Class, The COSO framework of internal controls is practiced .docx

Class,
The COSO framework of internal controls is practiced
within companies around the world. The objectives of the COSO
framework are closely related to its five components. For this
week’s activity, please discuss these five components of the
COSO framework. Be sure to include each components’ impact
on each of the COSO framework objectives. What do you feel
an auditor would most be concerned with during an IT audit?
Lastly, discuss suggestions for integrating COSO framework
compliance into a company in which you are familiar.
Your paper should meet the following requirements:
• Be approximately 2-4 pages in length, not including the
required cover page and reference page.
• Follow APA6 guidelines. Your paper should include an
introduction, a body with fully developed content, and a
conclusion.
• Support your answers with the readings from the course and at
least two scholarly journal articles to support your positions,
claims, and observations, in addition to your textbook. The UC
Library is a great place to find resources.
• Be clearly and well-written, concise, and logical, using
excellent grammar and style techniques. You are being graded
in part on the quality of your writing.
Managing and Using Information Systems:
A Strategic Approach – Sixth Edition
Keri Pearlson, Carol Saunders,
and Dennis Galletta
© Copyright 2016

John Wiley & Sons, Inc.
Chapter 12
Knowledge Management, Business Intelligence, and Analytics
2
Opening Case: Netflix
What gave Netflix assurance that House of Cards would be a
success?
What gives Netflix a competitive advantage?
© 2016 John Wiley & Sons, Inc.
3
Data from 33 million people provided strong evidence that the
British version was very popular and Kevin Spacey was also a
popular actor
Again, data from millions of users, showing what they watch,
when they pause, when they rewind, etc. Patterns emerge that
speak volumes about preferences. Their analytics algorithms

provide better data than focus groups (and in real time).
3
More Real World Examples
Caesar’s and Capital One both collect and analyze customer
data.
Result: They can determine who are the most profitable
customers and then follow up with them.
Caesar’s: frequent gamblers
Capital One: charge a lot and pay off slowly
They provide products that would appeal to the profitable
customers.
4
4
A Real World Example from Sports
Oakland As and Boston Red Sox baseball teams
Crunched the numbers on the potential players, such as on-base
percentage
Others who did not do the analysis failed to recognize the talent
5

5
Five Ways Data Analytics can Help an Organization (McKinsey
and Co.)
Making data more transparent and usable more quickly
Exposing variability and boosting performance
Tailoring products and services
Improving decision-making
Improving products
6
Terminology
Knowledge management: The processes needed to generate,
capture, codify and transfer knowledge across the organization
to achieve competitive advantage
Business intelligence: The set of technologies and processes
that use data to understand and analyze business performance
Business analytics: The use of quantitative and predictive
models, algorithms, and evidence-based management to drive
decisions
7

Data, Information, and Knowledge (reprise)
8
8
The Value of Managing KnowledgeValueSources of
ValueSharing best practicesAvoid reinventing the wheel
Build on valuable work and expertiseSustainable competitive
advantageShorten innovation life cycle
Promote long term results and returnsManaging overloadFilter
data to find relevant knowledge
Organize and store for easy retrievalRapid changeBuild
on/customize previous work for agility
Streamline and build dynamic processes
Quick response to changesEmbedded knowledge from
productsSmart products can gather information
Blur distinction between manufacturing/service
Add value to productsGlobalizationDecrease cycle times by
sharing knowledge globally
Manage global competitive pressures
Adapt to local conditionsInsurance for downsizingProtect
against loss of knowledge when departures occur
Provide portability for workers who change roles
Reduce time to acquire knowledge
9

Dimensions of Knowledge
Explicit
Teachable
Articulable
Observable in use
Scripted
Simple
Documented
Tacit
Not teachable
Not articulable
Not observable
Rich
Complex
Undocumented
Examples:
Estimating work
Deciding best action
Examples:
Explicit steps
Procedure manuals
10
10

Four Modes of Knowledge Conversion
(and examples)
Transferring by mentoring, apprenticeship
Transferring by models, metaphors
Learning by doing; studying manuals
Obtaining and following manuals
11
Knowledge Management – Four Processes
Generate – discover “new” knowledge
Capture – scan, organize, and package it
Codify – represent it for easy access and transfer (even as
simple as using hash tags to create a folksonomy)
Transfer – transmit it from one person to another to absorb it
12
12

Measures of KM Project Success
Example of specific benefits of a KM project:
Enhanced effectiveness
Revenue generated from extant knowledge assets
Increased value of extant products and services
Increased organizational adaptability
More efficient re-use of knowledge assets
Reduced costs
Reduced cycle time
13
13
Components of Business Analytics
ComponentDefinitionExampleData SourcesData streams and
repositories Data warehouses; weather dataSoftware
ToolsApplications and processes for statistical analysis,
forecasting, predictive modeling, and optimizationData mining
process; forecasting software packageData-Driven
EnvironmentOrganizational environment that creates and
sustains the use of analytics toolsReward system that
encourages the use of the analytics tools; willingness to test or
experimentSkilled WorkforceWorkforce that has the training,
experience, and capability to use the analytics toolsData
scientists, chief data officers, chief analytics officers, analysts,
etc. Netflix, Caesars and Capital One have these skills
14

14
Data Sources for Analytics
Structured (customers, weather patterns) or unstructured
(Tweets, YouTube videos)
Internal or external
Data warehouses full of a variety of information
Real-time information such as stock market prices
15
Data Mining
Combing through massive amounts of customer data, usually
focused on:
Buying patterns/habits (for cross-selling)
Preferences (to help identify new products/
features/enhancements to products)
Unusual purchases (spotting theft)
It also identifies previously unknown relationships among data.
Complex statistics can uncover clusters on many dimensions not
known previously
(e.g., People who like movie x also like movie y)

16
Four Categories of Data Mining Tools
Statistical analysis: Answers questions such as “Why is this
happening?”
Forecasting/Extrapolation: Answers questions such as “What if
these trends continue?”
Predictive modeling: Answers questions such as “What will
happen next?”
Optimization: Answers questions such as “What is the best that
can happen?”
17
How to be Successful
Achieve a data driven culture
Develop skills for data mining
Use a Chief Analytics Officer (CAO) or Chief Data Officer
(CDO)
Shoot for high maturity level (see next slide)
18

LevelDescriptionSource of Business Value1 – Reporting What
happened?Reduce costs of summarizing, printing2 – Analyzing
Why did it happen?Understanding root causes3 –
DescribingWhat is happening nowReal-time understanding &
corrective action4 – Predicting What will happen?Can take best
action5 – PrescribingHow should we respond?Dynamic
correction
Five Maturity Levels of Analytical Capabilities
19
BI and Competitive Advantage
There is a very large amount of data in databases.
Big data: techniques and technologies that make it economical
to deal with very large datasets at the extreme end of the scale:
e.g., 1021 data items
Large datasets can uncover potential trends and causal issues
Specialized computers and tools are needed to mine the data.
Big data emerged because of the rich, unstructured data streams
that are created by social IT.
20

Practical Example
Asthma outbreaks can be predicted by U. of Arizona researchers
with 70% accuracy
They examine tweets and Google searches for words and
phrases like
“wheezing” “sneezing” “inhaler” “can’t breathe”
Relatively rare words (1% of tweets) but 15,000/day
They examine the context of the words:
“It was so romantic I couldn’t catch my breath” vs
“After a run I couldn’t catch my breath”
Helps hospitals make work scheduling decisions
21
Sentiment Analysis
Can analyze tweets and Facebook likes for
Real-time customer reactions to products
Spotting trends in reactions
Useful for politicians, advertisers, software versions, sales
opportunities
22
Google Analytics and Salesforce.com

Listening to the community: Identifying and monitoring all
conversations in the social Web on a particular topic or brand.
Learning who is in the community: Identifying demographics
such as age, gender, location, and other trends to foster closer
relationships.
Engaging people in the community: Communicating directly
with customers on social platforms such as Facebook, YouTube,
LinkedIn, and Twitter using a single app.
Tracking what is being said: Measuring and tracking
demographics, conversations, sentiment, status, and customer
voice using a dashboard and other reporting tools.
Building an audience: Using algorithms to analyze data from
internal and external sources to understand customer attributes,
behaviors, and profiles, then to find new similar customers
23
Google Analytics
Web site testing and optimizing: Understanding traffic to Web
sites and optimizing a site’s content and design for increasing
traffic.
Search optimization: Understanding how Google sees an
organization’s Web site, how other sites link to it, and how
specific search queries drive traffic to it.
Search term interest and insights: Understanding interests in
particular search terms globally, as well as regionally, top
searches for similar terms, and popularity over time.
Advertising support and management: Identifying the best ways
to spend advertising resources for online media.
24

Internet of Things (IoT)
Much big data comes from IoT
Sensor data in products can allow the products to:
Call for service (elevators, heart monitors)
Parallel park, identify location/speed (cars)
Alert you to the age of food (refrigerator)
Waters the lawn when soil is dry (sprinklers)
Self-driving cars find best route (Google)
25
Intellectual Capital vs Intellectual Property
Intellectual Capital: the process for managing knowledge
Intellectual Property: the outputs; the desired product for the
process
Intellectual Property rights differ remarkably by country
26
Closing Caveats

These are emerging concepts and disciplines
Sometimes knowledge should remain hidden (tacit) for
protection
We should remain focused on future events, not just look over
the past
A supportive culture is needed in a firm to enable effective KM
and BI
27
Managing and Using Information Systems:
A Strategic Approach – Sixth Edition
Keri Pearlson, Carol Saunders,
and Dennis Galletta
© Copyright 2016
John Wiley & Sons, Inc.
sustainability

Case Report
Integrated Understanding of Big Data, Big Data
Analysis, and Business Intelligence: A Case Study
of Logistics
Dong-Hui Jin and Hyun-Jung Kim *
Seoul Business School, aSSIST, 46 Ewhayeodae 2-gil,
Seodaemun-gu, Seoul 03767, Korea; [email protected]
* Correspondence: [email protected]; Tel.: +82-70-7012-2722
Received: 5 October 2018; Accepted: 17 October 2018;
Published: 19 October 2018
��
��
Abstract: Efficient decision making based on business
intelligence (BI) is essential to ensure
competitiveness for sustainable growth. The rapid development
of information and communication
technology has made collection and analysis of big data
essential, resulting in a considerable increase
in academic studies on big data and big data analysis (BDA).
However, many of these studies are
not linked to BI, as companies do not understand and utilize the
concepts in an integrated way.
Therefore, the purpose of this study is twofold. First, we review
the literature on BI, big data,
and BDA to show that they are not separate methods but an
integrated decision support system.
Second, we explore how businesses use big data and BDA
practically in conjunction with BI through
a case study of sorting and logistics processing of a typical
courier enterprise. We focus on the
company’s cost efficiency as regards to data collection, data

analysis/simulation, and the results from
actual application. Our findings may enable companies to
achieve management efficiency by utilizing
big data through efficient BI without investing in additional
infrastructure. It could also give them
indirect experience, thereby reducing trial and error in order to
maintain or increase competitiveness.
Keywords: business application; big data; big data analysis;
business intelligence; logistics;
courier service
1. Introduction
A growing number of corporations depend on various and
continuously evolving methods of
extracting valuable information through big data and big data
analysis (BDA) for business intelligence
(BI) to make better decisions. The term “big data” refers to
large amounts of information or data at
a certain point in time and within a particular scope. However,
big data have a short lifecycle with
rapidly decreasing effective value, which makes it difficult for
academic research to keep up with their
fast pace. In addition, big data have no limits regarding their
type, form, or scale, and their scope is
too vast to narrow them down to a specific area of study.
Big data can also simply refer to a huge amount of complex
data, but their type, characteristics,
scale, quality, and depth vary depending on the capabilities and
purpose of each company.
The same holds for the reliability and usability of the results
gathered from analysis of the data.
Previous studies generally agree on three main properties that
define big data, namely, volume,

velocity, and variety, or the “3Vs” [1–4], which have recently
been expanded to “5Vs” with the addition
of veracity/verification and value [5–10].
There are numerous multi-dimensional methods for choosing
how much data to gather and how
to analyze and utilize the data. In brief, the methodology for
extracting valuable information and
taking full advantage of it could be more important than the
data’s quality and quantity. A substantial
amount of research has been devoted to establishing and
developing theories concerning big data,
Sustainability 2018, 10, 3778; doi:10.3390/su10103778
www.mdpi.com/journal/sustainability
http://www.mdpi.com/journal/sustainability
http://www.mdpi.com
https://orcid.org/0000-0003-3698-4665
http://www.mdpi.com/2071-
1050/10/10/3778?type=check_update&version=1
http://dx.doi.org/10.3390/su10103778
http://www.mdpi.com/journal/sustainability
Sustainability 2018, 10, 3778 2 of 15
BDA, and BI to address this need, but it is still challenging for
a company to find, understand, integrate,
and use the findings of these studies, which are often conducted
independently and cover only select
aspects of the subject.
BDA refers to the overall process of applying advanced analytic
skills, such as data mining,
statistical analysis, and predictive analysis, to identify patterns,

correlations, trends, and other useful
techniques [11–15]. BDA contributes to increasing the
operational efficiency and business profits,
and is becoming essential to businesses as big data spreads and
grows rapidly.
BI is a decision support system that includes the overall process
of gathering extensive data,
extracting useful data, and providing analytical applications. In
general, BI has three common
technological elements: a data warehouse integrating an online
transaction processing system;
a database addressing specific topics; online analytical
processing that is used to analyze data in
multi-dimensions in order to use those data; and data mining,
which involves a series of technological
methods for extracting useful knowledge from the gathered data
[16–20].
Some areas of BI and BDA, such as data analysis and data
mining, overlap. This is to be expected,
as the raw data in BI have recently expanded to become big data
in volume and scope. This has
necessitated reorganization of the field and concepts of BI to
provide business insights and enable
better decision making based on BDA [21]. Although BI and
BDA are generally studied independently,
it is challenging and often unnecessary to distinguish between
the two concepts when performing
business tasks.
Given the cost of gathering and analyzing big data, it is
important to identify what data to collect,
the range of the data, and the most cost-effective purpose of the
data using BI. For this purpose, it is
effective to understand and apply the methodology based on

experiences of companies shared through
a case study. Therefore, the present study has the following
aims. First, we explore the meaning of BI,
big data, and BDA through a literature review and show that
they are not separate methods, but rather
an organically connected and integrated decision support
system. Second, we use a case study to
examine how big data and BDA are applied in practice through
BI for greater understanding of the
topic. The case study is conducted on a large and rapidly
growing courier service in the logistics
industry, which has a long history of research. In particular, we
examine how the company efficiently
allocates vehicles in hub terminals by collecting, analyzing, and
applying big data to make informed
decisions quickly, as well as uses BI to enhance productivity
and cost-effectiveness.
The rest of the paper proceeds as follows. Section 2 reviews the
research background and literature
related to BI, big data, and BDA. Section 3 presents the case
study for the company and industry and
discusses the case in detail. Finally, Section 4 concludes by
discussing the implications and directions
for future research.
2. Literature Review
Big data have become a subject of growing importance,
especially since Manyika et al. pointed out
that they should be regarded as a key factor to increase
corporate productivity and competitiveness [22].
Many researchers have shown interest in big data, as the rapid
development of information and
communication technology (ICT) generates a significant amount
of data. This has led to lively

discussions about the collection, storage, and application of
such data. In 2012, Kang et al. argued that
the value of big data lies in making forecasts by recognizing
situations, creating new value, simulating
different scenarios, and analyzing patterns through analysis of
the data on a massive scale [23]. In 2011,
only 38 studies related to big data and BDA were listed in the
Science Citation Index Expanded (SCIE),
Social Science Citation Index (SSCI), Arts & Humanities
Citation Index (AHCI), and Emerging Sources
Citation Index (ESCI), but in 2012, this number increased to 92,
and then rapidly increased to 1009 in
2015 and 3890 in 2017 [24].
2.1. Toward an Integrated Understanding of Big Data, BDA, and
BI
The research boom regarding big data has led to the
development of BDA, through which
valuable information is extracted from a company’s data.
Companies are well aware of the increasing
importance and investment need for BDA, as shown by Tankard
[25], who claimed that a company can
secure higher market share than its rivals and has the potential
to increase its operating profit margin
ratio by up to 60% by using big data effectively [25,26]. In the
logistics industry, big data are used
more widely than ever for supporting and optimizing
operational processes, including supply chain
management. Big data have been instrumental in developing
new products and services, planning
supply, managing inventory and risks, and providing customized

services [26–29].
BI has a longer history of research than that of big data. In
1865, Richard Millar Devens mentioned
the concept in the Cyclopaedia of Commercial and Business
Anecdotes [30], after which Luhn began
using it in its modern meaning in 1958 [31]. Thereafter, Vitt et
al. defined BI as an information system
and method for decision making that incorporates the four-step
cycle of analysis, insight, action,
and performance measurement [32]. Solomon suggested a
framework of BI and argued that research
in the area was necessary [20]. Then, Turban et al. [33]
expanded the scope of research to embrace
data mining, warehousing and acquisition, and business
analysis, and a growing number of studies
followed. Miškuf and Zolotová studied BI using Cognos—a BI
solution system adopted by IBM—and
the case of U.S. Steel to ascertain how to best apply
enterprise/manufacturing intelligence to manage
manufacturing data efficiently [30]. Van-Hau pointed out the
lack of a general framework in BI that
would allow businesses to integrate results and systematically
use them, as well as discussed issues
that needed to be researched further [34]. In summary, the
concept of BI has been expanding with
regard to application systems and technologies that support
enterprises in making better choices by
gathering, storing, analyzing, and accessing data more
effectively [35].
Previous research has dealt mostly with management and
decision support systems and
applications in BI, as well as technological aspects such as
algorithms and computing for big data
and BDA. However, the research areas are broadening, and

topics are becoming more diverse
based on different macroeconomic environments, pace of
technological progress, and division of
the research field. Therefore, many studies on BI, big data, and
BDA have been conducted separately.
More importantly, big data research has a relatively short
history, as it only started attracting significant
attention since around 2012, when rapid development of ICTs
led to discussions on how to gather
and use the unprecedented amount of data generated. On the
other hand, BI has long been a point of
interest among researchers.
The boundaries between these concepts—big data, BDA, and
BI—are often unclear and ambiguous
for companies. Generally, BI consists of an information value
chain for gathering raw data,
turning these data into useful information, management decision
making, driving business results,
and raising corporate value [36]. However, considering that
“raw data” have been expanded to “big
data” owing to the development of ICT and data storage, it is
safe to say that BI and big data/BDA are
presently not independent methods but organically coexist as an
integrated decision support system,
incorporating all processes from data gathering to management
decision making in business.
As research interest in big data began to grow since 2012, Chen
et al. grouped previous works
in the literature into BI and analytics and divided the evolution
process of the subject into stages to
examine the main characteristics and features of each stage
[37]. Subsequently, Wixom et al. proposed
the necessity of studying BI—including big data/BDA—and
business analytics to address changes

in the field, since there was increasing awareness about the use
and need of big data after the BI
Conference of the Communications of the Association for
Information Systems in 2009 and 2010 [38].
Fan et al. studied BI in the marketing sector in a big data
environment and concluded that big data
and BDA are disruptive technologies that reorganize the
processes of BI to gain business insights for
better decision making [21]. In addition, Bala and Balachandran
defined cloud computing and big
data as the two of the most important technologies in recent
years and explored the improvement
of decision-making processes through BI by integrating these
two key technologies for storing and
distributing data using cloud computing [39]. These cases
illustrate that an increasing number of
researchers are approaching BI and big data/BDA as an
integrated concept.
2.2. In-Depth Research through Case Studies
The growing interest in big data/BDA and rapid development in
this area have strengthened
BI as a decision support system, thereby promoting corporate
management and enhancing business
value by providing more valuable information to generate
innovative ideas for new products and
services. This has led to a rise in customer satisfaction,
improved inventory and risk management,
improved supply chain risk management, creation of
competitive information, and provision of

real-time business insights [26–29,40–42].
Considering the short lifecycle of big data and their use in
companies, there are numerous,
multi-dimensional methods for deciding how much data to
gather and how to analyze and utilize the
data speedily and effectively. As David et al. emphasized in The
Parable of Google Flu: Traps in Big Data
Analysis, the essential element is turning data into valuable
information, not the quantity of data or
new data itself [43]. It is thus important to establish a database
of integrated convergent knowledge
and continue to develop this by accumulating knowledge and
experiences through case studies based
on practical use that apply the principals of BI and big
data/BDA effectively. Below, we list examples
of successful studies on the use and application of big
data/BDA in practice.
• Zhong et al. examined a big data approach that facilitates
several innovations that can guide
end-users to implement associated decisions through radio
frequency identification (RFID) to
support logistics management with RFID-Cuboids, map tables,
and a spatiotemporal sequential
logistics trajectory [44].
• Marcos et al. studied both the environment and approaches to
conduct BDA, such as data
management, model development, visualization, user
interaction, and business models [45].
• Kim reported several successful cases of big data application.
Examples include analysis of
competing scenarios through 66,000 simulated elections
conducted per day to understand the

decisions of individual voters during the 2012 reelection
campaign of former US president Barack
Obama and delivery routes and time management based on
vehicle and parcel locations adopted
by UPS, a US courier service company [46].
• Wang et al. redefined big data business analytics of logistics
and supply chain management as
supply chain analytics and discussed its importance [47].
• Queiroz and Telles studied the level of awareness of BDA in
Brazilian companies through surveys
conducted via questionnaires and proposed a framework to
analyze companies’ maturity in
implementing BDA projects in logistics and supply chain
management [48].
• Hopkins analyzed the impact of BDA and Internet of things
(IoT), such as truck telematics and
geo-information in supporting large logistics companies to
improve drivers’ safety and operating
cost-efficiency [49].
The above examples of big data/BDA used by governments or
corporations, as well as entities
dealing with methods in either specific or general areas, make it
clear that there is an abundance of
studies on the need for and efficiency of big data. However, big
data and BDA have not been studied
until recently, and few studies use real corporate examples—
especially in the logistics industry—that
provide valuable business insights through detailed methods and
results.
Researchers should endeavor to provide second-hand experience
through specific case studies

using big data/BDA-based BI, and then accumulate and
integrate such case studies to establish a
database of integrated convergent knowledge. This could enable
corporations to adjust to changing
environments and improve the productivity and efficiency of the
organization.
3. Practical Business Application
The present study aims to examine the overall status of the
logistics industry (an industry with
continuously growing demand and prominence) and the courier
service industry (an industry used
by more consumers than any other logistics market segment) as
well as business applications related
to big data/BDA and BI. The final aim is to assist corporations
in reducing trial-and-error periods in
management, establishing long-term strategies, and enhancing
cost-effectiveness of the corporations.
3.1. Courier Service Overview
Given consumers’ increasing focus on personal service and
convenience in consumer products, as
well as global economic development, the manufacturing sector
is converting from mass production of
limited items to multi-item, small-scale production. This is
rapidly increasing the volume and sales of
courier services as more consumers buy online. Increased online
purchases are also a result of ICT
advances. According to the Korean Statistical Information
Service, Korea’s e-retail sales amounted

to KRW 79,954,478 million in 2017, an increase of 21.85%
from KRW 65,617,046 million in 2016,
and a massive 107.69% increase from 2013 [50]. The courier
service industry has become the biggest
beneficiary of this dramatic increase in the volume of goods
transported and is a suitable yardstick to
measure the growth of the logistics industry [51,52].
Traditionally, logistics was considered a support
industry for manufacturing and consumption and was mainly
perceived as a cost, but it has since
emerged as the main industry connecting producers and
consumers. Manufacturing corporations
regard supply expansion based on ICT to meet consumers’
demands as a key growth strategy, and the
courier service industry has shown remarkable growth owing to
the sharp increase in the need for
parcel transportation [53].
A courier service is generally defined as comprising the entire
process of transportation,
from receiving a parcel to packaging, transporting, and
delivering the parcel to the final destination
under the transporter’s responsibility and at the customer’s
request [54,55]. The courier service
industry usually faces oligopolistic market competition, as it is
an enormous service system
that requires huge initial investment. Courier service companies
are normally large operational
organizations that deal with large amounts of cargo, hub
terminals, general information systems, and a
wide range of transportation vehicles and consist of a
complicated network of labor and equipment [51].
Davis previously examined the usefulness of courier services by
using information technology
in the logistics industry [56]. DeLone and McLean showed that

a successful information system
environment is a significant factor influencing user satisfaction
as it models its influences on
individuals and organizations [57]. Kim et al. focused on the
use of transportation routes,
freight distribution centers, and brokerage points for efficient
parcel transportation via main roads [58].
Visser and Lanzendorf [59] analyzed the effects of business-to-
consumer (B2C) e-commerce for cargo
transportation, revealing that an increase in the demand for
courier services leads to changes in
freight per ton, distance, size, and fill rate of trucks. The
authors illustrated the relationship between
consolidation and transportation routes in courier companies
[59]. Jeong et al. discussed the allocation
of service centers to terminals with a given number of cargo
terminals and locations [60], while Goh
and Min examined the time of delivery by the capacity of cargo
terminals [61]. Meanwhile, Sherif et al.
presented an integrated model of the number and location of
warehouses, allocation of customers to
warehouses, and number and routes of vehicles to minimize
transportation cost, fixed cost, operational
cost, and route cost [62]. Lim et al. focused on the improvement
of service quality while considering
price reduction due to the increase of online demand, volume of
delivery, and short-term responses,
as well as the lack of mid- and long-term responses due to
increase in online transactions [63]. Park et al.
investigated methods of increasing productivity while
considering both logistics and employees by
utilizing a wireless Internet system [64], while Kim and Choi
explored the effects of a corporation’s
logistics technology on courier services based on online
shopping malls as courier service users [65].

In summary, most previous research concerning the courier
service industry focused on the
analysis of courier service networks and delivery efficiency in
terms of optimal logistics structures,
methods for improving service quality, and minimization of
costs in terms of operational requirements.
Only a few case studies gathered and analyzed big data or BI
applications in the field, considering the
increase in e-commerce delivery demand.
3.2. Case Study: CJ Logistics
This study uses the case of CJ Logistics, Korea’s largest
logistics company. It examines the sorting
process, especially regarding decisions about loading/unloading
docks and hub terminals, which are
at the core of courier services, to examine the effective use of
big data/BDA through BI.
CJ Logistics was selected as the research subject as it is the
largest logistics service provider in
Korea with the highest market share and sales revenue of KRW
7110.3 billion in 2017 [66]. In addition,
as shown in Figure 1 (big data case of CJ Logistics, March
2018), the company is an innovation
leader in the industry. It is traditionally considered a 3D
business that uses BI based on high-tech
automation-oriented technology, engineering, and system and
solution plus consulting (TES + C),
while actively and rapidly adopting big data/BDA at the same
time.

Sustainability 2018, 10, x FOR PEER REVIEW 6 of 15
3.2. Case Study: CJ Logistics
This study uses the case of CJ Logistics, Korea’s largest
logistics company. It examines the sorting
process, especially regarding decisions about loading/unloading
docks and hub terminals, which are
at the core of courier services, to examine the effective use of
big data/BDA through BI.
CJ Logistics was selected as the research subject as it is the
largest logistics service provider in
Korea with the highest market share and sales revenue of KRW
7110.3 billion in 2017 [66]. In addition,
as shown in Figure 1 (big data case of CJ Logistics, March
2018), the company is an innovation leader
in the industry. It is traditionally considered a 3D business that
uses BI based on high-tech
automation-oriented technology, engineering, and system and
solution plus consulting (TES + C),
while actively and rapidly adopting big data/BDA at the same
time.
Figure 1. Technology, engineering, system and solution plus
consulting (TES + C) of CJ Logistics.
CJ Logistics is a market leader equipped with cutting-edge
logistics technologies, including real-
time tracking of freight, an integrated courier and freight
tracking system that enables users to view
customer information and requirements, satellite vehicle
tracking, and temperature control systems

[67]. In 2017, CJ Logistics invested more than KRW 120 billion
to automate its sorting process through
sub-terminals to aid sustainable growth. CJ Logistics’
infrastructure is more than three times bigger
than that of its closest competitor in the courier service
industry. With five hub terminals, more than
270 sub-terminals, and more than 16,000 vehicles, CJ Logistics
processes more than 5.3 million
packages per day. Its mega hub terminal in Gwangju, Gyeonggi-
do Province—which was due for
completion in August 2018 with an investment of more than
KRW 400 billion—will utilize
convergence technologies such as big data, robots, and IoT to
expand its services for the convenience
of its customers across Korea. This will include same-day
delivery, same-day return, and scheduled
delivery services. The company is simultaneously moving
forward with its planned international
growth. At the end of 2017, CJ Logistics had a global network
of 238 centers in 137 cities and 32
countries. It opened the Shenyang Flagship Center, a mammoth
logistics center in Shenyang, China,
on 15 June 2018. The purpose of this investment was to
accelerate the company’s business in northern
Asia, including three provinces of northeastern China—
Liaoning, Jilin, and Heilongjiang. The
company has implemented huge capital expenditure to broaden
its business efficiently, laying the
groundwork for sustainable growth and expansion by raising the
entrance barrier for rivals (big data
case of CJ Logistics, March 2018).
CJ Logistics mainly uses a hub-and-spoke system, which
connects points via hubs or logistics
centers dealing with massive cargo volumes in its courier
service; it also uses a point-to-point

operational system directly connecting origins and destinations.
The point-to-point system delivers
Figure 1. Technology, engineering, system and solution plus
consulting (TES + C) of CJ Logistics.
CJ Logistics is a market leader equipped with cutting-edge
logistics technologies,
including real-time tracking of freight, an integrated courier and
freight tracking system that enables
users to view customer information and requirements, satellite
vehicle tracking, and temperature
control systems [67]. In 2017, CJ Logistics invested more than
KRW 120 billion to automate its sorting
process through sub-terminals to aid sustainable growth. CJ
Logistics’ infrastructure is more than
three times bigger than that of its closest competitor in the
courier service industry. With five hub
terminals, more than 270 sub-terminals, and more than 16,000
vehicles, CJ Logistics processes more
than 5.3 million packages per day. Its mega hub terminal in
Gwangju, Gyeonggi-do Province—which
was due for completion in August 2018 with an investment of
more than KRW 400 billion—will
utilize convergence technologies such as big data, robots, and
IoT to expand its services for the
convenience of its customers across Korea. This will include
same-day delivery, same-day return,
and scheduled delivery services. The company is simultaneously
moving forward with its planned
international growth. At the end of 2017, CJ Logistics had a
global network of 238 centers in 137 cities
and 32 countries. It opened the Shenyang Flagship Center, a
mammoth logistics center in Shenyang,
China, on 15 June 2018. The purpose of this investment was to
accelerate the company’s business in

northern Asia, including three provinces of northeastern
China—Liaoning, Jilin, and Heilongjiang.
The company has implemented huge capital expenditure to
broaden its business efficiently, laying the
groundwork for sustainable growth and expansion by raising the
entrance barrier for rivals (big data
case of CJ Logistics, March 2018).
CJ Logistics mainly uses a hub-and-spoke system, which
connects points via hubs or logistics
centers dealing with massive cargo volumes in its courier
service; it also uses a point-to-point
operational system directly connecting origins and destinations.
The point-to-point system delivers
to and from terminals, saving time on package arrivals while
alleviating capacity issues during the
peak season. However, growing volumes may increase costs, as
they require more investment in
terminals; a volume imbalance among terminals can cause
unnecessary additional costs. On the other
hand, in the hub-and-spoke system, packages are gathered and
sorted in a large terminal before being
delivered to a destination terminal. The advantage of this
system is that it reduces arrival time to
the terminals, easing the imbalance in volume. However, the
disadvantages are that it may delay
deliveries to distant or rural areas during the peak season and
requires a large-scale hub terminal [67].
Since CJ Logistics mostly uses the hub-and-spoke system,
whose core is the logistics process

at the hub terminal, this study focuses on decisions concerning
the loading/unloading docks in the
process. This focus point was selected for the following
reasons. First, few previous studies have
focused on this segment, even though it has greater room for
improvement regarding productivity and
efficiency than other segments. Second, the importance of this
segment may have been overlooked,
since standardizing the process is challenging owing to
differences in the environment, such as the
distance between buildings or shape of the space. Third, there
are many other difficulties to address,
including outsourcing, warehouse management, freight payment,
inventory management, packing,
customs clearance, and customer claims [51]. Many courier
service providers allocate hub terminal
docks for loading/unloading simply according to terminal
conditions, such as the distance between
docks and number of packages, mostly based on past
experience. By contrast, CJ Logistics has
dramatically improved productivity and efficiency by “seeing
the unseen” through the use of big
data/BDA and promoting faster and better decision making
through BI.
The hub terminal process was selected from the three general
stages of courier services, namely,
pick-up, transport/sorting, and delivery (Figure 2). This process
was selected because it is the central
process connecting pick-ups from different locations with
delivery to different destinations [68,69].
to and from terminals, saving time on package arrivals while

alleviating capacity issues during the
peak season. However, growing volumes may increase costs, as
they require more investment in
terminals; a volume imbalance among terminals can cause
unnecessary additional costs. On the other
hand, in the hub-and-spoke system, packages are gathered and
sorted in a large terminal before being
delivered to a destination terminal. The advantage of this
system is that it reduces arrival time to the
terminals, easing the imbalance in volume. However, the
disadvantages are that it may delay
deliveries to distant or rural areas during the peak season and
requires a large-scale hub terminal
[67].
Since CJ Logistics mostly uses the hub-and-spoke system,
whose core is the logistics process at
the hub terminal, this study focuses on decisions concerning the
loading/unloading docks in the
process. This focus point was selected for the following
reasons. First, few previous studies have
focused on this segment, even though it has greater room for
improvement regarding productivity
and efficiency than other segments. Second, the importance of
this segment may have been
overlooked, since standardizing the process is challenging
owing to differences in the environment,
such as the distance between buildings or shape of the space.
Third, there are many other difficulties
to address, including outsourcing, warehouse management,
freight payment, inventory
management, packing, customs clearance, and customer claims
[51]. Many courier service providers
allocate hub terminal docks for loading/unloading simply
according to terminal conditions, such as
the distance between docks and number of packages, mostly

based on past experience. By contrast,
CJ Logistics has dramatically improved productivity and
efficiency by “seeing the unseen” through
the use of big data/BDA and promoting faster and better
decision making through BI.
The hub terminal process was selected from the three general
stages of courier services, namely,
pick-up, transport/sorting, and delivery (Figure 2). This process
was selected because it is the central
process connecting pick-ups from different locations with
delivery to different destinations [68,69].
Figure 2. General courier service structure.
An incident that occurs at the hub terminal can have a serious
impact on the entire cycle—from
pick-up to delivery—and could cause a bottleneck effect at hub
terminals. This is a significant issue
that needs to be addressed to secure growth in the industry, as it
can paralyze transportation and
delivery within a company on a large scale. Resolving this issue
alongside difficulties in other areas
by using big data/BDA could improve company productivity and
efficiency as a whole.
Figure 2. General courier service structure.
An incident that occurs at the hub terminal can have a serious
impact on the entire cycle—from
pick-up to delivery—and could cause a bottleneck effect at hub

terminals. This is a significant issue
that needs to be addressed to secure growth in the industry, as it
can paralyze transportation and
delivery within a company on a large scale. Resolving this issue
alongside difficulties in other areas by
using big data/BDA could improve company productivity and
efficiency as a whole.
3.2.1. Data and Methodology
CJ Logistics witnessed a drastic rise in online and offline B2C
transactions, experiencing a
compound annual growth rate of 9.9% from 2011 to 2016. In
addition, the courier company’s market
share rose from 42% in 2015 to 46% in 2017. To accommodate
this growth, the company increased
the number and size of its vehicles, established a demand
forecasting system, and improved its
peer-to-peer (P2P) network. These measures increased the daily
delivery per person from 262 boxes
to 344 boxes between 2015 and 2017, while the sorting capacity
of hub terminals was improved from
around 4.4 million cases to 5.3 million cases during the same
period. However, since the company’s
hub terminal capacity had reached its limit, bottlenecks in the
logistics process were becoming serious.
As a result, the rate of remaining cargo increased by 3.1%, and
the overnight delivery rate dropped by
2.3% between 2015 and 2017. This situation makes it clear that
it is imperative for the company to find
a solution through methods that could enhance hub terminal
capacity.
To address this issue, CJ Logistics decided to integrate BDA
into its existing decision-making
processes to understand the current situation better, enabling the

company to make better-informed
choices and identify future directions. Daejeon hub was chosen
for the pilot test. First, information
was gathered on roughly 75 million inbound invoices and 240
million packages at Daejeon hub
terminal out of a total of 260 million inbound invoices and 720
million packages at hub terminals.
The information was gathered over a three-month period
between November 2016 and January 2017.
This information was used to generate extensive data on the
unloading docks at the hub terminal
as well as on routes, transition points, moving time, loading
docks, remaining cargo, and sorting
personnel for BDA. Based on the results, the shortest distance
between loading and unloading docks,
time metrics, and vehicle loading information were integrated
with application methods (as shown
later in this subsection). The simulation produced results that
would have been impossible to obtain by
conventional dock allocation methods that are based on
classification codes and number of packages.
By reflecting the results at different sites, CJ Logistics was able
to increase its hub terminal capacity, as
shown in the following paragraphs.
Packages delivered by customers are collected at sub-terminals
in each region and transported
to hub terminals by truck. Vehicles entering the hub terminal
wait for dock allocation and are then
unloaded or loaded after being allocated, as per the process
shown in Figure 3. In the entire dock
allocation process, CJ Logistics reflected at least two types of
objective functions to identify the
first-in-line vehicle to unload among those waiting, the closest
unloading chute, and the second-in-line
chute and vehicle in terms of waiting time while unloading

vehicles to optimize dock allocation in the
hub terminal.
Objective function (1) sets the weighting factor for unloading
priority and reflects the number of
packages using the volume information in the vehicles for
application based on four types of “reference
information”, namely, (1) loading priority of waiting vehicles
by route; (2) customer classification
according to special sale customers, premium customers, and
general customers; (3) vehicle
classification according to unloading only, unloading/loading,
and loading only; and (4) content
classification according to console, produce, and general. These
unloading priorities were set within
the “constraints” of the remaining vehicles that had not been
unloaded, and vehicles waiting for more
than three hours that should have been unloaded first. Table 1
presents vehicle unloading priorities
based on weighting factor and time.
Figure 3. Optimization of dock allocation process.
Objective function (1): Selection of vehicles to unload first
= ∗ (1)
W: weighting factor for unloading priority, N: number of
packages.

Table 1. Selection of vehicle unloading priorities according to
weighting factor and time.
Order Category W (Before 0:00) W (After 0:00)
1 Special sale customer 50 3
2 Route for loading first 30 50
3 Console volume 8 15
4 Produce 7 10
5 Premium customer 3 20
6 First-in, first-out (FIFO) 2 2
Note: W: weighting factor for unloading priority.
Objective function (2) pertains to optimum unloading chute
allocation. This was calculated using
volume by loading chute for each vehicle, travel time between
unloading/loading chutes, content
information, and reflected travel time under the constraints. The
function includes minimization of
congestion through equal allocation of vehicles, minimization
of travel between buildings, and
allocation of vehicles with more than 30% console content to a
special console unloading zone, based
on two types of reference information. The reference
information includes (1) travel time between
Figure 3. Optimization of dock allocation process.
Objective function (1): Selection of vehicles to unload first
Selection of vehicles to unload first = ∑( W ∗ N ) (1)
W: weighting factor for unloading priority, N: number of
packages.
Table 1. Selection of vehicle unloading priorities according to

weighting factor and time.
Order Category W (Before 0:00) W (After 0:00)
1 Special sale customer 50 3
2 Route for loading first 30 50
3 Console volume 8 15
4 Produce 7 10
5 Premium customer 3 20
6 First-in, first-out (FIFO) 2 2
Note: W: weighting factor for unloading priority.
Objective function (2) pertains to optimum unloading chute
allocation. This was calculated
using volume by loading chute for each vehicle, travel time
between unloading/loading chutes,
content information, and reflected travel time under the
constraints. The function includes
minimization of congestion through equal allocation of
vehicles, minimization of travel between
buildings, and allocation of vehicles with more than 30%
console content to a special console unloading
zone, based on two types of reference information. The
reference information includes (1) travel
time between loading/unloading chutes and (2) unloading
service time for maximum, minimum,
and average volume.
Objective function (2): Optimum unloading chute allocation
Optimum unloading chute allocation = ∑( L ∗ T ) (2)

L: Volume in the vehicles by loading chutes, T: Travel time
between loading/unloading chutes.
Although vehicles are assigned to docks through optimum
chutes, by considering operational
status at the docks and the fact that unloading procedures can
change at any time, the function repeats
the optimization of the dock allocation process to decide
whether a vehicle should be placed on hold
or assigned to a second dock, or whether a second-in-line
vehicle should be sent first to increase
efficiency. Information from the BDA was used in connection
with balancing the volume among
loading docks through tracking analysis of individual products,
fast delivery by development of
new P2P routes, expansion of hub terminal capacity, and
volume analysis of products for higher
productivity and efficiency.
3.2.2. Simulation and Adoption Result
On 6 November 2016, vehicle number “98 Ba 3490” loaded with
cargo from Jungrang sub-terminal
arrived at Daejeon hub terminal, unloaded, and then should have
reloaded 249 items (52.8% of the
total load) on the B1 and 1st floors of Building A, 177 items
(37.5% of the total load) on the 1st and 2nd
floors of Building B, and 46 items (9.7% of the total load) on
the 1st floor of Building C as can be seen
in Figure 4a, and the number of items in the red box indicate the
quantity that should be loaded in the
individual dock. Therefore, the vehicle was allocated to Dock
D7 of Building A, since there were more
packages to load at Building A than at the other docks (see the
purple dot in Figure 4a). It took 57 min

and 34 s to complete the unloading/loading process.
However, a simulation based on big data/BDA revealed that
dock allocation according to the
number of items to load, as shown earlier in this subsection,
was very inefficient. The choice of
Dock D7, Building A was ranked 41st, as evident from the
ranking table in Figure 4b, in terms of
efficiency, and unloading at Dock F8, Building B proved most
efficient (see the blue dot in Figure 4b).
This information could not be determined before the BDA. The
simulation results showed that
unloading at Dock F8, Building B could decrease the vehicle’s
travel time to around one-fifth of
the actual time it took when using Dock D7, Building A. The
actual travel time was three times greater
than the simulated travel time. When a simulation was
conducted using the entire fleet of vehicles,
the overall efficiency of the hub terminal rose, reducing travel
time by more than 20 min, even when
unloading at Dock D7, Building A.
CJ Logistics shared the simulation results through the internal
reporting system using BI,
thus enabling management to make decisions optimizing dock
allocations and considering the flow
of cargo traffic in hub terminals. As a result, the flow of
products improved dramatically, raising the
processing rate per hour as well as the rate of overnight
deliveries, while lowering the rate of remaining
freight. In Daejeon hub terminal, the average distribution time
per vehicle was 52 min and 42 s during
the thanksgiving season in 2016. This time decreased to 44 min
and 7 s during the same period in 2017,
a remarkable improvement of 16.3%. Building on such positive
results, CJ Logistics subdivided the

distribution model by days of the week, seasons, and events,
and fine-tuned the metrics of optimum
paths. This system was applied to mega hubs in metropolitan
areas. By late 2017, the system had
been applied throughout the country. The remaining cargo was
reduced by 14% from the previous
year, and the overnight delivery rate increased by 2.8% in 2017.
In summary, CJ Logistics achieved a
phenomenal rise in productivity and cost-effectiveness through
the use of big data/BDA. It still used
the existing infrastructure but expanded the application of BI
based on BDA to make decisions across
business segments, for long-term strategies, and for additional
investment by management.
Figure 4. (a) Before optimization of dock allocation; DaeJeon
Hub Terminal of CJ Logistics; (b) After
optimization of dock allocation using BDA; DaeJeon Hub
Terminal of CJ Logistics.
4. Discussion and Conclusions
Business activities that are believed to be sufficiently empirical
and productive to ensure
efficiency can benefit from different perspectives and
breakthroughs upon acquiring and analyzing
big data, and can be realized through BI. The value of big data
depends on the types of data extracted
and how they are utilized. The crucial factor, however, is the

method of turning raw data into
valuable information, and not the quality or quantity of the data.
Therefore, it is vital to identify the
type and scope of data to be collected according to their purpose
and focus area. The efficient use of
Figure 4. (a) Before optimization of dock allocation; DaeJeon
Hub Terminal of CJ Logistics; (b) After
optimization of dock allocation using BDA; DaeJeon Hub
Terminal of CJ Logistics.
4. Discussion and Conclusions
Business activities that are believed to be sufficiently empirical
and productive to ensure efficiency
can benefit from different perspectives and breakthroughs upon
acquiring and analyzing big data,
and can be realized through BI. The value of big data depends
on the types of data extracted and
how they are utilized. The crucial factor, however, is the
method of turning raw data into valuable
information, and not the quality or quantity of the data.
Therefore, it is vital to identify the type and
scope of data to be collected according to their purpose and
focus area. The efficient use of big data
may provide an opportunity to a small or medium enterprise to
become a large corporation or market
leader by taking advantage of meaningful information, and for a
large corporation to maintain its
market share and ensure sustainable growth and
competitiveness. Many studies have been conducted

on BI, big data, and BDA so far, but for enterprises to
implement changes, it is necessary for them
to understand intuitively that BI, big data, and BDA cannot be
separated, but should be integrated
and utilized in the management decision support system as a
whole. As the case study of CJ Logistics
shows, the process of collecting and analyzing big data and
applying it through BI is separated neither
individually nor progressively.
The limitations of this case study include the facts that the big
data have been derived from a
limited date range, there are differences in the infrastructure
and situation of each company, and the
case study represents only a portion of a company within a
specific industry. Nonetheless, we believe
that this case study can be directly applied to other logistics
companies within the same sector and,
therefore, can help these companies achieve time and cost
efficiency without much trial and error.
Our study can also have a positive long-run impact by informing
companies in the logistics industry,
as well as in other industries, of the possibility of increasing the
efficiency and productivity of their
existing infrastructure without additional investment. CJ
Logistics’ process of expanding and applying
the experience gained through the combined use of BI, big data,
and BDA to all of its business
divisions can be a valuable example for other companies and
may provide insights concerning future
business directions and reduced trial and error. Future studies
can expand on this research to provide
practical knowledge and experience by collecting and sharing
similar case studies, including those
about volumetric analysis through ITS (Intelligence Scanner) of
goods, volume management through

production of boxes for each customer, classification of
customers based on volume density, and etc.
which are based on practical business applications to build
integrated knowledge.
Author Contributions: Conceptualization, D.-H.J. and H.-J.K.;
methodology, D.-H.J.; software, D.-H.J.; validation,
D.-H.J. and H.-J.K.; formal analysis, D.-H.J.; investigation, D.-
H.J.; resources, D.-H.J.; data curation, D.-H.J.;
writing—original draft preparation, D.-H.J.; writing—review
and editing, D.-H.J. and H.-J.K.; visualization,
D.-H.J.; supervision, D.-H.J. and H.-J.K.; project
administration, D.-H.J. and H.-J.K.
Funding: This research received no external funding.
Conflicts of Interest: CJ Logistics provided some part of the
data for the case study to Dong Hui Jin and validated
all the data used in this study.
References
1. Laney, D. 3D Data Management: Controlling Data Volume,
Velocity and Variety; Application Delivery Strategy;
META Group: Stamford, CT, USA, 2001; Volume 949.
2. McAfee, A.; Brynjolfsson, E. Big data: The management
revolution. Harv. Bus. Rev. 2012, 90, 60–68. [PubMed]
3. Fosso Wamba, S.; Akter, S.; Edwards, A.; Chopin, G.;
Gnanzou, D. How ‘big data’ can make big impact:
Findings from a systematic review and a longitudinal case
study. Int. J. Prod. Econ. 2015, 165, 234–246.
[CrossRef]
4. Wang, Y.; Kung, L.; Wang, W.Y.C.; Cegielski, C.G. An

integrated big data analytics-enabled transformation
model: Application to health care. Inf. Manag. 2018, 55, 64–79.
[CrossRef]
5. White, M. Digital workplaces: Vision and reality. Bus. Inf.
Rev. 2012, 209, 205–214. [CrossRef]
6. Kambatla, K.; Kollias, G.; Kumar, V.; Grama, A. Trends in
big data analytics. J. Parallel Distrib. Comput. 2014,
74, 2561–2573. [CrossRef]
7. Addo-Tenkorang, R.; Helo, P.T. Big data applications in
operations/supply-chain management: A literature
review. Comput. Ind. Eng. 2016, 101, 528–543. [CrossRef]
8. Richey, R.G.; Morgan, T.R.; Lindsey-Hall, K.; Adams, F.G.
A global exploration of big data in the supply
chain. Int. J. Phys. Distrib. Logist. Manag. 2016, 46, 710–739.
[CrossRef]
9. Yu, W.; Chavez, R.; Jacobs, M.A.; Feng, M. Data-driven
supply chain capabilities and performance:
A resource-based view. Transp. Res. E Logist. 2018, 114, 371–
385. [CrossRef]
http://www.ncbi.nlm.nih.gov/pubmed/23074865
http://dx.doi.org/10.1016/j.ijpe.2014.12.031
http://dx.doi.org/10.1016/j.im.2017.04.001
http://dx.doi.org/10.1177/0266382112470412
http://dx.doi.org/10.1016/j.jpdc.2014.01.003
http://dx.doi.org/10.1016/j.cie.2016.09.023
http://dx.doi.org/10.1108/IJPDLM-05-2016-0134
http://dx.doi.org/10.1016/j.tre.2017.04.002

10. Roßmann, B.; Canzaniello, A.; Von der Gracht, H.;
Hartmann, E. The future and social impact of Big Data
Analytics in Supply Chain Management: Results from a Delphi
study. Technol. Forecast. Soc. Chang. 2018,
130, 135–149. [CrossRef]
11. Russom, P. Big Data Analytics. TDWI Best Practices
Report, Fourth Quarter. 2011. Available online: tdwi.org
(accessed on 12 July 2018).
12. Rouse, M. Big Data Analytics. 2012. Available online:
http://searchbusinessanalytics.techtarget.com/
definition/big-data-analytics (accessed on 12 July 2018).
13. LaValle, S.; Lesser, E.; Shockley, R.; Hopkins, M.S.;
Kruschwitz, N. Big data, analytics and the path from
insights to value. MIT Sloan Manag. Rev. 2013, 52, 21–31.
14. Loshin, D. Big Data Analytics: From Strategic Planning to
Enterprise Integration with Tools, Techniques, NoSQL,
and Graph; Elsevier: Waltham, MA, USA, 2013.
15. Tiwari, S.; Wee, H.M.; Daryanto, Y. Big data analytics in
supply chain management between 2010 and 2016:
Insights to industries. Comput. Ind. Eng. 2018, 115, 319–330.
[CrossRef]
16. Gilad, B.; Herring, J.P. The Art and Science of Business
Intelligence Analysis; JAI Press Ltd.: Greenwich, UK, 1996.
17. Davenport, T.; Prusak, L. Working Knowledge; HBS Press:
Boston, MA, USA, 1998.
18. Berson, A.; Smith, S.; Thearling, K. Building Data Mining
Application for CRM; McGraw-Hill: New York, NY,
USA, 2000.

19. Simon, A.; Shaffer, S. Data Warehousing and Business
Intelligence for E-Commerce; Morgan Kaufmann Publishers:
San Francisco, CA, USA, 2001.
20. Solomon, N. Business intelligence. Commun. Assoc. Inf.
Syst. 2004, 13, 177–195.
21. Fan, S.; Raymond, Y.K.; Lau, J.; Zhaob, L. Demystifying
big data analytics for business intelligence through
the lens of marketing mix. Big Data Res. 2015, 2, 28–32.
[CrossRef]
22. Manyika, J.; Chui, M.; Brown, B.; Bughin, J.; Dobbs, R.;
Roxburgh, C.; Byers, A.H. Big Data: The Next Frontier
for Innovation, Competition, and Productivity; McKinsey
Global Institute: Washington, DC, USA, 2011.
23. Kang, M.; Kim, S.; Park, S. Analysis and utilization of big
data. J. Inf. Sci. Soc. 2012, 30, 25–32.
24. Liang, T.; Liu, Y. Research landscape of business
intelligence and big data analytics: A bibliometrics study.
Expert Syst. Appl. 2018, 111, 2–10. [CrossRef]
25. Tankard, C. Big data security. Netw. Secur. 2012, 7, 5–8.
[CrossRef]
26. Ram, J.; Zhang, C.; Koronios, A. The implications of big
data analytics on business intelligence: A qualitative
study in China. Procedia Comput. Sci. 2016, 87, 221–226.
[CrossRef]
27. Wang, L.; Alexander, C.A. Big data driven supply chain
management and business administration. Am. J.
Econ. Bus. Adm. 2015, 7, 60–67. [CrossRef]
28. Vera-Baquero, A.; Palacios, R.C.; Stantchev, V.; Molloy, O.
Leveraging big-data for business process analytics.

Learn. Organ. 2015, 22, 215–228. [CrossRef]
29. Tan, K.H.; Zhan, Y.Z.; Ji, G.; Ye, F.; Chang, C. Harvesting
big data to enhance supply chain innovation
capabilities: An analytic infrastructure based on deduction
graph. Int. J. Prod. Econ. 2015, 165, 223–233.
[CrossRef]
30. Miškuf, M.; Zolotová, I. Application of Business
Intelligence
Solution
s on Manufacturing Data.
In Proceedings of the 13th International Symposium on Applied
Machine Intelligence and Informatics,
Herl’any, Slovakia, 22–24 January 2015.
31. Luhn, H.P. A business intelligence system. IBM J. Res.
Dev. 1958, 2, 314–319. [CrossRef]
32. Vitt, E.; Luckevich, M.; Misner, S. Business Intelligence;
Microsoft Press: Redmond, WA, USA, 2002.
33. Turban, E.; Aronson, J.E.; Liang, T.P. Decision Support and
Intelligence Systems; Prentice-Hall: Upper Saddle
River, NJ, USA, 2005.
34. Van-Hau, T. Getting value from business intelligence

systems: A review and research agenda.
Decis. Support Syst. 2017, 93, 111–124.
35. Turban, E.; Volonino, L. Information Technology for
Management, 7th ed.; John Wiley & Sons, Inc.: New York,
NY, USA, 2010.
36. Larsona, D.; Chang, V. A review and future direction of
agile, business intelligence, analytics and data
science. Int. J. Inf. Manag. 2016, 36, 700–710. [CrossRef]
37. Chen, H.; Chiang, R.H.; Storey, V.C. Business intelligence
and analytics: From big data to big impact. MIS Q.
2012, 36, 1165–1188. [CrossRef]
http://dx.doi.org/10.1016/j.techfore.2017.10.005
tdwi.org
http://searchbusinessanalytics.techtarget.com/definition/big-
data-analytics
http://searchbusinessanalytics.techtarget.com/definition/big-
data-analytics
http://dx.doi.org/10.1016/j.cie.2017.11.017
http://dx.doi.org/10.1016/j.bdr.2015.02.006
http://dx.doi.org/10.1016/j.eswa.2018.05.018

http://dx.doi.org/10.1016/S1353-4858(12)70063-6
http://dx.doi.org/10.1016/j.procs.2016.05.152
http://dx.doi.org/10.3844/ajebasp.2015.60.67
http://dx.doi.org/10.1108/TLO-05-2014-0023
http://dx.doi.org/10.1147/rd.24.0314
http://dx.doi.org/10.1016/j.ijinfomgt.2016.04.013
38. Wixom, B.; Ariyachandra, T.; Douglas, D.; Goul, M.;
Gupta, B.; Iyer, L.; Kulkarni, U.; Mooney, J.G.;
Phillips-Wren, G.; Turetken, O. The current state of business
intelligence in academia: The arrival of
big data. Commun. Assoc. Inf. Syst. 2014, 34, 1–13.
39. Bala, M.; Balachandran, S.P. Challenges and benefits of
deploying big data analytics in the cloud for business
intelligence. Procedia Comput. Sci. 2017, 112, 1112–1122.
40. Davenport, T.H. How strategists use ‘big data’ to support
internal business decisions, discovery and
production. Strat. Leadersh. 2014, 42, 45–50. [CrossRef]

41. Narayanan, V. Using big-data analytics to manage data
deluge and unlock real-time business insights.
J. Equip. Lease Financ. 2014, 32, 1–7.
42. Erevelles, S.; Fukawa, N.; Swayne, L. Big data consumer
analytics and the transformation of marketing.
J. Bus. Res. 2016, 69, 897–904. [CrossRef]
43. Lazer, D.; Kennedy, R.; King, G.; Vespignani, A. The
parable of Google flu: Traps in big data analysis. Science
2014, 343, 1203–1205. [CrossRef] [PubMed]
44. Zhong, R.Y.; Huang, G.Q.; Lan, S.; Dai, Q.Y.; Chen, X.;
Zhang, T. A big data approach for logistics trajectory
discovery from RFID-enabled production data. Int. J. Prod.
Econ. 2015, 165, 260–272. [CrossRef]
45. Marcos, D.; Assunção, R.N.; Calheiros, S.B.; Marco, A.S.;
Netto, R.B. Big data computing and clouds:
Trends and future directions. J. Parallel Distrib. Comput. 2015,
79, 3–15.
46. Kim, Y. Enterprise innovation through the introduction of
big data-based advanced analysis system: Case and

methodology. IE Mag. 2013, 20, 43–49.
47. Wang, G.; Gunasekaran, A.; Ngai, E.W.T.; Papadopoulos, T.
Big data analytics in logistics and supply chain
management: Certain investigations for research and
applications. Int. J. Prod. Econ. 2016, 176, 98–110.
[CrossRef]
48. Queiroz, M.M.; Telles, R. Big data analytics in supply chain
and logistics: An empirical approach. Int. J.
Logist. Manag. 2018, 29, 767–783. [CrossRef]
49. Hopkins, J.; Hawking, P. Big data analytics and IoT in
logistics: A case study. Int. J. Logist. Manag. 2018, 29,
575–591. [CrossRef]
50. Korean Statistical Information Service. 2018. Available
online: http://kostat.go.kr/portal/korea/index.
action (accessed on 18 October 2018).
51. Jo, Y.; Yoon, M. Analysis of courier service market of
South Korea. Korea Technol. Innov. Soc. 2001, 245–270.
52. Ho, J.S.Y.; Teik, D.O.L.; Tiffany, F.; Kok, L.F.; The, T.Y.
Logistic Service Quality among Courier Services in

Malaysia. In International Conference on Economics, Business
Innovation, IPEDR; IACSIT Press: Singapore, 2012;
Volume 38, pp. 113–117.
53. Lee, C. A study on the strengthening competitiveness of
railway logistics business with the growth of the
courier business. J. Vocat. Rehabil. 2002, 25, 75–95.
54. Park, Y. A study on the domestic express courier service’s
present situation and further theme in the era of
e-commerce. Korean J. Bus. Adm. 2003, 39, 1425–1444.
55. Jung, J.; Kim, C. A Study on Quality Improvement of
Courier Service Using Quality Function Deployment.
In Proceedings of the Conference of the Korean Society of
Business Administration, Seoul, Korea, 24–25
November 2015; pp. 451–468.
56. Davis, F.D. Perceived usefulness, perceived ease of use, and
user acceptance of information technology.
MIS Q. 1989, 13, 361–391. [CrossRef]
57. DeLone, W.H.; McLean, E.R. Information system success:
The quest for the dependent variable. Inf. Syst. Res.
1992, 3, 60–92. [CrossRef]

58. Kim, W.; Lim, S.; Park, S. Transportation plan of trunk
transport problem with small quantity. Ind. Eng. 2000,
13, 471–478.
59. Visser, E.J.; Lanzendorf, M. Mobility and accessibility
effects of b2c E-commerce: A literature survey. J. Soc.
Econ. Geogr. 2004, 95, 189–205.
60. Jeong, K.; Goh, C.; Shin, J. Model for the assignment and
scheduling of container transport vehicles.
Logist. Res. 2005, 13, 141–154.
61. Goh, C.; Min, H. Cargo terminal capacity and order deadline
time decision in courier service. Logist. Res.
2006, 14, 43–58.
62. Sherif, H.L.; Fattouh, M.; Issa, A. Location/allocation and
routing decisions in supply chain network design.
J. Model. Manag. 2006, 1, 173–183.
http://dx.doi.org/10.1108/SL-05-2014-0034
http://dx.doi.org/10.1016/j.jbusres.2015.07.001
http://dx.doi.org/10.1126/science.1248506
http://www.ncbi.nlm.nih.gov/pubmed/24626916

http://dx.doi.org/10.1108/IJLM-05-2017-0116
http://dx.doi.org/10.1108/IJLM-05-2017-0109
http://kostat.go.kr/portal/korea/index.action
http://kostat.go.kr/portal/korea/index.action
http://dx.doi.org/10.1287/isre.3.1.60
63. Lim, H.; Lim, J.; Lee, H. An exploratory study on the
effective operation of the logistics network for courier
service by the growth of online shopping. Korea Mark. J. 2007,
9, 97–129.
64. Park, S.; Kang, Y.; Suh, Y. A study on the success factors
of using wireless Internet system in logistics/courier
service companies. Inf. Syst. Res. 2009, 18, 127–150.
65. Kim, S.; Choi, Y. Impact of logistics information
technology on the satisfaction of courier service. J. Korea Port
Econ. Assoc. 2011, 27, 91–112.

66. Data Analysis, Retrieval, and Transfer System (DART) of
Financial Supervisory Service; Understanding of CJ and
Logistics Industry; CJ Group: Seoul, Korea, 2018.
67. Lee, S.; Jeong, I. A case study on comparative analysis of
courier service information system. Bus. Intell. Res.
2009, 28, 1–24.
68. Korea Consumer Agency. Use of Courier Service and
Survey; Korea Consumer Agency: Seoul, Korea, 2000.
69. Choi, K. System thinking for increasing the operational
efficiency of courier service network. Korean Syst.
Dyn. Res. 2011, 12, 89–114.
© 2018 by the authors. Licensee MDPI, Basel, Switzerland.
This article is an open access
article distributed under the terms and conditions of the
Creative Commons Attribution
(CC BY) license (http://creativecommons.org/licenses/by/4.0/).
http://creativecommons.org/
http://creativecommons.org/licenses/by/4.0/.Introduction
Literature Review Toward an Integrated Understanding of Big
Data, BDA, and BI In-Depth Research through Case Studies

Practical Business Application Courier Service Overview Case
Study: CJ Logistics Data and Methodology Simulation and
Adoption Result Discussion and Conclusions References
Malicious individuals have discovered several methods to attack
and defeat cryptosystems. It's important that understand the
threats posed by cryptographic attacks to minimize the risks to
your network systems.
Identify one cryptographic attack and how you can protect
against it.
Response Guidelines
Participants must create a thread in order to view other threads
in this forum.
Main Post is due by the end of Wednesday (250 words).
2 Responses (100 words) using at least one of the following:
· Ask a probing question.
· Offer a suggestion.
· Elaborate on a particular point.
· Provide an alternative opinion.
Review and summarize the attached journal article within
4 pages (does not include Title page, abstract and reference
page). Do not use outside sources "only this article". You may
use the article review template to guide you, however, your

submission must be in full APA format.
· Title page with the Running head:
· Abstract
· Body (4 pages)
. Conclusion
· Reference (1)
Reading and summarizing a research article:
Authors’ last names (year) conducted a study about
________________________. The participants were/the setting
was ___________________________. (New paragraph) The
findings were _____________________________. Discussion.
(Possibly a new paragraph) The authors suggested
_____________________. Discussion.
Students should fill in the blanks with their own words. To copy
directly from the article fails to show comprehension and
considered plagiarism.
To “fill in the blanks”, a student should read the journal article
and pay specific attention to:
Sentence #1- Authors’ last names (year) conducted a study
about _________________.
· Read the Abstract; this will give an overview of the study’s

(article’s) purpose.
· Read the entire article without trying to summarize it.
· Go back and read the Literature Review or Background section
of the article. Toward the end of the section, the authors should
identify gaps in the existing literature and tell the reader how
the current study will fill that gap. The authors will also state
their hypothesis (purpose) at the end of this section.
·
Section #2 - The participants were/the setting was
___________________________.
· Read the Methods section of the paper. In this section, the
authors will describe how the data was collected, who was
included in the sample, and any instruments used.
· A reader might want to consider sample size, demographic
characteristics, or any interesting protocol.
· It is not necessary to report every fact (i.e., 35% of the
participants were male, 71%)
Section #3 - The findings were
_____________________________.
· Read the Findings section of the article.
· Some statistics may be confusing. Pay attention to key words
such as “increased”, “decreased”, “improved”, and “reduced”.
· “No change” may also be considered a significant finding.

· Next, read the Discussion section. The authors will present the
findings in general terms. Section #4 - The authors suggested
_____________________.
· Read the Discussion section and look for comments that the
authors made about the intervention or program such as “Did it
work?” or “Should it be continued?”.
· Look for the author’s critique of why the study did or did not
produce results. Did anything unexpected influence the
findings?
· The author may suggest a future line of research or “next
steps” to improve the body of knowledge.
Additional Considerations:
· A literature review is a summary of what research has been
completed in a topic area; it should be summarized in your own
words.
· Read the entire article first and then go back and take notes.
Jot down notes in your own words. This increases
comprehension as well as decreases the likelihood of
plagiarism.
· The review is written in third person; no “I” or “you”.
· Not every detail or fact needs to be reported. A reader will
obtain a copy of the article if more information is needed.
· Write the literature review in the past tense; the research has
already been completed.

· The article cannot “do”, “find”, or “say” anything. The authors
are the people who conducted the study.
· The above format is a guideline. It may be necessary to change
the verbs or to expand an idea.
Abstract
Voice over Internet Protocol (VoIP) is an advanced
telecommunication technology which transfers the voice/video
over
high speed network that provides advantages of flexibility,
reliability and cost efficient advanced telecommunication
features. Still the issues related to security are averting many
organizations to accept VoIP cloud environment due to
security threats, holes or vulnerabilities. So, the novel secured
framework is absolutely necessary to prevent all kind of
VoIP security issues. This paper points out the existing VoIP
cloud architecture and various security attacks and issues
in the existing framework. It also presents the defense
mechanisms to prevent the attacks and proposes a new security
framework called Intrusion Prevention System (IPS) using video
watermarking and extraction technique and Liveness

Voice Detection (LVD) technique with biometric features such
as face and voice. IPSs updated with new LVD features
protect the VoIP services not only from attacks but also from
misuses.
A Comprehensive Survey of Security Issues and
Defense Framework for VoIP Cloud
Ashutosh Satapathy* and L. M. Jenila Livingston
School of Computing Science and Engineering, VIT University,
Chennai - 600127, Tamil Nadu, India;
[email protected], [email protected]
Keywords: Defense Mechanisms, Liveness Voice Detection,
VoIP Cloud, Voice over Internet Protocol, VoIP Security Issues
1. Introduction
The rapid progress of VoIP over traditional services is
led to a situation that is common to many innovations
and new technologies such as VoIP cloud and peer to
peer services like Skype, Google Hangout etc. VoIP is the
technology that supports sending voice (and video) over
an Internet protocol-based network1,2. This is completely
different than the public circuit-switched telephone net-
work. Circuit switching network allocates resources to

each individual call and path is permanent throughout
the call from start to end. Traditional telephony services
are provided by the protocols/components such as SS7, T
carriers, Plain Old Telephone Service (POTS), the Public
Switch Telephone Network (PSTN), dial up, local loops
and anything under International Telecommunication
Union. IP networks are based on packet switching and
each packet follows different path, has its own header and
is forwarded separately by routers. VoIP network can be
constructed in various ways by using both proprietary
protocols and protocols based on open standards.
1.1 VoIP Layer Architecture
VoIP communication system typically consist of a front
end platform (soft-phone, PBX, gateway, call manager),
back end platform (server, CPU, storage, memory, net-
work) and intermediate platforms such as VoIP protocols,
database, authentication server, web server, operating sys-
tems etc. It is mainly divided into five layers as shown in
Figure1.
1.2 VoIP Cloud Architecture
VoIP cloud is the framework for delivering telephony
services in which resources are retrieved from the
cloud data center through web applications and soft-

ware, instead of a direct link to server3. Information and
applications are stored on cloud servers in a distributed
fashion. Apart from cloud computing characteristics
such as on demand service, resource pooling, opti-
mize resource allocation, pay as you go, elasticity and
scalability4,5, VoIP cloud contains mainly six components
as shown in Figure 2.
*Author for correspondence
Indian Journal of Science and Technology, Vol 9(6), DOI:
10.17485/ijst/2016/v9i6/81980, February 2016
ISSN (Print) : 0974-6846
ISSN (Online) : 0974-5645
A Comprehensive Survey of Security Issues and Defense
Framework for VoIP Cloud
Indian Journal of Science and Technology2 Vol 9 (6) | February
2016 | www.indjst.org
1.2.2 DHCP Server

It is used for dynamically distributing network configu-
ration parameters such as Internet Protocol (IP) address,
address of TFTP server etc.
1.2.3 Application Server
These servers are designed to install, host and operate
applications and provide services to end users, IT
industries and organizations.
1.2.4 Time Server
The main principle of time server is to maintain syn-
chronization over the network. The actual time from
server clock is distributed to its clients using a computer
network.
1.2.5 TFTP Server
It helps to update the network configuration used by the
phones, routers, firewalls and perhaps provide a setting
file that might contain operational parameters for VoIP
network. e.g., software updates, codec used in a particular
region.
1.2.6 Intrusion Prevention System (IPS)
It monitors networks and systems behavior for malicious
instances. The major roles of intrusion prevention sys-

tems are to find out suspicious instances and their log
information, try to block/stop them and report to con-
cern admin.
2. Literature Review
VoIP technology was started in February 1995 by
Vocaltec, Inc. in Israel. It transfers the voice over high
speed network, cheaper comparing to PSTN and reach-
able to everywhere through internet by loon developed by
Google with 4G LTE speed6.
2.1 VoIP Security Issues
VoIP transfers the voice over the data network through
different network elements such as switches and rout-
ers. Connecting PSTN to internet i.e. VoIP as a carrier
for voice/video traffic, the security problems are not only
common in circuit switch network (PSTN, POTS) such
as eavesdropping (tapping) and toll fraud attack but also
15
42. Liao HJ, Lin CHR, Lin YC, Tung KY. Intrusion detection
system: A comprehensive review.
Journal of Network and Computer Applications. 2013;

36(1):16–24.
43. Audiopedia. Honeypot (computing). Available from:
https://www.youtube.com/watch?v=2fXAw33jOBk. [Cited 2014
Dec].
44. Goel R, Sardana A, Joshi RC. Wireless honeypot:
framework, architectures and tools.
International Journal of Network Security. 2013; 15(5):373–83.
45. Li Z, Grochulla M, Thormahlen T. Multiple active speaker
localization based on audio-
visual fusion in two stages. Proceedings IEEE International
Conference on Multisensor
Fusion Integration Intelligence Systems (MFI); Hamburg:
Germany; 2012. p. 262–68.
46. Zhu ZY, He QH, Feng XH, Xiongli Y, Wang ZF. Liveness
detection using time drift
between lip movement and voice. Proceedings IEEE
International Conference on Machine
Learning Cybernetics (ICMLC); Tianjin: China; 2013. p. 973–
78.
47. Chetty G. Biometric liveness detection based on cross modal

fusion. IEEE 12th International
Conference on Information Fusion (FUSION). Seattle: WA;
2009. p. 2255–62.
Figure 1. VoIP layer architecture.
Figure 1. VoIP layer architecture.
16
Figure 2. VoIP cloud architecture.
Figure 3. Proposed VoIP cloud architecture.

Figure 4. Video watermarking scheme for signaling message.
1.2.1 Call Server
Phones are registered with this component. It handles
security and admission control while connecting the
phones. The Voice data of a call carried by the transport
protocol may or may not flow through the call server.
Ashutosh Satapathy and L. M. Jenila Livingston
Indian Journal of Science and Technology 3Vol 9 (6) | February
problems related to IP network. Security issues in VoIP
are broadly classified into three categories.
2.1.1 Real Time Issues
From last decade onwards, VoIP is used for several illegal
activities such as hacking, terrorism, match fixing etc.
Recently in October 2014, phone Hackers had broken

into the phone network of the company, Foreman Seeley
Fountain Architecture and routed $166, 000 worth of
calls from the firm to premium rate telephone numbers
in Gambia, Somalia and Maldives. It would have taken
34 years for the firm to run of those charges legitimately,
based on its typical phone bill.
2.1.2 Network Related Issues
Attacks related to destroy, block, expose, alter, disable,
steal or gain unauthorized access to information in VoIP
network (e.g. threats include social, denial of service, ser-
vice abuse, physical access, interruption of service etc.) are
listed in Table 1 followed by different types of attacks7,8.
2.1.3 Voice Related Issues
As VoIP system carries voice traffic, so victim’s voice can
be mimicked by an attacker/intruder. A talking and sing-
ing robot that mimics human vocalization, developed
by M. Kitani, Kagawa University is vulnerable to VoIP
communication9.
2.2 VoIP Attacks
This section deals with different types of VoIP attacks.
2.2.1 Physical Attacks

The attacker performs this attack by stealing, breaking
network equipment or direct control over equipment by
getting unauthorized access to prohibited area for seeking
of information. Some of the physical attacks are dumpster
diving, shoulder surfing, hardware key logger and overt
access etc. It can be prevented by keeping the documents
and records safely inside locker and electronic equipment
must be password protected. At last, outer layer security
can be provided by deploying security guards at enter and
exit points.
2.2.2 MAC Spoofing
The technique of masking a MAC address upon actual
MAC address through software emulation is known as
MAC spoofing. Here the hacker’s system is taken over
MAC address of one of the node which is already config-
ured and permitted as VoIP end device by disconnecting
or turning off it from rest of the network. It can be pre-
vented by number of ways10. When ARP packet arrives,
direct extraction of MAC address from LAN card and
from OS registry; Compare the MAC address of LAN
card with OS. If it doesn’t match, then delete the entry
from OS registry. Lock down the system by registering its
MAC address with a DHCP IP address. At last secure the

communication channel by encrypting it.
2.2.3 ARP Spoofing
Hacker spreads forgery Address Resolution Protocol
(ARP) packets inside VoIP network by modifying ARP
buffer. Here, attacker binds own system MAC address
with IP address of genuine server which causes the traffic
imply for server is diverted to attacker. It advances hacker
Table 1. VoIP network threats classification
Threat Type Description
Social threats These threats point straight against
individuals such as misconfigurations,
security holes or defective protocol
implementation in VoIP system. (e.g.,
Phishing, Theft of identity or Service,
Social engineering, Spam etc.)
Eavesdropping,
interception
and
modification

threats
These threats include illegal/ Un-
authorization access and modification
of signaling and transport message.
(e.g., Call rerouting, interception of RTP
sessions etc.)
Denial of
service threats
DoS threats repudiate individual access to
VoIP services. DDOS attacks strike all of
user’s or business transmission potentials.
(e.g., SYN/UDP floods, ICMP floods, etc.)
Service abuse
threats
These threats cause inappropriate utilization
of VoIP services when those facilities are
provided for business purposes. (e.g., toll
fraud and billing avoidance etc.)

Physical access
threats
These threats are illegal physical access to
VoIP devices or physical layer of the VoIP
network. (e.g., Hardware key logger, theft
of media, retrieval of discarded stuffs etc.)
Interruption of
services threats
These threats cause VoIP services/
facilities to unviable and unavailable.
(e.g., power loss due to bad climate,
resource consumption due to over
purchase/ extra subscription, issues that
degenerate call quality etc.)

not only listen to VoIP calls but also reply and terminate
the VoIP calls intended for other. ARP poisoning followed
by denial service threats or eavesdropping, interception or
modification threats which cause severe damages to vic-
tim. So, Enhanced ARP can be implemented to prevent
ARP spoofing11.
2.2.4 IP Spoofing
Attacker gets into the VoIP network by tricking the IP
address of any authorized machine which helps him to
spread malicious message inside the network. IP spoofing
helps attacker to launch further attacks such as DoS attack,
theft of services, toll fraud etc. by impersonating autho-
rized host inside VoIP network. Basically IP spoofing can
be prevented with maximum probabilities by configuring
broader gateway router. First, router disallows incom-
ing packets for destination address coming from source
address within one network. Second, router disallows to
send packets from local network to another; those don’t
have source addresses within that local address range.
Y. Ma developed an effective trace route based method
for counter measure against IP spoofing and it is worked
with trusted adjacent nodes information i.e. acceptance of
packets for a node is completely depends upon trace route

result from its adjacent nodes12.
2.2.5 ICMP Flood
Internet Control Message Protocol (ICMP) is one of the
network layer protocols that carry error and query mes-
sages sent by either intermediate nodes or end node.
Attacker tries to overflow the receiver cache by flood the
respective node with ICMP packets. It forces the node to
drop successive ICMP packets until free space available
at node’s cache even if request packets come from genu-
ine node. Routers are configured to set optimum points
for traffic coming from different networks. It will help the
routers to not only block unnecessary ICMP packets by
matching ICMP requests and responses but also prevent
cache overflow. The VoIP system must be configured sepa-
rate VLAN for packets originating within a single network
which are monitored by firewall. Barbhuiya et al. have
developed an error detection framework to identify dif-
ferent types of ICMP attack13. It consists of two modules.
Verification module verifies origination of ICMP packets
and Congestion check module extracts bandwidth utili-
zation information using Simple Network Management
Protocol (SNMP).
2.2.6 TCP/ UDP Floods

In TCP flooding attack, hacker creates huge number of SYN
packets with abnormal source IP addresses and sends to
receiver. Receiver node allocates space in its Transmission
Control Buffer (TCB) to each SYN requests. In response
to SYN packets, receiver sends SYN+ACK packets and
waiting for ACK packets. The SYN+ACK packets carry
abnormal IP addresses cause failure to receive ACK
packets which prevents receiver node to clear TCP SYN
requests from buffer and buffer to overflow later. Attacker
can use TCP flood attack against VoIP signaling protocol
such as H.323 and SIP; as both are connection oriented
protocols. Haris et al. have succeed to detect TCP flood
attack in communication by analyzing payload and unus-
able area of the HTTP protocol (e.g., port, flags, source IP,
header length)14.
In UDP flood attack, large number of UDP packets
are created with arbitrary source addresses and port num-
bers and then sends to victim node. Receiver node will
check whether any processes are running on those ports
and find most of the ports are closed. In reply, receiver
node creates large number of destination unreachable
packets. Increase the number of ICMP packets causes
the victim node and the network to overflow. The UDP
flood attack prevents genuine nodes to communicate the

victim node at a particular span of time. Attacker can
use UDP flood attack against VoIP transport protocol
such as RTP and RTCP; as both are connection less pro-
tocol. Bardas et al. proposed a proportional packet rate
assumption technique to differentiate UDP traffic for
detecting forge IP addresses responsible for UDP flood
attacks15.
2.2.7 TCP/ UDP Replay
First, attacker tries to obtain network sensitive information
such as session cookies, password, voice data, signal-
ing data. The information captured by sniffing tools can
be used by attacker to take over the ongoing session.
Sometime victim’s voice can be impersonated by directly
playing back recorded voice data or slightly modifying
voice data and send to destination which helps the hacker
to retrieve more information between caller and callee.
Encrypt the sessions is the best way to stop penetration.
Ali et al. proposed an enhanced port knocking technique
to block TCP replay and port scanning attacks16. It is
worked on source port sequences authentication instead
of destination port sequence number.

2.2.8 SIP Registration Hijacking
VoIP phones use SIP or other signaling protocols to
register own MAC and IP addresses with call server. In
the reply, each phone will get unique call ID which allows
it to make or receive VoIP call. Attacker tries to capture
registration packets and replaces MAC address from
the packets with own MAC address. It helps the rogue
node to register with victim IP address which causes call
intending for victim node will be forwarded to attacker.
SIP registration hijacking allows burglars to track, block
and manipulate voice traffic. As end node registration is
based on TCP connection, attack will be prevented by
implementing SSL/TLS security policies 17.
2.2.9 Malformed Packets
The hacker creates malicious packets and forwards them
to nodes inside VoIP networks with the help of networking
protocols. The target node processes those packets, causes
open unnecessary ports and processes which degrade per-
formance of the nodes to handle VoIP traffic. New patches

and software will be installed to maintain the node up-to-
date and shutdown the security holes which are vulnerable
to attack. New generation firewalls must be installed to
provide protection against vulnerable packets by filtering
packets based on inbound rules, outbound rules and con-
nection security rules. Geneiatakis et al. have succeeded
in developing a framework that provides defense against
malformed packets for VoIP infrastructure18. The detec-
tion mechanism is based on signature detection which
consists of two parts. First one, general signature detec-
tion (e.g., SIP METHOD, SIP URI, HEADERS) applicable
to all the packets and second one is method specific (e.g.,
CALL-ID, Content-Type, INVITE _METHOD) differ
from packets to packets.
2.2.10 SIP Message Modification
In message modification attack, by running network
sniffing tools (e.g.,Wireshark), attacker penetrates traffic
and tries to modify signaling message for better control over
the VoIP network. Suppose a user initiates a call to victim’s
phone by sending SIP message to call server. Modification
of SIP messages confuses and forces the server to connect
rogue phone. User knows that he is connected to one user
but actually the traffic is routed to attacker. SIP message
modification is carried out by performing MITM attack

such as MAC spoofing, IP spoofing or ARP poisoning. As
SIP and RTP packets transmission are taken place over
TCP and UDP connection; VoIP traffic must be encrypted
by implementing SSL/TLS to prevent this attack17.
2.2.11 SIP Cancel/ Bye Attack
Host (zombie) must be configured in promiscuous mode
to lunch attack into VoIP network by sending SIP Cancel
or Bye packets. Abnormal packets are created and sent
to an IP phone from its connected IP phone by spoofing
its IP address which will proceed to terminate the ongo-
ing call. Attacker can perform this attack continuously
for certain period of time by spoofing more than one IP
addresses which causes denial of service attack. As both
signaling and transport protocols use no authentication
prior to data transmission, so, this attack can be prevented
by encrypt the communication channels. Second, provide
authentication between end device and call server and at
last verification of authenticity of signaling message by
end devices before processing 19.
2.2.12 SIP Malformed Command
In web based VoIP communication (e.g. Facebook,
Google Hangout), Hyper Text Markup Language (HTML)

plays a major role as it carries all the signaling informa-
tion/ command in its body. Parsing SIP command within
HTML code for all possible input is really a headache.
Attacker tries to inject malformed SIP command in input
field and send to server for processing as like SQL injec-
tion. In response either it breaks the server authentication
or degrades the performance of server and end devices.
In counter measure, whether packets are coming from
genuine user or not will be confirmed by call server by
verifying authenticity of SIP message before processing.
Dictionary and fuzzy tests must be performed on HTML
code that filtered tricky SIP malformed packets used to
exploit server. M. Su and C. Tsai propose two functions
to resists malformed SIP packets and flooding attack on
call servers20. First function filters malformed packets
and second one uses Chi-square test to measure flooding
attack on SIP server.
2.2.13 SIP Redirect
Call server cache maintains data structure of Phone’s
caller ID, corresponding MAC and IP address. Attacker
manipulates call server cache to confuse the call server
for call redirection. So, SIP packets coming for receiver
are redirected to attacker specified number. Attacker can
perform DoS and DDoS attack by redirecting a single call

or all the calls to void device(s). So, call server must be
strong password protected and SIP must be authenticated
to prevent redirection attack19.
2.2.14 RTP Payload
Captured packets will be played later to listening the
conversation between the end users using sniffing tools.
Attacker can insert own voice inside RTP payload
which degrade the quality of conversation and some-
time changed in the meaning of conversation. In RTP
tampering, header fields (sequence number, synchroni-
zation source Identifier, payload type, timestamp etc.)
are tampered which make the packets either unusable
or delayed, causes rejection at receiver end. In RTP redi-
rection, header field of packets are modified with other
receiver caller id and IP address causes packets intending

for one will go to other. It can be prevented by configuring
VoIP network with Secure Real-Time Transport Protocol
(SRTP) instead of RTP21. It will encrypt the RTP packets
propagate between callers.
2.2.15 Buffer Overflow
Buffer is the temporary storage allocated by OS in physical
memory for processing data by computer program. Buffer
is mainly divided into four types such as code, data, stack
and heap segments. Attacker tries to perform buffer over-
flow attack by targeting at least one of the segments. It
helps to steal or modify the sensitive information or install
malicious code and execute it. Buffer overflow attacks are
mainly executed by four ways such as long jump, function
activation record, pointer subterfuge and malicious code
execution. It can be defended by writing secure code,
performing bound checking or static and dynamic code
analysis and runtime code instrumentation22.
2.2.16 Operating System
In VoIP communication network, IP phones, Call server,
TFTP server, gateway and DHCP server etc. requires
OS (e.g., Windows, Linux, Mac) to run. So, vulnerabili-
ties in OS make them vulnerable23. OS vulnerabilities
in VoIP phones are mainly of two types. Hard phones

have in build embedded OS which is less vulnerable
and more protected than soft phones. VoIP soft phones
are software packages which are installed on computers
connected to data network. Old hardware, unsupported
drivers, bad integration of APIs, unsecure administrator
APIs expose OS to attack. Like IP phones, web server
OS, DHCP server, and call manager can be exploited
by attacker for seeking of sensitive and crucial infor-
mation (e.g., password, IP table, VoIP configuration
file). As default configuration of OS is not secure, it is
exposed to malwares to install. Its execution opens well
known ports which helps attacker to run abnormal pro-
cesses (e.g., free call, toll fraud). It can be pre-empted by
hardening OS24.
2.2.17 Malwares
A vulnerable piece of executable codes or program used
by unknown third party to install in VoIP network and
bring down its performance by hook or crook. Malicious
programs or malwares are mainly classified as two cat-
egories, first one simple malwares and second one is
self-replicated malwares25. Logic bomb and Trojan horse
are come under non self-replicated/simple malware. Self-
replicating malware such as virus and worm, who spread

its infection over the network within few hours or days.
Trojan horses are dispatched over network for remote
control over victim VoIP phones. Logic bomb helps the
attacker to trigger other dangerous attacks (DoS, DDoS,
sniffing etc.) in timely manner. It will be prevented by
installing updated antivirus and patching up VoIP system
software on regular basis.
2.2.18 Application Flaws
As most of the VoIP communications are web based,
it’s vulnerable to two major application flaws such as
Structured Query Language (SQL) Injection attack and
cross site scripting attacks. In SQL Injection attack, mali-
cious commands are inserted in SQL statements to gain
unauthorized access to server database. It can be prevented
by implementing three primary defense mechanisms
such as defensive coding, SQL injection vulnerabilities
detection and runtime SQL injection attack prevention26.
In cross site scripting attack, hacker uses the advantages
of scripting languages to launch attack by injecting mali-
cious code inside the web application. It can be prevented
by configuring strong authentication and validation for
web based VoIP application27.
2.2.19 TFTP Server Insertion

Hacker tries to plant rouge TFTP server in the network
by disabling/ spoofing actual TFTP server. It forces IP
phones to receive wrong configuration information (e.g.,
Call ID, SIP server IP address and phone number) which
may provoke bill fraud attack. It will be prevented by
encrypting and authenticating the channel between IP
phones and TFTP server using TLS/ SSL. N. N. Mohamed
et al. suggested compression and encryption technique
to secure TFTP packets28. For compression, lossless
algorithm (e.g., Huffman coding) and for encryption,
symmetric encryption algorithm (e.g., AES, 3-DES) is
used. Diffie-Hellman Key Exchange algorithm is used for
distribution of symmetric key between client and server.
2.2.20 DHCP Server Starvation
Attacker generates random MAC addresses and creates
DHCP request for each MAC address. By flooding DHCP

server with DHCP requests, consumes DHCP IP pool
and to overflow later. It is to be continued until reserved
IP addresses DHCP timers will be expired. Dinu and
Togan proposed digital certificate based DHCP server
authentication to stop DHCP server starvation attack29. It
uses asymmetric key cryptography and digital certificates
for DHCP server authentication and verifying DHCP
response from it to prevent starvation.
2.3 Defense Mechanisms to Prevent Attacks
Defense mechanisms provide basic counter measures to
prevent potential VoIP attacks explained above are broadly
classified into twelve types and listed in Table 2 7,30.
2.3.1 Physical Access Control (PAC)
Physical securities can be implemented mainly three
ways31. First, equipment should be placed and surrounded
by multi-layer barriers, which will prevent from natu-
ral disasters like cyclone, floods etc. (e.g., wall, multiple
locks, fireproof safes etc.). Second, deployment of surveil-
lance systems such as smoke and heat detectors, cameras,
alarms that decreases occurrences of manmade disasters
with maximum amount. At last, practices must be imple-
mented to prevent before any attack has been occur and
fast recovery from damages, if any attack has occurred.

2.3.2 ARP Cache Protection (ACP)
Static ARP cache entries allow maintaining manual
mapping between IP address to MAC address so that
Table 2. Defense mechanisms against attacks
Attacks
Defense
Mechanisms
1.
Ph
ys
ic
al
A
tt
ac
ks

2.
M
A
C
S
po
ofi
ng
3.
A
R
P
Sp
oo
fin
g

4.
IP
S
po
ofi
ng
5.
IC
M
P
Fl
oo
d
6.
T
C
P/

U
D
P
Fl
oo
ds
7.
T
C
P/
U
D
P
R
ep
la

y
8.
S
IP
R
eg
is
tr
at
io
n
H
ija
ck
in
g

9.
M
al
fo
rm
ed
P
ac
ke
ts
10
. S
IP
M
es
sa
ge

M
od
ifi
ca
tio
n
11
. S
IP
C
an
ce
l/
By
e
A

tt
ac
k
12
. S
IP
M
al
fo
rm
ed
C
om
m
an
ds

13
. S
IP
R
ed
ir
ec
t
14
. R
T
P
Pa
yl
oa
d

15
. B
uff
er
O
ve
rfl
ow
16
. O
pe
ra
tin
g
Sy
st
em

17
. M
al
w
ar
es
18
. A
pp
lic
at
io
n
Fl
aw
s

19
. T
FT
P
Se
rv
er
In
se
rt
io
n
20
. D
H
C
P

se
rv
er
S
ta
rv
at
io
n
PAC √
ACP √
OSP √ √ √ √
PA √ √ √ √ √ √ √ √ √ √ √ √ √ √ √ √ √
RC √ √
FC √ √ √

SVDT √ √ √ √ √ √ √ √ √ √ √ √ √ √ √ √
CA √ √
SA √ √ √ √ √ √ √
ME √
IDS √ √ √ √ √ √ √ √ √ √ √ √ √ √ √
Honeypot √ √
reply packets are discarded. ARP anti-spoofing software
ignores ARP spoofing packets by it certification or
crosschecking of its responses. It can be integrated with
Dynamic Host Configuration Protocol (DHCP) server, so

that all static and dynamic IP addresses are certified before
used. Operating system security is provided by configur-
ing its registry files that prevent burglar to update ARP
cache. Registries files are found under HKEY_LOCAL_
MACHINESYSTEM folder. Yang, Yang and Ding
proposed a WinPcap driven system that monitors all ARP
packets for ARP spoofing32. WinPcap driver captures and
monitors the packets to verify whether the IP-MAC map-
ping is legal or not by checking packets coming from legal
hosts, before update the cache.
2.3.3 Operating System (OS) Protection (OSP)
OS protection requires vulnerability assessment and
management techniques such as patching OS holes, OS
hardening, updating security software, OS auditing, proper
priviligation to user accounts etc. Kaczmarek and Wrobel
proposed integrity checking and recovery (ICAR) protec-
tion model comprises of three layers and it’s responsible
for hash creation, verification and configuration of secu-
rity policies33. Data layer consists of sensitive information
and database that contains hashes and backup of highly
sensitive information. Kernel layer manages verification
of data integrity, authenticity and confidentiality. Utility
layer is responsible for configuring security policies and
controlling the host.

2.3.4 Port Authentication (PA)
Strong port authentication can provide defense against
interception, interruption and modification of traffic,
interoperability between old and new network protocols
and prevent malicious software execution. IEEE 802.1X
port based authentication supplies security credentials
such as user id, password or digital certificate to legal
user34. User has to use the credential for verification,
before access the resources. If server verifies the creden-
tials are valid, user is permitted to utilize the resources.
deGraaf, Aycock and Jacobson explained port knocking
where authentication data is communicated throughout
network ports to prevent unauthorized access35.
2.3.5 Router Configuration (RC)
Fraudulent route update packets are blocked by
configuring neighbor configuration. The configuration
is available in the following routing protocols such as
Boarder Gateway Protocol (BGP), DRP Server Agent,
Intermediate System-Intermediate System (IS-IS)
etc. Sehgal and Nath proposed secure routing proto-
col which has two phases36. In route discovery phase,
Source node initiates a request to discover a route from

source to destination. Route unitization phase, source
selects one of the route and the destination has to con-
firm that route by sending reply packet to source. Source
sends predecessor packet to notify intermediate nodes
on the route that they should anticipate certain amount
of data within a given time. When this packet reaches at
destination, source receives an acknowledgement from
destination. If not, there is a malicious user in between
the path.
2.3.6 Firewall Configuration (FC)
Firewalls mainly configured into three types such as
packet filters, stateful inspection and application proxy.
Packet filter monitors all the packets header fields such
as source and destination address, port number and pro-
tocol used based on predefined rules. Stateful inspection
firewall tracks network connection state and differentiate
packets based on the type of connection. It is also called
dynamic packet filtering firewall and its fail to examine
the content of the payload. Application proxy firewall
allows the entire traffic pass through a proxy server, which
verifies packets header including its content at application
level for any malicious activities. Chacon, Benhaddou and
Gurkan proposed Virtual Private Network (VPN) based
firewall that provides more security to Boarder Gateway

Router (BGR) by making voice information less vulner-
able to both inside and outside attack37.
2.3.7 Separate VoIP Data Traffic (SVDT)
In VoIP communication, both voice and data share
common medium for transmission which raises threats
against voice. Butcher, Li and Guo proposed separation
of voice from normal data flow can block a number of
attacks which are vulnerable to FTP, HTTP and SMTP
etc. 7. Separate physical network causes more expense,
so, it can be possible through VLAN technology. VLANs
are implemented by network switches allow routing on
same VLAN between devices. Both VoIP voice and data
are segmented using firewall where PCs are connected
to data segment and VoIP phone are connected to voice
segment.
2.3.8 Configuration Authentication (CA)

In VoIP telephony network obtaining the configuration
information from unwanted vulnerable server makes end
phones more sensitive to launch attacks. Danforth and
Gould described different ways of authenticating TFTP
server before downloading configuration file38. During
manufacturing time, the VoIP phones are configured
with public keys of different TFTP servers gives a way for
authentication. Another way the handsets are configured
with a key (public or secret) of TFTP server. After getting
own IP address and TFTP server IP address from DHCP
server, phone should establish a secure connection with
TFTP server using SSL/TLS. During handshaking, verifi-
cation happens using public key that phone contains and
private key of TFTP server.
2.3.9 Signaling Authentication (SA)
In VoIP network, SIP is used to establish, redirect or
terminate the connection. Internet Protocol Security
(IPSec) and SSL/TLS are used to provide strong authen-
tication and encryption against attack. Key agreement
protocol is used in small scale deployment where trust
being established between phones and server. Kilinc
and Yanik presented different authentication and key
management schemes for SIP protocols which mainly
include Password Authenticated Key Exchange (PAKE)

based schemes, Hash and Symmetric Encryption based
schemes, Public Key Cryptography (PKC) schemes and
ID Based and Weil Pairing based schemes39.
2.3.10 Medium Encryption (ME)
In VoIP, medium encryption is broadly classified into two
types such as symmetric and asymmetric encryption40.
Encryption strength is mainly depending upon the strength
of the algorithm and the size of key is used. In encryption
techniques key management and distribution also play an
important role41. To maintain confidentiality and integrity,
symmetric key is distributed with the help of the techniques
such as simple secret key distribution, secret key distribu-
tion with confidentiality and authentication and hybrid
key distribution. Public key sharing has taken place using
public announcement, publicly available directory, public
key authority or public key certificate techniques.
2.3.11 Intrusion Detection System (IDS)
Hardware/ software are used to monitor network traffic
for malicious and unlawful actions and notify to admin by
warning message or raising alarm. Basically IDS is of two
types such as Network Intrusion Detection System and
Host Intrusion Detection System. It commonly uses three

methodologies to track down malicious activities. Signature
based detection is the valuable and straight forward meth-
ods to uncover known threats. Anomaly based detection is
effective one to identify new and expected threats. Stateful
protocol analysis tracks down protocols performance and
differentiates abnormal flow of commands. All these three
methods use five different approaches such as statistics
based, pattern based, rule based, state based and heuristic
based which were discussed by Liao, Lin, Lin and Tung42.
2.3.12 Honeypot
It is a trap set to detect, deflect or counter attempt at unau-
thorized use of information system which is seems to be
contain of information or resources of values to attackers.
It is classified based on their deployment and based on
their level of involvement43. Based on its deployment it’s
of two types, one is production honeypot and second one
is research honeypot. According to level of involvement
or design perspective, pure honeypot, higher interaction
honeypots, low interaction honeypots are three types
of honeypots. Goel, Sardana and Joshi presented a wide
range of honeypot systems and proposed framework for
honeypot system that enclose a broad range of honeypot
architectures and categories previous systems according
to framework based on attacks44.

3. Proposed Work
VoIP cloud with all security configurations as discuss
earlier is not enough to provide security against all the
threats discussed earlier. So, effective network based IPS
architecture using LVD technique is proposed for VoIP
cloud shown in Figure 3.
The proposed system involves twosteps process.
1) Video watermarking and extraction and 2) Verification
using LVD system
3.1 Video Watermarking and Extraction
There are several VoIP-specific protocols but they fall in
two categories: (i) transport protocols (e.g., RTP) and
(ii) signaling protocols (e.g., SIP). Transport protocols
carry the live video data after the proper the connection.
Signaling protocols executes control information like
CONNECT, DISCONNECT etc.

Indian Journal of Science and Technology10 Vol 9 (6) |
February 2016 | www.indjst.org
Sequence numbers play important roles to prevent SSL
attacks in real time communication. So at the first step
the sequence number is attached with the video/ frames
taken during the connection/disconnection time. Since
the control information is not a video data, it has to be
embedded with video using watermark embedding tech-
nique and forwarded to the server side for authentication
as illustrated in Figure 4. In the server side, the water-
marked video will be extracted and the video submitted
to the LVD for verification.
IPS in VoIP cloud not only monitors the packets
are coming from legitimate caller or not but also moni-
tors sequence number of packets and its content. In real
time communication succeeding packet sequence num-
ber always larger than current packet sequence number
and contents varies packet to packet and time to time
which helps IPS to prevent SSL attacks to be taken place.
If any packet with old sequence number or repetition of
information inside the payload, it will be dropped by VoIP
server. Always signaling packets will get high priority over

data packets.
3.2 Verification using LVD System
The aim of the LVD is to determine if the biometric data
is being captured whether it’s from a legitimate live user
or it is replayed or synthetic. It is verified by correlating
the user’s voice with lip-face motion. The Whole LVD is
divided into seven steps. The whole process of verifica-
tion is divided into two stages. The flow diagram of LVD
is shown in Figure 5. There are two types of videos passed
to LVD system for verification. 1) Extracted watermarked
video2) RTP message along with the video.
3.2.1 Seven Steps of LVD
Step 1: Image and Voice Acquisition: Video and Voice
are captured by web cam and microphone respec-
tively.
Step 2: Image and Speech Enhancement: The captured
information goes for reduction of noise, and this
can be achieved by smoothing and sharpening the
audio- visual data.

16
Figure 4. Video watermarking scheme for signaling
message.
17
Figure 5. Flow diagram of liveness voice detection technique.

Figure 6. Proposed N-IPS architecture.
Figure 5. Flow diagram of liveness voice detection
technique.
16

Indian Journal of Science and Technology 11Vol 9 (6) |
Step 3: Face and Voice Identification: Real time faces
detection and speech detection can be done by
motion analysis. Two level audio- visual fusion
techniques can be used for effective face and voice
identification by localization of multiple active
speakers45. First level is based on speaker activity
detection used to find out who are the live speak-
ers and second level uses Gaussian method for
integration of audio-visual modalities results to
increase robustness.
Step 4: Facial Verification and Speaker Recognition: In Face
verification and speaker recognition process, user
authenticity is checked. If NO, the call is termi-
nated. If yes, it will go for next level verification.
Step 5: Features Extraction: From lip movement, the
motion based features will be extracted (Phase 1).
From speech, the corresponding speech features
will be extracted (Phase 2). Extracted features at
both phases must be language and text indepen-

dent. Lip movement involves the following two
elements. Fastness: frequency is the prime factor
calculated from lip motion. Loudness: Power is the
prime factor calculated from area covered by lips
(distance between top and bottom lip).
Step 6: Liveness Voice Detection: Features from phase 1 is
correlated with features from phase 2. If it falls within
fixed threshold values range, it is Ok, the connection
will be continued else it will be terminated. In LVD,
liveness score evolution algorithm can be used to
measure the synchrony between the lip movement
and voice in video sequence46. Multimodal sys-
tem based on cross modal fusion technique can be
also used for liveness detection47. Audio and visual
speech features are extracted from video sequence
to measure the degree of synchrony between the lip
movement and voice in video sequence.
3.3 IPS Deployment
As VoIP communication handles real time data, IPS
deployment is also an important factor to make the service
more effective and efficient. In pass-by monitoring con-
figuration, a copy of the traffic is sent to the IPS while the
original packet travels to one Public Network to another

public network as shown in Figure 6. If the IPS identifies
an anomaly with the packet, the IDS/IPS can either log/
record the activity or prevent the attack from being suc-
cessful. As an effective IPS, false positive/ negative should
have minimized with maximum efficiency.
4. Conclusion
The flexible and reliable communication is reached by
sending the voice over the internet by using new gen-
eration VoIP services. This research paper summarizes
security threats related to VoIP cloud. Due to VoIP
vulnerabilities including eavesdropping, DoS, D-DoS,
MITM attack, it is necessary to protect signaling and real
time information. A security framework for VoIP cloud
is proposed which uses the concept of LVD to provide
resistance against threats. The use of pass-by IPS makes
this proposed framework has no effect on quality of VoIP
calls as the copy of the original packets are forwarded to
IPS and analyzed. At last, further research has to be per-
formed to raise the level of security due to randomness of
occurrence of cyber-attacks.
5. References
1. Hartpence B. Introduction to voice over the internet

protocol. Packet Guide to Voice over IP. Oram A, Gulick M,
editors. O’Reilly: Sebastopol, CA; 2013.
2. Devi GU, Kaushik KV, Sreeveer B, Prasad KS. VoIP over
Mobile Wi-Fi hotspot. Indian Journal of Science and
Technology. 2015 Jan; 8(S2):195–9. DOI: 10.17485/
ijst/2015/v8iS2/58751.
3. Patinge SA, Soni PD. Metamorphosis in VoIP cloud com-
puting services used in VoIP. International Journal of
Application Innovation in Engineering Management. 2013;
2(2):236–9.
4. Mahmood Z. Cloud computing: characteristics and deploy-
ment approaches. 11th IEEE International Conference
Computer and Information Technology (CIT); Pafos:
Cyprus; 2011. p. 121–6.
5. Shyamala K, Rani TS. An analysis on efficient resource
allocation mechanisms in cloud computing. Indian Journal
17

Figure 5. Flow diagram of liveness voice detection technique.
Indian Journal of Science and Technology12 Vol 9 (6) |
of Science and Technology. 2015 May; 8(9):814–21. DOI:
10.17485/ijst/2015/v8i9/50180.
6. Kim D. A survey of balloon networking applications
and technologies. Available from: http://www.cse.wustl.
edu/~jain/cse570-13/ftp/balloon/index.html. [Cited 2014

Aug].
7. Butcher D, Li X, Guo J. Security challenge and defense
in VoIP infrastructures. IEEE Transactions on Systems
Man and Cybernetics Part C: Applications Reviews. 2007;
37(6):1152–62.
8. Graves K. Certified ethical hacker study guide, 4th ed.
Wiley: Danvers, MA; 2010.
9. Sawada H, Higashimoto T. A mechanical voice system
and its adaptive learning for the mimicry of human vocal-
ization. Proceedings IEEE International Symposium on
Computational Intelligence Robotics and Automation;
Cobe, Japan; 2003. p. 1040–45.
10. Hatkar AA, Varade GA, Hatkar AP. Media access control
spoofing techniques and counter measures. International
Journal Scientific & Engineering Research. 2012; 2(6):1–5 .
11. Nam SY, Kim D, Kim J. Enhanced ARP: preventing ARP
poisoning-based Man-in-the-Middle Attacks. IEEE
Communications Letters. 2010; 14(2):187–9.
12. Ma Y. An effective method for defense against IP spoof-

ing attack. IEEE 6th International Conference on Wireless
Communications Networking and Mobile Computing
(WiCOM); Chengdu: China; 2010. p. 1–4.
13. Barbhuiya FA, Roopa S, Ratti R, Biswas S, Nandi S. An
active
detection mechanism for detecting ICMP based attacks.
IEEE 11th International Conference on Trust, Security and
Privacy in Computing and Communications; Liverpool:
England; 2012. p. 51–58.
14. Haris SHC, Ahmad RB, Ghani MAHA, Wal GM. TCP SYN
flood detection based on payload analysis. Proceedings
IEEE Student Conference on Research and Development
(SCOReD); Putrajaya: Malasia; 2010. p. 149–53.
15. Bardas AG, Zomlot L, Sundaramurthy SC. Classification of
UDP traffic for DDoS detection. USENIX 5th International
Workshop on Large-Scale Exploits and Emergent Threats
(LEET); San Jose: CA; 2012. p. 1–8.
16. Ali FHM, Yunos R, Alias MAM. Simple port knocking
method against TCP replay attack and port scanning. IEEE
International Conference on Cyber Security. Cyber Warfare
and Digital Forensic (CyberSec); Kuala Lumpur: Malasia;

2012. p. 247–52.
17. Stalling W. Transport-level security. Cryptography and
Network Security. Horton M, editor, 5th ed., Pearson:
Upper Saddle River, NJ; 2011. p. 485–20.
18. Geneiatakis D, Kambourakis G, Lambrinoudakis C,
Dagiuklas T, Gritzalis S. A frame for protecting a SIP-based
infrastructure against malformed message attacks.
Computer Network. 2007; 51(10):2580–93.
19. Zhang G, Pallares JJ, Rebahi Y, Fischer-Hubner S. SIP
proxies: New reflectors in the internet. Communications
Multimedia Security; Springer : Verlag Heidelberg; 2010.
20. SuM Y, Tsai CH. An approach to resisting malformed and
flooding attacks on SIP servers. Journal of Networks. 2015;
10(2):77–84.
21. Hartpence B. The real-time transport protocol and the
real-time control protocol. Packet Guide to Voice over IP,
Oram A, Gulik M, editors, 1st ed.; O’Reilly: Sebastopol, CA;
2013.

22. Fu D, Shi F. Buffer overflow exploit and defensive tech-
niques. IEEE International Conference on Multimedia
Information Networking and Security (MINES); Nanjing,
China; 2012. p. 87–90.
23. Ransome JF, Rittinghouse JR. VoIP security risks. VoIP
Security, Casey E, editor; Elsevier: Burlington, MA; 2005.
24. Hardening the operating system. Available from: http://cdn.
ttgtmedia.com/searchEnterpriseLinux/downloads/466_
HTC_Linux_02.pdf. [Citied 2014 Oct].
25. Filiol E. Taxonomy, techniques and tools. Computer
Viruses: From Theory to Applications, 1st ed.; Springer:
Verlag, France; 2004.
26. Shar LK, Tan HBK. Defeating SQL injection. IEEE
Computer:
Gender Diversity in Computing. 2013; 46(3):69–77.
27. Natan RB. Application security. Implementing Database
Security and Auditing; Elsevier: Burlington, MA; 2005.
28. Mohamed NN, Mashim H, Yussoff YM. Compression
and encryption technique on securing TFTP packet.

IEEE Symposium on Computer Application Industrial
Electronics (ISCAIE); Penang, Malaysia; 2014. p. 198–202.
29. Dinu DD, Togan M. DHCP server authentication using
digital certificates. Proceedings IEEE 10th International
Conference Communications (COMM); Bucharest,
Romania; 2014. p. 1–6.
30. Keromytis AD. A comprehensive survey of Voice over
IP security research. IEEE Communications Surveys &
Tutorials. 2012; 14(2):514–37.
31. Graves K. Physical site security. Certified Ethical Hacker
Study Guide, Parsons K, Carson C, 4th ed.; Wiley: Danvers,
MA; 2010.
32. Yang M, WangY, Ding H. Design of WinPcap based
ARP spoofing defense system. IEEE 4th International
Conference on Instrumentation Measurement Computer,
Communication Control (IMCCC); Harbin, Heilongjiang;
2014. p. 221–5.
33. Kaczmarek J, Wrobel MR. Operating system security by
integrity checking and recovery using write-protected
storage. IET Information Security. 2014; 8(2):122–31.

Indian Journal of Science and Technology 13Vol 9 (6) |
34. IEEE 802.1X port-based authentication, CISCO. Available
from: http://www.cisco.com/c/en/us/td/docs/switches/lan/
catalyst6500/ios/122SX/configuration/guide/book/dot1x.
html#wp1133592. [Cited 2015 Jan].
35. deGraaf R, Aycock J, Jacobson M. Improved port knocking
with strong authentication. Proceeding. IEEE 21st Annual
Computer Security Applications Conference (ACSAC);
Tucson, Arizona; 2005. p. 453–62.
36. Sehgal PK, Nath R. An encryption based dynamic and
secure
routing protocol for mobile Ad-hoc network. International
Journal of Computer Science Security. 2009; 3(1):16–22.
37. Chacon S, Benhaddou D, Gurkan D. Secure Voice over
Internet Protocol (VoIP) using Virtual Private Networks

(VPN) and Internet Protocol Security (IPSec). IEEE Region
5 Tech. Professional and Student Conference (TPSC); San
Antonio: TX; 2006. p. 218–22.
38. Danforth A, Gould K. Method to block unauthorized access
to TFTP server configuration files, U.S. Patent 7293282 B2,
2007.
39. Kilinc HH, Yanik T. A survey of SIP authentication and key
agreement schemes. IEEE Communications Survey and
Tutorials. 2014;16(2):1005–23.
40. Anderson R. Cryptography. Security Engineering: A Guide
to Building Dependable Distributed Systems, Long C, 2nd
ed., Wiley: Indianapolis, IN; 2008. p. 73–14.
41. Stalling W. Key management and distribution. Cryptography
and Network Security. Horton M, 5th ed., Pearson: Upper
Saddle River, NJ; 2011. p. 410–43.
42. Liao HJ, Lin CHR, Lin YC, Tung KY. Intrusion detection
system: A comprehensive review. Journal of Network and
Computer Applications. 2013; 36(1):16–24.
43. Audiopedia. Honeypot (computing). Available from:

https://www.youtube.com/watch?v=2fXAw33jOBk. [Cited
2014 Dec].
44. Goel R, Sardana A, Joshi RC. Wireless honeypot: frame-
work, architectures and tools. International Journal of
Network Security. 2013; 15(5):373–83.
45. Li Z, Grochulla M, Thormahlen T. Multiple active speaker
localization based on audio-visual fusion in two stages.
Proceedings IEEE International Conference on Multisensor
Fusion Integration Intelligence Systems (MFI); Hamburg:
Germany; 2012. p. 262–68.
46. Zhu ZY, He QH, Feng XH, Xiongli Y, Wang ZF. Liveness
detection using time drift between lip movement and voice.
Proceedings IEEE International Conference on Machine
Learning Cybernetics (ICMLC); Tianjin: China; 2013.
p. 973–78.
47. Chetty G. Biometric liveness detection based on cross modal
fusion. IEEE 12th International Conference on Information
Fusion (FUSION). Seattle: WA; 2009. p. 2255–62.

Class, The COSO framework of internal controls is practiced .docx

Class, The COSO framework of internal controls is practiced .docx

More Related Content

Similar to Class, The COSO framework of internal controls is practiced .docx (20)

More from mccormicknadine86 (20)

Recently uploaded (20)

Class, The COSO framework of internal controls is practiced .docx