobile app literacy skill, supportive budget by the parent organization, and patron’s willingness to adapt to the stipulated procedures. It is quite obvious that academic libraries, particularly Babcock University’s Laz Otti Memorial library will find RAVAN mobile app very useful, as it seeks to close the gap between the users’ desire to seek information outside the library via their phones and the visit to the physical library. It is therefore recommended that the library management should admit the proliferation of mobile app in order to reach patrons as the degree of patronage herewith is low; the library should have a log for both physical and online user visitation demographic to the library; interim solution such as RAVAN should be installed as to bridge the identified gap in this study, rather than go totally virtual or manual. In addition to the mobile app admission, the University library web pages should have a single linkable source that adapts to the procultural responsive design which endorses a convert from “old book mobile” to “new book mobile” REFERENCES Abubakar, B. M. 2011. Academic libraries in Nigeria in the 21st century. Library Philosophy and Practice

289

1st International Conference on Applied Information Technology

7-9 October, 2015

SIMILARITY MEASURES IN ELECTRONIC TEST AT ENGLISH LANGUAGE A. A. Adesanya and A. T. Akinwale Department of Computer Science, Federal University of Agriculture, Abeokuta, Nigeria [email protected] and [email protected] Abstract:This paper used similarity measures to automate manual marking of student test at English Language. The employed similarity measures are Jaccard, Dice and Overlap. Questionnaires were designed and distributed to primary school pupil to fill on English Language test. The test of English Language sentences were disarranged for pupils to re-arrange in the appropriate manner which were denoted by a unique letter that serves as input data to the system. The tutor answer (text) and pupil answer (pattern) were stored as a text file. Program interface was designed based on Dice, Overlap, and Jaccard methods on Java programming Language. Processing time was also included in the program to know the time each method takes to execute the tutor text and pupil pattern matching. Due to the volume of the test, the total average similarity measure and standard derivation were used to determine the performances. The result indicates that the three methods could be applied in electronic test at English Language, however, overlap similarity measure is more efficient than the other two methods. Keywords: e-test, pattern matches, similarity measures, string matching. components of parameter set and approximate value sets of the overlapping parameters. The efficiency of the proposed measure was compared with existing soft set similarity measures through numerical examples. An application of the new similarity measure in solving a financial diagnostic problem was also illustrated by the authors. Jaccard similarity coefficient method was used to compare the proximity of the data in the process data. This method can be given the proximity of the two data sets efficiently without the use of data redundancy. Overlap similarity measure was used to measure the similarity between each pair of path in two trees by N. Hasana, et al. The method has advantage to measure trees that possess the same structure and leaf nodes but different internal node. Myoung-Cheol Kima, Key-Sun Choib, used Dice, Jaccard and Cosine measure the proper selection of additional search term in query expansion. In finding the fitness values of web retrieved documents using genetic algorithm, Jaccard, Dice and Cosine similarity coefficient were compared to find the best fitness value by Vikas Thada and Dr. Vivek Jaglan.

INTRODUCTION Computer based tests are used for a variety of purposes. With the advancement from traditional paper-based tests to technologically advanced electronic tests, people reap the benefit of easier access and faster response time of processing examination results. For instance, the system may be developed to test for the correctness of English Language grammar which would remove manual checking by the teachers and save time. It is practicable to computerize automatic grading of English Language grammar using string matching methods since they have been successfully applied in information retrieval systems such as text retrieval, pattern matching, image processing, and natural languages. In this context, a key assumption is that similarity between words is a consequence of word co-occurrence, or that the closeness of the words in text is indicative of some kind of relationship between them, such as synonymy. The fact that word co-occurrence is a simple idea; there are a variety of ways to estimate word co-occurrence frequencies from text. Two words can appear close to each other in the same document, passage, paragraph, and sentence or fixed-size window. This work demonstrates the use of similarity measures of Dice, Jaccard and Overlap to automate manual grading of English language grammar tests.

METHODOLOGY In evaluating the similarity measure in electronic test at English language grammar, the following methods are used. Dice method In evaluating one term against another term, Dice similarity is chosen because it is popular and widely used in analogous text of retrieval systems. This measure takes into account the length of terms. The coefficient values vary between zero and one. If two terms have no characters in common, then the coefficient value is zero. On the other hand, if they are identical, the coefficient value will be one. For two strings s1and s2, the Dice coefficient is measured as:

LITERATURE REVIEW Many different tests have been proposed to measure the strength of word similarity or word association in natural language texts (Dunning, 1993; Church and Hanks, 1990; Dagan et al., 1999). Word similarity measures play an important role in information retrieval and in many other natural language applications, such as the automatic creation of thesauri (Grefenstette, 1993; Li and Abe, 1998; Lin, 1998) and word sense disambiguation (Yarowsky, 1992; Li and Abe, 1998). Nor Hashimah Sulaiman and Daud Mohamad proposed a novel similarity measure for soft sets which were based on Jaccard similarity coefficient. The proposed similarity measure took into consideration two

( (1)

290

)

( (

( ( )) ((

)) (

))

1st International Conference on Applied Information Technology

( ) is the number of where character bigrams found in both string s1 and s2, n-gram (s1) is the number of bigram in string s1 and n – gram(s2) is the number of bigram in string s2.

7-9 October, 2015

Jaccard method The Jaccard index, also known as the Jaccard similarity coefficient (originally coined coefficient de communauté by Paul Jaccard), is a statistic used for comparing the similarity and diversity of sample sets. The Jaccard coefficient measures similarity between sample sets, and is defined as the size of the intersection divided by the size of the union of the sample sets:

For example, if s1 is “abisola” with bigrams of ( ab, bi, is, so, ol, la ) and s2 is “abusola” with bigrams of ( ab, bu, us, so, ol, la ).

(

ab, bi, is, so, ol, la



)

…………..(3) where |XY| denotes the sum of all digits after AND-ing the binary equivalent of X and Y.

ab, bu, us, so, ol, la

(

)=4

|X Y| denotes the sum of all digits after OR-ing the binary equivalent of X and Y.

n-gram (s1) = 6

For-example, X = “ABC” and Y = “BAC”, then A = 1000001 B = 1000010 C = 1000011 X=100000110000101000011 Y=100001010000011000011 XY = 1 0 0 0 0 0 0 1 0 0 0 0 0 0 1 0 0 0 0 1 1 X Y=100001110000111000011 |XY| = 5 |X Y| = 9

n-gram (s2) = 6 Dice method is

Overlap method The overlap coefficient is a similarity measure related to the Jaccard index that computes the overlap between two sets which is defined as follows:

(

)

….. ..(2) IMPLEMENTATION AND RESULTS

where | X  Y| denotes the number of matching string between X and Y.

Experiment All methods explain earlier, were implemented in JAVA Programming Language. The experiment was conducted on HP Laptop with AMD Athlon(tm) II P340 Dual-Core 2.20GHz and 3GB memory, running a 32bit window 7 operating system. Sentences of words in English Language were dis-arranged for pupils to re-arrange accordingly which are denoted by a unique letter that serves as input data to the system. The combination of these unique letters form strings code. In learning English Language, pupils are expected to be able to write a good sentence. To test the knowledge of English Language pupil, a questionnaire was designed for them to fill by arranging a disarranging sentence (making the incorrect sentences to be correct). The sequence unique letter formed by the pupils represents pattern matching while the correct unique letter form by the tutor is the text matching. Ten questionnaires were distributed containing hundred questions each. For instance, table 1 illustrates one of the sample results generated from the administered questionnaires.

Min( |X|, |Y| ) denotes the minimum length between length X and length Y. If set X is a subset of Y or the converse then the overlap coefficient is equal to one. For-example, X is “Abisola” and Y is “Abusola” X= A

b

i

s

o

l

a

Y= A b u |X  Y| = 6 |X| =7 |Y| = 7 Min(|X|, |Y|) = 7

s

o

l

a

(

)

291

1st International Conference on Applied Information Technology

7-9 October, 2015

Table 1: Results generated from administered questionnaires Q.

P1

P2

P3

P4

P5

P6

P7

P8

P9

P10

1 2 3 4 5 6 7 8 9 10

FDCBEA DECAB DCBA DCBA DCBA DCBA DCBA DCBA DCBA DACB

FDEBCA ECABD BDCA CBAD ACBD BDCA CADB CBDA BACD DACB

CAEBFD ABCED BDCA CBAD DACB BDCA DBCA CADB DACB DCBA

FAEBCD EABDC BDCA CBAD DACB BDCA DBCA BDCA DCBA DACB

FAEBCD EABDC BDCA CBAD DACB BDCA DBCA BDCA DCBA DACB

FAEBCD EABDC BDCA CBAD CBAD BDCA DBCA BDCA DCBA DACB

EFABCD ECABD BDCA CBAD DACB BDCA DBCA BADC DACB DACB

FAEBCD EABDC BDCA CBAD DACB CADB DBCA BDCA CDBA DACB

CAEBFD EABDC DBCA CBAD DACB DBCA ACDB BDCA DCBA DACB

ECABFD EABDC BDCA BADC DACB BDCA DBCA CBDA DCBA DACB

Table 2: Similarity values of each method Question

1.

Pattern

Text

Ratio

Dice

Overlap

Jaccard

FDCBEA FDEBCA CAEBFD FAEBCD BAEFDC FAEBCD EFABCD FAEBCD AFBECD ACEBFD

FAEBCD FAEBCD FAEBCD FAEBCD FAEBCD FAEBCD FAEBCD FAEBCD FAEBCD FAEBCD Time

2/6 4/6 4/6 6/6 2/6 6/6 3/6 6/6 2/6 3/6

0.000 0.400 0.400 1.000 0.200 1.000 0.400 1.000 0.200 0.200 0.008

0.333 0.667 0.667 1.000 0.333 1.000 0.500 1.000 0.333 0.500 0.003

0.579 0.765 0.765 1.000 0.579 1.000 0.667 1.000 0.429 0.667 0.448

2/5 1/5 3/5 2/5 1/5 5/5 3/5 5/5 2/5 3/5

0.000 0.000 0.000 0.000 0.000 1.000 0.250 1.000 0.250 0.500 0.005

0.400 0.200 0.600 0.400 0.200 1.000 0.600 1.000 0.400 0.600 0.001

0.714 0.500 0.714 0.600 0.600 1.000 0.846 1.000 0.600 0.846 0.076

2. DEBAC ECABD EDBAC EDBCA AEDBC EABDC EACDB EABDC ABEDC AEBDC

EABDC EABDC EABDC EABDC EABDC EABDC EABDC EABDC EABDC EABDC Time

292

1st International Conference on Applied Information Technology

7-9 October, 2015

Table 2, shows sample of each question with individual similarities and processing time of each method, the ratio implies the matched string between the text generated by the tutor and the pattern matches by the students. The degree of similarity values between pattern matches answered by the individual student and text matches generated by the tutor, Jaccard similarity showed higher similarity, followed by Overlap method then Dice method. The processing time for each method shows that Jaccard has the highest processing time, followed by Dice, Overlap. It is observed that having the same ratio irrespective of the position, Overlap method maintains its values, Dice similarities values and Jaccard similarities values change when having the same ratio at different position. Comparing the result with three experts who did manual marking, Overlap method has almost the same values as that of the experts. Table 3 illustrates the total average similarity values of each method with the number of pattern matches; it also shows the average total values of the expert.

Figure 1: Average Similarity.

Table 3: Comparison average results generated by methods with experts. Similarity Measures

Number

Average Similarity Values

Dice

100

0.5347

Overlap

100

0.6298

Jaccard

100

0.7783 Figure 2: Average Processing Time.

Experts

100

0.6211

CONCLUSION In this paper, English Language test was used to measure the performance of Dice, Jaccard and Overlap similarity measures. The outcome of the results indicated that Jaccard is better than the other methods in terms of similarity values when it comes to searching for a related pattern. However, Jaccard is not accurate when it comes to comparison between text (tutor answer) and pattern (pupil answer) in English language test. Thus from the results obtained, it can be concluded that in terms of processing time and similarity value, Overlap is highly encouraging and better than Jaccard and Dice methods.

Figure 1 and 2 illustrate the average similarity values and processing time of the three methods using 100 patterns and test matches respectively. Looking at the figures, similarity values of Jaccard is very high together with processing time. The processing time of overlap is very low compared to the other methods.

REFERENCES Dunning T.. 1993. Accurate methods for the statistics of surprise and coincidence. Computational Linguistics, vol. 19, 61–74.

293

1st International Conference on Applied Information Technology Church K. W., Hanks P. 1990. Word association norms, mutual information, and lexicography. Computational Linguistics, 16(1):22–29. Grefenstette T., 1993. Automatic thesaurus generation from raw text using knowledge-poor techniques. In: Making sense of Words. 9th Annual Conference of the UW Centre for the New OED and text Research. September 1993. Yarowsky D., 1992. Word-sense disambiguation using statistical models of Roget’s categories trained on large corpora. In Proceedings of COLING-92, pages 454–460, Nantes, France, July. Hang L., Naoki A. 1998. Word clustering and disambiguation based on co-occurence data. In COLINGACL, pages 749–755. Nor H S., Mohamad D. 2012: A Jaccard-based Similarity Measure for Soft Sets. Mathematics Department, Faculty of Computer Sciences and Mathematics, University Teknologi MARA, 40450 Shah Alam, Selangor, MALAYSIA, [email protected], [email protected]. Hasana N., Adam M. B., Mustapha, N., Abu Bakar M. R. 2012, Similarity measure exercise for classification trees based on the classification path.

7-9 October, 2015

Faculty of Science and Mathematics, Universiti Pendidikan Sultan Idris 35900 Tanjong Malim, Perak, Malaysia. Institute for Mathematical Research (INSPEM) Universiti Putra Malaysia 43400 UPM Serdang, Selangor, Malaysia. Myoung-Cheol K,, Key-Sun C. 1998, A comparison of collocation-based similarity measures in query expansion. a. Department of Computer and Information Science, SungKongHoe University, 1-1 Hang-dong, Kuro-Ku, Seoul, 152-716, South Korea b. Department of Computer Science, Korea Advanced Institute of Science and Technology, 373-1 Kusungdong, Yusung-Ku, Taejon 305-701, South Korea. Vikas T., Vivek J., 2013. Comparison of Jaccard, Dice, Cosine Similarity Coefficient To Find Best Fitness Value for Web Retrieved Documents Using Genetic Algorithm a.Research Scholar Department of Computer Science and Engineering Dr. K.N.M University,Newai, Rajasthan, India. b. Department of Computer Science and Engineering Amity University , Gurgaony, Haryanae, India International Journal of Innovations in Engineering and Technology (IJIET), Vol.2 Issue 4 August . SSN: 2319-1058.

294

1st International Conference on Applied Information Technology

7-9 October, 2015

PRIVACY PRESERVING DATA PUBLISHING OF MULTIPLE SENSITVE ATTRIBUTES: A TAXONOMIC REVIEW S. A. Onashoga1, B. A. Bamiro2, A. T. Akinwale3 and J. A. Oguntuase4 1,3

Department of Computer Science, Federal University of Agriculture, Abeokuta, Nigeria. 2 Department of Computer Science, Lagos State University, Ojo, Nigeria. 4 Department of Mathematics, Federal University of Agriculture, Abeokuta, Nigeria. 1

[email protected] and [email protected]

Abstract: Privacy Preserving Data Publishing (PPDP) develops methods and tools for publishing data in a hostile environment to achieve the dual goal of privacy preservation of the record owners and the usefulness of the anonymized data to the data recipients. Most research work on privacy preservation of Microdata focused on Single Sensitive Attribute (SSA) datasets very few work exist on Multiple Sensitive Attribute (MSA) datasets. Motivated by the degree of impact publishing will have on SSA and MSA, this work is a taxonomic review of PPDP and its approaches with regards to Microdata with SSA and MSA and the effect of these approaches on privacy and utility of the released version. Evaluation of Publishing models, algorithms, techniques and the PPDP taxonomy tree are major contributions of this work. review of PPDP and Microdata with sensitive attributes and its impact on privacy and utility. Privacy preserving data publishing while seeking the anonymization of dataset before its release undoubtedly aids the research community by providing released dataset version that can be used for different forms of analytics by Government and corporations. More often than not the preservation of privacy of real data owners will invariably degrade data utility. The degradation will be mild with regards to SSA and will be more with MSA, hence this taxonomic review of PPDP approaches and its impact on released dataset version with regards to privacy and utility. In this work we present a survey of privacy preserving data publishing models, algorithms and anonymization techniques for preserving privacy in a Microdata with single sensitive attributes and multiple sensitive attributes. The impact of these approaches on SSA and MSA, with regards to privacy and utility. It also presents the PPDP taxonomy tree which to the best of our knowledge is the first in capturing the elements of the practice of PPDP.

INTRODUCTION The governments, corporations, companies, establishments and institutions now rely heavily on qualitative high utility data for greater insight into qualitative and effective decision-making on the one hand and operational efficiency and evaluation on the other. Consequently, mutual benefit has facilitated information sharing among concerned parties and stakeholders, based on public interest or regulation. Sharing of huge collections of data necessitate its publication in one form or the other. This data in its original form, more often than not contain personally identifiable and sensitive information, the sharing of which could potentially violate individual privacy. Fung et al. (2010) revealed that the general public expresses serious concerns on their privacy and the consequences of sharing their person-specific information. Xu et al. (2014) reported similar threat in a study where approximately 87% of the population of United States of America can be uniquely identified by a given dataset published for the public. In order to protect individual privacy violation in shared data scenario, Privacy Preserving Data Publishing (PPDP), develops methods and tools for publishing data in a hostile environment to achieve the dual goal of privacy preservation of the record owners and the usefulness of the anonymized data to the data recipients. The maxim in the field of PPDP is publish data not data mining results (Fung et al., 2010). Han et al. (2013), noted that majority of work in the field of PPDP applied privacy preservation techniques, models and metrics on Microdata table with Single Sensitive Attribute (SSA) and very few work exist on Multiple Sensitive Attribute (MSA). This work is a taxonomic

PHASES IN PPDP Typical data publishing scenario shown in figure 1, has two phases; data collection phase and data publishing phase. In the data collection phase, the data holder collects data from record owners. In the data publishing phase, the data holder employs the expertise of the data publisher to anonymize the data and subsequently releases it to the different categories of data recipients, who may then conduct data analytics and mining on the published data.

295

1st International Conference on Applied Information Technology

7-9 October, 2015

Figure 1: A Simple Model of PPDP Fung et al. (2010) classified Data Holder into individuals from being disclosed (Shah & Gupta, two models; the untrusted and trusted model. In the 2013). When a dataset contains a single sensitive Untrusted model, the data holder is not trusted and attribute column it is referred to as a single sensitive may attempt to identify sensitive information of the attribute (SSA) dataset. If it contains more than one record owners. In the trusted model, the data holder is sensitive attribute columns it is referred to as a trusted and record owners are willing to provide their multiple sensitive attribute (MSA) datasets information to the data holder. However, this trust is not transitive to the data recipients. Non-sensitive attributes The data holder has a table of data of the following These are attributes such as town and country of data classification format; residence that do not fall into earlier classifications T(Explicit_Identifier, Quasi_Identifier, and contain non-sensitive information about the Sensitive_Attributes, Non-Sensitive_Attributes) record owner. Mohan et al. (2012) cautioned that attributes of this kind cannot be neglected when protecting a data set, because they can be part of a Explicit Identifier Explicit identifiers are aspect of Personally quasi-identifier. Identifiable Information (PII) that explicitly or unambiguously identifies record owners. These are THE PPDP TAXONOMY attributes such as full name, social security number The Taxonomy of figure 1.0 depicts the elements (SSN), passport number, staff ID. Since the objective of the research area of PPDP. These elements as of PPDP is to prevent linking attributes to record shown includes privacy and attack models, owners, this type of attributes are removed in the anonymization or privacy preservation techniques, preprocessing phase of the original dataset before publishable data and their attributes, information publishing (Fung et al., 2010; Mohan et al., 2012) metrics and publishing criteria such as the goal and mode of publishing. Quasi Identifier Quasi means almost but not quite. Hence, quasi ATTACK AND PRIVACY MODELS identifiers are aspect of Personally Identifiable In this section we first discuss the attack model Information that indirectly identifies a person or followed by the privacy models to thwart it. could potentially identify record owners. These are set of attributes, such as age, sex, height, Attack models zip code, state, etc. These attributes when taken Fung et al. (2011) reported that privacy threats together or linked with external information could reand attacks by adversary occur when an adversary is identify individual record owners (Sigh & Parihae, able to link a record owner to a record in a published 2013; Mogril et al., 2013) data table, to a sensitive attribute in a published data Sensitive Attributes table, or to the published data table itself. These are Sensitive attributes are any class of information classified as record linkage, attribute linkage, and whose unauthorized disclosure could be embarrassing table linkage respectively. In all three types of or detrimental to the individual (Minelli et al., 2013). linkages, it is assumed that the adversary knows the It consists of sensitive person-specific information QID of the victim. In record and attribute linkages, it such as diseases, salary, disability status, religion, is assumed that the adversary knows that the victim’s political affiliation etc., of record owners (Fung et al., record is in the released table, and seeks to identify 2010; Mohan et al., 2012). These attributes are the victim’s record and/or sensitive information from related to individual’s medical status, bank details, the table (Fung et al., 2011). In table linkage, the property details etc., (Nidhi et al., 2012). It is attacker seeks to determine the presence or absence necessary to protect this sensitive information of of the victim’s record in the released table or in

296

1st International Conference on Applied Information Technology

7-9 October, 2015

continuous releases (5) it reveals individual’s sensitive attributes.

situation where there are multiple releases; a join attack may be initiated among two or more releases. Probabilistic attack focuses on how the adversary’s probabilistic belief on the sensitive information of a victim will influence inference after accessing the published data.

i-diversity Machanavajjhala et al. (2006) proposed idiversity privacy model to overcome major shortcoming of k-anonymity with respect to background knowledge and homogeneity attacks. This model provides privacy in situation where the publisher does not know the kind of knowledge that the adversary possesses. This model requires that the values of the sensitive attributes are well-represented in each equivalence group. i-diversity was implemented on a single categorical sensitive attribute of a microdata using generalization (Machanavajjhala et al., 2006). Das and Bhattachary (2012) applied i-diversity and decomposition+ coupled with noise addition for anonymization of multiple sensitive attribute of a microdata. Li et al. (2012) and Sigh (2014) applied i-diversity on single sensitive microdata using slicing technique. Slicing according to Li et al. (2009), partitions the dataset both vertically and horizontally. Vertical partitioning is done by grouping attributes into columns based on the correlations among the attributes. Each column contains a subset of attributes that are highly correlated. Horizontal partitioning is done by grouping tuples into buckets. Finally, within each bucket, values in each column are randomly permutated (or sorted) to break the linking between different columns. Li (2010) showed the comparative benefit of slicing over generalization and bucketization. Vijay and Kanchan (2013) reported that their workload experiments verify the fact that slicing preserves better utility than generalization and more effective than bucketization with regards to sensitive attributes. Dinesh et al. (2013) also emphasized that slicing is better than generalization and bucketization with regards to data utility and protection. Ravindra and Devi (2013) corroborates that slicing overcomes the limitations of generalization and Bucketization Malathi and Nandagopal (2014) proposed overlapped slicing for SSA, Singh (2014) proposed slicing and idiversity for privacy preservation of single sensitive microdata. Rachita et al. (2014) applied i-diversity privacy on single sensitive microdata using robust slicing technique. Xuezhen et al. (2014) proposed (V,L)-anonymity to thwart vulnerability in sensitivity of data value through the application of sensitive levels. This model which is suitable for single sensitive and multiple sensitive situation, is theoretically validated by (i1,i2)-diversity. Li et al. (2007) identified some limitations of idiversity as, (1) it is difficult to achieve i-diversity when sensitive attribute is just one (2) it is

PRIVACY MODEL AND ANONYMIZATION TECHNIQUES FOR DATASET WITH SSA K-anonymity K-anonymity is a privacy model proposed by Samarati and Sweeney (1998), to protect against identity disclosure. It requires forming an equivalence group with at least k records, making each record indistinguishable from at least k-1 other records with respect to QID. The probability of inferring a victim is at most 1/k. Xu et al. (2014) showed the implementation of this privacy model using generalization and suppression anonymization techniques. Generalization operation requires specific taxonomy tree on the basis of which specific and exact values are replaced by general and interval values. Variants of generalization schemes have been reported by Chen (2012) as global recoding, regional recoding and local recoding scheme. In global recoding all instances of a value are generalized, regional recoding requires different attribute values generalized to different levels. Local recoding allows some instances to be generalized while others remain unchangedAktas et al. (2014) performed full-domain generalization (global recoding) on personal health records based on lattice and predictive tagging called generalization lattice, in other to achieve k-anonymity and i-diversity on Mashup of health dataset. Xuezhen et al. (2014) proposed (w, γ, k)-anonymity, to thwart generality attacks on numeric and categorical attributes using top-down local recoding for implementation. Suppression technique does not require a given taxonomy tree, its operation replaces some attributes values by special symbol such as “ * ” or “any” (Chen, 2012). Three suppression schemes were reported by Chen (2012); record suppression, values suppression and cell suppression. An entire record is suppressed under record suppression. Value suppression enforces the suppression of every instance of a given value, while cell suppression applies to some instances of a value while others remain unchanged. Mogre et al. (2012) identified the following limitations of k-anonymity; (1) it does not protect against background knowledge attack, (2) knowledge of k-anonymity can violate privacy (3) its application on high-dimensional data result in high degradation of data utility (4) it is not suitable for sequential and

297

1st International Conference on Applied Information Technology insufficient to prevent attribute disclosure in scenarios such as skewness and similarity attack (AlYarimi & Minz , 2012). Consequently t-closeness another privacy model was introduced to accommodate these limitations. t-closeness Li et al. (2007) proposed t-closeness privacy model to guide against skewness and similarity attack. This privacy model requires the closeness of

7-9 October, 2015

the distribution of sensitive attribute in an equivalence group to that of the entire dataset. Fung et al. (2011) identify several limitations and weaknesses of this model which includes; (1) inflexibility in specifying different level of protection for different sensitive values, (2) it cannot prevent attribute linkage in numerical sensitive attribute due to the limitation of the EMD function, (3) its enforcement degrade data utility and quality.

Figure 2: The PPDP Taxonomy result. Clifton and Tassa (2013) identified the drawback of how to determine and set the privacy e-differential privacy Dwork (2006) proposed e-differential privacy budget for data releases. which was implemented using additive noise, to thwart probabilistic attack. This privacy model LKC-Privacy compare and ensure that the risk associated with the Mohammed et al. (2009), proposed LKCpresence and absence of a single record in a dataset is privacy to thwart high degradation of data utility due not significant enough to affect the result of the to high-dimensionality of data. They adopted topanonymization outcome or result. Mohammed et al. down approach for generalizing relational data while (2012) applied a DiffGen algorithm on heterogeneous preserving data utility for classification analysis. health data to achieve differential privacy. Jafer et al. Mohammad et al. (2009) applied this privacy model (2014) propose the TOP_Diff algorithm which on RFID data by adopting heuristic algorithm that employs feature selection to achieve differential suppresses violating pairs and preserves maximal privacy on a k-anonymous dataset. Mohammed et al. frequent sequences of high-dimensional RFID (2009) observed that most work on differential trajectory dataset. Ghasemzadeh et al. (2014) adopted privacy is based on interactive privacy model where LKC-privacy model for anonymizing trajectory data query results are in aggregated form. Clifton and for passenger flow analysis using hybrid approach Tassa (2013) noted that this privacy model addresses which combines global and local suppressions to the problem of violation of privacy with regards to achieve reasonable tradeoff between data privacy and multiple queries. It provides differentially private information quality. Fung et al. (2011) apply a topanswers to queries by the introduction of different down specialization algorithm called highdegree of additive noise to each query response or dimensional top-down specialization (HDTDS) to

298

1st International Conference on Applied Information Technology achieve LKC-privacy by subtree generalization of high-dimensional data from Red Cross Blood Transfusion Service (BTS) in Hong Kong.

7-9 October, 2015

ratio consequent upon the generalization and suppression of all quasi-identifier attribute in all the equivalence class. Han et al. (2013) proposed SLicing On Multiple Sensitive (SLOM) and MSB-KACA algorithm based on -diversity for privacy preservation of MSA of a dataset. SLOMs partition attributes into several sensitive attribute tables and one quasi-identifier table. The quasi-identifier values are generalized based on k-anonymity principle, the sensitive values are sliced and bucketized to satisfy -diversity requirement. This approach may lead to a large suppression ratio and information loss due to tuple suppression of sensitive attributes to enforce diversity on the one hand and the generalization of quasi-identifier attributes on the other. High data degradation may be the resultant tradeoff for privacy preservation. Liu et al. (2014) proposed multiple numerical sensitive attributes via clustering and multiplesensitive bucketization (MNSACM), which is based on the ideas of clustering and multi-sensitive bucketization (MSB). This approach adopt MSB algorithm for clustering of the numerical sensitive attributes and quasi-identifier attributes for each matching buckets are suppressed. Although the clustering algorithm preserves data utility of the numerical sensitive attribute, but the suppression of all quasi-identifier attribute within each equivalence class leads to high suppression. This approach is only suitable for multiple sensitive numerical attributes and not proposed for categorical attributes.

PRIVACY MODEL AND ANONYMIZATION TECHNIQUES FOR DATASET WITH MSA Most work discussed so far focused on privacy preservation of Single Sensitive Attributes (SSA) in a dataset, while few work exist on anonymization of Multiple Sensitive Attributes (MSA). Ye et al. (2009), proposed decomposition for privacy preservation of multiple sensitive attributes. Decomposition was implemented on MSA through the formation of SA-groups which must conform with the ( )-diversity principle. To satisfy ( )-diversity principle, one of the multiple sensitive attributes is chosen by the publisher as a Primary Sensitive Attribute (PSA). The PSA is enforced to have the distinct attribute and a noise value is included in the remaining MSAs that are not PSA to satisfy ( )-diversity principle based on Linkable Sensitive Values (LSV).The LSV is the resultant Si from the natural link of the SA-group and the Sensitive attribute table Ts. Das and Bhattachariyyah (2012) observed the following drawbacks of Decomposition: (i) -diversity is applied on the PSA and not on other SAs, (ii) noise addition degrades data utility (iii) not suitable for dynamic publishing scenarios. it is not suitable for high-dimensional dataset due to curse of dimensionality. In order to improve on Decomposition, Das and Bhattachariyyah (2012) proposed Decomposition+ on MSA. In addition to Decomposition technique, this approach adopted the concept of inference channel to ensure that for multiple scenario releases, every release must be inference-free from all previous releases. It also adopted the Hierarchical Distance to choose a noise value that is not random as in decomposition, but closest to the outlier sensitive values. The noise value and the enforcement of ( )-diversity will aid privacy but impact on data utility for high-dimensional dataset which are known to suffer from the Dimensionality Curse. Liu et al.(2012), proposed a new k-anonymity algorithm for preserving privacy in datasets with multiple sensitive attributes based on greedy strategy. Each sensitive attribute columns are classified into highly sensitive attribute and lowly sensitive attribute. Equivalence classes of size K are evenly filled with highly sensitive attributes. The quasiidentifier attributes for each of these classes are generalized based on hierarchical taxonomy tree or suppressed. This approach favours privacy and security of the data owners as a tradeoff for the aggregate data utility based on the high suppression

CONCLUSION This study shows that the different privacy models improve on weaknesses of earlier ones based on the privacy threat posed by attackers and adversaries. These improvements affect privacy and data utility depending on the enforcement techniques for achieving the privacy models. Enforcement techniques and approaches for preserving privacy in dataset with SSA if applied to MSA will lead to high data degradation. Hence, there is need for improvement on algorithms for enforcing privacy models on dataset especially those with MSA to ensure privacy preservation and low data degradation thereby improving data utility. REFERENCES Aktas P., Sever H. and Aydos M. 2014. Role-based privacy-preserving health records distribution. 2nd International conference on e-health and telemedicine, ICEHTM 2014 Al-Yarimi F.A.M. & Minz S. 2012. Data Privacy in Data Engineering, the Privacy Preserving Models and Techniques in Data Mining and Data Publishing:

299

1st International Conference on Applied Information Technology Contemporary Affirmation of the Recent Literature. International Journal of Computer Applications (0975 8887),Vol. 60, No. 3, December,2012. Chen R..2012.Toward Privacy in High-Dimensional Data Publishing. Retrieved from, http://www.spectrum.library.concordia.ca/974691/4/ Che_PhD_F2012.pdf Clifton C. and Tassa T. 2013.On Syntactic Anonymity and Differential Privacy. Transactions on Data Privacy 6(2013) 161-183. Das D. and Bhattacharyyu D.K 2012. Decomposition+:Improving l-diversity for Multiple Sensitive Attributes.Retrieved from https://devayon.files.wordpress.com/2012/05/decomp ositon-plus-ddas-dkb.pdf Dwork, C. 2006. Differential Privacy. In Proceedings of The 33rd International Colloquium on Automata, Languages And Programming (ICALP). 1–12. Fung B.C.M, Wang K., Fu A.W, and Yu P. S.. 2011.Introduction to Privacy-Preserving Data Publishing Concepts and Techniques. Chapman & Hall/CRC Press,Taylor& Francis Group ,6000 Broken Sound Parkway NW, Suite 300 ,Boca Raton, FL 33487-2742.ISBN 978-1-4200-9148-9. Fung B.C.M. ,Wang K., Chen R. and Yu P. S.2010. Privacy-Preserving Data Publishing: A Survey of Recent Developments.ACM Computing Surveys, Vol. 42, No. 4, Article 14, Publication date: June 2010. DOI10.1145/1749603.1749605 http://doi.acm.org/10.1145/1749603.1749605 Han J.,Luo F., Lu J.and Peng H. 2013.SLOMS: A Privacy Preserving Data Publishing Methods for Multiple Sensitive Attributes Microdata. Journal of software,Vol. 8, NO. 12. Academy Publisher, December 2013.doi:10.4304/jsw.8.12.3096-3104 Huang X., Liu J., Han Z. and Yang J. 2014. A new anonymity model for privacy-preserving data publishing," Communications, China , vol.11, no.9, pp.47,59, Sept. 2014. DOI: 10.1109/CC.2014.6969710 Jafer Y., Matwin S. and Sokolova M. 2014. Using Feature Selection to Improve the Utility Of Differentially Private Data Publishing. International Workshop on privacy and security in healthcare(PSCare14). Procedia Computer Science37(2014)511-516. Published by Elsevier B.V.doi:10.1016/j.procs.2014.08.076. Li N., Li T. and Venkatasubramanian S. 2007. T Closeness: Privacy Beyond k-Anonymity and iDiversity. Published in Data Engineering, 2007.ICDE 2007. IEEE 23rd International Conference on 15-20 April 2007. EISBN: 1-4244-0803-2 Li T. and Li N. 2009. On the Tradeoff between Privacy and Utility in Data Publishing. Proc. ACM

7-9 October, 2015

SIGKDD International Conference Knowledge discovery and datamining (KDD),pp.517-526,2009. Li T., Li N., Zhang J. and Molloy I..2009. Slicing: A New Approach to Privacy Preserving Data Publishing. Retrieved from, http://www.javab4u.com/project/basepapers/java/Slic ing20A%20New%20Approach%20to%20Privacy%2 0Presering.pdf Li T. 2010. Privacy preservation in data publishing and sharing. Retrived from, https://www.cerias.purdue.edu/assets/pdf/bibtex_arch ive/2010-16.pdf Liu F, Yan J. and Weihong H.2012. A new kanonymity algorithm towards multiple sensitive attributes. IEEE 12th International Conference on Computer and Information Technology. DOI:10.1109/CIT.2012.157 Liu Q, Hong S, and Yingpeng S.2014. A privacypreserving data publishing method for multiple numerical sensitive attributes via clustering and multi-sensitive bucketization. IEEE Sixth International Symposium on Parallel Architectures, Algorithms and Programming. DOI:10.1109/PAAP.2014.56 Machanavajjhala A, Kifer D. and Gehrke.J.2006. i Diversity: Privacy Beyond k-Anonymity Retrieved from; http://www.cse.psu.edu/~dkifer/papers/ldiversityTK DDdraft.pdf Malathi T. and Nandagopal S. 2014.Enhanced Slicing Technique for Improving Accuracy in CrowdsourcingDatabases. International Journal of innovative research in science, engineering and technology. Vol 3, Issue 1, February 2014. Mogre N. V., Agarwal G. and Patil P..2013. Privacy Preserving for High-dimensional Data using Anonymization Technique. International Journal of Advanced Research in Computer Science and Software Engineering Research, Volume 3, Issue 6, June 2013. ISSN: 2277 128X Available online at: www.ijarcsse.com Mohammed N., Fung B. C. M., and Debbabi M.. 2011. Preserving Privacy and Utility in RFID Data Publishing. Retrieved from, http://spectrum.library.concordia.ca/6850/ ??year Mohammed N., Fung B. C. M., Hung P. C. K., and Lee C. K. 2009. Anonymizing healthcare data: a case study on the blood transfusion service. In ACM SIGKDD, 2009. Mohan A. K., Phanindra M. and. Prasad. M.K. 2012. Anonymization Technique for Data Publishing Using Multiple Sensitive Attributes. IJCST Vol. 3, Issue 4, Oct –Dec 2012 ISSN : 0976-8491 (Online) | ISSN : 2229-4333 (Print).148 International Journal of Computer Science And Technology,www.ijcst.com.

300

1st International Conference on Applied Information Technology Nidhi M., Kshitij P. and Narendra S. C.2012. Kanonymity Model for Multiple Sensitive Attributes.Special Issue of International Journal of Computer Applications (0975–8887) on Optimization and On-chip Communication, No.10. Feb.2012, ww.ijcaonline.org 51 Rachita M.V, Aparna R., Ruma P. and Nandita Y.2014. A Robust Slicing Technique for Privacy Preserving of Medical Data Store.International Journal of Innovative Research in Computer and Communication Engineering.Vol 2, Issue 2, May 2014 Ravindra S. W. and Devi K. 2013. Improving the implementation of new approach data privacy preserving in data mining using slicing. International Journal of Engineering Research and Applications (IJERA).Vol. 3, Issue 4, Jul-Aug 2013, pp. 119-122 119. ISSN: 2248-9622 Shah J. and. Gupta V.K..2013. Privacy Preservation for Knowledge Discovery: A Survey. IOSR Journal of Computer Engineering (IOSR-JCE) e-ISSN: 22780661, p- ISSN: 2278-8727Volume 9, Issue 5 (Mar. Apr. 2013), PP 36-43 www.iosrjournals.org. Singh A.P and Parihar D..2013. A Review of Privacy Preserving Data Publishing Technique. International Journal of Emerging Research in Management &Technology ISSN: 2278-9359 (Volume-2, Issue-6). June2013.

7-9 October, 2015

Sweeney L..2002. k-anonymity: a model for protecting privacy. International Journal on Uncertainty, Fuzziness and Knowledge-based Systems, 10 (5), 2002; 557-570.?? Sweeney. L..2002. Achieving k-anonymity privacy protection using generalization and suppression. International Journal on Uncertainty, Fuzziness and Knowledge-based Systems, 10 (5), 2002; 571-588.?? Vijay R. S. and Kanchan S. R.2013. A New Data Anonymization Technique used for Membership Disclosure Protection. International Journal of Innovative Research in Science, Engineering and Technology. Vol. 2, Issue 4, April 2013, ISSN: 23198753. Xu Y., Ma T., Tang M. and Tian W. 2014. A Survey of Privacy Preserving Data Publishing Using Generalization and Suppression. Applied Mathematics & Information Sciences 8, No.3,1103 1116(2014).http://dx.doi.org/10.12785/amis/080321 Ye Y., Liu Y., Lv D. and Feng J. 2009.Decomposition: Privacy Preservation for Multiple Sensitive Attributes. http://www.researchgate.net/profile/Jianhua_Feng2/p ublication/220787765_Decomposition_Privacy_Pres ervation_for_Multiple_Sensitive_Attributes/links/004 6351898fc30dec6000000.pdf

301

1st International Conference on Applied Information Technology

7-9 October, 2015

AN ONTO-CASEBASED REASONING FOR INTELLIGENT NEGOTIATION IN B2C E-COMMERCE 1

O. O. Oni, 2O. R. Vincent, 3A. S. Sodiya, and 4S. A. Makinde

1

2,3,4

Department of Computer Science, Gateway (ICT) Polytechnic, Saapade, Nigeria. Department of Computer Science, Federal University of Agriculture, Abeokuta, Nigeria.

[email protected]; [email protected]; [email protected]; [email protected] Abstract: Negotiation is a key aspect of business that has become core and mainstream of many e-commerce activities, such as auctions, scheduling, contracting, bargaining and so on, and is one area that can greatly benefit from intelligent automation. This work investigates how negotiation process can be conducted in shortest possible time with reduced cost using Case Based Reasoning (CBR) for the adaptive strategy in automated negotiation in multi-agents environment. The work also analyses negotiation process of B2C E-commerce using formal notations, which captures the relevant elements of agents’ behavior related to negotiation with other agents. A framework was developed for automated negotiation based on CBR rules that encodes the agents’ adaptive negotiation strategy where representation of the cases in the case repository was through semantics and structure ontology that is believe to facilitates ease of case retrieval and quick adaptation, given their algorithms. This is to ensure that the negotiation process is conducted on time with limited resources. Keywords: B2C E-commerce, CBR, Intelligent Negotiation, Ontology the growth of the economy (Karabey and Adar, 2014). In Distributed Artificial Intelligence (DAI), automated negotiation is an active research area that broadly covered three topics namely, the negotiation protocols, the negotiation strategies, and the agent‟s decision-making facility (Cao, 2012). Most literature only deals on negotiation protocol and strategies leaving decision making unexplored. Adjudged effective in this regard are exchange of offer protocol based on argumentative negotiation and prediction of opponent‟s negotiation behavior using adaptive strategies. Most extant studies have proposed negotiation protocols but combining adaptive strategy using CBR and utility function as decision making mechanism is seldom studied. Also, agent decision making ability improves when agent was made to learn from previous experience, as good negotiation skill in humans seems to come from experience (Wong et al., 2000). This makes this study important. Therefore, we proposed a multilateral automated negotiation using ontology supported case-based reasoning for adaptive strategy, in which agents negotiate using past experience and conduct negotiation timely and in cost effective manner. The ontology as formal representation of knowledge in a domain of interest is used to represent previous cases in a hierarchical form that facilitates efficient case retrieval and adaptation using similarity metrics, where new problems are solved given past relevant solution. The proposed methodology is expected to address some of the challenges encountered in previously proposed models such as: ineffectiveness in selecting

INTRODUCTION The remarkable growth experienced with Ecommerce is attributed to rapid developments and proliferation in both internet and mobile technologies. Negotiation is a joint decision-making process by parties with conflicting interests or preferences to reach an agreement or compromise (Cao and Dai, 2014). For dynamic trading, negotiation is a key aspect of business that has become core and mainstream of many e-commerce activities, such as auctions, scheduling, contracting, bargaining etc. (Al-Sakran, 2014). In contrast to traditional negotiation process which is often costly, time consuming and complex, the development of intelligent negotiation as facilitated by agents, gives simplicity to this process (Patrikar et al., 2014). This is because software agent is rational, autonomous, and reactive to its environment (Jennings et al., 2001). The simplest form of negotiation is bi-lateral that is, two agents negotiate on single or multi issues on behalf of their owners. However, when two or more agents negotiate with different constraints and preferences, it becomes very complicated. This is known as multilateral automated negotiation (Patrikar et al., 2014). Although, B2B and B2C are the two basic ecommerce business models in which automated negotiation has been extensively studied with major attention given B2B leaving B2C comparatively deficient. Meanwhile, as a retailing e-commerce, the importance of B2C cannot be overemphasized. For instance, it is highly convenient, offers quick response to requests and contributed enormously to

302

1st International Conference on Applied Information Technology appropriate case due to increase in the number of cases, high cost of network resources and time taken in adapting the selected cases for solving the new problem. For instance, the ontology allows easy representation of cases for proper identification in similarity metrics, while, the knowledge management module ensures cases are well managed to facilitate quick retrieval and adaptation.

7-9 October, 2015

knowledge with models of general domain knowledge. Dendani-Hadiby and Khadir (2012) opined that the more knowledge is embedded into the system, the more effective is expected to be. . Fuzzy reasoning is another type of AI technique that has been favored to model the behaviour of a negotiating agent. Balachandran, (2012) demonstrated an approach that models agents‟ preferences in fuzzy terms in the application domain for buying and selling of laptop computers. This model employs scoring function as a number value indicating the importance of users‟ preferences. The multi-issue negotiation protocol described in this system allows agents to follow a process, in order to end up with an optimal decision. Also, in Pooyandeh (2014), a fuzzy approach was considered to tackle the inherent uncertainties in the way stakeholders expressed their perspectives. Rather than attempting to find a unique, optimum solution regarding land development, an agreement was sought that was satisfactory at a minimum level to all stakeholders involved in the negotiation. Given this method, agents changed their attitude throughout the negotiation by changing the weights they assigned to different criteria within the interval determined by the obtained fuzzy weights. Furthermore, for any automated negotiation model to achieve its objective, the strategy should be carefully chosen along with well-defined protocol. Agents do exhibit different aims in a negotiation process. For instance, in an online products retailing, seller agent may tries to maximize profits while the buyer agent minimizes cost. In other word, the overall objective of an agent (buyer agent or seller agent) is to find a solution that maximizes the agent‟s utility at the highest possible level of constraint satisfaction subject to its acceptability by other agent (AbuNaser, 2012). Especially in multi-agent environment, multi-attribute utility theory has been demonstrated to be effective in this regards (Guttman and Maes, 1998; Al-Sakran, 2014). This Multi-objective decision analysis tool helps analyze preferences with multiple attributes. Despite its effectiveness, the success of the negotiation may be limited if the agent does not consider the experiences gained during the previous rounds of negotiation to make succeeding offers. Case based reasoning has been proposed to suffice for this purpose (Sun, 2002). CBR is, first of all, a kind of reasoning from its name. As we know, reasoning is an important problem solving tool in mathematics and logic. Thus CBR has found many applications in e-commerce as an assistant in e-commerce stores and as a reasoning agent for online technical support, as well as an intelligent assistant for sales support or for ecommerce travel agents. Its strength in this area not

LITERATURE REVIEW Recently, growth in global e-market has brought about a significant interest in the role and design of dynamic negotiation in electronic business transactions (Cao et al., 2015). Many researchers have studied this area in diversity. ` In Chen and Weiss (2013), a negotiation strategy called EMAR for environment that relies on a combination of Empirical Mode Decomposition (EMD) and Autoregressive Moving Average (ARMA) was proposed. EMAR enables a negotiating agent to acquire an opponent model and to use this model for adjusting its target utility in real-time on the basis of an adaptive concession-making mechanism. EMAR was found to be an effective strategy for automated bilateral negotiation in complex environments (multi- issue, timeconstrained, unknown opponents, and no prior domain knowledge). However, it can only be used in a one-to-one situation. Another work was developed for a multi-strategy negotiating agent system. The agent's conceptual model integrated the timedependent and behavior dependent tactics, based on the theory of Belief-Desire-Intention that was previously proposed in Cao, (2012). The strategy selection and negotiation concession model built upon the goal deliberation mechanism that enables a negotiating agent to select appropriate strategy dynamically in order to deal with the ever-changing opponent's offer and get agreement successfully. The model was limited to a bilateral negotiation between a buyer and a seller over the single issue of price. In modeling opponent‟s behaviour, it is imperative to note that the history of negotiation outcome; successes or failures may be stored for future references (Zheng and Peng, 2014). This will really help in the provision of adaptive negotiation strategies during negotiation process that emphasizes the use of previous negotiation experiences through case-based reasoning. However, CBR system may become less effective using similarity metrics. Some of the shortcomings occur during matching, adaptation and reuse of cases in solving new problem (Sun and Finnie, 2005) especially when the number of cases in the case-base increases. There is need for a methodology that will combine case specific

303

1st International Conference on Applied Information Technology only stems from its reuse of the case base, or experience base and case adaptation associated with a particular application but also from that CBR provides a comprehensive model for almost all ecommerce (Sun and Finnie, 2004). Since CBR rely mainly on similarity based type of reasoning, the major challenge thus is how to represent, retrieve or even adapt past known cases to solve the current problem. However, the use of semantics in the construction of cases in the case base by ontology can greatly improve these tasks in CBR. The focus of this work is then to design an improved case based reasoning technology using ontology for successful negotiation process in multi-agents environment. Several research works have also demonstrated the use of ontology in the learning mechanism for decision making efforts in multi-agents systems, especially as it relates to automated negotiation (Tamma, et al., 2005; Chen, et al., 1999). In Tamma, et al., (2005) ontology for supporting negotiation was presented. In their approach, agents can negotiate in any type of marketplace regardless of the negotiation mechanism in use. In order to support a wide variety of negotiation mechanisms, protocols are not hardcoded in the agents participating to negotiations, but are expressed in terms of a shared ontology, thus making this approach particularly suitable for applications such as electronic commerce. Wang et al. (2010) proposed an ontology mediated approach to organize the agent-based supply chain negotiation and equip the agents with sophisticated negotiation knowledge. The negotiation knowledge is structured through the usage of ontology, which is organized as a hierarchical architecture as well as a descriptive language. They opined that through this method, agents‟ negotiation behaviors will be more adaptive to various negotiation environments in accordance with different negotiation knowledge. It is important to note that majority of these works have addressed negotiation from two perspectives, the first approach takes the domain ontology as a whole and the second one seek to develop to ontology of CBR in negotiation process. Though the former have been well studied, it has the problem of ontology matching, which is the task of identifying the correspondences between elements of two ontologies (Alarabeyyat, 2014). The latter has however been greatly neglected. The ontology problem often arises, since different users may represent the same tasks differently, and adequate translation between these descriptions is likely to be nontrivial (Rahwan, 2004). This work then intends to fill this gap. In our methodology, cases are expressed in a formal way by Ontologies that facilitate knowledge sharing through explicit and formal specifications of the terms used in the CBR domain

7-9 October, 2015

and relations among them. This will not only assist the negotiation process in the speedy representation, adaptation, and retrieval of previous cases but also provides a platform in the CBR that ensures an agreement is reached for optimum deal by all negotiating parties on time and at the lowest possible cost. CASE-BASED REASONING FOR ADAPTIVE STRATEGY IN INTELLIGENT NEGOTIATION Case-based reasoning is a problem solving paradigm that in many respects is fundamentally different from other major AI approaches (Aamodt and Plaza, 1994). This reasoning method uses specific past experiences rather than a corpus of general knowledge. The idea of CBR is intuitively appealing because it is similar to human problem solving behavior (Dendani-Hadiby and Khadir, 2012). The task is therefore to find those previous cases which are most similar to the current problem. For such similar cases it can be expected that the know-how can be transferred to the new problem (Kowalski, et al., 2012). However, the construction of structured vocabulary using ontology attests to the fact that it is important to identify; then to formalize and model the explicit domain knowledge in order to memorize them. This method ensures that the new problems (cases) which exist in the domain, the concepts and properties that characterize them and the relations that link them are formally and explicitly represented. Therefore, the presented work in this work aims to design an adaptive strategy mechanism in the field of automated negotiation for B2C ecommerce and study how a synergy of ontology and CBR technologies could improve its efficiency. Also, two central classes of CBR tasks are interpretation and problemsolving. Interpretive CBR uses prior cases as reference points for classifying or characterizing new situations, while problem-solving CBR uses prior cases to suggest solutions that might apply to new circumstances. This work basically focuses on the problem-solving CBR. Whereas, for CBR systems to be successful, it is important to answer the following questions: (i) How are cases organized in a case base? (ii) How are relevant cases retrieved from a case base? (iii) How can previous cases be adapted to new problems? The CBR life cycle is shown in Fig. 1. CBR systems can be described in terms of generality level as performing the following four (4) steps: (a) RETRIEVE the most similar case (b) REUSE the case to produce a tentative solution of the input problem

304

1st International Conference on Applied Information Technology (c) REVISE the proposed solution if necessary, and Problem

(d) RETAIN while learn from this experience to improve performance in the future.

New Case Presented: only case description

learned new case: becomes old case

7-9 October, 2015

old cases

aborting due to not achieving minimum level of similarity

retrieve

general (domain) knowledge

m os t s im ilar old cas e

reuse

retain validated and evaluated potentially revised new case: case description, result and evaluation

problem solution

new case

solved new case: description of case and case result

revise

aborting due to unrealisable requirements

Figure 1: CBR Life Cycle (adapted from Kowalski et al., 2012) architectures, and hybrid architectures (Wooldridge The reasoning process based on the knowledge and Jennings, 1995). The proposed model is based on (“cases”) stored in the knowledge base is usually hybrid systems, which attempt to integrate divided into four phases found in CBR cycle, that is deliberative architectures and reactive architectures. retrieve, reuse, revise, and retain (Kowalski, et al., That is, the multi-agent system (MAS) consists of 2012). two subsystems; one is deliberative, another is reactive. The reactive subsystem is given some kind Onto-CBR Architecture Automated negotiation is an active area of research in of precedence over the deliberative one, so that it can e-negotiation in general and artificial intelligence in provide a rapid response to important environmental particular (Cao, 2012), Thus, several agent events (Sun, 2002). Thus, our proposed model in Fig. architectures have been proposed in the literature. 2 is designed as distributed four-tier architecture: the These agent architectures are classified into three mobile buyers‟ or static buyer, a mediator, and seller categories: deliberative architectures, reactive negotiation systems.

Case Base Ontology

Case Base Ontology

INTERNET

Seller agent 1 Seller agent 2 Seller agent 3

Seller server agent

Buyer wireless client (buyer agent)

Mediator site (mediator agent)

Buyer fixed client (buyer agent)

Web Application Interface (interface agent)

INTERNET

Knowledge Management Module

Figure 2: Onto-CBR Model Agents are used to communication between tiers and the distribution of the resources is managed across the system. The proposed model architecture comprises of a 4-tier structure: The first tier is a buyer (with wireless or fixed) device, equipped with interface and intelligent mobile agents, installed on the buyer devices, to help communicate with the system and act as personal assistants to the buyers. The second tier consists of a mediator site whose functions are: Collecting buyer's data from client„s

agent; Filling in buyer's profile; Generating counteroffer; Generating mobile agents on behalf of each mobile client; Evaluating incoming offers, assessing case base by retrieving similar previous cases and adapting/selecting the best and continue negotiation with the seller that made this best offer until an agreement is reached. The third tier is a seller negotiation system whose functions are: Assigning weight of each negotiation attribute; Selecting of the concession strategy to be

305

1st International Conference on Applied Information Technology used; Evaluating of the buyer„s offer; Creating an offer. The fourth tier is the knowledge management/maintenance component of the architecture. The knowledge management part ensures that agents browse a previous negotiation case repository using various queries while the maintenance aspect allows negotiation parties to moderate, maintain and to update the case repository. Intelligent negotiation is illustrated with the sales of used cars scenario in this work. In this scenario, a single buyer‟s agent negotiates simultaneously with several sellers‟ agents. The buyer‟s objective is to find a good quality used car with highest features and at a reasonable price while each seller‟s agent aims at maximizing its owner's profit. The buyer has a set of examples of deals he would accept driven by his preferences and constraints. This is represented in each entry of the attributes of negotiation objects for the commencement of negotiation process by the buyer. The attributes name and pairs are given as follows: (i) Negotiation objects (such as price, features, and warrantee period) (ii) Preferences (such as car-age, car-make, carmodel, car-mode, car-type, car-size, car-mileage), and (iii) Constraints: (on the part of buyer could be budget, time; while on the part of seller are resources, time). For this purpose, a web application interface is designed for the buyer to start the negotiation process by entering his preferences and constraints while looking for a good used car to buy unlike what we have in most present B2C ecommerce applications today where buyer would need to search through catalogues of information before negotiation can commence. Formal Representation in Onto-CBR Negotiation Model The development of internet technologies has made it possible for goods and services to be exchange over communication networks. In the traditional B2C ecommerce applications, an interface is provided by businesses directly to their consumers in form of retail website where business products or services can be directly purchased by the consumer. This is time consuming and complex process since the customer would have to search through the catalogues before an appropriate product can be bought and in most cases the buyer is not allowed to negotiate over these products. However, advent of agent technologies has made it possible for better deals to emerge for all participating parties, both businesses and customers alike especially through negotiation.

7-9 October, 2015

Intelligent negotiation in the context of Onto-CBR model can be defined as follows (Zheng and Peng, (2014) : Definition 1: Let D be negotiation domain with a 9tuple , where (i) A: the set of negotiating agents. represents a specific negotiating agents * +) ( (ii) I: the set of issues. represents the issue under negotiation, such as price, features, and warrantee period. (iii) S: the set of domains. For each issue i, every agent has a lower and an upper reservation value, resulting in a domain [ ]. These values represent the best and worst value still acceptable for the agent. The value outside the domain is unacceptable for the agent. (iv) R: An integer represents the number of round in negotiation process. (v) P: the proposal of negotiating agent. Proposal { } is a set of values for all issues. is value of issue . (vi) Utility: To evaluate the value of an issue, each agent has a scoring function over its issue domain: , -which assigns a score for every utility: issue value . (vii) W: each agent has a weight vector over the issues, representing the relative importance of its issues. is the weight of issue i of the agent. These weights should be normalized ∑ . Therefore, the utility of proposal p can be ( ) ∑ defined as: (viii) Onto-CBR: case repository of negotiation. All negotiation history is stored in this negotiation database called Onto-CBR. Ontology is used to formally describe the domain knowledge and categorizing objects, such that they are semantically meaningful to a software agent. (ix) Protocol: the negotiation protocol is alternating offer protocol. By definition, let be the proposal of seller agent to buyer agent at time t and, denote the value of issue of this proposal. Alternating offer protocol is used. The seller agent sends the first proposal after analyzing the buyer agent preferences along using its own utility function. After the first proposal, the two agents send counter proposal alternatively. At last, negotiation ends with two special proposals: {accept, reject}. Definition 2: Negotiation process is expressed as follows: , , ,,,,,, ; (1) , wherein is the negotiation round ; offers.

306

1st International Conference on Applied Information Technology Definition 3: Given agent and its associated utility function, the counter-proposal of agent at time of ( ) sent at time a proposal is defined as: ( ) reject if accept if else

(

)

(

where and ( ) offers respectively.

7-9 October, 2015

for (

are current ( ) and previous negotiation attribute ( ) ) ⁄

(5) where: is the value of attribute ( ) at round ( ); is the attribute value on the previous round, and is lower limit not to be exceeded.

) (2)

(6) The seller utility evaluation function evaluates the value of each negotiation attribute ( ) in each negotiation round ( ). At the beginning of a negotiation utility function is set to its maximum value which usually equals to 1. When negotiation time reaches deadline, the target utility should be decreased to the least acceptable value that seller agent can accept. Whereas, at the buyer side, the negotiation buyer negotiation agent calculates the total utility ( ) represents the maximum level the buyer is willing to pay for related attributes or minimum level the buyer wish to accomplish for important related attributes. ∑ (7) where: is the weight of each attribute; , is the buyer„s concession rate between two consecutive ) of attribute ( ). negotiation rounds ( ) and ( ( ) (8) where and are current ( ) and previous ( ) offers for negotiation attribute ( ) respectively. ( ) ⁄ (9) where: is the value of attribute ( ) at round ( ); is the attribute value on the previous round, and is lower limit not to be exceeded.

Seller agent decides which of the alternatives to choose from definition 2. When the utility of proposal of buyer agent is lower than tolerance's value (minimum value which is acceptable) of seller agent, seller agent a1 will refuse to continue negotiation. If this proposal has a higher utility than proposal of seller agent itself, seller agent will accept it. In these two cases, negotiation process ends. Otherwise, the calculated counter-proposal will be made. Also, as mentioned earlier the proposed work uses utility function as a multi-criteria evaluation tool and the model is describe as follows (Al-Sakran, 2014): Given the negotiation issues (attributes: ( ) to be agreed on by both buyer and seller, which is the decision objects that the negotiation agents are using to negotiate. Each attribute ( ) have three different values: for a seller a maximum value ( ) which is the asking or starting point, a lowest acceptable value ( ) and the best expectation ( ) value of the negotiation; for a buyer a highest ), best expectation value ( ) acceptable value ( of the negotiation and a minimum value ( ) which is the starting point. These attributes‟ values will help in calculation of relative concession rates. Attributes of the same values cannot be negotiated. Each attribute is associated with a weight ( ) which reflects the importance of the negotiation attribute. Both buyer and seller decide the weight of each attribute according to their preferences of each negotiation attribute. In order to measure the merits of the negotiation proposal, it is needed to calculate the value of the current proposal's utility. In each round the negotiation seller agent calculates the total utility ( ) value as follows (Al-Sakran, 2014): ∑ (3) where: is the weight of each attribute; is the seller concession rate between two consecutive ) of attribute ( ). negotiation rounds ( ) and ( ( ) (4)

(10) In case if the buyer conducting at the same time negotiation with a number of sellers to buy the same items then buyer will adjusts his offer based on the overall information receiving from all sellers agents. If the counter-offer is accepted by seller agents, then the deal is completed. If rejected, then the seller agent may adjust the counteroffer by decreasing its goal utility for next round of negotiation until the process is completed with an agreed deal or failure. Onto-CBR A negotiation case represents information related to a special buyer or seller in a previous negotiation and captures contextual information and negotiation

307

1st International Conference on Applied Information Technology experience available to the agent. In some detail, a negotiation case can contain the following information (Wong et al., 2000): (i) Buyer‟s profile (ii) Seller‟s profile (iii) Product‟s profile (e.g. cars) main properties (iv) Offer made from other agent and concessions used in the previous negotiation session

7-9 October, 2015

Counter-offer made by the agent and concessions used in the previous negotiation session. The case base C holds instances of successfully ended past negotiations. Each case ci in the case base is fully described by the set of tuples with the following use case diagram that depicts a hierarchical representation of structure using concepts and relations as collections of features in our ontology supported CBR model:

UseBy

BuyerProfile

SellerProfile

Strategy

SellerBuyerProfile

hasType: String forissue: Instance forParticipant: Instance hasConcessionTrend: String hasConcessionRate: Float

hasName: String hasId: int hasStrategyType: String hasIssueNumber: int hasIssueName: String hasConstraint: String hasAgentType: String

InContextOf

NegotiationStatus

CreatedBy Generateby

MoblieAgent hasId: int hasName: String hasProtocol: String hasState: int hasInitiator: String

hasInitiator CounterOffer

hasConcession

Offer

hasProtocol: String hasParticipantNumber: String hasIssueNumber: int hasIssue: Instance hasEpisodeNumber: int hasPerformanceStatus: String

OfferCounterOffer ProductFor hasId: int hasStrategyType: String hasIssueNumber: int hasIssueName: String hasSender: String hasReceiverType: String

ParticipateIn

UsedCar hasId: int hasPrice: String hasFeatures: int hasDeliveryDate: Date hasPrefences: String hasAgentType: String

Figure 3: Case Based Ontology The ontology presented in Fig. 3, described a set of concepts represented by use case diagram where squares are concepts and arrows are semantic relationships between concepts. The diagram summarizes the basic relationships between the components of the Ontology CBR.

It should also be noted that the negotiation experience in cases can be extracted from the received offers, the generated counter-offers, and the concessions used in the previous negotiation session. Table 1 explains the concepts of the Onto-CBR model while; Table 2 describes the relationships between different concepts in the model.

308

1st International Conference on Applied Information Technology

Concept BuyerProfile

SellerProfile

Strategy Protocol NegotiationStatus

NegotiationIssues Offer CounterOffer MobileAgent Product

Relation UsedBy

CreateBy

GenerateBy

ProductFor ParticipateIn

InContextOf

hasInitiator

hasConcessionTrend

7-9 October, 2015

Table 1: Automated Negotiation Ontology CBR Concepts Description Refers to any piece of Buyer related information such as name, identity, strategy used, constraints, preferences etc. Refers to any piece of Seller related information such as name, identity, strategy used, constraints, preferences etc. Refers to procedure that participants‟ operation should follow in the negotiation process. Refers to rules that govern the operation of the participants in negotiation process. Refers to any piece of negotiation related information qualifies negotiation process e.g success, failure, reject, accept, quit Refers to objects, parameters, data type, factors to consider, and elements that describe the product of negotiation. Refers to actions performed by negotiation participants in each episode of negotiation processes Refers to actions performed by negotiation participants in each episode of negotiation processes Refers to participant that play some role within the negotiation process on behalf of individuals and organizations Sales of used car as the scenario in our negotiation model Table 2: Automated Negotiation Ontology CBR Relations Description Linked Concepts Hierarchical relation that links BuyerProfile, SellerProfile, Strategy strategies with the Negotiation Participant that make use of it Associative relation that links BuyerProfile, SellerProfile, negotiation actions with the MobileAgent participants that perform them Associative relation that links CounterOffer, SellerProfile negotiation actions with the participants that perform them Associative relation that links negotiation participants with the negotiation they participate in Associative relation that links negotiation actions with the processes they are part of. Associative relation that links units and systems with their respective specifications. Associative relation that links one unit to another with their respective specifications.

309

MobileAgent, Negotiation

Strategy, NegotiationStatus

Offer, MobileAgent

Offer, CounterOffer

1st International Conference on Applied Information Technology

7-9 October, 2015

Step 14. do sim ← COMPUTE-PROXIMITY(Buckets[q], Buckets[c]) Step 15. if sim > most-similar Step 16. then most-similar ← sim Step 17. best-case←c Step 18. _ Use best-case as the solution for query q Step 19. APPEND(Cases, r)

Ontologies vocabulary employed here described cases in the CBR that provides knowledge structure where cases are stored, and as knowledge source allowing the semantic representation in the methods of similarity calculation, adaptation and learning. As a reminder, the reasoning cycle of a case based reasoning system is composed of phases aiming to: (i) create the target case; (ii) retrieve cases of the case base which are similar to the target case; (iii) adapt solutions of some of these cases in in order to propose a solution for the target case. This is the main focus of this work especially as the cases in the CBR databases are represented through structured and semantics means like ontology.

Case Adaptation A CBR system retrieves cases corresponding to similar problems from its case-base. The adaptation step must recognize differences between the new and retrieved problems, and refine the retrieved solution to reflect these differences, as appropriate. Our ontology based model uses an adaptation scheme based mainly on deletions and substitutions. Dependencies within a case are explicitly represented in order to guide the adaptation. The adaptation of solutions in Onto-CBR is given by a list of parameters that should be added (written with a + symbol) and a list of parameters that should be removed (written with a - symbol) from the current case. It is assumed that used parameters are already chosen to be removed from the original case base so they are not shown in the solution. This new way of expressing solutions gives us more complex adaptations since we can remove parameters which have not been used or add more than one parameter for each substitution.

Case Retrieval Case retrieval is of primary importance to the overall effectiveness of any CBR system, this is because (Sun, 2002): i. Retrieving the case ensures the best solution within the system‟s capability ii. Retrieving cases must include some computation of the similarities and difference between the input problem and the retrieved cases. All subsequent case modification uses this computation as a basis. Several retrieval algorithms have been proposed and implemented. The most commonly used is nearestneighbour retrieval (NNR) algorithm. Nearest-neighbour retrieval (NNR) is a simple technique that provides an assessment of how similar the problem description attached a case in the case base is to the current problem description, based on the following evaluation function: ∑ ( ) (11) where is the importance of dimension (slot) i , and ∑ , sim is the similarity function for primitives and are the values for feature in the input and retrieved cases, respectively. Due to its limitations, different variants of NNR algorithm have also been proposed. Adopted in our work is the modified fashion of a hybrid algorithm which combined an efficient random decision tree algorithm with a simple similarity measure based on domain knowledge for effective case retrieval in case-based reasoning systems (Houeland, 2011). As presented below:

Algorithm 2 Adaptation of Onto-CBR Step 1: function ONTOCBN-ADAPT(structured features) Step 2: for all Cn to Ci structured features do pad ontology.getParent(Ci) replaced false Step 3: while not replaced do search for a valid substitution (not already structured or used) in pad parents and updates the replaced one Step 4: if not replaced then pad ontology.getParent(pad) Step 5: end if Step 6: end while Step 7: end for Step 8: end function

Algorithm 1: N-HYBRID Step 1. Cases← EMPTY Step 2. Buckets← EMPTY Step 3. Trees← GENERATE-TREES (N) Step 4. for each negotiation round r NEGOTIATIONS Step 5. do q ← CREATE-INPUT-QUERY(r) Step 6. Buckets[q]←COMPUTE-TREE-BUCKETS(r, Trees) Step 7. Distance← EMPTY Step 8. for each case c Cases Step9. do Distance[c]← CBRDIFFERENCEMEASURE(q,c) Step 10. Closest-Cases ← The closest half of Cases sorted according to Distance Step 11. most-similar ←(−∞) Step 12. best-case← NIL Step 13. for each case c Closest-Cases

CONCLUSION In this work, Onto-CBR method for adaptive strategy in intelligent negotiation was proposed. The work analyses negotiation process using formal notations which captures the relevant elements of agents‟ behavior related to negotiation with other agents. A framework was developed for automated negotiation based on CBR rules that encodes the agents‟ adaptive negotiation strategy in which representation of the cases in the case repository was through semantics and structure ontology that is believe to facilitates ease of case retrieval and quick adaptation, given their algorithms. This is to ensure that the negotiation process is conducted on time with limited resources. However, the proposed method can be extended by incorporating Analytic Hierarchy Process (AHP)

310

1st International Conference on Applied Information Technology technique at the mediator‟s site in order to improve the efficiency of the negotiation process so as to attain a winwin outcome.

7-9 October, 2015

Artificial Intelligence Research Society Conference. ISSN: 2040-7459; e-ISSN: 2040- 7467 Jennings, N. R., Faratin, P., Lomuscio, A. R., Parsons, S., Sierra, C., Wooldridge, M. 2001. Automated Negotiation: Prospects, Methods, and Challenges. Int. Journal of Group Decision and Negotiation. Vol. 10, no. 2, Pp. 199-215. Karabey, I., Adar, U. G. 2014. Agent-Based ECommerce and its Contribution to Economy. 13th International Academic Conference, Antibes. Kowalski, M., Zelewski, S., Bergenrodt, D. 2012. Applying of an Ontology-driven Case-based Reasoning System in Logistics. International Journal of Computers & Technology. ISSN: 2277-3061 Vol 3 No. 2 Lewicki, R. J., Saunders, D. M., Minton, J. W. 2003. Editors. Essentials of Negotiation. Lopes, F., Wooldridge, M., Novais, A. Q. 2009. Negotiation among autonomous computational agents: principles, analysis and challenges. Published by Springer Science Business Media B.V. McGraw-Hill, Boston, MA. Patrikar, M., Vij, S., Mukhopadhyay, D. 2014. An Approach on Multilateral Automated Negotiation. 4th International Conference on Advances in Computing, Communication and Control (ICAC3’15).: Published by Elsevier B.V. Pooyandeh, M. 2014. An agent-based model to simulate stakeholders‟ negotiation regarding land development in the Elbow River watershed in southern Alberta. PhD Thesis, Department of Geomatics Engineering of University of Calgary. Sun, Z. 2002. Case Based Reasoning in E-Commerce. A Ph.D Thesis in Computer Science, School of Information Technology, Bond University. Sun, Z., Finnie, G. 2004. A Unified Logical Model for CBR-based E-commerce Systems. University of Wollongong. Tamma, V., Phelps, S., Dickinson, I., Wooldridge, M. 2005. Ontologies for Supporting Negotiation in ECommerce. Engineering Applications of Artificial Intelligence, 18, Elsevier, 223–238. Wong, W T., Zhang, D M., Kara-Ali, M. 2000. Negotiating With Experience. AAAI Technical Report WS-00-04. Zhang, D., Wong, W. 2000. Using CBR for adaptive negotiation. Proc Conf on Intelligent Information Processing (IIP2000). Pp 428-437. Zheng, Z., Peng, Y. 2014. Tri-Training based Bilateral Multi-Issue Negotiation Framework. Journal of Software, Vol. 9, No.5

REFERENCES Abu-Naser, A. M. 2012. Genetic Algorithm Strategies and Tactics Model for Agent Negotiation in E-Commerce Systems. ABHATH AL-YARMOUK: "Basic Sci. & Eng." Vol. 21, No. 1, 2012, pp. 51-58 Alarabeyyat, A. 2014. Ontology Matching Algorithm by Using Agent Technology. Research Journal of Applied Sciences, Engineering and Technology 7(3): 454-461, 2014 Al-Sakran, H. 2014. B2C E-Commerce Fact-Based Negotiation Using Big Data Analytics and Agent-Based Technologies. International Journal of Advanced Computer Science and Application (IJACSA) s, Vol. 5, No. 12 Balachandran, B M. 2012. Developing a Multi-Issue ENegotiation System for E-Commerce with JADE, Practical Applications of Agent-Based Technology. Dr. Haiping Xu (Ed.), ISBN: 978-953-51-0276-2. Cao, M. 2012. Multi-Strategy Selection Supported Automated Negotiation System Based on BDI Agent. 45th Hawaii International Conference on System Sciences Cao, M., Dai, X. 2014. Multi-Strategy Selection Model for Automated Negotiation. 47th Hawaii International Conference on System Science. Cao, M., Luo, X., Luo, X. R., Dai, X. 2015. Automated negotiation for e-commerce decision making: A goal deliberated agent architecture for multi-strategy selection. Elsevier Journal of Decision Support Systems. 73 Pp 1– 14. Chen Y., Peng Y., Finin T., Labrou Y., Cost S. 1999. A Negotiation-based Multi-agent System for Supply Chain Management. Proceedings of Agents 99 Workshop on Agent Based Decision-Support for Managing the InternetEnabled Supply-Chain. Chen, S., Weiss, G. 2013. An efficient automated negotiation strategy for complex environments. Elsevier Journal of Engineering Applications of Artificial Intelligence. 26 Pp 2613–2623. Dendani-Hadiby, N., Khadir, M. T. 2012. A Case based Reasoning System based on Domain Ontology for Fault Diagnosis of Steam Turbines. International Journal of Hybrid Information Technology. Vol. 5, No. 3. Houeland, T. G. 2011. An Efficient Random Decision Tree Algorithm for Case-Based Reasoning Systems. Proceedings of the Twenty-Fourth International Florida

311

1st International Conference on Applied Information Technology

7-9 October, 2015

A DOCTOR-CENTRIC MOBILE SOCIAL NETWORK SYSTEM T. S. Adeyemi, O. F. Oladipupo, E. O. Kehinde and A. A. Odusanya 1,2,3

Department of Computer Science Education, Michael Otedola College of Primary Education, Noforija, Epe (MOCPED), Lagos State, Nigeria. 4 Office of the Accountant General, Ogun State, Nigeria. 1

2

3

[email protected], [email protected], [email protected] and [email protected]

Abstract: Mobile social Networks are increasingly becoming the largest platform for almost everything today. In the Healthcare Management System, this is forming a new trend, and many healthcare providers are taking advantage of this to provide real time healthcare delivery system. This paper designs a Mobile Social Network Architecture that allows doctors across all areas of specializations to meet and become friends of friends in order to discuss best practices and experiences by blogging, discussion forums, messaging and so on. The implementation of DCSN Model will bring Doctors together in real-time and create an enabling environment to share their views/experiences on patient’s problems in finding solution to an ailment. However, this work is significant in the healthcare management systems as it is expected to assist healthcare providers/managers to widen their horizon, reorganize their thinking and strategies towards mobile social network among health professionals. INTRODUCTION The rapid growth of mobile technology has generated a large number of mobile social networks in the last few years. There are a lot of advantages of having a mobile social network over having only web-based social networks. With the rapid development of mobile devices and wireless technologies, a large number of mobile social network systems have emerged in the last few years. The migration of social networks from web-based applications onto mobile platforms not only increases the connectivity of people, but also promotes the convenience of people’s life. Integrated with location-based information services, mobile social networks can help users search for a friend or a friend of a friend nearby, or glean some location-related information (Chang, 2007). Therefore, a social network provides a variety of mechanisms for users to share data with other users, also it has the ability to search for users with similar interests and to establish and maintain communication between them (Beach et al., 2008).The mechanism entails enable users to create a profile for themselves, by inserting their personal data. Healthcare professionals are beginning to adopt social networks as a means to manage institutional knowledge, disseminate peer to peer knowledge and to highlight individual physicals and institutions. Mobile social networking is social networking where individuals with similar interests converse and connect with one another through their mobile phone and/or tablet, Mobile technology has expanded dramatically around the world. This technology poised to alter how health care is delivered, the quality of the patient experience, and the cost of health care (Stephen, 2011). Mobile technology is helping with chronic disease management, empowering the elderly and expectant mothers, reminding people to take medication at the proper time, extending service to underserved areas, and improving health outcomes and medical system efficiency. Mobility enables a new generation of patient centric devices and mobile applications that bring healthcare into home on a continuous basis rather than

pre-scheduled individual visits to the doctor’ office, (Stephen, 2011).The study indicated that using mobile phones, the internet and other mobile communications technology to keep patients healthy may have broad applications to help patients and their physicians manage health conditions. Mobile health has the potential to help patients better self-manage any chronic disease. In summary, the purpose of this work is to developed from the existing mobile social network model that would be appropriate for doctors, which will allow them to share clinical images, ask questions, discuss and share ideas on clinical cases, health policy, practice management and so on. Also, to show the profile of individual doctor’s with their area of specialization, medical association they belong, this will provide authentication of membership and it will enable them to detect non-professionals among them. Each of the doctor will be able to have blogging capabilities and many other features that will enhance their sustainability in Healthcare Management system. RELATED WORK Today, social networking are commonly refers to all those activities that are carried out within specific online services that provides free space and a software tools which allow to create networks of people. Many of these early communities focused on bringing people together to interact with each other through chat rooms, and encouraged users to share personal information and ideas via personal webpages by providing easy-to-use publishing tools and free or inexpensive webspace. (Boyd and Ellison (2007).A social network is basically a set of actors and relations that hold these actors together. The simplest form of a social network consists of actors and/or events and their connections to each other. The nodes in the network represent the authors (coded in numbers) while the relations (links) show the co-author relationships between the authors in figure 1 below.

312

1st International Conference on Applied Information Technology

7-9 October, 2015

among the group, most of them store media content online for easy storage and access. vi. Social Gaming: This model is about connecting people through both multi-player games and competitive single-player games. Mobile devices are always increasing their capacity for graphics performance and computing power, making them capable gaming devices. The leader in this category is Zynga, creators of Farmville and Words with Friends, though it has suffered a decline. Review of existing mobile social network Several numbers of researchers have worked on mobile social network, some focus on mobile healthcare management systems. The following are brief analysis on the development of mobile applications in Healthcare management system and how their models can be adopted in doctor-centric mobile social network. Laura, (2010) analysed a survey of mobile social networking on the features that they share with ordinary desktop based social networking and their difference. Laura examined some architectural notes for the mobile social networks and their limitations (that is a company that is able to manage all the contextual data), concepts on privacy and security and some case studies of mobile social networks that have been created. Laura stated that the mobile context can be generated by means of information such as the location of mobile device, the time, tags that describe the environment, information from other devices that surround it, some capabilities that the handset has and some preferences provided by the user. Laura (2010), examined two groups in mobile network: the social mobile network available in the market and the ones that are part of a research project. Both provide helpful insights on the value that the context awareness added to mobile social networks. This is not just a survey of mobile social networking among others but it gives the important to design an architecture with the purpose of which is to enable the efficient use of these resources. Chang (2008) analyzed and compared three current popular mobile social network systems, the architecture used in client server architecture to provide location bases information, interaction methods and other issues. Chang (2008) supported client server architecture which consists of four main components (i) the client device, (ii) the wireless Access Network (iii) The internet and it hosts and (iv) the server side. There are five modules at the server side, web server, location Database, Profile Repository, Matching Logic and Privacy control. After the analysis, it was found that the current mobile social networking systems are quite similar and have minor differences, although their services are still very simple and straightforward. Guillemo et al (2004), developed a platform and execution environment for mobile application using MADEE (Mobile Application Development and Execution Environment) on handheld. A handheld device is a self-contained extremely portable device that supports communication and management information. This application and environment allows the implementation

Figure 1: Example of Social Network with nodes and linkages Types of mobile social network models The following are the types of mobile social network model used in researches. They are model types that have been used in some of the existing mobile social media networks like mobiclique, facebook, Doctorelite etc. Group Texter: This model focuses on ability to send short, text based messages to a large group of people simultaneously. It can be by SMS or micro-blog. This category enables messages reach right people as quickly as possible. Location-Aware: This model relies on geotags to provide location information about users and content. This allows users to tag particular locations with images and other information. These tags can be accessible by the users which are mapped on world map. Some of the sites in this category enable to receive alerts when the user passes by the location in which somebody was tagged in. Some location-aware applications function more like radar. They take advantage of growing interest in location-based services by keeping track of all the contacts. This allows knowing people who are nearest to the user. A lot of these sites also allow you to check if there’s anyone near a particular venue or location, and some of them will actively alert you if any of your contacts comes within a certain distance. Dating Service: The sites using this model are almost identical versions of their online counter parts. Users create a profile and are matched with other profiles online. Some of these sites use radar so that they ping you if there is a matching single profile within a certain distance. These sites are marked with serious security measures, so that no personal details are released without user’s consent. Social Networker: The sites using this try to use on-line social networking sites as closely as possible. Many of these sites use mobile portals of already existing and successful sites such as Facebook.They offer vast number of functions including multimedia posts, photo sharing instant messaging etc. Most of these sites offer inexpensive international calling and texting facilities. v. Media Share: This model can be viewed as an advanced version of the Group Texter category. Instead of text messages, audio and video files are transmitted

313

1st International Conference on Applied Information Technology of mobile information systems faster and easier than using conventional developing tools.

The Doctor Centric Social Network Model for Healthcare Management System coined as DCSN Model is composed of the Actors (representing the Doctors) and the events (which represents their area of specialization), the ties forming the relationship (connections) between the Actors. All their information and links are in a decentralized database serving as Administrative point, where the database is managed for all the clients. The DCSN among all Healthcare Model design architecture follows a relational open network model, that is open forums or through direct messaging in which all the Doctors can communicate with each other to find specialist care for their patients and advice from other doctors and follow discussions simultaneously. This DCSN Healthcare Model architectural diagram will help in achieving that goal by graphically describing the relationships among all the nodes that are forming ties. An entity in this DCSN Healthcare Model is the Doctors which is the Actors playing an important role in information sharing. At this point that Doctor Centric Social Networking will have attributes with which the model will consider in terms of the implementation. An entity can have attributes; an attribute is simply a property we can associate with an entity. For example, attribute data of Doctors such as Name, age, Gender, number of medical journals subscribed to, medical institutions attended inside and outside his/her community, Year of experience, Qualification, categorisation e.g. patientoriented or profession-oriented, Area of specialisation, location – Health center etc. Attributes are basically fields holding data to identify an entity. Attributes cannot exist without an entity. Doctors entity with some of the basic attributes is displayed in the architecture as shown below:

Challenges on Mobile Health Application Health systems usually do not provide the impetus for the development of m-health interventions. Instead, people adept with technology, members of nongovernmental organizations (NGOs), and private enterprises usually drive their development. Similarly, aid organizations are bearing the cost of experimentation in this area, and relying on them may slow innovation. Moreover, the lack of coordination between them may be fuelling a wasteful proliferation of pilot projects but little financing for achieving scale. Planning and funding for monitoring and evaluation (M&E) have been insufficient to provide the evidence required to inform policymaking and large-scale investment. Finally, rural settings may pose difficult challenges for implementing m-health services because skilled workers and the data needed to design business models are both scarce. In addition, poor network coverage can constrain models and services because there are fewer customers to attract mobile network operators. Some experts also predict that mobile health services will have disruptive effects all along the healthcare value chain, including in the delivery of health services and in the promotion of public health. By offering consumers access to health information and preventive care, mhealth can reduce the need for intermediaries and face-toface interactions. DESIGN ARCHITECTURE

Name

7-9 October, 2015

Qualification

Age

Area of Specialization

Location – Health Center

Year of experience

Gender

Doctor

Medical Journals subscribe

Professional Body – (Medical Institutions)

Figure 2: Doctor entity and its Attributes With this information available, the construction of the social network of the doctors becomes complete. Attribute data of doctors such as age, number of medical journals subscribed to, attachment to medical institutions outside the community and so on, which will make it possible for colleagues in both field of specialization

between doctors contacts themselves. At both the Login and the Profile update phase, these attributes are important largely in the design and the implementation of the Model.

314

1st International Conference on Applied Information Technology DCSN Healthcare Model provides a reference architectural model. The design method helps establish a common baseline for implementer to understand which capabilities need to be included within a mobile social network site.

7-9 October, 2015

components in this process are further explained in details. The processes are in three major modules comprising of the Profile Generator, the Semantic Hub and the Semantic Filter.

DCSN Architecture Process Model In the architecture of Doctor Centric Social Network Model in Healthcare Management System, It is shows the process of a subscriber, which the Doctor goes through from the login (Registration/Subscription) phase down to the main feature of sharing information and connecting with other Doctor on phone. The major

5. Query Subscribers

Semantic Filter Filter Semantic

A N N O T A T O R

3. Notify Update

1.Store & Query Topics

DB

v. Verification &authentication

DB

Semantic Hub 3.Update RSS

RSS

Store CLASSES of subscribers

4. Fetch Update

ii. Redirect for subscription

6. Push Updates i Subscribe Profile Generator Gmail

Smart phone

iii.

Create FOAF

Figure 3: The DCSN Architecture The Doctor Centric Social Network Model design follows both an internal and external (physical process). This however stated how information is to be processed and

transferred from one user to the other until it forms a weblike pattern. The process can be separated into three modules. The Semantic Filter (SF), Profile Generator

315

1st International Conference on Applied Information Technology (PG), and Semantic Hub (SH) as in Figure 3 above. The interaction between the three modules will be briefly discussed. In the architectural process of the DCSN model in Figure 4, two processes run in parallel, filtering of messages or information and subscription to the system. The sequence (seq) for each process is represented by different types of arrows. The Subscription to the system is included in the Semantic Distributor. The Semantic Distributor (SD) comprises of both the Semantic Hub (SH) and the Profile Generator (PG). Once the user requests for the subscription, he/she is redirected to the PG. PG generates the profiles based on the user’s activities on Gmail social networks platforms. These profiles are sent to the database and the profiles are stored in the SH’s Database (DB) after verification and authentication. On the other hand, Filtering of messages is performed by annotating messages from Message stream in SF. The annotations are further transformed to a representation of groups (queries) of users who have interests corresponding to the messages. The Queries are termed as Semantic Groups (SG). The message with its SG is updated as an RSS (Really Simple Syndication) feed and notified to SH. SH then fetches the updates and retrieves the list of subscribers whose interests match the group representation of the message. Further, the message is pushed to the filtered subscribers.

7-9 October, 2015

in order to collect private data about users on social websites it is necessary to have access granted to the data by the users. Then, once the authentication step is accomplished, the two most common ways to fetch the profile data is by using an API (Application Programming Interface) provided by the system or by parsing the Web pages. Once the data is retrieved the next step is the data modeling. This allows us to represent the past working experiences of the users and their cultural background. The user’s interests represent another important part of a user profile. The Semantic Distributor module comprises of Semantic Hub and Profile Generator. It allows parties understand and get near-instant notifications of the content they are subscribed to, as PuSH immediately pushes new data from publisher to subscriber(s) where traditional RSS readers periodically pull new data. The PuSH ecosystem consists of a few hubs, many publishers, and a large number of subscribers. Hubs enable publishers to offload the task of broadcasting new data to subscribers and subscribers to avoid constantly polling for new data, as the hub pushes the data updates to the subscribers. Requirements for the Implementation of Dcsn Model The implementation involves two steps. Client side i. The application will run on a GPS-enabled Android operating system. ii. XML (Extensible Mark-up Language) will be used for the front end/user interface design. iii. Java (object oriented programming) will be used for the back end design iv. Android software Development kit

Semantic Filter primarily performs the functions of representing messages as Database and forming interested groups of users for the message. First, information about the message is collected to represent the message in DB, flexibility to use any dictionary for extraction. This transforms the unstructured message to a structured representation and the triples (DB) of the message are temporarily stored in a DB store.

Server side The server side involvefour phases: i. The portal for users’ registration ii. The service locator application iii. Backend design – PHP scripting language iv. MYSql is the relative database managemL5/CSS3/Java script

The annotated entities represent the topic of the message. These topics act as the key in filtering the subset of users who receive the message. Topics are queried from the DB store to be included in SGs that are created to act as the filter. If there are multiple topics for the message, then the SG is created to fetch the union of users who are interested in at least one topic of the message.

Signup Form The screen shot below describes a sign up form. It enables users to create new profiles. It has a captcha security feature which verifies ensures that a profile was created by a human. It also ensures all fields are correctly filled out before submission

The extraction and generation of user profiles from social networking web-sites is composed of data extraction and generation of application-dependent user profiles. First,

316

1st International Conference on Applied Information Technology

7-9 October, 2015

. Figure 4: Sign Up Form actor j is considered mainly. In some cases, these will be directed in nature, so that Xij and Xji are different variables which may assume the same or different values, in other cases they will be non-directional in nature, so that Xij is necessarily equal to Xji..The most frequently employed and most strongly developed data structure is for binary variables Xij, where the value 1 (or 0) represents that there is (or there is not) a tie from i to j. The actors are called the nodes and the ties are usually called arcs or edges, depending on whether the graph is directed or not.

Post Privacy settings The page below enables users to set their post privacy. For instance, a user may decide to set post privacy as public, which implies that everyone can see the posted comment or image. The page also displays all posts by a particular user. In the screen shot below,oluwatobifabanigba posted the comment “new store for selling paracetamol 500mg”. Analysis of DCSN Model A social network is a structure of ties, or relational variables, between social actors. Here, a fixed set of actors, and variables Xij representing how actor i is tied to

317

1st International Conference on Applied Information Technology

7-9 October, 2015

Figure 5: Post Privacy settings CONCLUSION This work is focused on designing an appropriate model on which a doctor-centric mobile social network in Healthcare Management System can be built. This will be an enabling environment or forum for Doctors to share their views, and experiences on patient’s problems in finding solution to an ailment. This is one of the reasons why health professionals should now focus more on the use of the smart phone for Health information sharing, problem solving methods, and discussions, for a sustainable healthcare system. From the study of existing social network within the healthcare system, especially in the western world, basic and important facts has been gathered that helped in designing the DCSN Model in this work. The implementation would also show how effective it would be for Doctors in sharing views and experiences, and best practices across fields of specialization in a social media network. This paper has been able to illustrate with the aid of architecture diagram, the design stage and the implementation, the belief being that, it will serve great purposes in the Healthcare Management System. However, the breaking down of all the components into smaller units of details that was incorporated into the design is essentially the main work. The implementation of stringent policies and proper

guidance can help Healthcare practitioners in using social media more effectively. REFERENCES Beach, E., Vlahu-Gjorgievska, Vladimir Trajkovik 2011.Personal Healthcare system model using collaborative filtering techniques. Advances in Information sciences and Social sciences.3(3). Boyd, D. M., & Ellison, N. 2007. Social Network Sites: Definition, History, and Scholarship. Journal of Computer-Mediated Communication, 13(1), article 11. Boyd, D. M., & Ellison, N. B. 2007. Social network sites: Definition, history, and scholarship. Journal of Computer-Mediated Communication, 13(1). Chang, H., Gay, G., Davidson, B., &Ingraffea, A. 2008.Social Networks, Communication Styles, and Learning Performance in a CSCL Community.Computers & Education.49(2), 309-329. Guillemo, M.A. Flora S. Tsai ,Wenchou Han, JunweiXu, Hock Chuag Chua 2004. Development platform and Execution Environment for Mobile Applications. Laura M 2010. M2M: Growth Opportunities for MNOs in developed Markets (Sample Pages), Mobile Market Development Ltd.

318

1st International Conference on Applied Information Technology 7-9 October, 2015

Authors Index A Abah J. Abass O. A Abayomi-Alli A. Abayomi-Alli O. O Abisoye D. A Aborisade D. O Adamu H. Adedapo A. O Adedeji A. A Adegoke B. Adekoya A. F Adelakun O. Adeleke I. O Adenowo A. Adeosun O. E Adesanya A. A Adeyemi T. S. Ajayi T. D Ajobiewe A. B Akingboye A. y Akinola M. O Akinola O. C Akinola S.O Akinwale A. T Akorede O. J Alaba O. B Alegbeleye I. Ali S. Y Alonge C. Y Alowosile O. Y Arogundade O. T Ayangbekun O. J Ayeni G. A Ayo F. E Ayoade O. B

175 202 165, 240 165 5 12 195 240 12 186 266 27 240 190 221 290 312 107 107 165 98 274 27 60, 76, 93, 141, 190, 290, 295 115 81 18 249 149 12 76, 149 195 81 123 44

1st International Conference on Applied Information Technology 7-9 October, 2015

B Bamiro B. A. Bello A.

295 70

D Dada O. O

232

F Fagbolu O. O Famuyiwa S. A Folorunso O. Folorunso T. A

111 228 93, 123, 130, 134, 156, 202, 211, 221, 274 18, 186

H Hammed M.

134

I Ibharalu F. T Idowu S. A Ikharo A. B Ikotun A. M Ikuomola A. J Izang A. A

38, 111,123,134 51 87 76 54, 259 115

J Jimoh R. G Jiya J. D John H. C.

5 87 115

K Kehinde E. O.

312

L Lawal M.

190

M Makinde A. Makinde S. A. Maru-Sogeyinbo A. A Mohammed A. Muhammad A. H

60, 232 302 33 70 195

1st International Conference on Applied Information Technology 7-9 October, 2015

Mustapha M.

149, 240

N Nubang I.

1

O Obalalu B. S Odumosu Odunsanya A. A. Ogunjobi A. O Oguntuase J. A. Ojesanmi O. A Ojo J. A Ojo O.E Okereke U. O Okolie S. A Okoro U. R Olabiyisi S. O Oladele O.O Oladipupo O. F. Olaniyi O. M Olayiwola O. M Oloruntoba C. O Oluwatope A. O Omidiora E. O Omotoso A. Omotunde A. A Onashoga S. A Oni O. O. Orunsolu A. A Otuza C. E Owoade A. Oyegunle M. A Oyeleke O.

111 12 312 38 295 81, 130, 156, 181, 232 165, 211 107, 159, 190 87 51 285 165 228 312 18 130 33, 103, 228 159 165 18 51 38, 181, 211, 228, 295 302 141 285 266 159 181

R Raji Lawal

93

S Salako O. S Salako R.

27 186

1st International Conference on Applied Information Technology 7-9 October, 2015

Sanusi O. V Shehu S. Shittu A. M Sodiya A. S Soyemi J.

33 70 266 12,103,141,274,302 81

T Tambuwal A. Y Tijani O. D Tukur Y. M

70 240 249

U Ugege P. E

156

V Vincent O. R

60, 190, 232, 266, 302

W Waziri O. V

175