STUDENT ATTENDANCE SYSTEM USING WI-FI DIRECT AND TEMPORARY WI-FI HOTSPOT

Manual attendance recording throws away a lot of teaching and administration time from the university. Research on automatic attendance recording that has been done can be divided into biometrics and non-biometrics uses. Almost all methods require additional device that it is costly and inflexible for class changes. The proposed method solves the problems by utilizing the standard features of smartphones that are owned by all student, this method uses Wi-Fi direct for class broadcasting process and temporary Wi-Fi hotspot for verification process. The experimental results show that the proposed method produces the time needed for the initialization process is 14,980 ms and the verification process is 3,640 ms


Introduction
The number of attendance is one of the factors that determine success in the lecture process [1].The attendance recording process is generally carried out by giving a signature on the attendance sheet that was provided during the lecture.This process wastes lecture time, assume that each student needs 30 seconds to fill in the attendance list, the class with 30 students will need 900 seconds or 15 minutes, if multiplied by 16 meetings each semester, then the time wasted per class is 4 hours or equivalent to more than 1 meeting.Manual recording also requires data entry to the system where if each meeting takes 1 minute to enter data, then the total time needed is almost 4.4 days for 400 classes.
Automatic attendance recording can be divided into two groups based on the media used for authentication.The first group used biometrics as an authentication medium by using parts of the body that were matched with data that had been previously registered, the advantage of this method is that the user does not need to carry other objects to authenticate other than himself.The second group uses media that facilitates user authentication, such as RFID tag, QR code, barcode, smartphone, access point, beacon.
The most popular media owned by students is smartphones, according to an anonymous volume 13, issue 1, February 2020 survey that conducted on 400 students, 85.3% of students had 1 smartphone, 13.2% had 2 smartphones, and 1.5% had more than 2 smartphones.From a scale of 1 -5 with the largest value indicating more important, the level of importance of smartphones is at level 5 (52.4%), 4 (33.9%), 3 (12.7%), 2 (1%).Furthermore, whether students will entrust their smartphone to friends for more than 2 hours to register attendance obtain results of 1.25% trust their friend and 98.75% is the opposite, most of them due to privacy concern.
From the survey above, smartphones have become basic needs of students and can be used as a media for verification of attendance because every student has it.In this paper, a method to verifying attendance is proposed using 2 types of smartphone's Wi-Fi, namely Wi-Fi direct for the initialization process and Wi-Fi hotspot for the verification process, there is no need for additional devices so no initial cost for implementation, flexible because we can change classrooms without additional effort, this method can also work even though there is no internet connection on the student side.

Related Work
Recent years, several attendance verification methods have been proposed and developed.Attendance recording using biometrics has advantages over the other methods because it can ensure that user is present in the classroom.All types of biometrics can be used to authenticate users including fingerprint, face, iris, hand geometry, ear, palm print, palm vein, speech, signature [2].
The most commonly used biometric for attendance recording is fingerprint.Portable microcontroller equipped with fingerprint sensor is used to retrieve fingerprint data [3][4][5], this device contains registered fingerprint data and attendance records are transferred to the computer for further processing via usb or sd card.This microcontroller can be equipped with communication module such as GSM module, Wi-Fi module or LAN module so it can communicate with server that allow data to be integrated and accessed through mobile applications [6].
Face recognition requires a camera placed at the entrance [7], front of the classroom [8][9][10], or using smartphone camera [11], it is also possible to combine other media to narrow the scope of face recognition so that it only compares with certain users [12][13].In [13] student can record their attendace using their smartphone by scanning the QR Code on the monitor in front of the class and capturing their face, this solution only works if student connected in a university Wi-Fi network.
In general, the steps that must be taken in attendance recording using biometrics are data retrieval, pre processing, feature extraction, matching.Combination of microcontrollers and sensors is also found in biometrics using iris, where the eye sensor is combined with a microcontroller connected to a PC using a wireless module [14] or using a webcam connected to the PC [15][16], the latter method is also used in biometric using ear [17] or using palm vein [18] where photos taken with the camera [17] or infrared camera [18] are processed on a connected PC.
QR code and barcode are examples of attendance recording without using biometrics, codes generated by the system is then scanned using the reader [19] or the application on the lecturer smartphone [20][21].Smartphone add flexibility to attendance recording methods, eliminate queues when processing attendance using a reader or done by the lecturer, by using a smartphone, students can authenticate themselves.
Bluetooth beacons are placed in certain positions in the class so the system can determine the position of the student [22][23], student use their smartphone scaning for available beacons in the class then submit data to the server, the data that is broadcasted can also contain secret codes to improve system security [24].
Another method that uses the features available on all smartphones is via Wi-Fi, the student's position can be detected through Wi-Fi signal strength received by the student's device [25], user authentication can also be done by detecting the mac address of the student connected to the access point [26].By giving the ssid names with an encrypted token, the limit of users who can connect to access points can be removed because student device do not need to be connected to the access point in order to be authenticated [27].
Almost all methods in previous research require additional devices for implementation such as microcontrollers, sensors, smartphones with specific specifications.Our proposed method eliminate the costs needed for the implementation of the attendance recording system but still maintains the ease of use, flexibility because we can change classrooms without additional effort and validity of student attendance verification by limiting the distance of students from the lecturer.D.S. Pambudi, et. al., Student Attendance System using Wi-Fi Direct and Temporary Wi-Fi Hotspot 3

Proposed Method
Our proposed method uses 2 types of Wi-Fi which is Wi-Fi direct as broadcast medium and temporary Wi-Fi hotspot as authentication medium.We do not use standard Wi-Fi direct but we use Wi-Fi direct service, standard Wi-Fi direct cannot contain additional information.The flow of attendance recording process can be seen in Figure 1, the proposed method divided into two steps, initialization process and verification process, all process run without user intervention.The initialization process consists of several steps to prepare the verification process by sharing hotspot credential used in the verification process.This process starts when lecturer presses the start button on the selected course in the application then the application broadcasts the selected class.On the other hand, the student choose the available class by pressing the attendance button, where the list of available classes is the class that matches the list taken by the student and the class being broadcasted by the lecturer.The student application provides response to selected class by broadcasting encrypted credential from temporary Wi-Fi hotspot that has been created.On the lecturer side, after broadcasting class data, the application creates a listener to listen for attendance recording request, when the request is received then the application decrypts the credential information.Both broadcasting processes use Wi-Fi Direct Service.
The verification process is used to check whether the application connected to the lecturer is a legitimate or not.The lecturer application connects to the Wi-Fi hotspot with the credentials obtained from the previous step.When the application is connected to the Wi-Fi hotspot, the lecturer application sends a challenge code that must be answered by the student application, if the answer is correct then the student is considered to be present at the lecture.Reverification process can be added after random time to improve validity and reduce attempts to attack using Wi-Fi / radio waves properties (range and penetrating object) or to prevent students from leaving class after recording attendance.

Why Wi-Fi
The main focus of the proposed method is to maximize flexibility and minimize costs while still maintaining the security and validity of the verification process, the process must also be as easy as possible without user intervention.We try to eliminate the need for additional devices that must be installed in each classroom, causing some methods impossible to implement, therefore the possible method to use is Bluetooth, Wi-Fi, 2D code (QR code or barcode), NFC phone and GPS.We remove web and mac address-based methods because it is difficult to limit the user's location without additional devices or efforts.
Flexibility means how the attendance verification process can adapt to a variety of changes, such as changing classrooms and changing schedules, consider that the university has at least dozens of classrooms and some have hundreds or thousands, it is also possible to teach outside the classroom.
2D code has a security hole where students can take photos and send to friends who are not in class, while NFC phone is less popular because only mid-upper tier phones are equipped with these feature so the only available options are Bluetooth and Wi-Fi.The GPS-based method is ignored because it is very easy to spoof the device location with fake gps application and it is hard to get a GPS signal inside the building.Likewise when the location has been obtained it will be difficult to determine on which floor the user is due to GPS altitude error always bigger than horizontal error [28][29].
Bluetooth is better at limiting user's distance because smartphone's bluetooth (category 2) has maximum range of 10 meters, while smartphone's Wi-Fi have a maximum range of 100 meters.Bluetooth also has an advertising feature on bluetooth LE supported devices but only latest smartphone is supported.Bluetooth and Wi-Fi direct need paired device to make a connection.It is very easy to pair two devices, user only need to tap the pair button in the popup dialog but if we multiply that action with number of students then it becomes an inconvenience.Temporary Wi-Fi hotspot is the solution for the previous problem.Wi-Fi direct services are used to broadcast initial information and Wi-Fi hotspots are used to establish connection for the verification process.

Encryption Key
For every class taken by students the system will create different encryption keys stored on the server.This key is used to encrypt the credential of the temporary Wi-Fi hotspot during the initialization process, key consists of random character k with minimum length n multiply by number of academic week w that reflects the number of lectures that must be recorded as seen in equation 1. Figure 2 show example of generated key with n = 8, the first 8 characters is key for academic week 1 and so on, 8 characters is certainly not a safe key, here is only used as an example.In the explanation above all encryption keys are generated at the same time, this is to accommodate students do not have an internet connection, so only need an internet connection to download all keys only once at the beginning of the semester, a safer approach is to generate the key needed during the initialization process.Keys are obtained by the lecturer application during the initialization process by downloading all the keys from the server for the course in that week which is used by students who are members of the class.In addition to the encryption key also requires a challenge code that is random characters that have sufficient length (more than or equal to klength).

Initialization Process
Before the initialization process starts, the lecturer and student must tap the start button.The lecturer application will create Wi-Fi direct service contain information such as action, class code and week number wi, the latter data correlates with the key used during the encryption process.Broadcast data can be modified as needed but it is better to keep the data to a minimum, according to specification, the best size for txt record is below 200 bytes, but it can hold up to 1,300 bytes [30], Silvennoinen also conducted tests using several devices and obtained approximately 900 bytes of data sent [31].Figure 3 contains an example of data broadcast by the lecturer application, line 1 is action data contains information about the current state, init means the application is receiving a request for verification, the next line is class code which is the unique code of the selected class, while the last is current week number information.The student application starts service discovery and listens to services with init action and contain class code that have been taken by the student, if the application finds the service then the application creates a Wi-Fi direct service with data containing action, class code, student code, hotspot name, user name, password, we combine and encrypt student code and data after that with encryption key wi, at the same time the application creates a temporary hotspot with the same access.Figure 4 is an example of data broadcast by the student application, the first line is the state of the action, where the example shows that it is requesting a verification process.Action is important because Wi-Fi Direct receives all data broadcast by any device.Therefore, we need data that can be used to distinguish between devices.On the other hand, the lecturer application starts the process of discovering Wi-Fi direct services that match the class code and have verification action.When finding the appropriate service, the application decrypts the combined data to connect to the hotspot created by student application using key wi.

Verification Process
This step is very simple but very important in this method because it eliminates the security hole from the previous step, when the initialization process read the broadcast data, it cannot ensure that the data is sent by a legitimate user.Figure 5 shows how students can be verified without being in the classroom, this looks rather complicated, but with simple client-server program (h1 and h2) it can be easily done.
The student 1 who attends the lecture sends Wi-Fi direct data scanned to the student 2 using h1 who is outside the class or even at home, the student 2 application (h2) then creates identical Wi-Fi direct service with the data provided.The Official student application will respond by creating a service for verification, this service information is forwarded by h2 to replicate the same service for verification with the official lecturer application.Therefore, the proposed method use a challenge code to verify student attendance, challenge code is a random character with fix length created after encryption key generation.
The verification process starts with the lecturer application connect to the Wi-Fi hotspot using connection parameters decrypted from the previous step, then the application sends a challenge code to the student application which must be replied with the correct answer in order to get verified, data sent from both the lecturer and student application must be encrypted with key wi.The lecturer application can find out the challenge code because when making an encryption key request, the server also provides a challenge code along with the answer.

Experiment and Analysis
Non-biometric method do not require an accuracy test because as long as the data can be read, we can identify who the user is.In this experiment we measured the time required from the attendance recording process.

Time Measurement
The time required by this method according to Figure 1 is divided into 2 processes which is initialization and verification, the initialization process is done simultaneously while the verification process are done one by one, we ignored time to challenge because it is not significant.
The advantage of using Wi-Fi is Wi-Fi direct and Wi-Fi hotspot can be used together, so we use 2 separate processes that run together.As we can see in Figure 6 verification process is done one by one, so that it will wait for the previous verification to be completed before it can proceed to the other students.
If we assume that the initialization time ends at the same time, then the time needed for attendance recording can be seen in equation 2, where ti is initialization time and tv is verification time.

Experiment
In this experiment, time measurements were taken from 7 devices to detect Wi-Fi direct and connect Wi-Fi hotspot compared to distance, both tested without obstacles and through the wall.
Table 1 shows that distance does not affect Wi-Fi direct detection time, as long as the Wi-Fi direct signal is still within range, the data from Wi-Fi direct can still be received.The time above is for measuring the broadcast from lecturer to student, from there it can be estimated that the    The next experiment measured the time needed to connect to the Wi-Fi hotspot.The results of Table 3 and Table 4 can be concluded that the average time needed increases if passes through the wall, but in contrast to the two previous experiments, it still can be received within range that failed with he previous experiment.The maximum time needed to connect to the Wi-Fi hotspot in experiments 3 and 4 is 3,640 ms and 9,610 ms   Experiments by passing through the wall is done to determine the maximum limit of distance that can be detected and how fast the connection is, if the distance is too far then student can intentionally not be in class but try to do attendance recording.Table 2 shows the maximum distance 11 meters for the connection to run smoothly.This distance can ensure students are in the classroom because the size of the classroom is most likely exceeds that distance.We also test how far the signal from the Wi-Fi hotspot can be detected with a result of 20 meters.
From the experiment above, the estimated time needed for attendance recording if the class contains 30 students is: 2 x 7,490 + 30 x 3,640 = 124,180 ms = 125 s Manual attendance system average execution time for 30 students is approximately 900 seconds or 15 minutes as against 125 seconds for the proposed system.It can be shown from the illustration of the attendance calculation above and thus, it can be seen that the system using wi-fi direct is better and faster than the use sheets of paper.

Graphical User Interface (GUI)
The Graphical User Interfaces (GUI's) of the proposed system shown in Figure 7-8.Figure 7 illustrates the proposed system application interface for the lecturer side, while Figure 8 illustrate the system application interface for students.Figure 7 (left) shows the interface of the courses list taught by the lecturer.Lecturer can choose the course to be taught, then the lecturer will be taken to the next interface Figure 7 (right) where the details of the course and 'Open Absensi' button will be displayed.Figure 7 (right) also shows the update students' name list which have been successfully attended class after lecturer clicked 'Open Attendance' button (this button changes to 'Close Attendance' when clicked).
Figure 8 (left) shows the list of the classes currently open and also shows the class information and 'Attend' button for student to start attending the selected class (right picture).An updated list of student names that have been recorded for attendance validation will be displayed on the lecturer interface Figure 7 (right).

Conclusion
This paper proposes a method of automatic attendance recording which is divided into initialization process using Wi-Fi direct and verification process using Wi-Fi hotspot.The initialization process works by broadcasting class data by the lecturer smartphone which is responded to by student data and encrypted temporary Wi-Fi hotspot access by student smartphone.Attendance forgery can be eliminated by verifying students connected via temporary hotspot with challenges in the form of unique codes that have been prepared for each class meeting.From the results of the experiment it can be seen that the time needed for the initialization process is 14,980 ms while the time for the verification process is 3,640 ms, with this results it is estimated that the time needed to complete attendance recording for class of 30 students is 125 seconds.

Figure 1 .
Figure 1.Flow of the proposed method

Figure 2 .
Figure 2. Example of generated key with n = 8

init 1AB670F9 2 Figure 3 .
Figure 3. Example data broadcast by the lecturer application

Figure 4 .
Figure 4. Example data broadcast by the student application

Figure 5 .
Figure 5. Flow of how to be verified without being in classroom

6 Jurnal Ilmu Komputer dan Informasi (Journal of Computer Science and Information), volume
13, issue 1, February 2020 time needed by the initialization process is 2 times from the time above.The maximum time for this first experiment is 7,490 ms.

Table 2
measures how the effect from the wall on detection time and range, the results obtained indicate that the presence of a wall affects the received signal, the results of the experiment show the number of devices that cannot detect Wi-Fi Direct signals exceeding the results of previous experiments.The maximum time for this second experiment is 14,085 ms.