Browsing by Author "Mavani, Monali"

Now showing 1 - 20 of 24

Accuracy Comparison of Predictive Algorithms of Data Mining: Application in Education Sector
(Springer, 2011) Mavani, Monali
Prediction is growing area of research which is attracting many researchers. Prediction is applied to almost all the sectors. Much commercial Business Intelligence software is available in which prediction is one of the features. With the advent of Open Source Technologies, it has become possible for education sector which normally has low IT budget, to take maximum advantage of Information and Communication Technologies(ICT). This paper describes the use of Open source Software Knime for prediction of students result based upon various independent(predictor) variables and value of dependent variable can be predicted using decision tree , SOTA (Self Organizing Tree Algorithm) and Naive Bayes This paper compares these three predictive algorithms present in Knime in terms of accuracy. Predicted results are compared with the actual result in order to measure accuracy and recommends best Predictive algorithm for forecasting. This paper also demonstrates the use of Moodle - Open Source Learning Management System (LMS) Logs as one of the attributes in predicting the student results.
Blending intelligent and reciprocal tutoring systems: a dynamic approach
(ACM Digital Library, 2010-02) Mavani, Monali
This paper explores the principles of a valuable educational tool - Intelligent Tutoring System (ITS) -- an application of Artificial Intelligence for the education domain. The paper discusses principles and state-of-the-art models of few ITS, the problems associated with Knowledge Engineering based ITS and provides a possible architecture to blend concepts of reciprocal tutoring with ITS. Some empirical work is necessary as proof-of-concept for the proposed architecture.
Comparative Analysis of Andrew Files System and Hadoop Distributed File System
(IACSIT Press, 2013) Mavani, Monali
Sharing of resources is the main goal of distributed system. The sharing of stored information is the most important aspect of distributed resource sharing. A file system was originally developed to provide convenient programming interface to disk storage for the centralized system. With the advent of distributed systems distributed storage has become very prominent. A distributed file system enables users to store and access remote files exactly as they do local ones, allowing users to access files from any computer on a network. The objective of this paper is to compare very first open source wide distribution of distributed file system called Andrew file system and the latest widely used distributed file system-Hadoop distributed file system.
Covert channel in IPv6 Destination option Extension header
(IEEE, 2014) Mavani, Monali
IPv6 is next generation Internet protocol whose market is going to increase as IPv4 addresses are exhausted and more mobile devices are attached to Internet. The experience with IPv6 protocol is less as its deployment is slow. So there are many unknown threats possible in IPv6 networks. One such threat addressed in this paper is covert communication in the network. Covert channel is way of communicating classified information. In network it is done by network protocol's control fields. Destination option Extension header of IPv6 is used to pass secret information which is shown experimentally in real test network set up. For creation of attack packets Scapy-Python based API is used. Covert channel due to unknown option and nonzero padding in PadN option is shown. Their detection is also proposed and detector logic is implemented using shell scripting and C programming.
Covert channel in IPv6 Destination option Extension header
(IEEE, 2014) Mavani, Monali
IPv6 is next generation Internet protocol whose market is going to increase as IPv4 addresses are exhausted and more mobile devices are attached to Internet. The experience with IPv6 protocol is less as its deployment is slow. So there are many unknown threats possible in IPv6 networks. One such threat addressed in this paper is covert communication in the network. Covert channel is way of communicating classified information. In network it is done by network protocol's control fields. Destination option Extension header of IPv6 is used to pass secret information which is shown experimentally in real test network set up. For creation of attack packets Scapy-Python based API is used. Covert channel due to unknown option and nonzero padding in PadN option is shown. Their detection is also proposed and detector logic is implemented using shell scripting and C programming.
Development of predictive model in education system: using Naïve Bayes classifier
(ACM Digital Library, 2011-02) Mavani, Monali
With the advent of ICT (Information and Communication Technologies) education sector is also experiencing change in teaching process. Different mode of delivery with the use of ICT and digital content has made concept of E-learning and Blended learning more acceptable. But all the available technologies are not used with full potential, sometimes even not introduced at all. Business Intelligence (BI) is one of them. Educational sector also has got vast amount of data scattered in different forms which can be reused to make more intelligent decisions. Various data mining techniques are available which can be used in order to get intelligent information from educational data. Furthermore with the increasing awareness of benefits due to use of Open Source technologies it has become possible for educational institutes to use various technologies with low cost or no cost. In this paper we have used Open Source software Knime for predicting student's results using Naïve Bayesian Learner and Naïve Bayesian predictor. We also have used Moodle logs data of student's activities as one of the attributes in order to predict results using Naïve Bayes theory.
Experimental study of IP spoofing attack in 6LoWPAN network
(IEEE, 2017) Mavani, Monali
6L0WPAN is a communication protocol for Internet of Things. 6LoWPAN is IPv6 protocol modified for low power and lossy personal area networks. 6LoWPAN inherits threats from its predecessors IPv4 and IPv6. IP spoofing is a known attack prevalent in IPv4 and IPv6 networks but there are new vulnerabilities which creates new paths, leading to the attack. This study performs the experimental study to check the feasibility of performing IP spoofing attack on 6LoWPAN Network. Intruder misuses 6LoWPAN control messages which results into wrong IPv6-MAC binding in router. Attack is also simulated in cooja simulator. Simulated results are analyzed for finding cost to the attacker in terms of energy and memory consumption.
Experimental study of IP spoofing attack in 6LoWPAN network
(IEEE, 2017) Mavani, Monali
6L0WPAN is a communication protocol for Internet of Things. 6LoWPAN is IPv6 protocol modified for low power and lossy personal area networks. 6LoWPAN inherits threats from its predecessors IPv4 and IPv6. IP spoofing is a known attack prevalent in IPv4 and IPv6 networks but there are new vulnerabilities which creates new paths, leading to the attack. This study performs the experimental study to check the feasibility of performing IP spoofing attack on 6LoWPAN Network. Intruder misuses 6LoWPAN control messages which results into wrong IPv6-MAC binding in router. Attack is also simulated in cooja simulator. Simulated results are analyzed for finding cost to the attacker in terms of energy and memory consumption.
In unsecured 6LoWPANs, the nodes can be easily identified by their IPv6 as well as MAC addresses. An adversary can snoop (and later, spoof) these addresses, thereby posing a major threat against the node’s identity and communication integrity. Such threats necessitate enabling privacy by obscuring the node’s addresses. This study proposes a protocol for dynamic, auto-configuring and conflict-free IPv6 addressing scheme that attempts to ensure privacy of nodes. In the proposed protocol, each node obtains a three-level hierarchical IPv6 address space which is dynamically generated on basis of congruence classes. Use of congruence classes, along with hierarchical addressing, facilitates generation of inter-leaved (and hence, disjoint) and non-fragmented address space for each node, resulting in conflict free address auto-generation. Nodes auto-configure their address sets independently with congruence seeds shared by routers, potentially reducing router complexity. To ensure the MAC address privacy, MAC address also changes when IPv6 address changes and it is derived from the interface identification (IID) part of the IPv6 address. The proposed protocol runs on Contiki operating system, simulated in Cooja. Simulated results highlight lower latency and optimal communication costs when compared with existing protocols.
(Elsevier, 2018-10) Mavani, Monali
In unsecured 6LoWPANs, the nodes can be easily identified by their IPv6 as well as MAC addresses. An adversary can snoop (and later, spoof) these addresses, thereby posing a major threat against the node’s identity and communication integrity. Such threats necessitate enabling privacy by obscuring the node’s addresses. This study proposes a protocol for dynamic, auto-configuring and conflict-free IPv6 addressing scheme that attempts to ensure privacy of nodes. In the proposed protocol, each node obtains a three-level hierarchical IPv6 address space which is dynamically generated on basis of congruence classes. Use of congruence classes, along with hierarchical addressing, facilitates generation of inter-leaved (and hence, disjoint) and non-fragmented address space for each node, resulting in conflict free address auto-generation. Nodes auto-configure their address sets independently with congruence seeds shared by routers, potentially reducing router complexity. To ensure the MAC address privacy, MAC address also changes when IPv6 address changes and it is derived from the interface identification (IID) part of the IPv6 address. The proposed protocol runs on Contiki operating system, simulated in Cooja. Simulated results highlight lower latency and optimal communication costs when compared with existing protocols.
MapReduce Frame Work: Investigating Suitability for Faster Data Analytics
(Springer, 2013) Mavani, Monali
Faster data analytics is the ability to generate the desired report in near real time. Any application that looks at an aggregated view of a stream of data can be considered as an analytic application. The demand to process vast amounts of data to produce various market trends, user behavior, fraud behavior etc. becomes not just useful, but critical to the success of the business. In the past few years, fast data, i.e., high-speed data streams, has also exploded in volume and availability. Prime examples include sensor data streams, real-time stock market data, and social-media feeds such as Twitter, Facebook etc. New models for distributed stream processing have been evolved over a time. This research investigates the suitability of Google’s MapReduce (MR) parallel programming frame work for faster data processing. Originally MapReduce systems are geared towards batch processing. This paper proposes some optimizations to original MR framework for faster distributed data processing applications using distributed shared memory to store intermediate data and use of Remote Direct Access (RDMA) technology for faster data transfer across network.
MapReduce Frame Work: Investigating Suitability for Faster Data Analytics
(Springer, 2013) Mavani, Monali
Faster data analytics is the ability to generate the desired report in near real time. Any application that looks at an aggregated view of a stream of data can be considered as an analytic application. The demand to process vast amounts of data to produce various market trends, user behavior, fraud behavior etc. becomes not just useful, but critical to the success of the business. In the past few years, fast data, i.e., high-speed data streams, has also exploded in volume and availability. Prime examples include sensor data streams, real-time stock market data, and social-media feeds such as Twitter, Facebook etc. New models for distributed stream processing have been evolved over a time. This research investigates the suitability of Google’s MapReduce (MR) parallel programming frame work for faster data processing. Originally MapReduce systems are geared towards batch processing. This paper proposes some optimizations to original MR framework for faster distributed data processing applications using distributed shared memory to store intermediate data and use of Remote Direct Access (RDMA) technology for faster data transfer across network.
Modeling and analyses of IP spoofing attack in 6LoWPAN network
(Elsevier, 2017-09) Mavani, Monali
6LoWPAN (modified version of IPv6 for low power devices) inherits security threats from its predecessor protocols, IPv4 and IPv6. IP spoofing is one such classic attack. There are vulnerabilities in 6LoWPAN and associated routing protocol, which open up new spoofing paths to the attacker. This study aims at profiling the feasibility to carry IPv6 spoofing attack on the 6LoWPAN network. Two new different attack paths are identified, which associate wrong IPv6 address with the MAC address of a node. These two paths use spoofed RPL and 6LoWPAN-ND messages to perform the IPv6 spoofing attack in an unsecured wireless medium. Probability of attack success is analyzed using the radio propagation environment parameters which affect the correct reception of a signal. It is shown that the success of an attack is highly dependent on the signal path loss. To perform the systematic mathematical analysis, attack tree model is used and attack is simulated in cooja simulator as well as performed in real experimental network. Our mathematical and simulated analysis show that path loss exponent, which represents distance based path loss, affects the probability of attack success. Attack feasibility analysis is done to find the cost to the attacker with respect to energy and memory consumption. It is observed that attacker code can be accommodated in memory constrained devices, and uses less energy to perform the attack, which manifests its feasibility.
Modeling and analyses of IP spoofing attack in 6LoWPAN network
(Elsevier, 2017) Mavani, Monali
6LoWPAN (modified version of IPv6 for low power devices) inherits security threats from its predecessor protocols, IPv4 and IPv6. IP spoofing is one such classic attack. There are vulnerabilities in 6LoWPAN and associated routing protocol, which open up new spoofing paths to the attacker. This study aims at profiling the feasibility to carry IPv6 spoofing attack on the 6LoWPAN network. Two new different attack paths are identified, which associate wrong IPv6 address with the MAC address of a node. These two paths use spoofed RPL and 6LoWPAN-ND messages to perform the IPv6 spoofing attack in an unsecured wireless medium. Probability of attack success is analyzed using the radio propagation environment parameters which affect the correct reception of a signal. It is shown that the success of an attack is highly dependent on the signal path loss. To perform the systematic mathematical analysis, attack tree model is used and attack is simulated in cooja simulator as well as performed in real experimental network. Our mathematical and simulated analysis show that path loss exponent, which represents distance based path loss, affects the probability of attack success. Attack feasibility analysis is done to find the cost to the attacker with respect to energy and memory consumption. It is observed that attacker code can be accommodated in memory constrained devices, and uses less energy to perform the attack, which manifests its feasibility.
Performance study of node wakeup rate on the privacy enabled addressing scheme in duty-cycled 6LoWPAN
(IEEE, 2019-09) Mavani, Monali
Node address privacy in 6LoWPAN can be ensured using temporary addresses in the communication messages. If private temporary addresses are used, then it is difficult to track the nodes by looking at its addresses. Address configuration latency of privacy enabled IPv6 addressing scheme for 6LoWPAN may be affected due to radio duty cycling used to save energy. ContikiMAC is widely used duty cycling protocol in Contiki operating system's MAC layer along with the CSMA channel access mechanism. But the address configuration delay is increased with the use of duty cycling at the MAC layer. The ContikiMAC allows node to use different wake up frequency known as Channel check rate when it is not transmitting. In this paper, an experimental study is presented to evaluate the effect of Channel Check Rate on the address configuration latency and the communication cost. It is observed that the ContikiMAC duty cycling protocol is used to save energy. However, if the node wakeup frequency decreases, the address configuration latency and communication cost increases
Performance study of node wakeup rate on the privacy enabled addressing scheme in duty-cycled 6LoWPAN
(IEEE, 2019) Mavani, Monali
Node address privacy in 6LoWPAN can be ensured using temporary addresses in the communication messages. If private temporary addresses are used, then it is difficult to track the nodes by looking at its addresses. Address configuration latency of privacy enabled IPv6 addressing scheme for 6LoWPAN may be affected due to radio duty cycling used to save energy. ContikiMAC is widely used duty cycling protocol in Contiki operating system's MAC layer along with the CSMA channel access mechanism. But the address configuration delay is increased with the use of duty cycling at the MAC layer. The ContikiMAC allows node to use different wake up frequency known as Channel check rate when it is not transmitting. In this paper, an experimental study is presented to evaluate the effect of Channel Check Rate on the address configuration latency and the communication cost. It is observed that the ContikiMAC duty cycling protocol is used to save energy. However, if the node wakeup frequency decreases, the address configuration latency and communication cost increases.
Privacy enabled disjoint and dynamic address auto-configuration protocol for 6Lowpan
(Elsevier, 2018-10) Mavani, Monali
In unsecured 6LoWPANs, the nodes can be easily identified by their IPv6 as well as MAC addresses. An adversary can snoop (and later, spoof) these addresses, thereby posing a major threat against the node’s identity and communication integrity. Such threats necessitate enabling privacy by obscuring the node’s addresses. This study proposes a protocol for dynamic, auto-configuring and conflict-free IPv6 addressing scheme that attempts to ensure privacy of nodes. In the proposed protocol, each node obtains a three-level hierarchical IPv6 address space which is dynamically generated on basis of congruence classes. Use of congruence classes, along with hierarchical addressing, facilitates generation of inter-leaved (and hence, disjoint) and non-fragmented address space for each node, resulting in conflict free address auto-generation. Nodes auto-configure their address sets independently with congruence seeds shared by routers, potentially reducing router complexity. To ensure the MAC address privacy, MAC address also changes when IPv6 address changes and it is derived from the interface identification (IID) part of the IPv6 address. The proposed protocol runs on Contiki operating system, simulated in Cooja. Simulated results highlight lower latency and optimal communication costs when compared with existing protocols.
Privacy enabled disjoint and dynamic address auto-configuration protocol for 6Lowpan
(Elsevier, 2018-10) Mavani, Monali
In unsecured 6LoWPANs, the nodes can be easily identified by their IPv6 as well as MAC addresses. An adversary can snoop (and later, spoof) these addresses, thereby posing a major threat against the node’s identity and communication integrity. Such threats necessitate enabling privacy by obscuring the node’s addresses. This study proposes a protocol for dynamic, auto-configuring and conflict-free IPv6 addressing scheme that attempts to ensure privacy of nodes. In the proposed protocol, each node obtains a three-level hierarchical IPv6 address space which is dynamically generated on basis of congruence classes. Use of congruence classes, along with hierarchical addressing, facilitates generation of inter-leaved (and hence, disjoint) and non-fragmented address space for each node, resulting in conflict free address auto-generation. Nodes auto-configure their address sets independently with congruence seeds shared by routers, potentially reducing router complexity. To ensure the MAC address privacy, MAC address also changes when IPv6 address changes and it is derived from the interface identification (IID) part of the IPv6 address. The proposed protocol runs on Contiki operating system, simulated in Cooja. Simulated results highlight lower latency and optimal communication costs when compared with existing protocols.
Privacy Preserving IPv6 Address Auto-Configuration for Internet of Things
(Springer, 2017-10) Mavani, Monali
Internet of Things enables every node on a personal network to be managed and monitored remotely over the Internet. Biometric devices, used for access control or as bio-sensors, form a critical part of Internet of Things and are identified using IPv6 address. Malicious users can track activity of these devices by spoofing IPv6 addresses from unsecure wireless communication channels. Tracking device activity and identifying user behavior of the device poses a great threat to device identity and data generated by it. Such a threat can be avoided by keeping the device’s IPv6 address hidden from attacker. This study proposes a method to privacy enable IPv6 address configuration for connected devices in general and biometric devices in particular, while connected as a part of Internet of Things. It is proposed that by changing the device’s IPv6 address periodically and pseudorandomly, its identity can be kept private to a large extent. These address changes are configured on devices based on congruence classes, which generate non-repeatable integer sequence. It is proposed that the interface identification part of IPv6 address is configured with two-level hierarchy with each level level using a different congruence class. Such configuration generates different identification values to ensure conflict free address configuration. The proposition is analyzed for privacy preserving property and communication cost. The results of performance benchmarking using Cooja simulator show that the method does not impose substantial communication overhead on IPv6 address configuration process.
Privacy Preserving IPv6 Address Auto-Configuration for Internet of Things
(Springer, 2018) Mavani, Monali
Internet of Things enables every node on a personal network to be managed and monitored remotely over the Internet. Biometric devices, used for access control or as bio-sensors, form a critical part of Internet of Things and are identified using IPv6 address. Malicious users can track activity of these devices by spoofing IPv6 addresses from unsecure wireless communication channels. Tracking device activity and identifying user behavior of the device poses a great threat to device identity and data generated by it. Such a threat can be avoided by keeping the device’s IPv6 address hidden from attacker. This study proposes a method to privacy enable IPv6 address configuration for connected devices in general and biometric devices in particular, while connected as a part of Internet of Things. It is proposed that by changing the device’s IPv6 address periodically and pseudorandomly, its identity can be kept private to a large extent. These address changes are configured on devices based on congruence classes, which generate non-repeatable integer sequence. It is proposed that the interface identification part of IPv6 address is configured with two-level hierarchy with each level level using a different congruence class. Such configuration generates different identification values to ensure conflict free address configuration. The proposition is analyzed for privacy preserving property and communication cost. The results of performance benchmarking using Cooja simulator show that the method does not impose substantial communication overhead on IPv6 address configuration process.
Resilient against spoofing in 6LoWPAN networks by temporary-private IPv6 addresses
(Springer, 2019-08) Mavani, Monali
An attacker can disrupt the network operations in the 6LoWPANs by spoofing the IPv6 address while evading the detection. Despite many existing spoofing prevention techniques, spoofing threat still persists. Thus, it becomes necessary to devise a method which can offer resilience against spoofing by reducing the attack disruption time. This study aims at reducing IPv6 spoofing attack disruption time in 6LoWPANs. Hence, it provides the resiliency against IPv6 spoofing threat. The time complexity analysis of the attack tree for the spoofing attack is performed to analyze the attack disruption time. The analytical results show that attack disruption window is directly proportional to the lifetime of the node addresses. The lower lifetime of node addresses ensure the reduction of the attack disruption window. Thus, the use of temporary node addresses can be a solution for reducing the spoofing attack disruption window. Node’s IPv6 address can be changed periodically to dissociate a node from its permanent identity. Hence, an attacker has to re-perform the attack to gain significant benefits. Corrupted routing table as a result of spoofing attack and its countermeasure is simulated in Cooja running Contiki operating system. The length of the attack window depends upon the periodicity of the address change. The higher frequency of address change decreases the attack disruption time with an increase in the communication cost. Simulations have been performed to compare the optimum value of address change periodicity concerning the communication cost for two private addressing schemes proposed in the literature.