Enhanced Security For Online Exams

340
IEEE TRANSACTIONS ON EDUCATION, VOL. 52, NO. 3, AUGUST 2009
Enhanced Security for Online Exams Using Group Cryptography

Im Y. Jung and Heon Y. Yeom
AbstractWhile development of the Internet has contributed to the spread of online education, online exams have not been widely adopted. An online exam is dened here as one that takes place over the insecure Internet, and where no proctor is in the same location as the examinees. This paper proposes an enhanced secure online exam management environment mediated by group cryptography using remote monitoring and control of ports and input. The target domain of this paper is that of online exams for math or English contests in middle or high school, as well as exams in online university courses with students in remote locations. Index TermsCheating control, e-monitoring, group cryptography, online exam, secure exam management.
I. INTRODUCTION
NLINE education has expanded rapidly [1][3]. Even so, the off-line test is usually chosen as the evaluation method for both off-line education and online education. The security of online examinations remains a problem. In some cases, the person writing the exam on a networked computer is monitored by a proctor at some predetermined location [4], [5]. But, the requirement for an exam location goes against the accessibility, the major attraction of e-learning or distance learning. The requirement may also negate the cost savings generated by e-learning or pose obstacles for remote students. Simplication and automation of educational processes are other benets of online education [6], [7], and online exams inherit these advantages. To remove the requirement for human intervention in secure online exam management so as to capitalize on the advantages of online processes, this paper proposes a solution to the issue of security and cheating for online exams. This solution uses an enhanced Security Control system in the Online Exam (SeCOnE) which is based on group cryptography with an e-monitoring scheme. The cryptography supports enhanced security control for the online exam process, as well as authentication and integrity. The e-monitoring provides a proctor function to remote examinees to prevent cheating, and thus removes the requirement of having to go to a xed location. The target of this paper is online exams for mathematics or English contests in middle
Manuscript received June 25, 2007; revised June 11, 2008. First published May 12, 2009; current version published August 05, 2009. The authors are with the School of Computer Science Engineering, Seoul National University, Seoul 151-742, Republic of Korea (e-mail: iyjung@dcslab. snu.ac.kr). Color versions of one or more of the gures in this paper are available online at http://ieeexplore.ieee.org. Digital Object Identier 10.1109/TE.2008.928909
or high school, and exams in online university courses with students at remote locations. This paper addresses the problem of administering an online exam at a xed time with the same questions for all examinees, just like an off-line exam, but without restricting the physical location of the examinees. As the SeCOnE system enables many kinds of tests to be given online, it can provide teachers with better evaluation standards for students and may contribute to improving the quality of education. The rest of this paper is organized as follows. Section II describes previous work on guaranteeing the security of online exams, as well as current applications of the online exam in distance learning. Section III analyzes the requirements for a secure online exam. Section IV describes the system architecture and the management of enhanced secure online exams system using SeCOnE. Section V demonstrates the soundness of the proposed scheme by analyzing the scheme for preventing and detecting cheating, the security settings, and the overhead in SeCOnE. Conclusions and areas of future research are presented in Section VI. II. RELATED WORK One proposal for secure online exams [4] was based on a secure exam protocol with an omnipotent central manager who controlled all the information for students, teachers, problem sheets, answer sheets, and grades. The weakness of this system was that the manager was assumed to be absolutely honest. Moreover, a restricted room was required for the exam, to prevent cheating. Thus, the proposed exam scheme did not share the advantages of online education. The security problems related to online exams include not only unauthorized access to the problem sheets before the exams, but also modication of the questions, the answers, and the grades [4]. In addition, different cheating patterns exist [8], [9], including copying the answers of others, exchanging answers, searching the Internet for answers, using the data and software saved on the students local computer [10], [11], and discussing the exam by e-mail, phone, or instant messaging. Several methods of combating this include giving a different problem set to each student [7], [9], restricting the exam room [10], [12], or limiting the number of answer submissions to one [10]. Research has focused on methods to check student identities and to communicate securely between teachers and students [4], [13], rather than on countermeasures against cheating on online exams. Cheating on off-line exams is also a big problem. According to some studies [6], [14], as the level of communication between teachers and students decreases, the tendency to cheat increases. This effect has a direct impact on online exams, when students may have little contact with their teachers.
0018-9359/$26.00 2009 IEEE

Authorized licensed use limited to: Sathya Narayanan. Downloaded on December 23, 2009 at 23:47 from IEEE Xplore. Restrictions apply.
JUNG AND YEOM: ENHANCED SECURITY FOR ONLINE EXAMS
341
Most modern online education uses Web-based commercial course management software [15] such as WebCT [10], Blackboard [9], or software developed in-house. This software is not used widely for online exams, due to security vulnerabilities, and the system must rely on students honesty or their having an honor code [16]. Previous Web-based approaches to online exams have highlighted easy accessibility and simplied exam management [7], [8], [12], [13]. However, authentication through only a user name and password can be the weak point in the security of online exams. The very environment in which students can use a Web browser and the Internet enables them to search the Internet and to communicate with others for help during the exam. One proposal was to use a Webcam to prevent cheating by randomly transmitting pictures of students during online exams [8]. However, several soundless pictures of a student do not show what that student is doing or why he or she is doing it, or even if cheating is taking place through Web searching, the use of saved data, or chatting. Considerable discussion has taken place on group protocols and group-mediated communications to ensure secure communications among group members [17], [18]. This discussion has included the consideration of secure group composition, secure intergroup communication using a public key, and secure intragroup communication using the symmetric key through the Dife-Hellman key exchange [19]. This paper adopts two groups for secure communication between distributed entities in the online exam system. The intergroup communication is protected through public key infrastructure (PKI), while intragroup communication uses several symmetric Dife-Hellman keys. The group in this paper is a concept for entities with similar roles. III. REQUIREMENTS FOR A SECURE ONLINE EXAM The requirements for a secure online exam are as follows. Accessibility Online exams should be possible without regard to location and time. Monitoring The absence of proctoring on online exams may relax [6], [14] the examinees and encourage cheating [8]. Therefore, it is necessary for an online exam management system to have some monitoring method to prevent and to detect cheating. Management Online exam management includes problem creation, problem sheet distribution, answer sheet collection, marking, grade posting, and handling of appeals. The cost savings of online exams mitigate the burden of exam enforcement and induce many examinees located at very remote sites to participate in the exam. Educators can obtain more objective standards for evaluation. The automatic management of exams lets the examinees know their exam performance very quickly. Online exams permit both educators and examinees to achieve their objectives efciently. An online exam should also have the following features. Authenticity The identities of the examinee, examiner, marker, and proctor should be all authenticated and veried at every step in the online exam process, because it is difcult to identify them face-to-face online.
Integrity Problems and answers should both be checked for their integrity, to detect unauthorized changes. Only one submission of the answer sheet should be allowed, and the submission of answers after the exam has ended should be prohibited. The unauthorized deletion or the modication of the materials related to the exam should be impossible, or at least detectable. Secrecy The problem sets should be available to the examinees only during the exam period. The answer sheets should be kept securely before grading. Copy Prevention and Detection Types of cheating discussed in this paper are impersonating an examinee; getting help from others, or helping an examinee with the exam; discussing the exam with others; using unauthorized electronic material that may be helpful in completing the exam; and intercepting or interfering with communications during an online exam. Cheating should not be permitted during the exam, or at the very least, should be detected after the fact. IV. AN ENHANCED SECURITY CONTROL IN THE SeCONE SYSTEM A. Architecture of the SeCOnE System As shown in Fig. 1, all entities in the SeCOnE system peror . reform their roles as members of either group , and then ceives the problems and the right answers from distributes the problems and collects the answer sheets from . using the monA proctor monitors the examinees through . Through , an examinee belonging to and itor data in , can take the online exam. The group agents managed by and create a set of public and private keys [20] for each group. They distribute this set of keys to their group members at each exam, and exchange the public keys with each other. The public key of each group is used for secure intergroup communications. For secure communications among group members, they use the symmetric keys created by the Dife-Hellman key exchange [21]. B. Equipment The examinees computers should be equipped with Webcams and microphones. High-quality Webcams are readily available now and are constantly improving [22], [23]. Therefore, the use of Webcams in online exams is not considered unreasonable. C. The SeCOnE System Software The SeCOnE system software is divided into two parts depending on the role, that is, whether it is on the client side , or server side . The operating system of the examinees computers and the proctors computer is assumed to be Windows XP or Windows 2000. However, the program semantics are not conned to Windows because the APIs to control the examinees computer and
342
Fig. 1. The system architecture of SeCOnE.
Fig. 2. Online exam setup.
Fig. 3. Scheduler architecture.
to handle the multimedia data are also available in Linux and Unix environments. 1) Server Side: Scheduler As shown in Figs. 2 and 3, through the Examiner/Examinee management module, obtains the temporary from directly when an identity of the examiner online exam is set up. The identity is encrypted with the shared by and . To symmetric key
input the problems, the right answers, the exam duration, and the time assigned for each problem, the examiner is with by the Exam Setup Manveried through . Through the Problem/Answer agement module in Management module, the problems, the right answers, and the time allocated to the problems are saved in the . When database (DB), which is accessed only by connects to with its identity, and its IP, , the Examiner/Examinee management module
343
Fig. 4. Online exam client state transition diagram.
Fig. 5. Monitor server architecture.
sends them to and requests the verication of the examinee. As is encrypted with , cannot know its identity nor can verify the examinee. saves and in the After the verication, to . Then, it sends the probDB and sends lems and the time assigned for the exam to through the Exam Process Management module. According to the exam management policy of the SeCOnE system, at the end of the exam or earlier, the answer sheets submitted by the examinees are delivered to the Exam Process Management module, which saves the answers in the DB, then the Grade Management module marks them with the correct answers provided . The grades are also kept in the DB. The anby can be referenced by swer sheets marked by through the Grade Management module when subjective questions are included in the problems. The grades s after all the examinees have are distributed to the submitted their answer sheets. If an examinee, whose , is not satised with his or her grade identity is , he or she sets up an appeal to through the Exam Process Management module. The through the Claim Manageclaim is delivered to ment module, and a regrading is initiated. The Time Control module manages the exam time, and the Exam s State Management module checks the states of all according to Fig. 4. The Authentication Management module is responsible for the integrity checking of the communication messages and the examinee authenti-
cation. The inquiries from the examinees during the exam are managed by Question management. Inquiries can provide the are saved in the DB rst so that replies for them one by one. When the replies are checked by the Question Management module, they , which sent out are immediately transmitted to the the questions. Secure intragroup communication goes through the Intragroup Communication Control module in . This module manages the symmetric keys shared between and the other members in . Monitor Server As shown in Fig. 5, when the Examinee Management receives the examinees IP from , module in it prepares a directory to save the monitor data of the examinee in a le server. The module also veries the examinee by comparing the IP with that from as shown in Fig. 2. The monitor data are saved with the reference photos for the examinees from ; the authenticated the examphotos were taken when inees. During or after the exam, a proctor connecting through can verify an examinee by comparing the stored reference photo and the monitor data. The Online Exam Client Handler module noties the ports are to which video, audio, and screen captures of sent. Then, the three types of the monitor data are managed through the Video Stream Management, Audio Stream Management, and Screen Capture Management modules, respectively. Before the exam starts, a proctor through and test whether should connect to
344
Fig. 6. Online exam client architecture.
the monitor data are reaching and being saved in . , should be veried Of course, to connect to issued by in advance with its temporary identity . The monitor data such as video, audio, and screen snapshots are saved with the time stamps that tell when . they were created and when they arrived at connects to through the Monitor Client Handling module and obtains the monitor data. Examinee Group Agent prepares two sets of public and private keys, and when is created. The former set is for and the itself. also issues one-time identilatter is for after the authentication of ties for the members of the examinees. Verication with the Webcam should by an exam be carried out through the client to administrator. Exam Admin Group Agent As , creates and when registers itself to and is created. also issues one-time identities for its group members after authenticating them. sends the identity of and As shown in Fig. 2, the of to . It also sends the identity of the to . Through the identities, the s examiner for the examinees and the public key of the group, and check the integrity of the data that the members of and sent and received each other. Proctor Client connects to to supervise the exam by the monitor data during the exam and even afterward. The proctor and be authenticated with a should rst register at when connecting to though temporary identity . 2) Client Side Online exam client In , which is installed on the examinees computer, all communications except those related to the online exam process are prohibited by closing all the ports irrelevant to the exam using a lter-hook driver [24]. Moreover, as shown in Fig. 6, other applications on the exam, are prohibited from starting inees computer, except up by a keyboard-hook [25]. In addition, the start menu,
the task bar, and the icons in the background of the computer screen are hidden and the execution of a new process, or a new thread, on a new desktop is prohibited. The video of the examinees is captured using the VFW and WAVE APIs. As Windows programming APIs, they are based on vfw32.lib and winmm.lib, respectively. The video stream from the Webcam is compressed . The audio stream using H.263 [26] and sent to without compresfrom the microphone is sent to sion because of its small size. The screen snapshot is processed through the Capture API to reduce its . The resolution and its size, and is then sent to modules that produce the three types of monitor data, that is, the Video Stream Control, Audio Stream Control, and Screen Capture modules, operate as simultaneous threads until the exam ends. The online exam proceeds under the control of the Online Exam Process Control module. The problems and the grades are distributed to the examinees through the Problem Management and submits Grade Management modules, respectively. through the Answer Management the answers to module, and the exam time is managed by the Time through the Control module. An appeal is sent to Grade Management module. The questions during the exam are handled by the Question Window module. The Exam Setup Management module obtains the temand the IP of from . The porary identity of communications between and are through the Intragroup Communication Control module. The Exam manages the states of State Management module in shown in Fig. 4. If failures in the state transition or abnormal execution of a program occur in the SeCOnE system, the examinees can no longer submit answers. D. Enhanced Security Handling for the Online Exam Process 1) Setup for the Exam Environment: All examinees downand install it on their computers. One monitor per exload runs as a full screen program and closes aminee is assumed. all ports except those required for the online exam and checks the Webcam and microphone. After the environment for the online exam is set up and the examinee is authenticated, the opens the problem sheet for problem sheet is distributed.
345
Fig. 7. A secure online exam process.
the examinee upon receipt of the message from to start the exam. 2) Setup of an Online Exam: Fig. 2 shows the setup of , which registers itself to an online exam initiated by and receives its temporary identity in the form . When an examinee registers with of through , he or she receives in the form of from as a member of and . connects to and requests Then, as shown in Fig. 7, and . its authentication by sending After registers with , sends , , and for to . sends and to to be a reference for detecting cheating. When noties of , checks whether the IP is in the IP list of the examinees from . If the IP is valid, requests the transmission tests of the monitor data for the examinee. When the data stream of video, audio, and the screen shots and successfully saved, for examinees are transmitted to a proctor inspects them through and decides whether the online exam environment is ready for the examinees. 3) Control of the Online Exam: After the online exam is sends the problem sheet , its digital signature set up, signed by , and the identity of the examto as shown in Fig. 7. iner checks the integrity of with and requests to . verication of the examiner by sending After verifying that no anomalies exist in the problem sheet, sends the ready message to . When receives the ready message from all the examinees, it sends the start message to s. At that point, lets examinees see the problems all the one by one. The monitor data for all examinees are transmitted sends to the monitor server until the exam ends. , , , , , as well as its answer sheet, to .
requests the verication of to and checks the integrity of the problems and the answers. By checking the s, manages the state of the online exam to detect state of abnormal situations such as faults in state transition, as shown in Fig. 4. submits 4) Grading: As shown in Fig. 7, after and is authenticated by , marks the and answer sheet with the right answers provided by . If subjective questions occur in the gives the grade is decided by the marker problems, the nal grade through . or is distributed to when all the examinees nish their exams. veries the integrity of the grade with its digital signatures or , and opens them to the examinee whose identity is . , is not 5) Appeal: If the examinee, whose identity is satised with his or her grade, he or she can submit an apwith the grade to through peal as shown in Fig. 8. When the marker checks the appeal and re, then sends to the examinee. grades as V. ANALYSIS A. Security Proof for SeConE and E-monitoring 1) Online Exam Process and System Modeling: Fulllment of Security Requirements: The SeCOnE system provides an easy and automated exam process. Also, because the system does not restrict the examinees location at the time the online exam is given, the system preserves accessibility. This is made possible through the e-monitoring and the enhanced security control in SeCOnE. Through the e-monitoring method proposed, the examinees can be watched, just like in an off-line exam. Any cheating that
346
Fig. 8. Appeal of a grade and reassessment.
was not noticed during the exam can be detected through the monitor data saved on the monitor server. The enhanced security for the online exam is controlled through the intergroup communication based on PKI, the intragroup communication using symmetric keys and the temporary identity. The exam administrative group and the examinee group are set for every exam. All the entities related to an exam belong to one of those two groups. Agents for the two groups issue the temporary identities to their group members. Neither they nor the group members themselves know the identities of the other group members. Furthermore, a group member does not know his or her temporary identity, because it is issued in an encrypted form protected by the public key of the verier, the other group agent. The identities are exchanged by the group agents. Thus, when a group member receives a message, he or she requests the verication for the sender from the group agent. In addition, message integrity for problems, answers, and grades is guaranteed through the use of digital signatures. Because temporary identities are used in the online exam, it is very important to conrm the identity of someone who is issued a temporary identity. In this paper, that conrmation is performed via a Webcam. An exam administrator connecting to the agent program veries the person to be authenticated, using the Webcam. In this process, a reference photograph of the group member is taken and saved in the monitor server for later detection of possible impersonation. Because the online exam client controls the examinees exam environment by providing the problems one by one, the examinee cannot submit answers more than once, or cancel or change an answer after submitting it. The exam cannot be deleted or canceled unless the examinee halts the online exam client on his or her computer. In SeCOnE, the number of answers to be submitted can be compromised according to the problems and the exam policy. This feature contributes to reducing the chance of cheating, as well as to the introduction of a exible online exam management. The problems are managed by the online exam client after they are issued by the scheduler, but they are not opened before the scheduler sends the message to start the exam. The message is sent only after the online exam environment has been set up and all the online exam clients send the ready message to the scheduler. Therefore, it is possible for all examinees to take the
online exam simultaneously. If, however, it is difcult for all examinees to take an online exam at the same time, examiners can prepare one set of problems for each of several exam times so that the examinees can choose the time that suits them best. The grades are marked with the correct answers already provided by the examiner and automatically saved in the database (DB) if no subjective questions were asked. The grades, as well as the problems and the right answers, are kept secure because access to the DB is restricted to the scheduler. And, because all examinees computers are restricted from engaging in Internet communications except for those related to the online exam process, Internet-related accidents in the online exam process should be rare. Completeness of System Modeling: In the SeCOnE system, online exams have been described using the same semantics , the that apply to ofine exams. Through the examiner person setting the exam can provide the problems and their right answers. Through the marker, she or he can mark the subjective questions and decide the nal grades for the examinees. Through the proctor, she or he can supervise the examinees with the monitor data saved in the monitor server in near real time. The problems, their right answers, and the answer sheets from examinees are managed by the scheduler. The authentication, which traditionally was based only on a user name and password, is strengthened by the group management. This process includes verication by Webcam and issuance of temporary identities for every exam. No entity can know all the information, such as the real identities of the entities or the cryptographic keys in the system. This precaution avoids the potential for system compromise due to the failure of a single entity because of maliciousness or an external attack. The SeCOnE system is based on an open architecture, and the scheduler and the monitor server are scalable depending on the predicted load for them. Having the monitor data saved in the monitor server reduces the probability that cheating during an exam will be missed by the proctor. In this system, more proctors are not required as the number of examinees increases, as would be the case in an off-line exam. B. Cheating Prevention and Detection Through E-monitoring Cheating is any behavior that places the fairness of the exam in doubt. Although not all cheating techniques may be covered,
347
the scheme proposed in this paper is a way to avoid simply relying on the examinees sense of honor not to cheat. The SeCOnE system adopts ve methods to prevent and detect cheating. First, the identities of entities in the system are veried by a Webcam, and the reference photos taken during the verication process are saved for authentication during the exam. Second, the monitor data for the examinees are recorded and saved during exam. With continuous recording of video and audio during the exam rather than isolated images, a proctor can better understand the examinees situation and reduce the chance of false-positives or negatives in the determination of cheating, even after the exam. Third, through the screen shots saved in parallel with videos of an examinee, a proctor can better determine what the examinee is actually doing with his or her computer. Fourth, all communications by the examinees, except for those required for the online exam, are disabled through port control. All ports except those required for the online exam are disabled and the ports used can be chosen randomly for each examinee; the ports to be used have only to be sent to the exam administrative group with the IP of the exam client. Therefore, cheating through a xed port can be rare. Fifth, all other programs except the online exam client are deactivated by controlling the inputs of the examinees. By cutting off electronic communications and disabling other computer programs or inputs on the examinees computers, the examinees can be prohibited from cheating using their local computer or the Internet.
C. Overhead 1) The System Architecture of SeCOnE: The physical equipment for an online exam includes computers with Webcams and microphones. The communications for an online exam take place mainly before and after the exam time. During the exam, only the monitor data, a few messages to check the exam state, and questions, if any, ow to the server side. Because SeCOnE has an open architecture, the scheduler and the monitor servers should be made up of as many machines as required to provide their services with as small a latency as possible during the online exam; this number of machines will depend on the number of examinees. 2) Online Exam Management: Communications before exam time are required to authenticate the entities in the SeCOnE system and to setup the exam process. The system requires key management services for the symmetric and public keys as well as for the secure cryptographic scheme, but the encryption and decryption do not take place during the exam. 3) Cheating Prevention and Detection: The overhead related to preventing and detecting cheating is related to the transmission delay and the storage requirements for the monitor data. To analyze these issues, a prototype of the SeCOnE system was constructed and the amount of data per second created by the online exam client was measured. A Logitech QuickCam Pro4000 with an embedded microphone was used. The online exam client was installed on a Pentium IV 3.00 GHz CPU computer with 1 GB RAM running
Fig. 9. The performance of monitor data delivery. (a) MAX, AVG, and MIN buffer requirements at the gateways of nodes. (b) Node delay per packet.
Windows XP. For the video data, the frame rate was set to 15 and the maximum allowed drop rate was 50%. Video data was compressed using H.263. The audio data were not compressed. Screen images were captured twice a second, at a resolution of 1280 1024 pixels, and then lowered to 256 colors, reduced to quarter the original size, and converted to GIF. For a 1-h exam, the amount of data saved on the monitor server for each examinee is 720 MB, which could be stored on a single CD. The load estimation for the monitor server with many examinees was also analyzed using queuing theory and a corresponding simulation. The modeling and the simulation indicated how many monitor servers should be provided, and how long the transmission delay would be as a function of the number of examinees. It was assumed that the arrival rate at the monitor server followed the Poisson distribution, and the monitor server itself was considered as M/M/1. Link or node failures, or the propagation delay, were not considered. The performance , which is the of the model was measured using the value of average time for a packet to stay in the monitor server, and B, which is the size of the packet buffer in the gateway at the monitor server to avoid dropping packets above the probability as (1). is the total number of examinees, is the arrival rate . The service rate in the monitor server can be derived at is the time required to copy one packet of as (2) where the monitor data because one copy is saved in the monitor server
348
and the other copy is transferred to the proctor who requested it for monitoring purposes
(1) (2) When the distribution of packet lengths is assumed to be exponential with 515 bits/packet and the link capacity is xed as 100Mb/s, the is given as 5.15 . The copy time is measured on a Pentium IV 3.2 GHz computer with 2 GB and RAM, running FreeBSD-4.11. The values of were 4.25 /packet and 4 packets/s, respectively, averaged over was set to 1000 trials. To obtain , the drop ratio bound . Fig. 9(a) shows the maximum (MAX), average (AVG), and minimum (MIN) buffer requirements of at the gateways . In Fig. 9(b), the delay per packet of nodes for the given in a node affects the delay of the monitor data delivered to the monitor server. As the number of examinees increases, the total volume of the monitor data also increases. Even though the transmission environment of the monitor data was simplied in the modeling, one monitor server is expected to be able to cope with up to 30 examinees without major problems. But, the monitor servers can be augmented according as the number of examinees increases. VI. CONCLUSIONS AND FUTURE WORK This paper describes how the SeCOnE system provides both a secure online exam management and a scheme for the prevention and detection of cheating using e-monitoring. The measures for preventing and detecting cheating proposed in this paper cover cheating methods identied for the online exam process via computer or Internet, although it may not address all possible cheating methods. This paper is targeted towards exams administered through the Internet at a xed time with one problem set, but without any restriction on the exam location. A powerful feature is that SeCOnE can be applied to an exam administered at different times. In this case, the examiner should prepare as many problem sets as there are exam times, in order to prevent cheating during the exam. One overhead cost for this system is in the preparation of the equipment, such as Webcams and microphones, to monitor and to authenticate the entities. A network load due to monitor data transfer and the storage is another overhead to be considered, but this is not a major obstacle when data compression is used and more monitor servers are prepared. Future research will consider the effects of malicious entities in the system, and the processes involved in handling failures. REFERENCES
[1] Golden Gate University [Online]. Available: http://www.ggu.edu/cybercampus/DegreesCourses/ClassSchedule [2] Univ. Phoenix Online [Online]. Available: http://online.phoenix.edu/ Degree_Programs.asp [3] New York University [Online]. Available: http://www.scps.nyu.edu/ areas-of-study/online/
[4] C.-R. Jordi, H.-J. Jordi, and D.-J. Aleix, A secure E-exam management system, in Proc. 1st Int. Conf. Avilabil., Reliab. Security, 2006. [5] TOEFL [Online]. Available: http://www.ets.org/bin/getprogram.cgi? Source=toe&newRegURL=&test=TOEFL&greClosed=new&gre ClosedCountry=China&browserType=Other&toeType=&redirect =&t_country1=group_Korea%28Rok%29 [6] N. Rowe, Cheating in online student assessment: beyond plagiarism, The Online J. Distance Learn. Administr., vol. 7, no. 2, 2004. [7] J. McGough, J. Mortensen, J. Johnson, and S. Fadali, A Web-based testing system with dynamic question generation, in Proc. 31th ASEE/ IEEE Frontiers in Educ. Conf., Reno, NV, 2001, vol. 3, pp. S3C23. [8] C. C. Ko and C. D. Cheng, Secure Internet examination system based on video monitoring, Internet Res.: Electron. Netw. Appl. Policy, vol. 14, no. 1, pp. 4861, 2004. [9] The Blackboard Northern Illinois Univ. [Online]. Available: http://www.blackboard.niu.edu/blackboard/ [10] C. Rogers, Faculty perceptions about e-cheating during online testing, J. Comput. Sci. Colleges, vol. 22, no. 2, pp. 206212, 2006. [11] D. L. McCabe, L. K. Trevino, and K. D. Buttereld, Cheating in academic institutions: A decade of research, Ethics Behav., vol. 11, no. 3, pp. 219232, 2001. [12] F. DePiero, Netexam: a Web-based assessment tool for Abet2000, in Proc. 31st ASEE/IEEE Frontiers in Educ. Conf., Reno, NV, 2001, vol. 2, pp. F3A13. [13] A. Shafarenko and D. Barsky, A secure examination system with multi-node input on the world-wide Web, in Proc. Int. Workshop on Adv. Learn. Technol., 2000, pp. 97100. [14] J. Burgoon, M. Stoner, J. Bonito, and N. Dunbar, Trust and deception in mediated communication, in Proc. 36th Hawaii Int. Conf. Syst. Sci., 2003, pp. 4454. [15] W. L. Goffe and K. Sosin, Teaching with technology: May you live in interesting times, J. Econom. Educ., vol. 36, no. 3, pp. 278291, 2005. [16] J. C. Adams and A. A. Armstrong, A Web-based testing: A study in insecurity, World Wide Web, vol. 1, no. 4, pp. 193208, 1998. [17] D. Agarwal, O. Chevassut, M. R. Thompson, and G. Tsudik, An integrated solution for secure group communication in wide-area networks, in Proc. IEEE Symp. Comput. Commun., 2001, pp. 2228. [18] K. Berket, D. A. Agarwal, P. M. Melliar-Smith, and L. E. M. Ernest, Overview of the intergroup protocols, Lecture Notes in Comput. Sci., vol. 2073, pp. 316325, 2001. [19] E. Bresson, O. Chevassut, and D. Pointcheval, Provably-secure authenticated group Dife-Hellman key exchange, ACM Trans. Inf. Syst. Security J., vol. 10, no. 3, 2007, Article 10. [20] K. D.-P. N, A. Rouskas, and S. Gritzalis, A PKI approach for deploying modern secure distributed e-learning and m-learning environments, Comput. Educ., vol. 48, no. 1, pp. 116. [21] W. Dife and M. Hellman, New directions in cryptography, IEEE Trans. Inf. Theory, vol. IT-22, pp. 644654, Nov. 1976. [22] Linksys WebCAM [Online]. Available: http://www. linksys.com/servlet/Satellite?c=L_Product_C2&child pagename=US%2FLayout&cid=1175229403526&pagename= Linksys%2FCommon%2FVisitorWrapper&lid=0352686883B01 [23] Logitech WebCAM [Online]. Available: http://www.logitech.com/ index.cfm/ webcam_communications/webcams/&cl=kr,ko [24] Filter-Hook Drivers, MSDN Library [Online]. Available: http://msdn2. microsoft.com/en-us/library/ms802735.aspx [25] Keyboard Control MSDN Library [Online]. Available: http://msdn2. microsoft.com/en-us/library/ms644985.aspx [26] Draft ITU-T Recommendation H.263 ITU-T, 1996. [27] J. Georage and J. Carlson, Group support systems and deceptive communication, in Proc. 32th Hawaii Int. Conf. Syst. Sci., 1999, vol. 1, no. 1, p. 1038. [28] Koreas Education Broadcasting Station [Online]. Available: http://www.ebs.co.kr/Contents/TV/, [29] BBC On-line Learning site [Online]. Available: http://www.bbc.co.uk/ learning/ [30] K. O. Jones, J. Reid, and R. Bartlet, E-learning and E-cheating, in Proc. 3rd E-Learn. Conf., 2006. [31] T. Wielicki, Integrity of online testing in E-learning: empirical study, in Proc. 4th Ann. Int. Conf. Pervasive Comput. Commun. Workshops (PERCOMMW06), 2006, pp. 206210. [32] Y. Zhenming, Z. Liang, and Z. Guohua, A novel Web-based online examination system for computer science education, in Proc. 33rd ASEE/IEEE Frontiers in Educ. Conf., 2003, pp. S3F_7S3F_10. [33] D. M. Eplion and T. J. Keefe, On-line EXAMs: Strategies to detect cheating and minimize its impact, in Proc. 10th Ann. Technol. Conf., 2005.
349
[34] Anonymous Marking of Final Examiniation at UCR Senate Executive Committee Univ. Cape Town, UCT Administrative Document [Online]. Available: http://www.uct.ac.za/downloads/uct.ac.za/about/policies/anonymous_marking.pdf [35] Exam Anonymity Univ. Winsor Student Committee [Online]. Available: http://cronus.uwindsor.ca/units/vpacademic/5yearplan/scmain.nsf/3feb40e0b3f9c0ea85256959004f19f6/2d700d00f1d793 01852573cc0053a6ac/$FILE/SC0801175.2.pdf [36] J. Simon, Blatant cheating detected in an online examination, in Proc. 2nd Asia-Pacic Educ. Integrity Conf., 2005.
From February 2001, she was a researcher for three years with the Electronics and Telecommunications Research Institute (ETRI), South Korea. She is currently a Ph.D. degree candidate at Seoul National University. Her current research interests include e-Science, Grid computing, distributed computing, security, large data management system, workow system, and fault tolerance.
Im Y. Jung received the B.S. degree in chemistry from Pohang University of Science and Technology in 1993 and a second B.S. degree in computer science from Seoul National University in 1999. She received the M.S. degree in computer science and engineering also from Seoul National University in 2001.
Heon Y. Yeom received the B.S. degree in computer science from Seoul National University, Seoul, Korea, in 1984 and the M.S. and Ph.D. degrees in computer science from Texas A&M University, College Station, in 1986 and 1992, respectively. From 1986 to 1990, he was with Texas Transportation Institute as a Systems Analyst and from 1992 to 1993, he was with Samsung Data Systems as a Research Scientist. He joined the Department of Computer Science, Seoul National University, in 1993, where he currently is a Professor and teaches and conducts research on distributed systems, multimedia systems, and transaction processing.

Enhanced Security For Online Exams

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Enhanced Security For Online Exams

Uploaded by

Copyright:

Available Formats

340

IEEE TRANSACTIONS ON EDUCATION, VOL. 52, NO. 3, AUGUST 2009