The document proposes a novel distributed network architecture for enterprise network vulnerability assessment using CORBA. It discusses limitations of current vulnerability assessment solutions, such as inflexibility in distributing scanning tasks across multiple scanners. The proposed architecture would dynamically assign scanning tasks based on scanner availability to improve efficiency and reliability. It would also decrease the size of individual scanning tasks to speed up task reassignment in case of issues. The architecture follows CORBA standards to define interfaces for communication between distributed components for vulnerability detection and remediation across an enterprise network.
The purpose of this paper two fold. First and foremost it presents a background narrative on the origins, innovations and applications of novel structural automation technologies and the rarity of experts involved in research, development and practice of this field. The second part of this paper presents a rudimentary framework for a solution addressing this paucity – the creation of an interdisciplinary academic program at PAAET that will be the first ever in the region to address applied information communication technologies ICT in the design, planning, engineering and management of structural automation projects. In doing so, we need also to define the level of implementation. This field, as all fields in ICT, have been loosely defined and most applications carry less weight in its implementation than what should be applied. This paper gives an attempt to define an indexing scheme by which we can easily classify such implementation and generate a ranking by which we can safely define its level of ―Intelligence‖.International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...Editor IJCATR
Network Intrusion detection and Countermeasure Election in virtual network systems (NICE) are used to establish a
defense-in-depth intrusion detection framework. For better attack detection, NICE incorporates attack graph analytical procedures into
the intrusion detection processes. We must note that the design of NICE does not intend to improve any of the existing intrusion
detection algorithms; indeed, NICE employs a reconfigurable virtual networking approach to detect and counter the attempts to
compromise VMs, thus preventing zombie VMs. NICE includes two main phases: deploy a lightweight mirroring-based network
intrusion detection agent (NICE-A) on each cloud server to capture and analyze cloud traffic. A NICE-A periodically scans the virtual
system vulnerabilities within a cloud server to establish Scenario Attack Graph (SAGs), and then based on the severity of identified
vulnerability toward the collaborative attack goals, NICE will decide whether or not to put a VM in network inspection state. Once a
VM enters inspection state, Deep Packet Inspection (DPI) is applied, and/or virtual network reconfigurations can be deployed to the
inspecting VM to make the potential attack behaviors prominent.
Cloud computing challenges and solutionsIJCNCJournal
Cloud computing is an emerging area of computer technology that benefits form the processing power and
the computing resources of many connected, geographically distanced computers connected via Internet.
Cloud computing eliminates the need of having a complete infrastructure of hardware and software to meet
users requirements and applications. It can be thought of or considered as a complete or a partial
outsourcing of hardware and software resources. To access cloud applications, a good Internet connection
and a standard Internet browser are required. Cloud computing has its own drawback from the security
point of view; this paper aims to address most of these threats and their possible solutions.
The purpose of this paper two fold. First and foremost it presents a background narrative on the origins, innovations and applications of novel structural automation technologies and the rarity of experts involved in research, development and practice of this field. The second part of this paper presents a rudimentary framework for a solution addressing this paucity – the creation of an interdisciplinary academic program at PAAET that will be the first ever in the region to address applied information communication technologies ICT in the design, planning, engineering and management of structural automation projects. In doing so, we need also to define the level of implementation. This field, as all fields in ICT, have been loosely defined and most applications carry less weight in its implementation than what should be applied. This paper gives an attempt to define an indexing scheme by which we can easily classify such implementation and generate a ranking by which we can safely define its level of ―Intelligence‖.International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...Editor IJCATR
Network Intrusion detection and Countermeasure Election in virtual network systems (NICE) are used to establish a
defense-in-depth intrusion detection framework. For better attack detection, NICE incorporates attack graph analytical procedures into
the intrusion detection processes. We must note that the design of NICE does not intend to improve any of the existing intrusion
detection algorithms; indeed, NICE employs a reconfigurable virtual networking approach to detect and counter the attempts to
compromise VMs, thus preventing zombie VMs. NICE includes two main phases: deploy a lightweight mirroring-based network
intrusion detection agent (NICE-A) on each cloud server to capture and analyze cloud traffic. A NICE-A periodically scans the virtual
system vulnerabilities within a cloud server to establish Scenario Attack Graph (SAGs), and then based on the severity of identified
vulnerability toward the collaborative attack goals, NICE will decide whether or not to put a VM in network inspection state. Once a
VM enters inspection state, Deep Packet Inspection (DPI) is applied, and/or virtual network reconfigurations can be deployed to the
inspecting VM to make the potential attack behaviors prominent.
Cloud computing challenges and solutionsIJCNCJournal
Cloud computing is an emerging area of computer technology that benefits form the processing power and
the computing resources of many connected, geographically distanced computers connected via Internet.
Cloud computing eliminates the need of having a complete infrastructure of hardware and software to meet
users requirements and applications. It can be thought of or considered as a complete or a partial
outsourcing of hardware and software resources. To access cloud applications, a good Internet connection
and a standard Internet browser are required. Cloud computing has its own drawback from the security
point of view; this paper aims to address most of these threats and their possible solutions.
An Investigation of Fault Tolerance Techniques in Cloud Computingijtsrd
Cloud computing which is created on Internet has the most powerful architecture of computation that provides users with the capabilities of information technology as a service and allows them to have access to these services without having specialized information or controlling the infrastructure. Fault tolerance has. The main advantages of using fault tolerance that has all the necessary techniques to keep active power and reliability in cloud computing include failure recovery, lower costs, and improved performance criteria. In this paper, we will investigation of the different techniques that are used for fault tolerance on cloud computing. Ya Min | Khin Myat Nwe Win | Aye Mya Sandar "An Investigation of Fault Tolerance Techniques in Cloud Computing" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-5 , August 2019, URL: https://www.ijtsrd.com/papers/ijtsrd26611.pdfPaper URL: https://www.ijtsrd.com/computer-science/distributed-computing/26611/an-investigation-of-fault-tolerance-techniques-in-cloud-computing/ya-min
A Simplified Cost Efficient Distributed System architecture which relies on replication and recovery techniques using monitoring service, proxy service to handle service calls and a specialized server architecture which serves as both backup and standby service provider.
Covers security and privacy issues for software product developers including attacks and defenses, encryption, authentication, authorisation and data protection
RESILIENT VOTING MECHANISMS FOR MISSION SURVIVABILITY IN CYBERSPACE: COMBININ...IJNSA Journal
While information systems became ever more complex and the interdependence of these systems increased, mission-critical services should be survivable even in the presence of cyber attacks or internal failures. Node replication can be used to protect a mission-critical system against faults that may occur
naturally or be caused by malicious attackers. The overall reliability increases by the number of replicas. However, when the replicas are a perfect copy of each other, a successful attack or failure in any node can be instantaneously repeated in all the other nodes. Eventually, the service of those nodes will
discontinue, which may affect the system’s mission. Therefore, it becomes evident that there must be more survivable approach with diversity among the replicas in mission-critical systems. In particular, this research investigates the best binary voting mechanism among replicas. Furthermore, with experimental
results, we compare the simple majority mechanism with hierarchical decision process and discuss their trade-offs.
Norman Patch and
Remediation Advanced
provides:
• Rapid, accurate and secure
patch management
• Automated collection, analysis
and delivery of patches
• Security for your organization
from worms, trojans, viruses and other malicious threats
• Single consolidated solution
for heterogeneous environments
provides effective management
at a significantly reduced TCO
International Journal of Engineering and Science Invention (IJESI)inventionjournals
International Journal of Engineering and Science Invention (IJESI) is an international journal intended for professionals and researchers in all fields of computer science and electronics. IJESI publishes research articles and reviews within the whole field Engineering Science and Technology, new teaching methods, assessment, validation and the impact of new technologies and it will continue to provide information on the latest trends and developments in this ever-expanding subject. The publications of papers are selected through double peer reviewed to ensure originality, relevance, and readability. The articles published in our journal can be accessed online.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Key-exposure resistance has always been an important issue for in-depth cyber defence in many security applications. Recently, how to deal with the key exposure problem in the settings of cloud storage auditing has been proposed and studied. To address the challenge, existing solutions all require the client to update his secret keys in every time period, which may inevitably bring in new local burdens to the client, especially those with limited computation resources such as mobile phones. In this paper, we focus on how to make the key updates as transparent as possible for the client and propose a new paradigm called cloud storage auditing with verifiable outsourcing of key updates. In this paradigm, key updates can be safely outsourced to some authorized party, and thus the key-update burden on the client will be kept minimal. Specifically, we leverage the third party auditor (TPA) in many existing public auditing designs, let it play the role of authorized party in our case, and make it in charge of both the storage auditing and the secure key updates for key-exposure resistance. In our design, TPA only needs to hold an encrypted version of the client’s secret key, while doing all these burdensome tasks on behalf of the client. The client only needs to download the encrypted secret key from the TPA when uploading new files to cloud. Besides, our design also equips the client with capability to further verify the validity of the encrypted secret keys provided by TPA. All these salient features are carefully designed to make the whole auditing procedure with key exposure resistance as transparent as possible for the client. We formalize the definition and the security model of this paradigm. The security proof and the performance simulation show that our detailed design instantiations are secure and efficient.
Welcome to International Journal of Engineering Research and Development (IJERD)IJERD Editor
call for paper 2012, hard copy of journal, research paper publishing, where to publish research paper,
journal publishing, how to publish research paper, Call For research paper, international journal, publishing a paper, IJERD, journal of science and technology, how to get a research paper published, publishing a paper, publishing of journal, publishing of research paper, reserach and review articles, IJERD Journal, How to publish your research paper, publish research paper, open access engineering journal, Engineering journal, Mathemetics journal, Physics journal, Chemistry journal, Computer Engineering, Computer Science journal, how to submit your paper, peer reviw journal, indexed journal, reserach and review articles, engineering journal, www.ijerd.com, research journals,
yahoo journals, bing journals, International Journal of Engineering Research and Development, google journals, hard copy of journal
Welcome to International Journal of Engineering Research and Development (IJERD)IJERD Editor
call for paper 2012, hard copy of journal, research paper publishing, where to publish research paper,
journal publishing, how to publish research paper, Call For research paper, international journal, publishing a paper, IJERD, journal of science and technology, how to get a research paper published, publishing a paper, publishing of journal, publishing of research paper, reserach and review articles, IJERD Journal, How to publish your research paper, publish research paper, open access engineering journal, Engineering journal, Mathemetics journal, Physics journal, Chemistry journal, Computer Engineering, Computer Science journal, how to submit your paper, peer reviw journal, indexed journal, reserach and review articles, engineering journal, www.ijerd.com, research journals,
yahoo journals, bing journals, International Journal of Engineering Research and Development, google journals, hard copy of journal
An Investigation of Fault Tolerance Techniques in Cloud Computingijtsrd
Cloud computing which is created on Internet has the most powerful architecture of computation that provides users with the capabilities of information technology as a service and allows them to have access to these services without having specialized information or controlling the infrastructure. Fault tolerance has. The main advantages of using fault tolerance that has all the necessary techniques to keep active power and reliability in cloud computing include failure recovery, lower costs, and improved performance criteria. In this paper, we will investigation of the different techniques that are used for fault tolerance on cloud computing. Ya Min | Khin Myat Nwe Win | Aye Mya Sandar "An Investigation of Fault Tolerance Techniques in Cloud Computing" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-5 , August 2019, URL: https://www.ijtsrd.com/papers/ijtsrd26611.pdfPaper URL: https://www.ijtsrd.com/computer-science/distributed-computing/26611/an-investigation-of-fault-tolerance-techniques-in-cloud-computing/ya-min
A Simplified Cost Efficient Distributed System architecture which relies on replication and recovery techniques using monitoring service, proxy service to handle service calls and a specialized server architecture which serves as both backup and standby service provider.
Covers security and privacy issues for software product developers including attacks and defenses, encryption, authentication, authorisation and data protection
RESILIENT VOTING MECHANISMS FOR MISSION SURVIVABILITY IN CYBERSPACE: COMBININ...IJNSA Journal
While information systems became ever more complex and the interdependence of these systems increased, mission-critical services should be survivable even in the presence of cyber attacks or internal failures. Node replication can be used to protect a mission-critical system against faults that may occur
naturally or be caused by malicious attackers. The overall reliability increases by the number of replicas. However, when the replicas are a perfect copy of each other, a successful attack or failure in any node can be instantaneously repeated in all the other nodes. Eventually, the service of those nodes will
discontinue, which may affect the system’s mission. Therefore, it becomes evident that there must be more survivable approach with diversity among the replicas in mission-critical systems. In particular, this research investigates the best binary voting mechanism among replicas. Furthermore, with experimental
results, we compare the simple majority mechanism with hierarchical decision process and discuss their trade-offs.
Norman Patch and
Remediation Advanced
provides:
• Rapid, accurate and secure
patch management
• Automated collection, analysis
and delivery of patches
• Security for your organization
from worms, trojans, viruses and other malicious threats
• Single consolidated solution
for heterogeneous environments
provides effective management
at a significantly reduced TCO
International Journal of Engineering and Science Invention (IJESI)inventionjournals
International Journal of Engineering and Science Invention (IJESI) is an international journal intended for professionals and researchers in all fields of computer science and electronics. IJESI publishes research articles and reviews within the whole field Engineering Science and Technology, new teaching methods, assessment, validation and the impact of new technologies and it will continue to provide information on the latest trends and developments in this ever-expanding subject. The publications of papers are selected through double peer reviewed to ensure originality, relevance, and readability. The articles published in our journal can be accessed online.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Key-exposure resistance has always been an important issue for in-depth cyber defence in many security applications. Recently, how to deal with the key exposure problem in the settings of cloud storage auditing has been proposed and studied. To address the challenge, existing solutions all require the client to update his secret keys in every time period, which may inevitably bring in new local burdens to the client, especially those with limited computation resources such as mobile phones. In this paper, we focus on how to make the key updates as transparent as possible for the client and propose a new paradigm called cloud storage auditing with verifiable outsourcing of key updates. In this paradigm, key updates can be safely outsourced to some authorized party, and thus the key-update burden on the client will be kept minimal. Specifically, we leverage the third party auditor (TPA) in many existing public auditing designs, let it play the role of authorized party in our case, and make it in charge of both the storage auditing and the secure key updates for key-exposure resistance. In our design, TPA only needs to hold an encrypted version of the client’s secret key, while doing all these burdensome tasks on behalf of the client. The client only needs to download the encrypted secret key from the TPA when uploading new files to cloud. Besides, our design also equips the client with capability to further verify the validity of the encrypted secret keys provided by TPA. All these salient features are carefully designed to make the whole auditing procedure with key exposure resistance as transparent as possible for the client. We formalize the definition and the security model of this paradigm. The security proof and the performance simulation show that our detailed design instantiations are secure and efficient.
Welcome to International Journal of Engineering Research and Development (IJERD)IJERD Editor
call for paper 2012, hard copy of journal, research paper publishing, where to publish research paper,
journal publishing, how to publish research paper, Call For research paper, international journal, publishing a paper, IJERD, journal of science and technology, how to get a research paper published, publishing a paper, publishing of journal, publishing of research paper, reserach and review articles, IJERD Journal, How to publish your research paper, publish research paper, open access engineering journal, Engineering journal, Mathemetics journal, Physics journal, Chemistry journal, Computer Engineering, Computer Science journal, how to submit your paper, peer reviw journal, indexed journal, reserach and review articles, engineering journal, www.ijerd.com, research journals,
yahoo journals, bing journals, International Journal of Engineering Research and Development, google journals, hard copy of journal
Welcome to International Journal of Engineering Research and Development (IJERD)IJERD Editor
call for paper 2012, hard copy of journal, research paper publishing, where to publish research paper,
journal publishing, how to publish research paper, Call For research paper, international journal, publishing a paper, IJERD, journal of science and technology, how to get a research paper published, publishing a paper, publishing of journal, publishing of research paper, reserach and review articles, IJERD Journal, How to publish your research paper, publish research paper, open access engineering journal, Engineering journal, Mathemetics journal, Physics journal, Chemistry journal, Computer Engineering, Computer Science journal, how to submit your paper, peer reviw journal, indexed journal, reserach and review articles, engineering journal, www.ijerd.com, research journals,
yahoo journals, bing journals, International Journal of Engineering Research and Development, google journals, hard copy of journal
Welcome to International Journal of Engineering Research and Development (IJERD)IJERD Editor
call for paper 2012, hard copy of journal, research paper publishing, where to publish research paper,
journal publishing, how to publish research paper, Call For research paper, international journal, publishing a paper, IJERD, journal of science and technology, how to get a research paper published, publishing a paper, publishing of journal, publishing of research paper, reserach and review articles, IJERD Journal, How to publish your research paper, publish research paper, open access engineering journal, Engineering journal, Mathemetics journal, Physics journal, Chemistry journal, Computer Engineering, Computer Science journal, how to submit your paper, peer reviw journal, indexed journal, reserach and review articles, engineering journal, www.ijerd.com, research journals,
yahoo journals, bing journals, International Journal of Engineering Research and Development, google journals, hard copy of journal
Welcome to International Journal of Engineering Research and Development (IJERD)IJERD Editor
call for paper 2012, hard copy of journal, research paper publishing, where to publish research paper,
journal publishing, how to publish research paper, Call For research paper, international journal, publishing a paper, IJERD, journal of science and technology, how to get a research paper published, publishing a paper, publishing of journal, publishing of research paper, reserach and review articles, IJERD Journal, How to publish your research paper, publish research paper, open access engineering journal, Engineering journal, Mathemetics journal, Physics journal, Chemistry journal, Computer Engineering, Computer Science journal, how to submit your paper, peer reviw journal, indexed journal, reserach and review articles, engineering journal, www.ijerd.com, research journals,
yahoo journals, bing journals, International Journal of Engineering Research and Development, google journals, hard copy of journal
Welcome to International Journal of Engineering Research and Development (IJERD)IJERD Editor
call for paper 2012, hard copy of journal, research paper publishing, where to publish research paper,
journal publishing, how to publish research paper, Call For research paper, international journal, publishing a paper, IJERD, journal of science and technology, how to get a research paper published, publishing a paper, publishing of journal, publishing of research paper, reserach and review articles, IJERD Journal, How to publish your research paper, publish research paper, open access engineering journal, Engineering journal, Mathemetics journal, Physics journal, Chemistry journal, Computer Engineering, Computer Science journal, how to submit your paper, peer reviw journal, indexed journal, reserach and review articles, engineering journal, www.ijerd.com, research journals,
yahoo journals, bing journals, International Journal of Engineering Research and Development, google journals, hard copy of journal
We have evolved an IT system that is ubiquitous and pervasive and integrated into most aspects of our lives. Many of us are working on 4th and 5th level refinements in efficiency and functionality. But, we stand on the shoulders of those who came before and this restricts our freedom of action. The prior work has left us with an ecosystem which is the living embodiment
of our state-of-the-art. While we work on integration, refinement, broader application and efficiency, the results must move seamlessly into the ecosystem. Fundamental concepts are
being researched in the lab and may rebuild the world we all live in, until that happens, we must work within the ecosystem.
The Indo-American Journal of Agricultural and Veterinary Sciences is an online international journal published quarterly. It is a peer-reviewed journal that focuses on disseminating high-quality original research work, reviews, and short communications of the publishable paper.
Performance Evaluation of a Network Using Simulation Tools or Packet TracerIOSRjournaljce
Today, the importance of information and accessing information is increasing rapidly. With the advancement of technology, one of the greatest means of achieving knowledge are, computers have entered in many areas of our lives. But the most important of them are the communication fields. This study will be a practical guide for understanding how to assemble and analyze various parameters in network performance evaluation and when designing a network what is necessary to looking for to remove the consequences of degrading performance. Therefore, what can you do in a network performance evaluation using simulation tools such as Network Simulation or Packet tracer and how various parameters can be brought together successfully? CCNA, CCNP, HCNA and HCNP educational level has been used and important setting has been simulated one by one. At the result this is a good guide for a local or wide area network. Finally, the performance issues precautions described. Considering the necessary parameters, imaginary networks were designed and evaluated both in CISCO Packet Tracer and Huawei's eNSP simulation program. But it should not be left unsaid that the networks have been designed and evaluated in free virtual environments, not in a real laboratory. Therefore, it is impossible to make actual performance appraisal and output as there is no actual data available.
Subject: Software Architecture Design
Topic: Distributed Architecture
In this presentation, you will learn about design pattern, softawre architecture, distributed architecture, basis of distributed architecture, why distributed architecture, need of distributed architecture, advantages and disadvantages of DA and much more.
Rate my presentation, It's designed graphically.
A Novel Method for Prevention of Bandwidth Distributed Denial of Service AttacksIJERD Editor
Distributed Denial of Service (DDoS) Attacks became a massive threat to the Internet. Traditional
Architecture of internet is vulnerable to the attacks like DDoS. Attacker primarily acquire his army of Zombies,
then that army will be instructed by the Attacker that when to start an attack and on whom the attack should be
done. In this paper, different techniques which are used to perform DDoS Attacks, Tools that were used to
perform Attacks and Countermeasures in order to detect the attackers and eliminate the Bandwidth Distributed
Denial of Service attacks (B-DDoS) are reviewed. DDoS Attacks were done by using various Flooding
techniques which are used in DDoS attack.
The main purpose of this paper is to design an architecture which can reduce the Bandwidth
Distributed Denial of service Attack and make the victim site or server available for the normal users by
eliminating the zombie machines. Our Primary focus of this paper is to dispute how normal machines are
turning into zombies (Bots), how attack is been initiated, DDoS attack procedure and how an organization can
save their server from being a DDoS victim. In order to present this we implemented a simulated environment
with Cisco switches, Routers, Firewall, some virtual machines and some Attack tools to display a real DDoS
attack. By using Time scheduling, Resource Limiting, System log, Access Control List and some Modular
policy Framework we stopped the attack and identified the Attacker (Bot) machines
Hearing loss is one of the most common human impairments. It is estimated that by year 2015 more
than 700 million people will suffer mild deafness. Most can be helped by hearing aid devices depending on the
severity of their hearing loss. This paper describes the implementation and characterization details of a dual
channel transmitter front end (TFE) for digital hearing aid (DHA) applications that use novel micro
electromechanical- systems (MEMS) audio transducers and ultra-low power-scalable analog-to-digital
converters (ADCs), which enable a very-low form factor, energy-efficient implementation for next-generation
DHA. The contribution of the design is the implementation of the dual channel MEMS microphones and powerscalable
ADC system.
Influence of tensile behaviour of slab on the structural Behaviour of shear c...IJERD Editor
-A composite beam is composed of a steel beam and a slab connected by means of shear connectors
like studs installed on the top flange of the steel beam to form a structure behaving monolithically. This study
analyzes the effects of the tensile behavior of the slab on the structural behavior of the shear connection like slip
stiffness and maximum shear force in composite beams subjected to hogging moment. The results show that the
shear studs located in the crack-concentration zones due to large hogging moments sustain significantly smaller
shear force and slip stiffness than the other zones. Moreover, the reduction of the slip stiffness in the shear
connection appears also to be closely related to the change in the tensile strain of rebar according to the increase
of the load. Further experimental and analytical studies shall be conducted considering variables such as the
reinforcement ratio and the arrangement of shear connectors to achieve efficient design of the shear connection
in composite beams subjected to hogging moment.
Gold prospecting using Remote Sensing ‘A case study of Sudan’IJERD Editor
Gold has been extracted from northeast Africa for more than 5000 years, and this may be the first
place where the metal was extracted. The Arabian-Nubian Shield (ANS) is an exposure of Precambrian
crystalline rocks on the flanks of the Red Sea. The crystalline rocks are mostly Neoproterozoic in age. ANS
includes the nations of Israel, Jordan. Egypt, Saudi Arabia, Sudan, Eritrea, Ethiopia, Yemen, and Somalia.
Arabian Nubian Shield Consists of juvenile continental crest that formed between 900 550 Ma, when intra
oceanic arc welded together along ophiolite decorated arc. Primary Au mineralization probably developed in
association with the growth of intra oceanic arc and evolution of back arc. Multiple episodes of deformation
have obscured the primary metallogenic setting, but at least some of the deposits preserve evidence that they
originate as sea floor massive sulphide deposits.
The Red Sea Hills Region is a vast span of rugged, harsh and inhospitable sector of the Earth with
inimical moon-like terrain, nevertheless since ancient times it is famed to be an abode of gold and was a major
source of wealth for the Pharaohs of ancient Egypt. The Pharaohs old workings have been periodically
rediscovered through time. Recent endeavours by the Geological Research Authority of Sudan led to the
discovery of a score of occurrences with gold and massive sulphide mineralizations. In the nineties of the
previous century the Geological Research Authority of Sudan (GRAS) in cooperation with BRGM utilized
satellite data of Landsat TM using spectral ratio technique to map possible mineralized zones in the Red Sea
Hills of Sudan. The outcome of the study mapped a gossan type gold mineralization. Band ratio technique was
applied to Arbaat area and a signature of alteration zone was detected. The alteration zones are commonly
associated with mineralization. The alteration zones are commonly associated with mineralization. A filed check
confirmed the existence of stock work of gold bearing quartz in the alteration zone. Another type of gold
mineralization that was discovered using remote sensing is the gold associated with metachert in the Atmur
Desert.
Reducing Corrosion Rate by Welding DesignIJERD Editor
The paper addresses the importance of welding design to prevent corrosion at steel. Welding is
used to join pipe, profiles at bridges, spindle, and a lot more part of engineering construction. The
problems happened associated with welding are common issues in these fields, especially corrosion.
Corrosion can be reduced with many methods, they are painting, controlling humidity, and also good
welding design. In the research, it can be found that reducing residual stress on the welding can be
solved in corrosion rate reduction problem.
Preheating on 500oC and 600oC give better condition to reduce corosion rate than condition after
preheating 400oC. For all welding groove type, material with 500oC and 600oC preheating after 14 days
corrosion test is 0,5%-0,69% lost. Material with 400oC preheating after 14 days corrosion test is 0,57%-0,76%
lost.
Welding groove also influence corrosion rate. X and V type welding groove give better condition to reduce
corrosion rate than use 1/2V and 1/2 X welding groove. After 14 days corrosion test, the samples with
X welding groove type is 0,5%-0,57% lost. The samples with V welding groove after 14 days corrosion test is
0,51%-0,59% lost. The samples with 1/2V and 1/2X welding groove after 14 days corrosion test is 0,58%-
0,71% lost.
Router 1X3 – RTL Design and VerificationIJERD Editor
Routing is the process of moving a packet of data from source to destination and enables messages
to pass from one computer to another and eventually reach the target machine. A router is a networking device
that forwards data packets between computer networks. It is connected to two or more data lines from different
networks (as opposed to a network switch, which connects data lines from one single network). This paper,
mainly emphasizes upon the study of router device, it‟s top level architecture, and how various sub-modules of
router i.e. Register, FIFO, FSM and Synchronizer are synthesized, and simulated and finally connected to its top
module.
Active Power Exchange in Distributed Power-Flow Controller (DPFC) At Third Ha...IJERD Editor
This paper presents a component within the flexible ac-transmission system (FACTS) family, called
distributed power-flow controller (DPFC). The DPFC is derived from the unified power-flow controller (UPFC)
with an eliminated common dc link. The DPFC has the same control capabilities as the UPFC, which comprise
the adjustment of the line impedance, the transmission angle, and the bus voltage. The active power exchange
between the shunt and series converters, which is through the common dc link in the UPFC, is now through the
transmission lines at the third-harmonic frequency. DPFC multiple small-size single-phase converters which
reduces the cost of equipment, no voltage isolation between phases, increases redundancy and there by
reliability increases. The principle and analysis of the DPFC are presented in this paper and the corresponding
simulation results that are carried out on a scaled prototype are also shown.
Mitigation of Voltage Sag/Swell with Fuzzy Control Reduced Rating DVRIJERD Editor
Power quality has been an issue that is becoming increasingly pivotal in industrial electricity
consumers point of view in recent times. Modern industries employ Sensitive power electronic equipments,
control devices and non-linear loads as part of automated processes to increase energy efficiency and
productivity. Voltage disturbances are the most common power quality problem due to this the use of a large
numbers of sophisticated and sensitive electronic equipment in industrial systems is increased. This paper
discusses the design and simulation of dynamic voltage restorer for improvement of power quality and
reduce the harmonics distortion of sensitive loads. Power quality problem is occurring at non-standard
voltage, current and frequency. Electronic devices are very sensitive loads. In power system voltage sag,
swell, flicker and harmonics are some of the problem to the sensitive load. The compensation capability
of a DVR depends primarily on the maximum voltage injection ability and the amount of stored
energy available within the restorer. This device is connected in series with the distribution feeder at
medium voltage. A fuzzy logic control is used to produce the gate pulses for control circuit of DVR and the
circuit is simulated by using MATLAB/SIMULINK software.
Study on the Fused Deposition Modelling In Additive ManufacturingIJERD Editor
Additive manufacturing process, also popularly known as 3-D printing, is a process where a product
is created in a succession of layers. It is based on a novel materials incremental manufacturing philosophy.
Unlike conventional manufacturing processes where material is removed from a given work price to derive the
final shape of a product, 3-D printing develops the product from scratch thus obviating the necessity to cut away
materials. This prevents wastage of raw materials. Commonly used raw materials for the process are ABS
plastic, PLA and nylon. Recently the use of gold, bronze and wood has also been implemented. The complexity
factor of this process is 0% as in any object of any shape and size can be manufactured.
Spyware triggering system by particular string valueIJERD Editor
This computer programme can be used for good and bad purpose in hacking or in any general
purpose. We can say it is next step for hacking techniques such as keylogger and spyware. Once in this system if
user or hacker store particular string as a input after that software continually compare typing activity of user
with that stored string and if it is match then launch spyware programme.
A Blind Steganalysis on JPEG Gray Level Image Based on Statistical Features a...IJERD Editor
This paper presents a blind steganalysis technique to effectively attack the JPEG steganographic
schemes i.e. Jsteg, F5, Outguess and DWT Based. The proposed method exploits the correlations between
block-DCTcoefficients from intra-block and inter-block relation and the statistical moments of characteristic
functions of the test image is selected as features. The features are extracted from the BDCT JPEG 2-array.
Support Vector Machine with cross-validation is implemented for the classification.The proposed scheme gives
improved outcome in attacking.
Secure Image Transmission for Cloud Storage System Using Hybrid SchemeIJERD Editor
- Data over the cloud is transferred or transmitted between servers and users. Privacy of that
data is very important as it belongs to personal information. If data get hacked by the hacker, can be
used to defame a person’s social data. Sometimes delay are held during data transmission. i.e. Mobile
communication, bandwidth is low. Hence compression algorithms are proposed for fast and efficient
transmission, encryption is used for security purposes and blurring is used by providing additional
layers of security. These algorithms are hybridized for having a robust and efficient security and
transmission over cloud storage system.
Application of Buckley-Leverett Equation in Modeling the Radius of Invasion i...IJERD Editor
A thorough review of existing literature indicates that the Buckley-Leverett equation only analyzes
waterflood practices directly without any adjustments on real reservoir scenarios. By doing so, quite a number
of errors are introduced into these analyses. Also, for most waterflood scenarios, a radial investigation is more
appropriate than a simplified linear system. This study investigates the adoption of the Buckley-Leverett
equation to estimate the radius invasion of the displacing fluid during waterflooding. The model is also adopted
for a Microbial flood and a comparative analysis is conducted for both waterflooding and microbial flooding.
Results shown from the analysis doesn’t only records a success in determining the radial distance of the leading
edge of water during the flooding process, but also gives a clearer understanding of the applicability of
microbes to enhance oil production through in-situ production of bio-products like bio surfactans, biogenic
gases, bio acids etc.
Gesture Gaming on the World Wide Web Using an Ordinary Web CameraIJERD Editor
- Gesture gaming is a method by which users having a laptop/pc/x-box play games using natural or
bodily gestures. This paper presents a way of playing free flash games on the internet using an ordinary webcam
with the help of open source technologies. Emphasis in human activity recognition is given on the pose
estimation and the consistency in the pose of the player. These are estimated with the help of an ordinary web
camera having different resolutions from VGA to 20mps. Our work involved giving a 10 second documentary to
the user on how to play a particular game using gestures and what are the various kinds of gestures that can be
performed in front of the system. The initial inputs of the RGB values for the gesture component is obtained by
instructing the user to place his component in a red box in about 10 seconds after the short documentary before
the game is finished. Later the system opens the concerned game on the internet on popular flash game sites like
miniclip, games arcade, GameStop etc and loads the game clicking at various places and brings the state to a
place where the user is to perform only gestures to start playing the game. At any point of time the user can call
off the game by hitting the esc key and the program will release all of the controls and return to the desktop. It
was noted that the results obtained using an ordinary webcam matched that of the Kinect and the users could
relive the gaming experience of the free flash games on the net. Therefore effective in game advertising could
also be achieved thus resulting in a disruptive growth to the advertising firms.
Hardware Analysis of Resonant Frequency Converter Using Isolated Circuits And...IJERD Editor
-LLC resonant frequency converter is basically a combo of series as well as parallel resonant ckt. For
LCC resonant converter it is associated with a disadvantage that, though it has two resonant frequencies, the
lower resonant frequency is in ZCS region[5]. For this application, we are not able to design the converter
working at this resonant frequency. LLC resonant converter existed for a very long time but because of
unknown characteristic of this converter it was used as a series resonant converter with basically a passive
(resistive) load. . Here, it was designed to operate in switching frequency higher than resonant frequency of the
series resonant tank of Lr and Cr converter acts very similar to Series Resonant Converter. The benefit of LLC
resonant converter is narrow switching frequency range with light load[6] . Basically, the control ckt plays a
very imp. role and hence 555 Timer used here provides a perfect square wave as the control ckt provides no
slew rate which makes the square wave really strong and impenetrable. The dead band circuit provides the
exclusive dead band in micro seconds so as to avoid the simultaneous firing of two pairs of IGBT’s where one
pair switches off and the other on for a slightest period of time. Hence, the isolator ckt here is associated with
each and every ckt used because it acts as a driver and an isolation to each of the IGBT is provided with one
exclusive transformer supply[3]. The IGBT’s are fired using the appropriate signal using the previous boards
and hence at last a high frequency rectifier ckt with a filtering capacitor is used to get an exact dc
waveform .The basic goal of this particular analysis is to observe the wave forms and characteristics of
converters with differently positioned passive elements in the form of tank circuits.
Simulated Analysis of Resonant Frequency Converter Using Different Tank Circu...IJERD Editor
LLC resonant frequency converter is basically a combo of series as well as parallel resonant ckt. For
LCC resonant converter it is associated with a disadvantage that, though it has two resonant frequencies, the
lower resonant frequency is in ZCS region [5]. For this application, we are not able to design the converter
working at this resonant frequency. LLC resonant converter existed for a very long time but because of
unknown characteristic of this converter it was used as a series resonant converter with basically a passive
(resistive) load. . Here, it was designed to operate in switching frequency higher than resonant frequency of the
series resonant tank of Lr and Cr converter acts very similar to Series Resonant Converter. The benefit of LLC
resonant converter is narrow switching frequency range with light load[6] . Basically, the control ckt plays a
very imp. role and hence 555 Timer used here provides a perfect square wave as the control ckt provides no
slew rate which makes the square wave really strong and impenetrable. The dead band circuit provides the
exclusive dead band in micro seconds so as to avoid the simultaneous firing of two pairs of IGBT’s where one
pair switches off and the other on for a slightest period of time. Hence, the isolator ckt here is associated with
each and every ckt used because it acts as a driver and an isolation to each of the IGBT is provided with one
exclusive transformer supply[3]. The IGBT’s are fired using the appropriate signal using the previous boards
and hence at last a high frequency rectifier ckt with a filtering capacitor is used to get an exact dc
waveform .The basic goal of this particular analysis is to observe the wave forms and characteristics of
converters with differently positioned passive elements in the form of tank circuits. The supported simulation
is done through PSIM 6.0 software tool
Amateurs Radio operator, also known as HAM communicates with other HAMs through Radio
waves. Wireless communication in which Moon is used as natural satellite is called Moon-bounce or EME
(Earth -Moon-Earth) technique. Long distance communication (DXing) using Very High Frequency (VHF)
operated amateur HAM radio was difficult. Even with the modest setup having good transceiver, power
amplifier and high gain antenna with high directivity, VHF DXing is possible. Generally 2X11 YAGI antenna
along with rotor to set horizontal and vertical angle is used. Moon tracking software gives exact location,
visibility of Moon at both the stations and other vital data to acquire real time position of moon.
“MS-Extractor: An Innovative Approach to Extract Microsatellites on „Y‟ Chrom...IJERD Editor
Simple Sequence Repeats (SSR), also known as Microsatellites, have been extensively used as
molecular markers due to their abundance and high degree of polymorphism. The nucleotide sequences of
polymorphic forms of the same gene should be 99.9% identical. So, Microsatellites extraction from the Gene is
crucial. However, Microsatellites repeat count is compared, if they differ largely, he has some disorder. The Y
chromosome likely contains 50 to 60 genes that provide instructions for making proteins. Because only males
have the Y chromosome, the genes on this chromosome tend to be involved in male sex determination and
development. Several Microsatellite Extractors exist and they fail to extract microsatellites on large data sets of
giga bytes and tera bytes in size. The proposed tool “MS-Extractor: An Innovative Approach to extract
Microsatellites on „Y‟ Chromosome” can extract both Perfect as well as Imperfect Microsatellites from large
data sets of human genome „Y‟. The proposed system uses string matching with sliding window approach to
locate Microsatellites and extracts them.
Importance of Measurements in Smart GridIJERD Editor
- The need to get reliable supply, independence from fossil fuels, and capability to provide clean
energy at a fixed and lower cost, the existing power grid structure is transforming into Smart Grid. The
development of a smart energy distribution grid is a current goal of many nations. A Smart Grid should have
new capabilities such as self-healing, high reliability, energy management, and real-time pricing. This new era
of smart future grid will lead to major changes in existing technologies at generation, transmission and
distribution levels. The incorporation of renewable energy resources and distribution generators in the existing
grid will increase the complexity, optimization problems and instability of the system. This will lead to a
paradigm shift in the instrumentation and control requirements for Smart Grids for high quality, stable and
reliable electricity supply of power. The monitoring of the grid system state and stability relies on the
availability of reliable measurement of data. In this paper the measurement areas that highlight new
measurement challenges, development of the Smart Meters and the critical parameters of electric energy to be
monitored for improving the reliability of power systems has been discussed.
Study of Macro level Properties of SCC using GGBS and Lime stone powderIJERD Editor
One of the major environmental concerns is the disposal of the waste materials and utilization of
industrial by products. Lime stone quarries will produce millions of tons waste dust powder every year. Having
considerable high degree of fineness in comparision to cement this material may be utilized as a partial
replacement to cement. For this purpose an experiment is conducted to investigate the possibility of using lime
stone powder in the production of SCC with combined use GGBS and how it affects the fresh and mechanical
properties of SCC. First SCC is made by replacing cement with GGBS in percentages like 10, 20, 30, 40, 50 and
by taking the optimum mix with GGBS lime stone powder is blended to mix in percentages like 5, 10, 15, 20 as
a partial replacement to cement. Test results shows that the SCC mix with combination of 30% GGBS and 15%
limestone powder gives maximum compressive strength and fresh properties are also in the limits prescribed by
the EFNARC.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
Search and Society: Reimagining Information Access for Radical Futures
www.ijerd.com
1. International Journal of Engineering Research and Development
ISSN: 2278-067X, Volume 1, Issue 11 (July 2012), PP. 30-35
www.ijerd.com
A Novel Distributed Network for Ensuring Highly Secure
Proposed Enterprise Network Integrated Firewall
Santosh Kumar Mishra
(Research Scholar, NIMS University Rajasthan, India) & Prof. (Dr.) V. S. Rathore, Jaipur, Rajasthan, India.
Abstract–– A study on the current network enabled vulnerability checking software was made. It was found that most of the
available solutions had a some defect or the other in implementation of the applications as there was a large delay in the
assessment cycle. This was due to the inherent fact that the complete application had to scanned bit by bit and checked for
byte length and code compared with the byte address of the sender and a check is made at the firewall for the word by word
comparability. In this paper we discuss an active analysis of the system, for any weakness or technical flaws in the
operating system or the applications which as running on them. The security solution followed the CORBA architecture.
Keywords––Enterprises LAN, vulnerability, security, operating system, CORBA with ORB.
I. INTRODUCTION
Today’s networks must be secure. This can only be achieved by constant effort and vigilance over time. Because
security is a process, not a product, it begins and ends with people. The creation of a secure network affects many facets of
an organization’s business practice. The process includes sound security policies & issues, thorough implementation, diligent
monitoring and extensive education to the user.
As networks are built in layers, security must exist between each of these layers, as shown in Figure 1. A layered
approach to network security allows organizations to create multiple levels of defense around key assets. The result is
security-in-depth in which a breech at one layer does not compromise the entire network. This is the motivation behind the
Alcatel information security framework.
.[1]
Figure: 1 Layer of Vulnerabilities Assessment
To make things worse, while the system user needs to patch all possible vulnerabilities in his/her system, a hacker
only needs to locate any one to break in.
Formal verification approach can only provide validation of software against vulnerabilities at abstract level. With
increase in number of systems over the network, this approach becomes almost ineffective. As the number of system
30
2. A Novel Distributed Network for Ensuring Highly Secure Proposed Enterprise Network …
vulnerabilities multiply in recent years, Hence Vulnerability Assessment tools that can identify vulnerabilities in existing
systems be for e actual exploitation takes place have become immensely important.
Vulnerability assessment is a method of evaluating the security of a computer system or the Enterprise network.
The process involves an active analysis of the system for any weaknesses or technical flaws in the OS or the applications
which are running on them. These are known as vulnerabilities. The vulnerability assessment cycle as shown in figure 2
comprise of the following stages: [2]
Figure: 2 A typical vulnerability assessment cycle
II. LITERATURE SURVEY
Lot of work has been done on vulnerability assessment, particularly relating to improving the accuracy of vulnerability
identification methods and remote system[3] identification Vulnerability Assessment software is designed to assist network
and system administrators in identifying networked hosts vulnerable to compromise. This makes identifying risk and
prioritizing software updates much easier for administrators. Typically, enterprise-class vulnerability assessment falls into
one of two categories:-
(1) Host-Based (2) Network-based Systems.
While host-based systems require software on each system that will be analyzed (referred to as targets in this paper),
network-based vulnerability assessment software analyzes remotely systems.
This paper will focus exclusively on network-based vulnerability assessment software.
Key challenges to network-based vulnerability assessment software can be broken down into the following categories:-
scanning
storage
reliability
Dissemination.
CORBA as a standard protocol supersedes ORB and other peer network protocols likes java based JSB, BOSS,
SPRING, SSP and RARP (Reversed Access Router Protocol) and DHCP (Dynamic Host Control Protocol). The larger
environment in which a vulnerability assessment solution is deployed, the more difficult meeting these challenges becomes.
[5]More networked hosts means a more heterogeneous pool of systems to scan and more time to scan all systems, more data
to store in the database, and more individuals to whom data should be disseminated. With all of these increased
complications comes a higher likelihood of problems.
III. PRESENT SOLUTIONS
Modern vulnerability assessment systems address challenges with a three-tier approach: a variable number of
scanners that perform assessments,[6] a database at the back-end, and application server in the middle to coordinate scans,
interface with the database, and provide an interface through which users can administer and control the system. More robust
31
3. A Novel Distributed Network for Ensuring Highly Secure Proposed Enterprise Network …
solutions allow the addition of any number of scanners, enabling parallel scanning of targets in larger environments. Figure 3
illustrates the relationship between these components.[5,7]
Figure 3: The Three Tiers of Current Vulnerability Assessment Solutions
Database construction and maintenance are problems that have been researched and solved. For this reason,
vulnerability assessment solutions should (and nearly always do) use a database provided by another vendor. This permits
designers to focus on the application specific problems presented by the design and maintenance of the scanners and
middleware server.
IV. UNRESOLVED PROBLEMS
Because databases are essentially a solved problem, the most significant outstanding issues in current vulnerability
assessment solutions affect the two remaining tiers. Specifically, problems in the accuracy & efficiency of scan results and
reliability of the overall system remain outstanding. The focus of this paper will be on the area in which proper
implementation of component architecture such as CORBA can assist: improving the efficiency of scan results and reliability
of the system. Current industry-leading products divide the pool of hosts to be scanned amongst available scanners by IP
address. That means the smallest atomic task handed off to a scanner includes all vulnerability scans available for a single IP
address. These tasks are then assigned to scanners manually by administrators of the system. This approach leads to an
inflexible system that cannot adapt when problems occur. In large, distributed networks, anomalies like latency and packet
loss are a very real problem.[9.10]
Also, older or very busy systems can respond slowly to queries by vulnerability assessment scanners. Larger
problems relating to the system’s inability to move scan tasks between scanners can occur if one of the scanners experiences
a problem or becomes unavailable. In this case, none of the scan tasks assigned to the problematic scanner will be executed,
resulting in a gap in data. Furthermore, adding to or removing from the pool of available scanners requires significant
maintenance, as IP’s need to be manually re-distributed.[11]
32
4. A Novel Distributed Network for Ensuring Highly Secure Proposed Enterprise Network …
V. DESIGN OF A NOVEL ASSESMENT ALGORITHM
Re-designing the VA system to dynamically assign scan tasks to scanners based on availability would fix the
problems introduced by latent scans and unavailable scanners. Decreasing the size of each scan task would enhance these
improvements by increasing the speed and evenness with which the system could reassign tasks.
CORBA (Common Object Request Broker Architecture) applications fall into one of two types: clients invoking
operations on objects, and servers processing operations and returning the results. In order for a CORBA application to
function, all objects on the server that provide operations for clients to invoke must have an IDL defined[5]. The same IDL is
used by the client to invoke operations on objects, as well as the server to receive requests and return the results of the
invoked operations. However, the details of how the operation is executed are hidden from the client; all it sees is the
interface. Figure 3 (labeled in the image as “Figure 1”) illustrates how these components work together. IDL Stub and IDL
Skeleton are terminology used for the client and server sides of the IDL, respectively. The Object Request Broker, or ORB,
handles not only the delivery of the request from client to server, but also uniquely identifies the request so that the server
invokes an operation on the proper object, not an object that has been previously requested on by another client (or another
thread on the same client).
The process of creating an IDL and invoking operations on an object with CORBA
The object that will be worked with will be a simple integer. The client will be allowed to set the integer value of the obje ct
(which resides on the server), and get the integer value of the object. This is not a very useful example, but it illustrates all of
the key functions necessary to implement and use CORBA.3
Figure. 4: illustration of a Generic Object Request [5]
Algorithm 1
1: Input: directed graph G = (V;E), constraint set M = fc1; _ _ _ ; cmg, credit
vector (_1; _2; _ _ _ ; _m), satisfactory score threshold _;
2: Output: solution set of edge of QoSCE.
3: S all the minimal combinations ss of M with
P
ci2ss _i > _;
4: for each edge (i; j) 2 E do
5: Set f(i; j) = f(j; i) = 0;
6: Set cf (i; j) = 1 and cf (j; i) = 0.
7: end for
8: while S 6= ; do
9: ss extracted from S;
10: while 9q the shortest path satisfying all the constraints in ss do
11: for each edge (u; v) 2 q do
12: cf (q) = minfcf (u; v) : (u; v) 2 qg;
13: f(u; v) = f(u; v) + cf (q); f(v; u) = � v);
f(u;
14: cf (u; v) = c(u; v) �f(u; v); cf (v; u) = c(v; u) �f(v; u);
33
5. A Novel Distributed Network for Ensuring Highly Secure Proposed Enterprise Network …
15: end for
16: end while
17: end while
18: all the vertices reachable from s on the residual network induces a cut T .
19: Return T .
Algorithm 2 statistical Accessibility and translation test
1: Input: directed graph G = (V;E), constant _;
2: Output: YES if a satisfactory path probably exists, NO otherwise.
3: for every edge e 2 E do
4: '(e)
Pm
i=1
we
i
ci
_i;
5: end for
6: p shortest s-t path on metric ';
7: if '(p) > _ then
8: Return NO;
9: else
10: Return YES;
11: end if
VI. A TEST FOR VULNERABILITY ASSESSMENT
It has been shown that one of the key components is the CORBA interface definition, and properly using the
definition in the IDL Stub and IDL Skeleton. The focus of this section will be on the interface definition and a simplified
version of the IDL Stub and IDL Skeleton, building on the previous example. The details of the software on the scanner are
intentionally omitted; it is assumed that this is a previously-solved problem. The scanIDL listed below takes into account the
new atomic scan task, defining requests as a single vulnerability check against a single IP address.
The two interfaces that need to be provided to the server’s scan object (not mentioned previously) are get_os and
get_services. These two tasks are necessary for the client to determine which scans to run against a particular host, and are
functionally quite different from probing a single vulnerability. As can be inferred from the IDL, each of these is treated as a
single scan task. Also note that the list of operating system types in the IDL is abbreviated. An accurate listing of all OS
types and subtypes would be quite lengthy, and specific to what the scanner has the capability to detect. The return value for
get_services is an array of integers. Each integer will represent a TCP or UDP port that has been identified by the scanner as
providing a listening “service” (TCP port 80 on an web server, for example). Note that the vulnerability status is returned by
scan_vuln, along with the hosťs response that caused the scanner to set or unset the isVulnerable booelan. Often, this
information is needed by users to identify incorrectly-reported vulnerabilities, or other troubleshooting purposes. The
vuln_index_number parameter assumes that the client and server both have identical, indexed lists of all vulnerability checks
available. The server will only discussed insofar as its interface with the CORBA ORB. As a result, the server
implementation has been significantly over-simplified. In the code below, is assumed that the scan_functions.h class contains
C++-equivalent definitions of the types os_t, ip_prot_t, and scanResult_t used in the IDL, as well as the functions get_os,
get_services, and scan_vuln. It is also assumed that the scan object type is scan_t.
//server.cpp
VII. A NEW CORBA BASED MODEL FOR SECURE NETWORKING SOLUTIONS
With the scan task redesigned for automatic, dynamic delegation to a scanner by the middleware server,
middleware and scanner software re-designed to use CORBA for requesting scan objects, and multithreading implemented
so that scans run concurrently on scanners upon request from the middleware, the vulnerability assessment system
effectively uses all of its available resources to process queues of scan tasks.
Scanners are unavailable; the client requesting scans isn’t affected other than receiving thrown exceptions after
fewer scan objects have been requested by the POA. The ORB handles the communication from client to the available
servers, so when one goes offline; requests are simply not routed to it. Similarly, when scanners are added, the only
difference seen by the client is the capability to request more scan objects before an exception is thrown. The solution is
elegant and adaptable.
CORBA automates many common network programming tasks such as object registration, location, and
activation; request demultiplexing; framing and error-handling; parameter marshalling and demarshalling; and operation
dispatching. The ORB provides a mechanism for transparently communicating client requests to target object
implementations. The ORB simplifies distributed programming by decoupling the client from the details of the method
invocations. This makes client requests appear to be local procedure calls. When a client invokes an operation, the ORB is
34
6. A Novel Distributed Network for Ensuring Highly Secure Proposed Enterprise Network …
responsible for finding the object implementation, transparently activating it if necessary, delivering the request to the object,
and returning any response to the caller.
Now CORBA with ORB would yield a strong base and better performance.
VIII. CONCLUSION
A study on the current network enabled vulnerability checking software was made. It was found that most of the
available solutions had a some defect or the other in implementation of the applications as there was a l arge delay in the
assessment cycle. This was due to the inherent fact that the complete application had to scanned bit by bit and checked for
byte length and code compared with the byte address of the sender and a check is made at the firewall for the wor d by word
comparability (using byte counting algorithms techniques Example byte check metrics methods). This could be corrected by
using a multithreaded CORBA code which could scanned multiple lines of code of at a time integrated check metrics and
byte count methods built into it.
The number of bytes sent by the sender was converted into a JAVA thread (CORBA enabled). This thread
compared the reminder byte of the divisor algorithm with a gray bit of code in received message. A change in the above
thread length are value was counted and such value computed for the whole message length and the division from a average
value was determined. To ensure that the error was with the value of the standard division which was fixed by statically error
limit computation using allowable error of five percent. Next a bit normalized bit count and word length count taken for
conforming the accuracy of the received message. This reduced the scanned time and the load on the checking algorithm.
Which decreased and minimized time delay without compromised on the security of the solution are application. Hence
multi thread CORBA (equivalent to JAVA network thread and JNS) was significantly faster and completely secured. We
conclude that multithreaded CORBA algorithms development and trail implementation done in our work was much better
and occupied lesser network memory. The simulation of these algorithms was done using NS2 and CISCO simulation
software.
REFERENCES
[1]. B. Howard, O. Paridaens, B. Gamm: “Information Security: Threats and Protection”, Alcatel Telecommunications
Review, 2nd Quarter 2001, pp 117–121.
[2]. Automated Security Checking and Patching Using TestTalk by Chang Liu Debra J. Richardson. Information and
Computer Science, University of California, Irvine 2000 IEEE.
[3]. Fyodor, Nmap Network Mapper ,
[4]. The Three Tiers of Current Vulnerability Assessment Solutions
[5]. Krishna, Arvind S., Schmidt, Douglas C., Klefstad, Raymond, Enhan zdycing Real-time CORBA via Real-time
Java Features,
[6]. Object Management Group, CORBA FAQ,
[7]. University of Alabama Department of Computer Science, Integrating Component-Based So ware Development
into the Computing Curriculum,
[8]. Henning, Michi, and Vinoski, Steve, Advanced CORBA Programming with C++ , Addison-Wesley, 1999.
[9]. Object Management Group, CORBA Language Mapping Specifi cations,
[10]. Common Object Request Broker Archictecture, OMG, July, 1995.
[11]. Common Object aServices Specification, OMG 95-3-31, 1995.
35