Embodied context models and an approach to re-using context-aware middleware

Dahlem, David C.P.

15 April 2008

This thesis develops a generalized approach for decoupling how a context model is defined and executed from how context-aware data is acquired and managed within a given middleware system. Decoupling the model specification from the data will likely provide more avenues of context-aware investigations due to an increased flexibility in the choice of a middleware system for handling context data. We provide a detailed description of the approach developed for this decoupling task, called Inspect, Adapt, Model, and Integrate (IAMI). By engaging the steps we show that a context model need not be specifically tied to a given context-aware middleware. This successful decoupling will likely add to the future development of context-aware systems by allowing researchers to build upon existing frameworks as opposed to repeatedly engaging in ground-up development. Moreover, we submit that this decoupling is important in that the number of possible ways of representing and expressing a context model is potentially infinite, but the choice of context-aware middleware systems is limited.

context-aware

ubiquitous computing

context model

Content-aware visualizations of audio data in diverse contexts

Ness, Steven

17 December 2009

The visualization of the high-dimensional feature landscapes that are encountered when analyzing audio data is a challenging problem and is the focus of much research in the field of Music Information Retrieval. Typical feature sets extracted from sound have anywhere from dozens to hundreds of dimensions and have complex interrelationships between data elements. In this work, we apply various modern techniques for the visualization of audio data to a number of diverse problem domains, including the bioacoustics of Orcinus Orca (killer whale) song, partially annotated chant traditions including Torah recitation and the the analysis of music collections and live DJ sets. We also develop a number of graphical user interfaces to allow users to interact with these visualizations. These interfaces include Flash-enabled web applications, desktop applications, and novel interfaces including the use of the Radiodrum, a three-dimension position sensing musical interface.

music information retrieval

content-aware visualizations

Intrusion Alert Analysis Framework Using Semantic Correlation

Ahmed, Sherif Saad

29 October 2014

In the last several years the number of computer network attacks has increased rapidly, while at the same time the attacks have become more and more complex and sophisticated. Intrusion detection systems (IDSs) have become essential security appliances for detecting and reporting these complex and sophisticated attacks. Security officers and analysts need to analyze intrusion alerts in order to extract the underlying attack scenarios and attack intelligence. These allow taking appropriate responses and designing adequate defensive or prevention strategies. Intrusion analysis is a resource intensive, complex and expensive process for any organization. The current generation of IDSs generate low level intrusion alerts that describe individual attack events. In addition, existing IDSs tend to generate massive amount of alerts with high rate of redundancies and false positives. Typical IDS sensors report attacks independently and are not designed to recognize attack plans or discover multistage attack scenarios. Moreover, not all the attacks executed against the target network will be detected by the IDS. False negatives, which correspond to the attacks missed by the IDS, will either make the reconstruction of the attack scenario impossible or lead to an incomplete attack scenario. Because of the above mentioned reasons, intrusion analysis is a challenging task that mainly relies on the analyst experience and requires manual investigation. In this dissertation, we address the above mentioned challenges by proposing a new framework that allows automatic intrusion analysis and attack intelligence extraction by analyzing the alerts and attacks semantics using both machine learning and knowledge-representation approaches. Particularly, we use ontological engineering, semantic correlation, and clustering methods to design a new automated intrusion analysis framework. The proposed alert analysis approach addresses many of the gaps observed in the existing intrusion analysis techniques, and introduces when needed new metrics to measure the quality of the alerts analysis process. We evaluated experimentally our framework using different benchmark intrusion detection datasets, yielding excellent performance results. / Graduate

Intrusion Detection

Semantic Correlation

Ontology

Context-Aware Security

Alert Aggregation

Alert Verification

Rule Induction

Clustering

Classification

Resultatinriktad individualisering i skolans inre arbete : En grundad teori om utvecklingssamtal, skriftliga omdömen och individuella utvecklingsplaner på grundskolans högstadium / Result-oriented individualization in schools' internal work : A grounded theory of personal development dialogues, written assessments and individual development plans in Swedish secondary school

Höstfält, Gabriella

January 2015

The aim of this study is to generate a grounded theory that explains the content of teachers' and students' work with personal development dialogues and individual development plans using written assessments, all regulated in the national result-oriented curriculum for the Swedish compulsory school. Two secondary schools participated and data was collected on two occasions. Data consists of recorded personal development dialogues, which are informed by written assessments, and copies of the individual development plans written as a conclusion stating agreements between the teacher and student. All data was continuously compared and analyzed by using a grounded theory method. Underpinning the study are the premises of pragmatic philosophy and transactional theory that are assumed to shape the focus of the grounded theory approach and hence of teacher and student transactional strategies. It is argued that teachers' and students' primary concern is to establish result-oriented individualization. This is a means for cooperation in a mutual endeavor to establish improved results, guided by the phases of visible accountability and responsible awareness. By using strategies for planning, guiding, auditing and reflecting, new ways of managing individualization are developed. It is also suggested that a new professional approach has been developed, where teachers and students work in collaborative teams, continuously focusing on improving student results.

Result-orientated individualization

national curriculum

grounded theory

visualizing accountability

being aware of responsibility

The Museum Explorer: User Experience Enhancement In A Museum

2014 December 1900

A learner in an informal learning environment, such as a museum, encounters various challenges. After initial assessment, a set of methods were proposed that may enhance a learner’s experience in a museum using computer aided technologies. The most important insight was the need to support the museum visitor in three phases of activity: prior to the visit, during the visit, and after the visit. We hypothesized that software tools that could help connect these three phases would be helpful and valuable supports for the visitor. To test and evaluate our hypothesis, a system called “The Museum Explorer” was built and instantiated using the collection in the Museum of Antiquities located at the University of Saskatchewan. An evaluation of the Museum Explorer was conducted. Results show that the Museum Explorer was largely successful in achieving our goals. The Museum Explorer is an integrated solution for visitors in museums across the pre-visit, visit, and post-visit phases. The Museum Explorer was designed to provide a means to connect and transfer user experience across the major phases of a museum visit. For each phase of a visitor’s experience, a set of tools was built that provides intelligent and interactive communication features. To assist visitors selecting artefacts to visit, a recommender system allows users to select a set of constraints. To better manage interactivity, features and functions were offered based on context. A study was conducted with volunteer museum visitors. Results from the study show that the Museum Explorer is a useful support. Analysis of the usage data captured by the Museum Explorer has revealed some interesting facts about users’ preferences in the domain that can be used by future researchers.

museum

user experience enhancement

informal learning

recommender system

context aware system

An Intelligent Sensor Management Framework for Pervasive Surveillance

Hilal, Allaa

22 April 2013

The nature and complexity of the security threats faced by our society in recent years have made it clear that a smart pervasive surveillance system constitutes the most effective cure, as it presents a conducive framework for seamless interaction between preventative capabilities and investigative protocols. Applications such as wild-life preserve monitoring, natural disaster warnings, and facility surveillance tend to be characterized by large and remote geographic areas, requiring large numbers of unattended sensor nodes to cover the volume-of-interest. Such large unattended sensor networks add new challenges as well as complicate the system management problem. Such challenges can be in the form of distributed operation with collaborative decision making, adaptive performance, and energy-aware strategies, to name a few. To meet the challenges of these mission-critical applications, the sensor system must exhibit capabilities such as heterogeneous and self-organized behaviour, data and information fusion, and collaborative resources control and management. Sensor Management (SM) refers to the process that plans and controls the use of the sensor nodes in a manner that synergistically maximizes the success rate of the whole system in achieving the goals of its mission in assessing the situation in a timely, reliable, and accurate fashion. Managing heterogeneous sensors involves making decisions and compromises regarding alternate sensing strategies under time and resource availability constraints. As a result, the performance of the collective sensors dictates the performance of the entire system. Consequently, there is a need for an intelligent Sensor Management Framework (SMF) to drive the system performance. SMF provides a control system to manage and coordinate the use of sensing resources in a manner that maximizes the system success rate in achieving its goals. An SMF must handle an overwhelming amount of information collected, and adapt to the highly dynamic environments, in addition to network and system limitations. This thesis proposes a resource-aware and intelligent SMF for managing pervasive sensor systems in surveillance context. The proposed SMF considerably improves the process of information acquisition by coordinating the sensing resources in order to gather the most reliable data from a dynamic scene while operating under energy constraints. The proposed SMF addresses both the operation of the coordination paradigm, as well as, the local and collaborative decision making strategies. A conceptual analysis of the SM problem in a layered structure is discussed to introduce an open and flexible design framework based on the service-oriented architecture to provide a modular, reusable, and extendable framework for the proposed SMF solution. A novel sensor management architecture, called Extended Hybrid Architecture for Sensor Management (E-HASM), is proposed. E-HASM combines the operation of the holonic, federated, and market-based architectures in a complementary manner. Moreover, a team-theoretic formulation of Belief-Desire-Intention (BDI), that represent the E-HASM components, is proposed as a mechanism for effective energy-aware decision making to address the local sensor utility. Also, intelligent schemes that provide adaptive sensor operation to the changes in environment dynamics and sensor energy levels are designed to include adaptive sleep, active sensing, dynamic sensing range, adaptive multimodality, and constrained communication. Furthermore, surveillance systems usually operate under uncertainty in stochastic environment. Therefore, this research formulates the collaborative decision-making entities as Partially Observable Markov Decision Processes (POMDP). To increase the tracking quality and the level of the information reliability, cooperation between the sensors is adopted, which adds an extra dimension in the design of the proposed SMFs. The propose SMF is implemented using the Jadex platform and is compared to the popular centralized architecture. The results illustrate the operation of the proposed SMF outperforms in terms of tracking quality, detection rate, energy consumption, network lifetime, and scalability.

Sensor Network

Distributed Sensor Management

Energy-aware operation

Electrical and Computer Engineering

Mechanisms for coordinated power management with application to cooperative distributed systems

Nathuji, Ripal

12 June 2008

Computing systems are experiencing a significant evolution triggered by the convergence of multiple technologies including multicore processor architectures, expanding I/O capabilities (e.g., storage and wireless communication), and virtualization solutions. The integration of these technologies has been driven by the need to deliver performance and functionality for applications being developed in emerging mobile and enterprise systems. These accomplishments, though, have come at the cost of increased power and thermal signatures of computing platforms. In response to the resulting power issues, power centric policies have been deployed across all layers of the stack including platform hardware, operating systems, application middleware, and virtualization components. Effective active power management requires that these independent layers or components behave constructively to attain globally desirable benefits. Two choices are (1) to tightly integrate different policies using negotiated management decisions, and (2) to coordinate their use based on the localized policy decisions that are already part of modern computer architectures and software systems. Recognizing the realities of (2), the goal of this thesis is to identify, define, and evaluate novel system-level coordination mechanisms between diverse management components that exist across system layers. The end goal of these mechanisms, then, is to enable synergistic behaviors between management entities, across different levels of abstraction, and across different physical platforms to improve power management functionality. Contributions from this work include operating system level mechanisms that dynamically capture workload behavior thereby enabling power efficient scheduling, and system descriptor mechanisms that allow for improved workload allocation and resource management schemes. Finally, observing the strong need for coordination in managing virtualized systems due to the existence of multiple, independent system layers, a set of extensions to virtualization architectures for effectively coordinating VM management in datacenters are developed.

Power-aware systems

Virtualization

Energy efficiency

Power management

Energy consumption

Energy conservation

Computer systems

Visual place categorization

Wu, Jianxin

06 July 2009

Knowing the semantic category of a robot's current position not only facilitates the robot's navigation, but also greatly improves its ability to serve human needs and to interpret the scene. Visual Place Categorization (VPC) is addressed in this dissertation, which refers to the problem of predicting the semantic category of a place using visual information collected from an autonomous robot platform. Census Transform (CT) histogram and Histogram Intersection Kernel (HIK) based visual codebooks are proposed to represent an image. CT histogram encodes the stable spatial structure of an image that reflects the functionality of a location. It is suitable for categorizing places and has shown better performance than commonly used descriptors such as SIFT or Gist in the VPC task. HIK has been shown to work better than the Euclidean distance in classifying histograms. We extend it in an unsupervised manner to generate visual codebooks for the CT histogram descriptor. HIK codebooks help CT histogram to deal with the huge variations in VPC and improve system accuracy. A computational method is also proposed to generate HIK codebooks in an efficient way. The first significant VPC dataset in home environments is collected and is made publicly available, which is also used to evaluate the VPC system based on the proposed techniques. The VPC system achieves promising results for this challenging problem, especially for important categories such as bedroom, bathroom, and kitchen. The proposed techniques achieved higher accuracies than competing descriptors and visual codebook generation methods.

Place categorization

Visual representation

Robot vision

Mobile robots

Context-aware computing

Intelligent control systems

Secure, privacy assured mechanisms for heterogeneous contextual environments

Vasanta, Harikrishna

January 2006

Location information is used to provide a diverse range of services to users such as emergency, navigation, billing, security, information and advertising services. This information is derived from a broad range of indoor and outdoor technologies. The location information thus derived is of different granularity, different co-ordination system and is controlled by numerous service providers. In addition to this, broad selections of devices are used for providing these services. Having a diverse range of applications requiring location information at different levels of granularity, the need to export location information across multiple devices and the existence of different location determination technologies necessitates the need for heterogeneous location network. These networks derive location information from multiple sources and provides various location-based services to users irrespective of the medium, device or technology used. Security, user privacy and management of location information are some of the important issues that need to be addressed. The main contribution of this thesis is the design of a secure and privacy assured heterogeneous location architecture. A formal methodology was chosen to design the heterogeneous location architecture. The design of the architecture resulted in a novel key distribution protocol and a model for information flow that can be easily encapsulated into applications or architectures having similar requirements. The research also resulted in the enhancement of a proposed location framework for securing critical infrastructures using context-aware self-defending objects. The proposed enhanced framework helps to negate the security vulnerabilities introduced through the use of general-purpose computer systems in critical infrastructures.

heterogeneous location networks

context aware computing

pervasive computing

ubiquitous computing

secure system design

network security

Engineering Trusted Location Services and Context-aware Augmentations for Network Authorization Models

Wullems, Christian John

January 2005

Context-aware computing has been a rapidly growing research area, however its uses have been predominantly targeted at pervasive applications for smart spaces such as smart homes and workplaces. This research has investigated the use of location and other context data in access control policy, with the purpose of augmenting existing IP and application-layer security to provide fine-grained access control and effective enforcement of security policy. The use of location and other context data for security purposes requires that the technologies and methods used for acquiring the context data are trusted. This thesis begins with the description of a framework for the analysis of location systems for use in security services and critical infrastructure. This analysis classifies cooperative locations systems by their modes of operation and the common primitives they are composed of. Common location systems are analyzed for inherent security flaws and limitations based on the vulnerability assessment of location system primitives and the taxonomy of known attacks. An efficient scheme for supporting trusted differential GPS corrections is proposed, such that DGPS vulnerabilities that have been identified are mitigated. The proposal augments the existing broadcast messaging protocol with a number of new messages facilitating origin authentication and integrity of broadcast corrections for marine vessels. A proposal for a trusted location system based on GSM is presented, in which a model for tamper resistant location determination using GSM signaling is designed. A protocol for association of a user to a cell phone is proposed and demonstrated in a framework for both Web and Wireless Application Protocol (WAP) applications. After introducing the security issues of existing location systems and a trusted location system proposal, the focus of the thesis changes to the use of location data in authorization and access control processes. This is considered at both the IP-layer and the application-layer. For IP-layer security, a proposal for location proximity-based network packet filtering in IEEE 802.11 Wireless LANs is presented. This proposal details an architecture that extends the Linux netfilter system to support proximity-based packet filtering, using methods of transparent location determination through the application of a pathloss model to raw signal measurements. Our investigation of application-layer security resulted in the establishment of a set of requirements for the use of contextual information in application level authorization. Existing network authentication protocols and access control mechanisms are analyzed for their ability to fulfill these requirements and their suitability in facilitating context-aware authorization. The result is the design and development of a new context-aware authorization architecture, using the proposed modifications to Role-based Access Control (RBAC). One of the distinguishing characteristics of the proposed architecture is its ability to handle authorization with context-transparency, and provide support for real-time granting and revocation of permissions. During the investigation of the context-aware authorization architecture, other security contexts in addition to host location were found to be useful in application level authorization. These included network topology between the host and application server, the security of the host and the host execution environment. Details of the prototype implementation, performance results, and context acquisition services are presented.

Pervasive

ubiquitous

authorization

access control

location

trusted location

context

context-aware

network security