Medical Image Fusion Based on Wavelet Transform

Ganesh J. Jagtap
Lecturer in Information Technology,
SVPM’s Institute of Technology & Engineering, Malegaon(Bk),
Tal: Baramati, Dist: Pune 413102
If the analysis of the characters of CT medical image is carried out, it seems that a novel method for
this particular image fusion is using discrete wavelet transform and independent component analysis.
Firstly, each of CT images is de-composed by 2-D discrete wavelet transform. Then independent
component analysis is used to analyze the wavelet coefficients in different level for acquiring
independent component. At last, the use of wavelet reconstruction for synthesizing one CT medical
image, which could contain more integrated accurate detail information of different soft tissue such as
muscles and blood vessels is made. By contrast, the efficiency of method is better than weighted
average method or laplacian pyramid method in medical image fusion field. Nowadays, the
study of multimodality medical image is very important because of increasing clinical application
demanding. We can get the different benefits from the information in the images of different
In the recent years, the study of multimodality medical image fusion attracts much
attention with the increasing of clinic application demanding. Radiotherapy plan, for instance,
often benefits from the complementary information in images of different modalities. Dose
calculation is based on the computed tomography (CT) data, while tumor outlining is often
better performed in the corresponding magnetic resonance (MR) scan. For medical diagnosis,
CT provides the best information on denser tissue with less distortion, MRI provides better
information on soft tissue with more distortion, and PET provides better information on blood
flow and flood activity with low space resolution in general. With more available
multimodality medical images in clinical applications, the idea of combining images from
different modalities becomes very important and medical image fusion has merged as a new
and promising research field. The general object of image fusion is to combine the
complementary information from multimodality images. Some image fusion methods have
been introduced in the literatures, including statistical method (Bayesian's decision), Fuzzy set
method, neural network method, Laplacian pyramid method and wavelet transform method. It
should be noted that the fusion methods are application-dependent.
In the signal processing theory, the nature of non-periodic and transient signals cannot
easily be analyzed by conventional transforms. So, an alternative mathematical tool-wavelet
transform, developed by MATLAB is used to extract the relevant time-amplitude information
from a signal.
Woei-Fuh Wang ital[1] worked on PET-MRI image registration and fusion, providing
fused image which gives both physiological and anatomical information with high spatial
resolution for use in clinical diagnosis and therapy.
Gemma Piella[2] presents new approach for accessing quality in image fusion by
constructing ideal fused image, used it as reference image and compare with the experimental
fused results. Mean Squared Matrices are widely used for these comparisons.
Paul Hill, Nishan Canagarajah and Dave[3] Bull have introduced novel application of
shift- invarient and directionally selective Dual Tree Complex wavelet transform (DT-CWT)
to image fusion, providing improved qualitative and quantitative results.Myungjin Choi, Rae
Young Kim, Myeong-Ryong NAM, and Hong Oh Kim[4] proposed the curvelet transform for
image fusion .The curvelet-based image fusion method provides richer information in the
spatial and spectral domains simultaneously. They performed Landsat ETM+ image fusion
and found optimum fusion results.
Yu Lifeng, Zu Donglin, Wang Weidong , Bao Shanglian[5] have proposed integrated
scheme to fuse medical images from different modalities. First they have registered images
using SVD-ICP (Iterative Closest Points) method and evaluated the different fusion results by
applying different selection rules.
QU Xiao have associated NSCT (Non Subsampled Countourlet Transform) with
PCNN (Pulse Coupled Neural Networks) and employed in image fusion. Spatial frequency in
NSCT domains is input to motivate PCNN and coefficients in NSCT with large firing times
are selected as coefficients of the fused image[6].
3.1. Problem Statement
Take a more than two images reconstruction using Wavelet Transform to these images
and the process of combining relevant information from two or more images into a single
image. The resulting image will be more informative than any of the input images.
3.2. Block Diagram
Figure. 3.1. Image Fusion Scheme
3.3. Module Wise Description
First, the CT and MRI images to be fused are decomposed by discrete wavelet
transform. The images should be decomposed into same levels. These sub-band images
constitute the details of the original images.
Using IDWT, have to combine the information from each image by fusion rules,
taking significant components from each level.
3.3.1. Multiresolution Analysis
Although the time and frequency resolution problems are results of a physical
phenomenon (the Heisenberg uncertainty principle) and exist regardless of the transform used,
it is possible to analyze any signal by using an alternative approach called the multiresolution
analysis (MRA). MRA, as implied by its name, analyzes the signal at different frequencies
with different resolutions. Every spectral component is not resolved equally as was the case in
the Short Time Fourier Transform (STFT).
MRA is designed to give good time resolution and poor frequency resolution at high
frequencies and good frequency resolution and poor time resolution at low frequencies. This
approach makes sense especially when the signal at hand has high frequency components for
short durations and low frequency components for long durations. Fortunately, the signals that
are encountered in practical applications are often of this type.
The wavelet transform is a powerful tool for multiresolution analysis. The
multiresolution analysis requires a set of nested multiresolution sub-spaces as illustrated in the
following figure:

Figure. 3.2. Nested Multiresolution Spaces
The original space V0 can be decomposed into a lor resolution sub-space V1, the
difference between V0 and V1 can be represented by the complementary sub-space W1.
Similarly, can continue to decompose V1 into V2 and W2. The above graph shows 3-level
decomposition. For an N-level decomposition, will obtain N+1 sub-spaces with one coarsest
resolution sub-space Vn and N difference sub-space Wi, i is from 1 to N. Each digital signal
in the space V0 can be decomposed into some components in each sub-space. In many cases,
it's much easier to analyze these components rather than analyze the original signal itself.
3.3.2. Filter Bank Analysis
The corresponding representation in frequency space is intuitively shown in the
following graph: Can apply a pair of filters to divide the whole frequency band into two
subbands, and then apply the same procedure recursively to the low-frequency band on the
current stage. Thus, it is possible to use a set of FIR filters to achieve the above
multiresolution decomposition. Here is one way to decompose a signal using filter banks.
Figure. 3.3. Multiresolution frequency bands
The effect of this shifting and scaling process is to produce a time-scale representation,
as depicted in Figure 4. As can be seen from a comparison with the STFT, which employs a
windowed FFT of fixed time and frequency resolution, the wavelet transform offers superior
temporal resolution of the high frequency components and scale (frequency) resolution of the
low frequency components. This is often beneficial as it allows the low frequency
components, which usually give a signal its main characteristics or identity, to be
distinguished from one another in terms of their frequency content, while providing an
excellent temporal resolution for the high frequency components which add the nuance's to the
signals behavior.
Unlike STFT, in Wavelet Transform, the width of the wavelet function changes with
each spectral component. The Wavelet Transform, at high frequencies, gives good time
resolution and poor frequency resolution, while at low frequencies, the Wavelet Transform
gives good frequency resolution and poor time resolution.
3.3.3. Discrete Wavelet Transform
When analyzing signals of a non-stationary nature, it is often beneficial to be able to
acquire a correlation between the time and frequency domains of a signal. The Fourier
transform, provides information about the frequency domain, hover time localized information
is essentially lost in the process. The problem with this is the inability to associate features in
the frequency domain with their location in time, as an alteration in the frequency spectrum
will result in changes throughout the time domain. In contrast to the Fourier transform, the
wavelet transform allows exceptional localization in both the time domain via translations of
the mother wavelet, and in the scale (frequency) domain via dilations .The translation and
dilation operations applied to the mother wavelet are performed to calculate the wavelet
coefficients, which represent the correlation between the wavelet and a localized section of the
signal. The wavelet coefficients are calculated for each wavelet segment, giving a time-scale
function relating the wavelets correlation to the signal.
A wavelet family with mother wavelet ψ(x) consists of functions ψa,b(x) of the form,


¸ −
Ψ · Ψ
b x
x b a
) ( ,

Where b is the shift or center of ψa,b, and a is the scale. Alternatively, the scaling factor 1/a
may be used. If a > 1, then ψa,b is obtained by stretching the graph of ψ, and if a < 1, then the
graph of ψ is contracted. The value a corresponds to the notion of frequency in Fourier
Given a mother wavelet, an orthogonal family of wavelets can be obtained by properly
choosing a = am0 and b = nb0, where m and n are integers, a0 > 1 is a dilation parameter, and
> 0is a translation parameter. To ensure that wavelets ψa, b, for fixed a, “cover” f(x) in a similar
manner as m increases, choose b0 = βam0. For rapid calculation of the wavelet coefficients, choose β
= 1 and a0 = 2. Note that by choosing b
< 2m, obtain a redundant wavelet family, whereas choosing
b0 > 2m leads to an incomplete representation of the transformed function. Therefore b
= 2m is the
optimal choice, and in fact leads to an orthogonal family. With these choices of a and b, the DWT of
a function f(x) is given by,

∞ −
Ψ · Ψ · dx x f x n m f n m n m Wf ) ( ) ( , , , ) , (


¸ −

n x
x n m
2 ) ( ,
2 /
ψ ψ
The inverse transform is given by,

n m
n m Wf x n m x f
) , ( ) ( , ) ( ψ
It should be noted that even though the integral defining Wf (m, n) is on an unbounded
interval, it is effectively on a finite interval if the mother wavelet has compact support, and therefore
can easily be approximated numerically.
A function ψ(x) is a wavelet if it satisfies these conditions,
3.4. Pixelbased Image Fusion Method
In this fusion scheme the subband signal of fused image is acquired by simply picking
high frequency coefficients with larger absolute value.


| ) , ( | | ) , ( | ), , (
| ) , ( | | ) , ( | ), , (
) , (
p A C p B C p B C
p B C p A C p A C
p F C
j j j
j j j

In the lost special resolution, the subband signal is Cj(F,p) acquired by averaging Cj(A,p) and
Cj(B,p) of A and B.
Cj(F,p)=0.5*Cj(A,p)+0.5*Cj(B,p) (6)
4.1. Algorithm For Pixelbased1
1) Read the CT image.
2) Read MRI image.
3) Resize the both images to 256x256.
4) Decompose the each image at one level using DWT.
5) Compare the absolute values for each pixel and the pixel with higher value is selected
in the final subband.
6) Reconstruct the fused image using IDWT (inverse discrete wavelet transform) using
the same wavelet filter used for decomposition.
4.2. Resultant Images
Fusion at single level using ‘db10’

Figure. 4.1 a) CT Image, b) MRI Image, c) Pixelbased Fusion Image,
.4.3. Results
Table 4.1: Fusion at Single level using ‘bior.4.4’
Method Standard deviation Entropy OCE
Pixelbased1 59.340 6.7049 1.4771
In the project different methods are compared for the fusion of CT and MRI images
based on DWT. Standard deviation ,entropy ,overall cross entropy are the criteria’s used for
evaluating the fusion result. For the medical image fusion technique based on the
multiresolution wavelet decomposition is wonderful trade-off between spectral and spatial
information. Among the entire methods pixel based 1 is having the highest entropy. Gradient
and Convolution based methods are also having good performance, as it have high entropy,
less OCE and good standard deviation. Pixel based 2 is having good visual perception.
In comparison of different wavelet filters applied for the decomposition and
reconstruction 'db5',db7,'db10','bior4.4' performance is good, since the reconstruction
becomes better. Multilevel decomposition fusion is having better results at the cost of
increased computations. Fused image provides the complementary features which will make
the diagnosis easy.
[1]. Zhiming Cui, Guangming Zhang, Jian Wu “Medical Image Fusion Based on Wavelet
Transform and Independent Component Analysis” 2009 International Joint Conference on
Artificial Intelligence 978-0-7695-3615-6/09 2009 IEEE DOI 10.1109/JCAI.2009.169. IEEE
Computer Society.
[2]. Progress in Electromagnetic Research C, Vol. 3, 215–224, 2008 CURVELET FUSION
OF MR AND CT IMAGES F. E. Ali, I. M. El-Dokany, A. A. Saad and F. E. Abd El-Samie
Department of Electronics and Electrical Communications Faculty of Electronic Engineering
Menoufia University 32952, Menouf, Egypt.
[3]. H. Li, B.S. Manjunath, and S.K. Mitra, “Multisensor image fusion using the wavelet
transform, ” Graphical Models and Image Processing 57, 235-245 (1995)
[4]. W. B. Penne baker, J. L. Mitchell, JPEG - still image data compression standards, Van No
strand Reinhold, 1993.
[5]. Paul Hill, Nishan Canagarajah and Dave Bull “Image Fusion using Complex Wavelets”
BMVC 2002
[6]. Independent Component Analysis Algorithms and Applications Aapo Hyvärinen and
Erkki Oja Neural Networks Research Centre Helsinki University of Technology P.O. Box
5400, FIN-02015 HUT, Finland Neural Networks, 13(4-5):411-430, 2000.
[7]. D. A. Bluemke et al., “Detection of Hepatic Lesions in Candidates for Surgery:
Comparison of Ferumoxides-Enhanced MR Imaging and Dual-Phase Helical CT,” AJR 175,
pp. 1653–1658, December 2000.
[8]. W. D. Withers, “A rapid entropy coding algorithm”, (Technical report, Pegasus Imaging
[9]. C. S. Kidwell et al., “Comparison of MRI and CT for Detection of Acute Intra-cerebral
Hemorrhage,” JAMA, Vol. 292, No. 15, pp. 1823-1830, 2004.
[10]. The Wavelet Tutorial By Robi Plokar.
[11]. M.M and A.S. Willsky, a multiresolution methodology for singal level fusion and data
assimilation application to remote sensing.Proc.IEEE,85:164-180, 1997.
Mr. Kumbhar S.l.
Computer Department
SBPCOE, Indapur.
The mind-to-movement system that allows a quadriplegic man to control a computer using only his
thoughts is a scientific milestone. It was reached, in large part, through the brain gate system. This
system has become a boon to the paralyzed. The Brain Gate System is based on Cyber kinetics
platform technology to sense, transmit, analyze and apply the language of neurons. The principle of
operation behind the Brain Gate System is that with intact brain function, brain signals are
generated even though they are not sent to the arms, hands and legs.The signals are interpreted and
translated into cursor movements, offering the user an alternate Brain Gate pathway to control a
computer with thought, just as individuals who have the ability to move their hands use a mouse.
The 'Brain Gate' contains tiny spikes that will extend down about one millimetre into the brain
after being implanted beneath the skull, monitoring the activity from a small group of neurons.It
will now be possible for a patient with spinal cord injury to produce brain signals that relay the
intention of moving the paralyzed limbs, as signals to an implanted sensor, which is then output as
electronic impulses. These impulses enable the user to operate mechanical devices with the help of a
computer cursor. Matthew Nagle,a 25-year-old Massachusetts man with a severe spinal cord
injury,has been paralyzed from the neck down since 2001.After taking part in a clinical trial of this
system,he has opened e-mail,switched TV channels,turned on lights.He even moved a robotic hand
from his wheelchair. This marks the first time that neural movement signals have been recorded
and decoded in a human with spinal cord injury.The system is also the first to allow a human to
control his surrounding environment using his mind.
How does the brain control motor function?
The brain is "hardwired" with connections, which are made by billions of neurons that make
electricity whenever they are stimulated. The electrical patterns are called brain waves.
Neurons act like the wires and gates in a computer, gathering and transmitting electrochemical
signals over distances as far as several feet. The brain encodes information not by relying on
single neurons, but by spreading it across large populations of neurons, and by rapidly
adapting to new circumstances.
Motor neurons carry signals from the central nervous system to the muscles, skin and glands
of the body, while sensory neurons carry signals from those outer parts of the body to the
central nervous system. Receptors sense things like chemicals, light, and sound and encode
this information into electrochemical signals transmitted by the sensory neurons. And
interneurons tie everything together by connecting the various neurons within the brain and
spinal cord. The part of the brain that controls motor skills is located at the ear of the frontal
How does this communication happen? Muscles in the body's limbs contain embedded sensors
called muscle spindles that measure the length and speed of the muscles as they stretch and
contract as you move. Other sensors in the skin respond to stretching and pressure. Even if
paralysis or disease damages the part of the brain that processes movement, the brain still
makes neural signals. They're just not being sent to the arms, hands and legs.
 A technique called neurofeedback uses connecting sensors on the scalp to translate brain
waves into information a person can learn from. The sensors register different frequencies
of the signals produced in the brain. These changes in brain wave patterns indicate
whether someone is concentrating or suppressing his impulses, or whether he is relaxed or
A neuroprosthetic device known as Brain gate converts brain activity into computer
commands. A sensor is implanted on the brain, and electrodes are hooked up to wires that
travel to a pedestal on the scalp. From there, a fiber optic cable carries the brain activity data
to a nearby computer.
"The principle of operation of the BrainGate Neural Interface System is that with intact brain
function, neural signals are generated even though they are not sent to the arms, hands and
legs. These signals are interpreted by the System and a cursor is shown to the user on a
computer screen that provides an alternate "BrainGate pathway". The user can use that cursor
to control the computer, just as a mouse is used."
Brain Gate is a brain implant system developed by the bio-tech company Cyber kinetics in
2003 in conjunction with the Department of Neuroscience at Brown University. The device
was designed to help those who have lost control of their limbs, or other bodily functions,
such as patients with amyotrophic lateral sclerosis (ALS) or spinal cord injury. The computer
chip, which is implanted into the patient and converts the intention of the user into computer


Currently the chip uses 100 hair-thin electrodes that 'hear' neurons firing in specific areas of
the brain, for example, the area that controls arm movement. The activity is translated into
electrically charged signals and is then sent and decoded using a program, which can move
either a robotic arm or a computer cursor. According to the Cyberkinetics' website, three
patients have been implanted with the BrainGate system. The company has confirmed that one
patient (Matt Nagle) has a spinal cord injury, whilst another has advanced ALS.
In addition to real-time analysis of neuron patterns to relay movement, the Braingate array is
also capable of recording electrical data for later analysis. A potential use of this feature would
be for a neurologist to study seizure patterns in a patient with epilepsy. Braingate is currently
recruiting patients with a range of neuromuscular and neurodegenerative conditions for pilot
clinical trials in the United States.
Operation of the BCI system is not simply listening the EEG of user in a way
that let’s tap this EEG in and listen what happens. The user usually generates some sort of
mental activity pattern that is later detected and classified.
The raw EEG signal requires some preprocessing before the feature extraction. This
preprocessing includes removing unnecessary frequency bands, averaging the current brain
activity level, transforming the measured scalp potentials to cortex potentials and de-noising.
Frequency bands of the EEG:
The detection of the input from the user and them translating it into an action could be
considered as key part of any BCI system. This detection means to try to find out these mental
tasks from the EEG signal. It can be done in time-domain, e.g. by.
Comparing amplitudes of the EEG and in frequency-domain. This involves usually digital
signal processing for sampling and band pass filtering the signal, then calculating these time
-or frequency domain features and then classifying them. These classification algorithms
include simple comparison of amplitudes linear and non-linear equations and artificial neural
networks. By constant feedback from user to the system and vice versa, both partners
gradually learn more from each other and improve the overall performance.
The final part consists of applying the will of the user to the used application. The user
chooses an action by controlling his brain activity, which is then detected and classified to
corresponding action. Feedback is provided to user by audio-visual means e.g. when typing
with virtual keyboard, letter appears to the message box etc.
The training is the part where the user adapts to the BCI system. This training begins with
very simple exercises where the user is familiarized with mental activity which is used to relay
the information to the computer. Motivation, frustration, fatigue, etc. apply also here and their
effect should be taken into consideration when planning the training procedures.
The definition of the biofeedback is biological information which is returned to the source
that created it, so that source can understand it and have control over it. This biofeedback in
BCI systems is usually provided by visually, e.g. the user sees cursor moving up or down or
letter being selected from the alphabet.
A boon to the
paralyzed -Brain Gate
Neural Interface
patient, Matthew Nagle, a 25-year-old Massachusetts man with a severe spinal cord injury, has
been paralyzed from the neck down since 2001. Nagle is unable to move his arms and legs
after he was stabbed in the neck. During 57 sessions, at New England Sinai Hospital and
Rehabilitation Center, Nagle learned to open simulated e-mail, draw circular shapes using a
paint program on the computer and play a simple videogame, "neural Pong," using only his
thoughts. He could change the channel and adjust the volume on a television, even while
conversing. He was ultimately able to open and close the fingers of a prosthetic hand and use a
robotic limb to grasp and move objects. Despite a decline in neural signals after few months,
Nagle remained an active participant in the trial and continued to aid the clinical team in
producing valuable feedback concerning the Brain Gate` technology.
“I can't put it into words. It's just—I use my brain. I just thought it. I said, "Cursor go up to the
top right." And it did, and now I can control it all over the screen. It will give me a sense of

Rats implanted with BCIs in Theodore Berger's experiments.Several laboratories have
managed to record signals from monkey and rat cerebral cortexes in order to operate BCIs to
carry out movement. Monkeys have navigated computer cursors on screen and commanded
robotic arms to perform simple tasks simply by thinking about the task and without any motor
output. Other research on cats has decoded visual signals.
Garrett Stanley's recordings of cat vision using a BCI implanted in the lateral geniculate
nucleus (top row: original image; bottom row: recording)
In 1999, researchers led by Garrett Stanley at Harvard University decoded neuronal firings to
reproduce images seen by cats. The team used an array of electrodes embedded in the
thalamus (which integrates all of the brain’s sensory input) of sharp-eyed cats. Researchers
targeted 177 brain cells in the thalamus lateral geniculate nucleus area, which decodes signals
from the retina. The cats were shown eight short movies, and their neuron firings were
recorded. Using mathematical filters, the researchers decoded the signals to generate movies
of what the cats saw and were able to reconstruct recognisable
scenes and moving objects.
In the 1980s, Apostolos Georgopoulos at Johns Hopkins University found a mathematical
relationship between the (based on a cosine function). He also found that dispersed groups of
neurons in different areas of the brain collectively controlled motor commands but was only
able to record the firings of neurons in one area at a time because of technical limitations
imposed by his equipment.
There has been rapid development in BCIs since the mid-1990s.
Several groups have been
able to capture complex brain motor centre signals using recordings from neural ensembles
(groups of neurons) and use these to control external devices, including research groups led by
Richard Andersen, John Donoghue, Phillip Kennedy, Miguel Nicolelis, and Andrew

Diagram of the BCI developed by Miguel Nicolelis and collegues for use on Rhesus onkeys
Later experiments by Nicolelis using rhesus monkeys, succeeded in closing the feedback loop
and reproduced monkey reaching and grasping movements in a robot arm. With their deeply
cleft and furrowed brains, rhesus monkeys are considered to be better models for human
neurophysiology than owl monkeys. The monkeys were trained to reach and grasp objects on
a computer screen by manipulating a joystick while corresponding movements by a robot arm
were hidden. The monkeys were later shown the robot directly and learned to control it by
viewing its movements. The BCI used velocity predictions to control reaching movements and
simultaneously predicted hand gripping force.
Other labs that develop BCIs and algorithms that decode neuron signals include
John Donoghue from Brown University, Andrew Schwartz from the University of Pittsburgh
and Richard Andersen from Caltech. These researchers were able to produce working BCIs
even though they recorded signals from far fewer neurons than Nicolelis (15–30 neurons
versus 50–200 neurons).
Donoghue's group reported training rhesus monkeys to use a BCI to track visual targets on a
computer screen with or without assistance of a joystick (closed-loop BCI).
group created a BCI for three-dimensional tracking in virtual reality and also reproduced BCI
control in a robotic arm.
The idea of moving robots or prosthetic devices not by manual control, but
by mere “thinking” (i.e., the brain activity of human subjects) has been a fascinated approach.
Medical cures are unavailable for many forms of neural and muscular paralysis. The enormity
of the deficits caused by paralysis is a strong motivation to pursue BMI solutions. So this idea
helps many patients to control the prosthetic devices of their own by simply thinking about the
This technology is well supported by the latest fields of Biomedical
Instrumentation, Microelectronics; signal processing, Artificial Neural Networks and Robotics
which has overwhelming developments. Hope these systems will be effectively implemented
for many biomedical applications.
www. brain Brain Interactive
4G Networks
Mr.Nalawade V.S. Mr.Jagtap V.B.
Computer Department E&TC Department
SBPCOE,Indapur SBPCOE,Indapur
This paper gives an overview of the current research activities in mobile communications networks
at INESC Porto, with emphasis on fourth generation (4G) networks and ambient networks. The
main topics covered are the development of a generic link layer for heterogeneous networks, the
automatic and dynamic creation of networks, including ad-hoc and multihoming,mechanisms to
provide Quality of Service (QoS) over wireless links, test and monitoring tools required to validate
these networks, and emerging multicast solutions. A testbed is being deployed to support these
research activities as well as the integration and demonstration of results with real services.
The Communications Networks and Services group, which is integrated into the
Telecommunications and Multimedia Unit at INESC Porto, has been active for more than
fifteen years through the participation in a large number of European and national R&D
projects, as well as in contracts with the industry and telecom operators. The main research
topics addressed include broadband networks, with emphasis on ATM and at present on all-IP
networks, protocol and service engineering (specification, validation, test and
evaluation),resource management and Quality of Service (QoS) and,more recently, wireless
and mobile communications.This paper focus on the main research activities in mobile
communications, which builds on and extends the experience of the group in all the above
topics, while opening new directions of research in line with the current trends in fourth
generation (4G) networks.
Mobile communications networks differ from fixed networks by a set of characteristics
that include (1) mobility of the terminals, (2) properties of wireless links, which are
characterized by variable bit rates and variable bit error ratios (BER), (3) low processing and
memory capabilities of the terminals, and (4) low consumption requirements. Two important
research areas are currently emerging in the mobile communications field: fourth generation
(4G) networks and ambient networks.4G networks are an extension of current mobile
communications networks, such as GPRS and UMTS.Besides the assumptions made by GPRS
and UMTS that Internet and mobile communications will evolve side by side,4G introduces
the concept that a mobile terminal will be The work described in this paper has been partially
developed in the projects WANDER funded by FCT and DAIDALOS, Ambient Networks and
VISNET of FP6 of the EC. Always Best Connected (ABC) to the available networks. This is
possible since a terminal may have multiple network interfaces, of different radio
technologies, which are used
according to the user requirements and, possibly,simultaneously. 4G also considers that all the
information is conveyed as IP packets. Research problems include the support of mobility,
routing, QoS and radio resource management, security, and traffic accounting. Ad-hoc and
mobile networks, which will expand the coverage of the telecom operator networks, are also
highly relevant topics of research, as well as those related with network planning,management
and operation. Ambient networks support, from the communications point of view, the
concept of ambient intelligence. The latter is a vision of the future where people are immersed
in the environment, which is sensible and reacts to their presence. Persons are expected to
carry small devices, embedded in their clothes or even in their body and interconnected by
means of personal area networks (PAN). Those devices will
communicate over radio links to establish connections with neighbour networks.
Communications may include aspects such as composition, security and mobility.
Research in Mobile Communications at INESC Porto is being carried out by a group of senior
researchers and post-graduate students, mainly in the framework of EC funded R&D projects,
thus continuing a strategy that has been pursued over
the years with success. Five main lines of research are currently being explored: ad-hoc
networking, generic link layer, QoS and congestion avoidance, testing and multicast.

Fig 1 : Block Diagram For Wireless 4G Communication
A. Ad-hoc networking
In ad-hoc networking, the first aspect being addressed is the spontaneous formation of
networks. Existing ad-hoc routing protocols are being studied and characterized in order to
assess their adequacy for networks supporting multiple types of interfaces and devices, such as
laptops and PDAs. Particularly interesting is the improvement of these protocols and solutions
so that multipath, multicast and QoS may be used.
A second research topic is the integration of ad-hoc networks with infrastructure
networks. In this context, address autoconfiguration and gateway discovery are hot issues, but
the support of fast handover using these nodes, the node handover between ad-hoc and
infrastructure mode and the adoption of multipaths are also being considered. A third line of
action is the definition of a new ad-hoc communication concept. It is based on the assumption
that the computer is configured as in current networks, but simple signaling allows that when
two computers or networks meet they can exchange information about routes, security and
QoS and form a new network. Aspects such as mobility and multihoming are also included.
B. Generic link layer
The generic link layer research line tries to unify the access to the various radio
technologies that are relevant in 4G. Although IP could, in theory, be used for this purpose,
there is a set of issues, including QoS, security and efficiency, for which the IP layer is not
offering adequate answers. An intermediate layer, similar to Multiprotocol Label Switching
(MPLS), but taking advantage of cross-layer mechanisms, is the solution being pursued.On
one hand this means that the IP layer can always find the same interface for configuring very
different layer 2
technologies. Hence, this layer must provide additional functions, such as link detection and
adaptation, as well as interoperation with fast handover mechanisms, so that mobility with
QoS can be supported. For this purpose, the layer helps the handover by means of functions
that first request resources and then book them.
In addition, this layer will also make communications more efficient. IP packets that carry
voice are small, thus meaning that the packet header introduces high overhead; the solution
points to the adoption of Forward Error Correction (FEC) and robust header compression
techniques that may take advantage of cross-layer information and thus reduce the overhead.
Finally, security is another important issue in this layer. Traditional layer 3 or layer 4
security solutions do not work well with header compression; for this reason, new schemes
that make use of existing layer 2 mechanisms need to be
C. Quality of Service and congestion avoidance
In the Quality of Service research line, problems are addressed from two
complementary points of view.In the first one, a traditional approach is followed.It uses
DiffServ, plus signaling adequate to mobility, combined with resource reservation at the access
networks. The aim is developing a solution that enables the usage of IntServ like services in
the access network, which can be deployed over heterogeneous layer 2 technologies and book
resources for flows. New and more advanced radio resource management techniques are
needed. InterServ must then be mapped into DiffServ in the core network; this requires the
development of signaling to transport flow information and request resources and capable of
working in highly mobile environments. In the second one, it is assumed that networks only
provide best effort services; the aim is the provision of acceptable levels of QoS, even in the
presence of highly mobile nodes, which generate large amounts of real-time, non-congestion
controlled traffic. The main objective is designing new congestion avoidance algorithms and
signaling mechanisms that, in order to be useful, may need information available from the
lower layers, such as the current BER, the bandwidth in use or the queues lengths.

D. Testing
Testing is one of the strongest research lines, having matured over the years, covering
both performance and behaviour aspects.From the performance point of view, passive testing
components that monitor traffic and model it as flows are being developed. Flows are assumed
to be mobile, and the tools being developed need to be capable to follow them so that the
network operator always has a correct view of the traffic and also understands whether the
flow, when moving, still continues to receive adequate service.On the other hand, active test
components, which are used to estimate the available bandwidth between network entry and
exit points, are also being investigated. This will help a source to decide whether new flows
can be transported to the destination, in a network that only provides best effort services From
the behavior point of view, work is directed to automatic test generation derived from protocol
specification. The protocol is modeled as in formal languages like SDL or Promela. High level
formal languages based on state machines that communicate by means of queues and
messages are used. The model obtained is then randomly explored so that a new message is
selected and sent to an implementation of the protocol. The messages received by the
implementation are then evaluated against the model which,in case the message is valid,
selects another message to stimulate the implementation. The value of the method resides on
the algorithm defined for selecting the next message/parameter to send and in the tool itself.
E. Multicast
Multicast and broadcast are considered as a horizontal issue and, as a rule, they are
relevant in most of the other topics, namely in ad-hoc routing, QoS and security. Existing ad-
hoc routing protocols are being extended in order to support multicast. As far as QoS, a new
solution that allows the reservation of resources for multicast groups has been specified and
implemented.Finally, security mechanisms that enable groups to access and decipher video
and audio streams have been developed and are being improved.

A mobile communications testbed is being deployed with the main goal of providing
the basic infrastructure and tools necessary to support advanced research in 4G networks. It
constitutes the platform for integrating and demonstrating the innovative results of this
research, as well as offering services to users, thus by allowing the assessment of users’
requirements in a real environment. The test bed was specified taking into account a number
of requirements driven by the outlined research objectives.In the first place, it includes
heterogeneous layer 2 network technologies and offers a solution for integrating and
abstracting the QoS mechanisms provided by each technology.
Two communication modes (infrastructure and ad-hoc) are supported. The
infrastructure component is aimed at emulating 4G telecom networks; it includes access
routers to which IP terminals are connected and provides mobility support by means of MIPv6
and fast handover ,while QoS is negotiated and enabled by the QoS Abstraction Layer. The
ad-hoc component is mainly used to demonstrate integration with infrastructure networks. It
will also be used in Ambient Intelligence scenarios that provide ambient services with QoS
requirements to terminals (PDAs and mobile phones) that communicate directly with each
other, using multiple layer 2 technologies. Ad-hoc routing protocols and light QoS
mechanisms (mainly for congestion avoidance) are currently being investigated for this
purpose. Finally, cross-layer mechanisms allow applications and intermediate network
communication layers to adapt to the dynamics of wireless and mobile communications.
A prototype version of an ad-hoc network has already been implemented with the
main purpose of creating a simple Ambient Intelligence scenario, capable of demonstrating its
mains concepts, such as the adaptation of the environment to the immersed elements,
automatic service discovery and network auto-configuration. It is based on current wireless
network technologies (WLAN 802.11 and Bluetooth) and offers services that adapt to the
preferences and characteristics of the human users in the ambient, reacting to their presence.
The testbed will be progressively upgraded with new functions and services. While simple
solutions have been used to demonstrate the basic concepts and features at an early stage of
development, the network will be further enhanced with new services, including real-time
ones, in more complex scenarios. Moreover, network automatic configuration mechanisms
will be improved, QoS and IP macro and micro mobility will be introduced and ad-hoc
multicast routing will be supported, thus allowing the fully integration between the
infrastructure and the ad-hoc networks.
This paper described the current research activities in mobile communications networks
at INESC Porto, focused on some of the most important and challenging topics in 4G
networks.This area is becoming quite appealing and rewarding not
only from the research point of view but also because of the business opportunities it offers to
all players in the field and the promise of new applications and more advanced services to
As a result of the research strategy adopted, the group has grown and matured and is
quite active, both at national and international level. Other research groups are having similar
growth, thus meaning that in Portugal we are starting to reach
the critical mass required to enable mobile communications to emerge as a relevant industry,
mainly from the communications software point of view.This has already been recognised and
lead recently to the creation of a thematic network on mobile communications, which
integrates a number of institutions (academic, industry
and operators) that decided to join efforts around common scientific and technical objectives.
1., “Mobile data traffic surpasses voice,” press release March 23, 2010,
2. Ericsson, Annual Report 2010, March 2011,
3. GSM Association (GSMA),
4. ITU, “Requirements related to technical performance for IMT-Advanced radio
ITU-R M.2134,
5. ITU, “ITU paves way for next-generation 4G mobile technologies,” press release
October 21, 2010,
6. TeliaSonera, “4G Coverage Sweden,”
7. “Russia’s Yota picks LTE over WiMax for expansion,”
Achieving Efficient Load
Balancing In Peer to Peer Network
Mr. Ritesh Dayama, Mr. Ranjeet Kagade, Mr. Kedar Ghogale
M.E. (2
Year), Department of Computer Engineering, Smt. Kashibai Navale college of
Engineering, Vadgaon(Bk.) Pune-41
The Internet traffic is growing, and its nature changes because of new applications. Multimedia
applications require bandwidth reservations that were not needed initially when the file transfers
dominated the Internet. P2P applications are making traffic patterns impossible to predict, and the
traffic loads generated at nodes need to be routed regardless of the traffic pattern. When the
guaranteed node traffic loads are known, bandwidth reservations can be made simple as will be
explained in the paper. The shortest path routing (SPR) protocols used on the Internet today do not
maximize the guaranteed node traffic loads, and do not provide scalable and fast bandwidth
reservations. Load balancing can improve the network throughput for arbitrary traffic pattern. In
this paper we analyze and implement a routing protocol that is based on load balancing and a
commonly used shortest path routing protocol, and is, consequently, termed as LB-SPR. LB-SPR is
optimized for an arbitrary traffic pattern, i.e. it does not assume a particular traffic matrix.
Optimization assumes only the weights assigned to the network nodes according to their estimated
demands. It will be shown that the optimized routing achieves the throughputs which are
significantly higher than those provided by the currently used SPR protocols, such as OSPF or RIP.
Importantly, LB-SPR calculates the guaranteed traffic loads and so allows fast autonomic
bandwidth reservations which are the key for the successful support of triple-play applications,
including video and audio applications that require high QoS.
Shortest path routing (SPR), Open Shortest Path First (OSPF).
The Internet traffic has experienced some major changes lately, which require modifications
in the network planning and routing protocols. Heavy traffic loads are generated by the
multimedia applications, and the actual traffic distribution in the network becomes very hard
to predict, due to the developing peer-to-peer services. On the other hand, the traditional
approach to traffic grooming and routing optimization in the optical networks assumes that the
traffic demands between pairs of nodes are known, which often not the case is. New routing
protocols should be able to optimally utilize the network without knowing the actual traffic
distribution. It is widely accepted that the next-generation networks should become more
autonomic in the process of the network configuration, topology change detection and
adaptation to the traffic load changes. Some of these features are incorporated into today’s IP
networks: they have the ability to detect the topology changes and change the routing
accordingly, the TCP congestion control mechanism adapts the transmission speed to the
traffic load changes, etc. These applications require high quality of service: bandwidth
reservations and delay guarantees. Centralized bandwidth reservations can obviously become
a bottleneck in large-scale networks, as well as the reservations which require each router to
know about the available link capacities in the whole network. So, a new mechanism for fast
bandwidth reservations is needed. Because of the traffic unpredictability, the customers
attached to the network nodes should be served regardless of the traffic pattern between them.
In other words, the guaranteed node traffic loads should be sufficient to support all the users
attached to these nodes. When the guaranteed node traffic loads are determined, the bandwidth
reservations through the network become simple. Each session learns from its router (node) if
it can be passed through the network, since the router knows its guaranteed traffic load and the
already reserved capacity. If the session can be passed, its request for the bandwidth
reservation is passed to the destination router, which checks if there is sufficient capacity on
its links toward customers since it knows its guaranteed traffic load and the already reserved
capacity. In this way, bandwidth reservations are distributed and are consequently agile. For
each session, only two edge routers check their available capacities. And, each router handles
bandwidth reservation only for the flows that are either entering or leaving the network
through that router. Fast automated bandwidth reservations are very important for growing
multimedia applications that demand high QoS, i.e. bandwidth and delay guarantees. If all the
flows of equal priority negotiate certain policing interval, the delay guarantees can be
achieved when the bandwidth is reserved.
As already described, the proposed routing strategy uses the standard OSPF combined with
load balancing, to route the traffic between a pair of nodes in two phases. It distributes the
load more evenly among all the links in the network, thereby lowering the average link
utilization for congested links, and avoiding bottlenecks. The routing algorithm was proposed,
that uses load balancing, and the traffic between every pair of nodes in the network is routed
in two phases. First, portions of the routed flow are directed to the balancing routers,
according to the balancing coefficients assigned to the routers in the network. Then, in the
second phase, every balancing router sends the traffic to its final destination. In this each
phase uses the standard shortest path routing (SPR) protocol. In LB-SPR, every packet is
routed in two phases, with SPR as the underlying routing protocol in both of the phases.
When a packet arrives to the source router, its intermediate router is determined. The
packet is sent to the intermediate router using the standard SPR protocol, and from the
intermediate router to the destination router again using the standard SPR protocol. The load is
balanced across the intermediate routers, meaning that the specified portions of each flow are
transmitted through the intermediate routers. These portions are referred to as the balancing
coefficients. A balancing coefficient depends only on the associated balancing router.
Balancing coefficients are optimized to maximize the network throughput while ensuring that
nodes can generate and receive loads which are proportional to the allocated weights. The
node weights are chosen to reflect the expected demands at the nodes. The LB-SPR protocol
uses the signaling of the OSPF protocol. Through this signaling, each router in the network is
learning the network topology, and the capacity of the nodes’ external (customer) links. The
external link capacities are taken to be the node weights. The OSPF signaling had to be
extended, to distribute the information about the link capacities, as well. Based on the
information provided through the OSPF signaling, the OSPF routing tables are calculated and
the routing optimization is performed. The optimal values of the balancing coefficients are
determined for all the routers, using linear programming. Now, the packets are routed based
on the balancing coefficients, using the standard OSPF and the loose source routing.
Consequently, LB-SPR maintains autonomic fault recovery mechanism developed within
OSPF. Namely, whenever there is a network topology change, the routing is adjusted
In the proposed routing scheme, the traffic between a node pair (i, j) is routed in two
phases. First, portions of the flow from i to j are routed to the intermediate nodes m .. V (V is
the set of network nodes). In the next phase, every intermediate node forwards the traffic to its
final destination j. The traffic from i to m, and from m to j is routed along the shortest paths.
The portion of the flow that is balanced across node m equals km, and does not depend on i
and j. Of course, E m ..V km = 1. Fig. 1 illustrates the case of routing the traffic between the
nodes 1 and 5. The first phase of the flow routing is represented by the dashed arrows, and the
second phase of the flow routing by the solid ones.

Fig.1: Routing Scheme illustration.
First we see what is shortest path, Suppose you want to find the shortest path between
two intersections on a city map, a starting point and a destination. The order is conceptually
simple: to start, mark the distance to every intersection on the map with infinity. This is done
not to imply there is an infinite distance, but to note that that intersection has not yet
been visited. (Some variants of this method simply leave the intersection unlabeled.) Now, at
each iteration, select a current intersection. For the first iteration the current intersection will
be the starting point and the distance to it (the intersection's label) will be zero. For subsequent
iterations (after the first) the current intersection will be the closest unvisited intersection to
the starting point—this will be easy to find. From the current intersection, update the distance
to every unvisited intersection that is directly connected to it—this is done by relabeling the
intersection with the minimum of its current value and value of the current intersection plus
the distance between. In effect, the intersection is relabeled if the path to it, through the current
intersection is shorter than the previously known paths.
To facilitate shortest path identification, in pencil, mark the road with an arrow pointing to the
relabeled intersection if you label / reliable it, and erase all others pointing to it. After you
have updated the distances to each neighboring intersection, mark the current intersection
as visited and select the unvisited intersection with lowest distance (from the starting point) --
or lowest label—as the current intersection. Nodes marked as visited are labeled with the
shortest path from the starting point to it and will not be revisited or returned to. Continue this
process of updating the neighboring intersections with the shortest distances, then marking the
current intersection as visited and moving onto the closest unvisited intersection until you
have marked the destination as visited. Once you have marked the destination as visited (as is
the case with any visited intersection) you have determined the shortest path to it, from the
starting point, and can trace your way back, following the arrows in reverse.

Fig.2: The scheme of the LB-SPR implementation.
In this section, the implementation of the previously analyzed LB-SPR routing protocol. In
order to make LB-SPR as compatible as possible to OSPF, it is implemented in each OSPF
area separately. When a packet enters the OSPF area, its intermediate router is determined.
The proposed routing scheme uses OSPF to route the packets between the source router and
the intermediate router, as well as between the intermediate router and the destination router.
Here, the source router is the first router that the packet encounters when it enters the OSPF
area, and the destination router is the last router that the packet passes in the OSPF area under
consideration. In a common IP router that uses the OSPF protocol, when a packet arrives to
the router, it is first processed by the packet processor. The packet processor uses its lookup
table to determine the router output port to which the packet should be forwarded based on its
destination IP address. The lookup table is updated whenever the network topology changes,
which provides an autonomic reliability. A software module calculates new lookup table based
on the LSA (Link State Advertisement) control packets exchanged through the OSPF
protocol, and sends it to the packet processor. The balancing coefficients are recalculated
whenever the network topology changes, which provides the same autonomic reliability as
does the OSPF.
The LB-SPR implementation is illustrated in Fig. 2. The solution is based on the OSPF
implementation, which is extended to support load balancing. First, it was necessary to allow
the retrieval and distribution of the specific information needed by the linear program for the
routing optimization, such as the node weights Ci. Finally, the load balancer was implemented
to route the packets entering the OSPF area according to LB-SPR. Load balancer first has to
determine the intermediate router for each incoming packet, and then to direct the packet
accordingly. Specified portions of all the flows entering source routers have to be directed to
the intermediate routers, according to the calculated optimal values of the coefficients ki. We
chose the loose source routing as the simplest IP-based solution. Namely, the destination IP
address of a packet entering the OSPF area is replaced with the IP address of the intermediate
router, while the destination address becomes part of the loose source routing option field.
Let us summarize how the packets are processed in the router shown in Fig. 2. The path for
the ”new” packet entering the OSPF area is represented with the full line in Fig. 2. The packet
which is entering the OSPF area has to be processed by the load balancer, which determines
the intermediate router for the packet, and modifies the IP header accordingly. Once the
packet has been modified by the load balancer, it is forwarded through the network using the
standard OSPF routing tables. On the other hand, the path of the ”old” packet that has already
been modified by its source router is represented by the dashed line. This packet is only
passing through the given router, and does not need to be processed by the load balancer. The
information needed to route this packet can be obtained from the standard OSPF routing table.
In the case of the regular OSPF, the changes of the network topology trigger the
recalculation of the OSPF routes. For LBSPR, every time the topology changes it is also
necessary to repeat the routing optimization and recalculate the balancing coefficients k
based on the updated OSPF routing tables. The node weights C
are needed to run the
optimization. These weights can be set by the administrator, or can be, more desirably,
autonomic. Therefore, we use the SNMP protocol to detect the operational state of the router
interfaces in the network, as well as their speeds. The use of the SNMP to detect the changes
of the interface operational states (up or down), and their capacities allow together with the
OSPF mechanism full automation of the topology change discovery and distribution. Using
SNMP, each router learns the operational state of its interfaces and their speeds, and
distributes this control information inside the OSPF area. The opaque LSAs with the area-
local scope are used to convey this information according to the OSPF standard. Opaque
LSAs were introduced to provide a generalized mechanism to allow for the future extensibility
of OSPF. Opaque LSA consists of the standard LSA header followed by the 32-bit
application-specific information field. In our implementation, the opaque type value is
selected from the range reserved for experimental and private use. The routers’ weights, i.e.
external link capacities, are transferred as the 64-bit integer values. Incoming and outgoing
opaque LSAs are processed and stored into the LSA database.
Whenever the external link capacity changes, the router learns about the change through
the SNMP protocol, and distributes the updates by the opaque LSAs. Using this information,
the OSPF module calculates the IP routing table and sends this table to the packet processor of
the router. Whenever the network topology changes, the OSPF module recalculates the IP
routing table and sends its updates to the packet processor. In the LB-SPR implementation, the
selected information about the network topology and the capacity of the routers’ external
(customer) links is transmitted to the optimization module. The OSPF obtains this information
from standard LSAs and opaque LSAs. Using this information, the optimization module
determines the parameters required to perform load balancing.
The optimization module gets the required information from the OSPF module which
performs the signaling, as we have described in the previous subsection. Based on this
information, it optimizes the routing based on load balancing, and sends the required
parameters to the load balancer which performs the actual routing of incoming packets.

Fig. 3: The scheme of the optimization module
The optimization module is shown in Fig. 3. Based on the network topology information
obtained from the OSPF module, the Dijkstra module calculates forwarding trees for all nodes
in the network according to the Dijkstra algorithm. The Dijkstra module also calculates the IP
network address of each intermediate router through which the traffic will be balanced. This
IP address will replace the destination IP address when the source routing is used in the load
balancer. Using the calculated trees, the next module in line, the LP preparation module
calculates coefficients F
, i, j .. V which are required for the linear program. Finally, the LP
Solve module optimizes the routing and calculates the balancing coefficients k
, i .. V , which
are necessary to the load balancer.
The load balancer receives the balancing coefficients from the optimization module. It also
receives the information about the IP network addresses of the intermediate routers. These
addresses are calculated by the Dijkstra module, which is the part of the optimization module.
The load balancer gets the information that it requires through a TCP connection. Based on
this information, the load balancer determines the router output port for each packet entering
the router and the OSPF area, and modifies its header in order to balance the traffic
For each destination router j, the load balancer of the given source router i stores the
information about the currently used intermediate router m
. We will call router m
the active
intermediate router. It also maintains a counter with the number of bytes B
that remain to be
balanced across that intermediate router. The initial value of the counter is proportional to the
balancing coefficient k
of the intermediate router m
. When a packet enters the OSPF area, it
has to be processed by the load balancer. First, the destination router for the packet is
determined, based on the IP address of the packet destination. Let us say that it is a destination
router j. Then, the corresponding IP network address of m
is found, as well as the counter B
by the search through a Patricia tree. The Patricia tree allows for a fast lookup. Then, the
packet header is modified: the destination address is replaced by the IP network address of the
intermediate router m
, and the original destination address is placed in the option field for the
loose source routing. The counter B
is then decremented by the length of the packet (in bytes).
When the counter B
is smaller than the packet length, the active intermediate router is
updated. The next router from the list of possible intermediate routers, m
= next (m
), becomes
active, and the counter B
is set to the value proportional to the balancing coefficient
corresponding to that intermediate router, k
The performance of LB-SPR was analyzed in the network represented in Fig. 4. This is, in
fact, the simplified version of the Exodus network topology. For the purpose of this
simulation, all the nodes in one city were represented by a single node, and the equivalent link
weights were calculated. This network was emulated using seven computers and one Ethernet
switch as represented in Fig. 5. Depending on the processor speed and RAM size, the number
of the virtual routers executed on a single computer ranges from two to five. The virtual
routers X and Y on a single computer are connected through the Xen bridge Xenbr XY.

Fig. 4: The simulation environment
Each virtual router is configured using the configuration script. For the analyzed network, the
worst-case traffic pattern for OSPF was determined using the maximum matching algorithm.
The critical link for OSPF is the link between Tukwila and Santa Clara. It gets congested
when the following pairs of nodes communicate with the maximum speeds: Oak Brook - San
Jose, Toronto - Palo Alto, Amsterdam – Santa Clara, Tukwila - Irvine, Chicago - Tokyo, and
Waltham - El Segundo. The traffic between these nodes was set to the value that causes the
critical link utilization to be 100%. Then, the LB-SPR is applied for the same traffic pattern.
This protocol is automated as the existing routing protocols such as OSPF, and adapts to the
changes of the network topology. LBSPR calculates the traffic loads that the nodes can
guarantee to carry. Using the information about the guaranteed node traffic loads, the
bandwidth reservations become simple in such a network, and, consequently can be made fast.
Fast and autonomic bandwidth reservations are important for the multimedia applications
whose popularity is growing. At the same time, the LB-SPR protocol maximizes the node
traffic loads that can be guaranteed in the given network. It was shown that LB-SPR improves
the guaranteed traffic up to 7.7 times for the real networks that we considered, compared to
the shortest path routing protocols such as OSPF.
Since LB-SPR is using the OSPF signaling, it inherits its recovery speed which is
insufficiently low for the interactive applications. If a faster recovery mechanism is needed, it
can be employed at the lower layers as it is typically done. Alternatively, the capacities can be
over provisioned to account for the failures to compare the costs of the networks using LB-
SPR and OSPF in which the link capacities are over provisioned to pass given node traffic
loads even when single failures, of nodes or links, occur.
[1] Marija Anti´c, Nataˇsa Maksi´c, Petar Kneˇzevi´c, and Aleksandra Smiljani´c ,“Two Phase
Load Balanced Routing using OSPF” IEEE Journal on selected areas in Communications,
vol. 28, No. 1, January 2010.
[2] Maksic, N.; Knezevic, P.; Antic, M.; Smiljanic, A.; “On the performance of the load
balanced shortest path routing” Communications, Computers and Signal Processing, 2009.
PacRim 2009. IEEE Pacific Rim Conference on.
[3] M. Anti´c, A. Smiljani´c, ”Oblivious Routing Scheme Using Load Balancing Over
Shortest Paths”, in Proc. ICC 2008, 2008.
[4] Addicam .V.Sanjay “Overview of OSPF routing protocol”.
[5] Andrew S. Tanenbaum “Computer Networks” 4th edition.
[6] H. R¨acke, ”Min.Congestion in General N/W”
A Multimodal Biometrics for Personal Identification
Miss. Mhaske Varsha Dattatraya
PG student, Dept. of computer Engg.
D. Y. Patil College of Engg.
Akurdi, Pune.
Prof A. J. Patankar
Assistant Professor Dept. of computer Engg.
D. Y. Patil College of Engg.
Akurdi, Pune.
Multimodal Biometrics uses a combination of different biometric recognition technologies. Most
biometric systems deployed in real world applications are unimodal, such as they use a single
source of information for authentication, e.g. single fingerprint, face, voice. Some of the
limitations imposed by unimodal biometrics systems can be overcome by including multiple
sources of information for establishing personal unique identity. In this paper I am preseningt a
multimodal biometrics system that combines features of fingerprint and palmprint to overcome
several limitations of unimmodal biometrics. The features of fingerprint and palmprint images
are first enhanced using a series of preprocessing techniques. Following a Modified Gabor filter
is used to independently extract fingerprint and palmprint features. We conclude that proposed
methodology has better performance and is more reliable compared to unimodal approaches
using solely fingerprint or palmprint. The fusion of multiple biometrics helps to minimize the
system error rate.
Keywords: fingerprint, palmprint, multimodal, unimodal, biometrics, MGF, ROI, fusion
This is integration of fingerprint and palmprint image for individual identification. Initially
MBPI (Multimodal Biometrics for Personal Identification) apply a 2D discrete wavelet
transform (2D-DWT) to decompose the image into lower resolution before performing
feature extraction. Image decomposition using 2D-DWT is able to conserve the energy
signals and redistribute them into a more compact form. Also we use a Modified Gabor
Filter (MGF) as a feature extractor for both biometrics as they share some common
characteristics such as ridges. In image preprocessing this system uses guassian low pass
filter to smoothen the palmprint images, and short time fourier transform (STFT) to
enhance fingerprint images quality. Finally the extracted fingerprint and palmprint images
are combined to utilize the proposed feature level fusion method and at the last stage the
features are classified using Euclidean distance to match the resultant image with database
templates. The proposed system will perform Personal identification by integrating features
of fingerprint and palmprint image. The first phase of proposed project is preprocessing.
Image enhancement is an important preprocessing task in image processing. This will
apply only Gaussian low pass filter to smoothen the palmprint images. In addition to
Gaussian filter Short Time Fourier Transform (STFT) analysis is adopted to enhance finger
image quality. The proposed system has following features:
1. Secure
2. Fast
3. Better Performance
4. More reliable as compared to unimodal biometrics.
The complete system architecture with block diagram is explained in this section,

Fig. System Architecture
In this system there are five basic steps as discussed below:
 Image Preprocessing:
The basic preprocessing step is Image Enhancement. Before doing anything first of
all we are trying to crop the image by using Gaussian low pass filter. In addition to
this we apply Short Time Fourier Transform (STFT) analysis to enhance fingerprint
image quality.
The ROI of palmprint images is located by using the right angle coordination
system. Subsequently, the ROI of each image is resized to 150×150 pixels.
Wavelet Transform:
Wavelet Transform (WT) is used to decompose images into different frequency
components. With the lower resolution of each component, computational
complexity is reduced. The proposed system will use WT to decompose the
enhanced palmprint images and fingerprint images into lower resolution
representation. Generally, 1D DWT of a signal cA can be obtained by convolving it
with decomposition filters,


Where n denotes the resolution level, h and g denote the decomposition low-pass
and high-pass filters, respectively. Two-dimensional (2D) DWT for 2D signal such
as images can be implemented by performing 1D DWT in each signal dimension.
An image is decomposed into four frequency sub-bands at each resolution level n
by applying 2D DWT. The resulted four sub-bands are, an approximation sub-band
(LLn), and three detailed subbands (HLn, LHn, and HHn).
 Feature Extraction :
Palmprint and fingerprint share some common characteristics such as creases and
ridges. Other palmprint characteristics are principle lines and wrinkles. A bank of
2D MGF’s is used to filter palmprint and fingerprint images in different directions
to high-light these characteristics and remove noises.
 Normalization:
The filtered images are normalized to the same domain using the following method:
Where I (x, y) denotes the pixel intensity at coordinate (x, y), µ1 denotes the
intensity mean, and σ1 denotes the intensity standard deviation. Normalization is
important as the filtered palmprint and fingerprint images may not share the same
intensity domain.
 Feature Level Fusion:
This phase will combine the normalized LL sub-band images and divide it into
none overlapping blocks of size mXn pixels each. Then, the resulting magnitude
will be converted to a scalar number by calculating its standard deviation value.
The size of each block is carefully chosen, so that no repeated feature is extracted.
At last, a feature vector with 8XNXN sub-Gabor features is extracted from each
image, where N denotes the number of rows and columns.
 Matching Module:
In matching module the result of fused fingerprint image and palmprint image are
matched with database template by using Euclidean distance, in order to provide
final decision i.e. Accept/Reject user identity.
Most of the biometric systems deployed in real world applications are unimodal which rely
on the evidence of single source of information for authentication (e.g. fingerprint, face,
voice etc.). These systems are vulnerable to variety of problems such as noisy data, intra-
class variations, inter-class similarities, non-universality and spoofing. It leads to
considerably high false acceptance rate (FAR) and false rejection rate (FRR), limited
discrimination capability, upper bound in performance and lack of permanence. Some of
the limitations imposed by unimodal biometric systems can be overcome by including
multiple sources of information for establishing identity. These systems allow the
integration of two or more types of biometric systems known as multimodal biometric
systems. These systems are more reliable due to the presence of multiple, independent
biometrics. The proposed system is able to meet the stringent performance requirements
imposed by various applications. They address the problem of non-universality, since
multiple traits ensure sufficient population coverage. They also deter spoofing since it
would be difficult for an impostor to spoof multiple biometric traits of a genuine user
simultaneously. Furthermore, they can facilitate a challenge response type of mechanism
by requesting the user to present a random subset of biometric traits thereby ensuring that a
live user is indeed present at the point of data acquisition. To overcome the problems faced
by recognizers of palmprint, fingerprint and face, a novel combination is proposed for the
recognition system. The integrated system also provide anti spoofing measures by making
it difficult for an intruder to spoof multiple biometric traits simultaneously.
The complete algorithmic description can now be given on the next section,
Algorithm MBPI ()
Input: Fingerprint Image, Palmprint Image
Output: User Identity (Accept/Reject)
Step 1. Read input image fingerprint/palmprint from database.
Step 2. Perform image cropping:
a).Convert input image into Grayscale.
Step 3. Decide ROI of cropped image.
Step 4. Apply 2D DWT on resultant image from step 3. This will extract features of
input image i.e. fingerprint/palmprint image.
Step 5. Apply MGF on output of step 4. This will apply different orientations and
scaling on input images. Palmprint and fingerprint share some common
characteristics such as creases and ridges. Other palmprint characteristics
are principle lines and wrinkles. A bank of MGF filters is used to filter
palmprint and fingerprint images in different directions at different
orientations and scaling factors, to highlight these characteristics and
remove noises.
{Step 1 to 4 will be applied sequentially on both fingerprint and palmprint
Step 6. Apply Normalization on resultant images from step 5. This will combine the
normalized features of both fingerprint and palmprint images.
Normalization is important as the filtered palmprint and fingerprint images
may not share the same intensity domain.
Step 7. Apply feature level fusion where it will combine the normalized LL sub-
band images and divide it into none overlapping blocks of size m×n pixels
each. Then, the resulting magnitude will be converted to a scalar number by
calculating its standard deviation value. The size of each block is carefully
chosen, so that no repeated feature is extracted. At last, a feature vector with
8×N×N sub-Gabor features is extracted from each image, where N denotes
the number of rows and columns.
Step 8. Finally apply decision module where the user identity will be decided which
is either Accept/Reject.
End MBPI ().
Biometrics, for instance fingerprint, can be used to improve the level of security. This
system formulates the multimodal biometric system. This is the proof that it is possible to
improve performance by integrating multiple biometrics. This is the novel feature level
fusion method for palmprint and fingerprint biometrics. WT is applied to reduce the image
resolution while retaining important palmprint and fingerprint characteristics. The proposed
fusion method combines unique characteristics of palmprint and fingerprint to enable better
discrimination against imposters. In addition, it requires only the same amount of memory
for storage purposes. Besides that, bimodal biometrics makes it harder for adversaries to
succeed in an attack as they have to spoof both biometrics simultaneously.
[1] Cheng Lu, Jisong Wang, Miao (2009) Second International Symposium on
Electronic Commerce and Security “Multimodal Biometric Identification Approach
Based on Face and Palmprint”
[2] Asim Baig, Ahmed Bouridane, Fatih Kurugollu,(2009) "Fingerprint Iris Fusion
based Identification System using a Single Hamming Distance Matcher".
[3] Lin Hong, Anil Jain, and Sharath Pankanti (2000) "Can Multibiometrics Improve
[4] Ajay Kumar, David Zang (2009) "Combining Fingerprint, Palmprint And Hand-
Shape For User Authentication".
[6] Li, Q., Qiu, Z., Sun, D., (2005)"Feature-Level Fusion of Hand Biometrics for
Personal Verification Based on Kernel PCA ", Lecture Notes in Computer Science,
3832/2005, pp. 744-750.
[7] FVC2004 Fingerprint Database,
[8] PolyU Palmprint Database, biometics/2
A Survey of Advance Resource Reservation in Scheduling in Grid
Department of Computer Engineering,
Dr. B. A. Technological University, Lonere, Raigad, India
Grid computing is a form of distributed computing that involves coordinating and sharing
computational power, data storage and network resources across dynamic and geographically
dispersed organizations. Scheduling onto the Grid is NP-complete, so there is no best scheduling
algorithm for all grid computing systems.
The goal of scheduling is to achieve highest possible system throughput and to match the
application need with the available computing resources. Some computational grid applications
have very large resource requirements and need simultaneous access to resources from more
than one parallel computer with Qos. The end-to-end QoS can be achieved and guaranteed
through proper configuration, reservation and allocation of corresponding resources. Advance
reservation as an effective technique to support QoS guarantees the availability of resources at
specific time as per the user’s requirement.
Motivation of the survey is to encourage the amateur researcher in the field of grid computing,
so that they can understand easily the concept of advance resource reservation in scheduling and
can contribute in developing more efficient algorithm. This will benefit interested researchers to
carry out further work in this thrust area of research.
Keywords: Grid Computing, Scheduling, Request, Resource, Reservation, Backfilling ,
Slack Values, Priority
COMPUTATIONAL Grid is a new trend in distributed computing systems. They allow the
management of heterogeneous, geographically distributed and dynamically available
resources in an efficient way, extending the boundaries of what we perceive as distrib-uted
computing. For running applications, resource management and job scheduling are the
most crucial problems in grid computing systems.
The basic grid model
generally composed of a
number of hosts, each
composed of several compu-
tational resources, which may
be homogeneous or
heterogeneous. The four
basic building blocks of grid
model are user, resource
broker, grid information
service (GIS) and lastly
resources. When user req-
uires high speed execution,
the job is submitted to the
broker in grid.
Grid Structure
Broker splits the job into various tasks and distributes to several resources according to
user’s requirements and availability of resources. GIS keeps the status information of all
resources which helps the broker for scheduling.
1.2 Scheduling :
Job scheduling is the mapping of jobs to specific physical resources, trying to minimize
some cost function specified by the user. This is a NP-complete problem and different
heuristics may be used to reach an optimal or near optimal solution. Effective computa-tion
and job scheduling is rapidly becoming one of the main challenges in grid comput-ing and
is seen as being vital for its success.
1.3 Advance Resource Reservation :
It is a contract between the resources owner and consumer that commits a certain resource
for a defined time to the resource consumer. It can ensure the future availability of the
Grids heterogeneous respurces and help a scheduler to produce better schedules.
2. Literature Survey
2.1 Resource Scheduling: The grid resource scheduling process can be defined as the
process of matching a query for resources, described in terms of required characteristics, to
a set of resources that meet the expressed requirements. To make information availab-le to
users quickly and reliably, an effective and efficient resource scheduling mechanism is
crucial. Generally grid resources are potentially very large in number with various
individual resources that are not centrally controlled. These resources can enter as well as
leave the grid systems at any time. For these reasons resource scheduling in large-scale
grids can be very challenging.
A. Research on Novel Dynamic Resource Management and job scheduling in grid
computing (RNDRM).
Description: This scheduling model is based on Heap Sort Tree (HST) for computing the
available computational power of the nodes (resource) as well as whole grid system. Here
the resource with largest available computational ability among the whole grid system is
selected to be the root node of the HST and it is ready for the scheduler to submit a job.
The algorithm design for job scheduling is well suitable for the complex grids environment
and it is based on
1) This algorithm makes the system more scalable, robust, fault-tolerant and high
2) This strategy provides dynamic status information of the resources in an unpredictable
fast changing grid environment.
1) This algorithm is silent at the condition of job submission failure.
2) The job scheduling strategy may not utilize resource sufficiently.
3) Job waiting time is high.
4) It does not provide real time dynamic grid environment.
B. Agent Based Resource Management with Alternate Solution (ABRMAS).
Description: Agent based Resource Management with Alternate Solution gives an alte-
rnate solution at the situation when resource discovery fails. Algorithm identifies an
equivalent resource without affecting the performance and it also avoids unnecessary
resource discovery.
Sometimes resource discovery is done for time bound task and required resource is
unavailable at that situation. Alternate solution reduces delay overhead in waiting for the
unavailable resource and enhances the system’s efficiency. Implementation result shows
the system success rate is 30% higher with alternate solution.
1) It limits and steer the search towards the anticipated result and provide efficient resource
2) Useful in both cases when discovery fails and more than one solution proposal offered.
1) For large agent hierarchy proposal‘s invitations may be restricted to sub hierarchy.
2) It is not explicit.
C. New Resource Mechanism with Negotiate Solution based on agent in grid
environments (NRMNS).
Description: Agent Based Resource Management with Negotiate Solution gives an
alternate solution at the situation of resource discovery failure. Algorithm adds the
middleware Grid Architecture for Computational Economy (GRACE) with Resource
Pricing Fluctuation Manager (RPFM) into ABRMAS in order to improve the efficiency of
the resource management scheduling allocation in Grid Computing. The feedback model
plays a very important role in the agent-based system when resource discovery failed for
cost bound.
1) The resource provider can get the maximum investment profit.
2) Feedback capability of RPFM is used to adapt the highly dynamic grid environment.
3) Simulation result shows successful rate of resource discovery increases by about 10%.
1) The resource discovery is aborted when the RPA (resource provider agent) refuses to
decrease the cost of the resource; this one is the major drawback.
D. Improved Resource discovery approach using P2P model for condor (IRP2P).
Description: IRP2P is a grid middleware. It is a decentralized technique which opposes
traditional client- server model. Goal of the model is to improve performance of condor
middleware. Proposed hybrid model uses four axis frameworks in P2P approach. Each
framework overcome some limitations of condor middleware and makes it more reliable,
robust and scalable. By implementing membership protocol, network communication is
easy and using overlay construction algorithm interprocess communication is also allowed
which is restricted in condor.
1) Independence from central global control.
2) Fast discovery of resources using DHTs and indexing concept.
3) Scalability.
4) Support for intermittent resource participation.
1) Need to have strong self organization capabilities in order to be able to maintain their
rigid structure.
2) High maintenance cost in the presence of high churn.
E. Virtual Computing Grid using Resource Pooling (VCGRP).
Description: The System is based on loosely coupled concept.Virtual Computing Grid
means the system can choose a resource and allocate tasks to it. Here, it is a single point
web based access known as Virtual Computing Grid Portal and the Virtual Computing Grid
Monitor is a central resource manager for the System.
1) Cost Effective model.
1) Not much Reliable because of only one central manager and single point web access.
2) Since it is cost effective solution quality of service has been play down in the prototype

Analysis and Comparisons between various papers depending upon various parameters
Research on novel dynamic resource management and job scheduling in grid computing
makes system more scalable, robust and fault-tolerant with high load balance but time
complexity is high whereas virtual resource pooling fully utilizes resources with less
reliability. An improved resource discovery approach using p2p model for condor along
with grid middleware makes condor more reliable, scalable and robust for working in
heterogeneous environment. But it needs some strong self managing organization capab-
ility. Alternate solution helps during resource discovery failure which is not explicit.
Negotiation solution is much adaptive in grid, higher resource discovery success rate, high
resource utilization and also cost bounded. Referring table I and simulation result, it is
concluded that a Research on novel dynamic resource management and job scheduling
[RNDRM] in grid computing is best for resource scheduling.
2.2. Advance Resource Reservation Scheduling :
2.2.1. MPRAR :
A resource reservation algorithm with Muti-Parameters called MPRAR for short which
processes reservation requests more flexible. MPRAR creates a global queue and a local
queue named FIFO and Heap respectively. New reservation requests are stored in FIFO
from which the processor draws each request in sequence and calculates a weight value by
three parameters: user priority, job urgency and requesting start-time, and then puts them
into Heap which sorted by weight. It is acceptable if the resource for the request with
minimum weight value is available, otherwise the processor should predict a del-ayed start-
time to replace the original start-time. This mechanism avoids high frequency negotiation
between user and system, and decreases the high rejection rate.
User submits a new reservation request with the variables of start-time, end-time or
duration-time, as well as type of reservation and resource demand. The request will be
rejected if the resource is not able to support advance reservation, otherwise it will be
added to FIFO by the reservation processor which plays the most important part in
the process of reservations. There are five steps for the processor to deal with reservation
Step1: The processor adds requests into FIFO order by requested time when receiving a
new reservation. A weight value is calculated by start-time, priority of user and job
urgency for every request. And then requests are added to Heap arranged in order of weight
value, to Step 2.
Step2: Search available resource for the request with minimal weight value, if so, to Step 3;
otherwise, to Step 4.
Step3: Mark the current request with acceptance. After the task submit by user, add the
marked request to scheduler for resource allocation, to Step 5.
Step4: If there is not available resource for the minimal weight value request, the request
should be deleted from Heap. The processor will predict a delayed start-time called Ta at
that point which the resource is available, and calculate a new weight value to replace the
old one, to Step 1.
Step5: Return the result to user.
2.2.2. SLACK-BASED SCHEDULING (Relaxed Backfilling Scheduling with Multiple
In strict backfill scheduling, each reserved job will begin to run exactly at its assigned start
time, and a queued job could be moved ahead to run on condition that it will not
delay the execution of any reserved jobs. In order to make the strict scheduling more
flexible, the actual start time of each reservation can be relaxed from its rigid start time(ST)
to a time span [ST,ST+slack], in which slack expresses the maximum amount of delay
allowable for the job. A tunable system parameter, slack factor, can be used to calculate the
slack of each job by multiplying its user-specified estimated runtime together. For example,
if slack factor is 0.2, then a reserved job can be delay by other jobs by no more than 20
percent of its estimated runtime.
Different from existing slack-back scheduling, in which only the situation is concerned that
there is at most one backfill or advance reservation in the scheduler, this paper proposed a
flexible and practical mechanism to support slack-based scheduling with more than one
Assume the total number of PEs, slack factor, reservation depth and the numbers of
running jobs, queued jobs and reserved jobs are known, the slack-based backfill scheduling
algorithm with multiple reservations works as follows:
1) Firstly, this algorithm creates three queues for storing the queued jobs, the running jobs,
and the reserved jobs, and sorts the jobs in each queue non-decreasingly according to the
arrival time, the end time and the start time of each job respectively.
2) Then the queued jobs are checked to see if they can be backfilled or reserved.
a) If it is feasible to allocate enough PEs for current queued job to run, no matter by
relaxing other jobs or not, it will be backfilled to start immediately, and it will be moved to
the running job queue.
b) If it cannot be backfilled now and current total number of reservations is less than the
reservation depth, the scheduler will make a reservation for the job and move it to the
reserved job queue.
3) For each reserved job, it will begin to run at its start time and will be moved from the
reserved job queue to the running job queue. If it is necessary to relax itself for other jobs,
its slack and new start time will be updated.

Figure 2. Relaxed Backfilling Scheduling
2.2.3.PB-FCFS Task Scheduling Model
On the basis of structure of traditional model, the model structure adopts the multi-level
updating strategy, as shown
in the Figure 3
The PB-
FCFS task
integrates the
of priority
etc. and
expects to relieve resource slot to enhance the resource utilization rate.
There are three rest-rictions for the PBFCFS task scheduling
model :
Figure 3. Structure of PB-FCFS task scheduling model

Firstly, task will be selected
and run orderly by FCFS
strategy when entering the
scheduling center for the first
time. If it does not have
sufficient resource and task
priority level, the task priority
level is set as initial value by
the scheduler, otherwise
increase task priority level
dynamically Figure 4. The
effect ofPB-FCFS task scheduling model
until the highest priority level.
Secondly, the remaining tasks will re-enter the loop scheduling process when a task
implement is accomplished. Firstly, the task is selected and run orderly in terms of priority
level. For tasks with the same priority level, the selection and implement of one
task is according to FCFS strategy. Otherwise the scheduler will continue to increase task
priority level until the highest priority is reached.
Finally, if there is insufficient resource, the first task in waiting queue must wait for the
accomplishment of tasks in running queue and as well release resource. Immediately, the
backfilling strategy is applied to insert some tasks with fewer resource requirements from
waiting queue into the running queue.
The Figure 4 shows an effect image of PB-FCFS model under an ideal state. The scheduler
submits tasks to wait queue in sequence. We regard the first box as the first task, namely
task 1, the rest may be deduced by analogy, as shown in (a). Task is run
orderly according to FCFS strategy when enters the scheduling center for the first time.
Moreover, due to insufficiency of resources, task 4 begins to wait, whilst the scheduler sets
priority level as the initial value for task 4. At the same time, backfilling strategy is
applied to insert some tasks with fewer resource requirements from waiting queue into the
running queue, as shown in (b). Then the task 1 is accomplished, as shown in (c). At the
same time, scheduler selects tasks to run according to priority.
3. Conclusion :
In this paper, various Advance Resource Reservation Scheduling algorithms in grid
computing have been surveyed. A comparison on various parameters like distributed,
hierarchical, centralized, response time, load balancing, resource utilization was done get
feedback on different types of job and resource scheduling. The researchers can use these
facts to develop better algorithms. In the above study it was found that no paper has
specified memory requirement of the jobs while submitting the jobs to the selected
resources. Memory requirement of a job is vital in completing the execution of jobs at the
selected resources within a time bound in realizing a real grid system. Our future work will
be based on the above findings to develop a more efficient algorithm for job
scheduling and resource selection that will reduce the preprocessing time of jobs and
considering memory constraint for resource selection.
4. Reference:
[1] Ahmar Abbas , Grid Computing : “A practical Guide To Technology and
Applications”, Firewall Media,2008
[2] “The Anatomy of the Grid”, 2001, I.Foster, Carl Kesselman, Steven Tuecke
[3] “The Physiology of the Grid”, 2002, I.Foster, Carl Kesselman, Steven Tuecke
[4] “A Survey of Job Scheduling and Resource Management in Grid Computing”, by
Raksha Sharma, Vishnu Kant Soni, Manoj Kumar Mishra, Prachet Bhuyan , World
Academy of Science, Engineering and Technology 64 2010
[5]“A Resource Reservation Algorithm with Muti-Parameters” by Ningning
GAO,Hong JIANG, 2011 Sixth Annual ChinaGrid Conference
[6]“Scheduling of a Relaxed Backfill Strategy with Multiple Reservations” by Bo Li,
Ying Li, Min He, Hao Wu and Jundong Yang , The 11th International Conference
on Parallel and Distributed Computing, Applications and Technologies ,2010
[7]“PB-FCFS--A Task Scheduling Algorithm Based on FCFS and backfilling Strategy
for Grid Computing” by Hong JANG, Tianwei NI, 978-1-4244-5228-6/09,2009
[8] “Scheduling with Advanced Reservations”, Warren Smith, Ian Foster, Valerie
Classifier Based Intrusion Detection System
Mr. Sable Nilesh P.
, Ms. Kharade Snehal G.
Lecturer Department of Computer Engineering, University of Pune, Pune, India
Student Department of Computer Engineering, University of Pune, Pune, India
The paper describes the design of a genetic classifier-based intrusion detection system, which
can provide active detection and automated responses during intrusions. It is designed to be a
sense and response system that can monitor various activities on the network (i.e. looks for
changes such as malfunctions, faults, abnormalities, misuse, deviations, intrusions, etc.). In
particular, it simultaneously monitors networked computer’s activities at different levels (such as
user level, system level, process level and packet level) and use a genetic classifier system in
order to determine a specific action in case of any security violation. The objective is to find
correlation among the deviated values (from normal) of monitored parameters to determine the
type of intrusion and to generate an action accordingly. We performed some experiments to
evolve set of decision rules based on the significance of monitored parameters in UNIX
environment, and tested for validation.
This paper describes the design and implementation of a classifier-based decision
support component for an intrusion detection system (IDS). This classifier-based IDS
monitors the activities of Unix machines at multiple levels (from packet to user-level) and
determines the correlation among the observed parameters during intrusive activities. For
example, at user level – searches for an unusual user behavior pattern; at system level –
looks at resource usage such as CPU, memory, I/O use etc.; at process level – checks for
invalid or unauthenticated processes and priority violations; at packet level – monitors
number, volume, and size of packets along with source and type of connections. We
developed a Java-based interface to visualize the features of the monitored UNIX
environment. We used some built-in tools (such as vmstat, iostat, mpstat, netstat, snoop,
etc.), syslog files and shell commands for simultaneously monitoring relevant parameters at
multiple levels. As the data collector sensors observe the deviations, the information is sent
to the classifier system in order to determine appropriate actions
I. Problem Statement
The problem of detecting anomalies, intrusions, and other forms of computer abuses can
be viewed as finding non-permitted deviations (or security violations) of the characteristic
properties in the monitored (network) systems. This assumption is based on the fact that
intruders activities must be different (in some ways) from the normal users activities.
However, in most situations, it is very difficult to realize or detect such differences before
any damage occur during break-ins.
To develop Intrusion detection system based on artificial intelligence, genetic approaches
and agent architectures for detecting coordinated and sophisticated attack instead by
developing an evolvable system that can adapt to environment of referring some static
database and updating it time to time.
Our aim to develop a Java-based interface to visualize the features of the monitored
UNIX environment. We used some built-in tools (such as vmstat, iostat, mpstat, netstat,
snoop, etc.), syslog files and shell commands for simultaneously monitoring relevant
parameters at multiple levels. As the data collector sensors observe the deviations, the
information is sent to the classifier system in order to determine appropriate actions
In this application I propose design and implementation of a classifier-based decision
support component for an intrusion detection system (IDS). This classifier-based IDS
monitors the activities of UNIX machines at multiple levels (from packet to user-level) and
determines the correlation among the observed parameters during intrusive activities. For
example, at user level – searches for an unusual user behavior pattern; at system level –
looks at resource usage such as CPU, memory, I/O use etc.; at process level – checks for
invalid or unauthenticated processes and priority violations; at packet level – monitors
number, volume, and size of packets along with source and type of connections
A. System Overview

B. Modules in the system with detail description
1. Multi-level Parameter Monitoring: -
Our prototype system currently monitors the parameters USER, SYSTEM, PROCESS,
NETWORK; some of these parameters are categorical in natures, (e.g. type of user, type of
connections) which are represented numerically for interpretation. However, the selection
of these parameters is not final and may vary (based on their usefulness) in our future
2. Setting Thresholds:-
Historical data of relevant parameters are initially collected over a period of time during
normal usage (with no intrusive activities) to obtain relatively accurate statistical measure
of normal behavior patterns. Accordingly, different threshold values are set for different
1. classifier-based intrusion detection system:-
The best approach may be to design an evolvable system that can adapt to environment.
A classifier system is an adaptive learning system that evolves a set action selection rules
to cope with the environment. The condition-action rules are coded as fixed length strings
(classifiers) and are evolved using a genetic search. These classifiers are evolved based on
the security policy.
2. Creating a High-Level Knowledge Base :-
The degree of importance of each level (of monitored parameters) is hypothesized based
on the domain knowledge. The purpose is to generate rules from a general knowledge base
designed by experts. Though the accuracy of this knowledge base will result in more
realistic actions, the heuristic rule set that we used can provide similar detection ability.
3. Classifier Systems in Rule Discovery:-
Classifier systems are dynamical systems that evolve stimulus-response rules or
classifiers (using Genetic Algorithms), each of which can interact with the problem solving
4. Genetic Algorithm: -
Genetic algorithms operate on a population of candidate solutions applying the principle
of survival of the fittest to produce better and better approximations to a solution. In
general, in order to successfully employ GA to solve a problem.
5. Fitness Evaluation: -
The purpose of the fitness function is to measure how good each rule is in solving the
problem. In our approach, we consider the following elements while generating the rule set
C. Application of the system
1. Effective dynamic, evolving Intrusion Detection System
2. Manual updating of database is not required as it is intelligence based
3. Complete evaluation of system to maintain track of attacks (User, system, process,
4. Verification of action and respective action for attack takes place
As internet and network is becoming part of everyone’s commercial, social, personnel
life, it is very important to keep our private data safe, secure. In order to do that effective
Intrusion Detection System to cope up with intruder’s database. As a complete solution this
system can be in every computer which is supposed to be kept secure.
Most existing intrusion detection systems either use packet-level information or
user activities to make decisions on intrusive activities . In this paper, we described an
intrusion detection system that can simultaneously monitor network activities at different
levels (such as packet level, process level system level and user level), it can detect both
inside misuse and outside attacks. The main emphasis of this work is to examine the
feasibility of using a classifier-based intelligent decision support subsystem for robust
intrusion detection.
The proposed system has some unique features of simultaneous monitoring at multi-
level to detect both known and unknown intrusions and generate specific response. The
developed system will perform real-time monitoring, analyzing, and generating appropriate
response to intrusive activities. This work is a part of a larger research project on
developing an intelligent intrusion detection system. In this paper, we emphasized on the
design and implementation of classifier system as decision support component. We are
currently experimenting in a simulated environment as a part of an early development. We
anticipate that a more effective and practical rule base will emerge after the implementation
and observation of the network
1. D Anderson, T Frivold, and A Valdes. Next-generation intrusion-detection expert
system (NIDES). Technical Report SRI-CSL-95-07, Computer Science Laboratory,
SRI International, Menlo Park, CA 94025-3493, USA, May 1995.
2. Christina Warrender, Stephanie Forrest, and Barak Perlmutter. Detecting intrusions
using system calls: Alternative data models. In IEEE Symposium on Security and
Privacy, pages 133.145, Berkeley, California, May 1999.
3. Steven R Snapp, Stephen E Smaha, Daniel M Teal, and Tim Grance. The DIDS
(distributed Intrusion detection system) prototype. In Proceedings of the Summer
USENIX Conference, pages 227.233, San Antonio, Texas, 8.12 June 1992.
USENIX Association.
4. Herv´e Debar, Marc Dacier, and Andreas Wespi. Towards a taxonomy of intrusion
detection Systems. Computer Networks, 31(8):805.822, April 1999.
5. MEsmaili, R Safavi, Naini, and J Pieprzyk. Intrusion detection: A survey. In
Proceedings of ICCC'95. (12th International Conference on Computer
Communication), volume xxxxii+862, pages 409.414. IOS Press, Amsterdam,
Netherlands, 1995.
6. Koral Ilgun. USTAT: A real-time intrusion detection system for UNIX. In
Proceeding of the 1993 IEEE Symposium on Security and Privacy, pages 16.28,
Oakland, California, 24.26 May 1993. IEEE Computer Society Press.
7. Kathleen A Jackson, David H DuBois, and Cathy A Stallings. An expert system
application for network intrusion detection. In Proceedings of the 14th National
Computer Security Conference, pages 215.225,Washington, D.C., 1.4 October
1991. National Institute of Standards and Technology/National Computer Security
Content Based Image Processing on Plant Images
Mr.Rajan Jamgekar
Asst Prof NBNSCE
Mr. S V Chobe
Content Based Image Retrieval (CBIR), is focusing on developing a Fast And Semantics-
Tailored (FAST) image retrieval methodology. Image retrieval is very important step for
computer aided plant species recognition. In this project we are using different transform
techniques for plant image recognition on the basis of shape and texture features.
Basically we are calculating Euclidean distance of plant image in the database from
query image by applying following transforms.
1. Gabor Zernike.
2. Fourier Descriptor
3. Generic Fourier Descriptor
4. Curvature Scale Space
By applying all these transforms to plant image we are characterizing shape and
texture features of plant. In this project we have 100 plant images in the database. We
calculated Euclidean distance of every plant image in the database from the query image.
On the basis of Euclidean distance of query image all the plant images are arranged as
per ascending order of Euclidean distance. The experimental result showed that Gabor
Zernike transform gives better results to retrieve plant images from the database on the
basis of feature vector of plant.
Finally we did comparative study of all these transform by drawing precision and recall
graph which gives percentage retrieval result of plant image from the database.
Keywords: Fourier descriptors, shape, CBIR, retrieval., Gabour Zernike, Curvature Scale
Due to the rapid development of digital and information technologies, more and more images
are generated in digital form. This requires image to be effectively and efficiently described to
facilitate automatic searching. Content Based Image Retrieval (CBIR) is a technique whereby
images are described by a few top level features such as color, texture,
shape or the combination of them. There is an increasing trend towards the digitization of
plant imagery. Shape is the fundamental visual features in CBIR. Various shape techniques
exist in the literature, these methods can be classified into two categories: Region-based and
Contour-based. Contour-based shape descriptors use only the boundary information, ignoring
the shape interior content. Examples of contour based shape descriptors include Fourier
descriptors , Wavelet descriptor , Curvature scale space descriptor . Since they are computed
using only boundary pixels, their computational complexity is low, but they cannot represent
shapes for which the complete boundary information is not available.
In contrast to conventional text-based retrieval, a CBIR system uses image content instead of
text to retrieve the counterparts in the database. In general, there are two ways to retrieve
information from a database: one is the global approach which uses the complete information
contained in an image to search the database; the other is the local approach which selects a
region-of-interest (ROI) as the base to perform search. The advantage of the former is that less
human intervention is involved, but at the sacrifice of retrieving relatively incorrect data to
introduce too much irrelevant results.

In image processing, Feature extraction is a special form. When the input data to an
algorithm is too large to be processed and it is suspected to be notoriously redundant (much
data, but not much information) then the input data will be transformed into a reduced
representation set of features (also named features vector). Transforming the input data into
the set of features is called features extraction. If the features extracted are carefully chosen it
is expected that the features set will extract the relevant information from the input data in
order to perform the desired task using this reduced representation instead of the full size
input. Feature extraction involves simplifying the amount of resources required to describe a
large set of data accurately.
3.1 Shape
The human vision system identifies objects with the edges they contain, both on the boundary
and in the interior based on the intensity differences among pixels. These intensity differences
are captured as the shape content of salient objects with respect to their centroids in images.
The shape descriptors are classified in two groups: contour-based (e.g., Turning Angle
representation and Fourier descriptors) and region-based (e.g., moment descriptors, generic
Fourier descriptors, and grid descriptors).
3.2 Texture
Texture is an important feature since the images can be considered as the composition of
different texture regions. There are various techniques for texture feature extraction. The
statistical approaches make use of the intensity values of each pixel in an image, and apply
various statistical formulae to the pixels in order to calculate feature descriptors
The shapes in the database are plants images in the form of gray level images. The
preprocessing is to extract the boundary information, or coordinates of the boundary, from the
shape. The block diagram for preprocessing is shown above. The first step in the
preprocessing is to binarizing the shape image; a simple threshold is applied to convert the
gray level shape image into binary image. In reality, shape images are often corrupted with
noise, as a result, the shape obtained from the thresholding usually has noise around the shape
boundary, therefore, a denoise process is applied. The denoising process eliminates those
isolated pixels and those isolated small regions or segments. For the nonsilhouette shape, the
shape boundary is not always connected; therefore, a m-connectivity connection technique is
used to fill the gaps between boundary points. The shape is then traced using a 8- connectivity
contour tracing technique to obtain the shape boundary coordinates.

Spectral descriptors include Fourier descriptors (FD) and wavelet descriptors (WD), they are
usually derived from spectral transform on shape signatures. With Fourier descriptors, global
shape features are captured by the first few low frequency terms, while higher frequency terms
capture finer features of the shape. Apparently, Fourier descriptors not only overcomes the
weak discrimination ability of the moment descriptors and the global descriptors but also
overcome the noise sensitivity in the shape signature representations. Other advantages of FD
method include easy normalization and information preserving. Recently, wavelet descriptors
have also been used for shape representation.
5.1 Shape signatures
In general, a shape signature is any 1-D function representing 2-D areas or boundaries. Four
shape signatures are considered in this paper, these are central distance, complex coordinates
(position function), curvature and cumulative angular function. The reason for choosing these
four shape signatures for test and comparison is because they are mostly used in recent FD
implementations and have been shown practical for general shape representation. The shape
boundary coordinates have been extracted in the preprocessing stage.
(x(t), y(t)), t = 0, 1, …, L-1,
5.2 Complex coordinates
A complex coordinate’s function is simply the complex number generated from the boundary

In order to eliminate the effect of bias, we use the shifted coordinates function:
where (xc, yc) is the centroid of the shape, which is the average of the boundary coordinates

This shift makes the shape representation invariant to translation.
5.3 Centroid distance
The centroid distance function is expressed by the distance of the boundary points from the
centroid (xc, yc) of the shape

Due to the subtraction of centroid, which represents the position of the shape, from boundary
coordinates, the centroid distance representation is also invariant to translation.
5.4 Curvature signature
Curvature represents the second derivative of the boundary and the first derivative of the
boundary tangent. The curvature function used is defined as the differentiation of successive
boundary angles calculated in window however, this curvature function defined in this way
has discontinuities at size of 2π in the boundary, therefore,

Where θ (t) is defined as above. Curvature is invariant under translation and rotation.
5.5 Cumulative angular function
Shape can also be represented by boundary angles, but due to that the tangent angle function θ
(t) can only assume values in a range of length 2π, usually in the interval of [-π, π] or [0, 2π].
Therefore θ (t) in general contains discontinuities of size 2π. Because of this, a cumulative
angular function is introduced to overcome the discontinuity problem. The cumulative angular
function θ (t), is the net amount of angular bend between the starting position z(0) and position
z(t) on the shape boundary In order to make it accord with human intuition that a circle is
“shapeless”, a normalized cumulative angular function ψ(t) is used as the shape signature
(assuming shape is traced in anti-clockwise direction)

Three of the smoothed shape signatures of the shape in Figure 2(b) are shown in Figure 5.

Figure 3: Shape Indexing Using Fourier
5.6 Texture feature extraction
Texture, a global shape feature could be used to associate related shapes. Here we combine the
Gabor filters and Zernike moments to form a set of features suitable for texture shape features.
Fourier transformation on shape signatures is widely used for shape analysis, there are also
some recent attempts to exploit it for shape retrieval The Fourier transformed coefficients
form the Fourier descriptors of the shape. These descriptors represent the shape of the plant in
a frequency domain.
Along with this descriptors we have implemented different transform to recognize plant image
on the basis of features extracted from the plant image

6.1 Generic Fourier Descriptor
Generic Fourier Descriptor proposed by is extracted from spectral domain by applying 2-D
Fourier transform (FT) on polar raster sampled shape image. Shape analysis using FT is
backed by well developed and well understood Fourier theory
6.2 Fourier descriptor
The multiscale Fourier descriptor is formed by applying the complex wavelet transform to the
boundary function of an object extracted from an image. After that, the Fourier transform is
applied to the wavelet coefficients in multiple scales.
6.3 Gabor Zernike
With an optimized implementation, retrieval rates of several 10Hz can be reached, which
makes the fast Gabor transform a superior one-to-one replacement even in applications that
require video-rate update. Parameters of the Gabor wavelets, namely frequency and
orientation, are adjusted to gain better performance. The processing of plant images by Gabor
filter is chosen for its technical properties. The Gabor filter kernels have similar shapes as the
receptive fields of simple cells in the primary visual cortex. They are multi-scale and
multiorientation kernels.
6.4 Curvature Scale Space
In curvature scale space (CSS) representation the first step is to extract edges from the original
plant image using a Canny detector. The corner points of an image are defined as points where
plant image edges have their maxima of absolute curvature. The corner points are detected at a
high scale of the CSS image and the locations are tracked through multiple lower scales to
improve localization. Corner detection is an important task in various machine vision and
image processing systems. Applications include motion tracking, object recognition, and
stereo matching.
Curvature Scale Space
1. Corner:-
The process of CSS image corner detection is as follows:
• Utilize the Canny edge detector to extract edges from the original image.
• Extract the edge contours from the edge image:
Fill the gaps in the edge contour
Find T-junctions and mark them as T-corners
• Compute the curvature at highest scale _high and declare the corner candidates as the
maxima of absolute curvature above a threshold t.
• Track corners to lowest scale to improve localization.
• Compare the T-corners to the corners found using the curvature procedure and remove
very close corners.
2. Canny: - This function is used to detect edges of the image.
3. Extract_curve :- This function is used to find number of curves of the image. It gives
starting and ending point of the curve.
4. Get corner: - This function is used to find T corners in the image
5. Edge direction :- This function is used to detect curves in the image.
Content Based Image Retrieval (CBIR), is focusing on developing a Fast And Semantics-
Tailored (FAST) image retrieval methodology. Specifically, the contributions of FAST
methodology to the CBIR literature include:
(1) Development of a new indexing method based on fuzzy logic to incorporate color, texture,
and shape information into a region based approach to improve the retrieval effectiveness and
(2) Development of a new hierarchical indexing structure and the corresponding Hierarchical,
Elimination-based A* Retrieval algorithm (HEAR) to significantly improve the retrieval
efficiency without sacrificing the retrieval effectiveness; it is shown that HEAR is guaranteed
to deliver a logarithm search in the average case.
(3) Employment of user relevance feedbacks to tailor the semantic retrieval to each user's
individualized query preference through the novel Indexing Tree Pruning (ITP) and Adaptive
Region Weight Updating (ARWU) algorithms.
The performance of all descriptors is evaluated by using plant database. The precision and
recall graphs are drawn for each descriptor. The database created in this way makes the
evaluation more reliable. The performance of the retrieval is evaluated using precision and
recall. Precision P is defined as the ratio of the number of relevant retrieved shapes r to the
total number of retrieved shapes n. Recall R is defined as the ration of the number of retrieved
relevant images to the total number m of relevant shapes in the whole database. Therefore

Query image is Christmas Tree. The related plant images retrieved by applying all Transform
are six . The Euclidean distance of these images is approximately same to the query image. Out
of six plant images three plant images are retrieved within first twenty five images.


Curvature Scale Space gives results for some plants. In result of Curvature Scale Space
Original plant image is Papaya for which we are getting edge map and corners properly
• Gabour Zernike
As compared to Fourier Descriptor Gabour Zernike transform gives seventy percent accurate
results to retrieve plant images.
• Fourier Descriptor
Fourier Descriptor gives forty percent accurate results to retrieve plant images.
• Generic Fourier Descriptor
Generic Fourier Descriptor gives forty percent correct results to retrieve plant images.
• Generic Fourier Descriptor and Fourier Descriptor (Combined)
As per the Precision and Recall graph Generic Fourier Descriptor and Fourier Descriptor
(Combined) the accuracy of result to retrieve plant images is fifty percent.
• Generic Fourier Descriptor, Fourier Descriptor and Gabour Zernike (Combined)
By observing the Precision and Recall graph of Generic Fourier Descriptor, Fourier Descriptor
and Gabour Zernike (Combined) the percentage of accuracy to retrieve plant images is fifty.
• Curvature Scale Space
By observing the results and Precision and Recall graphs of all methods it can be said that
Curvature Scale Space is not applicable for plant type of images because shape of plant is not
regular and plants don’t have proper edges and corner points. The Curvature Scale Space
method gives better results for images having regular shape (Like rectangle, square, triangle)
in which getting proper edges and corner points is possible. In plant images it is not possible
to extract proper edges and corner points. So Curvature Scale Space results are not satisfactory
to retrieve plant image.
Finally it can be said that Gabour Zernike is the best technique to retrieve plant images
because the results getting by applying Gabour Zernike to plant database are more accurate as
compare to other techniques which are used in this project. It is proved by drawing Precision
and Recall graph for plant database and results
[1] Multiscale Fourier Descriptor for Shape-Based Image Retrieval Iivari Kunttu1, Leena
Lepistö1, Juhani Rauhamaa2, and Ari Visa IEEE Transactions on Image Processing, Vol. 5,
No. 1, 1996, pp. 56-70.
[2] A Comparative Study on Shape Retrieval Using Fourier Descriptors with Different Shape
Signatures Dengsheng Zhang and Guojun Lu IEEE Trans. On Systems, Man and Cybernetics,
Vol.SMC- 7(3):170-179, 1977.
[3] Hannu Kauppinen, Tapio Seppanen and Matti Pietikainen. An Experimental Comparison
of Autoregressive and Fourier-Based Descriptors in 2D Shape Classification. IEEE Trans.
PAMI-17(2):201- 207
[4] [PF77] Eric Persoon and King-sun Fu. Shape Discrimination Using Fourier Descriptors.
IEEE Trans. On Systems, Man and Cybernetics, Vol.SMC- 7(3):170-179, 1977
[5] Advantages of Using a Space Filling Curve for Computing Wavelet Transforms of Road
Traffic Images 10th International Conference on Image Analysis and Processing 1999 Venice
[6] Image Coding Using Wavelet Transform Marc Antonini, Michel Barlaud, Member, IEEE,
Pierre Mathieu, and Ingrid Daubechies, Member, IEEE Technical Report. Bell Laboratories,
Lucent Technologies 1996.
[7] Facial Expression Recognition Based on Gabor Wavelet Transformation and Elastic
Templates Matching ZHAN Yong-zhao YE Jing-fu NIU De-jiao CAO Peng IEEE Trans.
Pattern Anal.Machi ne Intel1. 1994.
Optimization of gap between Visual Features and high level Human
Semantics in Content Based Image Retrieval
Pranoti P. Mane
MES college of Engineering, Pune
Dr. N. G. Bawane
Senior member, IEEE, G. H. Raisoni College of Engineering,
CBIR can be viewed as a methodology in which field of study is concerned with searching &
browsing digital images from database collection. Human beings are able to interpret images of
different levels, both in low level features (color, shape, texture ,Spatial layout etc.) and high level
semantic concepts (abstract objects like table, chair, animal, building, tumor image, etc.) However,
an automated extraction system used in machine is only able to interpret images based on low-level
image features. Bridging the semantic gap in Content Based Images Retrieval has become a hot
research area. This paper gives a comprehensive survey on current techniques for bridging the
semantic gap in CBIR (Content Based Images Retrieval) and technical achievements in this area.
The survey includes the study of a large number of papers covering the research aspects of system
designs and applications of CBIR, difference between low-level image features and high level
semantics. In addition it not only focuses on the semantic image retrieval systems but also throws
the lights on various techniques used to reduce semantic gap in CBIR. Furthermore, several
recommendations have been suggested based on the limitations of current techniques.
Content Based Image Retrieval (CBIR), semantic gap, image annotation, relevance feedback.

Image retrieval is the field of study concerned with searching and browsing digital images
from database collection. With many potential multimedia applications, content-based image
retrieval (CBIR) has recently gained more attention for image management. Content-based
image retrieval is a very active research topic in all the fields of image processing, multimedia,
digital libraries, remote sensing, astronomy, database applications and other related area.
Since many images have been generated in digital form, image retrieval is gaining more and
more importance in all the fields where images carry relevant information particularly in
clinical medicine and biomedical research, where imaging is present for diagnosis, therapy or
education [13,14].
In CBIR system, to build an image database ,the feature vectors are extracted from images.
These features can be color, shape, texture, region or Spatial features. Then feature vectors are
stored in another database for future use. When a query image is given, similar feature vectors
are extracted from it and compared or matched with those already in the database. Then the
distance between the two image vectors is calculated and when it is small, enough, that image
in the database is considered as a match to the query image. The search is usually based on
similarity rather than on exact match and the retrieval results are then ranked according to a
similarity index [5].

Semantic gap in content based image retrieval
An effective image retrieval system needs to operate on the collection of images to retrieve
the relevant images based on the query image that conforms as closely as possible to human
perception. For an example finding an image of a little girl playing a ball on the lawn. Human
beings are able to interpret images at different levels, both in low-level features (color, shape,
texture and object detection) and high-level semantics (abstract objects, an event,
etc.).However, a machine is only able to interpret images based on low-level image features.
Besides, users prefer to articulate high-level queries, but research in CBIR systems has mainly
focused on extracting low-level visual features and then using them directly to compute image
similarity. This is mainly due to the unavailability of low-level image features in describing
high-level concepts in the human’s mind. Although the retrieval quality is sufficient for some
tasks and the automatic extraction of visual features is rather convenient, there is still a
semantic gap between the low-level visual features (textures, colors) automatically extracted
and the high-level concepts (tumors, abnormal tissues) that users normally search for.
Semantic features differ from visual features in many aspects. While visual features are
general and could be used with different image types and modalities, semantic features are
domain specific. For example in the domain of Lung CT, a combination of visual features may
be used such as gray-scale histograms and wavelet transforms coefficients to compose the
feature vector. On the other hand, a semantic feature vector may be composed of the semantic
categories existing in the image such as “Soft tissue”, “Lung tissue”, “Heart” etc. While gray-
scale histograms and wavelet transforms coefficients are common features that could be used
to describe other image modalities, semantic features mentioned above are suitable only for
Lung CT’s [9].

Semantic Image Retrieval System
In [2] the author has proposed to use heuristic information and intermediate features from
images to develop a general semantic image retrieval system with similar functionality to the
conventional SQL system. The proposed system is consisted of two parts: offline processing
units and online processing units as illustrated in Figure 1. The offline process starts by
segmenting input crude images into regions; it is followed by extraction of primitive image
features; a converting machine then interprets the regions into heuristic information or
translates the primitive features into intermediate features;
finally, images are represented as heuristics and intermediate features to be indexed into the
database. The online process is initiated by a query submitted by the user, the system then
applies three stages of retrieval processing to return all images similar to the query. The three
stages of retrieval consist of heuristic filter, intermediate filter and relevance feedback. The
online processing is typically conducted on a client terminal using a web browser [2].
Fig.1 Block diagram of a general semantic image retrieval system
Review state-of-the-art techniques in narrowing down the 'semantic gap'
Some of the major categories of the state-of-the-art techniques in narrowing down the
'semantic gap' are manual image semantic extraction using manual annotation, supervised
learning methods to associate low-level features with query concepts, unsupervised learning
techniques, use of relevance feedback to learn users' intention and ontology and fuzzy logic.
One conventional way to describe the image in high level is using the manual annotation
which needs to annotate every image where users enter some descriptive keywords when the
images are loaded/registered/browsed. Existing applications are based on whole images and
cannot annotate based on the objects or regions of the images. Inotes and facebook are most
popular annotation approaches [12].
Supervised image learning is an important process to increase image retrieval speed, improve
retrieval accuracy, and perform annotation automatically [11]. In this off-line process, a
collection of category labels and related visual features are used. Support Vector Machine is a
machine-learning tool used for multiple concepts learning in image retrieval. SVM methods
have been often used when user provides some relevant or irrelevant feedbacks [2]. Tao et al.
[2] claims that the small number of positive feedback affects the effectiveness of SVM
classification method. Liu's comparative study [3] found that the decision tree induction
method is an effective candidate for the mapping between visual features and high-level
semantic concepts of an image. Furthermore, user's feedback is no necessary in this regard.
Their precise experimental results in precision (Pr) and recall (Re) of 40 queries with various
numbers of images demonstrate an improvement of 10% in retrieval accuracy compared with
other CBIR systems..
Unsupervised clustering is another important technique used in content-based image retrieval.
The aim of this approach is to categorize a collection of image data in a way to maximize the
similarity within clusters (high intra-cluster similarity) and minimize the similarity between
the clusters (low inter-cluster similarity)[3] . Li et al. [7] presented an annotation system
named automatic linguistic indexing of pictures (ALIP), in which each semantic category is
characterized by a statistical model named 2D multi-resolution hidden Markov.
To reduce the Semantic gap in CBIR, the user interacts with the CBIR system by providing
additional information during the retrieval process. This is known as relevance feedback (RF).
The conventional process of RF is given as follows: firstly, from the retrieved images, the user
labels a number of relevant samples as positive feedbacks, and a number of irrelevant samples
as negative feedbacks and secondly the CBIR system then refines its retrieval procedure
based on these labeled feedback samples to improve retrieval performance. These two steps
can be carried out iteratively. As a result, the performance of the system can be enhanced by
gradually learning the user’s preferences. However, there is still a big room to improve
further the RF performance, because the popular RF algorithms ignore the manifold structure
of image low-level visual features. In [10], the author has proposed the biased discriminative
Euclidean embedding (BDEE) which parameterizes samples in the original high-dimensional
ambient space to discover the intrinsic coordinate of image low-level visual features. BDEE
precisely models both the intra class geometry and interclass discrimination and never meets
the under sampled problem [10].
To reduce the Semantic gap, a universal Semantic Description model Based on Fuzzy Domain
Ontology (SDMFDO) is constructed. Ontology is a kind of model that is used to describe the
concepts and the relations of them, and fuzzy set theory can make image retrieval apart from
precision of calculating. By adding fuzzy membership to the concepts and the relations of
them in the domain ontology, a Fuzzy Domain Ontology (FDO) is obtained which can be used
to describe the semantic features of an image in a way catering for human's fuzzy thoughts.
Then the mapping from low-level features to high-level semantic features is realized using
FSVMs [8].
Although manual annotation of image content is considered a “best case” in terms of
accuracy, since keywords are selected based on human determination of the semantic content
of images, it is a labor intensive and tedious process. So, researchers are moving toward
automatic extraction of the image semantic content. The performance of SVM-based RF
approaches is often poor when the number of labeled feedback samples is small. The main
drawback of unsupervised clustering methods [3] is the lack of solution to reduce the
uncertainty involved in the meaningful image concepts. Another disadvantage of clustering
methods [7] is the high computational cost. The approach that asks to the user to set the
relevance of the images to a given query and to reprocess it based on the user’s feedback is
called as relevance feedback and is been proven to be quite effective in bridging the semantic
gap in image retrieval[1]. Relevance feedback as a real time classification technique can be
integrated with other supervised and unsupervised learning techniques to provide meaningful
image retrieval [6].
This paper presents study of Content Based Image Retrieval as well as the problem of
Semantic gap between low-level features and high-level semantics in CBIR. In addition, a
comprehensive review of different techniques to reduce the semantic gap in CBIR is
presented. The major categories of state-of-the-art techniques including manual image
semantic extraction using manual annotation, supervised learning methods, un supervised
learning methods, Fuzzy domain ontology and relevance feedback approaches in reduction of
the semantic gap between low level image features and high level human semantics have been
[1] Agma J. M. Traina, Joselene Marques, Caetano Traina Jr , “Fighting the Semantic Gap on
CBIR Systems through New Relevance Feedback Techniques”, Proceedings of the 19th IEEE
Symposium on Computer-Based Medical Systems (CBMS'06)
[2] D. Zhang, Y.Liu1, and J.Hou ,“Digital Image Retrieval Using Intermediate Semantic Features
and Multistep Search”, International Conference on Computing:Techniques and Applications,
[3] G.Rafiee, S.S.Dlay, and W.L.Woo, “A Review of Content-Based Image Retrieval”,CSSNDSP
[4] R.Datta,Weina G.,J.Li, J.Z.Wang , “Toward bridging the annotation- retrieval gap in image
search by a generative modeling approach”, Proceedings of the 14th annual ACM
international conference on Multimedia, Vol. 14,2006.
[5] M.B .Kokare, B.N. Chatterji and P.K. Biswas, “A Survey On Current Content Based Image
Retrieval Methods”, IETE Journal of Research, 2002,pp. 261-271
[6] J. Tao, X. Tang, X. Li, and X. Wu, "Asymmetric bagging and random subspace for support
vector machines-based relevance feedback in image retrieval," Pattern Analysis and Machine
Intelligence, IEEE,2006,vol. 28, pp.1088- 1099.
[7]Jia Li and J. Z. Wang, “Automatic Linguistic Indexing of Pictures by a Statistical Modeling
Approach”, IEEE Transaction on Pattern Analysis and Machine Intelligence, vol. 25, no.9,
September 2003,pp.1075-1088.
[8] Vasileios Mezaris, Ioannis Kompatsiaris, and Michael G. Strintzis, “An Ontology based
approach to object based Image retrieval” ,ICIP 2003.
[9] O.Karam, A.Hamad, and M.Attia,“Exploring the Semantic Gap in CBIR: with application to
Lung CT” , GVIP 05 Conference, 19-21 December 2005, CICC, Cairo,pp. Egypt,422-426.
[10] Wei Bian and Dacheng Tao, Member, IEEE, “Biased Discriminant Euclidean Embedding
for CBIR”, IEEE Transaction on Image processing, vol. 19, NO. 2, February 2010, pp.545-
[11] Datta R., Joshi D., Li J. and Wang J.Z., “Image Retrieval: Ideas, Influences, and Trends
of the New Age”, ACM Comput. Surv,Vol 40, 2008,pp. 1–60.
[12] J Fan, Daniel A Keim, Hangzai Luo, Zongmin Li ,” Personalized Image Recommendation
via Exploratory Search from Large-Scale Flickr Image Collections”, IEEE Transactions on
Circuits and Systems, Vol 18 , Issue: 8, 2008,pp.1-20
[13] Ying Liu,Dengsheng Zhang,Guojun Lu and Wie-Ying Ma,“A survey of content-based
image retrieval with high-level semantics”,Pattern Recognition,Vol 40,issue1,January
2007,pages 262-282.
[14] J.S Hare , “Mind the gap: another look at the problem of the semantic gap in image
retrieval”, Proceedings of SPIE, Vol: 6073 , Issue1,2006.
Network Intrusion Detection System
Pratibha Wagaj
Dr.Babasaheb Ambedkar
Technological University,
Lonere, Raigad,
An Intrusion on network means anonymous entity trying to leak out confidential data and
interfering with different networking services to malfunction it by any means. Now days the number
of intrusions are increasing rapidly along with rise of new technologies. We need to protect our
network in order to prevent it from Intrusions.
A Network Intrusion Detection System (NIDS) is responsible for detecting anomalous,
inappropriate, and unwanted things occurring on the network. The function of the NIDS is to check
the traffic over the network for any malicious or unauthorized activities which may lead to Network
The main objective of NIDS is to detect some of the well known attacks and give warnings
to the corresponding user so that user will take necessary actions for preventing the system from the
The rapid progress of communication technologies brings numerous benefits to the
human society, but it also increases dependencies on information systems. The growing
potential of threats that make these systems more and more vulnerable is caused by the
complexity of the technologies themselves and by the growing number of individuals, which
are able to abuse the systems.
The research and development of intrusion detection technology take place since about
20 years. During this time, numerous ambitious approaches have been proposed, which led to
the first commercial solutions available Today’s intrusion detection solutions are less suited
for the deployment in large computer networks, especially for tight time constraints. Growing
communication infrastructures (e.g. networks with switches) and increasing user requirements
(e.g. privacy) raise additional problems, which are not covered by existing concepts.
The Architectural Design is depicted as a block diagram where each box in the
diagram represents a sub-system. The arrows indicate data or control flow in the direction as
specified. The Architectural block diagram presents an overview of the system architecture
(Figure 1).

Figure 1. Architectural diagram of NIDS
The above diagram is the structural model of architecture for the present system. In
this system, the Sniffer sub-system captures the packets which flow into and out of the system.
This sub-system then formats these packets in a format that is convenient for further
processing. Jpcap is a part of this Sniffer sub-system .The packet capturing function is
accomplished via Jpcap. There are various Intrusion units each for a specific attack. So,
there are individual intrusion units which detect Port Scanning, Smurf Attack, synflood
All these intrusion units are independent of each other and interact only with the
Control Unit. They run simultaneously continuously scanning for occurrence of specific
attacks and report the attacks to the Control Unit when detected. The Store sub-system stores
the various Rules defined and given to it by the Control Unit. It consists of various other sub-
systems for data processing. The Owner-GUI sub-system displays to the user the defined
Rules, the attack logs and the running status of the Intrusion units. It also provides facilities
for starting and stopping intrusion units, clearing attack logs, adding new Rule to the store and
deleting existing Rule from the store.
The Control Unit sub-system manages the sub-systems for detection of attacks by
taking the packets from the Sniffer, sending relevant packets to the Intrusion Units, gives
Rules to the store and retrieves them and displays necessary messages to the user through the
user interface.
Design goals of the system
• To develop an application that is capable of sniffing the traffic, to and from the host
• To develop an application that is capable of analyzing the network traffic and detects
several pre-defined intrusion attacks.
• To develop an application that warns the owner of the host machine, about the possible
occurrence of an intrusion attack and provides information regarding that attack.
• To develop an application that is capable of blocking traffic to and from a machine
that is identified to be potentially malicious and that is specified by the owner of the host
• To develop an application capable of detecting occurrence of Denial of Service attack
such as Smurf Attack and Syn-Flood Attack.
• To develop an application capable of detecting activities which attempt to gain
unauthorized access to the services provided by the host machine using techniques such as
Port Scanning.
Implementation Technique: (Jpcap and Winpcap)
In the field of computer network administration, pcap (packet capture) consists of an
application programming interface (API) for capturing network traffic. Unix-like systems
implement pcap in the libpcap library; Windows uses a port of libpcap known as WinPcap.
If you want to capture network packets in your Java program, you'll need a little help
because no parts of the core Java API give access to low-level network data. However, Jpcap
is a Java API that provides you with this access on Windows or UNIX systems. Jpcap is a
Java library to capture and send network packets. Jpcap is open source, and supports
Windows, Linux,
• What is Jpcap?
Jpcap is an open source library for capturing and sending network packets from Java
applications. It provides facilities to:
÷ Capture raw packets live from the wire.
÷ Save captured packets to an offline file, and read captured packets from an
offline file.
÷ Automatically identify packet types and generate corresponding Java objects
(for Ethernet, IPv4, IPv6, ARP/RARP, TCP, UDP, and ICMPv4 packets).
÷ Filter the packets according to user-specified rules before dispatching them to
the application.
÷ Send raw packets to the network
Jpcap is based on libpcap WinPcap, and is implemented in C and Java. Jpcap has been tested
on Microsoft Windows (98/2000/XP/Vista), Linux (Fedora, Ubuntu), Mac OS X (Darwin)
Some unique features of this Jpcap are:
÷ Simpler API
÷ Packet sending supported
÷ IPv6 supported
÷ Still in active development
Attack detection and their implementation:
The NetShield software detects following well known attacks:
1. Syn-Flood Attack
2. Smurf Attack
Syn-Flood Attack
The Syn-flood attack is type of denial of service (DoS) attack. It will deny services of
web servers by any means from clients and separating the victim system from network.
Fig 2: Normal TCP Connection Fig 3: Syn flood attack behavior
The first step required to detect any type of above intrusions is to sniff packets that
transit on network. For this purpose NetShield uses Jpcap and Winpcap as described earlier.
There are 3 preliminary steps described as follows:
1. Retrieving Network Interfaces available on the system:
2. Open network interface from which packets has to be captured:
3. Capture packets from the interface:
Smurf Attack:
The Smurf attack is a way of generating significant computer network traffic on a
victim network. This is a type of denial-of-service attack that floods a target system via
spoofed broadcast ping messages. Smurf attack is achieved by using ICMP echo requests and
ICMP echo reply. The Intruder first of all does an efficient mapping knowing the live hosts
over network. Then Intruder broadcasts ICMP echo request to all of the hosts in that network,
along with spoofed IP address of the victim system, so all other system think that this request
is from victim, hence all systems in that network sends ICMP echo reply to the victim
resulting into DoS attack.

Figure 4: Smurf attack scenario
The IDS is designed to provide the basic detection techniques so as to secure the
systems present in the networks that are directly or indirectly connected to the Internet,
performing such a duty always goes in hand on hand diving success as well as failure in
fulfilling the objective. At least it does it job. But finally at the end of the day it is up to the
Network Administrator to make sure that his network is out of danger. This software does not
completely shield network from Intruders, but IDS helps the Network Administrator to track
down bad guys on the Internet whose very purpose is to bring your network to a breach point
and make it vulnerable to attacks. The following is just a first and of what should be the
source of action while using the software and after an attack has been detected by IDS.
The system can be extended by incorporating Data Mining techniques to analyze the
information in the log records which may help in efficient decision making. The present
system only detects the attacks only the known attacks. This can be extended by incorporating
Intelligence into it in order to gain knowledge by itself by analyzing the growing traffic and
learning new Intrusion patterns. The present system runs on an individual host machine and is
not a distributed application. This can be extended to make it a distributed application where
different modules of the same system running on different machines may interact with each
other thus providing distributed detection and protection for all those machines on which the
system is running
[1] William Stallings, “Cryptography and Network Security”, Principles and Practices, Third
[2] D. E. Denning, "An intrusion-detection model". IEEE Transactions on Software
Engineering, Vol. SE-13(No. 2):222-232, Feb. 1987.
[3] Stephen Northcutt, Judy Novak, “Network Intrusion Detection”, Third Edition, Pearson
Education 2003.
Evaluation of a Distributed Detecting Method for SYN Flood
Attacks Using a Real Internet Trace
Rajasrhee Karande
Department Of Computer Engineerig,
JSPM’s Imperial College Of Engineering & Research
Damage caused by DoS attacks is serious and financial losses have become social
problems in recent years. Any computers connected to the Internet have a possibility to be
a victim at any time. Therefore, it is important for network administrators to develop
means to comprehend the latest trend of DoS attacks. In our previous work, we proposed
a distributed detecting method for the SYN Flood attack, which is one of the DoS attacks.
In this paper, we evaluate our method using a real Internet trace which reflects the trends
in SYN Flood attacks on the Internet. We show the applicability of our method to the
Internet with prospective evaluation results.
DoS attacks; SYN Flood attacks; distributed detecting method; mobile agents; real Internet
The Internet is indispensable not only for our daily life but also for business. With such a
situation, any computers connected to the Internet are subject to danger all the time. Symantec
Corporation reported that 75% of all enterprises have experienced cyber attacks in 2009
[1].One of the threats on the Internet is DoS (Denial-of-Service) attacks. DoS attacks are
malicious actions which place burden on network servers intentionally to bring down or
hinder the services. DoS attacks have a long history, however, the aim of attacks has greatly
shifted from just causing a commotion to pecuniary motives or political propaganda.
Nowadays DoS attacks are recognized as serious social problems and have become large-scale
and complicated threat. One of the trends of current DoS attacks is an attack using a botnet
[2]. A botnet is a well-organized underground network constructed by computers controlled
by malicious users. In fact, financial damage of victim companies is not negligible. For
example, (Dutch Computer Emergency Response Team) [3] suggests DoS attacks
are used for the means of intimidation. Moore etal. also showed that such DoS threat was
widespread from major commercial sites to individual users [4]. This situation means any
computers have a possibility to be a victim at any time. Although many novel DoS protection
techniques are proposed and implemented (e.g. [5], [6]), we must say a complete
countermeasure does not exist as yet. Thus, it is important for network administrators to
develop means to comprehend the latest trend of DoS attacks. Moreover, nowadays users
whose computers have been used for attacks without their knowledge come under scrutiny
even though they are not real attackers. For example, Botnet Traffic Filter developed by Cisco
uses a blacklist to filter the connection from doubtful IP addresses or domains if they can be a
member of a botnet [7]. Appearing a member of a botnet within administrative network has
the possibility that even innocent traffic is filtered by such blacklists. Because of this, to detect
the latest trend of attacks promptly is desirable for network administrators in order to stop any
unintentional attackers appearing within their administrative network. In existing or
previously proposed a distributed detecting method for the SYN Flood attack, which is one of
the DoS attacks. In the previous experiment, however, assumed single SYN Flood attacks and
all the attacks were generated under our scenario in the virtual network. To advance proposal,
the next challenge is to show the effectiveness of method by detecting multiple and
unpredictable SYN Flood attacks actually appeared on the Internet. In this paper, shown the
applicability of the method to the real Internet. It evaluates and detects method for SYN Flood
attacks based on a real Internet trace which reflects the trends in SYN Flood attacks on
roughly 1/256 of the Internet. The evaluation results indicate that this method is worth in
operating on the Internet. This method enables network administrators to devise new strategies
for attacks and to get chances to protect their networks. The rest of this paper is organized as
follows. Section 2describes SYN Flood attacks which aims to detect.
Section 3 describes related works regarding the detection of SYN Flood attacks. In Sect. 4, we
outline our distributed detecting method for SYN Flood attacks and describe the
implementation of our method. Section 5 evaluates the effectiveness of our method using the
real Internet trace. Finally, we conclude our work in Sect. 6.s
The SYN Flood attack which we aim to detect is a kind of DoS (Denial-of-Service) attacks.
DoS attacks are malicious actions which place burden on the network servers intentionally to
bring down or hinder the services. SYNFlood attacks exploit the procedure of TCP connection
In this section, we explain the TCP connection establishment procedure before we refer to
SYN Flood attacks. Then, we describe the mechanism of SYN Flood attacks and their
characteristics. TCP is a connection-oriented end-to-end reliable protocol. The procedure of
TCP connection establishment is called 3-way handshake. To explain the TCP connection
establishment, we assume two hosts, host A and host B (Fig. 1). First, host A sends a SYN
packet to host B to request establishing a connection. Then, host B replies with a SYN/ACK
packet to host A to acknowledge connection request and to request establishing a connection
in reverse. Finally, host A sends an ACK packet to host B to acknowledge connection request.
In this way TCP connection is established.SYN Flood attacks exploit TCP establishment
procedure. An overview of a SYN Flood attack is shown in Fig. 2. An attacker sends a large
amount of SYN packets whose source addresses are spoofed, to a victim host. The victim host
does not have means to identify whether the source addresses of received packets are spoofed
or not. Thus, the victim host responds to those spoofed addresses. TCP protocol maintains
certain status information for each data stream. The victim host could expend all of its
listening queues just waiting for ACK from source hosts. In other words, the victim host has
to maintain half-open connection to many irrelevant hosts. The victim host is now in danger of
slowing down or crashing in the worst scenario. The slowdown of the host leads to
degradation of service quality provided by the host and if it is crashed, it cannot keep
providing any services anymore. Source addresses are spoofed in SYN Flood attacks and a
victim replies to them automatically as we mentioned above. This means it is possible that
SYN/ACK packets arrive at irrelevant hosts abruptly. These packets are called backscatter.
Capturing these packets enables us to detect SYN Flood attacks. Most attacking tools, spoof
source addresses uniformly in a default setting. In this case, the backscatter will sparsely
spread on the Internet.
A. Router Based SYN Flood Detection
There are some works regarding SYN Flood attacks detection (e.g. [10], [11]). Especially,
Moore et al. monitored the class A network addresses for their research [4]. They defined the
backscatter analysis and quantified the DoS attacks. As the very recent related paper, Zhang et
al. proposed a cooperative method to detect DoS attacks by decentralized information sharing
among autonomous systems [12].The router based SYN Flood detection methods monitor
backscatter at a router. These methods, however, have following drawbacks:
• It is impossible to detect the attacks whose backscatter does not pass through the router.
• Administrative access to the router is required. This means general users will have
difficulties to acquire the information of SYN Flood attacks though the information is
important even for general users in order to avoid becoming attackers unknowingly.
• It is difficult to detect attacks if the inside network of the router is small because the number
of backscatter packets which passes the router is almost proportional to the size of its network
if the sources addresses of SYN packets are uniformly spoofed.
B. Distributed SYN Flood Detection
There are some existing distributed systems for detecting DoS attacks. DShield [13] collects
the firewall log from volunteers all over the world. Monitored results are opened to the public
on the web. It shows increasing accessed port number and as one of the notable features,
attacker’s source IP addresses are also revealed. @Police (National Police Agency, Japan)
[14] places 57 network sensors in Japanese police facilities. They collect the intrusion
detection system log and the firewall log. The result of analysis is up dated per specific time
interval as a graph and opened to the public on the web. @Police also has the system
specialized for monitoring backscatter to detect SYN Flood attacks. When network
administrators or individual users want to comprehend the latest trend of attacks, it is natural
that they access to the web server which network monitoring organization provides. The
information they get in this way is, however, a summarized result by such organizations.
Summarized results may be an overview or fragmented information and it is difficult to
acquire detailed information. Moreover, such a result may not be the latest information. From
monitoring organization’s point of view, revealing the raw addresses of network sensors has a
risk of being attacked. This implies they cannot reveal detailed information without careful
consideration. In recent years, a method of detecting static network sensors was devised [15].
Attackers can attack evading static network sensors intentionally after detecting those sensors
using this method. Thus, monitoring organizations are compelled to provide the information
with decreased accuracy.
Generally speaking, all the hosts directly connected to the Internet have the possibility to
receive backscatter. When some hosts receive backscatter, however, it is impossible to
confirm whether similar backscatter is monitored in other networks or not. Furthermore, one
host cannot always receive sufficient amount of backscatter to detect the trend of attacks
because the backscatter spreads sparsely as mentioned above. Thus, if we can collect
backscatter information among a number of distributed hosts, it will be possible to detect the
trend of attacks. In our previous work, we have proposed a distributed detecting method for
SYN Flood attacks by collecting backscatter information among a number of distributed hosts.
In this section, we outline our method.
A. Procedure
The backscatter information which we can use for detecting attacks is shown in Table I. If the
source IP address and the source port number are identified from these information, we can
comprehend the attacked host and the attacked service. Our method consists of the following 3
1) Extract backscatter information (usually from log files created by network traffic
monitoring software like tcpdump1) on each sensing point (a host or a router). The backscatter
information consists of 1) the received time, 2) IP address and port number of source host(i.e.,
victim host).
2) Collect these information from several sensing points. Each sensing point replies with the
summarized information if it is requested for the information. The summarization is done by
counting the number of backscatter packets for each source host which corresponds to the
victim host of the SYN Flood attack at some time interval. Table II is an example of collected
backscatter information using our method. In this example, time interval is 5 minutes. Our
method does not collect raw destination addresses. Instead of that, we count the number of
unique sensing points (destination hosts) which discover the backscatter generated by the
identical attack to examine how far the backscatter is spread on the Internet. We call this
information The Number of Unique Sensing Points.
3) Analyze the collected information.
One reason to collect the number of unique sensing points instead of the destination addresses
themselves is that revealing raw IP addresses of sensing points (the destination addresses of
backscatter) has a risk of being attacked. Another reason is to reduce a false positive. In our
method, non backscatter packets might become background noises which cause undesirable
effect on the accuracy of a detection result. Though our preliminary experiment showed
background noises were negligible [16], we can also use the number of unique sensing points
to eliminate such noises. For example, we consider the case of collecting backscatter
information from 20 hosts and 20 doubtful SYN/ACK packets were monitored as the result. If
these 20 packets were monitored in nearly 20 unique sensing points, those packets information
can be the correct result to detect the SYN Flood attack. On the contrary, if these 20 packets
were monitored in only one sensing point, those packets information can be a false positive
generated by background noises.
B. Advantage over Related Works
As we mentioned in the previous section, router based detection has a difficulty to acquire the
information of backscatter from wider range of network. It also has a difficulty for general
users to acquire the information of backscatter. Existing distributed systems for SYN Flood
attack detection use the static network sensors, which monitor traffic at the same sensing
points each time. In addition, such network sensors have to be hidden from attackers in order
not to bypass them. Therefore, the monitoring address space cannot help considerably be
limited. Our method enables us to monitor traffic anywhere on the Internet in principle
because any hosts on the Internet can become a network sensor. Thus, even individual users
can collect the latest trend of attacks in wider range.
This is developing a distributed detecting method for SYN Flood attacks by collecting
backscatter information among a number of distributed hosts. In this paper, we evaluated our
method in terms of the applicability to the real Internet. We carried out the experiments using
the CAIDA’s real network trace which reflects roughly 1/256 of the real situation of SYN
Flood attacks on the Internet. This method successfully detected SYN Flood attacks and most
of our detected attacks were large-scale and outstanding SYN Flood attacks as we expected.
Thus, we conclude our method is applicable to the real Internet. We determine that our method
enables network administrators to develop a countermeasure according to the latest trend of
attacks without depending on Internet monitoring organizations. Our future work is an
operational test on the Internet.
[1] Symantec. (2010, Feb.) State of Enterprise Security 2010. SES report Feb2010.pdf.
[Online]. Available:
[2] C. Li, W. Jiang, and X. Zou, “Botnet: Survey and case study,”in ICICIC ’09: Proceedings
of the 2009 Fourth International Conference on Innovative Computing, Information and
Control.Washington, DC,USA: IEEE Computer Society, 2009,pp. 1184–1187.
[3] (Dutch Computer Emergency Response Team).[Online]. Available:
[4] D. Moore, C. Shannon, D. J. Brown, G. M. Voelker, and S. Savage, “Inferring internet
denial-of-service activity,” ACM Transactions on Computer Systems (TOCS), vol. 24, no. 2,
pp.115–139, 2006.
[5] X. Yang, D. Wetherall, and T. E. Anderson, “TVA: a DoS-limiting network architecture,”
IEEE/ACM Trans. Netw.,vol. 16, no. 6, pp. 1267–1280, 2008.
[6] B. Parno, D. Wendlandt, E. Shi, A. Perrig, B. M. Maggs, and Y.-C. Hu, “Portcullis:
protecting connection setup from denial-of-capability attacks,” in SIGCOMM, 2007, pp. 289–
[7] “Combating Botnets Using the Cisco ASA Botnet Traffic Filter,” White Paper, Cisco, Jun.
[8] Stacheldraht, DDoS attack tool. [Online]. Available:
[9] Synk4, SYN Flooder (source code). [Online].
[10] R. R. Kompella, S. Singh, and G. Varghese, “On scalable attack detection in the
network,” IEEE/ACM Transactions on Networking, vol. 15, no. 1, pp. 14–25, Feb. 2007.
[11] H. Wang, D. Zhang, and K. G. Shin, “Change-point monitoring for the detection of DoS
attacks,” IEEE Transactions on Dependable and Secure Computing, vol. 1, no. 4, pp. 193–
208, October-December 2004.
[12] G. Zhang and M. Parashar, “Cooperative detection and protection against network attacks
using decentralized information
sharing,” The Journal of Networks, Software Tools, and Applications, Kluwer Academic
Publishers, vol. 13, no. 1, pp. 67–86, 2010.
[13] DShield. [Online]. Available:
[14] @Police.[Online].Available:
[15] Y. Shinoda, K. Ikai, and M. Itoh, “Vulnerabilities of passive internet threat monitors,” in
14th USENIX Security Symposium (SEC ’05), 2005, pp. 209–224.
[16] M. Narita, T. Katoh, B. B. Bista, and T. Takata, “A distributed detecting method for SYN
Flood attacks and its implementation using mobile agents,” in MATES, 2009, pp. 91–102.
[17] T. Katoh, H. Kuzuno, T. Kawahara, A. Watanabe, Y. Nakai, B. B. Bista, and T. Takata,
“A wide area log analyzing system based on mobile agents,” in Computational Intelligence
for Modelling, Control and Automation, 2006 and International Conference on Intelligent
Agents, Web Technologies and Internet Commerce, Nov. 2006, (7 pages).
[18] Agent Based Log Analyzing System (ABLA) Project.
[Online]. Available:
[19] M. Lacage, “Yet another network simulator,” in WNS2 ’06: Proc. of the 2006 workshop
on NS-2, 2006.
[20] C. Shannon, D. Moore, E. Aben, and K. Claffy.
The CAIDA Backscatter-2008 Dataset - 2008-11-
19. backscatter 2008 dataset.xml. [Online]. Available:

Lecturer Ila Shridhar Savant
Marathwada Mitra Mandal’s College of Engineering, Pune.
Computer Engineering Department
Lecturer Pradyna Santosh Randive
Marathwada Mitra Mandal’s College of Engineering, Pune.
Computer Engineering Department
This covers the very basics of parallel computing, and it begins with a brief overview, including
concepts and terminology associated with parallel computing. The topics of parallel memory
architectures and programming models are then explored. These topics are followed by a discussion
on a number of issues related to design parallel programs Parallel Computer Memory
Architectures. It also concludes with several examples of how to parallelize simple serial programs.
It makes aware about existing paralyzing technologies.This includes various parallel programming
models, shared memory model –without threads, shared memory model -with threads, distributed
memory-message passing model, data parallel model, Hybrid model, SPMD & MPMD model and
the implementing parallel programs.It also covers Automatic Vs. Manual parallelization for
designing parallel programs &factors to consider on the cost of parallelization.
What is Parallel Computing?
• The simultaneous use of multiple computer resources to solve a computational
problem is called Parallel computing :
• It has multiple CPUs with distributed-memory clusters made up of smaller
shared-memory systems or single-CPU systems.
• A problem is broken into discrete parts that can be solved concurrently
• Each part is further broken down to a series of instructions
• Instructions from each part execute simultaneously on different CPUs.
• Coordinating the concurrent work of the multiple processors and synchronizing
the results are handled by program calls to parallel libraries.
Parallel Computer
1. Shared

• Unifor

Most commonly
represented today
by Symmetric
(SMP) machines.
processors Equal
access and access
times to memory
Sometimes called
CC-UMA - Cache
Coherent UMA.
Cache coherent
means if one
processor updates
a location in
shared memory, all
the other
processors know
about the update.
Cache coherency
is accomplished at
the hardware
address space
provides a user-
perspective to
memory. Data
sharing between
tasks is both fast
and uniform due to
the proximity of
memory to CPUs
• Non-Uniform

Often made by
physically linking
two or more
can directly access
memory of another
SMP. Not all
processors have
equal access time
to all memories
Memory access
across link is
address space
provides a user-
perspective to
memory. Data
sharing between
tasks is both fast
and uniform due to
the proximity of
memory to CPUs
disadvantage is the
lack of scalability
between memory
and CPUs
2) Distributed
Memory Architecture

Processors have
their own local
memory. Memory
addresses in one
processor do not
map to another
processor, so there
is no concept of
global address
space across all
Because each
processor has its
own local
memory, it
Changes it makes
to its local
memory have no
effect on the
memory of other
processors. Hence,
the concept of
cache coherency
does not apply.
When a processor
needs access to
data in another
processor, it is
usually the task of
the programmer to
explicitly define
how and when
data is
between tasks is
likewise the
responsibility. It
require a
network to connect
3) Hybrid

Mean among four subjects(std)
Num Selections 20(7) 5(2)
Task Time(s) 220(67) 112(25)
Nav Time(s) 124(37) 73(19)
Mean of three trials from best subjects(std)
Num Selections 15(5) 4(1)
Task Time(s) 141(42) 85(4)
Nav Time(s) 99(30) 74(9)
Num Selections 8 4
Task Time(s) 91 75
Nav Time(s) 59 59
3.2 Study I: Results
All four subjects were able to use the hierarchical BCI to complete the assigned tasks. The
average SSVEP-based 3-class accuracy for the four subjects from the preliminary set of trials
was 77.5% (standard deviation 13.8). Although somewhat lower than other SSVEP rates
reported in the literature,we found that subjects exhibited higher SSVEP accuracy when using
the entire system with closed-loop feedback. Results obtained for the three different
performance metrics are shown in Table 1. In the table, we also include for comparison
purposes the minimum values for these metrics, assuming a user with 100% SSVEP
accuracy.The results indicate that for all three metrics, subjects demonstrate improved
performance using the hierarchical BCI: both the mean and variance for all three performance
metrics are lower when using the hierarchical BCI compared to the low-level BCI. Results
from the best performing subject provide interesting insights regarding the use of high-level
commands in a hierarchical BCI. Due to the high SSVEP accuracy of this subject, the
difference in the mean values between low-level and hierarchical modes of control was less,
but the variance for low-level control was significantly greater than for higher-level control
(Table 1). This is corroborated by the navigational traces in Figure 3, where we see that
trajectories from the hierarchical BCI tend to follow the minimal path to the goal location
based on the learned

Figure 3: Example Robot Trajectories from User- Demonstrated Low-Level
Control and Hierarchical Control
The dashed trajectories represent low-level navigational control by the user. These trajectories
were used to train an RBF neural network. The solid trajectories represent autonomous
navigation by the robot using the learned RBF network after selection of the corresponding
high-level command by the user. The small arrows indicate the vector field learned by the
RBF network (‘Learned Policy’) based on the user’s demonstrated trajectories.representation
in the neural network. This result confirms the expectation that the network learns an
interpolated trajectory that minimizes the variances inherent in the training trajectories,with
more training data leading to better performance.
3.3 Study II: Uncertainty-Guided Actions and Multi-Tasking
An important observation from Study I was that the learned high-level commands were not
reliable in parts of the task space where there is insufficient training data. Ideally, we would
like the system to identify if it is able to safely execute the desired high-level command,
preventing potentially catastrophic accidents. We investigated such an approach in Study II by
utilizing Gaussian processes (GP) for learning instead of RBF networks.The experiments were
conducted with the subject that performed best in Study I. The navigation task was similar but
used a room that was 2.25 times larger and had various obstacles.The enlarged size and
presence of non-wall shaped obstacles increased the difficulty of robot navigation by requiring
longer and more focused control. The environment had two overhead lights on the right and
left side of room that could be controlled in the multi-tasking task. Additionally,
Study II also varied the starting position of the robot, making the learning problem more

Figure 4: Navigation traces comparing RBF and GP models for learning. The white region in
the GP plot represents the high confidence region where autonomous navigation is allowed;
user input is solicited whenever the robot enters a high uncertainty (dark) region where there
was insufficient training data.
There were four days of experiments; two days of RBF runs on the new environment, and two
days of GP runs on the new environment. On the first day for each type, the user was
instructed to alternate runs of training and testing. In Figure 4, starting points S2, S4, S6
represent test starting locations,and S1, S3, S5 represent starting points of the robot in training
mode. The second day only involved test trials from each of the six starting locations based on
the first day’s learned model. Additionally, for GP runs, to test the ability to multitask,the user
was instructed to turn on the lights on the side of the environment where the goal of the high-
level command was located once the robot started autonomously navigating.We measured two
performance metrics (Figure 5): time spent controlling the robot using low-level control
versus high-level commands (‘Navigation time’), and number of selections the user had to
make to achieve a given task (‘Number of selections’). To compare the performance of GP to
RBF learning, we measured the success rate of the high-level commands, defined by number
of times a high-level command was successfully executed (i.e., the robot reached the
destination) divided by number of times a high-level command was selected. Note that lack of
success implies that the robot experienced a fall or another mode of failure.
3.4 Study II: Results
The user successfully performed the entire experiment as instructed,managing a total of 24
runs over four days. As shown in Figure 5, the GP-based hierarchical BCI resorted to frequent
user guidance on Day 1 (large amount of time and selections for low-level). On Day 2,
however, the user was able to invoke a learned high-level command, resulting in a larger
number of selections and large amount of time for
high-level commands. This allowed the user to multi-task and select the appropriate light to
turn on, while the robot was autonomously navigating (“Multitasking”). Figure 6 compares the
success rate of high-level commands for GP versus RBF-based hierarchical BCIs. As
expected, the GP-based BCI exhibits a higher success rate for performing high-level
commands due to its ability to switch to user-control in low confidence areas.
BCIs for robotic control have in the past faced a trade-off between cognitive load and
flexibility. More robotic autonomy [Bell et al., 2008] implied coarse-grained control and less
flexibility, while fine-grained control provided greater flexibility but higher cognitive load.
This paper proposes a new hierarchical architecture for BCIs that overcomes this tradeoff by
combining the advantages of these two approaches.Our results from two studies using EEG-
based hierarchical BCIs demonstrate that (1) users can use the hierarchical BCI to train a robot
in a simulated environment, allowing learned skills to be translated to high-level commands,
(2) the problem of day-to-day variability in BCI performance can be alleviated by storing
user-taught skills in a learned model for long-term use, allowing the learned skill to be
selected as a high-level command and executed consistently from day to day, (3) a
probabilistic model for learning (e.g., GPs) can be used to mediate the switch between high-
level autonomous control and low-level user control, safeguarding against potentially
catastrophic accidents, and (4) the hierarchical architecture allows the user to simultaneously
control multiple devices, opening the door to multi-tasking BCIs. Our ongoing efforts are
focused on testing the approach with a larger number of subjects and investigating its
applicability to other challenging problems such as controlling a robotic arm with grasping
1. [Bell et al., 2008] C.J. Bell, P. Shenoy, R. Chalodhorn, and R.P.N. Rao. Control of a
humanoid robot by a noninvasive brain–computer interface in humans. Journal of
Neural Engineering, 5:214, 2008.
2. [Cyberbotics Ltd., 2010] Webots., 2010. [Online;
accessed 12-13-2010].
3. [Faller et al., 2010] J. Faller, G. M¨uller-Putz, D. Schmalstieg,and G. Pfurtscheller. An
application framework for controlling an avatar in a desktop-based virtual environment
via a software ssvep brain-computer interface. Presence:Teleoperators and Virtual
Environments, 19(1):25–34, 2010.
4. [Gal´an et al., 2008] F. Gal´an, M. Nuttin, E. Lew, P. Ferrez,G. Vanacker, J. Philips,
and J. del R. Mill´an. A brainactuated wheelchair: Asynchronous and non-invasive
brain-computer interfaces for continuous control of robots. Clinical Neurophysiology,
119(9):2159–2169, 2008.
5. [M¨uller-Putz and Pfurtscheller, 2007] G. R. M¨uller-Putz and G. Pfurtscheller.
Control of an electrical prosthesis with an SSVEP-based BCI. Biomedical
Engineering, IEEE Transactions
6. on, 55(1):361–364, 2007.
7. [Rao and Scherer, 2010] R.P.N. Rao and R. Scherer. Braincomputer interfacing. IEEE
Signal Processing Magazine,27(4):152–150, July 2010.
8. [Rasmussen, 2004] C.E. Rasmussen. Gaussian processes in machine learning.
Advanced Lectures on Machine Learning,pages 63–71, 2004.
9. [Scherer et al., 2008] R. Scherer, F. Lee, A. Schlogl,R. Leeb, H. Bischof, and G.
Pfurtscheller. Toward
10. self-paced brain–computer communication: Navigation through virtual worlds.
Biomedical Engineering, IEEE Transactions on, 55(2):675–682, 2008.
[The Gaussian Processes Web Site, 2011] Gpml matlab code version 3.1.
M.E.[C.S.E.] (Pursuing)
M.TECH.[C.S.E.] (Pursuing)
This paper develops novel mechanisms for recovering from failures in IP networks with
proactive backup path calculations and Internet Protocol (IP) tunnelling. The primary scheme
provides resilience for up to two link failures along a path. The highlight of the developed
routing approach is that a node reroutes a packet around the failed link without the knowledge
of the second link failure. The proposed technique requires three protection addresses for every
node, in addition to the normal address. Associated with every protection address of a node is a
protection graph. Each link connected to the node is removed in at least one of the protection
graphs, and every protection graph is guaranteed to be two-edge-connected. The network
recovers from the first failure by tunnelling the packet to the next-hop node using one of the
protection addresses of the next-hop node; the packet is routed over the protection graph
corresponding to that protection address. It is proved that it is sufficient to provide up to three
protection addresses per node to tolerate any arbitrary two link failures in a three-edge
connected graph. An extension to the basic scheme provides recovery from single-node failures
in the network. It involves identification of the failed node in the packet path and then routing
the packet to the destination along an alternate path not containing the failed node. The
effectiveness of the proposed techniques was evaluated by simulating the developed algorithms
over several network topologies.
The Internet has evolved into a platform with applications having strict demands on
robustness and availability, like trading systems, online games, telephony, and video
conferencing. For these applications, even short service disruptions caused by routing
convergence can lead to intolerable performance degradations. As a response, several
mechanisms have been proposed to give fast recovery from failures at the Internet
Protocol (IP) layer. In these schemes, backup next-hops are prepared before a failure
occurs, and the discovering router handles a component failure locally without signaling to
the rest of the network. Using one of these fast-rerouting methods, the recovery time is
mainly decided by the time it takes to discover the failure.
Often, proactive recovery schemes are thought of as a first line of defense against
component failures. They are used to maintain valid routing paths between the nodes in
the network, until the routing protocol converges on a new global view of the topology.
Such a strategy is particularly germane when facing transient failures, which are common
in IP networks today. While single-link failures are the most common failure type, it is
also interesting to explore methods that protect against two simultaneous link failures. It is
sometimes possible to identify Shared Risk Link Groups (SRLG) of links that are likely to
fail simultaneously by a careful mapping of components that share the same underlying
fiber infrastructure. This might, however, be a complex and difficult task since the
dependencies in the underlying transport network might not be fully known and can
change over time.
A recovery method that can recover from two independent and simultaneous link failures
will greatly reduce the need for such a mapping. The goal of this paper is to enhance the
robustness of the network to: 1) dual-link failures; and 2) single-node failures. To this end,
some techniques are developed that combine the positive aspects of the various single-link
and node failure recovery techniques. In the developed approach, every node is assigned
up to four addresses normal address and up to three protection addresses. The network
recovers from the first failure using IP-in-IP tunneling with one of the “protection
addresses” of the next node in the path. Packets destined to the protection address of a
node are routed over a protection graph where the failed link is not present. Every
protection graph is guaranteed to be two-edge-connected by construction, hence is
guaranteed to tolerate another link failure.
In this proposed technique it is proved to compute the protection graphs at a node such
that each link connected to the node is removed in at least one of the protection graphs,
and every protection graph is two-edge-connected. The highlight of our approach is that
we prove that every node requires at most three protection graphs, hence three protection
addresses. When a tunneled packet encounters multiple link failures connected to the same
next-hop node that the next-hop node has failed. The packet is then forwarded to the
original destination from the last good node in the protection graph along a path that does
not contain the failed node.
Consider a network Graph G (N, L), where N is set of nodes and L is set of bidirectional
links in the network. We assume that the network employs a link-state protocol by which
every node is aware of the network topology. We make no assumptions about symmetric
links. A network must be three-edge-connected in order to be resilient to two arbitrary link
failures, irrespective of the recovery strategy employed. Fig. 2 provides notations that are
used in this paper.

Default IP
with node
Alice address associated with node u for group i, where i=1, 2, 3.
Set of neighbors of node u
Subset of neighbors of node u i= 1, 2, 3.
Auxiliary graph associated with node u i= 1, 2, 3.
Set of node associated with graph G
Set of links associated with graph G
Set of nodes whose links to u are removed in G
To recover from arbitrary dual-link failures, we assign four addresses per node—one
normal address u
and up to three protection addresses u
, u
and u
, which are employed
whenever a link failure is encountered.. These addresses are used to identify the endpoints
of tunnels carrying recovery traffic around the protected link.
The links connected to node are divided into three protection groups, L
and L
. Node
is associated with three protection graphs—G
u i
(N, L\L
), where i=1, 2, 3. The protection
graph G
is obtained by removing the links in L
from the original graph G. The highlight
of our approach is that each of the three protection graphs is two-edge-connected by
construction. We prove that such a construction is guaranteed in three-edge-connected
graph. Let S
= {v | u-v ∑ L
} denote those nodes that are connected to a link that
belongs to L
. Nodes in are the only nodes that will initiate tunneling of packets (to
protection address u
) upon failure of the link connecting node.
A. Computing Protection Graphs
The decomposition of the graph into three protection graphs is achieved by temporarily
removing for every node u ∑ G is achieved by temporarily removing node u and obtaining
the connected components in the resultant network. If the network is two-vertex-
connected, then removal of any one node will keep the remaining network connected.
However, if the network is only one-vertex-connected, removal of node may split the
network into multiple connected components. In such a scenario, we consider every
connected component individually. We assign the links from a connected component to
node u into different groups based on further decomposition and compute the protection
groups. We then combine the corresponding protection groups obtained from multiple
connected components. The procedure for constructing the protection graphs for node is
shown in Fig. 3.
Theorem: A three-edge-connected graph G (N, L), the procedure in Fig. 3 constructs at
most three protection graphs for every node u such that each protection graph is two-edge-
connected and every link connected to is not present in at least one of the protection

Under dual-link failure scenarios, the distribution of the average path lengths under the
RTF and STF approaches appear to be quite similar. However, the computation of the
recovery path length of a link under two-link failure scenarios is averaged over only those
scenarios where the second failure affects the first recovery path. As the first recovery path
is shorter in the STF approach, the probability that the second failure affects the first
recovery path is smaller compared to the RTF approach.
As in the case of single-link failure recovery analysis, we obtain a plot of the average
modified path lengths and expected path lengths against the shortest path lengths for node
failures. This is expected as the failed node causes the failure of all links connected to it
and the recovery path involves the determination of the node failure by first traversing the
single- and dual-link failure path and then the final path to the destination.
Consider a link l that connects nodes u and v. when there are no failures, the path
length from u to v is one hop. When link l fails, both edges u→v and v→u fail. Consider
the edge u→v. Let G
Denotes the protection graph at node v in link was removed. Let
vg, uv
denotes the path from u to v on the default path in the protection graph G
Note this
path denotes the path on red tree in RTF while It will

denote minimum path length among
the two trees in STF approach.
We compute the average backup path length between a node pair when the link connected
between them has failed as
A1=1/2|L| * ∑ (| P
vg, uv
|+| P
ug, vu
The maximum backup path length under single link failure scenario is obtained as
M1= max [max(|P
vg, uv
|, |P
ug, vu
l ∑ L
l ∑ L
Table shows average backup path lengths for a link under single and two link failure
scenarios for two networks using RTF and STF strategy.
4.062.81M1 maximum
backup path length under
single link
Node 28 Mesh 4*4 A1
single link
A2 average backup path length
under dual link failure.8.272.27
12.02 12.38 5.30 6.51
M2 maximum backup path length
under dual link failure.
37 24 15 17

Node-28(28 Nodes and 42 Links) Mesh 4*4 (16 Nodes 32 Links)
This discussion develops two novel schemes to provide failure recovery in IP networks.
The first scheme handles up to two link failures. The first failure is handled by routing the
packet in protection graph, where each protection graph is designed to handle another link
failure. The links connected to node may be grouped such that at most three protection
graphs are needed per node. All backup routes are designed priori using three protection
addresses per node, in addition to normal address. We also discussed two approaches
namely RTF and STF, to forward the tunneled packet in the protection graph.
The second scheme extends the first that it provides recovery from dual link failure or
single node failure. A node failure is assumed when three links connected to the same
node are unavailable. The packet is then forwarded along a path to the destination
avoiding the failed node.
The performance of above schemes is evaluated by applying the algorithm to two
networks and comparing the path lengths obtained with the two approaches. We can say
that the recovery path lengths are significantly reduced with STF approach as compared to
RTF approach.
[1] S. Kini, S Ramasubramanian, A Kvalbein and J Hansen “Fast Recovery from Dual
link failures or single node failures in IP networks” in proc. IEEE ACM transactions on
networking, vol. 18, no 6, Dec. 2010.
[2] M Shant and S. Bryant and S. Privedi “IP fast reroute using not via address” Internet
draft 05 Mar 2010.
[3] S Ramasubramanian, M Harkara and M Krunz “Linear time distributed construction
of Colored trees for disjoint multipath routing” Comput. Netw. J. vol 51, no.10 Jul 2007.
Low-Level Feature Extraction for Content-Based Image Retrieval
Archana B. Waghmare
( Lecturer SVPM’s COE Malegaon(Bk.)
ME-IT , Ph-9975102479 )
The purpose of feature extraction technique in image processing is to represent the image in its
compact and unique form of single values for the purpose of content-based image retrieval (CBIR)
is presented in this report. The CBIR problem is motivated by the need to search the exponentially
increasing space of image and video databases efficiently and effectively. The visual content of an
image is analyzed in terms of low-level features extracted from the image. These primarily constitute
color, Shape and texture features. For color feature extraction, Color Moments, Color Histogram,
Color Coherence Vector, color Correlogram method were implemented. For Shape feature
extraction Fourier Descriptor & Circularity, Eccentricity, and Major Axis Orientation were
implemented. For texture feature extraction Tamura Features, Daubechies’ wavelet transform were
implemented. The color histogram and the Daubechies’ wavelet transform were shown to yield the
highest color and texture retrieval results respectively, at the expense of more computation relative
to the other proposed methods.
1. Introduction
A rapid increase in the size of digital audio-visual information that is used handled and
stored via several applications. Besides several benefits and usages, such massive collection of
information has brought storage and especially management problems. There are two main
approaches in indexing and retrieval of images and videos in multimedia databases:
(a) keyword-based indexing and
(b) content-based indexing.
The keyword-based indexing uses keywords or descriptive text, which is stored
together with images and videos in the databases. Retrieval is performed by matching the
query, given in the form of keywords, with the stored keywords. This approach is not
satisfactory, because the text-based description tends to be incomplete, imprecise, and
inconsistent in specifying visual information.
Content based indexing Low-level visual features like color, shape, texture etc are
being used for indexing and retrieving images. Content Based Image Retrieval (CBIR) refers
to a technique which uses visual contents to search an image from large scale image database
according to users’ interests & based on automatically-derived image features
2 Color Feature Extraction Model :
Color feature extraction involves analyzing the absolute color value of each pixel.
Color is generally represented by the color distribution of the image. Color distribution is a
statistical feature and techniques such as moments and color histogram are commonly
2.1 Color Moments The first order (mean), the second (variance) and the third order
(skewness) color moments have been proved to be efficient and effective in representing
color distribution of images.
The first three moments are defined as:
Where fij is the value of the i-th color component of the image pixel j, and N is the number of
pixels in the image.
2.2 Color Histogram
In image retrieval systems color histogram is the most commonly used feature. The
main reason is that it is independent of image size and orientation. Also it is one of the most
straight-forward features utilized by humans for visual recognition and discrimination.
Statistically, it denotes the joint probability of the intensities of the three color channels. Once
the image is segmented, from each region the color histogram is extracted. The major
statistical data that are extracted are histogram mean, standard deviation, and median for each
color channel i.e. Red, Green, and Blue. So totally 3 × 3 = 9 features per segment are obtained.
All the segments need not be considered, but only segments that are dominant may be
considered, because this would speed up the calculation and may not significantly affect the
end result.
2.3 Color Coherence Vector
A different way of incorporating spatial information into the color histogram, color
coherence vectors (CCV), was proposed. Each histogram bin is partitioned into two types, i.e.,
coherent, if it belongs to a large uniformly-colored region, or incoherent, if it does not. Let αi
denote the number of coherent pixels in the ith color bin and βi denote the number of
incoherent pixels in an image. Then, the CCV of the image is defined as the vector <(α1, β1),
(α2, β2), …, (αN, βN)>. Note that <α1+β1, α2+β2, …, αN+βN> is the color histogram of the
2.4 Color Correlogram
A color Correlogram is a table indexed by color pairs, where the k-th entry for (i, j)
specifies the probability of finding a pixel of color j at a distance k from a pixel of color i in
the image. Let I represent the entire set of image pixels and Ic(i) represent the set of pixels
whose colors are c(i). Then, the color Correlogram is defined as:
where i, j

{1, 2, …, N}, k

{1, 2, …, d}, and | p1 – p2 | is the distance between pixels p1 and
[ ] k p p
j c
I p
i c
j i
· − ∈
∈ ∈
· 2 1
), (
), (

− ·

− ·
· ∑
µ σ
3 Texture Feature Extraction
Texture has qualities such as periodicity and scale; it can be described in terms of
direction, coarseness, contrast and so on. So, by considering these features we are going to
implement following methods of texture.
3.1 Tamura Features
A Tamura feature defines six textural features, coarseness, contrast, directionality,
line-likeness, regularity and roughness and these are compared with psychological
measurements for human subjects.
a) Coarseness
The coarseness is then computed by averaging

over the entire image.
b) Contrast
The formula for the contrast is as follows:
where the kurtosis α4 = μ4/σ4, μ4 is the fourth moment about the mean, and σ2 is the
variance. This formula can be used for both the entire image and a region of the image.
c) Directionality
To compute the directionality, image is convoluted with two 3x3 arrays and a gradient
vector at each pixel is computed. The magnitude and angle of this vector are defined as:
Where ΔH and ΔV are the horizontal and vertical differences of the convolution. Then,
by quantizing θ and counting the pixels with the corresponding magnitude |ΔG| larger than a
threshold, a histogram of θ, denoted as HD, can be constructed. This histogram will exhibit
strong peaks for highly directional images and will be relatively flat for images without strong
orientation. The entire histogram is then summarized to obtain an overall directionality
measure based on the sharpness of the peaks:
In this sum p ranges over np peaks; and for each peak p, wp is the set of bins distributed over
it; while φp is the bin that makes the peak value.
3.2 Daubechies’ wavelet transforms


· ×
j i
n m
1 1
) , (
) (
) (
φ φ
∑ ∑

2 / ) / (
2 / ) (
π θ +
∆ ∆



· ∆
4 / 1
Daubechies’ wavelets generate texture features for each 4X4 area and have clustered
such areas for image segmentation. In our application, we use Daubechies’ wavelet transform
on the pixel intensity values of the complete image for texture feature generation. We apply
two-dimensional Daubechies’ wavelet transform to each image in the database. The
Daubechies’ wavelet transform has been implemented by Quadrature Mirror Filters.
The QMF filters consist of a low-pass filter, H, and high-pass filter, G. The
relationship between filters H and G is
g(n) = (-1)^n * h(1-n) ………………………..(1)
Forward wavelet transform is implemented using H_bar and G_bar filters, where
inverse wavelet transform is implemented using H and G filters. The relationship between H
and H_bar, G and G_bar filters are as follows:
g(n) = g_bar(-n) ..............................................(2)
h(n) = h_bar(-n) ……………………………..(3)
In order to reduce the nonzero wavelet coefficients corresponding to an edge, smaller
number of wavelet taps is more desired. Daubechie's 6 tap wavelet is well known and has
some nice properties. Thus, 6 tap Daubechie's wavelet is chosen to implement our system. The
filter coefficient for Daubechie’s 6 tap wavelet is listed as follow.
h(0)=0.332670552950 h(1)=0.806891509311 h(2)=0.459877502118
h(3)=-0.135011020010 h(4)=-0.085441273882 h(5)= 0.035226291882
A two-dimensional forward wavelet transform can be implemented using 2 one-
dimensional forward wavelet transforms; one in the horizontal direction, the other in the
vertical direction.
A one-dimensional data, d is filtered using Daubechie's filter by convolving the filter
coefficients h(k) and the input data as follows:
new_d(i) = h(0)*d(i-0) + h(1)*d(i-1) + ... + h(5)*d(i-5) (4)
Using the 3-level 6 tap Daubechies’ wavelet transform, we recursively decompose an
image into different frequency bands .fig 1

After the first level wavelet transform, we retain the three high frequency bands,
namely, the HL, LH and the HH bands. Standard deviations of the coefficients of these three
bands form three features. We then decompose the LL band into four second level frequency
bands and get three more features by calculating standard deviations of the three high
frequency bands at this level. The last three features are generated by decomposing the second
level LL band to one more level and calculating the standard deviations of the higher
frequency bands at the third level of decomposition. Since the LL band at the lowest level
contains mostly low frequency information (corresponding to image layout), use of the LL
band further, adversely affects the retrieval performance. We, therefore, do not extract any
feature from the level 3 LL band. Thus, by calculating the standard deviations of each of the
three high frequency bands at each level, we generate a 9-component texture feature vector for
an entire image.
4 Shape Feature Extraction
Shape features of objects or regions have been used in many content-based image
retrieval systems. Compared with color and texture features, shape features are usually
described after images have been segmented into regions or objects.
4.1 Fourier Descriptors
Fourier descriptors describe the shape of an object with the Fourier transform of its
boundary. Again, consider the contour of a 2D object as a closed sequence of successive
boundary pixels (xs, ys), where 0 ≤ s ≤ N-1 and N is the total number of pixels on the
boundary. Then three types of contour representations, i.e., curvature, centroid distance, and
complex coordinate function, can be defined.
The curvature K(s) at a point s along the contour is defined as the rate of change in
tangent direction of the contour, i.e.,
Where θ(s) is the turning function of the contour.
The centroid distance is defined as the distance function between boundary pixels and the
centroid (x
, y
) of the object:
The complex coordinate is obtained by simply representing the coordinates of the boundary
pixels as complex numbers:
The Fourier descriptor of the curvature is:
The Fourier descriptor of the centroid distance is:
Where Fi in (1) and (2) denotes the ith component of Fourier transform coefficients.
Here only the positive frequency axes are considered because the curvature and centroid
distance functions are real and, therefore, their Fourier transforms exhibit symmetry, i.e., |F-i|
= |Fi|.The Fourier descriptor of the complex coordinate is:
4.2 Circularity, Eccentricity, and Major Axis Orientation
Circularity is computed as:



− −
− −
2 /
) 1 2 / (


2 /
[ ]
F F f
2 /
) ( ) ( ) (
xc xs
s Z − + − ·
) (
) (
) (
s R
− −
) ( ) ( s
s K θ ·
Where S is the size and P is the perimeter of an object. This value ranges between 0
(corresponding to a perfect line segment) and 1 (corresponding to a perfect circle). The major
axis orientation can be defined as the direction of the largest eigenvector of the second order
covariance matrix of a region or an object. The eccentricity can be defined as the ratio of the
smallest eigen value to the largest eigen value.
Distance Measure One image from each class was chosen as a query image. The color (or
texture) features were then extracted from the query image and from all the images in the
database. The features extracted from each image were represented as a vector in RD, and
Euclidean distance was used to measure the distance from the feature vector of the query to
the feature vector of every image in the database.
5 Experiments and Results
The simulations were performed in Java. For color feature extraction, the RGB space was
quantized to 128 color bins. The representative feature is tested on 50 medium resolution (384
* 256 pixels) images from diverse contents such as wild life, city, buses, horses, mountains,
beach, food, African natives, etc. each of which contain 5 to 10 images.
Result Analysis of Image Database:
Insertion QueryTime for Search
(sec)Number of relevant matches
)Total number of relevant matches in database
(M)Number of retrieval
.50.640Corel_25.jpg152240.47145Corel_15.jpg172470.280.75Table 5.2: Retrieval Result

Figure 1: Time v/s No. of Relevant Retrieval Figure 2: Precision v/s Recall
6 Conclusion and Future scope
Visual features most widely used in content-based image retrieval are color, texture,
shape, and spatial information. Color is usually represented by the color histogram, color
correlogram, color coherence vector, and color moment under a certain color space. Texture
can be represented by Tamura feature, Wavelet transformation. Shape can be represented by
moment invariants, turning angles, Fourier descriptors, circularity, and eccentricity. Each of
these low level features tends to capture only one aspect of an image property. The color
histogram and the Daubechies’ wavelet transform were found to yield the highest color and
texture retrieval results, respectively, at the cost of higher
computational complexity. In future work, we will explore methods for combining color and
texture features, in addition to incorporating user-feedback into the system.
[1] P. Liu, K. Jia, Z. Wang and Z. Lv, “A New and Effective Image Retrieval Method
Based on Combined Features”, Proc. IEEE Int. Conf. on Image and Graphics, vol. I, pp. 786 ‐
790, August 2007.
[2]N. R. Howe and D. P. Huttenlocher, “Integrating Color, Texture and Geometry for Image Retrie
val”, Proc. IEEE Conf. on Computer Vision and Pattern Recognition, vol. II, pp. 239‐
246, June 2000
[3] Dr. Fuhui Long, Dr. Hongjiang Zhang and Prof. David Dagan Feng “Fundamentals Of Content-
Based ImageRetrieval”.
[4] W. Y. Ma and B. S. Manjunath, “A comparison of wavelet transform features for texture image
annotation,” in Proc. IEEE International Conf. On Image Processing, 1995.
[5] J.Z. Wang, G. Wiederhold, O. Firschein and Wei, S X, “Content-based Image Indexing and
Searching using Daubechies’ Wavelets”, Int Journal of Digital Libraries, 1, 1997, pp. 311-328.
Mr . Chavan Sandeep P.
Bharati Vidyapeeth
Deemed University,Pune.
Writing a basic article on network security is something like writing a brief introduction to flying a
commercial airliner. Much must be omitted, and an optimistic goal is to enable the reader to
appreciate the skills required. The first question to address is what we mean by "network security."
Several possible fields of endeavor come to mind within this broad topic, and each is worthy of a
lengthy article. To begin, virtually all the security policy issues apply to network as well as general
computer security considerations. In fact, viewed from this perspective, network security is a subset
of computer security. The art and science of cryptography and its role in providing confidentiality,
integrity, and authentication represents another distinct focus even though it's an integral feature of
network security policy. The topic also includes design and configuration issues for both network-
perimeter and computer system security. The practical networking aspects of security include
computer intrusion detection, traffic analysis, and network monitoring. This article focuses on these
aspects because they principally entail a networking perspective.
In the field of networking, the area of network security
consists of the provisions
and policies adopted by the network administrator to prevent and
monitor unauthorized access, misuse, modification, or denial of the computer network and
network-accessible resources. Network security involves the authorization of access to data in
a network, which is controlled by the network administrator. Users choose or are assigned an
ID and password or other authenticating information that allows them access to information
and programs within their authority. Network security covers a variety of computer networks,
both public and private, that are used in everyday jobs conducting transactions and
communications among businesses, government agencies and individuals. Networks can be
private, such as within a company, and others which might be open to public access. Network
security is involved in organizations, enterprises, and other types of institutions. It does as its
title explains: It secures the network, as well as protecting and overseeing operations being
done. The most common and simple way of protecting a network resource is by assigning it a
unique name and a corresponding password.
Network security starts with authenticating the user, commonly with a username and a
password. Since this requires just one detail authenticating the user name —i.e. the password,
which is something the user 'knows'— this is sometimes termed one-factor authentication.
With two-factor authentication, something the user 'has' is also used (e.g. a security token or
'dongle', an ATM card, or amobile phone); and with three-factor authentication, something the
user 'is' is also used (e.g. a fingerprint or retinal scan).
Once authenticated, a firewall enforces access policies such as what services are allowed to be
accessed by the network users.
Though effective to prevent unauthorized access, this
component may fail to check potentially harmful content such as computer
wormsor Trojans being transmitted over the network. Anti-virus software or an intrusion
prevention system (IPS)
help detect and inhibit the action of such malware. An anomaly-
based intrusion detection system may also monitor the network and traffic for unexpected (i.e.
suspicious) content or behavior and other anomalies to protect resources, e.g. from denial of
service attacks or an employee accessing files at strange times. Individual events occurring on
the network may be logged for audit purposes and for later high-level
analysis.Communication between two hosts using a network may be encrypted to maintain
privacy. Honeypots, essentially decoy network-accessible resources, may be deployed in a
network as surveillance and early-warning tools, as the honeypots are not normally accessed
for legitimate purposes. Techniques used by the attackers that attempt to compromise these
decoy resources are studied during and after an attack to keep an eye on
new exploitation techniques. Such analysis may be used to further tighten security of the
actual network being protected by the honeypot.

Examining the threats and managing them appropriately is very important for the smooth
running of any organisation. Although theserve their purpose to a great extent , they are not
completely fool proof. Every technique does have its flaw. Man is very skilled at developing
new security mechanisms , but an equally destructive code can be written to foil the already
existing mechanisms. Network security does not guarantee the safety of any organisation,
information or computer systems. Physical security must not be neglected at any cost. Inspite
of its minor drawbacks, network security techniques do offer a great deal of safety and we
cannot disregard the revolution brought about by techniques like cryptography and
authentication in the field of network security
1. ^ Simmonds, A; Sandilands, P; van Ekert, L (2004). "An Ontology for
Network Security Attacks". Lecture Notes in Computer Science 3285: 317–
323. doi:10.1007/978-3-540-30176-9_41.
2. ^ A Role-Based Trusted Network Provides Pervasive Security and
Compliance - interview with Jayshree Ullal, senior VP of Cisco
3. ^ Dave Dittrich, Network monitoring/Intrusion Detection Systems (IDS),
University of Washington.
4. ^ "''Honeypots, Honeynets''". 2007-05-26. Retrieved 2011-12-
5. ^ "The six dumbest ways to secure a wireless LAN | ZDNet". Retrieved 2011-12-09.
6. ^ Julian Fredin, Social software development program Wi-Tech
7. ^ "Introduction to Network Security". Retrieved 2011-12-09.
8. ^ "Welcome to CERT". 2011-10-17. Retrieved 2011-12-09.
9. ^ Wright, Joe; Jim Harmening (2009) "15" Computer and Information Security
Handbook Morgan Kaufmann Pubblications Elsevier Inc p. 257
10. ^

Master your semester with Scribd & The New York Times

Special offer for students: Only $4.99/month.

Master your semester with Scribd & The New York Times

Cancel anytime.