Wednesday, July 31, 2019
Grapes of Wrath Essay
The exodus of the Joad family from Oklahoma to the promised land of California. They were cheated by tradesmen along Highway 66, harassed by border guards at state boundaries, and on arrival were burned out of their makeshift camp by police deputies. One dark night the Joads wandered into Weedpatch Camp, a government refuge for migratory farm workers, where they found clean beds, indoor privies, food, friendship, and hope. â€Å"Oh! Praise God,†whispered Ma Joad. â€Å"God Almighty, I can’t hardly believe it! †pronounced Tom. (p. 390) Their praises were addressed to Providence, but were intended for Washington. Here, they believed, for the first time in their lives, was hard visible proof that their government, whatever and wherever it was, really cared about them and the hundreds of thousands of people like them–landless, homeless, penniless victims of a fickle climate, an unstable economy, and a pernicious way of life. Between the Lesters of Georgia and the Joads of Oklahoma, a profound change of spirit had come upon the land. The great revolution of the twentieth century, not only in the United States but also in the emerging nations abroad, is the kindling of an extravagant hope that the human condition of man can and should be improved, through the harnessing of the power, resources, and machinery of government, not in some distant millennium, but during the lifetime of those now living. The effective response of modern governments to this enormous challenge depends not only on the dreaming of dreams and the preaching of hope, but also on the capacity to convert the pictures in men’s heads into the realities in their lives. 4. Considering the characters in the novel, which actions do you find admirable, and why? Which do you find reprehensible, and why? Admirable A considerable indecisiveness emerges from the novel about how radical the problem is: whether the circumstances of class war exist likely from the interchapters or whether there is a clear-cut villain in the Farmers’ Association with no broader implicationsâ€â€likely from the chapters and their limited point of view. The problem is partly compounded by the pragmatism of the Joads themselves, in many ways admirable in the face of degenerating circumstances but also dangerous in their willingness to lower their expectations: at the beginning Ma Joad dreams of a white house in California after a few months on the road, she hopes they may one day afford a tent that does not leak; Rose of Sharon plans early in her pregnancy a comfortable future for her child at the end she is sulking for a little milk so that her baby may be born alive. The disadvantages of nonteleological thinking are apparent when the result is a perpetual readjustment to straitened conditions: while we are told that the metaphysical grapes of wrath are ripening for the vintage, what we see among the poor is stoicism, sacrifice, and one supreme act of charity. Reprehensible Rose of Sharon and Connie think only of themselves and of now they will break from the group, and when difficulties arise Connie wishes that he had stayed in Oklahoma to man a tractor driving the people from the land. Later, alone, Rose of Sharon complains of her plight and frets about the coming child, and instead of sharing the family responsibility she adds to family worries. Uncle John is similarly preoccupied with his guilt and his personal problems and is almost useless to the group, picking cotton at only half the rate of the other men. Both he and Al withhold money from the family treasury. Noah, thoughtless of the others, wanders away. Connie, leaving a pregnant wife, also deserts. Even the children show a teasing selfishness. Ruthie eats her crackerjacks slowly so that she can taunt the other children when theirs is gone, and at croquet she ignores the rules and tries to play by herself. 5. Describe the role women play throughout the novel The seemingly gratuitous details of the truck driver and the woman driver may intentionally suggest Steinbeck’s awareness that men are often destructive while women are usually more protective: Tom Joad has just been revealed as having committed manslaughter; later we shall see that Ma Joad and Rose of Sharon try to preserve the family and nurture life. Ma Joad would be womanly and maternal in any station. If she had been a duchess, she would have labored with heroism for the integrity of the family and would have had a comprehensive vision of the serious social obligations of her class. The scene of her farewell to Tom†¦ is of the pure essence of motherhood. The pathos is profound and free from a taint of sentimentality. The courage and devotion of the woman are sublime In Ma Joad, Steinbeck created one of the most memorable characters in American fiction of the twentieth century. It is her courage which sustains the family through the almost overwhelming distresses suffered during their epic migration to the West. She voices the author’s belief in the common folk’s invincible will to survive. Ma is a tower of strength to her group, like Pilar in Hemingway’s For Whom the Bell Tolls though less articulate. She is a kind of pagan earth mother, kind to her father-in-law and her mother-in-law, anxious to let her husband Pa lead the family but quickly assuming the reins when he lets them slip through weakness and lack of understanding, firm but sympathetic with her children, friendly with deserving strangers. Ma holds her family together far longer than anyone else in the group could have done. She suffers intensely when she sees Grampa die, then Noah disappear, then Granma die, and then Tom obliged to hide and then go away. But she almost never reveals the degree of her misery. She knows that while she holds, the unit will hold unless man’s inhumanity to man and nature’s indifference put pressure upon her which simply cannot be endured. She goads Pa into near frenzy, knowing that it will make him stronger. She threatens to slap Rose of Sharon at times, but when the poor, pregnant, abandoned girl needs comfort, Ma is there with it in full measure. She knows that she can rely on Tom, not Al. She lets Uncle John have money for one quick drunken spree, knowing that without it he might crack. References Steinbeck John, (1939) The Grapes of Wrath New York: Viking.
Tuesday, July 30, 2019
Behðviþrðl Explðnðtiþns Generðl Psychþlþgy
Shà ¾rtly à °fter purchà °sing persà ¾nà °l cà ¾mputer, my fà °ther stà °rted using Internet à ¾n dà °ily bà °sis. Mà ¾reà ¾ver, he wà ¾uld spend nights brà ¾wsing. Meà °nwhile, my mà ¾m wà °s cà ¾mbining her cà ¾llege studies (tà ¾ receive secà ¾nd educà °tià ¾n) with wà ¾rk à °nd wà ¾uld usuà °lly cà ¾me bà °ck hà ¾me tà ¾tà °lly wiped à ¾ut. Therefà ¾re, she wà °s nà ¾t à °t first cà ¾ncerned with whà °t my fà °ther wà °s up tà ¾ during là °te evenings à °nd nights since everything she wà °nted tà ¾ dà ¾ wà °s tà ¾ jump tà ¾ bed à °s sà ¾Ã ¾n à °s pà ¾ssible à °nd fà °ll à °sleep. Hà ¾wever, là °ter à ¾n everything chà °nged. She nà ¾ticed thà °t her husbà °nd wà ¾uld cà ¾me bà °ck hà ¾me là °te à °nd even stà °rted spending nights à ¾n the à ¾ffice sà ¾fà °.In à ° few dà °ys she sà °w him getting up à °nd silently turning à ¾n his hà ¾me cà ¾mputer in the middle à ¾f the night. Since they hà °ve à °lreà °dy been mà °rried fà ¾r 15 yeà °rs she à °t first cà ¾nsidered it à °n à ¾n-line à °ddictià ¾n thà °t hà °s à °lreà °dy been à ¾n the à °gendà ° in mà °ny fà °milies. Hà ¾wever, she wà °s certà °in her husbà °nd cà ¾uld nà ¾t surf news sites à °ll nights là ¾ng. à fter hà °ving checked à °ll à ¾f his pà ¾ckets à °nd bà °gs, she fà ¾und à °n à °nswer in his e-mà °il bà ¾x which prà ¾vided her with the evidence à ¾f à °n à ¾n-line là ¾ve à °ffà °ir with à ° yà ¾ung là °dy frà ¾m à °nà ¾ther pà °rt à ¾f the wà ¾rld.In à ° very shà ¾rt while she hà °s filed fà ¾r divà ¾rce withà ¾ut hà °ving à °ny hesità °tià ¾ns à ¾r regrets. With indicà °ted à °bà ¾ve mà °terià °l in mind we mà °y stà °te thà °t the prà ¾blem is cleà °rly à °ssà ¾cià °ted with à ¾n-line cheà °ting à °nd behà °vià ¾r which it cà °uses. Hà ¾wever, the questià ¾n is: cà °n cyber intimà °te relà °tià ¾nships be still cà ¾nsidered à °s cheà °ting? Và °st mà °jà ¾rity à ¾f psychà ¾là ¾gists clà °im à °lthà ¾ugh à °dultery à °nd cheà °ting typicà °lly hà °ve physicà °l cà ¾nsequences, they à °ll emerge in humà °n minds à °nd hà °ve direct cà ¾nnectià ¾n with nervà ¾us system.Therefà ¾re, à ¾nline là ¾ve à °ffà °ir is nà ¾thing but cheà °ting reà °l-life pà °rtners thà ¾ugh fà ¾r thà ¾se whà ¾ à °re invà ¾lved in it, it is mà ¾re à ¾f à °n entertà °inment thà °n serià ¾us issue. They see it à °s unhà °rmful à °nd sà °fe wà °y tà ¾ cà °rry à ¾ut their fà °ntà °sies. CÞNCEPT IDENTIFICà TIÞN. Tà ¾ investigà °te the issue I selected twà ¾ nà ¾tià ¾ns à ¾f generà °l psychà ¾là ¾gy: hà °bituà °tià ¾n à °nd the theà ¾ry à ¾f mind (TÞM). à s humà °n beings, we get used tà ¾ things. Sà ¾mething thà °t is new à °nd incredibly exciting cà °n becà ¾me tedià ¾us. This trend tà ¾ hà °ve declining respà ¾nsiveness tà ¾ sà ¾mething is cà °lled hà °bituà °tià ¾n (yà ¾u might à °lsà ¾ heà °r sà ¾meà ¾ne sà °y thà °t yà ¾u get hà °bituà °ted tà ¾ sà ¾mething).Fà ¾r instà °nce, there mà °y be à ° picture yà ¾u reà °lly like sà ¾ yà ¾u put it à ¾n the wà °ll in yà ¾ur rà ¾Ã ¾m. Yà ¾u see this picture every dà °y, 20 times à ° dà °y. Þver time à °nd repeà °ted expà ¾sures tà ¾ this picture yà ¾u might stà °rt feeling like yà ¾u've â€Å"seen it à ° millià ¾n timesâ€ à °nd it just dà ¾esn’t hà °ve the sà °me effect à ¾n yà ¾u. This is hà °bituà °tià ¾n. The fà ¾undà °tià ¾nà °l ideà ° fà ¾r hà °bituà °tià ¾n studies is thà °t à ¾nce peà ¾ple hà °ve been becà ¾me sà ¾ thà ¾rà ¾ughly fà °milià °r with à ° stimulus thà °t they nà ¾ là ¾nger pà °y à °ttentià ¾n tà ¾ it, their à °ttentià ¾n will recà ¾ver if à ° stimulus thà °t they recà ¾gnize à °s different is presented.In this prà ¾cedure, during the initià °l, hà °bituà °tià ¾n phà °se, the infà °nt sits à ¾n the pà °rent’s là °p fà °cing à ° mà ¾nità ¾r à ¾n which he/she sees à ° visuà °l imà °ge à ¾f sà ¾me sà ¾rt while listening tà ¾ à ° sà ¾und. The experimenter recà ¾rds à ¾n à °n externà °l cà ¾mputer hà ¾w là ¾ng the infà °nt là ¾Ã ¾ks à °t the mà ¾nità ¾r while listening tà ¾ the sà ¾und. The theà ¾ry à ¾f mind is sà ¾mething thà °t à °ll peà ¾ple must develà ¾p in à ¾rder tà ¾ understà °nd the minds à ¾f à ¾ther peà ¾ple. We cà °ll it à ° theà ¾ry becà °use we cà °n never à °ctuà °lly cà ¾nnect with à °nà ¾ther's mind. There is nà ¾ à ¾bjective wà °y tà ¾ verify the cà ¾ntents à ¾f their cà ¾nscià ¾usness à ¾r tà ¾ à °ssess their mà ¾tivà °tià ¾ns à °nd desires.Insteà °d, when we interà °ct with à ¾ther peà ¾ple we cà °n à ¾nly guess à °t these things, using à ¾ur TÞM tà ¾ wà ¾rk à ¾ut whà °t they knà ¾w, think à ¾r feel. It s eems reà °sà ¾nà °ble tà ¾ believe thà °t peà ¾ple cà °nnà ¾t understà °nd the desires à ¾r emà ¾tià ¾ns à ¾f à ¾thers unless they à °re à °wà °re à ¾f their à ¾wn, à °nd it certà °inly seems tà ¾ be true thà °t TÞM develà ¾ps à °là ¾ngside self-à °wà °reness (the develà ¾pment à ¾f self is cà ¾vered in à ° sepà °rà °te lecture). First, children leà °rn tà ¾ recà ¾gnize themselves (frà ¾m à °rà ¾und 18 mà ¾nths), then tà ¾ express their emà ¾tià ¾nà °l stà °tes (frà ¾m à °bà ¾ut twà ¾ yeà °rs). Then, they must mà °ke the difference between self à °nd à ¾ther.EXPLà Nà TIÞN. The reà °sà ¾n why my fà °ther wà °s behà °ving in this pà °rticulà °r wà °s becà °use during à °ll à ¾f these yeà °rs à ¾f mà °rrià °ge he hà °s prà ¾bà °bly à °lreà °dy gà ¾t used tà ¾ my mà ¾ther à °nd wà °s là ¾Ã ¾king fà ¾r sà ¾me à ¾ther new emà ¾tià ¾ns. This dà ¾es nà ¾t meà °n thà ¾ugh thà °t he wà °nted tà ¾ turn his à ¾n-line à °ffà °ir intà ¾ sà ¾me là ¾ng-term relà °tià ¾nships. Mà ¾re likely, it wà ¾uld grà °duà °lly slà ¾w dà ¾wn becà °use à ¾f the sà °me hà °bituà °tià ¾n which wà ¾uld nà ¾t seem sà ¾ exciting à °nymà ¾re. Meà °nwhile, my mà ¾ther here wà °s suppà ¾sed tà ¾ refer tà ¾ the theà ¾ry à ¾f mind à °nd try tà ¾ understà °nd my fà °ther à ¾r dà ¾ sà ¾mething thà °t wà ¾uld turn him à °wà °y frà ¾m his à ¾nline à °ddictià ¾n.Cà ¾nsequently, she wà ¾uld be à °ble tà ¾ cà ¾rrectly respà ¾nd à ¾n this situà °tià ¾n à °nd à °và ¾id their sepà °rà °tià ¾n. à ccà ¾rding tà ¾ the theà ¾ry à ¾f mind, peà ¾ple shà ¾uld first explà ¾re themselves à °nd then try tà ¾ perceive à ¾thers. à s à ° result, this perceptià ¾n wà ¾uld becà ¾me mà ¾re à °ccurà °te à °nd precise. This will à °llà ¾w them tà ¾ mà °ke better decisià ¾ns à °nd build brighter future tà ¾gether. Generà °l psychà ¾là ¾gy enà °bles us tà ¾ hà °ve à ° better insight à ¾f feelings, emà ¾tià ¾ns, à °nd thà ¾ughts which we experience à ¾n hà ¾urly bà °sis. In cà °se mentià ¾ned à °bà ¾ve hà °bituà °tià ¾n is à ° prà ¾blemà °tic issue while the theà ¾ry à ¾f mind seems tà ¾ be à ¾ne à ¾f the wà °ys à ¾ut. Behà °vià ¾rà °l Explà °nà °tià ¾ns Generà °l Psychà ¾là ¾gy Shà ¾rtly à °fter purchà °sing persà ¾nà °l cà ¾mputer, my fà °ther stà °rted using Internet à ¾n dà °ily bà °sis. Mà ¾reà ¾ver, he wà ¾uld spend nights brà ¾wsing. Meà °nwhile, my mà ¾m wà °s cà ¾mbining her cà ¾llege studies (tà ¾ receive secà ¾nd educà °tià ¾n) with wà ¾rk à °nd wà ¾uld usuà °lly cà ¾me bà °ck hà ¾me tà ¾tà °lly wiped à ¾ut. Therefà ¾re, she wà °s nà ¾t à °t first cà ¾ncerned with whà °t my fà °ther wà °s up tà ¾ during là °te evenings à °nd nights since everything she wà °nted tà ¾ dà ¾ wà °s tà ¾ jump tà ¾ bed à °s sà ¾Ã ¾n à °s pà ¾ssible à °nd fà °ll à °sleep.Hà ¾wever, là °ter à ¾n everything chà °nged. She nà ¾ticed thà °t her husbà °nd wà ¾uld cà ¾me bà °ck hà ¾me là °te à °nd even stà °rted spending nights à ¾n the à ¾ffice sà ¾fà °.In à ° few dà °ys she sà °w him getting up à °nd silently turning à ¾n his hà ¾me cà ¾mputer in the middle à ¾f the night. Since they hà °ve à °lreà °dy been mà °rried fà ¾r 15 yeà °rs she à °t first cà ¾nsidered it à °n à ¾n-line à °ddictià ¾n thà °t hà °s à °lreà °dy been à ¾n the à °gendà ° in mà °ny fà °milies. Hà ¾wever, she wà °s certà °in her husbà °nd cà ¾uld nà ¾t surf news sites à °ll nights là ¾ng. à fter hà °ving checked à °ll à ¾f his pà ¾ckets à °nd bà °gs, she fà ¾und à °n à °nswer in his e-mà °il bà ¾x which prà ¾vided her with the evidence à ¾f à °n à ¾n-line là ¾ve à °ffà °ir with à ° yà ¾ung là °dy frà ¾m à °nà ¾ther pà °rt à ¾f the wà ¾rld.In à ° very shà ¾rt while she hà °s filed fà ¾r divà ¾rce withà ¾ut hà °ving à °ny hesità °tià ¾ns à ¾r regrets. With indicà °ted à °bà ¾ve mà °terià °l in mind we mà °y stà °te thà °t the prà ¾blem is cleà °rly à °ssà ¾cià °ted with à ¾n-line cheà °ting à °nd behà °vià ¾r which it cà °uses. Hà ¾wever, the questià ¾n is: cà °n cyber intimà °te relà °tià ¾nships be still cà ¾nsidered à °s cheà °ting? Và °st mà °jà ¾rity à ¾f psychà ¾là ¾gists clà °im à °lthà ¾ugh à °dultery à °nd cheà °ting typicà °lly hà °ve physicà °l cà ¾nsequences, they à °ll emerge in humà °n minds à °nd hà °ve direct cà ¾nnectià ¾n with nervà ¾us system.Therefà ¾re, à ¾nline là ¾ve à °ffà °ir is nà ¾thing but cheà °ting reà °l-life pà °rtners thà ¾ugh fà ¾r thà ¾se whà ¾ à °re invà ¾lved in it, it is mà ¾re à ¾f à °n entertà °inment thà °n serià ¾us issue. They see it à °s unhà °rmful à °nd sà °fe wà °y tà ¾ cà °rry à ¾ut their fà °ntà °sies. CÞNCEPT IDENTIFICà TIÞN. Tà ¾ investigà °te the issue I selected twà ¾ nà ¾tià ¾ns à ¾f generà °l psychà ¾là ¾gy: hà °bituà °tià ¾n à °nd the theà ¾ry à ¾f mind (TÞM). à s humà °n beings, we get used tà ¾ things. Sà ¾mething thà °t is new à °nd incredibly exciting cà °n becà ¾me tedià ¾us. This trend tà ¾ hà °ve declining respà ¾nsiveness tà ¾ sà ¾mething is cà °lled hà °bituà °tià ¾n (yà ¾u might à °lsà ¾ heà °r sà ¾meà ¾ne sà °y thà °t yà ¾u get hà °bituà °ted tà ¾ sà ¾mething).Fà ¾r instà °nce, there mà °y be à ° picture yà ¾u reà °lly like sà ¾ yà ¾u put it à ¾n the wà °ll in yà ¾ur rà ¾Ã ¾m. Yà ¾u see this picture every dà °y, 20 times à ° dà °y. Þver time à °nd repeà °ted expà ¾sures tà ¾ this picture yà ¾u might stà °rt feeling like yà ¾u've â€Å"seen it à ° millià ¾n timesâ€ à °nd it just dà ¾esn’t hà °ve the sà °me effect à ¾n yà ¾u. This is hà °bituà °tià ¾n. The fà ¾undà °tià ¾nà °l ideà ° fà ¾r hà °bituà °tià ¾n studies is thà °t à ¾nce peà ¾ple hà °ve been becà ¾me sà ¾ thà ¾rà ¾ughly fà °milià °r with à ° stimulus thà °t they nà ¾ là ¾nger pà °y à °ttentià ¾n tà ¾ it, their à °ttentià ¾n will recà ¾ver if à ° stimulus thà °t they recà ¾gnize à °s different is presented.In this prà ¾cedure, during the initià °l, hà °bituà °tià ¾n phà °se, the infà °nt sits à ¾n the pà °rent’s là °p fà °cing à ° mà ¾nità ¾r à ¾n which he/she sees à ° visuà °l imà °ge à ¾f sà ¾me sà ¾rt while listening tà ¾ à ° sà ¾und. The experimenter recà ¾rds à ¾n à °n externà °l cà ¾mputer hà ¾w là ¾ng the infà °nt là ¾Ã ¾ks à °t the mà ¾nità ¾r while listening tà ¾ the sà ¾und. The theà ¾ry à ¾f mind is sà ¾mething thà °t à °ll peà ¾ple must develà ¾p in à ¾rder tà ¾ understà °nd the minds à ¾f à ¾ther peà ¾ple. We cà °ll it à ° theà ¾ry becà °use we cà °n never à °ctuà °lly cà ¾nnect with à °nà ¾ther's mind. There is nà ¾ à ¾bjective wà °y tà ¾ verify the cà ¾ntents à ¾f their cà ¾nscià ¾usness à ¾r tà ¾ à °ssess their mà ¾tivà °tià ¾ns à °nd desires.Insteà °d, when we interà °ct with à ¾ther peà ¾ple we cà °n à ¾nly guess à °t these things, using à ¾ur TÞM tà ¾ wà ¾rk à ¾ut whà °t they knà ¾w, think à ¾r feel. It se ems reà °sà ¾nà °ble tà ¾ believe thà °t peà ¾ple cà °nnà ¾t understà °nd the desires à ¾r emà ¾tià ¾ns à ¾f à ¾thers unless they à °re à °wà °re à ¾f their à ¾wn, à °nd it certà °inly seems tà ¾ be true thà °t TÞM develà ¾ps à °là ¾ngside self-à °wà °reness (the develà ¾pment à ¾f self is cà ¾vered in à ° sepà °rà °te lecture). First, children leà °rn tà ¾ recà ¾gnize themselves (frà ¾m à °rà ¾und 18 mà ¾nths), then tà ¾ express their emà ¾tià ¾nà °l stà °tes (frà ¾m à °bà ¾ut twà ¾ yeà °rs). Then, they must mà °ke the difference between self à °nd à ¾ther.EXPLà Nà TIÞN. The reà °sà ¾n why my fà °ther wà °s behà °ving in this pà °rticulà °r wà °s becà °use during à °ll à ¾f these yeà °rs à ¾f mà °rrià °ge he hà °s prà ¾bà °bly à °lreà °dy gà ¾t used tà ¾ my mà ¾ther à °nd wà °s là ¾Ã ¾king fà ¾r sà ¾me à ¾ther new emà ¾tià ¾ns. This dà ¾es nà ¾t meà °n thà ¾ugh thà °t he wà °nted t à ¾ turn his à ¾n-line à °ffà °ir intà ¾ sà ¾me là ¾ng-term relà °tià ¾nships. Mà ¾re likely, it wà ¾uld grà °duà °lly slà ¾w dà ¾wn becà °use à ¾f the sà °me hà °bituà °tià ¾n which wà ¾uld nà ¾t seem sà ¾ exciting à °nymà ¾re. Meà °nwhile, my mà ¾ther here wà °s suppà ¾sed tà ¾ refer tà ¾ the theà ¾ry à ¾f mind à °nd try tà ¾ understà °nd my fà °ther à ¾r dà ¾ sà ¾mething thà °t wà ¾uld turn him à °wà °y frà ¾m his à ¾nline à °ddictià ¾n.Cà ¾nsequently, she wà ¾uld be à °ble tà ¾ cà ¾rrectly respà ¾nd à ¾n this situà °tià ¾n à °nd à °và ¾id their sepà °rà °tià ¾n. à ccà ¾rding tà ¾ the theà ¾ry à ¾f mind, peà ¾ple shà ¾uld first explà ¾re themselves à °nd then try tà ¾ perceive à ¾thers. à s à ° result, this perceptià ¾n wà ¾uld becà ¾me mà ¾re à °ccurà °te à °nd precise. This will à °llà ¾w them tà ¾ mà °ke better decisià ¾ns à °nd build brighter future tà ¾gether. Generà °l psychà ¾là ¾gy enà °bles us tà ¾ hà °ve à ° better insight à ¾f feelings, emà ¾tià ¾ns, à °nd thà ¾ughts which we experience à ¾n hà ¾urly bà °sis. In cà °se mentià ¾ned à °bà ¾ve hà °bituà °tià ¾n is à ° prà ¾blemà °tic issue while the theà ¾ry à ¾f mind seems tà ¾ be à ¾ne à ¾f the wà °ys à ¾ut. References
Monday, July 29, 2019
Existentialism Essay Example | Topics and Well Written Essays - 750 words - 2
Existentialism - Essay Example The actual life of the individual is what constitutes his or her â€Å"true essence†instead of there being a peremptorily ascribed essence used by others to define him or her. Hence, every human, through his or her own consciousness, creates his or her own value and determines a meaning to life. According to this philosophy, the source of our value can only be internal. This core view leads to several corollaries like- we have no predetermined nature or essence that controls what we are, what we do, or what is valuable for us, we are radically free to act independently without determination by outside influencers, we also create our values through these choices, we create our own human nature through these free choices, We 2 are thrown into existence first without a predetermined nature and it is only later that we construct our own nature or essence through our actions. In other words, it means, our Existence, through our act of free self creation, defines our Essence. The e xistentialist philosophy strongly suggests that the identity of any person cannot be found by examining what other people are like, but only in what that particular person has done. This implies that, we have no predetermined nature that controls what we are, or what we do. The key concepts that govern the theoretical philosophy of existentialism are Existence precedes Essence, Facticity, The Absurd, Authenticity, Angst, Despair and Opposition to Positivism and Rationalism. The theme of Existence precedes Essence which means that the most important consideration for any individual is the fact that he or she is an individual regardless of any label, role, stereotype, definition or any preconceived category the individual fits. The theme of facticity refers to the absolute realities attached to an individual like having a body and having committed certain actions independently. The theme of the absurd is the idea that there is nothing to the world beyond what meaning we see in it. The concept of Authenticity is the idea that one has to create one’s self and live according to the choices he or she makes. Angst or Anxiety, according to existential philosophy is the disposition of a person when he or she cannot live according to the choices made. Despair refers to the loss of hope when there is a dent in the Essence of an individual. 3 In summary, the philosophy of existentialism supports an individual’s free will, that an individual’s nature is defined through choices, that decisions are not without stress and consequences, that there are irrationalities in this universe, that personal responsibility and discipline is key, that society is unnatural while all social rules are arbitrary. The philosophy does not support the beliefs that wealth, honor and pleasure make a good life, social values and structure control the individual, accept the way it is, and that is sufficient in life, science is panacea for all travails, individuals are born good and are later ruined by society/environment as they age. The in-class example highlights the philosophy of existentialism from the point of view of two individuals. Here is one individual [â€Å"Existence†]. The essence that can be attributed to him is that he is a professor. He is a professor because he went through undergrad, grad and post-grad
Sunday, July 28, 2019
JRN WEEK3 Coursework Example | Topics and Well Written Essays - 250 words
JRN WEEK3 - Coursework Example There are many individuals who have no idea of what global warming is and how to prevent it. The media only focus on natural disasters when they happen and offer no assistance in terms of knowledge. Dr. Martin Patchen challenges the media to provide more comprehensive coverage on social issues, and global warming should be prioritized. Since the media reaches millions of viewers, it can educate people on how ways to combat global warming. Global warming is to blame for the natural disasters that are rocking our world today, for example, the floods that have devastated the city of Houston, Texas in the United States. The media does not tend to long-term issues they instead tend to focus on short-term problems so they can move on to other stories. Global warming is real and they sooner the media realize it, they can take it upon themselves to educate the general public. People tend to remember the effects of global warming when disaster strikes. Patiently waiting for others to handle global warming is a misguided conception, and each person has the responsibility of reduce the risks of global warming. Some of the activities that can decrease the risk of global warming include pla nting trees and decreasing the percentage of greenhouse gas emissions such as carbon
Saturday, July 27, 2019
Cost-Benefit Analysis Research Paper Example | Topics and Well Written Essays - 1250 words
Cost-Benefit Analysis - Research Paper Example with the government departments that commits prisoners and then pay the company a monthly rate per every prisoner confined in the detention center (Logan, 1997). This essay will provide a cost-effective analysis of prison privatization, whereby all its benefits will be identified and added, together with the negatives and the costs. The differences between the two will then be figured out to determine whether the idea is advisable. According to William (1996), the arguments both in favor of the privatization of prisons and against it are based on the issue of money. While some opponents are of the idea that privatizing prison facilities will reduce the costs of running them at the federal and state levels, its opponents feel that it will lead to a lack of qualified staff or security, poor ground and building maintenance, and the possibility of delays in notifying the community in case of a prison break. One of the most visible benefits of the privatization of prisons is that it solves the problem of overcrowding and space. Should a state transfer some prisoners to a private detention center, it will create room for more prisoners in the state prisons, or the correct amount of space for the prisoners already in the private prison. This can save funds on supplies bought to support the current prisoner population, and can also reduce potential violence since it eases the living tensions experienced in most prison s. However, should the private company running the private facility go bankrupt, to could lead to its closure, potentially releasing violent prisoners prematurely (William, 1996). Another benefit of prison privatization is that it assists in budget predictions. When a state works with a private facility, it can set the limit on the number of inmates in their own facilities, thus enabling a more accurate prediction of the total cost of supporting an inmate daily. This can be beneficial during budget analysis and predictions, or when asking for grants from the
Global Strategy of ZAK-Squared Case Study Example | Topics and Well Written Essays - 1000 words
Global Strategy of ZAK-Squared - Case Study Example Individual business division managers could analyze their market, make local decisions based on their analysis and funnel this information up to the corporate level. These divisions could also gear their business to their environment and its demands. Throughout the history of 3M, communication was of the utmost importance. At all levels of management as well as front line workers, there were a number opportunities such as retreats, councils, The Annual Technology Fair, as well as internal encouragement to maintain contact with other division employees. This mode of organization forced 3M to restructure time and time again. Breaking apart divisions and redefining policies and procedures. The Technical Council (numbering 80 people by early 1990) allowed the heads of its increasingly dispersed labs to meet on a regular basis. This was encompassed from the workings of the Technical Forum that was created in the early 1950s that was formed by "senators" that were drawn from the practicing scientists and technologies in each of the 80 3M US-based lbs.
Friday, July 26, 2019
Compare and contrast the two stories, Black Men in Public Space by Essay
Compare and contrast the two stories, Black Men in Public Space by Brent Staples and Where are you Going, Where have you Been by Joyce Carol Oates - Essay Example This can be seen in the short stories â€Å"Where Are You Going, Where Have You Been?†by Joyce Carol Oates through her characters Connie and Arnold Friend as well as in â€Å"Black Men in Public Space†by Brent Staples through the narrator’s own experiences. The first character to be introduced in Oates’ story is Connie, a teenaged girl just beginning to discover the world outside of her parents’ home. As this character is examined, a trope is revealed in her name itself. According to the Merriam-Webster Dictionary, one of the definitions of ‘trope’ is â€Å"a word or expression used in a figurative sense†(2009). Connie’s name suggests a person involved in a con, or farce of some kind as she certainly is. At home, she is the typical lazy but innocent teenager, but in public she attempts to become someone quite different. â€Å"Everything about her had two sides to it; one for home and one for anywhere that was not home: her walk, which could be childlike and bobbing, or languid enough to make anyone think she was hearing music in her head; her mouth, which was pale and smirking most of the time, but bright and pink on these evenings out†(Oates). She is not what she seems to be which make s her a ‘con’ artist. Her mother understands her to be irritating and lazy but generally innocent while Oates makes it clear that Connie has been sexually active in opening her story with an example of Connie’s typical evenings out as she ditches her friend in order to spend the evening with a boy named Eddie. â€Å"She spent three hours with him, at the restaurant where they ate hamburgers and drank Cokes in wax cups that were always sweating, and then down an alley a mile or so away, and when he left her off at five to eleven only the movie house was still open at the plaza†(Oates). While her mother continues to have an impression of
Thursday, July 25, 2019
Meaning and benefits of 'diversification in financial markets Essay
Meaning and benefits of 'diversification in financial markets - Essay Example Some markets can be stable with a clear direction while others move up and down without any clear direction. Such markets are said to be volatile and investing in them can be extremely risky. A lot of volatility increases the chances of losing especially if the capital is not large enough to caution the investment from the volatility (Smith and Schinasi, 1999). Allocating Capital The amount of money to invest in each of the markets or instruments solely depends on the investor. There is a percentage of risk the investor is comfortable investing in each of the chosen portfolios. This should also work together with the behavior of the markets in the last few months or years. An investor can invest more percentage of the capital in stable markets and instruments as there is little or no risk. Volatile and unstable markets should only be allocated a small percentage of the capital. In fact, investors should avoid trading volatile markets. If all the markets of interest are very volatile, the investor should consider waiting for volatility to come down before investing. Diversification in the financial markets has many advantages, including; Guaranteed profits: diversification in financial markets almost guarantees profitability. This is because even in the worst-case scenario, some of the markets and instruments will generate profits. ... If the markets were going against the investors bet, they can close the positions at once and remain with little or no losses. With good money management skills, even the others should be able to generate profits after some time. The charges for trading in the various markets are relatively low compared to other types of investments. With that, most of the profits made are retained by the investor (Caruso, Silli, and Umlauft, 2005). Reduced Risk: investing in different portfolios reduces the risk exposure of the capital. As such, it would be hard to lose all the capital. Even if some of the portfolios go at a loss, the investor will be guaranteed that at least some of the portfolios are into profits. In some cases, investors can even hedge, in which case they can make profits in one market while another is negative (Madura, 2012). Leverage: some financial markets institutions work with margin trading. Investors are required to raise a certain proportion or percentage, and the broker tops it up allowing the investor to purchase more units than they would have purchased with their own money. Leverage can increase the profitability factor of an investment but can also lead to substantial losses. Diversification and leverage would allow the investor to venture into different markets and invest in many different investments with little capital (Gilchrist, 2003). Management of Capital: Diversification in financial markets allows easy management and preservation of capital. Investors have access to a variety of tools and software that assists them in determining how they are going to invest, the amount of investments to make on what elements and calculations of the risk to reward ratio.
Wednesday, July 24, 2019
Life Expectancy Essay Example | Topics and Well Written Essays - 1500 words
Life Expectancy - Essay Example However, these life expectancy levels do not necessarily mean that all are expected to live for these ages. One may die earlier or even later based on the lifestyles and other occurrences that may not be expected to occur. Life expectancy at birth is the number of years that a new born child is expected to live before they die. According to WHO, life expectancy at birth has increased world over by 6years since 1990. This has been so due to increased healthcare, technology and social conditions. Other factors that are direct determinants of life expectancy are physical fitness, general health conditions and poverty. The discouragement of smoking in England or the alternative encouragement of physical fitness has augured well towards encouraging the increase in the life expectancy. As such, since this practice has continued to receive positive response from the citizens, life expectancy in England is expected to continue increasing. The growth of the same in the United States of America is slightly below this rate and the reasons for this are discussed herein. Eileen Crimmins-2004 proposes that reductions in mortality were as a result of a reduction in the load of chronic inflammation and infection. The health improvements in Europe can highly explain the effected change. The improvement of the different aspects of healthcare production can be highly praised for the reduced mortality rates in the United Kingdom. From wide studies, it has been reported that improved technological application in healthcare delivery, milestone coverage in genetic engineering and an increased awareness of diseases and viruses (Vallin, MesleÌ &Valkonen, 2001). Medicinal delivery has been experiencing an increased rate of technological advancement in the last decade. This can be clearly highlighted by the introduction of the targeted Cancer Therapy, natural Orifice
Tuesday, July 23, 2019
Employee Resourcing Essay Example | Topics and Well Written Essays - 2500 words
Employee Resourcing - Essay Example Employee resourcing is an important function undertaken by organizations to ensure that they obtain and retain the human capital that they need, for productive employment. This includes aspects of employment practice that relate to welcoming people to the organization, and releasing them if it is necessary to do so. Employee resourcing is a key part of human resource management which "matches human resources to the strategic and operational needs of the organization" (Armstrong, 2003: 347), and ensures the complete utilization of those resources. Its main focus is on selecting and promoting people who fit the culture and the strategic requirements of the organization. Recruitment is the process by which candidates are located and attracted for employment in an organization. The necessary effort and extent of the search is based on the selection rate and the qualifications and skill sets needed for job competence. Companies usually attempt to attract large numbers of candidates, depending on the job and purpose of the recruitment effort. Further, they aim to fill vacancies quickly, select people who will perform well, and hire people who will give sustained and long-term service to the organization (Stahl, 2003: 163).The purpose of this paper is to examine the processes of employee resourcing which include attracting job applicants, recruiting candidates and selecting employees for the workforce; and to discuss the significance of employee resourcing as an important function of the human resource management activities carried out by organizations.... Approaches to Employee Resourcing There are three paradigms or frames of reference that managers can use when undertaking employee resourcing functions. According to the Chartered Institute of Personnel and Development (CIPD), each paradigm may be suitable for a particular situation. The traditional paradigm represents established best practice in employee resourcing activities. The contingency-based paradigm accepts that different approaches to employee resourcing should be used for different types of situations. The new paradigm advocates innovation in the use of employee resourcing strategies according to the situation and needs that arise (Taylor, 2002: 16).As compared to traditional personnel management, human resource management (HRM) emphasizes more on finding people whose attitudes and behaviour are aligned with what management believes to be appropriate and contributive to productivity in the organization's working environment. The HRM approach to employee resourcing believes that matching resources to orga nizational requirements does not simply mean maintaining or ensuring the continuation of the existing conditions; on the other hand, it "promotes radical changes in thinking about the competencies required in the future to achieve sustainable growth and to achieve cultural change" (Armstrong, 2003: 347). The two fundamental questions addressed by HRM resourcing policies are: 1) What kind of people do we need to compete effectively both now and in the future' 2) What do we have to do to attract, develop and keep these people' Attracting Job Applicants and Recruiting Candidates Increased Use of Inside Recruitment Sources: Inside recruitment sources
Monday, July 22, 2019
Pearson Correlation Essay Example for Free
Pearson Correlation Essay The regression coefficient was calculated to measure the correlation between the two variables namely, monthly charge and speed of connection, on the dependent variable which is the volume of DSL subscription. Regression coefficient is a constant which represents the rate of change of one variable, which in this dissertation is the volume of DSL subscription, as a function of changes in the other variables, namely monthly charge and speed of connection (Kachigan, 1991). Descriptive statistics were used to explain the statistical indicators of the following variables : (a) DSL monthly charge in OECD member countries, (b) DSL speed of connection in OECD member-countries, and (c) volume of DSL subscription in the light of the problem under study. The descriptive measures involved the following three major characteristics of each the above-mentioned variables : distribution, central tendency and the dispersion or variability. The distribution summarizes the frequency of individual values or ranges of values for each variable. The central tendency of the distribution is an estimate of the center of a distribution of values. Three major types of estimates of central tendency are the mean, which is simply the sum of all the individual values divided by the number of values; the median, which is the score found at the middle of the values arranged either from highest to lowest or lowest to highest; and the mode which is the most frequently occurring value in the set of data (Trochim, 2006; Sternstein, 2005). Dispersion, on the other hand refers to the spread of the values around the central tendency, measured either using the range and the standard deviation. The range is simply the difference between the highest and lowest values in the distribution; whereas the standard deviation shows the relation that a set of values has to the mean of the sample, its numerical value indicating how one specific value in the distribution is clustered around or is scattered from the mean of the distribution (Trochim, 2006; Freund Williams, 1983). Methodology for Chapter 4: Pearson Correlation and Descriptive Statistics In Chapter 4, the Pearson correlation was utilized to find the degree to which the following pairs of variables are linearly associated : (a) GDP and Internet usage, GDP and mobile phone usage and GDP and fixed phone usage (b) population and Internet usage in Middle East, (c) population and mobile usage in Middle East, and (d) population and fixed phone usage in Middle East. Interpretation of the specific relationships between the aforementioned pairs of variables was facilitated using Table 1 on page 2. Descriptive statistics were used to discuss the statistical indicators of the following variables : (a) fixed telephones in the 30 provinces of Iran, (b) data network capacity in 30 provinces of Iran, and (c) mobile penetration in 30 provinces of Iran. The same statistical descriptors outlined in Chapter 3 were adopted for Chapter 4. REFERENCES Asian Development Bank. (2007). Aggregate Measures of Competitiveness. Retrieved December 31, 2007, from adb. org: http://www. adb. org/documents/books/ADO/2003/part3_3-3. asp. Easton, V. J. , McColl, J. H. (2004). Statistics Glossary: Paired data, correlation regression. Retrieved December 31, 2007, from Statistical Education Through Problem Solving
Is the Philippines Truly Free
Is the Philippines Truly Free Essay In terms of fashion, culture and economy, however, we cannot say the same. The Filipinos still suffer from colonial mentality. Music, fashion, customs and tradition and products of foreign countries, especially the so-called stateside, are still being patronized by most Filipinos, especially the youth who unabashedly mimic foreign singers, artists, including their lifestyles not minding to spend lots of money just to be â€Å"in†with these foreign idols. Thousands of Pinoys are also dying to migrate to other countries. As a member of the Filipino youth of today I believe that I can somehow make the Philippines truly free by reversing the above negative attitudes. First, I will start from myself. I will think, talk and act like a true Filipino. I will live by the Filipino values like being polite and courteous, using â€Å"po†, â€Å"opo†, respect my parents, the elders and be fair to all. I will patronize Filipino made products so we can save the dollars of our country. I will visit and encourage visit to the local tourist spots. I shall lead by example by taking care of the environment. I will recycle plastics and use biodegradable trash as organic fertilizer. By doing so, we can boost our country’s economy and awaken the sense of nationalism in each and every Filipino. Not only will our country be appreciated by our fellow Filipinos, but also by foreigners locally and internationally. Lastly, I will keep myself informed of the current social and national issues so I can express my views thereon. I will encourage the youth to do the same so we can preserve the democracy in our country alive and help it move forward.
Sunday, July 21, 2019
Internet Protocol (VoIP) Technology
Internet Protocol (VoIP) Technology Abstract Voice over Internet Protocol (VoIP) technology has come of age and is quickly gaining momentum on Broadband networks. VoIP packetizes phone calls through the same routes used by network and Internet traffic and is consequently prone to the same cyber threats that plague data networks today. It presents lower cost and greater flexibility for a venture but presents considerable security challenges. Many solutions for VoIP security are projected, however these solutions should take into account the real-time constriction of voice service and their methods be supposed to address probable attacks and overhead related with it. One of these solutions is to make use of Firewalls, which implement a security strategy by examining and straining traffic arriving or leaving from a protected network. This is normally done by evaluating an incoming packet to a set of policies and performing the corresponding rule action, which is accept or reject. Undesirably packet examinations can require considerable interruptions on traffic due to the difficulty and size of policies. Consequently, improving firewall performance is significant for the VoIP networks. In this paper, we propose a new firewall deign that is able to dynamically update firewall policy based on Neural Network and achieve packet examinations under rising traffic loads, higher traffic speeds, and stringent QoS necessities. The design consists of several firewalls configured in parallel that jointly impose a defense strategy. Every firewall outfits part of the rule and incoming packets is processed through all the firewalls concurrently. Once the neural network is trained, it continuously updates the firewall policy using the selected parameters to perform its evaluation. Since many firewalls are utilized to process each packet, the proposed parallel firewall system has considerably lower delays and a higher throughput than other firewalls. Introduction Voice over IP the transmission of voice over traditional packet-switched IP networks is one of the hottest trends in telecommunications. Although most computers can provide VoIP and many offer VoIP applications, the term â€Å"voice over IP†is typically associated with equipment that lets users dial telephone numbers and communicate with parties on the other end who have a VoIP system or a traditional analog telephone. (The sidebar, â€Å"Current voice-over-IP products,†describes some of the products on the market today.) As with any new technology, VoIP introduces both opportunities and problems. It offers lower cost and greater flexibility for an enterprise but presents significant security challenges. As with any new technology, VoIP introduces both opportunities and problems.. Security administrators might assume that because digitized voice travels in packets, they can simply plug VoIP components into their already secured networks and get a stable and secure voice network. Quality of service (QoS) is fundamental to a VoIP networks operation. A VoIP application is much more sensitive to delays than its traditional data counterparts. Latency turns traditional security measures into double-edged swords for VoIP. Tools such as encryption and firewall protection can help secure the network, but they also produce significant delay. Latency isnt just a QoS issue, but also a security issue because it increases the systems susceptibility to denial-of-service attacks. To succeed in a VoIP network, a DoS attack need not completely shut down the system, but only delay voice packets for a fraction of a second. The necessary impediment is even less when latency-producing security devices are slowing down traffic. As described in the introduction, parallelization offers a Scalable technique for improving the performance of network firewalls. Using this approach an array of m firewalls processes packets in parallel. However, the two designs depicted in differ based on what is distributed: packets or rules. The design was Consisted of multiple identical firewalls connected in parallel, each firewall j in the system implements a local policy Rj where Rj = R. Arriving packets are distributed across the firewalls for processing (one packet is sent to one firewall), allowing different packets to be processed in parallel. Since each packet is processed using the policy Rj = R, policy integrity is maintained. A neural network is a group of interconnected nodes. The well-known example is the human brain, the most complicated and difficult neural network. We can make very fast and reliable choice in portion of a second. In the face of the clear neatness of usual thinking, outcome are usually not-white and -black or binary, but quite engage a broad diversity of alert and secreted inputs, we have an wonderful facility to recognize well-known patterns as well as extraordinary patterns more or less directly, the neural network approach effort to reproduce the way humans visually the usual consumer speedily studies to identify spam from correct connection. The reason for this is generally since we illustration our brains both on reason to a broad variety of message content and the brain learns to create lightning-fast, very exact guess. The capacity of utilizing packet changed networks as a transmit standard for real-time tone of voice connections has drawn broad awareness among both research and possible communities alike. The current progress in speech conventions and high speed information communication technology hold up the notice in equipment such as voice over Internet protocol (VoIP), the mathematical character of information interchange and the energetic routing method engaged in packet-switched networks outcomes in an unbalanced network delay (jitter) practiced by IP packets. [chris miller]. Although a data-parallel firewall can achieve higher throughput than a traditional (single machine) firewall, it suffers from two major disadvantages. First, stateful inspection requires all traffic from a certain connection or exchange to traverse the same firewall. Successful connection tracking is difficult to perform at high speeds using the data-parallel approach Second, distributing packets is only beneficial when each firewall in the array has a significant amount of traffic to process (never idle), which only occurs under high traffic loads. In order to understand parity in a carrier network maintaining secrecy, the studying techniques to know excluded traffic from partial information, such as the header information and show pattern of a series of packets. The propose a traffic credit technique for a direct request which uses mathematical information such as incidence of packet coming. This method is to be used for stop idea by recognize traffic generate by not only VoIP but video request as well. By using this method, travel that is clearly mediator excluded is not needed, the quality of traffic that is classified into best services, such as urgent situation message and moving sharing, is certain, and, for best effort services, suitable operation are perform so that capital can not be busy by a few edge, so as to understand fairness in symbol services. This advance is to applications that generate traffic from the presentation of the traffic. It can be underground into the following three types regarding the granularity of the observed traffic. [Toshiya Okabe Tsutomu Kitamura 2006]. Transaction-level behavior This approach is a system focus on the skin of an application-level action, such as an HTTP request message, and its response, an HTTP response message or MAIL message. With this progress, a request is indirect from the change patterns, the size of each message. A method to order maintain by the time-series changes in the size of messages. These techniques are useful for sense a signal protocol, but are not suitable for discovery of real-time message traffic whose features are boring and last for a fairly long time. [Toshiya Okabe Tsutomu Kitamura 2006] Flow-level behavior This method is to make out an application from mathematical information such as the inter-arrival time, period of the run, packet size. Here, a run is defined as a sequence of packets having a common source address, source port, destination address, destination port and transport protocol. It is extract skin of size data message request flows, such as HTTP, FTP and SMTP graceful from side to side a network, in order to create workload for a network simulator and classify traffic into three lessons, bulk data message such as FTP, informal message. [Toshiya Okabe Tsutomu Kitamura 2006] Packet-level behavior This is techniques that identify a request from the header or load of a single packet. A group method mainly based on port facts has been used but its efficiency has been lost due to the arrival of P2P applications that illegitimately use chance port numbers and port numbers for HTTP to traverse a Firewall. [Toshiya Okabe Tsutomu Kitamura 2006]. Average packet length and variation The result of extract skin correlated to the normal packet size and difference in packet size. Difference in packet size here indicates the number of types of packet size for a request whose packet size is fixed. It is the result of take out the skin of voice applications. The packet size of the voice application is lesser than that of the other application. [ Takayuki Shizuno 2006] As with any new knowledge, VoIP introduce both opportunity and problems. It offers lesser cost and greater give for an project but presents significant security challenge. Security administrator strength suppose that because digitized voice actions in packets, the plug VoIP mechanism into their previously protected networks and get a stable and secure voice network address translation (NAT), and most VoIP mechanism have counterpart in data network, VoIPs presentation stress mean you must extra ordinary network software and hardware with special VoIP mechanism. Packet network depend on many configurable bound: IP and physical addresses of say terminal of routers and firewalls. VoIP networks add specific software, to place and route calls. Many network bound are recognized with passion each time a network part is restart or when a VoIP phone is restart or added to the network.. So many nodes in a VoIP network have dynamically configurable bound; But VoIP systems have much stricter presentation constraint than data networks with important implication for security. [ Takayuki Shizuno 2006]. Quality-of-service issues Quality of service is basic to a VoIP networks process. A VoIP request is much more responsive to delay than its customary data matching part. In the VoIP language, this is the latency problem. Latency turns conventional safety measured. Tools such as encryption and firewall defense can help secure the system, but they also set up important delay. Latency isnt just a QoS issue, but also a safety issue because it increases the system weakness to denial-of-service attacks. To do well in a VoIP network, a DoS attack need not totally shut down the system, but only delay voice packets for a part of a second. The necessary let is even less when latency-producing security devices are slowing down traffic. Another QoS issue jitter, refers to no uniform delays that can cause packets to turn up and be process out of series. The Real-Time Transport Protocol (RTP), which is used to move voice media, so packets received out of order cant be reassembled at the move level, but must be rearrange at the request level, introduce major above your head. When packets turn up in order, high jitter causes them to arrive at their target in spurts. To control jitter, network expensive can use buffers and implement QoS-supporting network elements that let VoIP packets when larger data packets are listed in front of them. The buffer can use one of several plans to resolve when to let go voice data, counting several scheme that adapt the payout time also encompass packet loss. In addition to the usual packet loss issue related with data networks, even VoIP packets that reach their target can be make useless by latency and jitter. [thomas j. walsh and d. richard kuhn ]. Project Background Neural network is the bury order growing fast in current years. It is jointly of a massive deal of easy giving out units of neuron with providing connect as a neural network. It can replicate the information distribution task of human being brain, with huge talent of nonlinear estimate, consecutively storage, large-scale similar development, and self-training lessons. The information distribution in the neural network is recognizing by the communication between the neurons, and the storage of data and in progression as increase physical interconnection of the network parts. [, a. shelestov, v. pasechnik, a. sidorenko, n. kussul , 2006]. A parallel firewall (also called a load-balancing firewall) is a scalable approach for increasing the speed of inspecting network traffic. As seen in figure .the system consists of multiple identical firewalls connected in parallel. Each firewall in the system implements the complete security policy and arriving packets are distributed across the firewalls such that only one firewall processes any given packet. How the load-balancing algorithm distributes packets is vital to the system and typically implemented as a high-speed switch in commercial products. Although parallel firewalls achieve a higher throughput than traditional firewalls and have a redundant design, the performance benefit is only evident under high traffic loads. Furthermore, stateful inspection requires all traffic from a certain connection or exchange to traverse the same firewall, which is difficult to perform at high speeds. This paper introduces a new scalable parallel firewall architecture designed for increasing network speeds and traffic loads. The design consists of multiple firewalls where each firewall implements only a portion of the security policy. Since the policy is divided across the firewalls, rule distribution guidelines are provided that maintains integrity, ensuring the new parallel design and a traditional single firewall always reach the same decision. Unlike the previous parallel design, When a packet arrives to the new architecture it is processed by every firewall in parallel, thus the processing time required per packet is reduced. Simulation results for the new architecture (consisting of four firewalls) yielded a 74% reduction in processing time as compared to other parallel firewall designs. Furthermore, the proposed architecture can provide stateful inspections since a packet is processed by every firewall. Therefore, the new parallel design is a scalable solution that can offer better performance and more capabilities than other designs. In list-based rule symbol, when packets arrive at a firewall, it is in sequence check against the system in the rule list until a match is found or attainment the end of the list. Then, the parallel action is applied to mass or pass the packet. To make the policy complete of match is always found for each packet, the computational difficulty of the sort process depends on the length of rule as the depth of result a matched rule in the rule list. Apply more composite policy can result in major traffic wait which is not only a presentation block in high speed environment but also can make it weaker to rejection of service attacks. Moreover, attractive the filter time is more difficult for multimedia applications that require firm quality of service promise. Although hardware solutions can very much decrease the packet giving out time, they are costly for large policy and improvement hardware may not be suitable in inheritance systems. on the other hand, better data structure for inner policy symbol and better search mechanism have been planned to provide relatively and effective solution to benefit on hand hardware systems. The rules are group to allow multidimensional search by at once eliminate multiple rules with few comparison. While tries have shown great agree in improving the search time, the storage condition and difficulty in maintain try and policy honesty increases as more rules . Moreover, a policy trie does not take into report the traffic personality. In a method for trie sorting is proposed that sustain the policy honesty while reorder rules for unreliable traffic situation. The number of contrast as compare to the original trie. Traffic-aware optimization of list-based firewalls has been addressed in rules are assigned matching probability that depend on the traffic information. Other firewall models have been planned to signify and analyze policy whether for central or distributed firewall architectures with main focus on identify rule conflicts and variance; Wireless local (WLAN) and wireless personal (WPAN) area networks are being used increasingly to implement VoIP forces. The main drives for using these architectures are user mobility. Behind realible real-time repair is one of the major concerns for generally use of VoIP in these wireless IPbased networks and safety is now getting the notice of researchers. The security and efficiency are consisting requirements. [El-Sayed M. El-Alfy and Shokri Z. Selim 2007] Literature Review Introduction: Literature Review is the process of finding information for help on searching for resources on the Internet. Reading intensively in the chosen topic area is essential, but the task can prove daunting if they do not approach it in a systematic way. The continuous number of high-profile Internet security breeches reported in the mass media shows that despite an emphasis on security processes that there is still a gap between theory and practice. Not only is there a need to develop better software engineering processes but also theoretical security improvements need to find their way into real systems. Software design patterns are defined as â€Å"descriptions of communicating objects and classes that are customized to solve a general design problem in a particular context†. As software design patterns have proven their value in the development of production software, they are a promising new approach to help in both the theoretical development and practical implementation of better security processes. First, many/most software developers have only a limited knowledge of security processes and patterns are a proven way to improve their understanding. Second, patterns work against â€Å"reinventing-the-wheel†to promote learning best practices from the larger community to save time, effort, and money with easily accessible and validated examples. Third, code can be reused since the same security patterns arise in many different contexts Investigating existing resources in our area of research will generally cover three areas: Exploratory investigations, as part of the development and evaluation of possible topics in an area Investigation is some depth, sufficient to support a formal research and dissertation proposal Complete research that is described in the literature / research section of the dissertation. [from Writing the Doctoral Dissertation, To Author names] 2. Related Research Work Available: Wireless local (WLAN) and wireless personal (WPAN) area networks are being used progressively to implement VoIP services. The main motivation for using these architectures are user mobility, setup flexibility, increasing transmission rate and low costs, despite this convergence depends on the answers of several technical problems Supporting reliable real-time service is one of the major concerns for widely deployment of VoIP in these ireless IPbased networks and security is now receiving the attention of researchers. The problem of offering security to WLAN and WPAN is that security does not come for free and, security and efficiency are conflicting requirements. The introduction of a security mechanism such as the IPSec encryption-engine to overcome these issues impacts directly in the speech quality of established calls and in the channel capacity. Moreover, largely deployed radio technology standards as IEEE 802.11 and Bluetooth used to achieve wireless connectivity have several constraints when delivering real-time traffic, as transmission errors at the channel, introducing delay and loss which with security mechanisms impact can lead to low quality VoIP calls. Although these technologies offer some security mechanisms, they have some flaws which need to be addressed by an additional level of security. In this paper we focus on the IPSec protocol to achieve the data secrecy due to its widely deployment and implementation of many encryption algorithms. During final decades information technology founded on the computer networks take part in an essential role in different areas of human being action. Troubles of huge importance are assigned on them, such as maintenance, communication and mechanization of information processing. The safety level of processed information is able to differ from private and viable to military and state secret. Herewith the destruction of the information secrecy, reliability and accessibility may cause the spoil to its proprietor and contain important unattractive consequences. Hence the trouble of information safety is concerned. Many associations and companies expand safety facilities that need important aids. In additional, the impracticality of creating wholly protected system is a recognized fact – it will always hold faults and  «gaps » in its understanding. To guard computer systems such familiarized mechanisms as classification and verification, methodologies of the delimitation and limit of the access to data and cryptographic techniques are applied. But they hold following drawbacks: †¢ Disclosure from interior users with spiteful purpose; †¢ Complexity in access separation caused by data sources globalization, which cleans away difference between personal and foreign topics of the system; †¢ Diminution of efficiency and communication complexity by reason of methods for access control to the sources, for occasion, in e-commerce; †¢ Effortlessness of passwords description by crating arrangements of simple users relations. Hence classification and audit systems are utilized beside with these methods. between them are interruption. Intrusion Detection Systems (IDS). IDS are generally separated to systems detecting previously identified attacks (mishandling exposure systems) and variance exposure systems registering the life cycle differences of the computer system from its usual (distinctive) action. Besides, IDS are divided to network-based and host-based category by data source. Network-based IDS examine network dataflow, caring its members, almost not moving the output of their work. Network-based systems do not utilize data about progression from divide workstation. A firewall is a mixture of hardware and software used to put into practice a security policy leading the flow of network traffic between two or more networks. In its simplest form, a firewall acts as a safety barrier to control traffic and manage links between internal and external network hosts. The actual means by which this is able varies and ranges from packet sort and proxy service to stateful examination methods. A more difficult firewall may hide the topology of the network it is employed to keep, Firewalls have recognized to be useful in trade with a large number of pressure that create from outer a network. They are becoming ever-present and necessary to the action of the network. The constant growth of the Internet, coupled with the increasing difficulty of attacks, however, is placing further stress and difficulty on firewalls design and management. . [ Subrata Acharya, Jia Wang, Albert Greenberg 2006] Furthermore, the need to deal with large set of varied safety policy and rules impose additional load on firewalls, thus depiction the presentation of the firewall highly serious to enforce the network safety policy. In this context, the defense that a firewall provides only the policies it is configured to execute, but evenly importantly the speed at which it enforces these policy. Under attack or deep load, firewalls can simply become a bottleneck. As the network size, bandwidth, and giving out power of networked hosts carry on increasing, there is a high demand for optimizing firewall operation for improved performance. [ Subrata Acharya, Jia Wang, Albert Greenberg 2006] Multi-dimensional firewall research group of people to focus on mounting various optimizations to make firewalls more resourceful and steady. In spite of significant progress in the design of firewalls, the techniques for firewall optimization remains static and fail to get used to to the always varying dynamics of the network. This is frequently due to their failure to take into account the traffic individuality by the firewall, such as source and purpose, service requests and the resultant action taken by the firewall in reply to these requests. Moreover, current firewall designs do not support adaptive difference discovery and counter measure device. As a result, they run the risk to become unbalanced under attack. The object of this paper is to address the above failing and develop a sound and effective toolset to hasten firewall operation and adapt its performance to the dynamically altering network traffic individuality. Achieve this goal, however is tough, as the number of policy and safety rules a firewall has to enforce for enterprise network. In addition, there is a need for preserve high policy addition. This is further compounded by the limited resources of firewalls relation to the increased ability of the network to process and forward traffic at very high speed. [ Subrata Acharya, Jia Wang, Albert Greenberg 2006] Methodolgy Network Firewall Parallelization Firewall parallelization is a scalable move toward for attaining the speed of system traffic assessment [Carsten Benecke,1999] necessary for improved network paces and traffic loads. In this section data parallel [Carsten Benecke,1999] and function parallel designs [Errin W. Fulp,2002] for parallel firewalls are explained. Similar to their distributed computing descriptions necessitate, data parallel partition the information set across the array of firewalls, while function parallel distributes the work set across the array of firewalls. The data parallel technique is a scalable substitute to a single firewall that permits for better throughput potentials. Function parallel techniques can diminish the dispensation time necessary on any firewall node yielding enhanced presentation. In addition, unlike data parallel designs, the proposed function parallel architecture can offer stateful assessments. This proposal shows that function parallel designs are scalable solution that can offer better performance and more facilities than other designs. Parallel Firewall Architecture: Function Parallel Firewall [W. Fulp and Ryan J] consists of multiple firewalls coupled in parallel and a gatedevice, as shown in figure. Every firewall in the system outfits a local strategy, where incoming packets are disseminated across the firewalls for processing (one packet is sent to one firewall), permitting different packets to be processed in parallel. Because every packet is processed by the policy, reliability is maintained. The common operation of the scheme can be described as follows. When a packet reaches to the function-parallel system it is promoted to all the firewall and the gate. Each firewall processes the packet with its local policy, as well as any state information. The firewall then signals the gate representing either no match was found, or offers the rule number and action if a match was found. As local policies are a division of the original, a no-matchis a suitable answer and is necessary for the function-parallel design. The gate stores the outcomes and establishes the final action to achieve on the packet using the Firewall rule. Parallel Firewall System Components A function parallel system consists of a collection of firewall nodes. Packets are replicated to all firewall nodes as they go into the system. Policies must be disseminated across the system such that they specify an accept set identical to the original accept set and no local policys accept set can overlap another local policys accept set. The received packets are then combined into one stream to arrive at the destination. A control plane is also essential to permit common system management. Firewall Nodes The firewall nodes contain a network interface card for every network input and control plane. This design implements the firewall nodes as PCs running the Linux operating system with a kernel that supports iptables. It must be stated that iptables was selected for an profitable feature of provisional rule dispensation. By default there are built-in sets of policies called chains divided by whether they hold traffic bound for procedures pay attention on local input devices, proposed for routing throughout the system to another network or outbound and supplied from a local procedure. In addition iptables has support for user defined chains. The user defined chains can be called if a packet matches a rule in a sequence. Packet Duplicator Packet Duplicator is essential on all links which will input traffic into the system. In Ethernet networks packet duplication is easily achieved with a network hub because any packets arriving on a hub port are copied to all other hub ports. But, in high speed networks hub technology is not presented. The only available devices in high speed networks to attain duplication are network taps. These devices are used for duplicating network traffic, usually used in intrusion detection systems that necessitate network monitoring. Control Plane In a single firewall system, protected customer communication can be offered through the prerequisite of physical existence. To generate a protected technique of management, communication to the collection of firewall nodes can be quarantined on a separate control plane. In the simplest form this entails a separate subnet which all firewall nodes survive on. Component Integration Joining these components into a functional design can be cut down into two network representations. The first utilizes simply one packet duplicator and can simply offer protection for traffic from one source. The second topology allows two networks to communicate bi-directionally through the system. One-Directional System This technique only thinks about packets traveling in one direction; for example, only packets are moving from source to destination. The collection of firewall nodes use the same IP address and MAC address and all will take the incoming network interface card in immoral mode. All but one firewall node will allow existing networking equipment outside of the system to cooperate with no alterations. The firewall node which does respond to user requirements can also be permitted to respond to ICMP ping requests in order to formulate the system additional compatible. For the outgoing network interface cards, any IP or MAC can be used as long as it permits communication with the destination. Bi-directional System The Bi-directional system considers packets moving in both directions; for example, packets traveling from source to destination and then back to source. Set Internet Protocol (VoIP) Technology Internet Protocol (VoIP) Technology Abstract Voice over Internet Protocol (VoIP) technology has come of age and is quickly gaining momentum on Broadband networks. VoIP packetizes phone calls through the same routes used by network and Internet traffic and is consequently prone to the same cyber threats that plague data networks today. It presents lower cost and greater flexibility for a venture but presents considerable security challenges. Many solutions for VoIP security are projected, however these solutions should take into account the real-time constriction of voice service and their methods be supposed to address probable attacks and overhead related with it. One of these solutions is to make use of Firewalls, which implement a security strategy by examining and straining traffic arriving or leaving from a protected network. This is normally done by evaluating an incoming packet to a set of policies and performing the corresponding rule action, which is accept or reject. Undesirably packet examinations can require considerable interruptions on traffic due to the difficulty and size of policies. Consequently, improving firewall performance is significant for the VoIP networks. In this paper, we propose a new firewall deign that is able to dynamically update firewall policy based on Neural Network and achieve packet examinations under rising traffic loads, higher traffic speeds, and stringent QoS necessities. The design consists of several firewalls configured in parallel that jointly impose a defense strategy. Every firewall outfits part of the rule and incoming packets is processed through all the firewalls concurrently. Once the neural network is trained, it continuously updates the firewall policy using the selected parameters to perform its evaluation. Since many firewalls are utilized to process each packet, the proposed parallel firewall system has considerably lower delays and a higher throughput than other firewalls. Introduction Voice over IP the transmission of voice over traditional packet-switched IP networks is one of the hottest trends in telecommunications. Although most computers can provide VoIP and many offer VoIP applications, the term â€Å"voice over IP†is typically associated with equipment that lets users dial telephone numbers and communicate with parties on the other end who have a VoIP system or a traditional analog telephone. (The sidebar, â€Å"Current voice-over-IP products,†describes some of the products on the market today.) As with any new technology, VoIP introduces both opportunities and problems. It offers lower cost and greater flexibility for an enterprise but presents significant security challenges. As with any new technology, VoIP introduces both opportunities and problems.. Security administrators might assume that because digitized voice travels in packets, they can simply plug VoIP components into their already secured networks and get a stable and secure voice network. Quality of service (QoS) is fundamental to a VoIP networks operation. A VoIP application is much more sensitive to delays than its traditional data counterparts. Latency turns traditional security measures into double-edged swords for VoIP. Tools such as encryption and firewall protection can help secure the network, but they also produce significant delay. Latency isnt just a QoS issue, but also a security issue because it increases the systems susceptibility to denial-of-service attacks. To succeed in a VoIP network, a DoS attack need not completely shut down the system, but only delay voice packets for a fraction of a second. The necessary impediment is even less when latency-producing security devices are slowing down traffic. As described in the introduction, parallelization offers a Scalable technique for improving the performance of network firewalls. Using this approach an array of m firewalls processes packets in parallel. However, the two designs depicted in differ based on what is distributed: packets or rules. The design was Consisted of multiple identical firewalls connected in parallel, each firewall j in the system implements a local policy Rj where Rj = R. Arriving packets are distributed across the firewalls for processing (one packet is sent to one firewall), allowing different packets to be processed in parallel. Since each packet is processed using the policy Rj = R, policy integrity is maintained. A neural network is a group of interconnected nodes. The well-known example is the human brain, the most complicated and difficult neural network. We can make very fast and reliable choice in portion of a second. In the face of the clear neatness of usual thinking, outcome are usually not-white and -black or binary, but quite engage a broad diversity of alert and secreted inputs, we have an wonderful facility to recognize well-known patterns as well as extraordinary patterns more or less directly, the neural network approach effort to reproduce the way humans visually the usual consumer speedily studies to identify spam from correct connection. The reason for this is generally since we illustration our brains both on reason to a broad variety of message content and the brain learns to create lightning-fast, very exact guess. The capacity of utilizing packet changed networks as a transmit standard for real-time tone of voice connections has drawn broad awareness among both research and possible communities alike. The current progress in speech conventions and high speed information communication technology hold up the notice in equipment such as voice over Internet protocol (VoIP), the mathematical character of information interchange and the energetic routing method engaged in packet-switched networks outcomes in an unbalanced network delay (jitter) practiced by IP packets. [chris miller]. Although a data-parallel firewall can achieve higher throughput than a traditional (single machine) firewall, it suffers from two major disadvantages. First, stateful inspection requires all traffic from a certain connection or exchange to traverse the same firewall. Successful connection tracking is difficult to perform at high speeds using the data-parallel approach Second, distributing packets is only beneficial when each firewall in the array has a significant amount of traffic to process (never idle), which only occurs under high traffic loads. In order to understand parity in a carrier network maintaining secrecy, the studying techniques to know excluded traffic from partial information, such as the header information and show pattern of a series of packets. The propose a traffic credit technique for a direct request which uses mathematical information such as incidence of packet coming. This method is to be used for stop idea by recognize traffic generate by not only VoIP but video request as well. By using this method, travel that is clearly mediator excluded is not needed, the quality of traffic that is classified into best services, such as urgent situation message and moving sharing, is certain, and, for best effort services, suitable operation are perform so that capital can not be busy by a few edge, so as to understand fairness in symbol services. This advance is to applications that generate traffic from the presentation of the traffic. It can be underground into the following three types regarding the granularity of the observed traffic. [Toshiya Okabe Tsutomu Kitamura 2006]. Transaction-level behavior This approach is a system focus on the skin of an application-level action, such as an HTTP request message, and its response, an HTTP response message or MAIL message. With this progress, a request is indirect from the change patterns, the size of each message. A method to order maintain by the time-series changes in the size of messages. These techniques are useful for sense a signal protocol, but are not suitable for discovery of real-time message traffic whose features are boring and last for a fairly long time. [Toshiya Okabe Tsutomu Kitamura 2006] Flow-level behavior This method is to make out an application from mathematical information such as the inter-arrival time, period of the run, packet size. Here, a run is defined as a sequence of packets having a common source address, source port, destination address, destination port and transport protocol. It is extract skin of size data message request flows, such as HTTP, FTP and SMTP graceful from side to side a network, in order to create workload for a network simulator and classify traffic into three lessons, bulk data message such as FTP, informal message. [Toshiya Okabe Tsutomu Kitamura 2006] Packet-level behavior This is techniques that identify a request from the header or load of a single packet. A group method mainly based on port facts has been used but its efficiency has been lost due to the arrival of P2P applications that illegitimately use chance port numbers and port numbers for HTTP to traverse a Firewall. [Toshiya Okabe Tsutomu Kitamura 2006]. Average packet length and variation The result of extract skin correlated to the normal packet size and difference in packet size. Difference in packet size here indicates the number of types of packet size for a request whose packet size is fixed. It is the result of take out the skin of voice applications. The packet size of the voice application is lesser than that of the other application. [ Takayuki Shizuno 2006] As with any new knowledge, VoIP introduce both opportunity and problems. It offers lesser cost and greater give for an project but presents significant security challenge. Security administrator strength suppose that because digitized voice actions in packets, the plug VoIP mechanism into their previously protected networks and get a stable and secure voice network address translation (NAT), and most VoIP mechanism have counterpart in data network, VoIPs presentation stress mean you must extra ordinary network software and hardware with special VoIP mechanism. Packet network depend on many configurable bound: IP and physical addresses of say terminal of routers and firewalls. VoIP networks add specific software, to place and route calls. Many network bound are recognized with passion each time a network part is restart or when a VoIP phone is restart or added to the network.. So many nodes in a VoIP network have dynamically configurable bound; But VoIP systems have much stricter presentation constraint than data networks with important implication for security. [ Takayuki Shizuno 2006]. Quality-of-service issues Quality of service is basic to a VoIP networks process. A VoIP request is much more responsive to delay than its customary data matching part. In the VoIP language, this is the latency problem. Latency turns conventional safety measured. Tools such as encryption and firewall defense can help secure the system, but they also set up important delay. Latency isnt just a QoS issue, but also a safety issue because it increases the system weakness to denial-of-service attacks. To do well in a VoIP network, a DoS attack need not totally shut down the system, but only delay voice packets for a part of a second. The necessary let is even less when latency-producing security devices are slowing down traffic. Another QoS issue jitter, refers to no uniform delays that can cause packets to turn up and be process out of series. The Real-Time Transport Protocol (RTP), which is used to move voice media, so packets received out of order cant be reassembled at the move level, but must be rearrange at the request level, introduce major above your head. When packets turn up in order, high jitter causes them to arrive at their target in spurts. To control jitter, network expensive can use buffers and implement QoS-supporting network elements that let VoIP packets when larger data packets are listed in front of them. The buffer can use one of several plans to resolve when to let go voice data, counting several scheme that adapt the payout time also encompass packet loss. In addition to the usual packet loss issue related with data networks, even VoIP packets that reach their target can be make useless by latency and jitter. [thomas j. walsh and d. richard kuhn ]. Project Background Neural network is the bury order growing fast in current years. It is jointly of a massive deal of easy giving out units of neuron with providing connect as a neural network. It can replicate the information distribution task of human being brain, with huge talent of nonlinear estimate, consecutively storage, large-scale similar development, and self-training lessons. The information distribution in the neural network is recognizing by the communication between the neurons, and the storage of data and in progression as increase physical interconnection of the network parts. [, a. shelestov, v. pasechnik, a. sidorenko, n. kussul , 2006]. A parallel firewall (also called a load-balancing firewall) is a scalable approach for increasing the speed of inspecting network traffic. As seen in figure .the system consists of multiple identical firewalls connected in parallel. Each firewall in the system implements the complete security policy and arriving packets are distributed across the firewalls such that only one firewall processes any given packet. How the load-balancing algorithm distributes packets is vital to the system and typically implemented as a high-speed switch in commercial products. Although parallel firewalls achieve a higher throughput than traditional firewalls and have a redundant design, the performance benefit is only evident under high traffic loads. Furthermore, stateful inspection requires all traffic from a certain connection or exchange to traverse the same firewall, which is difficult to perform at high speeds. This paper introduces a new scalable parallel firewall architecture designed for increasing network speeds and traffic loads. The design consists of multiple firewalls where each firewall implements only a portion of the security policy. Since the policy is divided across the firewalls, rule distribution guidelines are provided that maintains integrity, ensuring the new parallel design and a traditional single firewall always reach the same decision. Unlike the previous parallel design, When a packet arrives to the new architecture it is processed by every firewall in parallel, thus the processing time required per packet is reduced. Simulation results for the new architecture (consisting of four firewalls) yielded a 74% reduction in processing time as compared to other parallel firewall designs. Furthermore, the proposed architecture can provide stateful inspections since a packet is processed by every firewall. Therefore, the new parallel design is a scalable solution that can offer better performance and more capabilities than other designs. In list-based rule symbol, when packets arrive at a firewall, it is in sequence check against the system in the rule list until a match is found or attainment the end of the list. Then, the parallel action is applied to mass or pass the packet. To make the policy complete of match is always found for each packet, the computational difficulty of the sort process depends on the length of rule as the depth of result a matched rule in the rule list. Apply more composite policy can result in major traffic wait which is not only a presentation block in high speed environment but also can make it weaker to rejection of service attacks. Moreover, attractive the filter time is more difficult for multimedia applications that require firm quality of service promise. Although hardware solutions can very much decrease the packet giving out time, they are costly for large policy and improvement hardware may not be suitable in inheritance systems. on the other hand, better data structure for inner policy symbol and better search mechanism have been planned to provide relatively and effective solution to benefit on hand hardware systems. The rules are group to allow multidimensional search by at once eliminate multiple rules with few comparison. While tries have shown great agree in improving the search time, the storage condition and difficulty in maintain try and policy honesty increases as more rules . Moreover, a policy trie does not take into report the traffic personality. In a method for trie sorting is proposed that sustain the policy honesty while reorder rules for unreliable traffic situation. The number of contrast as compare to the original trie. Traffic-aware optimization of list-based firewalls has been addressed in rules are assigned matching probability that depend on the traffic information. Other firewall models have been planned to signify and analyze policy whether for central or distributed firewall architectures with main focus on identify rule conflicts and variance; Wireless local (WLAN) and wireless personal (WPAN) area networks are being used increasingly to implement VoIP forces. The main drives for using these architectures are user mobility. Behind realible real-time repair is one of the major concerns for generally use of VoIP in these wireless IPbased networks and safety is now getting the notice of researchers. The security and efficiency are consisting requirements. [El-Sayed M. El-Alfy and Shokri Z. Selim 2007] Literature Review Introduction: Literature Review is the process of finding information for help on searching for resources on the Internet. Reading intensively in the chosen topic area is essential, but the task can prove daunting if they do not approach it in a systematic way. The continuous number of high-profile Internet security breeches reported in the mass media shows that despite an emphasis on security processes that there is still a gap between theory and practice. Not only is there a need to develop better software engineering processes but also theoretical security improvements need to find their way into real systems. Software design patterns are defined as â€Å"descriptions of communicating objects and classes that are customized to solve a general design problem in a particular context†. As software design patterns have proven their value in the development of production software, they are a promising new approach to help in both the theoretical development and practical implementation of better security processes. First, many/most software developers have only a limited knowledge of security processes and patterns are a proven way to improve their understanding. Second, patterns work against â€Å"reinventing-the-wheel†to promote learning best practices from the larger community to save time, effort, and money with easily accessible and validated examples. Third, code can be reused since the same security patterns arise in many different contexts Investigating existing resources in our area of research will generally cover three areas: Exploratory investigations, as part of the development and evaluation of possible topics in an area Investigation is some depth, sufficient to support a formal research and dissertation proposal Complete research that is described in the literature / research section of the dissertation. [from Writing the Doctoral Dissertation, To Author names] 2. Related Research Work Available: Wireless local (WLAN) and wireless personal (WPAN) area networks are being used progressively to implement VoIP services. The main motivation for using these architectures are user mobility, setup flexibility, increasing transmission rate and low costs, despite this convergence depends on the answers of several technical problems Supporting reliable real-time service is one of the major concerns for widely deployment of VoIP in these ireless IPbased networks and security is now receiving the attention of researchers. The problem of offering security to WLAN and WPAN is that security does not come for free and, security and efficiency are conflicting requirements. The introduction of a security mechanism such as the IPSec encryption-engine to overcome these issues impacts directly in the speech quality of established calls and in the channel capacity. Moreover, largely deployed radio technology standards as IEEE 802.11 and Bluetooth used to achieve wireless connectivity have several constraints when delivering real-time traffic, as transmission errors at the channel, introducing delay and loss which with security mechanisms impact can lead to low quality VoIP calls. Although these technologies offer some security mechanisms, they have some flaws which need to be addressed by an additional level of security. In this paper we focus on the IPSec protocol to achieve the data secrecy due to its widely deployment and implementation of many encryption algorithms. During final decades information technology founded on the computer networks take part in an essential role in different areas of human being action. Troubles of huge importance are assigned on them, such as maintenance, communication and mechanization of information processing. The safety level of processed information is able to differ from private and viable to military and state secret. Herewith the destruction of the information secrecy, reliability and accessibility may cause the spoil to its proprietor and contain important unattractive consequences. Hence the trouble of information safety is concerned. Many associations and companies expand safety facilities that need important aids. In additional, the impracticality of creating wholly protected system is a recognized fact – it will always hold faults and  «gaps » in its understanding. To guard computer systems such familiarized mechanisms as classification and verification, methodologies of the delimitation and limit of the access to data and cryptographic techniques are applied. But they hold following drawbacks: †¢ Disclosure from interior users with spiteful purpose; †¢ Complexity in access separation caused by data sources globalization, which cleans away difference between personal and foreign topics of the system; †¢ Diminution of efficiency and communication complexity by reason of methods for access control to the sources, for occasion, in e-commerce; †¢ Effortlessness of passwords description by crating arrangements of simple users relations. Hence classification and audit systems are utilized beside with these methods. between them are interruption. Intrusion Detection Systems (IDS). IDS are generally separated to systems detecting previously identified attacks (mishandling exposure systems) and variance exposure systems registering the life cycle differences of the computer system from its usual (distinctive) action. Besides, IDS are divided to network-based and host-based category by data source. Network-based IDS examine network dataflow, caring its members, almost not moving the output of their work. Network-based systems do not utilize data about progression from divide workstation. A firewall is a mixture of hardware and software used to put into practice a security policy leading the flow of network traffic between two or more networks. In its simplest form, a firewall acts as a safety barrier to control traffic and manage links between internal and external network hosts. The actual means by which this is able varies and ranges from packet sort and proxy service to stateful examination methods. A more difficult firewall may hide the topology of the network it is employed to keep, Firewalls have recognized to be useful in trade with a large number of pressure that create from outer a network. They are becoming ever-present and necessary to the action of the network. The constant growth of the Internet, coupled with the increasing difficulty of attacks, however, is placing further stress and difficulty on firewalls design and management. . [ Subrata Acharya, Jia Wang, Albert Greenberg 2006] Furthermore, the need to deal with large set of varied safety policy and rules impose additional load on firewalls, thus depiction the presentation of the firewall highly serious to enforce the network safety policy. In this context, the defense that a firewall provides only the policies it is configured to execute, but evenly importantly the speed at which it enforces these policy. Under attack or deep load, firewalls can simply become a bottleneck. As the network size, bandwidth, and giving out power of networked hosts carry on increasing, there is a high demand for optimizing firewall operation for improved performance. [ Subrata Acharya, Jia Wang, Albert Greenberg 2006] Multi-dimensional firewall research group of people to focus on mounting various optimizations to make firewalls more resourceful and steady. In spite of significant progress in the design of firewalls, the techniques for firewall optimization remains static and fail to get used to to the always varying dynamics of the network. This is frequently due to their failure to take into account the traffic individuality by the firewall, such as source and purpose, service requests and the resultant action taken by the firewall in reply to these requests. Moreover, current firewall designs do not support adaptive difference discovery and counter measure device. As a result, they run the risk to become unbalanced under attack. The object of this paper is to address the above failing and develop a sound and effective toolset to hasten firewall operation and adapt its performance to the dynamically altering network traffic individuality. Achieve this goal, however is tough, as the number of policy and safety rules a firewall has to enforce for enterprise network. In addition, there is a need for preserve high policy addition. This is further compounded by the limited resources of firewalls relation to the increased ability of the network to process and forward traffic at very high speed. [ Subrata Acharya, Jia Wang, Albert Greenberg 2006] Methodolgy Network Firewall Parallelization Firewall parallelization is a scalable move toward for attaining the speed of system traffic assessment [Carsten Benecke,1999] necessary for improved network paces and traffic loads. In this section data parallel [Carsten Benecke,1999] and function parallel designs [Errin W. Fulp,2002] for parallel firewalls are explained. Similar to their distributed computing descriptions necessitate, data parallel partition the information set across the array of firewalls, while function parallel distributes the work set across the array of firewalls. The data parallel technique is a scalable substitute to a single firewall that permits for better throughput potentials. Function parallel techniques can diminish the dispensation time necessary on any firewall node yielding enhanced presentation. In addition, unlike data parallel designs, the proposed function parallel architecture can offer stateful assessments. This proposal shows that function parallel designs are scalable solution that can offer better performance and more facilities than other designs. Parallel Firewall Architecture: Function Parallel Firewall [W. Fulp and Ryan J] consists of multiple firewalls coupled in parallel and a gatedevice, as shown in figure. Every firewall in the system outfits a local strategy, where incoming packets are disseminated across the firewalls for processing (one packet is sent to one firewall), permitting different packets to be processed in parallel. Because every packet is processed by the policy, reliability is maintained. The common operation of the scheme can be described as follows. When a packet reaches to the function-parallel system it is promoted to all the firewall and the gate. Each firewall processes the packet with its local policy, as well as any state information. The firewall then signals the gate representing either no match was found, or offers the rule number and action if a match was found. As local policies are a division of the original, a no-matchis a suitable answer and is necessary for the function-parallel design. The gate stores the outcomes and establishes the final action to achieve on the packet using the Firewall rule. Parallel Firewall System Components A function parallel system consists of a collection of firewall nodes. Packets are replicated to all firewall nodes as they go into the system. Policies must be disseminated across the system such that they specify an accept set identical to the original accept set and no local policys accept set can overlap another local policys accept set. The received packets are then combined into one stream to arrive at the destination. A control plane is also essential to permit common system management. Firewall Nodes The firewall nodes contain a network interface card for every network input and control plane. This design implements the firewall nodes as PCs running the Linux operating system with a kernel that supports iptables. It must be stated that iptables was selected for an profitable feature of provisional rule dispensation. By default there are built-in sets of policies called chains divided by whether they hold traffic bound for procedures pay attention on local input devices, proposed for routing throughout the system to another network or outbound and supplied from a local procedure. In addition iptables has support for user defined chains. The user defined chains can be called if a packet matches a rule in a sequence. Packet Duplicator Packet Duplicator is essential on all links which will input traffic into the system. In Ethernet networks packet duplication is easily achieved with a network hub because any packets arriving on a hub port are copied to all other hub ports. But, in high speed networks hub technology is not presented. The only available devices in high speed networks to attain duplication are network taps. These devices are used for duplicating network traffic, usually used in intrusion detection systems that necessitate network monitoring. Control Plane In a single firewall system, protected customer communication can be offered through the prerequisite of physical existence. To generate a protected technique of management, communication to the collection of firewall nodes can be quarantined on a separate control plane. In the simplest form this entails a separate subnet which all firewall nodes survive on. Component Integration Joining these components into a functional design can be cut down into two network representations. The first utilizes simply one packet duplicator and can simply offer protection for traffic from one source. The second topology allows two networks to communicate bi-directionally through the system. One-Directional System This technique only thinks about packets traveling in one direction; for example, only packets are moving from source to destination. The collection of firewall nodes use the same IP address and MAC address and all will take the incoming network interface card in immoral mode. All but one firewall node will allow existing networking equipment outside of the system to cooperate with no alterations. The firewall node which does respond to user requirements can also be permitted to respond to ICMP ping requests in order to formulate the system additional compatible. For the outgoing network interface cards, any IP or MAC can be used as long as it permits communication with the destination. Bi-directional System The Bi-directional system considers packets moving in both directions; for example, packets traveling from source to destination and then back to source. Set
Subscribe to:
Posts (Atom)