International Journal of Computer Science and Security Volume (1) Issue (1)

Editor in Chief Dr. Haralambos Mouratidis

International Journal of Computer
Science and Security (IJCSS)
Book: 2008 Volume 1, Issue 1
Publishing Date: 30-06-2007
Proceedings
ISSN (Online): 1985-1553

This work is subjected to copyright. All rights are reserved whether the whole or
part of the material is concerned, specifically the rights of translation, reprinting,
re-use of illusions, recitation, broadcasting, reproduction on microfilms or in any
other way, and storage in data banks. Duplication of this publication of parts
thereof is permitted only under the provision of the copyright law 1965, in its
current version, and permission of use must always be obtained from CSC
Publishers. Violations are liable to prosecution under the copyright law.

IJCSS Journal is a part of CSC Publishers
http://www.cscjournals.org

©IJCSS Journal
Published in Malaysia

Typesetting: Camera-ready by author, data conversation by CSC Publishing
Services – CSC Journals, Malaysia

CSC Publishers

Table of Contents

Volume 1, Issue 1, May/June 2007.

Pages
1 - 10 Analysis & Integrated Modeling of the Performance Evaluation
Techniques for Evaluating Parallel Systems.
Amit Chhabra, Gurvinder Singh

11 - 18 A Novel Secure Key Agreement Protocol using Trusted Third
Party.
Sairam Kulkarni, Debashih Jena, Sanjay Kumar Jena

19 - 32 Active Contours Without Edges and Curvature Analysis for
Endoscopic Image Classification.
B.V.Dhandra, Ravindra Hegadi

33 - 40 Simple Encryption/Decryption Application.
Majdi Al-qdah, Lin Yi Hui

41 - 51 Morphological Reconstruction for Word Level Script Identification.
B. V. Dhandra, Mallikarjun Hangarge

52- 69 A Review Paper on Ad Hoc Network Security.
Karan Singh, Rama Shankar Yadav, Ranvijay

70 - 84 A Review of Studies On Machine Learning Techniques.
Yogesh Singh, Pradeep Kumar Bhatia, Omprakash Sangwan

85 - 96 Texting Satisfaction: Does Age and Gender Make a Difference?
Vimala Balakrishnan, Paul H. P. Yeow

International Journal of Computer Science and Security (IJCSS), Volume (1), Issue (1)


Analysis & Integrated Modeling of the Performance Evaluation
Techniques for Evaluating Parallel Systems

Amit Chhabra chhabra_amit78@yahoo.com
Department of Computer Science & Engineering,
Guru Nanak Dev University,
Amritsar, 143001,India

Gurvinder Singh gsbawa71@yahoo.com
Department of Computer Science & Engineering,
Guru Nanak Dev University,
Amritsar, 143001,India

Abstract

Parallel computing has emerged as an environment for computing inherently parallel and
computation intensive applications. Performance is always a key factor in determining
the success of any system. So parallel computing systems are no exception. Evaluating
and analyzing the performance of parallel systems is an important aspect of parallel
computing research. Evaluating and analyzing parallel system is difficult due to the
complex interaction between application characteristics and architectural features.
Experimental measurement, Theoretical/Analytical modeling and Simulation are
the most widely used techniques in the performance evaluation of parallel systems.
Experimental measurement uses real or synthetic workloads, usually known as
benchmarks, to evaluate and analyze their performance on actual hardware.
Theoretical/Analytical models try to abstract details of a parallel system. Simulation and
other performance monitoring/visualization tools are extremely popular because they can
capture the dynamic nature of the interaction between applications and architectures. Each
of them has several types. For example, Experimental measurement has software,
hardware, and hybrid. Theoretical/Analytical modeling has queueing network, Petri net,
etc. and simulation has discrete event, trace/execution driven, Monte Carlo. Each of
these three techniques has their own pros and cons.
The purpose of this paper is firstly to present a qualitative parametric comparative
analysis of these techniques based on parameters like stage, output statistics, accuracy,
cost, resource consumption, time consumption, flexibility, scalability, tools required,
trustability and secondly to justify the need for an integrated model combining the
advantages of all these techniques to evaluate the performance of parallel systems and
thirdly to present a new integrated model for performance evaluation . This paper also
discusses certain issues like selecting an appropriate metric for evaluating parallel
systems.

Keywords: Integrated model, Metrics, Parallel systems, Performance, Evaluation

1.INTRODUCTION TO PARALLEL COMPUTING SYSTEMS
For the last three decades, researchers in the area of parallel processing have proclaimed that parallel
computing is the wave of the future. The reason most widely cited for this wave is the rapid approach that

International Journal of Computer Science and Security, Volume (1): Issue (1) 1


resolves the speed limit of serial computing. This limit needs to cracked in order to solve many computing
intensive applications in an acceptable amount of time. The only way to overcome the speed limit of serial
computers is to harness the power of several serial computers to solve a single problem in a parallel
fashion.
The advents in the today’s micro-electronic technology have resulted in the availability of fast,
inexpensive processors and advancement in the communication technology has resulted in the availability
of cost-effective and highly efficient computer networks.

2. ROLE OF PERFORMANCE IN PARALLEL SYSTEMS
Performance is always a key factor in determining the success of parallel system. Quantitative evaluation
and modelling of hardware and software components of parallel systems are critical for the delivery of high
performance. Performance studies apply to initial design phases as well as to procurement, tuning, and
capacity planning analyses. As performance cannot be expressed by quantities independent of the system
workload, the quantitative characterization of resource demands of applications and of their behaviour is
an important part of any performance evaluation study. Among the goals of parallel systems performance
analysis are to assess the performance of a system or a system component or an application, to
investigate the match between applications requirements and system architecture characteristics, to
identify the features that have a significant impact on the application execution time, to predict the
performance of a particular application on a given parallel system, to evaluate different structures of
parallel applications.

3. SELECTING AN APPROPRIATE PERFORMANCE METRIC
To study the performance of systems or to compare different systems for a given purpose, we must first
select some criteria. These criteria are often called metrics in performance evaluation. Different situations
need different sets of metrics. Thus, selecting metrics are highly problem oriented. Different metrics may
result in totally different values. Hence, selecting proper metrics to fairly evaluate the performance of a
system is difficult. Another problem with selecting metrics is that in a real system different metrics may be
relevant for different jobs. For example, response time may be the most suited metric for interactive jobs,
while system utilization is more important for batch jobs. So issue here is to select an appropriate metric,
which is suitable for every kind of systems (batch, interactive, closed and open systems).
Characteristics or properties of a good performance metric should be SMART i.e. Specific,
Measurable, Acceptable, Realizable and Thorough. So far the researchers have proposed many parallel
metrics. Execution time is the time interval between the beginning of parallel computation and the time
since the last processing elements finishes execution. Another parallel metric is Speedup. Speedup is
defined as the ratio of the time taken to execute a problem on a single processor to the time required to
solve the same problem on a parallel computers with p identical processing elements. Amdahl and
Gustafson [1] have proposed a Law for Speedup metric. The formulation for speed up using Amdahl’s law
are based on fixed problem size and speed up drops very rapidly with the increase in sequential fraction.
So fixed load acts as deterrent in achieving the scalability in performance.
John Gustafson [1] proposed a fixed law using time concept to scale the speed up model and
remove the fixed load restriction. This law states that problem size scales with the number of processors
and idea is to keep all processors busy by increasing the problem size. Other variants of speedup are
Relative speedup [6][7][8], Real speedup [3][5], Absolute speedup [6][7][8] and Asymptotic relative
speedup [4].
Sun and Ni [6][8] have generalized Gustafson’s scaled speedup to fixed-time relative speedup
and proposed another speedup model called memory-bounded relative speedup. In memory constrained
sealing, the problem is made to fit in the available memory.
Sun and Gustafson [7] proposed two new speedup measures; one of them is generalized speedup
and other is sizeup. Generalized speedup is the ratio of parallel execution speed to sequential execution
speed. It has been observed that when cost factor is same for all kinds of work, Generalized speedup
equals relative speedup. In sizeup metric, the instance being solved is adjusted as for fixed-time speedup.
The sizeup is the ratio of the serial work represented by the adjusted instance to the serial work
represented by the unadjusted instance.



Another parallel metric is efficiency. This measure is very close to speedup. It is the ratio of
speedup to the number of processors P. Depending on the variety of speedup used; one gets a different
variety of efficiency. Carmona and Rice [2] define efficiency as the ratio of work accomplished (wa) by a
parallel algorithm and the work expended (we) by the algorithm. Here work accomplished (wa) by the
parallel algorithm is the work that is being done/performed by the “best” serial algorithm and work
expended (we) is the product of the parallel execution time, the speed (S) of an individual parallel
processor and the number P of processors. Also there is one another variant of efficiency known as
Incremental efficiency. It is an approach to look at change of the efficiency of the implementation as the
number of processors increases. The Incremental efficiency metric [11] looks at the ratio of the successive
efficiencies for different number of processors, a quantity that tends to unity in the limit.
Another performance measure is scalability. Scalability refers to the change in the performance of
the parallel system as the problem size and machine size increases. Intuitively, a parallel system is
scalable if its performance continues to improve as we scale the size of the system.
Kumar, Nageshwara and Ramesh [10] proposed a scalability measure based on efficiency. In this
scalability, or isoefficiency, of a parallel system is defined to be the rate at which workload must increase
relative to the rate at which the number of processors is increased so that the efficiency remains the same.
Isoefficiency is generally a function of the instance and number of processors in the parallel computer.
Depending on the version of efficiency, different varieties of isoefficiency (e.g. real isoefficiency, absolute
isoefficiency and relative isoefficiency) can be obtained. Sun and Rover [9] proposed isospeed that uses
the average workload per processor needed to sustain a specified computational speed as a measure of
scalability.
Utilization is another measure for evaluating resource utilization and may be defined as ratio of
total usage time over the total available time of the resources (processors, memory). In addition to the
above metrics, some other general measures such as CPU time, and CPI (Clock cycles for instruction)
play important role in measuring the success of parallel implementation of problem.

4. PERFORMANCE EVALUATION TECHNIQUES
Performance evaluation can be defined as assigning quantitative values to the indices of the performance
of the system under study. Evaluating and analyzing parallel system is difficult due to the complex
interaction between application characteristics and architectural features. Performance evaluation
techniques can be classified into three categories; Experimental measurement, Theoretical/Analytical
modelling and Simulation. In this section all of these three techniques are discussed and compared with
each other on the basis of some parameters.
Four major parameters for selecting a technique for performance evaluation are:

a) Stage-this parameter examines which performance evaluation technique should be used at what stage
of system development life cycle.
b) Output statistics-this parameter examines the capabilities of the technique towards providing the
desirable metrics.
c) Accuracy-this factor evaluates the validity and reliability of the results obtained from the technique.
d) Cost/effort-this parameter investigates the cost and effort invested in each performance evaluation
strategy in context with computer and human resources.
Various other parameters for selecting a technique for performance evaluation are:
e) Resource consumption-this parameter examines the amount of resources consumed/required by a
particular performance evaluation technique.
f) Time consumption- this parameter examines the amount of time consumed/required by a particular
performance evaluation technique.
g) Tools required- this parameter examines the type of tools required for implementation of any particular
h) Trustability/Believability- this parameters reveals that how much one can trust on the results of a
particular performance evaluation technique.
i) Scalability complexity-this parameter examines the complexity involved in scaling a particular
j) Flexibility-this parameter examines the flexibility of a particular performance evaluation technique
towards adapting the modifications made to the model of evaluation technique and checking their effect.



4.1. Experimental Measurement
It is based on direct measurements of the system under study using a software, hardware or/and
hybrid monitor. It uses real or synthetic workloads and measures their performance on actual hardware. As
it uses the actual hardware and the related system software to conduct the evaluation, making it the most
realistic model from the architectural point of view. A monitor is a tool, which is used to observe the
activities on a system. In general, a monitor performs three tasks: data acquisition, data analysis, and
result output. The data recorded by a monitor include hardware related data, e.g. processor usage
throughout program run, message latency, and software data, e.g. process times, buffer usage, load
balancing overhead [12]. Traditionally, monitors are classified as software monitors, hardware monitors,
and hybrid monitors. Software monitors are made of programs that detect the states of a system or of sets
of instructions, called software probes, capable of event detection. Hardware monitors are electronic
devices to be connected to specific system points where they detect signals characterizing the phenomena
to be observed [13].
A hybrid monitor is a combination of software and hardware. Many examples of software monitors
can be found in the literature [14][15][16]. Examples of hardware monitors are COMTEN and SPM [17].
[18] describes the Paragon performance-monitoring environment that uses a hardware performance
monitoring board. And examples of hybrid monitors are Diamond [20] and HMS [19].
Each class of monitors has its own advantages and disadvantages. Selecting an appropriate
monitor involves various aspects, e.g., cost, overhead, accuracy, availability, information level, etc.. In
general, hardware monitors have received less attention than software monitors [15]. This has been shown
by the fact that the number of existing software monitors are far greater than that of hardware monitors.
[21] describes and compares software and hardware monitors in more detail. Application suites such as
the Perfect Club [22], the NAS Parallel Benchmarks [23], and the SPLASH application suite [24] have been
proposed for the evaluation of parallel machines.
Parameters under consideration
a) Stage- As Experimental measurement uses the actual hardware, so it cannot be used at the early stage
of system design. It can be only possible when the system design has been completed and a real system
is being available for evaluation. So experimental measurement is only possible when actual system under
study is available.
b) Output statistics-Experimental measurement can give the overall execution time of the application on
particular hardware platform. Conducting the evaluation with different problem sizes and number of
processors would thus helps to calculate metrics such as speedup, scaled speedup, sizeup, isoefficiency.
c) Accuracy- Experimental measurement uses real applications to conduct the evaluation on actual
machines giving accurate results. But external factors like external instrumentation and monitoring
intrusion can affect the accuracy of results.
d) Cost/Effort-Substantial costs are involved in developing the model for experimentation as experimental
technique uses the actual real system to give results. This cost is directly dependent on the complexity of
the application. Once the model for experimental measurement is developed, the cost for conducting the
actual evaluation, that is the execution time of the given application, may be very small. Modifications to the
application and hardware can thus be accommodated by the experimentation technique at a cost that is
totally dependent on the type and the amount of modifications. In other words scalability can be complexier
but it totally depends how much one wants to scale.
e) Resource consumption-This technique requires actual instruments, so resource consumption is high.
f) Time consumption- As experimentation requires actual system setup which consumes heavy amount of
time but once the system comes into reality, time required for results may be very less.
g) Tools required-Actual instruments are required here to evaluate any parallel application
h) Trustability/Believability-As it uses actual hardware so results given by it can be highly trustworthy. Here
results could be validated by atleast simulation or theoretical/analytical modelling.
i) Scalability complexity-Here complexity is totally dependent on the fact that how much scaling of the
system is required and this scaling requires time and money.
j) Flexibility-It is not highly flexible because it takes lot of time to change a particular experimental setup
and it takes lot of time to check the effect of this change.



4.2 Theoretical/Analytical Modelling
Performance evaluation of parallel systems is hard due to the several degrees of freedom that they
exhibit. Analytical and theoretical models try to abstract details of a system, in order to limit these degrees of
freedom to a tractable level. Such abstractions have been used for developing parallel algorithms and for
performance analysis of parallel systems.
Abstracting machine features by theoretical models like the PRAM [25][26] has facilitated algorithm
development and analysis. These models try to hide hardware details from the programmer, providing a
simplified view of the machine. The utility of such models towards developing efficient algorithms for actual
machines depends on the closeness of the model to the actual machine. Several machine models like Bulk
Parallel Random Access Machine (BPRAM)[29], Module Parallel Computer (MPC)[30], Valiant [28]
introduces the Bulk-Synchronous Parallel (BSP) model and LogP[27] have been proposed over the years
to bridge the gap between the theoretical abstractions and the hardware.
While theoretical models attempt to simplify hardware details, analytical models abstract both the
hardware and application details in a parallel system. Analytical models capture complex system features
by simple mathematical formulae, parameterized by a limited number of degrees of freedom that are
tractable. Such models have found more use in performance analysis than in algorithm development where
theoretical models are more widely used. As with experimentation, analytical models have been used to
evaluate overall system performance as well as the performance of specific system artifacts. Vrsalovic et al.
[31] develop an analytical model for predicting the performance of iterative algorithms on a simple
multiprocessor abstraction, and study the impact of the speed of processors, memory, and network on
overall performance.
Parameters under consideration-
a) Stage- Theoretical/Analytical modelling can be used at the early design phase of system development life
cycle, as it does not require any actual hardware for evaluation. These models try to hide hardware details
from the programmer, providing a simplified view of the machine and also behaviour of these models is very
close to that of actual machine.
b) Output statistics – Theoretical/Analytical models can directly present statistics for system overheads that
are modeled. The values for the hardware and the workload parameters can be plugged into the model
corresponding to the system overhead. With models available for each system overhead, overall execution
time and all other metrics can be calculated. The drawback is that each system overhead needs to be
modeled or ignored in calculating the execution time.
c) Accuracy- Theoretical/analytical models are useful in predicting system performance and scalability
trends as parameterized functions. However, the accuracy of the predicted trends depends on the
simplifying assumptions made about the hardware and the application details to keep the models tractable.
Theoretical models can use real applications as the workload, whereas analytical models represent the
workload using simple parameters and probability distributions. Thus the former has an advantage over the
latter in being able to estimate metrics of interest more accurately. But even for theoretical models, a static
analysis of application code, which is used to estimate the running time, can yield inaccurate results.
d) Cost/effort- Substantial effort is involved in the development of models for theoretical/analytical modelling.
Simple modifications to the application and hardware can be easily handled with these models by
changing the values for the corresponding parameters and re-calculating the results. But a significant
change in the hardware and application would demand a re-design of the input models, which can be
expensive.
e) Resource consumption-Not much resources are required to build models for theoretical/analytical
modelling.
f) Time consumption- Good amount of time is consumed for developing models of Theoretical/Analytical
modelling but once models have been developed it takes little time to get results.
g) Tools- It involves analyst and various analysis tools.
h) Trustability/Believability-This method involves assumptions that are being made while developing
models. So they are not much trustworthy until there results are validated by atleast simulation or
experimental measurement.



i) Scalability complexity-It takes time to scale these kind of models.
j) Flexibility-It is flexible as changes can be made to the models easily and effect of change can also be
checked easily.
4.3. Simulation
Simulation is a widely used technique in performance evaluation. It provides a powerful way to
predict performance before the system under study has not been implemented. It can also be used to
validate analytical models, as is done in [32][34]. There are a variety of simulations presented in the
literature: emulation, Monte Carlo simulation, trace-driven simulation, execution-driven simulation, and
discrete-event simulation.
An example of emulation is using one available processor (host processor) to emulate the
instruction set of another processor (target processor) that is not available or under design. This type of
simulation is sometimes called by some authors instruction-level simulation [35] or cycle-by-cycle
simulation. Programs written for the target processor are simulated by the simulator running on the host
processor to study the behavior of the programs if they were executed on the target processor.
Monte Carlo simulation is a static simulation where the simulated systems do not change their
characteristics with time. Computer systems are dynamic systems, and do not belong to this category.
A trace-driven simulation system consists of two components: an event generator (or trace
generator) and a simulator. The event generator produces a trace of execution events, mostly addresses,
which are used as input to the simulator. The simulator consumes the traced data and simulates the target
architecture to estimate the time token to perform each event on the architecture under study.
Discrete-event simulation is used to simulate systems that can be described using discrete event
models. Discrete-event simulation is very well suited for studying queueing systems.
Parameters under consideration-
a) Stage-Simulation can not be used at very early stage of system design because of the non-availability of
required system details at that point but as the design process goes on and more details about the system
are obtained, this technique becomes powerful tool at that point.
b) Output statistics-Simulation provides a convenient monitoring environment for observing details of parallel
system execution, allowing the user to accumulate a range of statistics about the application, the hardware,
and the interaction between the two. It can give the total execution time and all other metrics discussed
earlier.
c) Accuracy- The accuracy of results depends purely on the accuracy of input models. Execution-driven
simulation can faithfully simulate all the details of a real-world application. It is also possible to simulate all
the details of the hardware, though in many circumstances a level of abstraction may be chosen to give
moderately accurate results for the intended purposes. The accuracy of these abstractions may also be
validated by comparing the results with those obtained from a detailed simulation of the machine or an
experimental evaluation on the actual machine.
d) Cost/Effort- The main disadvantage associated with simulations is the cost and effort involved in
simulating the details of large parallel systems. With regard to modifiability, plugging in these values into the
model and re-simulating the system may handle a moderate change in hardware parameters. But such a re-
simulation, as we observed, is invariably costlier than a simple re-calculation that is needed for analytical
models, or experimentation on the actual machine. A significant change in the machine or application
details would also demand a re-implementation of the simulation model, but the cost of re-simulation is
again expected to dominate over the cost of re-implementation.
e) Resource Consumption-It requires small amount of resources as we are just simulating the parallel
environment, no actual instrumentation is being required.
f) Time consumption-Good amount of time is consumed for developing the simulation model. But once
model has been developed it takes little time to get results.
g) Tools-Simulation requires high level computer programming languages to build and develop the model.
h) Trustability/Believability-simulated model is just a replica of the final actual machine but results may little
bit vary as this is not an actual machine.
i) Scalability complexity-Simulated models are very easy scalable as it artificially simulates the actual
environment.



j) Flexibility-The main advantage of simulation is its flexibility. One can make various modifications to the
simulation model and check their effect easily.

5. NEED FOR INTEGRATED MODELLING OF PERFORMANCE EVALUATION
TECHNIQUES
Each performance evaluation technique has its own role to play in evaluating parallel systems. As shown
in TABLE 1 each technique has its own advantages and disadvantages. So effort can be made in
developing knowledge based integrated model, which combines the advantages of all the three
techniques.

Performance Evaluation Techniques
Characteristic Theoretical/Analytical Simulation Experimental
Modelling Measurement

a) Stage Any Any After prototype is available

b) Output It can give total execution time and It can also give total It can also give total
Statistics all other metrics discussed earlier execution time and all execution time and all other
other metrics discussed metrics discussed earlier
earlier

c) Accuracy Low Medium High

d) Cost/ Effort Low Medium High

e) Resource Small Medium High
Consumption

f) Time Consumption Small Medium High

g) Tools Analysts Computer Instruments
Programming
Languages

h) Trustability/ Low Medium High
Believability

i) Scalability Complexity Small Medium High

j) Flexibility High High Low

TABLE1: Showing comparison of performance evaluation techniques

This integrated model has the advantage that it benefits the realism and accuracy of experimentation in
evaluating large parallel systems, the convenience and power of theoretical/analytical models in predicting
the performance and scalability of the system as a function of system parameters and the accuracy of
detailed statistics provided by execution-driven simulation and avoid some of their drawbacks. Also we need
an integrated model that takes care of three rules of validation that says

• Do not trust the results of a Simulation model until they have been validated by at least
Theoretical/analytical model or Experimental measurements.



• Do not trust the results of a Theoretical/analytical model until they have been validated by at least
Simulation or Experimental measurements.
• Do not trust the results of a Experimental measurement model until they have been validated by at
least Simulation or Theoretical/analytical modelling.

6. PROPOSED INTEGRATED MODEL
This integrated model shown in Fig. 1 is going to use the power of stored performance knowledge base
systems. User applications are being fed to experimental measurement technique whose stored
performance knowledge base system is also attached with it as indicated in Fig. 1. Based on the user
application, the type of workload it is using (real or synthetic) and any other current data, a knowledge set

Stored performnace Knowledge
base system for Simulation

Knowledge Updation of knowledge base
Extraction

Simulation

Validation of
Kernels and Speedup and validation
simulation results
validation of simulation process

Refinement &Validation of
User Analytical models
Applications Experimental
Output/Results
measuremnt

validation

Knowledge
Extraction Theoretical/
Updation of Analytical models
knowledge base

Stored performance Knowledge base Knowledge Extraction
system forexperimental measurement

Updation of knowledge base

Stored performance Knowledge base
system for Theoretical/Analytical modelling

FIGURE 1: Diagram showing proposed integrated model for performance evaluation

can be extracted from this stored knowledge base system which will suggest which experimental
technique (software, hardware or hybrid) is best or optimal for the current user application. Also when
results are obtained after a particular technique is applied on user application, these results can in turn act
as knowledge. This valuable knowledge can be updated back into the knowledge base system and this
procedure of knowledge extraction and updation can be repeated. Stored Knowledge base systems can
also be attached with all other evaluation techniques (Simulation and Theoretical/Analytical modelling).
These stored knowledge base systems helps in choosing technique for evaluating current user
application. Same procedure of knowledge extraction and updation is also true for other measurement
techniques.

Experimental measurement can be used to implement real-life applications on actual machines, to
understand their behaviour and to extract interesting kernels that occur in them. These kernels are fed to
an execution-driven simulator, which faithfully and successfully models the dynamics of parallel system
interactions. The statistics that are drawn from simulation may be used to validate and refine existing



theoretical/analytical models, and to even develop new models. The validated and refined models can help
in abstracting details in the simulation model to enhance the speed of simulation.

The validity of such a simulation model can in turn be verified by comparing the simulation results
with those from an experimental evaluation on the actual hardware. Such a strategy combines advantages
of all three techniques, uses the power of stored knowledge base systems and avoids the shortcomings of
the individual evaluation techniques.

7. CONCLUSION
Performance evaluation as a discipline has repeatedly proved to be critical for design and successful use
of parallel systems. At the early stage of design, performance models can be used to project the system
scalability and evaluate design alternatives. At the production stage, performance evaluation method-
ologies can be used to detect bottlenecks and subsequently suggest ways to alleviate them. In this paper
three techniques of parallel system performance evaluation are reviewed and compared with each other
with the help of four major parameters Stage, Output statistics, Accuracy and Cost/Effort involved. Other
parameters involved in the selection of performance evaluation technique are Resource consumption,
Time consumption, Tools required, Trustability, Scalability Complexity and Flexibility.Each of the three
techniques has their own pros and cons. So an integrated model that uses the power of knowledge base
systems and combines advantages of all the three techniques is discussed.Issue like selecting an
appropriate metrics for performance evaluation is also discussed.

8.REFERENCES
[1]J.Gustafson, “Reevaluating Amdahl’s Law”, CACM, 31,5,532-533,1988.
[2]E.Caromona ,M.Rice, “Modelling the serial and parallel fractions of a parallel algorithm”,Journal of
Parallel and Distributed Computing,13,286-298,1991.
[3]J.JaJa, “ An introduction to parallel algorithms”,Addison Wesley,1992.
[4]D.Nussbam and A.Agrawal, “ Scalability of parallel machines”,CACM,34,3,57-61,1991.
[5]S.Ranka, S.Sahni, “Hypercube algorithms”,Springer-Verlag,New York,1990.
[6]X.Sun, L.Ni, “Another view on parallel speedup”,Proceedings Supercomputing 90,324-333,1990.
[7]X.Sun ,J.Gustafson, “Towards a better parallel performance metric”,Parallel Computing,17,1093-
1109,1991.
[8]X.Sun ,L.Ni, “ Scalable problems and memory-bouneded speedup”, Journal of Parallel and Distributed
Computing,19,27-37,1993.
[9]X.Sun ,D.Rover, “Scalability of parallel algorithm-machine combinations”,IEEE Transactions Of Parallel
and Distributed systems,5,6,599-613,1994.
[10]V.Kumar,V.Nageshwara and K.Ramesh, “Parallel depth first search on the ring architecture”,
Proc.1988 International Conference on Parallel Processing,Penn. State Univ. Press,128-132,1988.
[11]J.Worlton,“Toward a taxonomy of performance metrics”, Parallel Computing 17(10-11): 1073-1092
(1991) .
[12]Jelly, I. ,Gorton, I., “Software engineering for parallel systems”, Information and Software Technology,
vol. 36, no. 7, pp. 381-396, 1994.
[13]Ferrari, D., “Considerations on the insularity of performance evaluation”, Performance Evaluation
Review, vol. 14, no. 2, pp. 21-32, August 1986.
[14]Plattner, B. ,Nievergelt, J., “Monitoring program execution: A survey,” IEEE Computer, vol. 14, pp. 76-
93, November 1981.
[15]Power, L. R., “Design and use of a program execution analyzer,” IBM Systems Journal, vol. 22,no. 3,
pp. 271-294, 1983.
[16]Malony, A. D., Reed, D. A. ,Wijshoff, H. A. G., “Performance measurement intrusion and perturbation
analysis,” IEEE Transactions on Parallel and Distrubuted Systems, vol. 3, no. 4, pp. 443-450, July 1992.
[17]Ibbett, R., “The hardware monitoring of a high performance processor,” in: Benwell, N. (ed), Computer
Performance Evaluation, Cranfield Institute of Technology, UK, pp. 274-292, December 1978.
[18]Ries, B., Anderson, R., Auld, W., Breazeal, D., Callaghan, K., Richards, E. and Smith, W., “The
Paragon performance monitoring environment,” Proceedings of the conference on
Supercomputing’93, pp. 850-859, 1993.



[19]Hadsell, R. W., Keinzle, M. G. and Milliken, K. R., “The hybrid monitor system,” Technical Report
RC9339, IBM Thomas J. Watson Research Center, New York, 1983.
[20]Hughes, J. H., “Diamond ¾ A digital analyzer and monitoring device,” Performance Evaluation Review,
vol. 9, no. 2, pp. 27-34, 1980.
[21]Jain, R., The Art of Computer Systems Performance Analysis: Techniques for Experimental Design,
Measurement, Simulation, and Modeling, John Wiley & Sons, New York, 1991.
[22]M.Berryetal. The Perfect Club Benchmarks: Effective Performance Evaluation of Supercomputers.
International Journal of Supercomputer Applications, 3(3):5–40, 1989.
[23]D. Bailey et al. The NAS Parallel Benchmarks. International Journal of Supercomputer Applications,
5(3):63–73, 1991.
[24]J. P. Singh, W-D. Weber, and A. Gupta. SPLASH: Stanford Parallel Applications for Shared-Memory.
Technical Report CSL-TR-91-469, Computer Systems Laboratory, Stanford University, 1991.
[25] S. Fortune and J. Wyllie. Parallelism in random access machines. In Proceedings of the 10th Annual
Symposium on Theory of Computing, pages 114–118, 1978.
[26]P. B. Gibbons. A More Practical PRAM Model. In Proceedings of the First Annual ACM Symposium on
Parallel Algorithms and Architectures, pages 158–168, 1989.
[27]D. Culler et al.”LogP: Towards a realistic model of parallel computation”In Proceedings of the 4th ACM
SIGPLAN Symposium on Principles and Practice of Parallel Programming, pages 1–12, May 1993.
[28]L. G. Valiant. “A Bridging Model for Parallel Computation” Communications of the ACM, 33(8):103–111,
August 1990.
[29]A. Aggarwal, A. K. Chandra, and M. Snir “ On Communication Latency in PRAM Computations” In
Proceedings of the First Annual ACM Symposium on Parallel Algorithms and Architectures, pages 11–21,
1989.
[30]H. Alt, T. Hagerup, K. Mehlhorn, F. P. Preparata “ Deterministic Simulation of Idealized Parallel
Computers on More Realistic Ones” SIAM Journal of Computing, 16(5):808–835, 1987.
[31] D. F. Vrsalovic, D. P. Siewiorek, Z. Z. Segall, and E. Gehringer “Performance Prediction and
Calibration for a Class of Multiprocessors” IEEE Transactions on Computer Systems, 37(11):1353–1365,
November 1988.
[32]Agarwal, A., “Performance tradeoffs in multithreaded processors,” IEEE Transactions on Parallel and
distributed Systems, vol. 3, no. 5, pp. 525-539, September 1992.
[33]Menasce, D. A. ,Barroso, L. A., “A methodology for performance evaluation of parallel applications on
multiprocessors,” Journal of Parallel and Distributed Computing, vol. 14, pp. 1-14,1992.
[35]Covington, R. G., Dwarkadas, S., Jump, J. R., Sinclair, J. B. ,Madala, S., “The efficient simulation of
parallel computer systems,” International Journal in Computer Simulation, vol. 1, pp.31-58, 1991.


Sairam Kulkarni, Debasish Jena, and Sanjay Kumar Jena

A Novel Secure Key Agreement Protocol using Trusted Third
Party

Sairam Kulkarni kulkarnisairam@gmail.com
Department of Computer Science & Engg.
National Institute of Technology Rourkela
Rourkela, 769008, India

Debasish Jena debasishjena@hotmail.com
Assistant Professor
Centre for IT Education
Biju Patnaik University of Technology
Bhubaneswar, 751010, India

Sanjay Kumar Jena skjena@nitrkl.ac.in
Professor
Department of Computer Science & Engg.
National Institute of Technology Rourkela
Rourkela, 769008, India

Abstract

In the past, several key agreement protocols are proposed on password based
mechanism. These protocols are vulnerable to dictionary attacks. Storing plain
text version of password on server is not secure always. In this paper we utilize
the service of a trusted third party, i.e., the Key Distribution server (KDS) for key
agreement between the hosts. Now-a-days in large working environments two
party key agreement protocols are being rarely used. In this proposed scheme,
instead of storing plain text version of password we store one way hash of the
password at the server. Every host and server agree upon family of commutative
one-way hash functions, using which host authentication is done when a host
applies for session key with KDS. Host establishes one time key with server
using which server authentication is done. Due to this man-in-the middle attacks
are defeated. The proposed protocol is based on Difﬁe-Hellman key exchange
protocol.

Keywords: Key Agreement, Diffie-Hellman, Online guessing attacks, Dictionary attacks.

1. INTRODUCTION
The main goal of cryptography is to enable secure communication in a hostile environment. Two
parties Pi and Pj , want to safely communicate over a network occupied by an active adversary.
Usually, Pi and Pj will want to ensure the privacy and authenticity of the data they send to each
other. They will encrypt and authenticate their transmissions. But before Pi and Pj can use
these tools they will need to have keys. Indeed, without keys, cryptography simply cannot get off



the ground. Key agreement is one of the fundamental cryptographic primitive after encryption and
digital signature. Such protocols allow two or more parties to exchange information among
themselves over an adversarially controlled insecure network and agree upon a common session
key, which may be used for later secure communication among the parties. Thus, secure key
agreement protocols serve as basic building block for constructing secure, complex, higher-level
protocols. Key establishment may be broadly subdivided into key transport and key agreement.

Secret communications with secret keys implies that only trusted parties should have copies of
the secret key. Although secret keys can assure us of confidentiality, authentication of users, and
message integrity, in a global world we must be able to securely distribute keys at a distance in a
timely manner [1].

If security is to be maintained, key distribution must be as solid as the cryptographic method and
must be able to ensure that only trusted parties have copies of the keys [2]. Obviously, key
distribution is a significant problem. Key establishment protocols involving authentication typically
require a set-up phase whereby authentic and possibly secret initial keying material is distributed.
Most protocols have as an objective the creation of distinct keys on each protocol execution. In
some cases, the initial keying material pre-defines fixed key which will result every time the
protocol is executed by a given pair or group of users. Systems involving such static keys are
insecure under known-key attacks.

Key pre-distribution schemes are key establishment protocols whereby the resulting established
keys are completely determined a priori by initial keying material. In contrast, dynamic key
establishment schemes are those whereby the key established by a Fixed pair (or group) of users
varies on subsequent executions. Dynamic key establishment is also referred to as session key
establishment. In this case the session keys are dynamic, and it is usually intended that the
protocols are immune to known-key attacks. Many key establishment protocols involve a
centralized or trusted party, for either or both initial system setup and on-line actions (i.e.,
involving real-time participation). This party is referred to by a variety of names depending on the
role played, including: trusted third party, trusted server, authentication server, key distribution
center (KDC), key translation center (KTC), and certification authority [3] [4].

It is generally desired that each party in a key establishment protocol be able to determine the
true identity of the other(s) which could possibly gain access to the resulting key, implying
preclusion of any unauthorized additional parties from deducing the same key. In this case, the
technique is said (informally) to provide secure key establishment. This requires both secrecy of
the key and identification of those parties with access to it [5].

In a secure system, passwords can be easily guessed if user chooses their own password in
plain text [6]. Storing plain text version of password on server is not secure. This weakness exists
in practically all widely used systems. The proposed protocol is secure against dictionary attacks
as we use one time keys with server. This protocol is also secure against malicious insider
attacks, where a host misuses the information in one protocol run to another. Proposed protocol
also provides perfect forward secrecy i.e. even if one key is disclosed future session keys will not
be disclosed. As we don’t use any Public Key Infrastructure (PKI), large computational power is
not required. Since this is a third-party key agreement protocol every host need not share secret
information with other host.

In this paper in Section 2, we review short comings of existing protocols. In section 3 we discuss
our new third-party Key Agreement Protocol. Formal security analysis of proposed protocol is
done in Section 4. Finally concluding remarks is done in Section 5.



2. RELATED WORK
DH-BPAKE [7] is a two party key agreement protocol based on Diffie-Hellman [8] and Encrypted
key exchange protocols which were proposed by Strangio [9]. This protocol is not suitable for
large networks where we cannot assume that every party shares a secret (password) with every
other party. Simple Authenticated Key Agreement (SAKA) protocol proposed by Her-Tyan Yeh et
al. [10] is also a two party key agreement protocol which is based on password based
authentication and Diffie-Hellman key agreement. User authentication is one of the most
important security services in secure communications. It is necessary to verify the identities of the
communicating parties before they start a new connection. Password-based mechanism is the
most widely used method for user authentication since it allows people to choose and remember
their own password without any assistant device. This protocol is simple and cost effective, but is
being rarely used in large networks.

STW protocol is a three party Encrypted key exchange protocol proposed by Steiner et al. [11].
Since this is a three party key agreement protocol, both the hosts share a secret key only with
trusted third party. Ding et al [12] have proved that this protocol is vulnerable to undetectable
online guessing attacks. According to Lin C.L. et al [13], this protocol is also vulnerable to offline
guessing attacks. An attacker attempts to use a guessed password in an online transaction. Host
verifies the correctness of his guess using responses from server. If his guess fails he must start
a new transaction with server using another guessed password. A failed guess can not be
detected and logged by server, as server is not able to depart an honest request from a malicious
request. In off-line guessing attacks an attacker guesses a password and veriﬁes his guess off-
line. No participation of server is required, so server does not notice the attack. If his guess fails,
the attacker tries again with another password, until he finds the proper one. Among these
classes of attacks, the off-line password guessing attack is the most comfortable and promising
one for an attacker. It is not noticeable and has no communication cost. Storing a plain text
version of the shared password at the server is a constraint that cannot (or ought not) always be
met. In particular, consider the problem of a user logging in to a computer that does not rely on a
secure key server for authentication. It is inadvisable for most hosts to store passwords in either
plain form or in a reversibly encrypted form.

LSH 3-PEKE protocol was proposed by Chun-Li Lin et al [13]. This protocol is secure against
both the offline guessing attack and undetectable on-line guessing attacks but also satisfies the
security properties of perfect forward secrecy. The most important requirement to prevent
undetectable on-line guessing attacks is to provide authentication of host to server. In the STW 3-
PEKE, there is no verifiable information for server to authenticate host. On the contrary, if there is
any verifiable information for server combined with password will result in offline guessing
attacks. LSH 3-PEKE uses server public keys for this purpose. But this is not a satisfactory
solution all the times and is impractical for some environments. Communication parties have to
obtain and verify the public key of the server, a task which puts a high burden on the user. In fact,
key distribution services without public-keys are quite often superior in practice than PKI.

3. PROPOSED 3-PARTY KEY AGREEMENT PROTOCOL
Our proposed protocol withstands all online [12] and offline guessing attacks [13], and does not
makes use of PKI. Every host and server agree upon family of commutative one-way hash
functions using which host authentication is done when it applies for session key. Host
establishes one time key with server using which server authentication is done. Rather than
storing a plain text version of password we store one way hash of password at server. A one-way
function is a function f such that for each x in the domain of f , it is easy to
compute y = f (x) , but it is computationally infeasible to find any x given f (x) .

3.1 Notations
In this paper, we use the following notations



A, B Full principal names
S Trusted Third Party
EK ( X ) Encryption of plaintext block X under key K
DK ( X ) Decryption of plaintext block X under key K
K AB A and B share Key K
H K AB ( X ) One way hash of X using key KAB
N AB Nonce generated by A and received by B
PA Password of A
H ( PA ) One way hash of password of A
g Generator of cyclic group
P Large prime number
A →B M A sends message “M” to B

3.2 Proposed Protocol
In this subsection, we describe the steps involved in detail.

i. A chooses a random number ra and generates RA = g ra (mod p ) then encrypts RA
with H ( PA ) . After calculating the values sends it to server along with IDs of participating
entities.
A→S IDA , IDB , H ( PA )[ RA ]

ii. After receiving the values sent by A, server S decrypts the packet to get RA by
previously distributed one way hash of password of A. server randomly chooses rs1
and rs 2 and computes ephemeral key with A as follows
K AS = ( RA ) rs1 (mod p ) = ( g ra ) rs1 mod p
rs1 rs 2
S generates g (mod p ) and g (mod p ) and encrypts with H ( PA ) and H ( PB )
respectively. Using these quantities server establishes ephemeral keys with A and B
respectively and server authentication is done. S sends the values to A
S→A H ( PA )( g rs1 mod p ), H ( PB )( g rs 2 mod p )

iii. A decrypts this packet with H ( PA ) to get g rs1 (mod p ) and establishes ephemeral key
rs1 ra
with S as K AS = ( g ) mod p .A calculates one way function FA ( PA , K AS ) using
which server authenticates A, since only A knows PA it can compute this function. As this
is a commutative one way hash function [14], server need not know host password to
evaluate this function. Using one way hash of host password server can calculate
predicate function and authenticate host. A sends the following values to B
A→B FA ( PA , K AS ), H ( PB )( g rs 2 mod p )

iv. H ( PB ) to get ( g rs 2 mod p ) .B chooses
After receiving the values B decrypts it with
rb
randomly rb and generates RB = g (mod p ) .Then computes ephemeral key for
rs 2 rb
authenticating server as K BS = ( g ) mod p . B calculates one way



function FB ( PB , K BS ) , using which server authenticates B. Password of B and ephemeral
session key K BS are seeds for this function. Since only B knows PB it can compute this
function and sends the values to S.
B→S FA ( PA , K AS ), FB ( PB , K BS ), H ( PB )[ RB ]

v. server decrypts it with H ( PB ) to get RB and computes ephemeral key
rb rs 2
K BS = ( g ) mod p . For authentication of A and B server evaluates one way
functions FA (...), FB (...) . server need not know host passwords to evaluate these
functions. Using one way hash of host password it can evaluate this function as it is a
commutative one way hash function. If it results into true then it confirms that host is
genuine. It defines a predicate as T ( H ( P ), F ( P, K ), K ) . This evaluates to true if and
only if the genuine password P was used to create both H ( P ) and F ( P, K ) . K can be
K AS , K BS for A and B respectively. S encrypts RB and RA with K AS , K BS respectively
and computes one way hash function H K AS ( RA , RB ) using K AS (one time key shared
between A and server). Using this host A authenticates the server. Similarly S computes
one way hash function H K BS ( RA , RB ) using K BS (one time key shared between B and
server) and authenticates B and sends the values to B.
S→B E K AS ( RB ), E K BS ( R A ), H K AS ( R A , RB ), H K BS ( RA , RB )

vi. After receiving this B decrypts E K BS ( RA ) with K BS and gets RA . Since K BS is shared
between server and B, it ensures B that RA value is from authentic source. B computes
one way hash H K BS ( RA , RB ) using K BS as key and authenticates server. B computes
session key with A as K AB = ( RA ) rb (mod p ) . B computes a one way hash H K AB ( N AB )
using K AB and N AB as seeds, where N AB is a random number. This one way hash is
used for key confirmation (assures that both parties posses same session key). Since
N AB is transmitted in plain there is no need of decryption. One way hash suffices
decryption. After computing all the values it sends to A.
B→A EK AS ( RB ), H K AS ( RA , RB ), H K AB ( N AB ), N AB

vii. A decrypts EK AS ( RB ) using K AS to get RB . Since K AS is shared between server and
A, it ensures A that RB value is from authentic source. A computes session key with B as
K AB = ( RB ) ra (mod p ) .Using K AB and N AB A computes one way hash H K AB ( N AB )
and verifies that B posses same key ( K AB ) as A. Using K AB , A once again calculates
one way hash H K AB ( H K AB ( N AB )) and sends to B.
A→B H K AB ( H K AB ( N AB ))

viii. Finally, after receiving this B computes this one way hash using K AB and verifies that A
posses same session key ( K AB ) as B.

The detail is explained in Fig-1.



FIGURE 1: Proposed Protocol.

3.3 Commutative one way hash functions
Both host and server agree upon family of commutative one-way hash functions
{H 0 , H1 , H 2 .......H N } [14]. Let H (P) be defined as H 0 ( P ) , a member of a family of
Commutative one way hash functions. Host A calculates one way hash of its password
h
as H 0 ( PA ) = ( PA ) 0 (mod p ) , where h0 is a random number. We assume that one way hash of
password H 0 ( P ) of every host is distributed to server. Since one way hash is irreversible
nobody can compute P from H 0 ( P ) . Host A calculates its one way function as
K AS
FA ( PA , K AS ) = H K AS ( PA ) = ( PA )(mod p ) and sends to server. Server Knows only one way
hash of password PA i.e. H 0 ( PA ) using which it calculates predicate function of A as
h0 K AS
H K AS ( H 0 ( PA )) = ( PA ) K AS (mod p ) . Server computes H 0 ( H K AS ( PA )) = ( PA ) h0 (mod p ) .
K AS
Here H K AS ( PA ) = ( PA )(mod p ) is sent by the host. Now server checks H K AS ( H 0 ( PA ))
equals H 0 ( H K AS ( PA )) or not. If these two are equal it confirms server that host is genuine. Much
better implementation of commutative one way hash functions can be found.

4. SECURITY ANALYSES
In this section, we provide formal security analysis of our protocol. Hosts are not forced to store
plain text version of password at server as a result this protocol is not vulnerable to password file
compromise attacks [14]. Though H ( P ) is compromised there is no way to recover P from
H ( P ) . Even H ( P ) is compromised no body can mimic the host to server as only genuine host
can compute one way function- FA (...), FB (...) etc. Because only host knows password, which is
seed for this function. This protocol provides host authentication and server authentication as a
result man-in-the middle attacks are averted. Server authentication is done through one time keys
it defeats malicious insider attacks [15]. This is a type of attack where a genuine host turns out to
be hostile in subsequent protocol run and misuses the information that it has already acquired in
previous protocol run.



Online guessing attacks are not possible since RA , RB are encrypted with one time keys.
Dictionary attacks and offline guessing attacks are not possible since there is no verifiable
information present in the protocol run to verify attacker’s guess. This protocol also provides
perfect forward key secrecy. It also provides Key non-disclosure, Key integrity, and Key
confirmation. We use one way hash functions for authentication and key confirmation as
conventional encryption and decryption makes protocol design messy [15]. One way hash
function suffices decryption. N AB in last step multiplies key space to be searched in case of brute
force attack. To guard further against dictionary attacks one way function- FA (...), FB (...) may be
encrypted with K AS , K BS respectively. Even if H (P) is compromised it is equivalent to breaking
Diffie-Hellman protocol [8]. Since RA , RB are encrypted with H ( PA ) and H ( PB ) respectively
this averts identity mis-binding attacks.

5. CONCLUSION
We propose a three party protocol secure against online and dictionary attacks. It provides host
and server authentication. Hosts are not forced to store plain text version of password at server.
Proposed protocol does not make use of any public key infrastructure. Instead of commutative
one way hash functions digital signatures can also be used for host authentication purpose.

6. ACKNOWLEDGMENT
This research was supported by Department of Communication and Information Technology,
Government of India under Information Security Education and Awareness Project and being
carried out at department of Computer Science and Engineering, NIT Rourkela, INDIA.

7. REFERENCES

1. Menezes A.,Oorschot P. van and Vanstone S. "Handbook of Applied Cryptography”, CRC
Press, (1996)
2. Schneier Bruce. “Applied Cryptography: Protocols and Algorithms”, John Wiley and Sons,
(1994)
3. Stallings Williams. “Cryptography and Network Security”, 3rd Edition, Pearson Educa- tion,
(2004)
4. Mel H.X.,Baker Doris.M. and Burnett Steve. “Cryptography Decrypted”, Addison- Wesley,
(2004)
5. Bellare Mihir, Rogaway Phillip. "Provably Secure Session Key Distribution-The Three Party
Case". In Proceedings of the 27th annual ACM symposium on Theory of computing STOC
'95, ACM Press, May 1995
6. L. Gong, M. A. Lomas, R. M. Needham, and J. H. Saltzer, “Protecting Poorly Chose Secrets
From Guessing Attacks”. SELECTED AREAS IN COMMUNICATIONS, vol. 11, no. 5, pp.
648–656, June 1993
7. M. Strangio, “An Optimal Round Two-Party Password-Authenticated Key Agreement
Protocol”. In The First International Conference on Availability, Reliability and Security, p. 8,
April 2006
8. W. Diffie and M. Hellman, “New Directions In Cryptography”. IEEE Transactions on
Information Theory IT-11, pp. 644–654, November 1976
9. S. Bellovin and M. Merritt, “Encrypted Key Exchange: Password Based Protocols Secure
Against Dictionary Attacks”. In Proceedings IEEE Symposium on Research in Security and
Privacy, pp. 72–84, 1992



10. Y. Her-Tyan and S. Hung-Min, “Simple Authenticated Key Agreement Protocol Resistant To
Password Guessing Attacks”, ACM SIGOPS Operating Systems Review, vol. 36, no. 4, pp.
14–22, October 2002
11. M. Steiner, G. Tsudik, and M. Waidner, “Refinement And Extension Of Encrypted Key
Exchange”. ACM Operating System Review, vol. 29, no. 3, pp. 22–30, 1995
12. Y. Ding and P. Horster, “Undetectable On-Line Password Guessing Attacks”. ACM Operating
System Review, vol. 29, no. 4, pp. 77–86, October1995
13. C. L. Lin, H. M. Sun, and Hwang, “Three-Party Encrypted Key Exchange: Attacks And A
Solution”. ACM Operating System Review, vol. 34, no. 4, pp. 12–20, October 2000
14. S. Bellovin and M. Merritt, “Augmented Encrypted Key Exchange: A Password Based
Protocols Secure Against Dictionary Attacks And Password File Compromise”. In 1st ACM
Conf. on Computer and Communications Security. ACM Press, pp. 244–250, December
1993
15. T. Gene and H. Van, “On Simple and Secure Key Distribution”. In Proceedings of the 1st
ACM conference on Computer and communications security CCS 93. ACM Press, pp. 49–57,
December 1993s



Active Contours without Edges and Curvature Analysis for
Endoscopic Image Classification

B. V. Dhandra dhandra_b_v@yahoo.co.in
Dept. of Computer Science
Gulbarga University
Gulbarga - 585106, INDIA.

Ravindra Hegadi ravindrahegadi@rediffmail.com
Dept. of Computer Science
Gulbarga University
Gulbarga - 585106, INDIA.

Abstract

Endoscopic images do not contain sharp edges to segment using the traditional
segmentation methods for obtaining edges. Therefore, the active contours or
‘snakes’ using level set method with the energy minimization algorithm is
adopted here to segment these images. The results obtained from the above
segmentation process will be number of segmented regions. The boundary of
each region is considered as a curve for further processing. The curvature for
each point of this curve is computed considering the support region of each point.
The possible presence of abnormality is identified, when curvature of the contour
segment between two zero crossings has the opposite curvature signs to those
of such neighboring contour segments on the same edge contours. The K-
nearest neighbor classifier is used to classify the images as normal or abnormal.
The experiment based on the proposed method is carried out on 50 normal and
50 abnormal endoscopic images and the results are encouraging.

Keywords: Active Contours, Curvature, Endoscopy, Jacobi method, Level sets.

1. INTRODUCTION
Endoscopy provides images better than that of the other tests, and in many cases endoscopy is
superior to the other imaging techniques such as traditional x-rays. A physician may use an
endoscopy as a tool for diagnosing the possible disorders in the digestive tract. Symptoms that
may indicate the need for an endoscopy include swallowing difficulties, nausea, vomiting, reflux,
bleeding, indigestion, abdominal pain, chest pain and a change in bowel habits. In the
conventional approach for the diagnosis of endoscopic images the visual interpretation by the
physician is employed. The process of computerized visualization, interpretation and analysis of
endoscopic images will assist the physician for fast identification of the abnormality in the images
[1]. In this direction research works are being carried out for classifying the abnormal endoscopic
images based on their properties like color, texture, structural relationships between the image
pixels, etc. The method proposed by P.Wang et.al.[2] classifies the endoscopic images based on
texture and neural network, where as the analysis of curvature for the edges obtained from the
endoscopic images is proposed by Krishnan et.al.[3]. Hiremath et.al.[4] proposed a method to
detect the possible presence of abnormality using color segmentation of the images based on 3σ-



interval [5] for obtaining edges followed by curvature analysis. The watershed segmentation
approach for classifying abnormal endoscopic images is proposed by Dhandra et.al.[6]. In this
paper the active contours using the level set method with energy minimization approach, which is
also known as active contours without edges proposed by chan et.al [7] is adopted for the
segmentation of the endoscopic images followed by the curvature computation of the boundary of
each obtained region. The zero crossings of the curvature plot for each edge are obtained for
further analysis. In the following section we shall discuss the mathematical formulation for level
set method and active contours without edges. In Section 3 the curvature analysis is discussed.
In Section 4 the K nearest neighborhood classification is discussed. The experimental results are
analyzed in Section 5.

2. METHODS
2.1 Mathematical formulations for Level Set Method
2
Let be a bounded open subset of R , with ∂ as its boundary. Then a two dimensional image
u0 can be defined as u0 : → R. In this case is just a fixed rectangular grid. Now consider the
evolving curve C in , as the boundary of an open subset ω of . In other words, ω ⊆ Ω , and C
is the boundary of ω (C =∂ω). The main idea is to embed this propagating curve as the zero level
set of a higher dimensional function φ . We define the function as follows:

φ(x,y,t = 0 ) = ± d (1)

where d is the distance from (x, y) to ∂ω at t = 0, and the plus (minus) sign is chosen if the point
(x, y) is outside (inside) the subset ω.

Now, the goal is to obtain an equation for the evolution of the curve. Evolving the curve in the
direction of its normal amounts to solving the partial differential equation [8]:

∂φ
= F ∇φ , φ(x,y,t = 0 ) = φ 0 ( x, y ) ,
∂t

where the set {(x,y ), φ 0 ( x, y ) = 0} defines the initial contour, and F is the speed of propagation.
For certain forms of the speed function, F, the above equation reduces to a standard Hamilton-
Jacobi equation. There are several major advantages to this formulation. The first one is that
φ(x,y,t ) always remains a function as long as F is smooth. As the surface φ evolves, the curve
C may break, merge, and change topology. Second advantage is that geometric properties of the
curve are easily determined from a particular level set of the surface φ . For example, the normal
vector for any point on the curve C is given by:
ρ
n = ∇φ

and curvature K is obtained from the divergence of the gradient of unit normal vector to the front:

2 2
 ∇φ  φ xxφ y − 2φ xφ yφ xy + φ yyφ x
K = div =
 ∇φ  φ 2 + φ 2 
32
   x
 y

The third advantage is that we are able to evolve curves in more than two dimensions. The above
formulae can easily be extended for higher dimensions. This is useful in propagating a curve to
segment large volume of data.



2.2 Active Contours using level set method without edges
The curve C can be considered as the boundary of the ω and the region ω can be denoted by
inside(C) and the region Ω ω by outside(C). The energy minimization approach proposed by
Chan et.al.[7] is adopted for segmentation is as follows:

FIGURE 1: All possible cases in position of the curve

Consider a simple case where the image u0 is formed by two regions of piecewise constant
intensity. Denote the intensity values by u 0 and u 1 . Further, assume that the object to be
0
0
1
detected has a region whose boundary is C0 and intensity u 0 . Then inside(C0), the intensity of u0
is approximately u 1 , whereas outside(C0) the intensity of u0 is approximately u 0 . Then consider
0
0

the fitting term:

2 2
F1 (C ) + F2 (C ) = ∫inside ( c ) u 0 ( x, y ) − c1 dxdy + ∫outside ( c ) u 0 ( x, y ) − c 2 dxdy

where the constants c1 and c2 are the averages of u0 inside and outside the curve C respectively.

Consider Fig. 1. If the curve C is outside the object, then F1 (C ) > 0, F2 (C ) ≈ 0 . If the curve is
inside the object, then F1 (C ) ≈ 0, F2 (C ) > 0 . If the curve is both inside and outside the object,
then F1 (C ) > 0, F2 (C ) > 0 . However, if the curve C is exactly on our object boundary C0, then
F1 (C ) ≈ 0, F2 (C ) ≈ 0 , and our fitting term is minimized.

Some additional regularization terms of Mumford-Shah segmentation model [9] are considered
for effective energy minimization. Therefore we will also try to minimize the length of the curve
and the area of the region inside the curve. So we introduce the energy function E:

2
E (C , c1 , c 2 ) = µ ⋅ length(C ) + ν ⋅ Area (inside(C )) + λ1 ⋅ ∫inside ( c ) u 0 ( x, y ) − c1 dxdy
2
+ λ 2 ⋅ ∫outside ( c ) u 0 ( x, y ) − c 2 dxdy



where µ ≥ 0,ν ≥ 0, λ1 > 0, λ 2 > 0 are fixed parameters. Thus, the objective is to find C, c1, c2
such that E(C, c1, c2) is minimized. Mathematically, solve:

inf E (C , c1 , c 2 )
C , c1 , c 2

This problem can be formulated using level set method as follows. The evolving curve C can be
represented by the zero level set of the signed distance function φ as in (1). So we replace the
unknown variable C by φ . Now consider the Heaviside function H and Dirac measure δ:

H ( z) = 
1, if z ≥ 0 d
 0, if z < 0 , δ ( z) = H ( z)
 dz

We can rewrite the length of φ = 0 and the area of the region inside( φ = 0) using these functions.
The Heaviside function is positive inside our curve and zero elsewhere, so the area of the region
is just the integral of the Heaviside function of φ . The gradient of the Heaviside function defines
our curve, so integrating over this region gives the length of the curve. Mathematically:

Area(φ = 0) = ∫Ω H (φ ( x, y )) dxdy

Length(φ = 0) = ∫Ω ∇H (φ ( x, y )) dxdy = ∫Ω δ (φ ( x, y )) ∇φ ( x, y ) dxdy

Similarly, we can rewrite the previous energy equations so that they are defined over the entire
domain rather than separated into inside(C) = φ > 0 and outside(C) = φ < 0:

2 2
∫φ > 0 u 0 ( x, y ) − c1 dxdy = ∫Ω u 0 ( x, y ) − c1 H (φ ( x, y ))dxdy
2 2
∫φ < 0 u 0 ( x, y ) − c 2 dxdy = ∫Ω u 0 ( x, y ) − c 2 (1 − H (φ ( x, y )))dxdy

Therefore our energy function E(C,c1, φ ) can be written as:

E (C , c1 , c 2 ) = µ ∫Ω δ (φ ( x, y )) ∇φ ( x, y ) dxdy + ν ∫Ω H (φ ( x, y ))dxdy
+ λ1 ∫ u 0 ( x, y ) − c1 H (φ ( x, y ))dxdy
2
(2)
Ω
2
+ λ 2 ∫Ω u 0 ( x, y ) − c 2 (1 − H (φ ( x, y )))dxdy

The constants c1, c2 are the averages of u0 in φ ≥ 0 and φ < 0 respectively. So they are easily
computed as:

∫Ω u 0 ( x, y ) H (φ ( x, y ))dxdy
c1 (φ ) = (3)
∫Ω H (φ ( x, y ))dxdy
and



c 2 (φ ) =
∫
Ω
u 0 ( x, y )(1 − H (φ ( x, y )))dxdy
(4)
∫
Ω
(1 − H (φ ( x, y )))dxdy
Now we can deduce the Euler-Lagrange partial differential equation from (2). We parameterize
the descent direction by t ≥ 0 , so the equation φ ( x, y , t ) is:

∂φ   ∇φ  
= ∂(φ )µ div   −ν − λ1 (u 0 − c1 ) 2 + λ2 (u 0 − c2 ) 2  = 0 (5)
∂t  ∇φ 

   

In order to solve this partial differential equation, we first need to regularize H(z) and δ(z). Chan
and Vese [7] propose:

1 1 z
H ε ( z) = + arctan 
2 π ε 
Implying that δ(z) regularizes to:

1 ε
δ ε ( z) = ⋅
π ε + z2 2

It is easy to see that as ε → 0 , H ε (z ) converges to H(z) and δ ε (z ) converges to δ (z ) .
Authors claim that with these regularizations, the algorithm has the tendency to compute a global
minimizer. Chan and Vese [7] give the following discretization and linearization of (5):

  
φin+1 − φin, j  µ ∆x ⋅  ∆x+φin +1 
,j
( ) n
= δε φ  2 − 
i, j
,j

∆t


h
 ,
2
( ) , , (
 ∆x+φin j /(h 2) + φin j +1 − φin j −1 2 /(2h) 2 ) 

 
µ y  ∆y+ φin +1
,j 
+ 2 ∆− ⋅   (6)
h
 (+ − )
 φin 1, j − φin 1, j 2 /(2h) 2 + ∆y+φin j 2 /(h 2 ) 
, ( )
2 
( 2
) (
− ν − λ1 u 0,i , j − c1 (φ n ) + λ 2 u 0,i , j − c 2 (φ n )  )

n
where the forward differences of φi, j are calculated as:

∆x−φi , j = φi , j − φi −1, j , ∆x+φi , j = φi +1, j − φi , j ,
∆y−φi , j = φi , j − φi , j −1 , ∆y+φi , j = φi , j −1 − φi , j

This linear system also depends on the forward differences of φin+1 ,
,j which is an unknown.
However these can be solved using the Jacobi method [10]. In practice, the number of iterations
until convergence was found to be small. The segmentation algorithm is then given by:



1. Initialize φ 0 by φ 0 , n=0
2. For fixed number of iterations do
2.1 Compute c1 (φ n ) and c 2 (φ n ) using (3) and (4)
2.2 Estimate forward differences of φ n +1 using Jacobi method
2.3 Compute φ n +1 using (6)
3. End.

ALGORITHM 1: Energy minimization with Jacobi method.

3. CURVATURE COMPUTATION
The result of the method proposed in Section 2 will generate a number of regions. The boundary
of each region is considered for the curvature computation. Due to the discrete boundary
representation and quantization errors, false local concavities and convexities along a contour are
formed. This noisy nature of binary contours must be taken into account to obtain reliable
estimates of contour curvature. Hence, a Gaussian filter is used to smooth the contour points to
reduce the noise effect [11]. However, the width of Gaussian filter, w, that controls the degree of
smoothing has to be chosen suitably. A large value of w will remove all small details of the
contour curvature, while a small value will permit false concavities and convexities to remain in
the contour, thus enforcing an appropriate choice of w. To overcome this problem a support
region is employed which will dynamically determine the parameter of the Gaussian filter.

3.1 Determination of Support Region

FIGURE 2: Representation of Support Region.

The support region concept can be explained using the Fig. 2. The support region for each point
on the curve is the number of points obtained from the implementation of the Algorithm 2:

1. Determine the length of the chord joining the points Pi − k , Pi + k as
l i ,k = Pi − k Pi + k

2. Let di,k be the perpendicular distance from Pi, to the line joining
Pi − k Pi + k , start with k=1, compute li,k and di,k until one of the following
conditions hold:

a. li ,k ≥ l i ,k +1
d i, k d i , k +1
b. ≥ for d i ,k ≥ 0
l i, k l i ,k +1
3. Now, the region of support of Pi is the set of points satisfying either
condition (a) or condition (b), that is,



D ( Pi ) = {Pi − k ,......., Pi −1 , Pi , Pi +1, ......., Pi + k | condition (a ) or (b)}

ALGORITHM 2: Determination of support region

3.2 Gaussian Smoothing
2
A planar curve can be defined in parametric form as (x(t), y(t)) ∈ R , where t is the path length
along the curve. Smoothing is performed by the convolution of x(t) and y(t) with the Gaussian
filter. A one dimensional Gaussian filter is defined as
 −t 2 
1 


2w2 
η(t, w) = e
2πw2
where w is the width of the filter, which needs to be determined. The smoothed curve is denoted
by set of points (X(t,w), Y(t,w)), where,

x(t , w) = x(t ) ⊗ η (t , w) , y (t , w) = y (t ) ⊗ η (t , w)
where ⊗ denotes the convolution.

The measurement of the curvature of the point is based on the local properties within its region of
support, and the length of Gaussian smooth filter is proportional to the region of support [12]. This
implies that the neighboring points closer to the point of interest should have higher weights than
those points further away. This method is less sensitive to noise. The Gaussian filter applied here
will have the following window length and width [3]:

Window Len =2xSupp. Region D(Pi)+1,
Width w =Support Region D(Pi) / 3

Further, the curvature for each point on the curve is calculated in the following way.

3.3 Curvature Computation
For the continuous curve C, expressed by {x(s), y(s)}, where s is the arc length of the edge point,
the curvature can be expressed as:

x&− &
& xy
y &
& &
k ( s) = (7)
(x + y )
2
& & 2 32

&
where x = dx ds , &= d 2 x ds 2 , y = dy ds , &= d 2 y ds 2 .
&
x & &
y

For digital implementation, the coordinate functions x(s) and y(s) of the curvature are represented
by a set of equally spaced Cartesian grid samples. The derivatives in the equation (7) are
calculated by finite differences as:

xi = xi − xi −1 , & = xi −1 − 2 xi + xi +1 ,
& &
xi (8)
y i = yi − y i −1 , & = y i −1 − 2 y i + y i +1
& &
yi

The algorithm for curvature computation is presented below.

1. Determine edge contours in the input image using active contours
without edges.
2. Select a large edge contour for further processing.
3. Determine the support region for each contour point.
4. Smooth the contour by a Gaussian filter with the width proportional to
the support region.



5. Compute the curvature for each point on the Gaussian smoothed
curve using equation (7) and (8).

ALGORITHM 3: Curvature computation

In the process of curvature computation we come across with two special conditions for which the
alternate solutions need to be given. They are:

1. When the edge point is on a straight line, the curvature for that point is assigned to zero.
2. When the support region for an edge point is 1, this point will not be smoothed. So, the
smoothing on this point is performed using the following equation:

) ) 1 1
(x i, y i ) = ( x i , y i ) + [( x i −1 , y i −1 ) + ( x i +1 , y i +1 )]
2 4
) )
where, (x y ) is the smoothed point of (x , y ) .
i, i i i

4. K-NEAREST NEIGHBOR CLASSIFIER
The nearest neighbor and K-nearest neighbor classifiers are applied on two parameters namely
the number of regions obtained from the segmentation process and the total number of zero
crossings of curvature plot of every region edge to classify the images as either normal or
abnormal. Basically this classifier finds the closest training point to the unknown point and
predicts the category of that training point for this unknown point. The experiment is carried out by
varying the number of neighbors (K=3, 5, 7). Performance of the algorithm is optimal when K=3.

5. EXPERIMENTAL RESULTS
For the experimentation 50 normal and 50 abnormal endoscopic color images of size 128X128
pixels are chosen. The parameters are set to the values as: λ1 = λ 2 = 1 , h =1, and ∆t = 0.1 .
Varying the value of ν generally had little or no effect on the segmentation results. The ε
parameter for the regularized Heaviside and Dirac functions was set to 1 as suggested by Chan
2
and Vese [7]. The length parameter µ is fixed to a small value (i.e. µ ≈ 0.0001 ⋅ 255 ) .The
detection of possible presence of abnormality is performed by analyzing the curvature change
along boundary of each region, which is considered as a edge contour. The curvature of each
edge point on the edge contour is computed using the Algorithm 3. Two thresholds, cth and nth,
are used in the analysis. cth is the curvature threshold value, and nth is number of edge points in a
segment. Along the edge contour, if the absolute curvature of the point is bigger than cth, the point
counting starts until the absolute curvature value of the point is less than cth. If the point count is
bigger than nth, an edge segment is formed. The possible presence of abnormality in the image is
detected when the curvature of a segment has opposite sign to those of such neighboring
segments on the same edge contour. Also such a segment is bounded by two significant zero
crossings. The stages in the proposed method for the abnormal images and normal images are
shown in the Fig. 3 and 4 respectively. In these figures image [A] is abnormal endoscopic color
image, [B] shows regions obtained after the segmentation of images using active contours
without edges. Its binary image is shown in image [C]. A largest edge contour obtained is shown
in image [D]. Its curvature profile is shown in image [E]. In the abnormal image shown in Fig. 3,
the number of regions formed is 12, and the number of zero crossings obtained for a large edge
contour is 137, where as for the normal image shown in Fig. 4, the number of regions formed is 5,
and the number of zero crossings obtained for a large edge contour is 24. Fig. 5 and Fig. 6 show
the endoscopic images with their curvature plot for their largest edges. The original abnormal and
normal endoscopic images are shown in the first column and the corresponding curvature profile
for the largest edge segment is shown in the second column. From these figures, considerably



less number of zero crossings for the normal image edge curvatures can be observed as
opposed to the number of zero crossings of edge curvatures in the abnormal images.

FIGURE 3: The proposed method for Abnormal Image.

FIGURE 4: The proposed method for Normal Images.



FIGURE 5: Curvature profile for Abnormal Images.



FIGURE 6: Curvature profile for Normal Images.


International Journal of Computer Science and Security Volume (1) Issue (1)

International Journal of Computer Science and Security Volume (1) Issue (1)

Recommended

Recommended

More Related Content

What's hot

What's hot (17)

Similar to International Journal of Computer Science and Security Volume (1) Issue (1)

Similar to International Journal of Computer Science and Security Volume (1) Issue (1) (20)

International Journal of Computer Science and Security Volume (1) Issue (1)