R. G. Ragel

B. A. N. M. Bambarasinghe, H. M. S. Huruggamuwa, R. G. Ragel et al.

Openoffice.org is a popular, free and open source office product. This product is used by millions of people and developed, maintained and extended by thousands of developers worldwide. Playing a dominant role in the web, web services technology is serving millions of people every day. Axis2 is one of the most popular, free and open source web service engines. The framework presented in this paper, Axis2UNO, a combination of such two technologies is capable of making a new era in office environment. Two other attempts to enhance web services functionality in office products are Excel Web Services and UNO Web Service Proxy. Excel Web Services is combined with Microsoft SharePoint technology and exposes information sharing in a different perspective within the proprietary Microsoft office products. UNO Web Service Proxy is implemented with Java Web Services Developer Pack and enables basic web services related functionality in Openoffice.org. However, the work presented here is the first one to combine Openoffice.org and Axis2 and we expect it to outperform the other efforts with the community involvement and feature richness in those products.

G. I. Gunarathna, M. A. P. Chamikara, R. G. Ragel

Character recognition techniques for printed documents are widely used for English language. However, the systems that are implemented to recognize Asian languages struggle to increase the accuracy of recognition. Among other Asian languages (such as Arabic, Tamil, Chinese), Sinhala characters are unique, mainly because they are round in shape. This unique feature makes it a challenge to extend the prevailing techniques to improve recognition of Sinhala characters. Therefore, a little attention has been given to improve the accuracy of Sinhala character recognition. A novel method, which makes use of this unique feature, could be advantageous over other methods. This paper describes the use of a fuzzy inference system to recognize Sinhala characters. Feature extraction is mainly focused on distance and intersection measurements in different directions from the center of the letter making use of the round shape of characters. The results showed an overall accuracy of 90.7% for 140 instances of letters tested, much better than similar systems.

C. B Bulumulla, R. G. Ragel

As smart phones and tablets are becoming ubiquitous and taking over as the primary choice for accessing the Internet worldwide, ensuring a secure gateway to the servers serving such devices become essential. CAPTCHAs play an important role in identifying human users in internet to prevent unauthorized bot attacks. Even though there are numerous CAPTCHA alternatives available today, there are certain drawbacks attached with each alternative, making them harder to find a general solution for the necessity of a CAPTCHA mechanism. With the advancing technology and expertise in areas such as AI, cryptography and image processing, it has come to a stage where the chase between making and breaking CAPTCHAs are even now. This has led the humans with a hard time deciphering the CAPTCHA mechanisms. In this paper, we adapt a novel CAPTCHA mechanism named as LineCAPTCHA to mobile devices. LineCAPTCHA is a new reverse Turing test based on drawing on top of Bezier curves within noisy backgrounds. The major objective of this paper is to report the implementation and evaluation of LineCAPTCHA on a mobile platform. At the same time we impose certain security standards and security aspects for establishing LineCAPTCHAs which are obtained through extensive measures. Independency from factors such as the fluency in English language, age and easily understandable nature of it inclines the usability of LineCAPTCHA. We believe that such independency will favour the main target of LineCAPTCHA, user friendliness and usability.

A. Barnes, R. Fernando, K. Mettananda et al.

AES, Advanced Encryption Standard, can be considered the most widely used modern symmetric key encryption standard. To encrypt/decrypt a file using the AES algorithm, the file must undergo a set of complex computational steps. Therefore a software implementation of AES algorithm would be slow and consume large amount of time to complete. The immense increase of both stored and transferred data in the recent years had made this problem even more daunting when the need to encrypt/decrypt such data arises. As a solution to this problem, in this paper, we present an extensive study of enhancing the throughput of AES encryption algorithm by utilizing the state of the art multicore architectures. We take a sequential program that implements the AES algorithm and convert the same to run on multicore architectures with minimum effort. We implement two different parallel programmes, one with the fork system call in Linux and the other with the pthreads, the POSIX standard for threads. Later, we ran both the versions of the parallel programs on different multicore architectures and compared and analysed the throughputs between the implementations and among different architectures. The pthreads implementation outperformed in all the experiments we conducted and the best throughput obtained is around 7Gbps on a 32-core processor (the largest number of cores we had) with the pthreads implementation.

D. Jayasinghe, R. G. Ragel, D. Elkaduwe

Rijndael was standardized in 2001 by National Institute of Standard and Technology as the Advanced Encryption Standard (AES). AES is still being used to encrypt financial, military and even government confidential data. In 2005, Bernstein illustrated a remote cache timing attack on AES using the client-server architecture and therefore proved a side channel in its software implementation. Over the years, a number of countermeasures have been proposed against cache timing attacks both using hardware and software. Although the software based countermeasures are flexible and easy to deploy, most of such countermeasures are vulnerable to statistical analysis. In this paper, we propose a novel software based countermeasure against cache timing attacks, known as constant time encryption, which we believe is secure against statistical analysis. The countermeasure we proposed performs rescheduling of instructions such that the encryption rounds will consume constant time independent of the cache hits and misses. Through experiments, we prove that our countermeasure is secure against Bernstein's cache timing attack.

U. Herath, J. Alawatugoda, R. G. Ragel

Advanced Encryption Standard (AES) is a symmetric key encryption algorithm which is extensively used in secure electronic data transmission. When introduced, although it was tested and declared as secure, in 2005, a researcher named Bernstein claimed that it is vulnerable to side channel attacks. The cache-based timing attack is the type of side channel attack demonstrated by Bernstein, which uses the timing variation in cache hits and misses. This kind of attacks can be prevented by masking the actual timing information from the attacker. Such masking can be performed by altering the original AES software implementation while preserving its semantics. This paper presents possible software implementation level countermeasures against Bernstein's cache timing attack. Two simple software based countermeasures based on the concept of "constant-encryption-time" were demonstrated against the remote cache timing attack with positive outcomes, in which we establish a secured environment for the AES encryption.

R. G. Ragel, P. Herath, U. Senanayake

SMS messaging is a popular media of communication. Because of its popularity and privacy, it could be used for many illegal purposes. Additionally, since they are part of the day to day life, SMSes can be used as evidence for many legal disputes. Since a cellular phone might be accessible to people close to the owner, it is important to establish the fact that the sender of the message is indeed the owner of the phone. For this purpose, the straight forward solutions seem to be the use of popular stylometric methods. However, in comparison with the data used for stylometry in the literature, SMSes have unusual characteristics making it hard or impossible to apply these methods in a conventional way. Our target is to come up with a method of authorship detection of SMS messages that could still give a usable accuracy. We argue that, considering the methods of author attribution, the best method that could be applied to SMS messages is an n-gram method. To prove our point, we checked two different methods of distribution comparison with varying number of training and testing data. We specifically try to compare how well our algorithms work under less amount of testing data and large number of candidate authors (which we believe to be the real world scenario) against controlled tests with less number of authors and selected SMSes with large number of words. To counter the lack of information in an SMS message, we propose the method of stacking together few SMSes.

M. A. C. Jiffriya, M. A. C. Akmal Jahan, R. G. Ragel et al.

Plagiarism is one of the growing issues in academia and is always a concern in Universities and other academic institutions. The situation is becoming even worse with the availability of ample resources on the web. This paper focuses on creating an effective and fast tool for plagiarism detection for text based electronic assignments. Our plagiarism detection tool named AntiPlag is developed using the tri-gram sequence matching technique. Three sets of text based assignments were tested by AntiPlag and the results were compared against an existing commercial plagiarism detection tool. AntiPlag showed better results in terms of false positives compared to the commercial tool due to the pre-processing steps performed in AntiPlag. In addition, to improve the detection latency, AntiPlag applies a data clustering technique making it four times faster than the commercial tool considered. AntiPlag could be used to isolate plagiarized text based assignments from non-plagiarised assignments easily. Therefore, we present AntiPlag, a fast and effective tool for plagiarism detection on text based electronic assignments.

A. K. B. Karunathilake, B. M. D. Balasuriya, R. G. Ragel

CAPTCHAs or reverse Turing tests are real-time assessments used by programs (or computers) to tell humans and machines apart. This is achieved by assigning and assessing hard AI problems that could only be solved easily by human but not by machines. Applications of such assessments range from stopping spammers from automatically filling online forms to preventing hackers from performing dictionary attack. Today, the race between makers and breakers of CAPTCHAs is at a juncture, where the CAPTCHAs proposed are not even answerable by humans. We consider such CAPTCHAs as non user friendly. In this paper, we propose a novel technique for reverse Turing test - we call it the Line CAPTCHAs - that mainly focuses on user friendliness while not compromising the security aspect that is expected to be provided by such a system.