effective sharing and testing of data on web services ... · work combines persuasive cued click...

National Conference on Green Computing Trends in Information and Communication Technology

(NCGCTICT-2015)

ISSN: 2349 - 641X www.internationaljournalssrg.org Page 1

Effective Sharing and Testing of Data on Web Services using

Combinatorial Testing

R.DHANUSREE ME-II Year

Computer Science And Engineering

Arunai College Of Engineering

Thiruvannamalai

S.MOHANARANGAN Assisstant Professor

Computer Science And Engineering

Arunai College Of Engineering

Thiruvannamalai

Abstract- Web injection attack exploits web application security by inserting malicious script into the web

application. The need for this kind of attack is to gain

access to application data or database. Here the focus is on

securing web application against web injection attacks. To

detect injection vulnerabilities in web services, we use

combinatorial interaction testing the main focus is on

Cross-Site Scripting Attack (XSS). By analyzing the

behavior of the Web service the model can detect the

presence of the injection vulnerabilities. This proposed

work combines persuasive cued click points and password

guessing resistant protocol to reduce the guessing attacks

as well as motivate users to select more random and

difficult passwords to guess. An algorithm for anonymous

sharing of private data among parties is been developed.

Assigning ID numbers to nodes ranging from 1 to n, the

identity received are unknown to the other member. Using

serial number assigned the complex data can be shared.

The new algorithms are built on top of a secure sum

Security operation using service discovery identities and

ids vulnerability detection secured protocol.

Keywords- Cross-site Scripting Attack, Persuasive cued click point, Password guessing resistant protocol and

Combinatorial Interaction Testing.

I. INTRODUCTION

Web service is a systemized way of combining Web-based

applications using XML, SOAP, WSDL, UDDI open

Standards over an Internet protocol. XML is used to tag the

data; SOAP is used to transfer the data between web

applications. WSDL is used for describing the services that

are available and UDDI is used for listing what services are

available in the application. Web service used for business purpose to communicate with the client. By using Web

services the organizations can exchange data without

knowledge of others in IT systems. Applications in Web

services from different sources can communicate with each

other in less time, because everything is in the form of XML. Web services are not fixed to single operating system or programming language. For example, Java can work with

Perl. Windows applications can work with UNIX applications. Web application is the foundation for each

activity in the internet, through which all the informations are

available in the internet. This demand for web application also

makes the attackers to exploit the vulnerabilities.

Web Injections Browser behavior is exploited by

constructing malicious input strings using input validation as

the form of application vulnerabilities, malicious purpose varies depending on the type of injection; all malicious

activities are used to compromise the three region of

information security: confidentiality, integrity, and

availability. In injection techniques the HTTP headers are

used to pass input data to the server-side web application, the

GET and POST methods will include malicious parameters

processed by the web application.

Many type of malware has the ability to insert malicious code into the client side browser, without the knowledge of

the server-side application which is undetected normally. The

aim of the attacker is to obtain secret data by performing

illegal activities, he identifies the system which is vulnerable

and using that system the attacker will gain information about

the victim. Multiple vulnerabilities possible in dynamic web

applications, Cross-site scripting is one among the top ten

vulnerabilities according to Open Web Application Security

Project (OWASP). XSS vulnerabilities have been introduced

since 1990s. Many sites are affected by this attack are Twitter,

Face book, MySpace, YouTube and Orkut. Nowadays the cross-site scripting attack exceed buffer overflows to become

the most commonly occurring security vulnerability, Some

researchers in 2007 found that 68% of websites are open to

XSS attacks.

This paper will focus on how the web application is

secured against web injection attacks, with the aim to develop

an understanding of how web injection attacks may be

detected and ultimately prevented. Based on the findings the project will aim to develop an appropriate web injection

solution.

Organization This paper is organized as follows. In

Section 2 we present the security problems in the presence of

Cross-site scripting attack. In Section 3 we present proposed

approaches we use to identify the presence of vulnerabilities

and use some algorithms to provide authentication against the attacks. In Section 4 we present Implementation part of our paper how the algorithm works and provide

authentication against attacks. In Section 5 we present the

http://www.internationaljournalssrg.org/ncgctict-2015.htmlwww.internationaljournalssrg.orghttp://www.webopedia.com/TERM/A/application.htmlhttp://www.webopedia.com/TERM/O/open.htmlhttp://www.webopedia.com/TERM/S/standard.htmlhttp://www.webopedia.com/TERM/P/protocol.htmlhttp://www.webopedia.com/TERM/T/tag.htmlhttp://www.webopedia.com/TERM/O/operating_system.htmlhttp://www.webopedia.com/TERM/P/programming_language.htmlhttp://www.webopedia.com/TERM/J/Java.htmlhttp://www.webopedia.com/TERM/P/Perl.htmlhttp://www.webopedia.com/TERM/M/Microsoft_Windows.htmlhttp://www.webopedia.com/TERM/U/UNIX.html


(NCGCTICT-2015)


Security analysis, here the resulting outcome is analyzed with

the concept.

II. CROSS-SITE SCRIPTING ATTACK

Around 80% of all web application vulnerabilities, Cross-

Site Scripting (XSS) is one of the most predominant web

application injection attacks and attached to other injection

vulnerabilities. XSS mainly occurs due to inadequate input

filtering procedures utilized by the web application host. Like

most web injection attacks, successful XSS exploits may lead

to compromised authentication information, privilege risk and

possible revelation of confidential information. As a result of

vulnerabilities on the server-side of the application, this type

of attack is achieved. Using the client-side web browser,

complexity is further added to the detection and gathering evidence of a successful attack. This causes victim browser to

execute JavaScript crafted by the attacker to gain access rights

to sensitive data, session cookies, and other informations.

This attacks are made to steal confidentiality of sensitive data,

undetermined authorization schemes, defraud users and

defame web sites.

XSS allows a user to accidentally send malicious data to

him through that application. Attackers often perform XSS attack by crafting malicious URLs and tricks users to clicking

on malicious link.

The XSS occurs in the system using Script. Embedded

JavaScript has the ability to execute on the users browser

with same permission.

An attacker waits for their victim to view and execute the

injected code using scripting attacks.

Figure 1: Traditional XSS Web Application Hijack Scenario

If the software did not validate user input, a malicious user can add the malicious Comment within the tags.

When other users viewed the comment, it might look

something like a normal code. There are two basic techniques

to accomplish an XSS attack. The first technique is to store malicious code in database and when accessed by client will

be executed by the browser at the client side. The second

technique requires that the victim without the knowledge of

malicious link clicks on the link resulting in execution of

malicious code.

A.XSS Vulnerability causes:

An attacker could write malicious scripts; a JavaScript with an infinite loop could which makes the victims browser

unusable, forcing them to quit the browser. Similarly the

attacker could manipulate the window, by shrinking it, closing

it, or making it move randomly across the screen, or

manipulate the Document Object Model to embed or alter text

and images. A more sophisticated attack could use DOM

manipulation to alter from values as part of an attempt to

gather information intended for the vulnerable application.

The action could be switched to post the submitted data to

a logging script on the attackers site, for instance. Dom

manipulation via JavaScript would make this attack

mechanism highly difficult to detect.

An XSS attack could also use browser-specific

vulnerabilities in scripting implementations to scrape

information out of files on a users hard drive. Attackers target

is to obtain access to sensitive information stored on their systems, sending malicious URLs in email designed to appeal

to the specific intended victims. The most common behavior

of XSS attacks, however, is to gather cookies. Cookies are a

technology initially designed for Netscape Navigator 1.0 to

mitigate some of the problems stemming from HTMLs nature

as a stateless protocol. They are text files that reside on a

users computer and store name-value pairs along with some

metadata. Cookies are commonly used to store information

intended to be persistent during a browser session or from

session to session, such as session IDs, user preferences, or

login information.

III. OUR APPROACH

In this section we present some of the concept to provide

better authentication against injection vulnerabilities and

perform testing to measure the presence of vulnerabilities in web application using a better methodology.

A. Taxonomy of Authentication

The first stage in securing any computer system is to verify

the identity of users. This process of checking a users identity is referred to as user authentication.

Passwords are often used to authenticate any user.

Normally, user created passwords which are easy to remember

and recall. which is easily cracked by the third party with the

malicious intentions. So it is necessary to create passwords with more security measures. If the user creates any password

it has to be more secure.

http://www.internationaljournalssrg.org/ncgctict-2015.htmlwww.internationaljournalssrg.org


(NCGCTICT-2015)


Most of the user create text based password which are

vulnerable for different class of attacks like brute force,

dictionary based attack, shoulder surfing attack. In spite of

such vulnerabilities users are tend to select short guessable

password. Unfortunately, such passwords can be easily

breakdown by third parties. To avoid this problem, the idea of

image based passwords is introduced. The graphical

passwords are more popular since they are better than Text

based passwords, because people are better at memorizing

graphical passwords than text-based passwords.

1. Persuasive Cued Click Points (PCCP)

The persuasive technology was first introduced by Fogg.

Persuasive feature is added to Cued-Click Point concept to

allow users to select less predictable passwords. To avoid hotspot problem the viewport is positioned randomly rather

than specifically. Using such information attackers can their

improve guesses and form new hotspots. Since all click-points

are hotspots, it makes it more difficult to select passwords.

This persuasive technology guides and encourages users to

select stronger passwords, rather than improving system-

generated passwords. Advantage of image based

authentication system using persuasive cued click point is

resistant to many security attacks such as dictionary attack,

brute force attack, hotspots, Guessing attacks, capture attacks,

etc., In this concept during image selection we select multiple click-points on the single image instead of selecting click-

points on a multiple image to reduce time usage.

Figure 2: Registration Phase

This project proposes a new protocol called Password

Guessing Resistant Protocol, designed to restrict Brute force

and dictionary attacks on password. PGRP limits the total

number of failed login attempts from unknown remote hosts,

legitimate users can make several failed login attempts before

being challenged with an ATT.

PGRP provides protection against some threats such as

key logger spy ware. Mouse is provided instead of keyboard

to enter our image password to protect our password from key

loggers. PGRP prevent password guessing attack without answering ATT challenges, since it is more effective. It also

provides convenient login experience, e.g., fewer ATT

challenges for legitimate users. PGRP appears for

organizations with large number of user accounts.

B. Homomorphism Vulnerability Algorithm

An algorithm for anonymous sharing of private data

among multiple parties has been developed. This technique

assigns ID numbers to each nodes ranging from 1 to N

iteratively. This assignment is not known to the members of

the other group. Resistance to collusion among other members

is verified in an information theoretic sense when private

communication channels are used. Using the serial numbers

assigned the complex data can be shared and has applications

to other problems in privacy preserving data mining, collision

avoidance in communications and distributed database access.

Without trusted central authority the required computations are distributed. Existing and new algorithms for assigning

anonymous IDs are examined with respect to trade-offs

between communication and computational requirements. The

new algorithms are built on top of a secure sum data mining

operation using service discovery identities and IDS

vulnerability detection secured protocol. A homomorphism

vulnerability algorithm for distributed solution of certain

polynomials over finite fields enhances the scalability of the

algorithms.

C. Combinatorial Interaction Testing

The popular selection proposed approach is combinatorial

interaction testing (CIT), where the developer selects a

strength t and then computes a covering array (a set of

configurations) in which all t-way combinations of

configuration option settings appear at least once. In prior work, we demonstrated several limitations of the CIT

approach. In particular, we found that a given systems

effective configuration space. We also found that effective

configuration space may not be well approximated by t-way

covering arrays. Based on these insights we have developed

an algorithm called interaction tree discovery (iTree).

Interaction tree discovery is an iterative learning algorithm

that efficiently searches for a small set of configurations that closely approximates a systems effective configuration space.



(NCGCTICT-2015)


Figure 3: Proposed System Model

The Proposed approach follows the methodology as the

above model starting from preparing test to analyzing the

output from the HTTP header. By analyzing the behavior of

the web service the model can detect the presence of the

injection vulnerabilities in the Web Services. Based on the gathered information we find the different way of input that

are being provided to the web service. We provide the

workload in a random manner as well as in a sequence with

the absence of any attack.

Figure 4: Proposed model on the basis of input

For generating XSS attack scripts we classify the large

data set of script that are capable of emulating XSS attacks

and classify them on the basis of length, 4 different types of encoding techniques namely URL encoding, Base64 encoding

,HTML encoding, Hex encoding.. This classification makes it

easier to generate the attack load for the input parameter.

The priority of attackload generation for testing each

input is varied for example for user controled input The

priority of testing a double quote script with length more than

75 is the first priority ,Followed by single quoted script and

followed by the different encoded scripts.The flowchart is

given below.

Figure 5: Flowchart

For other kind of input the priority is different for

generation and testing of the attackload.For detection of the

vulnerability we use the response header of the SOAP

message exchanged. Based on the results of HTTP status code

in the header of the SOAP message response, we determine

the existence of vulnerabilities in Web Services, described

below. If the header contains the code 200 OKAND the

server ran the SOAP message with the XSS attack, THEN

there is a Vulnerability Found (VF) in the Web Service.

OTHERWISE, if the SOAP message describes the existence of a syntax error or warning about the presence of an attack,

THEN there is No Vulnerability Found (NVF) in the Web

Service. If the header contains the code 400 Bad request

message, e.g. request format is invalid: missing required

soap: Body element, THEN there is No Vulnerability Found

(NVF) in the Web Service.

If in the absence of attacks, the header contains the code

500 Internal Server Error AND there was information disclosure in the SOAP message. AND if in the presence of

XSS attack, the header contains the code HTTP 200 OK,

THEN there is a Vulnerability Found (VF) in the Web

Service. Based on the behavior we can further classify on the

basis of response header if needed. In Any case there is no

response then the result remains inconclusive.

IV. IMPLEMENTATION

A. Welcome Page

The basic step for any authentication scheme is to become

a valid user of that system. We use Graphics or Image based



(NCGCTICT-2015)


authentication which is more reliable, for performing this kind

of authentication user has to create an account with the user id

and the password in textual based login system.

This step is necessary to have an entry in the administrator

level to check whether the user is authenticated or not. When

the new user arises, the user must select new user id, password and proceed to become a valid user

B. Registration Phase

During registration the system will ask the user to provide

information such as user id, password, mail id etc., the user

should provide the textual based passwords. The information

that is provided during registration is maintained by the

administrator to check whether the intended user is

authenticated user or not. After registering, whenever the user need to access any application the login page appears. To

conform as an authenticated user, the users specify user id and

password in a textual form.

C. PCCP Algorithm

After the textual based login system, now the user

entering to the PCCP algorithm step, here we use Image based

passwords along with the textual password via cued click-

points. During this phase user has to select how many click

points needed to create the password which will show the

strength of the password security. To improve the strength of

the security in the graphical passwords the number of click-

points in the image can be increased.

Figure 6: PCCP Algorithm

D. Automatic Turing Test

The image appears after that enter the authentication code and click the upload button, by clicking on the correct

pixel in the image the authentication code which we uploaded

will be generated.

Figure 7: Automatic Turing Test

After that automated Turing Test (ATT) is performed on

the authenticated code, if the user entered code and code generated during click-points in the image are compared. If

the authentication code is same then system enters to the

corresponding users page.

E. White List

With the use of the homomorphism vulnerability

algorithm the frequent failed login attempts made by any

system can be identified by their Id assigned using this

algorithm. At last system maintains a white list in which the

system which performed failed attempt frequently is listed and

further access is denied for those ID for further attempt.

V. SECURITY

A. Password Guessing Attack

The brute force attack and dictionary attacks are most

basic password guessing attack against PCCP. In Brute force

attack the attacker tries all possible code, combination, or

password to obtain the correct code by guessing, which is a

time consuming attack. Brute force attacks are avoided by

selecting complex password because it requires more time to

hijack the password. Dictionary Attack: Used by the attacker

to identify the users password by using dictionary of common

words.

B. Capture Attack

By intercepting the data entered by the user, the attacker

can directly obtain passwords or by tricking users to reveal

their passwords. Key loggers can be prevented by using

mouse rather than keyboard to enter graphical password using

PGRP protocol.



(NCGCTICT-2015)


C. Hotspots

The area which is chosen often by the user in an image as

a part of password is referred to as Hotspots. In PCCP random

view port for security enhancement is provided during

password creation, which forces users not to select any

Hotspots. . Random view ports guide the users to make things

difficult for attackers, who can use common guessable

selection within an image.

D. Database Anonymity

With the use of the homomorphism vulnerability

algorithm the confidentiality information in the database is

maintained by denying the access to the database by the

unauthorized or third parties. The Id assigned to each node not

known to other nodes in the network using this complex data

can be shared effectively

E. Outcome of the testing

Expected outcome is to detect with less Attack load for

detection and with more accuracy (less false positive and less

false negative) while making the detection coverage high

which makes the test effective.

VI. CONCLUSION & FUTUREWORK

This paper explains some of the potential dangers that

occur due to the presence of XSS attacks and the security

problems in the web application. Among several injection

attacks Cross site scripting has major impact on web

applications. To test those threats many technologies are

available which has some inefficiency. Therefore in this work

we presented an efficient methodology to identify the

vulnerabilities by monitoring the behavior of the model.

The combination of persuasive cued click points & password guessing resistant protocol provide better results in

authentication system. Here we provide only one image for

the authentication purpose which is easier for the user to

remember and also requires less time, but for the attackers it is

very difficult to see at click point area in the image. PGRP is

more restrictive against brute force and dictionary attacks.

PGRP is apparently more effective in preventing password

guessing attacks, it also provide most convenient login

experience. In future we can add some empty click-points to

confuse the attacker and also make double click on specific

click points we can further improve the security.

REFERENCES

[1] Della-Libera, G., et al, Security in a Web Services World A Proposed Architecture and Roadmap, IBM corp, Microsoft corp, 7 , apr2002,

URL: http://msdn.microsoft.com/en-us/library/ms977312.aspx.

[2] Holgersson, j., and E.soderstrom, Web Service Security-Vulnerabilities

and Threats within the context of WS-Security, SIIT 2005.

[3] Morais A, and E.Martins, Injeo de Ataques Basedos em Modelo para

Teste de Protocols de Segurana, Thesis (Master in computer Science),

Institute of Computing, UNICAMP, State University of campians,

Brazil, 15, May 2009.

[4] Cachin, C., and J. Camenisch, Malicious and Accidental-Fault

Tolerance in Internet Applications: Reference Model and Use Cases,

LAAS, MAFTIA, 2000.

[5] Ladan MI, Web services: Security Challenges, in Proceedings of the

World Congress on Internet Security, 2011, WorldCIS11, IEEE Press,

Londres, Reino, Unido, 21-23, Feb 2011.

[6] SoapUI, [software], Version 4.5. Eviware, The Web Services testing tool

Security Testing Tool, URL:http://www.soapui.org.

[7] Lawrence, K., C.Laler, A, Nadalin, R.Monzillo, and P.Hallam-Baker,

Web Services Security: SOAP Message Security 1.1 (WS-Security 2006),

OASIS, 2006.

[8] Lawrence, K., C, Kaler, A. Nadalin, R. Monzilo, and P. Hallam-Baker,

Web Services Security: Username Token profile 1.1, OASIS, 2006.

[9] Zhao G., W.Zheng, J.Zhao, and H.Chen, An Heuristic Method for

Web-Service Program Security Testing, In Proceedings of the 2009

Fourth China Grid Annual Conference, CHINAGRID 09, IEEE

Computer Society Press, Yantai China, Aug 2009.

[10] Cristian F., H. Aghili, R. Strong, and D. Volev, Atomic Broadcast:

From Simple Message Diffusion to Byzabtube Agreement. In

Proceedings of the Twenty-Fifth International Symposium on Fault-

Tolerant Computing, IEEE Computer Society Press, Pasadena-CA,

USA, June 1995.

[11] Myers G.J., C. Sandler, and T.Badgett, The Art of Software Testing, 3rd

ed., Wiley Publishing, New Jersey, USA, 2011.

[12] Valenti AW, and E. Martins, Testes de Robustez em Web Services

porMeio de Injeo de Falhas, Thesis, Institute of Computing,

UNICAMP, State University of Campinas, Brazil, jun 2011.

[13] Canfora G., and M. Penta, Service-Oriented Architectures Testing: A

Survey In software Engineering, Springer-Verlag, Berlin, Heidelberg,

2009.

[14] Zhou L, J. Ping, H.Xiao, Z. Wang, GeguangPu, and Z. Ding,

Automatically Testing Web Services Choreography with Assertions, In

Proceedings of the 12th international Conference on Formal

Engineering Methods and Software Engineering, ICFEM10, Springer-

Verlag, Berlin, Heidelberg,2010.

[15] Rogan D., OWASP WebScarabLite [Software], Version20070504-1631,

Open Web Application Security Project 2011, URL:

http://www.owasp.org/software/webscarab.html.

http://www.internationaljournalssrg.org/ncgctict-2015.htmlwww.internationaljournalssrg.orghttp://msdn.microsoft.com/en-us/library/ms977312.aspxhttp://www.soapui.org/

National Conference on Green Computing Trends in Information and Communication Technology (NCGCTICT-2015)


A Novel Method For Face Recognition Using Gabor

Wavelet

R.Prema1, Dr. P.Shanmugapriya

2

1Assistant Professor and Research Scholar , Department of CSE , SCSVMV University, Kanchipuram.,

2Associate Professor and Head, Department of IT , SCSVMV University, Kanchipuram

Abstract - Gabor wavelets (GWs) are commonly used for

extracting features for various applications like object

detection, recognition and tracking. This paper

proposes and analyzes Gabor Wavelet and Eigenface

method for face recognition.

Index Terms Gabor wavelets , feature extraction, eigen face.

I. INTRODUCTION

Humans are very good at recognizing faces and complex patterns. Even a passage of time doesn't

effect this capability and therefore it would help if

computers become as robust as humans in face

recognition. Face recognition system can help in

many ways :

1) Checking for criminal records .

2) Enhancement of security by using

surveillance cameras in conjunction with

face recognition system.

3) Finding lost children's by using the images received from the cameras fitted at

some public places .

4) Knowing in advance if some VIP is

entering the hotel.

5) Detection of a criminal at public place.

6) Can be used in different areas of science

for comparing a entity with a set of entities.

7) Pattern Recognition.

Currently there are a several methods to achieve face

recognition. Among them we have the neural network

approach, the statistical approach - primarily based on

histograms, the multiresolutional approach, the

information theory approach, and the eigenface

approach.

We would be focusing on the Eigenface approach.

This method was originally suggested by Alex P.

Pentland and Matthew A. Turk from MIT in 1991.

This method consist on weighting the difference

between a given face image and a mean image, which

is obtained by averaging a predefined set of faces.

The training set is a group of face images from which

the mean face is calculated. Face recognition takes

place by linearly projecting the image to a low dimensional image space and weighting the

difference with respect to a set of eigenvectors. If the

difference (weight) is bellow certain threshold, the

image is recognized as a known face; otherwise, the

face can be classified as an unknown face, or not a

face at all.

Some of the limiting factors of this approach are the

background, difference in illumination, imaged head

size, and head orientation. To solve some of these

problems we could identify the location of the head

and zoom until we observe most of the face. We

could also set the camera's lighting based on the time

of the day.

In this paper, we propose a eigen face approach

with Gabor wavelet Transform (GWT) for feature extraction.

This paper is organized as follows: Section II

describes and Face Recognition system also describes

and analyzes eigenface approach and Gabor wavelet

Transform(GWT) . Section III shows results. The

concluding remarks will be given in Section IV.




II. FACE RECOGNITION SYSTEM

A facial recognition system is a computer application

for automatically identifying or verifying a person

from a digital image or a video frame from a video source. One of the ways to do this is by comparing

selected facial features from the image and a facial

database. Although humans perform face

recognition in an effortless manner, underlying

computations within the human visual system are

of tremendous complexity. The seemingly trivial

task of finding and recognizing faces is the result

of millions years of evolution and we are far away

from fully understanding how the brain performs this

task. Up to date, no complete solution has been

proposed that allow the automatic recognition of

faces in real images. In this section we will

review the face recognition systems using Gabor

Wavelet Transform (GWT).

Fig.1 Flow chart of Feature Extraction Stages

http://www.internationaljournalssrg.org/ncgctict-2015.htmlwww.internationaljournalssrg.orghttp://en.wikipedia.org/wiki/Application_softwarehttp://en.wikipedia.org/wiki/Identification_of_human_individualshttp://en.wikipedia.org/wiki/Authenticationhttp://en.wikipedia.org/wiki/Personhttp://en.wikipedia.org/wiki/Digital_imagehttp://en.wikipedia.org/wiki/Film_framehttp://en.wikipedia.org/wiki/Videohttp://en.wikipedia.org/wiki/Facehttp://en.wikipedia.org/wiki/Database_management_system



A. Gabor Wavelet Transform

Gabor wavelets are widely used in

image analysis and computer vision [8] .The

Gabor wavelets transform provides an effective way to analyze images and has

been elaborated as a frame for

understanding the orientation and spatial

frequency selective properties of simple

cortical neurons. They seem to be a good

approximation to the sensitivity profiles of

neurons found in visual cortex of higher

vertebrates. The important advantages are

infinite smoothness and exponential decay

in frequency. Let be the gray level distribution of the input image, Gabor

wavelets transform on can be written as a convolution of with a family of kernels

k :

Where * denotes the convolution operator, and is the convolution result at k. The

Gabor wavelets (kernels) take the form of

a plane wave restricted by a Gaussian

envelope function [9]

vector enveloped by a Gaussian function,

where s is the standard deviation of this

Gaussian.

B. Feature vector generation

Feature vectors are generated at the

feature points as a composition of Gabor

wavelet transform coefficients. kth feature vector of ith reference face is defined as,

(3)

While there are 40 Gabor filters, feature

vectors have 42 components. The first two

components represent the location of that

feature point by storing (x, y) coordinates.

Since we have no other information about

the locations of the feature vectors, the first two components of feature vectors are very

important during matching (comparison)

process. The remaining 40 components are

the samples of the Gabor filter responses at

that point.

Although one may use some edge

information for feature point selection, here

it is important to construct feature vectors as

the coefficients of Gabor wavelet transform.

Feature vectors, as the samples of Gabor

wavelet transform at feature points, allow representing both the spatial frequency

structure and spatial relations of the local

image region around the corresponding

feature point.

By selecting different center

frequencies and orientations, we can generate a

family of GW kernels using (3), which is then used for feature extraction from images. Given

a gray-level image I (x, y), the GW features are

extracted by convolving I (x, y) with each of the GWs, as in (2).

Fig.2 Facial feature points found as the high-

energized points of Gabor wavelet responses

The Convolution can be computed efficiently using FFT, then point-by-point multiplica-tions, and

finally the inverse FFT (IFFT). By concatenating the convolution outputs, we can obtain a GW feature




vector.

C. Similarity Calculation

In order to measure the similarity of two

complex valued feature vectors, following similarity

function is used which ignores the phase:

vi, k (l) vt , j (l) (4)

feature vector of ith reference face, (vi,k), where l is

the number of vector elements.

Proposed similarity measure between two vectors

satisfies following constrains:

0 < Si< 1,

and if ith gallery face image is used also as the test

image,

Si ( j, j)< 1.

The location information is not used for vector

similarity calculation, but only the magnitudes of the

wavelet coefficients are take place at (3). It must be

clarified that the similarity function (3.8) is only one

component of the proposed matching procedure .

Location information of feature vectors will also be used during matching.

Equation (3) is a very common similarity

measure between feature vectors, containing Gabor

wavelet transform coefficients [36], but sometimes

we might have small variations [23, 27]. In [23]

similarity function at (3) is used with complex

valued coefficients and an additional phase

compensating term. In the early experiments it is

observed that small spatial displacements cause

change in complex valued coefficients due to phase rotation. Then phase can either be ignored or

compensated as in [23]. Although phase

compensated similarity function is found to increase

recognition performance significantly [23,27],

similarity function without phase is chosen to avoid

computational complexity.

D. Face comparison

After feature vectors are constructed from

the test image, they are compared to the feature

vectors of each reference image in the database. This

comparison stage takes place in two steps. In the

first step, we eliminate the feature vectors of the

reference images which are not close enough to the feature vectors of the test image in terms of location

and similarity. Only the feature vectors that fit the

following two criterions are examined in the next

step.

(5)

where th1 is the approximate radius of the area that

contains either eye, mouth or nose, (xr, yr) and (xt, yt)

represents the location of a feature point on a

reference face and test face respectively. Comparing

the distances between the coordinates of the feature

points simply avoids the matching of a feature point

located around the eye with a point of a reference facial image that is located around the mouth. After

such a localization, we may disregard the location

information in the second step. Moreover here

topology of face is also examined to use

corresponding information at the final matching by

only letting feature points that are match each other

in a topological manner.

Si(k,j)>th2, (6)

Similarity of two feature vectors is greater than th2,

where th2 is chosen as the standard deviation of

similarities of all feature vectors in the reference gallery and the similarity of two vectors is computed

by Equation (3).

III. RESULTS




In the following section, detailed information for

those four face databases and their corresponding

performance results for the proposed face

recognition method are given with the comparisons

with some major face recognition methods.

(a) (b)

Fig.3 Examples of different facial expressions of two people from Stirling database, a) gallery

faces, b) probe faces.

Table I: Recognition performances of eigenface, eigenhills and proposed method on the Purdue

face database.

Method Recognition rate (%)

Eigenface [20] 82.3

Eigenhills [31] 89.4

Proposed face recognition 100.0

method using GWT




IV.CONCLUSION AND FUTURE WORK

This method compares faces in terms of mouth,

nose and any other features rather than eyes. Moreover,

having a simple matching procedure and low computational cost proposed method is faster than

elastic graph matching methods. Proposed method is

also robust to illumination changes as a property of

Gabor wavelets, which is the main problem with the

eigen face approaches. There is no training as in many

supervised approaches, such as neural networks. A new

facial image can also be simply added by attaching new

feature vectors to reference gallery while such an

operation might be quite time consuming for systems

that need training.

Although recognition performance of the

proposed method is satisfactory by any means, it can

further be improved with some small modifications

and/or additional pre-processing of face images. Such

improvements can be summarized as;

Since feature points are found from the responses of image to Gabor filters separately, a set of weights

can be assigned to these feature points by counting

the total times of a feature point occurs at those

responses.

A motion estimation stage using feature points

followed by an affine transformation could be

applied to minimize rotation effects.

In this paper, a new approach to face

recognition with Gabor wavelets is presented. The

method uses Gabor wavelet transform for both finding

feature points and extracting feature vectors.

REFERENCES

[1] V. Bruce, Recognizing Faces. London: Erlbaum, 1988.

[2] G. Davies, H. Ellis, and E. J. Shepherd, Perceiving and

Remembering Faces, New York: Academic, 1981.

[3] H. Ellis, M. Jeeves, F. Newcombe, and A. Young, Aspects

of Face Processing. Dordrecht: Nijhoff, 1986.

[4] R. Baron, Mechanisms of human facial recognition, Int.

J. Man-Machine Studies, vol. 15, pp. 137-178, 1981.

[5] D. C. Hay and A. W. Young, The human face ,

Normality and Pathology in Cognitive function, A. W. Ellis

Ed. London: Academic, 1982, pp. 173-202.

[6] S. Carey, A case study: Face Recognition, Explorations in the Biological Language, E. Walker Ed. New York:

Bradford, 1987, pp. 175-201.

[7] S. Carey, R. Diamond, and B. Woods, The development of face recognition- A maturational component? Develop.

Psych., vol. 16, pp. 257-269, 1980.

[8] A. P. Ginsburg, Visual Information processing based on spatial filters constrained by biological data, AMRL tech.

Rep., pp. 78-129, 1978.

[9] A. G. Goldstein, Facial feature variation: Anthropometric Data II, Bull. Psychonomic Soc., vol.13, pp. 191-193,

1979.

[10] A. G. Goldstein, Face related variation of facial features:

Anthropometric Data I, Bull. Psychonomic Soc., vol.13,

pp. 187-190, 1979.

[11] L. D. Harmon, The recognition of faces. Scientific American, vol. 229, pp. 71-82, 1973.

[12] D. Perkins, A definition of caricature and recognition,

Studies in the Anthropology of Visual Commun., vol. 2, pp.

1-24, 1975.

[13] J. Sergent, Microgenesis of face perception, Aspects of Face Processing, H. D. Ellis, M. A. Jeeves, F. Newcombe,

and A. Young Eds. Dordrecht: Nijhoff, 1986.

[14] T. Kanade, Picture processing by computer complex and recognition of human faces. Technical report, Kyoto

University, Dept. of Information Science, 1973.

[15] S. Lin, S. Kung, and L. Lin, Face Recognition / Detection

by Probabilistic Decision-Based Neural Network, IEEE

Trans. Neural Networks, vol.8, pp.114-132, 1997.

[16] R. Brunelli, T. Poggio, Face Recognition: Features vs. Templates, IEEE Trans. on PAMI, Vol. 12, No. 1, Jan.

1990.

[17] M. H. Yang, N. Ahuja, and D. Kriegman, A survey on face detection methods, IEEE Trans. On Pattern analysis

and Machine Intelligance, to appear 2001.

[18] S. Ranganath and K. Arun, Face Recognition Using

Transform Features and Neural Network, Pattern

Recognition, vol. 30, pp. 1615-1622, 1997.

[19] S. Lawrence, C. Giles, A. Tsoi, and A. Back, Face Recognition: A Convolutional Neural Network Approach,

IEEE Trans. on Neural Networks, vol. 8, pp. 98-113, 1997.

[20] M. Turk and A. Pentland. Eigenfaces for recognition. Journal of Cognitive Science, pp.71-86, 1991.

[21] P. Belhumeur, J. Hespanha, and D. Kriegman, Eigenfaces vs. Fisherfaces: Recognition using class Specific linear

projection, IEEE Trans. on PAMI, vol.19, no.7, 1997.

[22] B. Moghaddam, C. Nastar, and A. Pentland, Bayesian

Face Recognition using Deformable Intensity Surfaces,

IEEE Conference on CVPR, San Francisco, CA, June

1996.

[23] L. Wiskott, J. M. Fellous, N. Kr ger and Christoph von der Malsburg,

Face Recognition by Elastic Graph Matching, In

Intelligent Biometric



(NCGCTICT-2015)


Mobile Cloud Computing for Face Recognition in Social

Media and Future for Mobile apps

P.Sriranjani, UG Scholar, Department of IT, Anna University, BIT Campus, Tiruchirappalli-620024,Tamil Nadu,India.

Abstract

In todays lifestyle social networking has become easily receive

information about everyone in the world. In day-to-day life

mobile apps and mobile devices are developing rapidly. In

Android mobile devices we can detect person identity using

cloud computing which utilized the Face.com API(application

programming interface).The paper presents the face

recognition,mobile application and approaches to overcome the

challenges.we also applied Augmented Reality as an information

viewer to user.The result of testing shows that the system is able

to recognize face samples with the average percentage of 85%

with the total computation time for the face recognition system

reached 7.45 seconds,and the average augmented reality

translation time is 1.03seconds to get someones information.

KEYWORDS

Cloud Computing, Social Network, Face Recognition, Face

Detection, Augmented Reality, Mobile Cloud Computing

Challenges.

1. INTRODUCTION

Cloud computing refers to the use of networked infrastructure software and capacity to provide resources to users in an on-demand environment. With cloud computing, information is stored in centralized servers and cached temporarily on clients that can include desktop computers, notebooks, handhelds and other devices. Cloud computing exists when tasks and data are kept on the Internet rather than on individual devices, providing on-demand access. Applications are run on a remote server and then sent to the user. Mobile cloud computing is the form of cloud computing in combination with mobile devices. Mobile devices are increasingly becoming an essential part of human life as the most effective and convenient communication tools which is not restricted by time and place. However, the mobile devices are facing many challenges in their resources (e.g., battery life, storage, and bandwidth) and communications (e.g., mobility and security). Currently, social networking has become a very popular media for

many people . A lot of personal information can be obtained from

this social network. Search for detailed-identity can be easily

conducted through searching using the search engine sites or

existing social networking website. However, this appears to be a

less effective and the search must be performed in front of a

computer or laptop. The development of mobile technologies such

as smartphone and tablet allows a person to easily run a variety of

multitasking activities including basic activities of the phones to

run various applications such as email, multimedia, office

T.Palaniyammal, UG Scholar, Department of IT, Anna University, BIT Campus, Tiruchirappalli-620024,Tamil Nadu,India.

applications, etc. In addition, there are a variety of services on the

internet which is integrate their services with social network

Services. This condition was due to the current trend in it which is

aimed the capability for sharing the core of social network. Today,

most services on the internet must provide facilities for users to

connect their services with a popular social network services,

especially Facebook and Twitter. Start from this case, we designed

a system that can connect a person with a variety of services

through someones identity. Our proposed system uses a persons

face as the primary identity. This is because in general, we know

someone from his face. Our system has made facial identification

to know the various

social network and other internet activities followed by that person.

By utilizing the camera system on mobile devices, system

identification can be done by a person using face recognition

system. One thing to be considered in the application of facial

recognition systems is face recognition system requires high

computation. In this case, the mobile devices has only limited

resources and there is a problem in implementing face recognition

application in mobile devices. The work of show the advantage of

the computing process of facial recognition systems which is done

outside the server (cloud computing). The implementation of cloud

computing technology on mobile devices is aimed at creating

effective computation on mobile devices for performing process of

face recognition. In this work, the problem of interest is the design

and implementation of face recognition module on mobile devices

associated with the process of cloud computing. The design and

implementation is done by making an application to perform face

detection system on Android mobile device (onloading) including

augmented reality module and performing face recognition module

using clouds services. 2. LITERATURE REVIEW

This section will describe the explanation of the face recognition

system, cloud computing technology, Face.com API, and

augmented reality concept.

2.1. Face Recognition

Face recognition system is a system that performs engineering

method in an image to search for the identity or the information

contained in an image. Facial recognition systems are generally

divided into two stages . The first stage is the face detection

module which is the early stage (pre-processing). Then, is followed

by the facial recognition stage. Several techniques that can be used

to detect face in an image are :

a. Knowledge-based method

b. Feature invariant approaches

c. Template matching methods

d. Appearance based methods

Meanwhile, the face recognition system is a system designed on a

computer. This system is created to help identifying a person's face

through the image or digital video. One of the method commonly

used in the face recognition system is a way to compare the facial

feature of an image with a database of faces that have been taken

earlier. This is shown in Figure 1, which describe the flow of the

process official recognition



(NCGCTICT-2015)


Figure 1 Face Recognition Workflow

2.2. Cloud Computing Technology

Cloud computing system is a combination of computer technology

as a processor utilization and development of internet-based

computing in which information technology-related capabilities

provided as a service or on demand . One of the cloud computing

service is Google App Engine (GAE). GAE is a Platform as a

Services in cloud computing for building and hosting our web-

based applications in Google data center . Applications will be

built on a multiplevirtualized servers. Google App Engine provides

an on-demand services, that the resource will be used according to

the need of users. GAE has an automatic system to adjust resource

for applications that are built to increase the existing demand.

2.3. Face.com API

Face.com is an Application Programming Interface (API) services

for face recognition process. Face.com can be classified into PaaS

cloud computing service . Face.com provides an API for

developers to develop software that implement a face recognition

function. The process of facial recognition with Face.com API as

well as face recognition process in general. First, the user must

perform training to the new faces. In this training process, there is

a face detection stage and the result will be saved. Once the face

has successfully trained, the face can be recognized by the system.

2.4. Augmented Reality

Augmented Reality has been there for a long time, but has been

established as a research area in 1990s. There are many

definitions of augmented reality, however the general assumption

is that the augmented reality enables an enriched perspective by

superimposing virtual objects on the real world in a way that

persuades the viewer that the virtual object is a part of the real.

Therefore, augmented reality is a crossover between the real and

virtual world. Generally, augmented reality systems are divided

into two types :

a. Augmented reality based on marker.

A method that utilizes an illustration of a black marker and a

square-shaped anthers with a thick black border and white

background. Through the position faced with a computer camera,

the computer will make the process of creating 2D or 3D virtual

world.

b. Augmented reality without marker (markerless AR).

AR method does not require a marker to show the elements of the

virtual world when combined with a real-world environment. The

use of the markerless method is commonly used for face tracking,

object tracking and 3D motion tracking.

Figure 2 Augmenting virtual object in the real world image

Figure 2 depicted the process of combining real world and virtual

object for marker based AR. Since the begining of Augmented

Reality (AR) systems, the potential of collaborative AR was

exploited for different activities such as in military, in football

match or in the helmet of the pilot. They can see several pieces of

information. Nowadays some elements of AR are used for mobile

phone applications . By just pointing the camera to an object, we

will immediately receive information about the object on the

screen. In this paper, we implement augmented reality without

marker on Android platform, but we use the face as a primary

marker for augmented reality display.

3. PROPOSEDMETHOD

The system in this paper was designed to combine the computation

which is run on mobile device and the advantage of cloud

computing as explained . The computation on mobile device

(onloading) will perform the face detection module and augmented

reality to interact with the user. The other computation will run in

the cloud server (offloading) using Google App Engine (GAE) dan

Face.com service. Actually, the system in this paper was design in

three main modules including face detection on Android mobile

device, face recognition on cloud server using GAE and Face.com

API, and augmented reality as a result of a face recognition module

on mobile device. The overall system design is shown in Figure 3.

Figure 3 Block Diagram of System

Firstly, the system will perform a face detection through mobile

device (onloading). The face detection itself, will use native API

from Android called Android Face Detector API that detect face

from a bitmap. Then, the application on mobile device will make

the process of video stream which is directed to the face object

based on the operations selected by the user. After face detected,

mobile device will crop the image only on the face aspect as

described in Figure 4. The algorithm for cropping the face image is

as follows : Get the mid points of all the faces in the image, the

confidence value should be higher than 0.4 ; Calculate a rectangle

around the face which is about the dimensions as shown in Figure

4, the distance between the eyes is A ; Then, crop the image from

the coordinates that have just been calculated. After that, the

results of the face detection will be processed for the offloading of

the face recognition process to the cloud server by REST



(NCGCTICT-2015)


communication in the data network. Figure 5 shows the sequence

diagram of this system.

Figure 4 Illustration of Cropping Face Image

Figure 5 Sequence Diagram of System

The next step for this system is to perform face recognition module

on the cloud server. Figure 6 shows the block diagram of the face

recognition module. There are two Python scripts in the face

recognition module. Main.py is a script which has a function as a

connector with Android devices and also for Blobstore services

caller. Face_client.py is a script which has a function as an API

caller to the Face.com server. When the cloud server got the image,

the face image will be proceed to know the identity of the face

image. After the cloud server recognized the face image, it will

return the result to the mobile device with json response which

include, personal identity of the person. Then, mobile device will

decode the json response and show the result as an augmented

reality.

4. RESULT AND ANALYSIS

There are three main modules which has been tested from this

work i.e face detection module, face recognition module, and

augmented reality module. The result and analysis will be

described in the following sub-sections.

4.1. Face Detection

Face detection module in the mobile device is the first stage in the

main functionality of this face recognition application. The process

of face detection module work as a process of onloading that run

individually on the mobile device. The technical testing done in

this module consists of testing the camera resolution variations.

Testing of the variation is done by varying resolutions camera

ranging from low to high. The results of these variations in the

resolution of the camera that would be material to know the time

required to perform the face detection process in an image. Tests

conducted in the face detection module will be performed 10 times

for each condition of the camera resolution. The result of this

testing will be shown in Figure 7 that also implemented augmented

reality concept.

Figure 7 The Results of Face Detection Using Augmented Reality

concept.

The test results of face detection system for mobile devices are

implemented in two type that used low class (Galaxy GT S5570)

with a 600 MHz CPU specs, 384 Mb RAM, and quality of 3.15

megapixel camera and middle class (W I8150 Galaxy) which has

the specification of 1.4 GHz CPU, 512 Mb RAM, and quality 5

megapixel camera. When the testing process, it was found that the

working time of a face detection system in mobile devices

experience the difference in each variation of the camera

resolution. This is because the amount of work is a growing field

that is marked with greater resolution. When using a resolution of

240x160 pixels, the system can recognize the presence or absence

of the face with an average time of 0.46 seconds. When the

resolution was increased to 320x240 pixels, face detection system

in mobile devices requires a longer working time. Greater use of

the resolution would affect the long absence of the processing time

of the face detection system. The processor speed also affect the

working of the face detection system on mobile devices. The

difference can clearly be seen in Figure 8.

Figure 8 Face Detection System With Variation of the Camera

Resolution

4.2. Face Recognition

The results of the face recognition that has been built will be

discussed in this chapter as shown in Figure 9. This test aimed at

obtaining an analysis of the level of success in the system to

perform its function. The number of face data used in this test is 50

faces, with details of three men and two women with 10 face each

data. Examples of faces used in this testing are presented in Table

1. In the tests performed with the variation of the number of

training data, we obtained the results as shown in Table 2. Table 1

Face Samples

Face Object Object 1 Object 2 Object 3 Object 4 Object 5

Face Image



(NCGCTICT-2015)


Figure 9 Result of Recognition Process on GAE

Figure 10 shows the effect of the number of training data on the

level of face recognition of our system. X-axis show the number of

training data, while the Y axis expresses the degree of face

recognition. With the number of training data is only one piece, the

recognition rate remains low at 20%. Along with the increasing

number of the training data, it increased the level of recognition.

When the training data of five pieces, the recognition rate reached

the average of 100% from 10 trials. Figure 11 shows the effect of

the number of data training to the result of error rates.

Table 2 Test Result with Variation of the Number of the Training

Data

In contrast to the recognition rate, error rate is obtained from the

variation of the number of training data which has a quite different

value. With only single training data, the error rate is obtained at a

value of 33%. The error values continue to decrease until the

training data is 4, with a value of 28% error. But when the number

of training data continues to be increased, the error rate to be

increase to 31.2%. After that the error will be returned to the

stability value of 30.2%. The differences in the recognition rate

and error rate, indicated that the number of training data affects the

value of recognition and error rate. When there are only few

training data, the learning system of the face will low. The more

training data, the better learning system.

Figure 10 The Effect of Total Training Data for Face Recognition

Effect

Figure 11 The Effect of Total Training Data for Face Recognition

Error Rate

4.3 Augmented Reality

This section we discuss the result of testing and analysis of our

system. The systems has been successfully developed on android

devices. The functionality of the whole system has been working

well. We tested to find out the weakness and error. Testing was

intended the system to find out the translation time of augmented

reality. Tests performed on normal lighting conditions using ten

samples and performed on the front face recognition process as

many as 10 attempts for each face with different expression. It is

intended to maximize the face recognition results obtained and to

get more detailed information on the face intended to be

recognized. The average time to test the result of the translation is

shown in Figure 12.

Figure 12 Average Translation Time

Based on the translation of the image obtained from 9 information

access, information that contains the complete data about the

owner of the familiar faces are much slower compared with an

access permission to display bio information. In displaying

detailed information the translation

time lasts for 1.03 seconds, while the bio-data to show the

translation time is 0.69 seconds. This happens because the system



(NCGCTICT-2015)


works by making the initial approach of face detection and face

recognition. Condition that occurs when the test was to ignore the

value of face recognition are issued either agree or disagree with

the input face image. Determination of the face affects the process

of facial recognition as the face detection results will serve as the

primary marker in our recognition. If there are objects that are

blocking the area of the face like a scarf or hair covering the

forehead, the face recognition algorithm will not deliver good

result as the translation was not the same for each time. The result

of translation that interact with social media is shown in Figure

Figure 13 Illustration of Social Media Interaction

In addition to the effect caused by the recognition process, it

should be noted that the information will be displayed in the

different request. Plain text files take longer to be parsed and

translated. JSON translation to spend a long time, to exchange data

with complete information requests because of size issue. JSON

object with complete information has a size greater than JSON

with a little information. The different is around a hundred bytes.

This impact on the variation of translation time.

4.4 Total Computation Time

This section explains the testing result of all modules that

implemented on mobile devices. This section discussed about the

computing process which was done on the face detection module

and the face recognition module. Computational processes that

occur in the face recognition systems shows the effectiveness of

the, especially when integrated with cloud computing technology.

The application of cloud computing technology to make the

process of offloading can be used to save energy. Here is an

overall result of the computation process of facial recognition

systems on mobile devices as shown in Table 3. Table 3

Description of Computational Time for Face Recognition System

on

MobileDevices

Figure 14 Total Computation Time for Different Device

Figure 14 shows that the computation to perform the face detection

process (onloading) require a faster time on all types of mobile

devices. This differs from the process of offloading that requires a

longer computation time. This is due to the process of offloading

the server cloud computing requires high computation and the

process of sending the result of face recognition which is also

highly dependent on network connectivity. However, the overall

process of face recognition is implemented on mobile device

which indicate the results are not so bad. The process of visual

tracking or face detection process that has been tested run well and

indicates the system works in real-time.

5.Advantages of Mobile Cloud Computing

and anytime.

location, context, and requested services to improve user

experience.

sing, and power

resources which are advantageous.

Computing such as solving the problem of WAN latencies by

using cloudlet.

Weiguang Song summarize the core concepts of Mobile Cloud

Computing [MCC] by developing a basic idea model of Mobile

Cloud Computing. Major problems faced by MCC are discussed

such as stability of wireless connectivity, tackling the unnecessary

battery usage etc. Also, few possible solutions are suggested.

Qureshi discusses about the mobile cloud computing technology

and proposes the implementation methods for Mobile Cloud

Computing solutions such as General Purpose Mobile Cloud

Computing (GPMCC) and Application Specific Mobile Cloud

Computing (ASMCC). Certain barriers such as network

availability and bandwidth are focused. Two aspects of security

issues such as mobile device security and cloud security are

addressed. Le Guan addresses the challenges in Mobile Cloud

Computing design such as network latency, limited bandwidth and

availability. In order to analyze Mobile Cloud Computing

technology, a concept model is proposed which includes context

management, resource scheduling, client and transmission channel.

A Cloud architecture of Mobile Cloud Computing is described for

organization of Mobile Cloud Computing systems. Application

partition and offloading and various context aware services are

explained briefly. Dejan addresses several mobile cloud

approaches. An overview of various possibilities of Mobile Cloud

Computing is given. Native and web applications are too extremes

of mobile applications. The cost model of elastic mobile cloud

applications is described. Han qi discuss Mobile cloud computing

(MCC) as a development and extension of mobile computing (MC)

and cloud computing (CC) which has inherited high mobility and

scalability. The proposed system in the paper explains the principle

of MCC, characteristics, recent research work, and future research

trends. Proposed system analyzes the features and infrastructure of

mobile cloud computing and also analyzes the challenges of

mobile cloud computing. Ashwin focuses on the capabilities of the

mobile and cloud landscape. New class of applications called

Cloud Mobile Hybrid [CMH] applications and a Domain Specific

Language [DSL] are defined. The proposed system define Cloud-

mobile hybrid as a collection of application that has a Cloud based

back-end and a mobile device front-end. Using a single DSL script,

proposed system is capable of generating a variety of CMH

applications. These applications are composed of multiple

combinations of native Cloud and mobile applications. The

proposed system also reduces the complexities of the platform.

Dejan discuss about the mobile communities which introduce new

requirements compared to traditional online web communities. On

the other hand, cloud computing is emerging as computing concept

that gives the computational resources on demand and abstraction

of technical details from the clients. The paper proposes Mobile

Community Cloud Platform (MCCP) as a cloud computing system

that can influence the full potential of mobile community growth.



(NCGCTICT-2015)


An analysis of the core requirements of common mobile

communities is provided. The paper presents the design of cloud

computing architecture that supports building and evolving of

mobile communities. Harshit presents a middleware for

distributing computation over mobile ad-hoc networks. Mobile

adhoc is used as an alternative for cloud in its absence. Synergy is

mainly used for energy conservation when the cloud is not

available, the battery life of mobile devices becomes dead hence

mobile ad-hoc is used as an alternative. The proposed system has

two applications such as prototype implementation of Synergy and

integrates OpenCV with it. Al though this is not stronger than

clouds, this must co-exist to improve the mobile computing

accessibility. Vinod discuss about the cloud computing which

enables the work anywhere anytime by allowing application

execution and data storage on remote servers. This is useful for

mobile computing and communication devices that are constrained

in terms of computation power and storage. The goal of the paper

is to characterize under what scenarios cloud-based applications

would be relatively more energy-efficient for users of mobile

devices. Hung analyzes the performance of many mobile

applications which are weak due to lack of computation resources,

storage, and bandwidth and battery capacity. To overcome this,

application is rebuilt using the cloud services. The proposed

system explains a framework to execute the mobile application in

cloud based virtualized environment with encryption, and isolation

to protect against unauthenticated cloud providers. Results show

the execution of mobile application by offloading the workload

with efficient application level migration method via mobile

networks. The migration of application form one device to another

is easy and quick in the proposed system. Ricky builds an elastic

mobile cloud computing infrastructure by introducing eXCloud

system. eXCloud is a middleware system which allows resources

to be integrated and used dynamically. In eXCloud, a Stack-on-

Demand (SOD) approach is used to support computation mobility

in the mobile cloud environment. The proposed system evaluation

shows that stack-on-demand model enhances state of the art by

increasing the computation and reducing migration overhead and

latency. Ricky discuss that mobile cloud computing allows mobile

applications to use the large resources in the clouds. In order to

utilize the resources, migration of the computation among mobile

nodes and cloud nodes is necessary. Therefore, a highly portable

and transparent migration approach is needed. The paper uses a

Java byte code transformation technique for task migration without

effecting normal execution. Asynchronous migration technique is

used to allow migrations to take place virtually anywhere in the

user codes. The proposed Twin Method Hierarchy minimizes the

overhead from state-restoration codes in normal execution. Milos

discusses the Biometric applications such as fingerprint

identification, face, or iris scanning. These applications actually

work in a laboratory setting where the client computer has

unlimited access to the throughput and computational resources of

the network. The problem focused here is on the battery power of

the device and the throughput of the communication channel of the

client node to the cloud. The paper explains the mobile cloud

computing technique for biometric applications such as fingerprint

identification, face recognition and iris recognition. Debessay

analyzes and studies the impact of cloudlets in interactive mobile

cloud applications. In order to study the impact, cloudlet network

and service architecture is proposed. This architecture focuses on

file editing, video streaming, and collaborative chatting. The

performance gains with the usage of clouds are shown by

simulation results. NKosi discusses mobile devices which are used

in Health information delivery access and communication

challenges like power, bandwidth, and security. The proposed

system explains how cloud computing can be used in mobile

devices to provide sensor signals processing and security. The

system described in the proposed system uses an NGN/IMS system

with cloud computing to reduce the burden of organizing and also

for improving the functions of existing mobile health monitoring

systems. The interaction between health service provider, IMS

network operator and cloud computing service providers should be

regulated so that identity management and security verification is

performed. Saeid describes the reviewed and synthesized

smartphone augmentation approaches. Generating high-end

hardware is more expensive, energy consuming and time-

consuming. Conserving local resources through Cyber Foraging

and Fidelity Adaptation are feasible and widely acceptable

approaches but they lack in providing data security. Reducing

resource requirements is achieved through cloud computing and

mashup technology. Peng propose a framework of Operational

Command Training Simulation System based on mobile cloud

computing. The system combines cloud computing and mobile

computing, which includes infrastructure, platform, support,

application and middleware layer. The detail design of middleware

layer has been explained in the paper. The problem of the mobile

terminal with limited resources has been solved, and the

distribution and interoperability of simulation systems were

enhanced. Yan Gu focuses on the fundamental issue in the mobile

application platform which is the deployment decision for

individual tasks when the battery life of the mobile device is a

major concern for the mobile users experience. The proposed

system explains the deployment scheme to offload expensive

computational tasks from thin, mobile devices to powered,

powerful devices on the cloud. The proposed system is

implemented and various experiments on the Android devices for

individual components. Chun discuss about the mobile applications

which are providing functionality on mobile devices. Also, mobile

devices provide strong connectivity with more powerful machines

ranging from laptops and desktops to commercial clouds. The

proposed system in the paper presents the design and

implementation of CloneCloud. CloneCloud is a system that

automatically transforms mobile applications to get benefit from

the cloud. CloneCloud uses a combination of static analysis and

dynamic profiling to automatically partition an application. Keerthi

discusses the services provided on the mobile devices which are

increasing day by day. One of the important services among them

is the Location Based Service (LBS). LBS depend on the

geographical position of the user to provide services to the end

users. A mobile device lacks in providing resources. Mobile device

should get resources from an external source, such as cloud

computing platforms. The main goal of the proposed system is to

provide dynamic location-based service. Srinivasa makes a

comparison on various existing web based operating systems. An

overview about proposed system is given along with the

architecture. Proposed platform is created by MeghaOS cloud

architecture and web browser which serves as both application

server and end user. MeghaOS offers services such as Account

manager, File manager, Message exchange etc. Many optimization

approaches are described. Chit propose a Mobile Computing

Applications Platform [MCAP] which is a cloud-enabled platform

for defining, developing, and deploying applications on smart

phones, tablets, and in-vehicle computers. Core services provide

support for location, user profile, notification, authentication,

content management, and device management. COTS technologies

for mobile computing and wireless networking are used to create a

low-cost and sustainable program. Yu-Jia proposes a secure frame-

work where the location information of mobile terminals is used in

a cloud computing environment. Various cloud capabilities have

made many application providers start migrating the data stored in

original databases to outsourced databases. The paper gives the

security model for location-based services and explains the use of

distributed storage and International Mobile Subscriber Identity

(IMSI) as user identification to secure the location data. An

enhanced privacy and authentication mechanism for the security

framework is also proposed.

6. CONCLUSIONS

In this work, we implemented a real-time image processing

application especially the face recognition system and user

interface on Android mobile device. We also created augmented

reality application on this project to provide information about the

recognizable faces viewed by the user. The result of testing

indicates that face recognition rate reached the average percentage



(NCGCTICT-2015)


of 85%. The use of face recognition system based on Augmented

Reality provides an attractive interface for the user. From the test

results, the translation time is 1.03 seconds to show the augmented

reality. This paper surveys the challenges, scope, approaches and solutions in the area of Mobile Cloud Computing. The paper focusses on Energy conservation in mobile devices, migration issues, application development platforms and the various mobile cloud computing applications. Face recognition system has been implemented using cloud computing technology (offloading

process) that uses REST to the cloud server communications which

are quite satisfactory with a fairly accurate result. However, the

overall system do not represent a real time system because 7

seconds is too long. For future development, the application of

cloud computing technology can be considered as an alternative to

save on computing in mobile devices along with its development is

quite extensive. So, the future, this system should be capable of

being a face recognition system in a real time as the development

of the communications network in providing a faster access.

REFERENCES

[1] Ashraf Jalal. The Use of Social Networking in Education :

Challenge and Opportunities. WCSIT.

2012.

[2] N. Balasubramanian, A Balasubramanian, and A.

Venkataramani, Energy Consumption in Mobile

Phone : a measurement study and implications for network

applications,ACM. 2009.

[3] A.P. Miettinen and J.K. Nurminen, Energy efficiency of

mobile clients in cloud computing,

HotCloud 2nd USENIX Workshop on Hot Topics in Cloud

Computing, 2010.

[4]

effective sharing and testing of data on web services ... · work combines persuasive cued click...

Documents