JOURNAL OF TELECOMMUNICATIONS, VOLUME 11, ISSUE 2, DECEMBER 2O11 16

Analysis and Deployment of virtual honeypots to tract down intrusions Armoogum V., Armoogum Sheeba, Sunhaloo S. and Jeewooth K. Abstract—Security issue is the most important thing about a networking environment and computer systems. To know how secure a computer or a network is, systems need to be designed that can capture and log malicious attack. The log gives precious information on the sources of attacks and based on them, appropriate security measures can be taken. In order to achieve this, a system needs to be devised that purposely attract the bad guy to perform attack. This paper introduces the honeypot concept, which can be realized using an interesting tool like Honeyd that has the ability to set up multiple virtual honeypots on a single machine, each with different characteristics and services. A comparative study is made with other types of honeypots on different levels of interactivity. The system is implemented and demonstrated along with tests and analysis, which are performed using networking tools to verify its functionality. Index Terms— HoneyD, Honeypot, Intrusions, Malicious attack, Security Issues.

——————————  ——————————

1 INTRODUCTION Our increasing dependence on computer and network systems has exposed us to a wide range of cyber security risks involving system vulnerabilities and threats. The growth of network intrusions on large scale enterprise network continues to increase, creating an epidemic of compromised hosts. One of the reasons why network infrastructure security is important and has drawn much concern in recent years is that attacks to the infrastructure will affect a large portion of the internet and create a large amount of service disruption. Since our daily operations highly depend on the availability and reliability of the internet, the security of its infrastructure has become a high priority issue. Although there are well known technologies like IDS, firewalls, etc to aid detection and reactions, they themselves sustain from their own weaknesses. The deployment of firewalls and IDS has not slowed down the growth of intrusions to an acceptable rate. Zhang & Zheng [1] have worked on techniques of active TCP/IP stack fingerprinting in remote OS scanning. By using Honeyd to run some virtual OS to delude remote OS scan, they present a method to simulate the fingerprints of OS which will react to OS detection. Singh & Joshi [2] propose a system, consisting of two modules, which treats the problem of large size log files. The first one is logging module which saves disk space by reducing the log size without losing information. The second module is a log analyzer that can process this log to generate reports and graphs for the security administrators. The analyzer is backward compatible and can process the log file produced by honeyd as well. Wang & Chen [3] have proposed a designed prototype in a campus net————————————————

V. Armoogum and S. Sunhaloo are with the University of Technology, Mauritius. Sheeba Armoogum is with the University of Mauritius. K. Jeewooth is with the Mauritius Port Authority.

work using honeypot and presented an analytic result of a number of experiments. Xinwen et al. [4] address issues related to detecting and "camouflaging" virtual Honeyd, which can emulate any size of network on physical machines. They find that this class of attack can achieve a high detection rate and low false alarm rate. In order to counter the attack, they make virtual honeypots behave like their surrounding networks and blend in with their surroundings. Computer networks today are vulnerable to a variety of attacks with recent worms demonstrating the ability of malicious software to spread quickly through these networks. Thousands of hackers probe and attack computer network each day. These attacks range from relatively simple sweeps to sophisticated techniques exploiting security vulnerabilities in both hardware and software. Many other similar works have been carried out during the past few years on honeypots systems in order to monitor intrusions against attacks [5-13]. Investigating the compromise of a production machine is both difficult and time-consuming due to the mixing of attacks and production traffic. Similar investigations of compromised machines on honeypots are much less complex since there is no real production traffic. This paper will discuss why these investigations are easier on honeypots and how they may be used to make investigations of compromised machines faster and recovery easier. This work is a feasibility analysis and study of honeypots and various techniques that can be used alongside honeypots.

2 IMPLEMENTATION OF HONEYPOT IN A REAL NETWORK

Information security in organisations is a growing concern and there have been complaints from staff about viruses infections and intrusions into the production systems which is most often carried out by internal users.

© 2011 JOT www.journaloftelecommunications.co.uk

17

Students used to perform network scans for vulnerabilities in order to exploit or to have unauthorized access to system. Though such intrusions have no major impact on the production system, it is a sign of weaknesses of the network and systems set up and configuration which leave the overall network and critical system vulnerable to attacks, being compromised or probed. To mitigate any such risks, one immediate solution would be to divert the network traffic of attacker to a deception system that would capture the traffic and interact with the attacker to make him/her believe the presence of a real system or network. This deception system can be implemented using a honeypot that can use multiple IP‖s and simulate a network topology and also respond to the attacker. The option chosen is honeyd, a daemon that simulates the TCP/IP stack of operating systems to create virtual honeypots.

2.1

HoneyD installation

Honeyd [14], also known as low interaction honeypot, is an intesting tool that offers a simple way to emulate services offered by several machines on a single computer. On Linux Ubuntu, installation of honeyd is straight forward using command line apt-get install honeyd which also installs the three libraries (Libevent, Libnet, Libpcap) necessary for honeyd to work. Fig. 1 and Fig. 2 show the network architecture that would be configured using honeyd and mounted on a virtualized environment on Linux Ubuntu running on VMware.

10.0.0.0/8 network. If it sees packets going to unused IP‖s, it will direct those packets to the honeyd honeypot using arpd spoofing (a layer attack). It spoofs the victim‖s IP address with the MAC address of the honeypot. For the honeyd command, -p nmap.prints refers to the Nmap fingerprint database. This is the actual database that the scanning tools Nmap used to fingerprint operating systems. The second option for the honeyd process is the honeypot configuration file, -f honeyd.conf. This determines the bahaviour of the honeypot.

2.2 SETTING UP ROUTERS IN THE NETWORK The network simulated by the honeyd uses the address space of 10.0.0.0/8. It contains the honeypots and is separated by Cisco Router R1 as shown in Fig 2. The router R1 is the entry point into the virtual network from the LAN; the “route entry” configuration is used to specify the entry point (route entry 10.0.0.1 network 10.0.0.0/8). The above line instructs honeyd that 10.0.0.1 is the entry point to our virtual network 10.0.0.0/8. The 10.3.0.0/24 network is directly reachable from the route R1. The route link configuration command is used to specify which network is directly reachable and does not require further hops to be reached (route 10.0.0.1 link 10.2.0.0/24). The first IP specified above is the IP of the router. The network address specified after the link keyword defines which network is directly accessible.

Fig. 1. Devised Topology

The configuration will enable emulation of three virtual honeypots and a router. The simulated network for the opted scenario is being assigned class A address. To implement honeyd, two tools need to be compiled: farpd and Honeyd. Honeyd cannot do everything alone and requires the help of farpd. Farpd (faked ARP) is used for arp spoofing, that is, it actually monitors the unused IP space and directs attacks to the honeyd honeypot. Honeyd does not have the capability to interact with the attackers. The commands to start both are listed below. The network in the command is the network that arpd will monitor and Honeyd will interact with. i) Sudo farpd 10.0.0.0/8 ii)Sudo honeyd –p nmap.prints –f honeyd.conf 10.0.0.0/8 Based on the above mentioned commands, the farpd process will monitor any unused IP space on the class A

Fig. 2. Overview of network topology showing appropriate honeypot placement

Another two networks are added separated from the first network by routers R2 with an IP address 10.3.0.1 and router R3 with IP address 10.3.1.1. The new networks have the address range 10.3.0.0/24 and host two honeypots at 10.3.0.2 and 10.3.0.3 and another address range of 10.3.1.0/24 and hosts three honeypots at 10.3.1.12,

18

10.3.1.11 and 10.3.1.10. To configure the network, a new gateway is added to the configuration file. The “route add net” command is used for adding a gateway (route 10.0.0.1 add net 10.3.0.0/16 10.3.0.1). This command line specifies that 10.0.0.1 router R1 can reach the network 10.3.0.0/16 via the gateway 10.0.0.1, router R2. The first IP in the line is that of R1, the last IP address is that of the new gateway and the address range specified is that of the network reachable through the new gateway. After adding the router R2, IP addresses directly reachable from R2 are specified, using route link command to achieve this. The 10.3.0.0/16 subnet is directly reachable from R2 (route 10.3.0.1 link 10.3.0.0/24). Two additional honeypots are added by binding their IP addresses to the honeypot template (bind 10.3.0.2 Linux & bind 10.3.0.3 Linux).

2.3 Configuring Latency, Loss and bandwidth The ―route add net‖ command also specifies latency, loss and bandwidth details for the connection between routes R1, R2 and R3. Normally each additional hop adds a delay to the total time to reach the destination. This is simulated using the latency keyword, the delay at each hop can be specified in milliseconds. On networks, sometimes packets also get lost. The loss keyword is used to model this behavior of network links by specifying the loss in %. Honeyd also queries packets if a link is occupied by a previous packet. Depending on the bandwidth available for a link, these delays can vary. The bandwidth of a link is specified in Mbps with the bandwidth keyword.

3 RUNNING AND DEPLOYING HONEYD One unique aspect to Honeyd is its own IP address, that is, the IP address of the computer hosting honeyd. Attackers should not be interacting with honeyd‖s primary IP which is assigned to it permanently. A host based firewall should be configured to run and blocking any connections to the honeypot‖s administrative IP address. This ensures that attackers cannot interact with the honeypot system directly but only through honeyd process.

3.1 Logging activity Honeyd is designed for information gathering at two sources, syslog sand sniffer system. By default the honeyd process logs all attempted and established TCP connections and all ICMP echo replies to syslog logged information are limited to transactional information, specially source and destination IP address, source and destination port and the timestamp of the activity. Logging the traffic can also be done automatically using tool such as TcpDump. The TcpDump files are created and stored in specified folders for later analysis. All inbound and outbound traffic to the honeypots are captured and stored as files. TCP dump offers more flexibility and more options. The command is used to launch TcpDump to capture traffic in the host (Tcpdump –i eth0 –

n –s 1500 –c 2 –w /log/tcpdump/tcpdump.log).

3.2 Wiresharks Wiresharks is a free open source packet analyser. It is used for network troubleshooting, analysis, and communication protocol development. It runs on various Unixlike operating systems and on Windows. Wireshark is similar to tcpdump, but has a graphical front-end and many more information sorting and filtering options. Wireshark allows the user to see all traffic being passed over the network by putting the network interface into promiscuous mode. This tool will be used to test if the honeypots are receiving traffic and can be analysed live. 3.3 Data Control A data control mechanism is required while deploying honeypot. The aim is to keep track of the attackers‖ activity against the honeypot and from there to other hosts in internal or external networks. It is very important not to let an attacker to harm other systems if he/she takes control of the honeypot. Data controls mechanisms like firewall filters and IPtables will be set up for the honeypot system. 3.4 Firewall filters and IP tables Firewall filters control inbound and outbound connections from and to external networks. This device can protect he honeypot from being harmed from outsiders as malicious activity may come from both outside networks and the honeypot can detect any security breach in the perimeter. Also no connection should be allowed from the honeypot to the outside networks, since any connections made to the honeypot is suspicious. At the host level, IP tables can be used as a protection. IP tables is a framework inside Linux kernel that provide packet filtering. It is the same functionality than firewall rules, controlling inbound and outbound connection to the honeyd host. The commands below show that no connections are made and no traffic leaves the honeypot. $IPTABLES –A INPUT –d 10.3.0.2 –j ACCEPT $IPTABLES –A INPUT –d 10.3.0.3 –j ACCEPT $IPTABLES –A INPUT –d 10.3.1.12 –j ACCEPT $IPTABLES –A INPUT –d 10.3.1.11 –j ACCEPT

# Set policies $IPTABLES –p INPUT DROP $IPTABLES –p FORWARD DROP $IPTABLES –p OUTPUT DROP From the configurations, the firewall allows any inbound connection to the four virtual honeypots.

4 RISK LEVEL OF HONEYPOT IN A NETWORK The honeyd host can be reachable from inside and outside networks, so that it is not secured and can be highjacked and used by hacker. If the honeypot is extremely secured and never gets a connection, it will be pointless to have it in the network as the objective is to record malicious traffic. The main risks that should be considered with configuring the set up are firstly, the honeypot can

19

be hijacked and used to attack internal networks and secondly, the honeypots can be hijacked and used to attack external networks. An attacker can hijack it silently and use it to sniff traffic in the corporate network. The attacker can also scan internal networks to have more information about topology, vulnerabilities, etc.. Important measures have been taken to decrease risks and impact, however some risks are always present as the objective is to observe probes to the honeypot.

4.1 Impacts If the above risks are exploited by attackers to a corporate network, the impact would be important. If an attacker takes control of honeypot and attack systems in the internal network, it can cause damage with different ranges of impacts. The impact would be low if the attacker only scans the network or harm a few desktops. Otherwise, if the attacker harm a server that host the web service, email platform, etc. the impact would be high and the image of the corporate company would be affected. An attacker can also take control of the honeypot and attack external networks, consequently the corporate company can be blacklisted on the internet. By sniffing internal traffic, the attacker can also steal critical information like email users and passwords, strategic plans etc. A user can also scan the network to get useful information about the topology; vulnerabilities etc. and this information can be used to perform other attacks from external networks. There are lots of vulnerabilities that can be exploited and make those risks happen. So it is important to follow the appropriate security steps that would have a better control on the inbound and outbound traffic to the honeypot. 4.2 Vulnerabilities of the Honeyd host Honeyd will be generating virtual honeypots and depending on the services we simulate, we can have more or less vulnerabilities. Some vulnerabilities are: firstly, Simulated services that ca allow the attacker to open connections to other systems (eg. SMTP services); secondly, simulated services that allow the attacker to access the local resources of the honeypot (eg. FTP service that allow access to the real file system); finally, scripts that can bring down the system with a denial of service and finally scripts downloaded from public sited that may have backdoors.

5 PERFORMANCE AND TESTING Some tests are carried out to verify the functioning of the honeypot and also make use of networking tools to design a set of techniques that will allow identifying the presence or not of vulnerabilities within the honeypot system. The log file analysis is carried out to ensure that traffics are appropriately recorded for later investigation. Nmap is a free port scanner tool which can be freely downloaded from Nmap website. It is useful for tasks

such as network inventory and monitoring host or service uptime. Nmap uses raw IP packets to determine what hosts are available on the network, what services (applications and version) those hosts are offering and what operating systems they are running. Zenmap is the official Nmap Security Scanner GUI. It is a multi-platform (Linux, Windows, Mac OS X, BSD, etc.) free and open source application which aims to make Nmap easy use while providing advanced features for experienced Nmap users. Frequently used scans can be saved as profiles to make them easy to run repeatedly. A command creator allows interactive creation of Nmap command lines. Scan results can be saved and viewed later. From testing results, it is observed that the vulnerabilities left deliberately on Linux virtual honeypot for exploitation (Fig. 3). Anyone to compromise a network will discover these vulnerabilities through scans and will try to exploit them. Connection attempt details will be recorded in logs by honeyd. Analysing packet logs is the easiest way to get an overview of what kind of traffic the honeypot received. As depicted in Fig. 4, the log file contains information about the source and destination IP addresses, which protocols and ports were being used. If a connection gets established, the log file also contains information about when the connection started, when it ended, and how many bytes were transmitted. The date column, for example, contains a timestamp of when the packet was received by Honeyd. The information after the date column contains information about the internet protocol, usually TCP, UDP or ICMP. However, when receiving network probes, it could also be any other internet protocol. The third column contains the connection types: S stands for start and E stands for end and a “-“ indicates that the packet does not belong to any connection. The next four columns show information about the source IP address, source port, destination IP address and destination port. For some protocols like ICMP, the port columns are empty because these protocols do not use ports. The last two columns contain information associated with a connection or packet. When a connection ends, it contains the number of bytes received and sent by Honeyd, respectively. Tcpdump also records the traffic passing through the Honeyd in separate files. These files are saved on hard drives for later review using tools like wireshark. Wireshark can read tcpdump files and all details on the traffic can be analysed. Fig. 5 shows a Tcpdump file captured and viewed using wireshark.

20

Fig. 3. Zenmap scan of Linux Honeypot Fig. 5. Traffic captured using tcpdump and displayed using Wireshark

Zenmap network scanner can also fingerprint the OS simulated by the honeypot and even determine the topology of the scanned network using information resulting from scans like, the traceroute, number of hops to reach the hosts. Fig. 6-7 shows the information gathered by Zenmap. The goal of the above tests is to analyse and detect vulnerabilities that may allow attackers to gain access to the system and then compromise other networks. The only access to the system must be done through virtual machines simulated and exposed by Honeyd. The virtual hosts emulated the vulnerabilities and responded, as planned, to queries by network scanning tools.

6

Fig. 4 Log file of information recorded by Honeyd

RECOMMENDATIONS

Honeyd is easy to deploy and maintain, and involve less risks to be taken over and used for illegal purposes, they are easier to fingerprint and do not gather enough information to make an in-depth analysis of the attacker behaviour. However, there is a way to improve the lowinteractivity honeypots keeping its strengths and adding the high-interactivity honeypots strengths. The solution is to combine low and high-interactivity honeypots and redirect the traffic from the low to the high-interactivity honeypots. This process should be completely transparent to the attacker so he does not get suspicious. This will allow the low-interactivity honeypot to be less likely fingerprinted and will log all the attack process for further investigations. This can be done by IPTables filtering.

21

traffic should be redirected. An example of the code for traffic re-direction to Proxy or high interaction Honeypot is as follows: add template udp port 53 proxy 141.211.92.141:53 Traffic re-direction is being done through port 53 to computer with IP address 141.211.92.141

6.1 Traffic re-direction to the attacker The port redirection feature of Honeyd can also be used to respond to attack performed on the Honeyd honeypot. Instead of redirecting the traffic to a highinteractivity honeypot, Honeyd can also redirect the traffic to the attacker himself. That means that the attack is performed on the attacker‖s computer by the attacker. Example below show the code for traffic redirection to the attacker add template tcp port 23 proxy $ipsrc:23 Fig. 6. OS fingerprint of the Linux host 10.3.0.1

Any attack performed through the port 23 is redirected to the source of the attack through the same port, i.e. to the attacker.

7

Fig. 7. Topology derived by Zenmap scan

Honeyd has this capability to act as a proxy and redirect the traffic targeted to some port to other machines. When a packet is targeted to the Honeyd honeypot, the Honeyd host will open a connection with the highinteractivity honeypot and forward the packet received to it. Then, when it receives the answer from the highinteractivity honeypots, it changes the headers of the packet so that this process is completely transparent for the attacker. This is done through the Honeyd configuration file where you can specify what traffic and where the

CONCLUSION

This paper described honeyd, a low-interaction honeypot and demonstrated its implementation along with a few tests to explain its functionality. The goal was to research on the virtual honeypots, how they can be networked virtually and to write the script to enable the honeypots to emulate vulnerabilities purposely to attract attackers. During the work, comparison was also made between low-interaction and high-interaction honeypots. Each one has its own advantages and disadvantages, however the value of data collected by honeyd is insufficient to make in-depth analysis of attacks, but they still provide valuable information. In the recommendation part of the report, we explain how honeyd can be combined with a high-interaction honeypot using the proxy featu,re. Thefore Honeyd proves to be more secure for implementation as by combining it with real honeypots allow the system to log more valuable data and limiting the risks for the honeypots to be used by attackers. According to this study, Honeypots certainly improve security mechanisms, security breaches and vulnerabilities of a network. More importantly, they are preventive and almost cost free to deploy. Honeypots, since they are constantly evolving and becoming more functional and harder to detect, will undoubtfully be very useful in the future. System administrators can use honeypots along with other network defense devices (firewalls, IDS) to help secure their network. As an enhancement to the study, it is proposed to experiment the deployment using a combination of honeyd and high-interaction honeypot. As for analysis of log files, data mining techniques could be used by storing the information directly in databases like SQL server. This would allow better statements on current threats and

22

show related trends towards attacking techniques.

ACKNOWLEDGMENT The authors wish to thank the technical staff of the University of Technology, Mauritius.

REFERENCES [1]

X. Zhang and L. Zheng, “Delude Remote Operating System Scan by HoneyD”, Proc. IEEE workshop on Computer Science and Engineering (WCSE ’09), vol. 2, pp. 503-506, 2009, (Conference proceedings) [2] A.N. Singh and R.C. Joshi, “A Honeypot system for efficient capture and analysis of network attack traffic”, Proc. IEEE International conference on Signal Processing, Communication, Computting and Networking Technologies (ICSCCN ’11), pp. 514-519, July 2009, (Conference proceedings) [3] H. Wang and Q. Chen, “Design of cooperative deployment in distributed Honeynet system”, Proc. IEEE International conference on Computer Supported Cooperative work in Design (CSCWD ’10), pp. 711-716, April 2010, (Conference proceedings) [4] Xinwen Fu, Wei Yu, Dan Cheng, Xuejun Tan, K. Streff. and S. Graham, “On recognizing virtual honeypots and countermeasures”, Proc. IEEE International Symposium on Dependable, Automic and secure computing pp. 211-218, Sept. 2006, (Conference proceedings) [5] Dongxia Wang, Gang Zhao and Guoqing Ma , “The active security situation sensor for network”, Proc. IEEE International Seminar on Future information technology and Management Engineering (FITME ’08), pp. 192-195, 2008, (Conference proceedings) [6] V. Visoottiviseth,U. Jaralrungroj, E. Phoomrungraungsuk and P. Kultanon, “Distributed honeypot log management and visualisation of attacker geographical distribution”, Proc. IEEE International Conference on Computer Science and Engineering (JCSSE ’11), pp. 23-28, 2011, (Conference proceedings) [7] Chao-Hsi Yeh and Chung-Huang Yang, “Design and Implementation of honeypot systems based on open-source software”, Proc. IEEE International Conference on Intelligence and Security Informatics pp. 265-266, 2008, (Conference proceedings) [8] T.M. Chen and J. Buford “Design Considerations for honeypot for SQL injection Attacks”, Proc. IEEE 34th International Conference on Local Computer Networks, pp. 915-921, 2009, (Conference proceedings) [9] S. Chamotra, J.S. Bhatia, R. Kamal and A.K. Ramani, “Deployment of a low interaction honeypot in an organizational private network”, Proc. IEEE International Conference on Emerging Trends in Networks and Computer Communications (ETNCC ’11), pp. 130135, 2011, (Conference proceedings) [10] M. Yuqing, R. Upadrashta and Xiao Su, “J-Honeypot: a Javabased network deception tool with monitoring and intrusion detection”, Proc. IEEE International Conference on Information Technology: Coding and Computing (ITCC ’04), pp. 804-808, 2004, (Conference proceedings) [11] N. Krawetz, "Anti-Honeypot Technology," IEEE Articles on Security & Privacy, vol. 2, Issue 1, pp. 76-79, Jan/Feb 2004, ISSN 1540-7993 [12] S. Khattab, R. Melhem, D. Mosse and T. Znati, “Honeypot back-propagation for mitigating spoofing distributed denial-ofservice attacks”, Proc. IEEE 20th International Parallel and Dis-

tributed Processing Symposium (IPDPS ’06), April 2006, (Conference proceedings) [13] Y. Chin, E.P. Markatos, S. Antonatos and S. Loannidis, “Honelab: Large-Scale Honeypot Deployment and Resource Sharing”, Proc. IEEE 3rd International conference on Network and System Security (NSS ’09), pp. 381-388, 2009, (Conference proceedings) [14] N. Provos, “A virtual honeypot framework”, Proc. 12th USENIX Security Symposium, pp. 1-14, 2009, (Conference proceedings)

Vinaye Amoogum received his BSc (Eng) in Computer Engineering and MSc (Eng) in System Engineering in 1995 and 1997 respectively. He completed successfully his PhD in Telecommunications in 2009. He is currently a senior lecturer at the University of Technology, Mauritius. His fields of study are the Telecommunications and related areas, computer science and engineering. Sheeba Amoogum received her BSc in Maths, Physics and Electronics in 1997 and Master in Computer Applications in 2000. She is currently doing her PhD. She is a lecturer at the University of Mauritius. Her fields of study are the software engineering, VoIP and networking. Sameer Sunhaloo received his BSc (Hons) in Mathematics in 1999. He completed successfully his PhD in Scientific Computing in 2006. He is currently the Head of School of the School of Innovative Technologies and Engineering at the University of Technology, Mauritius. His fields of the study are the numerical solution of partial differential equations and numerical linear algebra. Kiran Jeewooth received his BSc (Hons) in Computing and Information Systems and MSc in Computer Security and Forensics in 2007 and 2011 respectively. He is currently an IT Executive at the Mauritius Port Authority. His fields of study are IT Security, networking and administration.

Transactions Template

dresses to the honeypot template (bind 10.3.0.2 Linux & bind 10.3.0.3 Linux). .... service, email platform, etc. the impact would be high and the image of the ...
Download PDF
1021KB Sizes 4 Downloads 258 Views
Report

Recommend Documents

Transactions Template
Published results show that these strategies effectively improve both the data rate and .... ed estimates to the decoder for error correction. Unlike the Viterbi decoding .... Error Probability for Data Services in a Terrestrial DAB Single Fre-.
Transactions Template
INTERNATIONAL JOURNAL OF ELECTRICAL, ELECTRONICS AND COMPUTER SYSTEMS (IJEECS),. Volume 1, Issue 2, April 2011. .... system integrates both graphical and textual password scheme and has high level security. .... and the list of grid cells of these th
Transactions Template - IJEECS
INTERNATIONAL JOURNAL OF ELECTRICAL, ELECTRONICS AND COMPUTER SYSTEMS (IJEECS),. Volume ... ployed to validate the present theory for various .... Journal of Radio and Space Physics, vol. 35, pp. 293-. 296, 2006.(Journal).
Transactions Template
In this paper we evolve a signature based intrusion detection system based on Neural ... Training and testing data we obtain from the real network traffic by using ...
Transactions Template
using sensors, 3G cell phone network and social media to be applied to the design of small ..... Systems, Computer Networks acting on the following themes:.
Transactions Template
http://sites.google.com/site/journaloftelecommunications/. Model for remote data ... analysis of these sensors can be acquired and transmitted remotely through the 3G network, directly to an operations room, or also be made available on the .... (pre
Transactions Template
overcome this problem is to have a good management and control of signal traffic lights. For this ... programmable logic controller and wireless sensors for a real time implementation. ... interested in managing urban traffic areas and road net-.
Transactions Template
tion of Internet Banking, as it reduces the customer‖s re- quirements to just a .... Taiwan launched a trial on over 5000 Visa payWave stores, in mid-2008.
Transactions Template
JOURNAL OF COMPUTER SCIENCE AND ENGINEERING, VOLUME 2, ISSUE 1, JULY 2010. 32 ... Arjan Singh is with the Baba Banda Singh Bahadur College of Engi- neering ... ranking of the V-N collocations based on their relative.
Transactions Template
sit fleet by way of internet-enabled mobile devices. WAP- ... transit region is sent to the user mobile phone. From the ... converting the plate number into text file, and finally (4) running the .... If number at the free box is uncompleted or wrong
Transactions Template
puters are in the data processing classrooms and its use continues being ... Habib M. Fardoun is with the Institute of Computer Science Research. Institute of Albacete and .... which we can specify and use educational activities to allow work ...
Transactions Template
an Intranet and Internet, servers and workstations for operations, ... tion of new business models, and changes in the bounda- .... optical fibre or radio.
Transactions Template
JOURNAL OF COMPUTER SCIENCE AND ENGINEERING, VOLUME 4, ISSUE 1, NOVEMBER ... audio and video data separately, this research presents a.
Transactions Template
Abstract— The Semantic Web presents new opportunities for enabling modeling, sharing and reasoning with knowledge available on the web. These are made possible through the formal representation of the knowledge domain with ontologies. Ontology is a
Transactions Template
fined by the distance to the nearest training pattern. ... set cs(yj) j=1…m , cs(yj) ϵ { 0 1 ….9} which defines .... B.E. degree in 2007 from Rajasthan University.
Transactions Template - arXiv
registered with respect to the centre of the fingerprint image. The dimensionality of .... tions are then normalized into the domain from 0 to , and the certain values ...
Transactions Template
and integrating multiple telecommunication services into single device. The typical sierpinski gasket antenna has been introduced by [3]. Recently various ...
Transactions Template
by analyzing both audio and visual data. ... As tools and systems for producing and disseminating action data improve significantly, the amount of human action.
Transactions Template
We focused on intersections as a traffic scene to be covered by the system. At some blind ...... C. Sugimoto received the B.S. degree in Engineering, and the M.S..
Transactions Template
models and propose QoS in WSNs considering the packet to be small in size so that it can travel faster through the network by avoiding collision. In this way we ...
Transactions Template - IJEECS
ISSN: 2221-7258(Print) ISSN: 2221-7266 (Online) www.ijeecs.org. Modified ..... vanced Information Networking and Applications Workshops. (AINAW 07), vol. 2.
Transactions Template
present, there are no proper measures for software main- tainability[1]. ..... AT&T Bell Labs at Columbus, Ohio, USA and has also worked as a consultant in the ...
Transactions Template
The MANETs are also suitable when network setup is difficult, costly and required to be done quickly ... hop fashion without any centralized administration [1]. Significant examples of ..... Aircraft Ad-hoc networks, Network Security & VLSI Design.
Transactions Template - IJEECS
client server model doesn't support the slicing over the object oriented programs on ... slicing, Slice, Distributed System, Finite State Machine, Java Programming.