Essay writing mechanics: October 2019

Thursday, October 31, 2019

Present Artmagazine Company Research Paper Example | Topics and Well Written Essays - 2250 words

Present Artmagazine Company - Research Paper Example The art magazine is basically the online shop where people can buy the art pieces and also they can criticize those pieces of art. Basically the artmagazine.cc can be classified into two broad prospective one is the painting and other one is the sculpture making. However, nowadays acting and theater are also taken as the act of art. The art magazine is one of the primary factors in the field of art and business. Art magazines are the important factor which provides all the information about the art. It contains much important information which is very much important for the art lover and the art dealer. Art is a unique talent and the attraction towards art is not seen in everyoneÃ¢â‚¬â„¢s mind. There are very selective people who love art and some people who love to deal with art as the art material has a tremendous resale value. There are many people who take these paintings and sculpture as an investment. However, we can say that the artmagazine.cc is the online magazine which covers all the aspects of the contemporary art factors. Magazines are basically a medium by which the information about the specific subjects can be conveyed towards the respected audience or towards the specific target group. Magazines are basically an entertainment factor in the human life, the proper design and the specific designs make it a unique representation of information. Artmagazine is the internet based magazine conveys the news about the art to the people who love art. There are several art magazines available in the market nowadays and each one of them has its unique characteristics. There are many art magazines are there which are only for contemporary paintings. These magazines cover most of the new age paintings as well the history of the paintings. Art is a subject which is very unique in nature and the target group (TG) for these art is also very limited and for that it is not commercialized as it is not for everyone. As the

Tuesday, October 29, 2019

Foreign market entry strategies Essay Example for Free

Foreign market entry strategies Essay Ã¢â‚¬Å"Firms which participate in the business system as partners complement the company and its suppliers, thereby increasing the value to customersÃ¢â‚¬ . Explain your understanding of this view and provide examples to reinforce your arguments. For a company, entering new foreign markets may be achieved in a variety of ways. Each of these ways places its unique demands on the company in terms of organizational and financial resources. Most of the times, entering international markets is not a matter of choice but of necessity to remain competitive in new or established markets by meeting the consumerÃ¢â‚¬â„¢ needs and values. The decision to go international represents an important commitment, to go into a new line of activity, this being the reason why it should be taken step by step: obtaining information, analyzing them, formulating alternative action plans, (Tookey, 1975) and of course find the right partners that match the company brand image and values. The international business system model is focused on the advantages determined by the internationalisation process and less on the development process of the internationalisation of companies. The main scope obtained by applying the Uppsala Model is predicting the companyÃ¢â‚¬â„¢s evolution on foreign markets. Two elements are at the basis of the model: the notion of essentiality attributed to the process and the notion of physical distance. The internationalisation of a multinational company takes place step by step, according to the Uppsala Model, which minimises the risks regarding the new market (Johanson; Wiedersheim-Paul, 1975). Therefore, the company is being involved gradually (investments, control and profit), getting to the point of creating a production subsidiary which ensures also the selling of the products on the new market. The stages of the internationalisation process are presented in Appendix 1. The concept of physical distance, the second element the Uppsala Model is based upon determines the companies to select, in a first stage, the neighbour countries in order to reduce the cultural, economical, political differences. According to this approach, the bigger the physical distance, the bigger is the incertitude about the new market and bigger the risks associated to this market. In the view of the globalisation phenomena, there are numerous criticisms about the Ã¢â‚¬Å"physical distanceÃ¢â‚¬ notion. Many papers have developed the subject of the companyÃ¢â‚¬â„¢s internationalisation; a special place holds J. Birkinshaw who analysed the problems regarding the role of the subsidiaries and the evolution of the mandated in the internationalisation process at the multinationalÃ¢â‚¬â„¢s level. Therefore, Birkinshaw and Hoods (1998) have shown that creating a subsidiary can be explained on the basis of the interactions between the decisions of the mother-company, the initiatives o f the subsidiary and the specific conditions existing on the new market. The model developed by Birkinshaw (1997) is based on three variables: The relation headquarters Ã¢â‚¬â€œ subsidiary; the subsidiaryÃ¢â‚¬â„¢s initiatives and the local environment. Regarding the internationalisation process, the company has more options (see Appendix 2) The first choice is represented by the development of the existing markets and it is being used by companies that are acting on highly competitive markets; the second choice Ã¢â‚¬â€œ the company can choose to develop its activity on new markets, similar to the ones they are already acting on Ã¢â‚¬â€œ in this case, they are usually choosing to export their products; the third strategy is developing a new line of products similar to the ones they already have and which will be sold on similar markets- in this case the company can choose between strategic alliances: creating a joint venture or licensing. . ManagementÃ¢â‚¬â„¢s involvement in export operations is different, as we talk about passive exporters (when selling abroad is induced by the demand existing on the foreign market, meaning that the business is initiated by the importer) or active exporters (when the operation is initiated by the seller, which has an export strategy and a suitable business plan (Popa, 2006) From the operational point of view, exporters can be indirect exporters(with the participation of trading houses), when it isnÃ¢â‚¬â„¢t necessary to create an organizational structure specific to the export activity or direct exporters, which is made by the producer, which is creating services or departments for international business. The determinants of export behaviour are experience and uncertainty effects; behavioural and firm-specific influences and strategic influences. 1. Experience and uncertainty effects Knowledge and learning regarding the exporting activity may be possessed or accumulated by the company in time. Experience has a key role, as firmÃ¢â‚¬â„¢s involvement in international markets is most of the time a gradual process. During the early stages of exporting, firms have a more concentrated foreign market focus, while increased involvement in foreign market encourages diversification to a wider range of markets. As a firmÃ¢â‚¬â„¢s knowledge of an export market increases, the uncertainty factor diminishes. This knowledge allows the identification of concrete opportunities, as distinct from theoretical that may be apparent from objective knowledge. 2. Behavioural and firm-specific influences Recent theories of exporting are strongly influenced by the behavioural theory of the firm, which stresses decision-maker characteristics, organizational dynamics and constraints, ignorance and uncertainty as key variables in decision making. Exporting has been described as a development process based on a learning sequence involving six stages Bilkey and Tesar, 1977): Stage 1: the firm is not interested in exporting Stage 2: the firm supplies unsolicited business, doesnÃ¢â‚¬â„¢t examine the feasibility of active exporting Stage 3: the firm examines the feasibility of exporting in an active way Stage 4: experimental exports on neighbour countries Stage 5: the firm becomes an experienced exporter Stage 6: the firm explores the feasibility of exporting to additional countries of greater business distance. According to Welch (1982), the export commitment is influenced by four groups of factors (see figure 4): pre-export activities, direct export stimuli, latent influences on the firm and the role of the decision-maker. 3. Strategic influences The opinion among researchers and managers is divided on the issue of the relation between the firm size and export success. Still, the importance of a positive managerial attitude to exporting and the necessity of committing managerial and financial resources to the internationalization process are crucial to the success of the firm, irrespective of size. As a mode of international market entry, strategic alliances allow the firm (Bradley, 2002): Ã¢â‚¬ ¢ Access to assets not readily available in the market Ã¢â‚¬ ¢ Access to technology and markets Ã¢â‚¬ ¢ The smaller firms can have access to technology and new products Ã¢â‚¬ ¢ The larger firms can have access to markets Ã¢â‚¬ ¢ Synergetic effects in the partner firms. Choosing the way to enter a foreign market represents an important part of the foreign direct investment strategy. The companies should select the new market, decide upon the types of operations that are about to be developed on these markets and decide the type of entry Ã¢â‚¬â€œgreen field investments, acquisitions, joint ventures. Choosing the way to enter a foreign market was also explained through cultural and national factors. Many studies have been concerned about this topic: Ã¢â‚¬ ¢ Kogut and Singh (1988) after researches have concluded that a big cultural distance between the country of origin and the host country have as a result choosing joint ventures or green field investments. Ã¢â‚¬ ¢ Gatignon and Anderson (1988) have shown that an important socio-cultural distance, measured with the help of the Index developed by Ronen and Shenkar (1985) goes to the partial propriety right. Ã¢â‚¬ ¢ Gatignon and Anderson (1988) have concluded that multinational companies avoid having 100% owned subsidiaries in high risk countries. Ã¢â‚¬ ¢ Cho and Radmanabhan (1995) have shown that companies from Japan are not willing to make acquisitions in developing countries. Choosing the joint venture as a mechanism to enter new markets (especially the developing countries and the ones with centralised economy) is usually a sec ond-best option for the companies from developed countries. Still, the companies show through this the major interest for the local market; the participation in the joint-venture could be qualified as a foreign direct investment. Many times, this mechanism represents the only way to be present on a certain market. Licensing in international markets: License is the purchase or sale by contract of product pr process technology, design and marketing expertise (Bradley, 2002). It involves the market contracting of knowledge and know-how. International licensing takes place when a company provides, for a certain fee-royalty, a technology needed by another company in order to operate a business in a foreign market. Licensing of this firm involves one or more of these elements: Ã¢â‚¬ ¢ a brand name Ã¢â‚¬ ¢ operations expertise Ã¢â‚¬ ¢ manufacturing process technology Ã¢â‚¬ ¢ access to patents Ã¢â‚¬ ¢ trade secrets. Licensing may be attractive when host countries restrict imports or foreign direct investment, or when the market is small and when the prospects of technology feedback are high. Franchising to enter international markets: Franchising is a derivative of licensing. In franchising a business format is licensed, not a product or a technology. Trademarks, trade names, copyright, designs, patents, trade secrets and know-how may all be involved in different mixtures in the Ã¢â‚¬Å¾packageÃ¢â‚¬ to be licensed. Franchising is a form of marketing and distribution in which the franchisor grants an individual or company, the franchisee, the right to do business in a prescribed manner over a certain period of time, in a specified place (Ayling, 1986). A franchise is, according to International Franchise Association (IFA), the agreement or license between two legally independent parties which gives: Ã¢â‚¬ ¢ a person or group of people (franchisee) the right to market a product or service using the trademark or trade name of another business (franchisor) Ã¢â‚¬ ¢ the franchisee the right to market a product or service using the operating methods of the franchisor Ã¢â‚¬ ¢ t he franchisee the obligation to pay the franchisor fees for These rights Ã¢â‚¬ ¢ the franchisor has the obligation to provide rights and support to franchisees. Types of Franchises There are two main types of franchises: product distribution and business format. Product distribution franchises simply sell the franchisorÃ¢â‚¬â„¢s products and are supplier-dealer relationships. In product distribution franchising, the franchisor licenses its trademark and logo to the franchisees but typically does not provide them with an entire system for running their business. The industries where you most often find this type of franchising are soft drink distributors, automobile dealers and gas stations. Some familiar product distribution franchises include: Pepsi, Exxon, Ford Motor Company. Although product distribution franchising represents the largest percentage of total retail sales, most franchises available today are business format opportunities. Business format franchises, on the other hand, not only use a franchisorÃ¢â‚¬â„¢s product, service and trademark, but also the complete method to conduct the business itself, such as the marketing plan and operations manuals. Business format franchises are the most common type of franchise. The United States, today reported that the 10 most popular franchising opportunities are in these industries: fast food, retail, service, automotive, restaurants, maintenance, building and construction, retailÃ¢â‚¬â€food, business services, lodging. The many advantages and disadvantages of owning a franchise should be carefully evaluated before deciding to purchase one. Throughout all these different foreign market entry strategies, by understanding every characteristic detailed we can conclude that partnership can be at the core of international marketing decisions and enable possibilities of internationalisation. Partnerships can be structured in various ways depending on their purpose. Wholly foreign-owned enterprises, non-equity/contractual/co-operative strategic alliances, equity strategic alliances/joint ventures, and franchises, are basic types of formal partnerships. There are numerous other types of informal partnerships including; joint marketing promotion, joint selling or distribution, technology licensing, R D contracts, design collaboration, production agreements, and other synergies. Consequently, the ideal partner in a business partnership is one that has resources, skills and assets and values which complement the company. The partnership has to work financially and contractually, but it is also essential that a partnerÃ¢â‚¬â„¢s areas of strength and weakness are known and that an assessment is made of what actions would be needed to achieve an appropriate level of operational fit between the cultures of the two organisations. To meet the market needs effectively and in a sustained way, the business partnership must be based on a systematic and transparent agreement between the client and the partners (common values). That agreement provides the basis for a partnership deal and has to be sufficiently strong to engage the sustained commitment of both parties but also sufficiently flexible to enable the partnership to be responsive to changes in market needs and conditions. Being at the forefront partners are an extension of the company capability, image and valu es perceived by the consumer, therefore, complement the company by increasing the value to customers. For instance, Sony is an international and reputed company for its high standards range of TVs. Today, within the UK market, Sony position itself as a seller of durable and high end products by practicing a selective distribution. Their products are mostly found at Sony Centres (Sony own shop) or PC Currys World, exclusive partner (distributor) chosen by Sony well known in the market and sharing similar values such as expertise in the audiovisual area or guarantee of quality products and services. It reflects well a relevant and consistent image of the values conveyed by both organisations to the customers.

Sunday, October 27, 2019

Mobile Ad Hoc Network Intrusion Detection System (IDS)

Mobile Ad Hoc Network Intrusion Detection System (IDS) Chapter 1 1. Introduction Mobile ad hoc networks (MANETs) and wireless sensor networks (WSNs) are relatively new communication paradigms. MANETs do not require expensive base stations or wired infrastructure. Nodes within radio range of each other can communicate directly over wireless links, and those that are far apart use other nodes as relays. Each host in a MANET also acts as a router as routes are mostly multichip. The lack of fixed infrastructure and centralized authority makes a MANET suitable for a broad range of applications in both military and civilian environments. For example, a MANET could be deployed quickly for military communications in the battlefield. A MANET also could be deployed quickly in scenarios such as a meeting room, a city transportation wireless network, for fire fighting, and so on. To form such a cooperative and self configurable network, every mobile host should be a friendly node and willing to relay messages for others. In the original design of a MANET, global trustworthiness in nodes within the whole network is a fundamental security assumption. Recent progress in wireless communications and micro electro mechanical systems (MEMS) technology has made it feasible to build miniature wireless sensor nodes that integrate sensing, data processing, and communicating capabilities. These miniature wireless sensor nodes can be extremely small, as tiny as a cubic centimeter. Compared with conventional computers, the low-cost, battery-powered, sensor nodes have a limited energy supply, stringent processing and communications capabilities, and memory is scarce. The design and implementation of relevant services for WSNs must keep these limitations in mind. Based on the collaborative efforts of a large number of sensor nodes, WSNs have become good candidates to provide economically viable solutions for a wide range of applications, such as environmental monitoring, scientific data collection, health monitoring, and military operations. Despite the wide variety of potential applications, MANETs and WSNs often are deployed in adverse or even hostile environments. Therefore, they cannot be readily deployed without first addressing security challenges. Due to the features of an open medium, the low degree of physical security of mobile nodes, a dynamic topology, a limited power supply, and the absence of a central management point, MANETs are more vulnerable to malicious attacks than traditional wired networks are. In WSNs, the lack of physical security combined with unattended operations make sensor nodes prone to a high risk of being captured and compromised, making WSNs vulnerable to a variety of attacks. A mobile ad hoc network (MANET) is a self-configuring network that is formed automatically by a collection of mobile nodes without the help of a fixed infrastructure or centralized management. Each node is equipped with a wireless transmitter and receiver, which allow it to communicate with other nodes in its radio communication range. In order for a node to forward a packet to a node that is out of its radio range, the cooperation of other nodes in the network is needed; this is known as multi-hop communication. Therefore, each node must act as both a host and a router at the same time. The network topology frequently changes due to the mobility of mobile nodes as they move within, move into, or move out of the network. A MANET with the characteristics described above was originally developed for military purposes, as nodes are scattered across a battlefield and there is no infrastructure to help them form a network. In recent years, MANETs have been developing rapidly and are increasingly being used in many applications, ranging from military to civilian and commercial uses, since setting up such networks can be done without the help of any infrastructure or interaction with a human. Some examples are: search-and-rescue missions, data collection, and virtual classrooms and conferences where laptops, PDA or other mobile devices share wireless medium and communicate to each other. As MANETs become widely used, the security issue has become one of the primary concerns. For example, most of the routing protocols proposed for MANETs assume that every node in the network is cooperative and not malicious [1]. Therefore, only one compromised node can cause the failure of the entire network. There are both passive and active attacks in MANETs. For passive at tacks, packets containing secret information might be eavesdropped, which violates confidentiality. Active attacks, including injecting packets to invalid destinations into the network, deleting packets, modifying the contents of packets, and impersonating other nodes violate availability, integrity, authentication, and non-repudiation. Proactive approaches such as cryptography and authentication were first brought into consideration, and many techniques have been proposed and implemented. However, these applications are not sufficient. If we have the ability to detect the attack once it comes into the network, we can stop it from doing any damage to the system or any data. Here is where the intrusion detection system comes in. Intrusion detection can be defined as a process of monitoring activities in a system, which can be a computer or network system. The mechanism by which this is achieved is called an intrusion detection system (IDS). An IDS collects activity information and then analyzes it to determine whether there are any activities that violate the security rules. Once AN ID determines that an unusual activity or an activity that is known to be an attack occurs, it then generates an alarm to alert the security administrator. In addition, IDS can also initiate a proper response to the malicious activity. Although there are several intrusion detection techniques developed for wired networks today, they are not suitable for wireless networks due to the differences in their characteristics. Therefore, those techniques must be modified or new techniques must be developed to make intrusion detection work effectively in MANETs. In this paper, we classify the architectures for IDS in MANETs, each of which is suitable for different network infrastructures. Current intrusion detection systems corresponding to those architectures are reviewed and compared. Chapter 2 Background 2.1 Intrusion Detection System (IDS) Many historical events have shown that intrusion prevention techniques alone, such as encryption and authentication, which are usually a first line of defense, are not sufficient. As the system become more complex, there are also more weaknesses, which lead to more security problems. Intrusion detection can be used as a second wall of defense to protect the network from such problems. If the intrusion is detected, a response can be initiated to prevent or minimize damage to the system. To make intrusion detection systems work, basic assumptions are made. The first assumption is that user and program activities are observable. The second assumption, which is more important, is that normal and intrusive activities must have distinct behaviors, as intrusion detection must capture and analyze system activity to determine if the system is under attack. Intrusion detection can be classified based on audit data as either host- based or network-based. A network-based IDS captures and analyzes packets from network traÃ‚ ±c while a host-based IDS uses operating system or application logs in its analysis. Based on detection techniques, IDS can also be classified into three categories as follows [2]. Anomaly detection systems: The normal profiles (or normal behaviors) of users are kept in the system. The system compares the captured data with these profiles, and then treats any activity that deviates from the baseline as a possible intrusion by informing system administrators or initializing a proper response. Misuse detection systems: The system keeps patterns (or signatures) of known attacks and uses them to compare with the captured data. Any matched pattern is treated as an intrusion. Like a virus detection system, it cannot detect new kinds of attacks. Specification-based detection: The system defines a set of constraints that describe the correct operation of a program or protocol. Then, it monitors the execution of the program with respect to the defined constraints. 2.2 Intrusion Detection in MANETs Many intrusion detection systems have been proposed in traditional wired networks, where all track must go through switches, routers, or gateways. Hence, IDS can be added to and implemented in these devices easily [17, 18]. On the other hand, MANETs do not have such devices. Moreover, the medium is wide open, so both legitimate and malicious users can access it. Furthermore, there is no clear separation between normal and unusual activities in a mobile environment. Since nodes can move arbitrarily, false routing information could be from a compromised node or a node that has outdated information. Thus, the current IDS techniques on wired networks cannot be applied directly to MANETs. Many intrusion detection systems have been proposed to suit the characteristics of MANETs, some of which will be discussed in the next sections. 2.3 Architectures for IDS in MANETs The network infrastructures that MANETs can be configured to are either at or multi-layer, depending on the applications. Therefore, the optimal IDS architecture for a MANET may depend on the network infrastructure itself [9]. In an network infrastructure, all nodes are considered equal, thus it may be suitable for applications such as virtual classrooms or conferences. On the contrary, some nodes are considered different in the multi-layered network infrastructure. Nodes may be partitioned into clusters with one cluster head for each cluster. To communicate within the cluster, nodes can communicate directly. However, communication across the clusters must be done through the cluster head. This infrastructure might be well suited for military applications. 2.3.1 Stand-alone Intrusion Detection Systems In this architecture, an intrusion detection system is run on each node independently to determine intrusions. Every decision made is based only on information collected at its own node, since there is no cooperation among nodes in the network. Therefore, no data is exchanged. Besides, nodes in the same network do not know anything about the situation on other nodes in the network as no alert information is passed. Although this architecture is not elective due to its limitations, it may be suitable in a network where not all nodes are capable of running IDS or have IDS installed. This architecture is also more suitable for an network infrastructure than for multi-layered network infrastructure. Since information on each individual node might not be enough to detect intrusions, this architecture has not been chosen in most of the IDS for MANETs. 2.3.2 Distributed and Cooperative Intrusion Detection Systems Since the nature of MANETs is distributed and requires cooperation of other nodes, Zhang and Lee [1] have proposed that the intrusion detection and response system in MANETs should also be both distributed and cooperative as shown in Figure 1. Every node participates in intrusion detection and response by having an IDS agent running on them. An IDS agent is responsible for detecting and collecting local events and data to identify possible intrusions, as well as initiating a response independently. However, neighboring IDS agents cooperatively participate in global intrusion detection actions when the evidence is inconclusive. Similarly to stand-alone IDS architecture, this architecture is more suitable for a network infrastructure, not multi-layered one. 2.3.3 Hierarchical Intrusion Detection Systems Hierarchical IDS architectures extend the distributed and cooperative IDS architectures and have been proposed for multi-layered network infrastructures where the network is divided into clusters. Clusterheads of each cluster usually have more functionality than other members in the clusters, for example routing packets across clusters. Thus, these cluster heads, in some sense, act as control points which are similar to switches, routers, or gateways in wired networks. The same concept of multi-layering is applied to intrusion detection systems where hierarchical IDS architecture is proposed. Each IDS agent is run on every member node and is responsible locally for its node, i.e., monitoring and deciding on locally detected intrusions. A clusterhead is responsible locally for its node as well as globally for its cluster, e.g. monitoring network packets and initiating a global response when network intrusion is detected. 2.3.4 Mobile Agent for Intrusion Detection Systems A concept of mobile agents has been used in several techniques for intrusion detection systems in MANETs. Due to its ability to move through the large network, each mobile agent is assigned to perform only one specific task, and then one or more mobile agents are distributed into each node in the network. This allows the distribution of the intrusion detection tasks. There are several advantages for using mobile agents [2]. Some functions are not assigned to every node; thus, it helps to reduce the consumption of power, which is scarce in mobile ad hoc networks. It also provides fault tolerance such that if the network is partitioned or some agents are destroyed, they are still able to work. Moreover, they are scalable in large and varied system environments, as mobile agents tend to be independent of platform architectures. However, these systems would require a secure module where mobile agents can be stationed to. Additionally, mobile agents must be able to protect themselves from the secure modules on remote hosts as well. Mobile-agent-based IDS can be considered as a distributed and cooper ative intrusion detection technique as described in Section 3.2. Moreover, some techniques also use mobile agents combined with hierarchical IDS, for example, what will be described in Section 4.3. 2.4 Sample Intrusion Detection Systems for MANETs Since the IDS for traditional wired systems are not well-suited to MANETs, many researchers have proposed several IDS especially for MANETs, which some of them will be reviewed in this section. 2.4.1 Distributed and Cooperative IDS As described in Section 3.2, Zhang and Lee also proposed the model for distributed and cooperative IDS as shown in Figure 2 [1]. The model for an IDS agent is structured into six modules. The local data collection module collects real-time audit data, which includes system and user activities within its radio range. This collected data will be analyzed by the local detection engine module for evidence of anomalies. If an anomaly is detected with strong evidence, the IDS agent can determine independently that the system is under attack and initiate a response through the local response module (i.e., alerting the local user) or the global response module (i.e., deciding on an action), depending on the type of intrusion, the type of network protocols and applications, and the certainty of the evidence. If an anomaly is detected with weak or inconclusive evidence, the IDS agent can request the cooperation of neighboring IDS agents through a cooperative detection engine module, which communicates to other agents through a secure communication module. 2.4.2 Local Intrusion Detection System (LIDS) Albers et al. [3] proposed a distributed and collaborative architecture of IDS by using mobile agents. A Local Intrusion Detection System (LIDS) is implemented on every node for local concern, which can be extended for global concern by cooperating with other LIDS. Two types of data are exchanged among LIDS: security data and intrusion alerts. In order to analyze the possible intrusion, data must be obtained from what the LIDS detect, along with additional information from other nodes. Other LIDS might be run on different operating systems or use data from different activities such as system, application, or network activities; therefore, the format of this raw data might be different, which makes it hard for LIDS to analyze. However, such difficulties can be solved by using SNMP (Simple Network Management Protocol) data located in MIBs (Management Information Base) as an audit data source. Such a data source not only eliminates those difficulties, but also reduces the in-Figure 3: L IDS Architecture in A Mobile Node [3] crease in using additional resources to collect audit data if an SNMP agent is already run on each node. To obtain additional information from other nodes, the authors proposed mobile agents to be used to transport SNMP requests to other nodes. In another words, to distribute the intrusion detection tasks. The idea differs from traditional SNMP in that the traditional approach transfers data to the requesting node for computation while this approach brings the code to the data on the requested node. This is initiated due to untrustworthiness of UDP messages practiced in SNMP and the active topology of MANETs. As a result, the amount of exchanged data is tremendously reduced. Each mobile agent can be assigned a specific task which will be achieved in an autonomous and asynchronous fashion without any help from its LIDS. The LIDS architecture is shown in Figure 3, which consists of Ã‚ ² Communication Framework: To facilitate for both internal and external communication with a LIDS. Local LIDS Agent: To be responsible for local intrusion detection and local response. Also, it reacts to intrusion alerts sent from other nodes to protect itself against this intrusion. Local MIB Agent: To provide a means of collecting MIB variables for either mobile agents or the Local LIDS Agent. Local MIB Agent acts as an interface with SNMP agent, if SNMP exists and runs on the node, or with a tailor-made agent developed specifically to allow up- dates and retrievals of the MIB variables used by intrusion detection, if none exists. Mobile Agents (MA): They are distributed from its LID to collect and process data on other nodes. The results from their evaluation are then either sent back to their LIDS or sent to another node for further investigation. Mobile Agents Place: To provide a security control to mobile agents. For the methodology of detection, Local IDS Agent can use either anomaly or misuse detection. However, the combination of two mechanisms will offer the better model. Once the local intrusion is detected, the LIDS initiate a response and inform the other nodes in the network. Upon receiving an alert, the LIDS can protect itself against the intrusion. 2.4.3 Distributed Intrusion Detection System Using Multiple Sensors Kachirski and Guha [4] proposed a multi-sensor intrusion detection system based on mobile agent technology. The system can be divided into three main modules, each of which represents a mobile agent with certain func- tionality: monitoring, decision-making or initiating a response. By separate in functional tasks into categories and assigning each task to a different agent, the workload is distributed which is suitable for the characteristics of MANETs. In addition, the hierarchical structure of agents is also developed in this intrusion detection system as shown in Figure 4. Monitoring agent: Two functions are carried out at this class of agent: network monitoring and host monitoring. A host-based monitor agent hosting system-level sensors and user-activity sensors is run on every node to monitor within the node, while a monitor agent with a network monitoring sensor is run only on some selected nodes to monitor at packet-level to capture packets going through the network within its radio ranges. Action agent: Every node also hosts this action agent. Since every node hosts a host-based monitoring agent, it can determine if there is any suspicious or unusual activities on the host node based on anomaly detection. When there is strong evidence supporting the anomaly detected, this action agent can initiate a response, such as terminating the process or blocking a user from the network. Decision agent: The decision agent is run only on certain nodes, mostly those nodes that run network monitoring agents. These nodes collect all packets within its radio range and analyze them to determine whether the network is under attack. Moreover, from the previous paragraph, if the local detection agent cannot make a decision on its own due to insufficient evidence, its local detection agent reports to this decision agent in order to investigate further. This is done by using packet-monitoring results that comes from the network-monitoring sensor that is running locally. If the decision agent concludes that the node is malicious, the action module of the agent running on that node as described above will carry out the response. The network is logically divided into clusters with a single cluster head for each cluster. This clusterhead will monitor the packets within the cluster and only packets whose originators are in the same cluster are captured and investigated. This means that the network monitoring agent (with network monitoring sensor) and the decision agent are run on the cluster head. In this mechanism, the decision agent performs the decision-making based on its own collected information from its network-monitoring sensor; thus, other nodes have no influence on its decision. This way, spooffing attacks and false accusations can be prevented. 2.4.4 Dynamic Hierarchical Intrusion Detection Architecture Since nodes move arbitrarily across the network, a static hierarchy is not suitable for such dynamic network topology. Sterne et al. [16] proposed a dynamic intrusion detection hierarchy that is potentially scalable to large networks by using clustering like those in Section 4.3 and 5.5. However, it can be structured in more than two levels as shown in Figure 5. Nodes labeled 1 are the first level clusterheads while nodes labeled 2 are the second level clusterheads and so on. Members of the first level of the cluster are called leaf nodes. Every node has the responsibilities of monitoring (by accumulating counts and statistics), logging, analyzing (i.e., attack signature matching or checking on packet headers and payloads), responding to intrusions detected if there is enough evidence, and alerting or reporting to cluster heads. Clues treads, in addition, must also perform: Data fusion/integration and data reduction: Clusterheads aggregate and correlate reports from members of the cluster and data of their own. Data reduction may be involved to avoid conflicting data, bogus data and overlapping reports. Besides, cluster heads may send the requests to their children for additional information in order to correlate reports correctly. Intrusion detection computations: Since different attacks require different sets of detected data, data on a single node might not be able to detect the attack, e.g., DDoS attack, and thus clusterheads also analyze the consolidated data before passing to upper levels. Security Management: The uppermost levels of the hierarchy have the authority and responsibility for managing the detection and response capabilities of the clusters and cluster heads below them. They may send the signatures update, or directives and policies to alter the configurations for intrusion detection and response. These update and directives will flow from the top of the hierarchy to the bottom. To form the hierarchical structure, every node uses clustering, which is typically used in MANETs to construct routes, to self-organize into local neighborhoods (first level clusters) and then select neighborhood representatives (cluster heads). These representatives then use clustering to organize themselves into the second level and select the representatives. This process continues until all nodes in the network are part of the hierarchy. The authors also suggested criteria on selecting cluster heads. Some of these criteria are: Connectivity: the number of nodes within one hop Proximity: members should be within one hop of its cluster head Resistance to compromise (hardening): the probability that the node will not be compromised. This is very important for the upper level cluster heads. Processing power, storage capacity, energy remaining, bandwidth cape abilities Additionally, this proposed architecture does not rely solely on promiscuous node monitoring like many proposed architectures, due to its unreliability as described in. Therefore, this architecture also supports direct periodic reporting where packet counts and statistics are sent to monitoring nodes periodically. 2.4.5 Zone-Based Intrusion Detection System (ZBIDS) Sun et al. [24] has proposed an anomaly-based two-level no overlapping Zone-Based Intrusion Detection System (ZBIDS). By dividing the network in Figure 6 into nonoverlapping zones (zone A to zone me), nodes can be categorized into two types: the intrazone node and the interzone node (or a gateway node). Considering only zone E, node 5, 9, 10 and 11 are intrazone nodes, while node 2, 3, 6, and 8 are interzone nodes which have physical connections to nodes in other zones. The formation and maintenance of zones requires each node to know its own physical location and to map its location to a zone map, which requires prior design setup. Each node has an IDS agent run on it which the model of the agent is shown in Figure 7. Similar to an IDS agent proposed by Zhang and Lee (Figure 2), the data collection module and the detection engine are re-sponsible for collecting local audit data (for instance, system call activities, and system log les) and analyzing collected data for any sign of intrusion respectively. In addition, there may be more than one for each of these modules which allows collecting data from various sources and using different detection techniques to improve the detection performance. The local aggregation and correlation (LACE) module is responsible for combining the results of these local detection engines and generating alerts if any abnormal behavior is detected. These alerts are broadcasted to other nodes within the same zone. However, for the global aggregation and correlation (GACE), its functionality depends on the type of the node. As described in Figure 7, if the node is an intrazone node, it only sends the generated alerts to the interzone nodes. Whereas, if the node is an interzone node, it receives alerts from other intrazone nodes, aggregates and correlates those alerts with its own alerts, and then generates alarms. Moreover, the GACE also cooperates with the GACEs of the neighboring interzone nodes to have more accurate information to detect the intrusion. Lastly, the intrusion response module is responsible for handling the alarms generated from the GACE. The local aggregation and correlation Algorithm used in ZBIDS is based on a local Markov chain anomaly detection. IDS agent rust creates a normal profile by constructing a Markov chain from the routing cache. A valid change in the routing cache can be characterized by the Markov chain detection model with probabilities, otherwise, its considered abnormal, and the alert will be generated. For the global aggregation and correlation algorithm, its based on information provided in the received alerts containing the type, the time, and the source of the attacks. 2.5 Intrusion Detection Techniques for Node Cooperation in MANETs Since there is no infrastructure in mobile ad hoc networks, each node must rely on other nodes for cooperation in routing and forwarding packets to the destination. Intermediate nodes might agree to forward the packets but actually drop or modify them because they are misbehaving. The simulations in [5] show that only a few misbehaving nodes can degrade the performance of the entire system. There are several proposed techniques and protocols to detect such misbehavior in order to avoid those nodes, and some schemes also propose punishment as well [6, 7]. 2.5.1 Watchdog and Pathrater Two techniques were proposed by Marti, Giuli, and Baker [5], watchdog and pathrater, to be added on top of the standard routing protocol in ad hoc networks. The standard is Dynamic Source Routing protocol (DSR) [8]. A watchdog identifies the misbehaving nodes by eavesdropping on the transmission of the next hop. A pathrater then helps to find the routes that do not contain those nodes. In DSR, the routing information is defined at the source node. This routing information is passed together with the message through intermediate nodes until it reaches the destination. Therefore, each intermediate node in the path should know who the next hop node is. In addition, listening to the next hops transmission is possible because of the characteristic of wireless networks if node A is within range of node B, A can overhear communication to and from B. Figure 8 shows how the watchdog works. Assume that node S wants to send a packet to node D, which there exists a path from S to D through nodes A, B, and C. Consider now that A has already received a packet from S destined to D. The packet contains a message and routing information. When A forwards this packet to B, A also keeps a copy of the packet in its buffer. Then, it promiscuously listens to the transmission of B to make sure that B forwards to C. If the packet overheard from B (represented by a dashed line) matches that stored in the buffer, it means that B really forwards to the next hop (represented as a solid line). It then removes the packet from the buffer. However, if theres no matched packet after a certain time, the watchdog increments the failures counter for node B. If this counter exceeds the threshold, A concludes that B is misbehaving and reports to the source node S. Path rater performs the calculation of the path metric for each path. By keeping the rating of every node in the network that it knows, the path metric can be calculated by combining the node rating together with link re- liability, which is collected from past experience. Obtaining the path metric for all available paths, the pathrater can choose the path with the highest metric. In addition, if there is no such link reliability information, the path metric enables the pathrater to select the shortest path too. As a result, paths containing misbehaving nodes will be avoided. From the result of the simulation, the system with these two techniques is quite effective for choosing paths to avoid misbehaving nodes. However, those misbehaving nodes are not punished. In contrast, they even benefit from the network. Therefore, misbehaving nodes are encouraged to continue their behaviors. Chapter 3 3. Literature survey 3.1 Introduction The rapid proliferation of wireless networks and mobile computing applications has changed the landscape of network security. The nature of mobility creates new vulnerabilities that do not exist in a fixed wired network, and yet many of the proven security measures turn out to be ineffective. Therefore, the traditional way of protecting networks with firewalls and encryption software is no longer sufficient. We need to develop new architecture and mechanisms to protect the wireless networks and mobile computing applications. The implication of mobile computing on network security research can be further demonstrated by the follow case. Recently (Summer 2001) an Internet worm called Code Red has spread rapidly to infect many of the Windows-based server machines. To prevent this type of worm attacks from spreading into intranets, many. This paper Mobile Ad Hoc Network Intrusion Detection System (IDS) Mobile Ad Hoc Network Intrusion Detection System (IDS) Chapter 1 1. Introduction Mobile ad hoc networks (MANETs) and wireless sensor networks (WSNs) are relatively new communication paradigms. MANETs do not require expensive base stations or wired infrastructure. Nodes within radio range of each other can communicate directly over wireless links, and those that are far apart use other nodes as relays. Each host in a MANET also acts as a router as routes are mostly multichip. The lack of fixed infrastructure and centralized authority makes a MANET suitable for a broad range of applications in both military and civilian environments. For example, a MANET could be deployed quickly for military communications in the battlefield. A MANET also could be deployed quickly in scenarios such as a meeting room, a city transportation wireless network, for fire fighting, and so on. To form such a cooperative and self configurable network, every mobile host should be a friendly node and willing to relay messages for others. In the original design of a MANET, global trustworthiness in nodes within the whole network is a fundamental security assumption. Recent progress in wireless communications and micro electro mechanical systems (MEMS) technology has made it feasible to build miniature wireless sensor nodes that integrate sensing, data processing, and communicating capabilities. These miniature wireless sensor nodes can be extremely small, as tiny as a cubic centimeter. Compared with conventional computers, the low-cost, battery-powered, sensor nodes have a limited energy supply, stringent processing and communications capabilities, and memory is scarce. The design and implementation of relevant services for WSNs must keep these limitations in mind. Based on the collaborative efforts of a large number of sensor nodes, WSNs have become good candidates to provide economically viable solutions for a wide range of applications, such as environmental monitoring, scientific data collection, health monitoring, and military operations. Despite the wide variety of potential applications, MANETs and WSNs often are deployed in adverse or even hostile environments. Therefore, they cannot be readily deployed without first addressing security challenges. Due to the features of an open medium, the low degree of physical security of mobile nodes, a dynamic topology, a limited power supply, and the absence of a central management point, MANETs are more vulnerable to malicious attacks than traditional wired networks are. In WSNs, the lack of physical security combined with unattended operations make sensor nodes prone to a high risk of being captured and compromised, making WSNs vulnerable to a variety of attacks. A mobile ad hoc network (MANET) is a self-configuring network that is formed automatically by a collection of mobile nodes without the help of a fixed infrastructure or centralized management. Each node is equipped with a wireless transmitter and receiver, which allow it to communicate with other nodes in its radio communication range. In order for a node to forward a packet to a node that is out of its radio range, the cooperation of other nodes in the network is needed; this is known as multi-hop communication. Therefore, each node must act as both a host and a router at the same time. The network topology frequently changes due to the mobility of mobile nodes as they move within, move into, or move out of the network. A MANET with the characteristics described above was originally developed for military purposes, as nodes are scattered across a battlefield and there is no infrastructure to help them form a network. In recent years, MANETs have been developing rapidly and are increasingly being used in many applications, ranging from military to civilian and commercial uses, since setting up such networks can be done without the help of any infrastructure or interaction with a human. Some examples are: search-and-rescue missions, data collection, and virtual classrooms and conferences where laptops, PDA or other mobile devices share wireless medium and communicate to each other. As MANETs become widely used, the security issue has become one of the primary concerns. For example, most of the routing protocols proposed for MANETs assume that every node in the network is cooperative and not malicious [1]. Therefore, only one compromised node can cause the failure of the entire network. There are both passive and active attacks in MANETs. For passive at tacks, packets containing secret information might be eavesdropped, which violates confidentiality. Active attacks, including injecting packets to invalid destinations into the network, deleting packets, modifying the contents of packets, and impersonating other nodes violate availability, integrity, authentication, and non-repudiation. Proactive approaches such as cryptography and authentication were first brought into consideration, and many techniques have been proposed and implemented. However, these applications are not sufficient. If we have the ability to detect the attack once it comes into the network, we can stop it from doing any damage to the system or any data. Here is where the intrusion detection system comes in. Intrusion detection can be defined as a process of monitoring activities in a system, which can be a computer or network system. The mechanism by which this is achieved is called an intrusion detection system (IDS). An IDS collects activity information and then analyzes it to determine whether there are any activities that violate the security rules. Once AN ID determines that an unusual activity or an activity that is known to be an attack occurs, it then generates an alarm to alert the security administrator. In addition, IDS can also initiate a proper response to the malicious activity. Although there are several intrusion detection techniques developed for wired networks today, they are not suitable for wireless networks due to the differences in their characteristics. Therefore, those techniques must be modified or new techniques must be developed to make intrusion detection work effectively in MANETs. In this paper, we classify the architectures for IDS in MANETs, each of which is suitable for different network infrastructures. Current intrusion detection systems corresponding to those architectures are reviewed and compared. Chapter 2 Background 2.1 Intrusion Detection System (IDS) Many historical events have shown that intrusion prevention techniques alone, such as encryption and authentication, which are usually a first line of defense, are not sufficient. As the system become more complex, there are also more weaknesses, which lead to more security problems. Intrusion detection can be used as a second wall of defense to protect the network from such problems. If the intrusion is detected, a response can be initiated to prevent or minimize damage to the system. To make intrusion detection systems work, basic assumptions are made. The first assumption is that user and program activities are observable. The second assumption, which is more important, is that normal and intrusive activities must have distinct behaviors, as intrusion detection must capture and analyze system activity to determine if the system is under attack. Intrusion detection can be classified based on audit data as either host- based or network-based. A network-based IDS captures and analyzes packets from network traÃ‚ ±c while a host-based IDS uses operating system or application logs in its analysis. Based on detection techniques, IDS can also be classified into three categories as follows [2]. Anomaly detection systems: The normal profiles (or normal behaviors) of users are kept in the system. The system compares the captured data with these profiles, and then treats any activity that deviates from the baseline as a possible intrusion by informing system administrators or initializing a proper response. Misuse detection systems: The system keeps patterns (or signatures) of known attacks and uses them to compare with the captured data. Any matched pattern is treated as an intrusion. Like a virus detection system, it cannot detect new kinds of attacks. Specification-based detection: The system defines a set of constraints that describe the correct operation of a program or protocol. Then, it monitors the execution of the program with respect to the defined constraints. 2.2 Intrusion Detection in MANETs Many intrusion detection systems have been proposed in traditional wired networks, where all track must go through switches, routers, or gateways. Hence, IDS can be added to and implemented in these devices easily [17, 18]. On the other hand, MANETs do not have such devices. Moreover, the medium is wide open, so both legitimate and malicious users can access it. Furthermore, there is no clear separation between normal and unusual activities in a mobile environment. Since nodes can move arbitrarily, false routing information could be from a compromised node or a node that has outdated information. Thus, the current IDS techniques on wired networks cannot be applied directly to MANETs. Many intrusion detection systems have been proposed to suit the characteristics of MANETs, some of which will be discussed in the next sections. 2.3 Architectures for IDS in MANETs The network infrastructures that MANETs can be configured to are either at or multi-layer, depending on the applications. Therefore, the optimal IDS architecture for a MANET may depend on the network infrastructure itself [9]. In an network infrastructure, all nodes are considered equal, thus it may be suitable for applications such as virtual classrooms or conferences. On the contrary, some nodes are considered different in the multi-layered network infrastructure. Nodes may be partitioned into clusters with one cluster head for each cluster. To communicate within the cluster, nodes can communicate directly. However, communication across the clusters must be done through the cluster head. This infrastructure might be well suited for military applications. 2.3.1 Stand-alone Intrusion Detection Systems In this architecture, an intrusion detection system is run on each node independently to determine intrusions. Every decision made is based only on information collected at its own node, since there is no cooperation among nodes in the network. Therefore, no data is exchanged. Besides, nodes in the same network do not know anything about the situation on other nodes in the network as no alert information is passed. Although this architecture is not elective due to its limitations, it may be suitable in a network where not all nodes are capable of running IDS or have IDS installed. This architecture is also more suitable for an network infrastructure than for multi-layered network infrastructure. Since information on each individual node might not be enough to detect intrusions, this architecture has not been chosen in most of the IDS for MANETs. 2.3.2 Distributed and Cooperative Intrusion Detection Systems Since the nature of MANETs is distributed and requires cooperation of other nodes, Zhang and Lee [1] have proposed that the intrusion detection and response system in MANETs should also be both distributed and cooperative as shown in Figure 1. Every node participates in intrusion detection and response by having an IDS agent running on them. An IDS agent is responsible for detecting and collecting local events and data to identify possible intrusions, as well as initiating a response independently. However, neighboring IDS agents cooperatively participate in global intrusion detection actions when the evidence is inconclusive. Similarly to stand-alone IDS architecture, this architecture is more suitable for a network infrastructure, not multi-layered one. 2.3.3 Hierarchical Intrusion Detection Systems Hierarchical IDS architectures extend the distributed and cooperative IDS architectures and have been proposed for multi-layered network infrastructures where the network is divided into clusters. Clusterheads of each cluster usually have more functionality than other members in the clusters, for example routing packets across clusters. Thus, these cluster heads, in some sense, act as control points which are similar to switches, routers, or gateways in wired networks. The same concept of multi-layering is applied to intrusion detection systems where hierarchical IDS architecture is proposed. Each IDS agent is run on every member node and is responsible locally for its node, i.e., monitoring and deciding on locally detected intrusions. A clusterhead is responsible locally for its node as well as globally for its cluster, e.g. monitoring network packets and initiating a global response when network intrusion is detected. 2.3.4 Mobile Agent for Intrusion Detection Systems A concept of mobile agents has been used in several techniques for intrusion detection systems in MANETs. Due to its ability to move through the large network, each mobile agent is assigned to perform only one specific task, and then one or more mobile agents are distributed into each node in the network. This allows the distribution of the intrusion detection tasks. There are several advantages for using mobile agents [2]. Some functions are not assigned to every node; thus, it helps to reduce the consumption of power, which is scarce in mobile ad hoc networks. It also provides fault tolerance such that if the network is partitioned or some agents are destroyed, they are still able to work. Moreover, they are scalable in large and varied system environments, as mobile agents tend to be independent of platform architectures. However, these systems would require a secure module where mobile agents can be stationed to. Additionally, mobile agents must be able to protect themselves from the secure modules on remote hosts as well. Mobile-agent-based IDS can be considered as a distributed and cooper ative intrusion detection technique as described in Section 3.2. Moreover, some techniques also use mobile agents combined with hierarchical IDS, for example, what will be described in Section 4.3. 2.4 Sample Intrusion Detection Systems for MANETs Since the IDS for traditional wired systems are not well-suited to MANETs, many researchers have proposed several IDS especially for MANETs, which some of them will be reviewed in this section. 2.4.1 Distributed and Cooperative IDS As described in Section 3.2, Zhang and Lee also proposed the model for distributed and cooperative IDS as shown in Figure 2 [1]. The model for an IDS agent is structured into six modules. The local data collection module collects real-time audit data, which includes system and user activities within its radio range. This collected data will be analyzed by the local detection engine module for evidence of anomalies. If an anomaly is detected with strong evidence, the IDS agent can determine independently that the system is under attack and initiate a response through the local response module (i.e., alerting the local user) or the global response module (i.e., deciding on an action), depending on the type of intrusion, the type of network protocols and applications, and the certainty of the evidence. If an anomaly is detected with weak or inconclusive evidence, the IDS agent can request the cooperation of neighboring IDS agents through a cooperative detection engine module, which communicates to other agents through a secure communication module. 2.4.2 Local Intrusion Detection System (LIDS) Albers et al. [3] proposed a distributed and collaborative architecture of IDS by using mobile agents. A Local Intrusion Detection System (LIDS) is implemented on every node for local concern, which can be extended for global concern by cooperating with other LIDS. Two types of data are exchanged among LIDS: security data and intrusion alerts. In order to analyze the possible intrusion, data must be obtained from what the LIDS detect, along with additional information from other nodes. Other LIDS might be run on different operating systems or use data from different activities such as system, application, or network activities; therefore, the format of this raw data might be different, which makes it hard for LIDS to analyze. However, such difficulties can be solved by using SNMP (Simple Network Management Protocol) data located in MIBs (Management Information Base) as an audit data source. Such a data source not only eliminates those difficulties, but also reduces the in-Figure 3: L IDS Architecture in A Mobile Node [3] crease in using additional resources to collect audit data if an SNMP agent is already run on each node. To obtain additional information from other nodes, the authors proposed mobile agents to be used to transport SNMP requests to other nodes. In another words, to distribute the intrusion detection tasks. The idea differs from traditional SNMP in that the traditional approach transfers data to the requesting node for computation while this approach brings the code to the data on the requested node. This is initiated due to untrustworthiness of UDP messages practiced in SNMP and the active topology of MANETs. As a result, the amount of exchanged data is tremendously reduced. Each mobile agent can be assigned a specific task which will be achieved in an autonomous and asynchronous fashion without any help from its LIDS. The LIDS architecture is shown in Figure 3, which consists of Ã‚ ² Communication Framework: To facilitate for both internal and external communication with a LIDS. Local LIDS Agent: To be responsible for local intrusion detection and local response. Also, it reacts to intrusion alerts sent from other nodes to protect itself against this intrusion. Local MIB Agent: To provide a means of collecting MIB variables for either mobile agents or the Local LIDS Agent. Local MIB Agent acts as an interface with SNMP agent, if SNMP exists and runs on the node, or with a tailor-made agent developed specifically to allow up- dates and retrievals of the MIB variables used by intrusion detection, if none exists. Mobile Agents (MA): They are distributed from its LID to collect and process data on other nodes. The results from their evaluation are then either sent back to their LIDS or sent to another node for further investigation. Mobile Agents Place: To provide a security control to mobile agents. For the methodology of detection, Local IDS Agent can use either anomaly or misuse detection. However, the combination of two mechanisms will offer the better model. Once the local intrusion is detected, the LIDS initiate a response and inform the other nodes in the network. Upon receiving an alert, the LIDS can protect itself against the intrusion. 2.4.3 Distributed Intrusion Detection System Using Multiple Sensors Kachirski and Guha [4] proposed a multi-sensor intrusion detection system based on mobile agent technology. The system can be divided into three main modules, each of which represents a mobile agent with certain func- tionality: monitoring, decision-making or initiating a response. By separate in functional tasks into categories and assigning each task to a different agent, the workload is distributed which is suitable for the characteristics of MANETs. In addition, the hierarchical structure of agents is also developed in this intrusion detection system as shown in Figure 4. Monitoring agent: Two functions are carried out at this class of agent: network monitoring and host monitoring. A host-based monitor agent hosting system-level sensors and user-activity sensors is run on every node to monitor within the node, while a monitor agent with a network monitoring sensor is run only on some selected nodes to monitor at packet-level to capture packets going through the network within its radio ranges. Action agent: Every node also hosts this action agent. Since every node hosts a host-based monitoring agent, it can determine if there is any suspicious or unusual activities on the host node based on anomaly detection. When there is strong evidence supporting the anomaly detected, this action agent can initiate a response, such as terminating the process or blocking a user from the network. Decision agent: The decision agent is run only on certain nodes, mostly those nodes that run network monitoring agents. These nodes collect all packets within its radio range and analyze them to determine whether the network is under attack. Moreover, from the previous paragraph, if the local detection agent cannot make a decision on its own due to insufficient evidence, its local detection agent reports to this decision agent in order to investigate further. This is done by using packet-monitoring results that comes from the network-monitoring sensor that is running locally. If the decision agent concludes that the node is malicious, the action module of the agent running on that node as described above will carry out the response. The network is logically divided into clusters with a single cluster head for each cluster. This clusterhead will monitor the packets within the cluster and only packets whose originators are in the same cluster are captured and investigated. This means that the network monitoring agent (with network monitoring sensor) and the decision agent are run on the cluster head. In this mechanism, the decision agent performs the decision-making based on its own collected information from its network-monitoring sensor; thus, other nodes have no influence on its decision. This way, spooffing attacks and false accusations can be prevented. 2.4.4 Dynamic Hierarchical Intrusion Detection Architecture Since nodes move arbitrarily across the network, a static hierarchy is not suitable for such dynamic network topology. Sterne et al. [16] proposed a dynamic intrusion detection hierarchy that is potentially scalable to large networks by using clustering like those in Section 4.3 and 5.5. However, it can be structured in more than two levels as shown in Figure 5. Nodes labeled 1 are the first level clusterheads while nodes labeled 2 are the second level clusterheads and so on. Members of the first level of the cluster are called leaf nodes. Every node has the responsibilities of monitoring (by accumulating counts and statistics), logging, analyzing (i.e., attack signature matching or checking on packet headers and payloads), responding to intrusions detected if there is enough evidence, and alerting or reporting to cluster heads. Clues treads, in addition, must also perform: Data fusion/integration and data reduction: Clusterheads aggregate and correlate reports from members of the cluster and data of their own. Data reduction may be involved to avoid conflicting data, bogus data and overlapping reports. Besides, cluster heads may send the requests to their children for additional information in order to correlate reports correctly. Intrusion detection computations: Since different attacks require different sets of detected data, data on a single node might not be able to detect the attack, e.g., DDoS attack, and thus clusterheads also analyze the consolidated data before passing to upper levels. Security Management: The uppermost levels of the hierarchy have the authority and responsibility for managing the detection and response capabilities of the clusters and cluster heads below them. They may send the signatures update, or directives and policies to alter the configurations for intrusion detection and response. These update and directives will flow from the top of the hierarchy to the bottom. To form the hierarchical structure, every node uses clustering, which is typically used in MANETs to construct routes, to self-organize into local neighborhoods (first level clusters) and then select neighborhood representatives (cluster heads). These representatives then use clustering to organize themselves into the second level and select the representatives. This process continues until all nodes in the network are part of the hierarchy. The authors also suggested criteria on selecting cluster heads. Some of these criteria are: Connectivity: the number of nodes within one hop Proximity: members should be within one hop of its cluster head Resistance to compromise (hardening): the probability that the node will not be compromised. This is very important for the upper level cluster heads. Processing power, storage capacity, energy remaining, bandwidth cape abilities Additionally, this proposed architecture does not rely solely on promiscuous node monitoring like many proposed architectures, due to its unreliability as described in. Therefore, this architecture also supports direct periodic reporting where packet counts and statistics are sent to monitoring nodes periodically. 2.4.5 Zone-Based Intrusion Detection System (ZBIDS) Sun et al. [24] has proposed an anomaly-based two-level no overlapping Zone-Based Intrusion Detection System (ZBIDS). By dividing the network in Figure 6 into nonoverlapping zones (zone A to zone me), nodes can be categorized into two types: the intrazone node and the interzone node (or a gateway node). Considering only zone E, node 5, 9, 10 and 11 are intrazone nodes, while node 2, 3, 6, and 8 are interzone nodes which have physical connections to nodes in other zones. The formation and maintenance of zones requires each node to know its own physical location and to map its location to a zone map, which requires prior design setup. Each node has an IDS agent run on it which the model of the agent is shown in Figure 7. Similar to an IDS agent proposed by Zhang and Lee (Figure 2), the data collection module and the detection engine are re-sponsible for collecting local audit data (for instance, system call activities, and system log les) and analyzing collected data for any sign of intrusion respectively. In addition, there may be more than one for each of these modules which allows collecting data from various sources and using different detection techniques to improve the detection performance. The local aggregation and correlation (LACE) module is responsible for combining the results of these local detection engines and generating alerts if any abnormal behavior is detected. These alerts are broadcasted to other nodes within the same zone. However, for the global aggregation and correlation (GACE), its functionality depends on the type of the node. As described in Figure 7, if the node is an intrazone node, it only sends the generated alerts to the interzone nodes. Whereas, if the node is an interzone node, it receives alerts from other intrazone nodes, aggregates and correlates those alerts with its own alerts, and then generates alarms. Moreover, the GACE also cooperates with the GACEs of the neighboring interzone nodes to have more accurate information to detect the intrusion. Lastly, the intrusion response module is responsible for handling the alarms generated from the GACE. The local aggregation and correlation Algorithm used in ZBIDS is based on a local Markov chain anomaly detection. IDS agent rust creates a normal profile by constructing a Markov chain from the routing cache. A valid change in the routing cache can be characterized by the Markov chain detection model with probabilities, otherwise, its considered abnormal, and the alert will be generated. For the global aggregation and correlation algorithm, its based on information provided in the received alerts containing the type, the time, and the source of the attacks. 2.5 Intrusion Detection Techniques for Node Cooperation in MANETs Since there is no infrastructure in mobile ad hoc networks, each node must rely on other nodes for cooperation in routing and forwarding packets to the destination. Intermediate nodes might agree to forward the packets but actually drop or modify them because they are misbehaving. The simulations in [5] show that only a few misbehaving nodes can degrade the performance of the entire system. There are several proposed techniques and protocols to detect such misbehavior in order to avoid those nodes, and some schemes also propose punishment as well [6, 7]. 2.5.1 Watchdog and Pathrater Two techniques were proposed by Marti, Giuli, and Baker [5], watchdog and pathrater, to be added on top of the standard routing protocol in ad hoc networks. The standard is Dynamic Source Routing protocol (DSR) [8]. A watchdog identifies the misbehaving nodes by eavesdropping on the transmission of the next hop. A pathrater then helps to find the routes that do not contain those nodes. In DSR, the routing information is defined at the source node. This routing information is passed together with the message through intermediate nodes until it reaches the destination. Therefore, each intermediate node in the path should know who the next hop node is. In addition, listening to the next hops transmission is possible because of the characteristic of wireless networks if node A is within range of node B, A can overhear communication to and from B. Figure 8 shows how the watchdog works. Assume that node S wants to send a packet to node D, which there exists a path from S to D through nodes A, B, and C. Consider now that A has already received a packet from S destined to D. The packet contains a message and routing information. When A forwards this packet to B, A also keeps a copy of the packet in its buffer. Then, it promiscuously listens to the transmission of B to make sure that B forwards to C. If the packet overheard from B (represented by a dashed line) matches that stored in the buffer, it means that B really forwards to the next hop (represented as a solid line). It then removes the packet from the buffer. However, if theres no matched packet after a certain time, the watchdog increments the failures counter for node B. If this counter exceeds the threshold, A concludes that B is misbehaving and reports to the source node S. Path rater performs the calculation of the path metric for each path. By keeping the rating of every node in the network that it knows, the path metric can be calculated by combining the node rating together with link re- liability, which is collected from past experience. Obtaining the path metric for all available paths, the pathrater can choose the path with the highest metric. In addition, if there is no such link reliability information, the path metric enables the pathrater to select the shortest path too. As a result, paths containing misbehaving nodes will be avoided. From the result of the simulation, the system with these two techniques is quite effective for choosing paths to avoid misbehaving nodes. However, those misbehaving nodes are not punished. In contrast, they even benefit from the network. Therefore, misbehaving nodes are encouraged to continue their behaviors. Chapter 3 3. Literature survey 3.1 Introduction The rapid proliferation of wireless networks and mobile computing applications has changed the landscape of network security. The nature of mobility creates new vulnerabilities that do not exist in a fixed wired network, and yet many of the proven security measures turn out to be ineffective. Therefore, the traditional way of protecting networks with firewalls and encryption software is no longer sufficient. We need to develop new architecture and mechanisms to protect the wireless networks and mobile computing applications. The implication of mobile computing on network security research can be further demonstrated by the follow case. Recently (Summer 2001) an Internet worm called Code Red has spread rapidly to infect many of the Windows-based server machines. To prevent this type of worm attacks from spreading into intranets, many. This paper

Friday, October 25, 2019

The Era of Social Reform Essay examples -- Sociology

The Industrial Revolution was a period of in which fundamental changes occurred in agriculture, factories, mining, transportation, machinery, economic policies, and in the social structure of England. Industrialization began in Great Britain and it was a major turning point in history. It changed the way countries produced its goods. England turned into an agricultural society to an industry and manufacturing society. During this era, there was a huge impact on the growth of cities, employment of skilled and unskilled workers, the role of women and families, and laws and national policies. During this time, there was a great advancement with technology and along with it came the growth of cities. The growth of cities has been seen as a consequence in the Industrial Revolution. Before this era, many people lived in farms or small villages working in agriculture. They would do everything by hand. However, with the occurrence of the Revolution everything changed. The new enclosure laws, which allowed farmers and landlords to fence their fields at the ownerÃ¢â‚¬â„¢s expense, had left many poor farmers bankrupt and small farms disappeared into large estates. Charles Ã¢â‚¬Å"TurnipÃ¢â‚¬ Townshend introduced crop rotations that restored nutrients to the soil, allowing for greater yield and scientific breeding to improve the quality of herds. The result was an increase in productivity with fewer agricultural workers (Robert Edgar Pg.535). This caused more people to leave the farms to work in the factories. Also, the introduction of new machinery that produced gre ater amount of output made many workers redundant. As a result, many people that lived in farms journeyed to the city to look for work. This required them to move to towns and cities ... ...empts by Parliament to pass laws and national policies designed to improve working conditions and regulations relative to children and women in the workforce. The changes from the revolution left a permanent mark and are very important to society today. Works Cited Bland, Celia. The Mechanical Age: The Industrial Revolution in England. New York, NY: Facts on File, 1995. Print. Lines, Clifford John. Companion to the Industrial Revolution. Ed. Barrie Stuart. Trinder. New York: Facts on File, 1990. Print. Edgar, Robert R., Neil J. Hackett, George F. Jewsbury, Barbara Molony, and Matthew S. Gordon. Civilizations past & Present. 12th ed. Vol. 2. New York: Pearson/Longman, 2008. Print. "Thomas Malthus: Essay on the Principle of Population (1798)." Thomas Malthus: Essay on the Principle of Population (1798). Constituion Society, 10 Sept. 2002. Web. 28 May 2012.

Thursday, October 24, 2019

Computers and Digital Basics

1: Computers and Digital Basics TRUE/FALSE 3. Facebook and Twitter are examples of social networking options. F 6. An operating system is an example of application software. F 7. Because of increased versatility, a videogame console is now considered a personal computer. f 8. The purpose of a server is to serve computers on a network. T 9. In the binary number system, 2 is used to represent the value 2. F 10. The number 9 can be considered a character. T 11. Because most digital devices are electronic, bytes take the form of electrical pulses. F 13.A compiler like the one shown in the accompanying figure converts all statements in a program to machine language in a single batch. T 14. An interpreter converts and executes one statement at a time. T 15. The op code specifies the data. F 16. The operand is a command word for an operation. F 17. All computers are case sensitive. F 18. Trojans are computer programs that seem to perform one function while actually doing something else. T 1 9. To assure you can remember your password it is a good idea to base it on information you can easily remember such as your birthday. F 20.You should always use a different password for every account. F MODIFIED TRUE/FALSEIf False, change the underlined work to make it True!1. Digital technology has made it easy to produce copies of music with no loss of quality from the original. _________________________2. Free source projects promote copying, free distribution, peer review, and user modifications. Open3. An area where data can be left on a permanent basis is memory. storage4. The set of instructions that tells a computer how to carry out processing tasks is a computer program. _________________________ 5. Minicomputers were used for small businesses. ________________________6. A(n) supercomputer is a large and expensive computer capable of simultaneously processing data for hundreds or thousands of users. mainframe7. The term server can refer to a combination of hardware and sof tware. _________________________8. A(n) mainframe specializes in compute-intensive problems. supercomputer9. A light switch is like a(n) analog device. digital10. DIPs and PGAs are both shapes of integrated circuits. _________________________11. The results of statements that have been compiled are called object code. _________________________12. A set of machine language instructions for a program is called source code. machine 13. The ALU uses registers to hold data that is being processed. _________________________14. A(n) keylogger is a form of malicious code. _________________________15. A(n) account manager stores user IDs with their corresponding passwords and automatically fills in login forms. passwordMULTIPLE CHOICE1. Digital electronics use electronic ____ to represent data. a. circuits c. transistors b. switches d. components2. Key factors in making electronic devices increasingly smaller and less expensive include ____. . transistors c. both a and b b. integrated circui ts d. neither a nor b3. The first digital computers were built during World War II for ____. a. census taking c. communication b. code breaking d. troop placement4. Initially sales were slow for the personal computer because of ____. a. price c. lack of software b. size d. lack of availability5. In 1982, the percentage of households that had a computer was fewer than ____ percent. a. 10 c. 50 b. 30 d. 706. A global computer network originally developed as a military project is the ____. a. World Wide Web c. Wide-area network b. Internet d. Local-area network7. ____ allow members to post comments and questions that can be read and responded to by others. a. E-mail lists c. Chat groups b. Bulletin boards d. Social networks8. ____ are where people exchange typed messages in real time. a. E-mail lists c. Chat groups b. Bulletin boards d. Online social networks9. ____ provide a space for interacting with friends or friends of those friends. a. E-mail lists c. Chat groups b. Bulletin boar ds d. Online social networks10. A group of computers linked by wired or wireless technology is a(n) ____. a. network c. cyberspace . Web d. Internet11. The ____ is a collection of linked documents, graphics, and sounds. a. network c. cyberspace b. Web d. Internet12. ____ is a term that refers to entities that exist largely within computer networks. a. Web c. WWW b. Internet d. Cyberspace13. ____ is the process of converting text, numbers, sound, photos, and video into data that can be processed by digital devices. a. Digitization c. Scanning b. Digital conversion d. Rasterization14. Technology ____ is a process by which several different technologies with distinct functionality evolve to form a single product. a. volution c. convergence b. rotation d. diversification15. More than ____ percent of cameras sold today are digital. a. 80 c. 90 b. 85 d. 9916. Digital imaging has had an effect in the following areas: ____. a. medicine c. photo processing b. video d. all of the above17. ___ _ tools cloak a personÃ¢â‚¬â„¢s identity online. a. Anonymizer c. ID free b. Free ID d. Cloaking18. A computer is a multiple purpose device that can do all of the following EXCEPT ____. a. store data c. accept input b. process data d. think independently19. In a computer, most processing takes place in ____. a. memory c. he CPU b. RAM d. the motherboard20. An electronic component that can be programmed to perform tasks is a ____. a. CPU c. transistor b. microprocessor d. none of the above21. A named collection of data that exists on a storage medium is known as (a) ____. a. memory c. file name b. file d. none of the above22. An area of a computer that temporarily holds data waiting to be processed is ____. a. CPU c. storage b. memory d. a file23. A set of computer programs that helps a person carry out a task is ____. a. an operating system c. application software b. system software d. Windows24.A set of computer programs that helps a computer monitor itself and function more effici ently is ____. a. a software suite c. application software b. system software d. processing software25. The master controller for all activities that take place within a computer is ____. a. application software c. the operating system b. system software d. the CPU 26. A(n) ____ is a microprocessor-based computing device designed to meet the computing needs of an individual. a. personal computer c. ALU b. mainframe d. server27. An ordinary personal computer that is connected to a network is a ____. a. mainframe c. server . workstation d. console28. A powerful desktop computer used for high-performance tasks is a ____. a. mainframe c. server b. workstation d. console29. A compute-intensive problem runs on a ____. a. server c. supercomputer b. mainframe d. super PC30. Data becomes ____ when it is presented in a format that people can understand and use. a. information c. graphs b. processed d. presentation31. The type of data where text, numbers, graphics, sound, and video have been c onverted into discrete digits as represented in the accompanying figure is ____. a. information c. digital b. analog d. none of the above32. The type of data that is represented using an infinite scale of values as represented in the accompanying figure is ____. a. information c. digital b. analog d. none of the above33. The binary number 10 represents ____ in the decimal number system. a. 1 c. 10 b. 2 d. 10034. The type of code that uses only seven bits for each character is ____. a. ASCII c. EBCDIC b. Extended ASCII d. all of the above35. The type of code that uses eight bits for each character is ____. a. ASCII c. EBCDIC b. Extended ASCII d. all of the above36. Digital devices can use ____ as a code to represent character data. . ASCII c. EBCDIC b. Extended ASCII d. all of the above37. You might represent ____ using character codes. a. color dots c. Social Security numbers b. bank balances d. none of the above38. Data transmission speeds are typically expressed as ____. a. bits c . hertz b. bytes d. none of the above39. Storage is typically expressed as ____. a. bits c. hertz b. bytes d. none of the above40. 1,024 bytes is a ____. a. kilobyte c. gigabyte b. megabyte d. terabyte41. 1,048,576 bytes is a ____. a. kilobyte c. gigabyte b. megabyte d. terabyte42. 1,073,741,824 bytes is a ____. a. kilobyte c. igabyte b. megabyte d. terabyte43. A super-thin slice of semiconducting material packed with microscopic circuit elements is a(n) ____. a. integrated circuit c. microchip b. computer chip d. all of the above44. The accompanying figure represents two types of chip carriers. The one on the left is a ____. a. PGA c. PID b. DIP d. GAP45. The accompanying figure represents two types of chip carriers. The one on the right is a ____. a. PGA c. PID b. DIP d. GAP46. The ____ houses all essential chips and provides connecting circuitry between them. a. system board c. circuit board b. ousing board d. chip board47. C, BASIC, COBOL, and Java are examples of ____ programmi ng languages. a. low-level c. system b. computer d. high-level48. The human-readable version of a program is called ____. a. source code c. human code b. program code d. system code49. A(n) ____ converts all the statements in a program in a single batch and the resulting collection of instructions is placed in a new file. a. compiler c. converter b. interpreter d. instruction50. A(n) ____ converts and executes one statement at a time. a. compiler c. converter b. interpreter d. instruction51. A collection of preprogrammed activities such as addition, subtraction, counting and comparison is called a(n) ____. a. compiler code c. machine code b. interpreter code d. instruction set52. ____, as shown in the accompanying figure can be directly executed by the processorsÃ¢â‚¬â„¢s circuitry. a. Machine sets c. Programming language b. Machine language d. none of the above53. The ____ is a command word for an operation such as add, compare, or jump. a. op code c. ALU b. operand d. instruction code54. The ____ from an instruction specifies the data. a. op code c. ALU b. operand d. instruction code55. The ____ is the part of the microprocessor that performs arithmetic operations, as shown in the accompanying figure. a. instruction pointer c. ALU b. RAM d. control unit56. As shown in the accompanying figure, the ____ fetches each instruction. a. RAM c. ALU b. instruction pointer d. control unit57. The accompanying figure represents the instruction cycle. The first step is Box A and represents the ____. a. fetch instruction c. execute instruction b. interpret instruction d. increment pointer58. The accompanying figure represents the instruction cycle. The second step is Box B and represents the ____. a. etch instruction c. execute instruction b. interpret instruction d. increment pointer59. The accompanying figure represents the instruction cycle. The third step is Box C and represents the ____. a. fetch instruction c. execute instruction b. interpret instruction d. incremen t pointer60. The accompanying figure represents the instruction cycle. The fourth step is Box D and represents the ____. a. fetch instruction c. execute instruction b. interpret instruction d. increment pointer61. In terms of an authentication protocol, the phrase Ã¢â‚¬Ëœsomething a person knowsÃ¢â‚¬â„¢ refers to ____. a. a password c. biometrics b. n ID card d. none of the above62. A ____ is a series of characters that becomes a personÃ¢â‚¬â„¢s unique identifier. a. PIN code c. user ID b. password d. all of the above63. In terms of an authentication protocol, the phrase Ã¢â‚¬Ëœsomething a person possessesÃ¢â‚¬â„¢ could refer to ____. a. a password c. biometrics b. an ID card d. none of the above64. In terms of an authentication protocol, the phrase Ã¢â‚¬Ëœsomething a person isÃ¢â‚¬â„¢ refers to a(n) ____. a. password c. biometric device b. ID card d. none of the above65. A problem a hacker can cause after breaking into your computer include(s) ____. a. applying for credit in your n ame c. pply for a mortgage using your data b. sending embarrassing e-mails d. all of the above66. A term which can refer to a person who manipulates computers with malicious intent is a ____. a. black hat c. hacker b. cracker d. all of the above67. A ____ attack uses password-cracking software. a. brute force c. phishing b. sniffing d. cracker68. ____ intercepts information sent over computer networks. a. Brute force c. Phishing b. Sniffing d. Cracking69. A hacker posing as a legitimate representative of an official organization such as your bank is an example of ____. a. brute force c. phishing b. sniffing d. cracking70. Password management functions include all of the following EXCEPT ____. a. generating passwords c. providing password strength b. tracking passwords d. recording keystrokes Case-Based Critical Thinking Questions Case 1-1 Karen is trying to get organized and one of her issues is that she doesnÃ¢â‚¬â„¢t know what kind of devices correspond to her needs.71. Karen need s an appointment book and is considering one that is digital. For this one piece of equipment, she does not want the device to do anything except maintain her calendar. You suggest she consider a ____. a. PDA c. handheld computer b. smart phone d. BlackBerry72. After you and Karen talk a little longer, she recognizes that she might need a device that in addition to her appointment book will have features such as e-mail, Web access, a built-in camera, and GPS. You suggest she consider a(n) ____. a. iPod c. handheld computer b. regular PDA d. CPU73. If Karen were looking for a device that in addition to voice communications, offers full qwerty keypad, text messaging, e-mail, Web access, removable storage, camera, FM radio, digital music player, and software options for games, financial management, personal organizer, GPS and maps, she might consider a(n) ____. a. regular PDA c. andheld computer b. smart phone d. iPod Case-Based Critical Thinking Questions Case 1-2 Mike and Andre are d iscussing how quickly technology changes. They are discussing how it seems devices are merging to create new products especially in the technology field. They understand this is a process called convergence.74. An example of an old form of convergence is a ____. a. clock radio c. television b. cell phone d. microwave oven75. A great example of convergence in modern technology is ____. a. clock radio c. television b. cell phones d. HD-TV76. A barrier to the rapid deployment of many products resulting from convergence is ____. . rare technology breakthroughs c. people arenÃ¢â‚¬â„¢t ready b. legal issues d. both b and c Case-Based Critical Thinking Questions Case 1-3 Jim has just purchased a new computer and it has made him think about how it works. He is particularly interested in how information is processed and stored in his computer. He has come to you for help.77. Jim wants to know why a compiler converts all statements in a program at one time and places them into an object code. You tell him it is so that ____. a. the code is ready to execute b. you can prevent the introduction of new errors c. you can put it on a chip d. one of the above78. Jim knows that a collection of preprogrammed activities is an instruction set. He wants to know what an instruction set is designed to do. You tell him it is designed to ____. a. carry out a particular task b. allow programmers to use them in creative ways for multiple tasks c. limit the number of tasks the computer can perform d. allow the program to run on multiple machines79. Jim wants to know what machine language instructions look like to the machine. You tell him they appear as ____. a. an op code and operand c. basic instructions, such as add b. a series of 0s and 1s d. ll of the above80. When adding two numbers, Jim knows that each number is going into its own register and the control unit provides the instructions such as add. He wants to know where the result of the add goes. You tell him it goes to ____. a. the ALU c. the accumulator b. another register d. the printerCOMPLETION1. An ongoing process of social, political, and economic change brought about by digital technology is the digital revolution.2. At the consumer level, probably the most significant force driving research into fast computers and more sophisticated graphics processing is computer gaming.3.The potential downside of convergence is quality.4. The expectation that a personÃ¢â‚¬â„¢s information will not be collected or divulged without permission is confidentiality.5. The ownership of certain types of information, ideas, or representations is intellectual property.6. Worldwide economic interdependence of countries that occurs as cross-border commerce increases and as money flows more freely among countries is globalization.7. A term that refers to the gap between people who have access to technology and those who do not is the digital divide.8. Symbols that represent facts, objects, and ideas are data.9. The manipulati on of data is called processing.10. The concept that a series of instructions for a computing task can be loaded into memory is called a stored program.11. Any software or digital device that requests data from a server is referred to as a(n) client.12. The type of computer that is considered one of the fastest in the world is a(n) supercomputer.13. A special-purpose microprocessor that is built into the machine it controls is a(n) microcontroller.14. The term that refers to the form in which data is stored, processed, and transmitted is data representation.15. In the accompanying figure, the type of sound wave indicated by A is analog.16. In the accompanying figure, as indicated by B, the sound wave has been sliced into samples and so has been digitized.17. Eight bits is a(n) byte.18. A machine language instruction has two parts, the op code and the operand.19. Identifying a person by personal attributes such as fingerprints or retinal patterns is called biometrics.20. Hackers can guess your password by stepping through a dictionary. This process is called a dictionary attack.