Information and Communication Technology

User applications, such as VoIP, have problems traversing NAT gateways or firewalls. To mitigate these problems, applications send keepalive messages through the gateways. The interval of sending keepalives is often unnecessarily short, which increases the network load, especially in mobile networks. Port Control Protocol (PCP) allows the applications to traverse the gateways and to optimize the interval. This paper describes the deployment of PCP in software-defined networks (SDN) and proposes a method to measure keepalive traffic reduction in mobile networks using PCP. The proposed solution extends the battery life of mobile devices and reduces the traffic overhead in WCDMA networks.

Today, TCP is the go-to protocol for building resilient communication channels on the Internet. Without much overstatement, it can be said that it runs the majority of communication on the planet. Its success only highlights the fact that it also has some drawbacks, of which one of the oldest ones is the inability to hand over running connections between participating hosts. This paper introduces a method that relies on the advantages of Software Defined Networks to overcome this limitation.

Digital television enables IP data delivery using various protocols. Hybrid television HbbTV enhances digital television with applications delivery. HBB-Next is an architecture which enhances HbbTV with additional features. However it does not specify IP data delivery despite it has access to both broadcast and broadband channel. This paper proposes architecture and protocols for IP data delivery in HBBNext. To achieve this goal we designed new node (Application Data Handler - ADH) in HBB-Next architecture and new communication protocols (Application Data Handler Control Protocol - ADHCP, and Hybrid Encapsulation Protocol - HEP) for data transmission. We created Stochastic Petri Net (SPN) model of designed protocols and implemented them in ns2 network simulator to verify our solution. Results of SPN model simulation and ns2 network simulation are discussed and HEP protocol is compared to existing encapsulation protocols used in DVB systems.

Presented work focuses onto proposal, implementation and evaluation of the new method for detection and type identification of SYN flood (DoS) attacks. The method allows distinguishing type of detected SYN flood attacks – random, subnet or fixed. Based on Counting Bloom filter, the attack detection and identification algorithm is proposed, implemented and evaluated in KaTaLyzer network traffic monitoring tool. Proof of correctness of the approach for TCP SYN flood attack detection and type identification is provided – both in practical and theoretical manners. In practice, new module for KaTaLyzer is implemented and TCP attacks are detected, identified and network administrator is notified about them in real-time.

UnifyCore is a concept of SDN centric, OpenFlow based and access agnostic network architecture, which changes the way networks are being built today. It is designed in a way, so present access technologies can be easily integrated in it. It provides set of architectural components and rules, which help to easily decouple components of the access technology and put their functionalities into UnifyCore building blocks. This simplifies the overall network architecture and allows the use of common transport core for all access technologies. First proof of concept built on UnifyCore is the GPRS network, which is a challenge for SDN, since it does not have split user and control plane transport. In this paper we introduce and explain features that allow fully SDN UnifyCore to be integrated with existing legacy network infrastructure (switches/routers).

In addition to algorithm- or concept-oriented training of problem solving by computer programming, introductory computer science classes may contain programming projects on themes that are relevant for young people. The motivation for theme-driven programmers is not to practice coding but to create a digital artefact related to a domain they are interested in and they want to learn about. Necessary programming concepts are learned on the way (“diving into programming”). This contribution presents examples of theme-driven projects, which are related to text mining and web cam image processing. The development and learning process is supported by metaphorical explanations of programming concepts and algorithmic ideas, experiments with simple programming statements, stories and code fragments.

Understanding the states of learners at a lecture is expected to be useful for improving the quality of the lecture. This paper is trying to recognize the activities of learners by their brain wave data for estimating the states. In analyses on brain wave data, generally, some particular bands such as

α

and

β

are considered as the features. The authors considered other bands of higher and lower frequencies to compensate for the coarseness of simple electroencephalographs. They conducted an experiment of recognizing two activities of five subjects with the brain wave data captured by a simple electroencephalograph. They applied support vector machine to 8-dimensional vectors which correspond to eight bands on the brain wave data. The results show that considering multiple bands yielded high accuracy compared with the usual features.

Biometric-based authentication system offers more undeniable benefits to users than traditional authentication system. However, biometric features seem to be very vulnerable - easily affected by different attacks, especially those happening over transmission network. In this work, we have proposed a novel multi-factor biometric based remote authentication protocol. This protocol is not only resistant against attacks on the network but also protects biometric templates stored in the server’s database, thanks to the combination of fuzzy commitment and non-invertible transformation technologies. The notable feature of this work as compared to previous biometric based remote authentication protocols is its ability to defend insider attack. The server’s administrator is incapable of utilizing information saved in the database by client to impersonate him/her and deceive the system. In addition, the performance of the system is maintained with the support of random orthonormal project, which reduces computational complexity while preserving its accuracy.

Nowadays, smartphone has been a life style for many people in the world and it has become an indispensable part of their live. Smartphone provides many applications to support human activity which one of the applications is web browser applications. People spend much time on browsing activity for finding useful information that they are interested on it. It is not easy to find the particular pieces of information that they interested on it. In this paper, user-profiler is presented as way of providing smartphone users with their interest based on their browsing history. In this study, we propose a Modified Hierarchical Agglomerative Clustering algorithm that uses filtering category groups on a server-based application to aid provides smartphone user profile for interests-focused based on browsing history automatically. Based on experimental results, the proposed algorithm can measure degree of smartphone user interest based on browsing history of web browser applications, provides smartphone users interests profile and also outperforms the C4.5 algorithm in execution time on all memory utilization.

Collected data must be organized properly to utilize well and classification of data is one of the efficient methods. Individual data or an object is classified to categories and annotated with labels of those categories. Giving ranks to labels of objects in order to express how close objects are to the categories enables us to use objects more precisely. When target objects are identified by a set of labels

$\mathcal{L}$

, there are various strength of relationship between objects and

$\mathcal{L}$

. This paper proposes criteria for objects with two rank labels, primary and secondary labels, such as a label relates to

$\mathcal{L}$

, a primary label relates to

$\mathcal{L}$

, every primary label relates to

$\mathcal{L}$

, and every label relates to

$\mathcal{L}$

. The strongest criterion which an object satisfies is the level of the object to express the degree of the strength of relationship between the object and

$\mathcal{L}$

. The results for two rank objects are extended to k rank objects.

Search Engine Advertising has grown strongly in recent years and amounted to about USD 60 billion in 2014. Based on real-world data of online campaigns of 28 companies, we analyse the incident of a hacked campaignaccount. We describe the occurred damage, i.e. (1) follow-up consequences of unauthorized access to the account of the advertiser, and (2) limited availability of short-term online campaigns. This contribution aims at raising awareness for the threat of hacking incidents during online marketing campaigns, and provides suggestions as well as recommendations for damage prevention, damage detection and damage limitation.

The 3-tower problem is a 3-player gambler’s ruin model where two players are involved in a zero information, even-money bet during each round. The probabilities that each player accumulates all the money has a trivial solution. However, the probability of each player getting ruined first is an open problem. In this paper, the 3-tower problem recursions are modeled as a directed multigraph with loops, which is used to construct a Markov chain. The solution leads to exact values, and results show that, unlike in other models where the first ruin probabilities depend only on the proportion of chips of each player, the probabilities obtained by this model depend on the number of chips each player holds.

We study the fitness function of the artificial bee colony algorithm applying to solve the uncapacitated facility location problem. Our hypothesis is that the fitness function in the artificial bee colony algorithm is not necessarily suitable for specific optimization problems. We carry out experiments to examine several fitness functions for the artificial bee colony algorithm to solve the uncapacitated facility location problem and show the conventional fitness function is not necessarily suitable.

The game of Amazons is a combinatorial game sharing some properties of both chess and Go.We study programs which play Amazons with strategies based on Monte-Carlo Tree Search and a classical search algorithm, Alpha-Beta pruning.We execute several experiments to investigate the effect of increasing the number of searches in a Monte-Carlo Tree Search program. We show that increasing the number of searches is not an efficient method to strengthen the program for Amazons. On the other hand, augmenting the algorithms with a choice of several evaluation functions fulfills has great influence on playing strength.

Currently, TLS1.0 is one of the most widely deployed protocol versions for SSL/TLS. In TLS1.0, there are only two choices for the bulk encryption, i.e., RC4 or block ciphers in the CBC mode, which have been criticized to be insecure.

In this paper, we explore the current status of the CBC mode in TLS1.0 and prove theoretically that the current version of the (patched) CBC mode in TLS1.0 satisfies

indistinguishability

, which implies that it is secure against BEAST type of attacks.

Cognitive radio networks have received more research interest in recent years as they can provide a favourable solution to spectrum scarcity problem prevailing in the wireless systems. This paper presents a new key agreement protocol called ‘TKTOFT’ with modified batch rekeying algorithm for distributed group oriented applications in cognitive radio networks by integrating a ternary key tree and an one way function. It is inferred from the experimental results that TKTOFT outperforms the existing one way function based protocol both in terms of computation and communication overhead. Hence, TKTOFT is suited for establishing secure and quick group communication in dynamic groups in cognitive radio networks.

Mobile IPv6 is an improvement of the original IPv6 protocol, and provides mobility support for IPv6 nodes. However, the security of mobility management is one of the most important issues for MIPv6. Traditional MIPv6 uses IPSec to protect the mobility management, while the dependence on the mechanism of the pre-shared key or certificate limits its applicability. This paper proposes an improved scheme for the original method based on IBC, to protect the mobility management signaling for MIPv6.

At present protection against distributed attacks of the type “denial of service” (DDoS) is one of the important tasks. The paper considers a simulation environment for DDoS attacks of different types using the combination of a simulation approach and real software-hardware testbeds. In the paper we briefly describe the system architecture and a series of experiments for DDoS attack simulation on transport and application levels. The experimental results are provided, and the analysis of these results is performed.

Order-preserving symmetric encryption (OPE) is a deterministic encryption scheme which encryption function preserves numerical order of the plaintexts. That allows comparison operations to be directly applied on encrypted data in case, for example, decryption takes too much time or cryptographic key is unknown. That’s why it is successfully used in cloud databases as effective range queries can be performed based on. This paper presents order-preserving encryption scheme based on arithmetic coding. In the first part of it we review principles of arithmetic coding, which formed the basis of the algorithm, as well as changes that were made. Then we describe noise function approach, which makes algorithm cryptographically stronger and show modifications that can be made to obtain order-preserving hash function. Finally we analyze resulting vulnerability to chosen-plaintext attack.

The resolution of conflicts among non-functional requirements are difficult problem during the analysis of non-functional requirements. To mitigate the problem, the weighted softgoal is proposed based on the Softgoal Interdependency Graphs (SIG) that help engineers resolve conflicts among non-functional requirements. It is also shown evaluation results of the weighted SIG applications to develop non-functional requirements and choose alternative design decisions.

With the explosion of information technologies, the volume and diversity of the data in the cyberspace are growing rapidly; meanwhile the unsavory data are harming the security of Internet. So how to detect the unsavory data from the Internet big data based on their inner semantic information is of growing importance. In this paper, we propose the i-Tree method, an intelligent semantics-based unsavory data detection method for internet big data. Firstly, the internet big data are mapped into a high-dimensional feature space, representing as high-dimensional points in the feature space. Secondly, to solve the “curse of dimensionality” problem of the high-dimensional feature space, the principal component analysis (PCA) method is used to reduce the dimensionality of the feature space. Thirdly, in the new generated feature space, we cluster the data objects, transform the data clusters into regular unit hyper-cubes and create one-dimensional index for data objects based on the idea of multi-dimensional index. Finally, we realize the semantics-based data detection for a given unsavory data object according to similarity search algorithm and the experimental results proved our method can achieve much better efficiency.

In cloud storage services, users can store their data in remote cloud servers. Due to new and challenging security threats toward outsourced data, remote data integrity checking has become a crucial technology in cloud storage services. Recently, many integrity checking protocols have been proposed. Several protocols support batch auditing, but they do not support efficient identification when batch auditing fails. In this paper, we propose a new identification method for the corrupted cloud in multi-cloud environments without requiring any repeated auditing processes.

Face recognition technology, unlike other biometric methods, is conveniently accessible with the use of only a camera. Consequently, it has created an enormous interest in a variety of applications, including face identification, access control, security, surveillance, smart cards, law enforcement, human computer interaction. However, face recognition system is still not robust enough, especially in unconstrained environments, and recognition accuracy is still not acceptable. In this paper, to measure performance reliability of face recognition systems, we expand performance comparison test between real faces and face images from the recognition perspective and verify the adequacy of performance test methods using an image display device.

The histogram-based reversible data hiding scheme (RDH) generated a one-dimensional (1D) histogram distribution. In this article, based on two-dimensional (2D) histogram distribution, a framework of reversible data hiding is proposed by using two side-match predictors, called as Forward side-match (FSM) and Backward side-match (BSM). First, by considering each predicted pixel value, we use two side-match predictors to obtain two prediction error distributions. A slope meter is computed by the differencing of two distributions. Then, a two dimensional histogram is generated by composing of BSM distribution and slope meter. Based on the 2D, more specified spaces can be found to enhance the performance. The experimental results demonstrated that our proposed scheme can achieve better performance in terms of both marked image quality and embedding capacity than that of conventional works.

With the great development of cloud computing in recent years, the explosive increasing of image data, the mass of information storage, and the application demands for high availability of data, network backup is facing an unprecedented challenge. Image deduplication technology is proposed to reduce the storage space and costs. To protect the confidentiality of the image, the notion of convergent encryption has been proposed. In the deduplication system, the image will be encrypted/ decrypted with a convergent encryption keywhich is derived by computing the hash value of the image content. It means that identical image copies will generate the same ciphertext, which used to check the duplicate image copy. Security analysis makes sure that this system is secure.

Internet services make sharing digital contents faster and easier but raise an issue of illegal copying and distribution of those digital contents at the same time. A lot of public key encryption schemes solve this issue. However, the secret key is not completely protected i.e. these kinds of encryption methods do not prevent illegal copying and distribution of secret keys. In this paper, we propose a hybrid encryption scheme that employ terminal fingerprints. This scheme is a template to avoid such misuse of secret keys, and can be applied to, for example, attribute-based encryption schemes. There terminal fingerprint information is used to create a second encryption key and secret key. Since the terminal fingerprint is assumed to be unchangeable and unknowable, we ensure that our secret keys are valid in the terminal where such secret keys were created.

LEA is a symmetric block cipher proposed in 2014. It uses ARX design and its main advantage is the possibility of a fast software implementation on common computing platforms.

In this paper we propose a Differential Fault Analysis attack on LEA. By injecting random bit faults in the last round and in the penultimate round, we were able to recover the secret key by using 258 faulty encryptions in average. If the position of faults is known, then only 62 faulty encryptions are needed in order to recover the key which surpasses the results achieved so far.

Wu et al. proposed a key agreement to securely deliver a group key to group members. Their scheme utilized a polynomial to deliver the group key. When membership is dynamically changed, the system refreshes the group key by sending a new polynomial. We commented that, under this situation, the Wu et al.’s scheme is vulnerable to the differential attack. This is because that these polynomials have linear relationship. We exploit a hash function and random number to solve this problem. The secure multicast key agreement (SMKA) scheme is proposed and shown in this paper which could prevent from not only the differential attack, but also subgroup key attack. The modification scheme can reinforce the robustness of the scheme.

Quantum Key Distribution (QKD) technology, based on principles of quantum mechanics, can generate unconditional security keys for communication parties. Information-theoretically secure (ITS) authentication, the compulsory procedure of QKD systems, avoids the man-in-the-middle attack during the security key generation. The construction of hash functions is the paramount concern within the ITS authentication. In this extended abstract, we proposed a novel Efficient NTT-based

ε

-Almost Strongly Universal Hash Function. The security of our NTT-based

ε

-ASU hash function meets

ε

 ≤ 

L

(

n

 + 1)/2

n

 − 2

. With ultra-low computational amounts of construction and hashing procedures, our proposed NTT-based

ε

-ASU hash function is suitable for QKD systems.

We propose a novel Distributed Column-Oriented Database Engine (DCODE) for efficient analytic query processing that combines advantages of both column storage and parallel processing. In DCODE, we enhance an existing open-source columnar database engine by adding the capability for handling queries over a cluster. Specifically, we studied parallel query execution and optimization techniques such as horizontal partitioning, exchange operator allocation, query operator scheduling, operator push-down, and materialization strategies, etc. The experiments over the TPC-H dataset verified the effectiveness of our system.

Big data analytics has received widespread attention for enterprise development and enterprise information systems (EIS). However, how can it enhance the development of EIS? How can it be incorporated into EIS? Both are still big issues. This paper addresses these two issues by proposing an ontology of a big data analytics. This paper also examines incorporation of big data analytics into EIS through proposing BABES: a model for incorporating big data analytics services into EIS. The proposed approach in this paper might facilitate the research and development of EIS, business analytics, big data analytics, and business intelligence as well as intelligent agents.

The paper presents the Jbowl, Java software library for data and text analysis, and various research activities performed and implemented on top of the library. The paper describes the various analytical services for text and data mining implemented in Jbowl as well as numerous extensions aimed to address the evolving trends in data and text analysis and its usage in various tasks reflecting the areas such as big data analysis, distributed computing and parallelization. We also present the complex analytical platform built on top of the library, integrating the distributed computing analytical methods with the graphical user interface, visualization methods and resource management capabilities.

The paper describes corporate social responsibility (CSR) communication on Facebook and Twitter – how the companies use the social media for accomplishing their CSR communication goals. On the sample of ten global companies with the best CSR reputation research tracks down their social media activity, as well as posts, likes and comments of their customers. Observed companies on average dedicate about 1/10 of their social media communication bandwidth to CSR topics, mainly on Facebook. CSR topics do not seem to be of much interest to the readers (CSR posts are mostly ignored), but at least user sentiment related to CSR messages has been proven to be mostly positive. CSR on social networks is well established, leading CSR companies use this communication channel extensively.

An explorative study of factors affecting implementation and use of finance information systems (FISs) in developing countries is presented. The result is based on a field study investigating implementation of a finance information system at Makerere University, Uganda. Current literature suggests that how to implement information Systems (ISs) successfully is challenging, especially in developing countries. The research question addressed is: What factors during implementation impact use of FISs in developing countries? Empirical data was gathered through face-to-face interviews with involved stakeholders in the implementation project. Analysis was done as a within-case analysis and supports the findings of nine factors that are of specific importance in developing countries. The findings can help decision-makers in guiding implementation processes of large enterprise systems especially in the accounting and finance management disciplines in developing countries.

The aim of the paper is to present the advantages of the Use Cases transformation to the object layers and their visualization in 3D space to reduce complexity. Our work moves selected UML diagram from two-dimensional to multidimensional space for better visualization and readability of the structure or behaviour.

Our general scope is to exploit layers for particular components or modules, time and author versions, particular object types (GUI, Business services, DB services, abstract domain classes, role and scenario classes), patterns and anti-patterns in the structure, aspects in the particular layers for solving crosscutting concerns and anti-patterns, alternative and parallel scenarios, pessimistic, optimistic and daily use scenarios.

We successfully apply force directed algorithm to create more convenient automated class diagrams layout. In addition to this algorithm, we introduced semantics by adding weight factor in force calculation process.