Facial identification from online images for use in the prevention of child trafficking and exploitation

Liu, C. Y. J.

January 2018

Every year, an estimated 1.2 million children are trafficked (International Labour Office, 2002). The National Center for Missing & Exploited Children (NCMEC) received a 432% increase in child sexual abuse images for the purposes of identification between 2005 and 2009 (U.S. Department of Justice, 2010), and they assisted in the identification of 2,589 victims related to indecent images of children in 2015 (NCMEC, 2015a). In relation to the vast number of images received, machine-based facial recognition could help law enforcement and other organisations to match faces more efficiently. The use of facial recognition technology has become more popular within our society, but where rapid juvenile growth changes facial features recognition is challenging, especially for children under 15 years of age with changes to the outer contour of the face (Ramanathan and Chellappa, 2006). The challenge not only relates to the growth of the child's face, but also relates to face recognition in the wild with unconstrained images. This study aims to provide an open-access database of facial images, documenting the different stages of facial growth from numerous individuals from birth to 19 years of age. There are currently very limited longitudinal databases available for the research community, and the collection of this database will benefit all researchers who wish to study age progression and facial growth. Ferguson (2015) suggested that facial recognition algorithms can perform better than humans in the identification of faces of children. Experiment 1 of this research takes a further step to explore how the difference in age group and age gap can affect the recognition rate using various facial recognition software, and explores the possibilities of group tagging. Results indicated that the use of multiple images is beneficial for the facial identification of children. Experiment 2 explores whether age progression work could further improve the recognition rate of juvenile faces. This study documents the workflow of a new method for digital manual age progression using a combination of previously published methods. The proposed age progression method for children recorded satisfactory levels of repeatability with facial measurements at the Nasion (n) and Trichion (tr) showing the most inaccuracy. No previous studies have tested how different conditions (i.e. blurring, resolution reduction, cropping and black and white) can affect machine-based facial recognition nor have they explored the relationship between age progression images and facial recognition software. The study found that reduction of the resolution of an age progression image improves automated facial recognition for juvenile identification, and manual age progressions are no more useful than the original image for facial identification of missing children. The outcome of this research directly benefits those who practice facial identification in relation to children, especially for age progression casework.

004

Self-reconfigurable, intrusion-tolerant, web-service composition framework

Khani, Shahedeh

January 2018

The Internet has provided an opportunity for businesses to offer their services as Web Services (WSs). WSs are used to implement Service Ori-ented Architecture (SOA). They enable composition of independent services with complementary functionalities to produce value-added services, which results in less development effort, time consumption and cost, enabling com-panies and organizations to implement their core business only and out-source other service components over the Internet, either pre-selected or on-the-fly. Simple Object Access Protocol (SOAP) based WSs are at risk of se-curity vulnerabilities related to their specific implementation technologies such as Extensible Markup Language (XML) as well as those of their under-lying platforms (e.g., operating systems and frameworks) and their applica-tions (e.g., vulnerability to SQL Injection attacks). Cyber-attacks on WSs may cause unavailability, loss of confidentiality and/or integrity as well as signifi-cant monetary penalties. Security issues become more challenging when Off-The-Shelf Web Services (OTSWSs) are used since they are beyond the con-trol of their clients. The central question underlying this work is: Can a self-reconfigurable Intrusion-Tolerant Web Ser-vice, implemented using N-version programming and diversity formed by composing Off-The-Shelf Web Services that are selected through penetration testing, Principal Component Analysis, and Cluster Analysis process-es mitigate XML-related security vulnerabilities? While aiming to answer the above question, this dissertation presents a novel framework to increase dependability by constructing an Intrusion-Tolerant Web Service (ITWS) in which N-version programming and diversity, formed by composing SOAP-OTSWSs, is used. It describes how penetration testing can be used as a measure of security vulnerabilities of available SOAP-OTSWSs (that offer the required functionality) and the resultant ITWS, how Principal Component Analysis (PCA) and Cluster Analysis (CA) and be utilized to group the SOAP-OTSWSs based on their security vulnerabilities diversity and how a further penetration testing on each group of diverse SOAP-OTSWSs can be used to select the optimal set (most secure among the groups) for construction of ITWS. This dissertation also demonstrates how the dynamic reconfiguration of ITWS, created in Business Process Engineering Language (BPEL), can be enabled using a combination of BPEL constructs and Java as BPEL exten-sion approach and using only Java as BPEL extension approach. The novelty of the work presented in this dissertation is twofold. On the one hand, it is security informed and on the other hand, it demonstrates the use of Java (as BPEL 2.0 extension) to implement self-reconfigurable composite WS. It has the advantage of, at the same time, facilitating a de-pendable service to users and exploiting existing standard technologies. This work also assesses the effectiveness of the proposed solutions through vari-ous case studies and discusses the implications of the proposed framework.

004

An integrated network-based mobile botnet detection system

Meng, Xim

January 2018

The increase in the use of mobile devices has made them target for attackers, through the use of sophisticated malware. One of the most significant types of such malware is mobile botnets. Due to their continually evolving nature, botnets are difficult to tackle through signature and traditional anomaly based detection methods. Machine learning techniques have also been used for this purpose. However, the study of their effectiveness has shown methodological weaknesses that have prevented the emergence of conclusive and thorough evidence about their merit. To address this problem, in this thesis we propose a mobile botnet detection system, called MBotCS and report the outcomes of a comprehensive experimental study of mobile botnet detection using supervised machine learning techniques to analyse network traffic and system calls on Android mobile devices. The research covers a range of botnet detection scenarios that is wider from what explored so far, explores atomic and box learning algorithms, and investigates thoroughly the sensitivity of the algorithm performance on different factors (algorithms, features of network traffic, system call data aggregation periods, and botnets vs normal applications and so on). These experiments have been evaluated using real mobile device traffic, and system call captured from Android mobile devices, running normal apps and mobile botnets. The experiments study has several superiorities comparing with existing research. Firstly, experiments use not only atomic but also box ML classifiers. Secondly, a comprehensive set of Android mobile botnets, which had not been considered previously, without relying on any form of synthetic training data. Thirdly, experiments contain a wider set of detection scenarios including unknown botnets and normal applications. Finally, experiments include the statistical significance of differences in detection performance measures with respect to different factors. The study resulted in positive evidence about the effectiveness of the supervised learning approach, as a solution to the mobile botnet detection problem.

004

The scalability of reliable computation in Erlang

Ghaffari, Amir

January 2015

With the advent of many-core architectures, scalability is a key property for programming languages. Actor-based frameworks like Erlang are fundamentally scalable, but in practice they have some scalability limitations. The RELEASE project aims to scale the Erlang's radical concurrency-oriented programming paradigm to build reliable general-purpose software, such as server-based systems, on emergent commodity architectures with 10,000 cores. The RELEASE consortium works to scale Erlang at the virtual machine, language level, infrastructure levels, and to supply profiling and refactoring tools. This research contributes to the RELEASE project at the language level. Firstly, we study the provision of scalable persistent storage options for Erlang. We articulate the requirements for scalable and available persistent storage, and evaluate four popular Erlang DBMSs against these requirements. We investigate the scalability limits of the Riak NoSQL DBMS using Basho Bench up to 100 nodes on the Kalkyl cluster and establish for the first time scientifically the scalability limit of Riak as 60 nodes, thereby confirming developer folklore. We design and implement DE-Bench, a scalable fault-tolerant peer-to-peer benchmarking tool that measures the throughput and latency of distributed Erlang commands on a cluster of Erlang nodes. We employ DE-Bench to investigate the scalability limits of distributed Erlang on up to 150 nodes and 1200 cores. Our results demonstrate that the frequency of global commands limits the scalability of distributed Erlang. We also show that distributed Erlang scales linearly up to 150 nodes and 1200 cores with relatively heavy data and computation loads when no global commands are used. As part of the RELEASE project, the Glasgow University team has developed Scalable Distributed Erlang (SD Erlang) to address the scalability limits of distributed Erlang. We evaluate SD Erlang by designing and implementing the first ever demonstrators for SD Erlang, i.e. DE-Bench, Orbit and Ant Colony Optimisation(ACO). We employ DE-Bench to evaluate the performance and scalability of group operations in SD-Erlang up to 100 nodes. Our results show that the alternatives SD-Erlang offers for global commands (i.e. group commands) scale linearly up to 100 nodes. We also develop and evaluate an SD-Erlang implementation of Orbit, a symbolic computing kernel and a generalization of a transitive closure computation. Our evaluation results show that SD Erlang Orbit outperforms the distributed Erlang Orbit on 160 nodes and 1280 cores. Moreover, we develop a reliable distributed version of ACO and show that the reliability of ACO limits its scalability in traditional distributed Erlang. We use SD-Erlang to improve the scalability of the reliable ACO by eliminating global commands and avoiding full mesh connectivity between nodes. We show that SD Erlang reduces the network traffic between nodes in an Erlang cluster effectively.

005.13

Temporal dynamics in information retrieval

Whiting, Stewart William

January 2015

The passage of time is unrelenting. Time is an omnipresent feature of our existence, serving as a context to frame change driven by events and phenomena in our personal lives and social constructs. Accordingly, various elements of time are woven throughout information itself, and information behaviours such as creation, seeking and utilisation. Time plays a central role in many aspects of information retrieval (IR). It can not only distinguish the interpretation of information, but also profoundly influence the intentions and expectations of users' information seeking activity. Many time-based patterns and trends - namely temporal dynamics - are evident in streams of information behaviour by individuals and crowds. A temporal dynamic refers to a periodic regularity, or, a one-off or irregular past, present or future of a particular element (e.g., word, topic or query popularity) - driven by predictable and unpredictable time-based events and phenomena. Several challenges and opportunities related to temporal dynamics are apparent throughout IR. This thesis explores temporal dynamics from the perspective of query popularity and meaning, and word use and relationships over time. More specifically, the thesis posits that temporal dynamics provide tacit meaning and structure of information and information seeking. As such, temporal dynamics are a ‘two-way street’ since they must be supported, but also conversely, can be exploited to improve time-aware IR effectiveness. Real-time temporal dynamics in information seeking must be supported for consistent user satisfaction over time. Uncertainty about what the user expects is a perennial problem for IR systems, further confounded by changes over time. To alleviate this issue, IR systems can: (i) assist the user to submit an effective query (e.g., error-free and descriptive), and (ii) better anticipate what the user is most likely to want in relevance ranking. I first explore methods to help users formulate queries through time-aware query auto-completion, which can suggest both recent and always popular queries. I propose and evaluate novel approaches for time-sensitive query auto-completion, and demonstrate state-of-the-art performance of up to 9.2% improvement above the hard baseline. Notably, I find results are reflected across diverse search scenarios in different languages, confirming the pervasive and language agnostic nature of temporal dynamics. Furthermore, I explore the impact of temporal dynamics on the motives behind users' information seeking, and thus how relevance itself is subject to temporal dynamics. I find that temporal dynamics have a dramatic impact on what users expect over time for a considerable proportion of queries. In particular, I find the most likely meaning of ambiguous queries is affected over short and long-term periods (e.g., hours to months) by several periodic and one-off event temporal dynamics. Additionally, I find that for event-driven multi-faceted queries, relevance can often be inferred by modelling the temporal dynamics of changes in related information. In addition to real-time temporal dynamics, previously observed temporal dynamics offer a complementary opportunity as a tacit dimension which can be exploited to inform more effective IR systems. IR approaches are typically based on methods which characterise the nature of information through the statistical distributions of words and phrases. In this thesis I look to model and exploit the temporal dimension of the collection, characterised by temporal dynamics, in these established IR approaches. I explore how the temporal dynamic similarity of word and phrase use in a collection can be exploited to infer temporal semantic relationships between the terms. I propose an approach to uncover a query topic's "chronotype" terms -- that is, its most distinctive and temporally interdependent terms, based on a mix of temporal and non-temporal evidence. I find exploiting chronotype terms in temporal query expansion leads to significantly improved retrieval performance in several time-based collections. Temporal dynamics provide both a challenge and an opportunity for IR systems. Overall, the findings presented in this thesis demonstrate that temporal dynamics can be used to derive tacit structure and meaning of information and information behaviour, which is then valuable for improving IR. Hence, time-aware IR systems which take temporal dynamics into account can better satisfy users consistently by anticipating changing user expectations, and maximising retrieval effectiveness over time.

005.74

Composite web search

Bota, Horatiu S.

January 2018

The figure above shows Google’s results page for the query “taylor swift”, captured in March 2016. Assembled around the long-established list of search results is content extracted from various source — news items and tweets merged within the results ranking, images, songs and social media profiles displayed to the right of the ranking, in an interface element that is known as an entity card. Indeed, the entire page seems more like an assembly of content extracted from various sources, rather than just a ranked list of blue links. Search engine result pages have become increasingly diverse over the past few years, with most commercial web search providers responding to user queries with different types of results, merged within a unified page. The primary reason for this diversity on the results page is that the web itself has become more diverse, given the ease with which creating and hosting different types of content on the web is possible today. This thesis investigates the aggregation of web search results retrieved from various document sources (e.g., images, tweets, Wiki pages) within information “objects” to be integrated in the results page assembled in response to user queries. We use the terms “composite objects” or “composite results” to refer to such objects, and throughout this thesis use the terminology of Composite Web Search (e.g., result composition) to distinguish our approach from other methods of aggregating diverse content within a unified results page (e.g., Aggregated Search). In our definition, the aspects that differentiate composite information objects from aggregated search blocks are that composite objects (i) contain results from multiple sources of information, (ii) are specific to a common topic or facet of a topic rather than a grouping of results of the same type, and (iii) are not a uniform ranking of results ordered only by their topical relevance to a query. The most widely used type of composite result in web search today is the entity card. Entity cards have become extremely popular over the past few years, with some informal studies suggesting that entity cards are now shown on the majority of result pages generated by Google. As composite results are used more and more by commercial search engines to address information needs directly on the results page, understanding the properties of such objects and their influence on searchers is an essential aspect of modern web search science. The work presented throughout this thesis attempts the task of studying composite objects by exploring users’ perspectives on accessing and aggregating diverse content manually, by analysing the effect composite objects have on search behaviour and perceived workload, and by investigating different approaches to constructing such objects from diverse results. Overall, our experimental findings suggest that items which play a central role within composite objects are decisive in determining their usefulness, and that the overall properties of composite objects (i.e., relevance, diversity and coherence) play a combined role in mediating object usefulness.

Formal verification of cryptographic protocols with automated reasoning

Smyth, Ben

January 2011

Cryptographic protocols form the backbone of our digital society. Unfortunately, the security of numerous critical components has been neglected. As a consequence, attacks have resulted in financial loss, violations of personal privacy, and threats to democracy. This thesis aids the secure design of cryptographic protocols and facilitates the evaluation of existing schemes. Developing a secure cryptographic protocol is game-like in nature, and a good designer will consider attacks against key components. Unlike games, however, an adversary is not governed by the rules and may deviate from expected behaviours. Secure cryptographic protocols are therefore notoriously difficult to define. Accordingly, cryptographic protocols must be scrutinised by experts using procedures that can evaluate security properties. This thesis advances verification techniques for cryptographic protocols using formal methods with an emphasis on automation. The key contributions are threefold. Firstly, a definition of election verifability for electronic voting protocols is presented; secondly, a definition of user-controlled anonymity for Direct Anonymous Attestation is delivered; and, finally, a procedure to automatically evaluate observational equivalence is introduced. This work enables security properties of cryptographic protocols to be studied. In particular, we evaluate security in electronic voting protocols and Direct Anonymous Attestation schemes; discovering, and fixing, a vulnerability in the RSA-based Direct Anonymous Attestation protocol. Ultimately, this thesis will help avoid the current situation whereby numerous cryptographic protocols are deployed and found to be insecure.

621.382

Real-time person re-identification for interactive environments

Mohd Yusof, Mohd Hafizuddin

January 2016

The work presented in this thesis was motivated by a vision of the future in which intelligent environments in public spaces such as galleries and museums, deliver useful and personalised services to people via natural interaction, that is, without the need for people to provide explicit instructions via tangible interfaces. Delivering the right services to the right people requires a means of biometrically identifying individuals and then re-identifying them as they move freely through the environment. Delivering the service they desire requires sensing their context, for example, sensing their location or proximity to resources. This thesis presents both a context-aware system and a person re-identification method. A tabletop display was designed and prototyped with an infrared person-sensing context function. In experimental evaluation it exhibited tracking performance comparable to other more complex systems. A real-time, viewpoint invariant, person re-identification method is proposed based on a novel set of Viewpoint Invariant Multi-modal (ViMM) feature descriptors collected from depth-sensing cameras. The method uses colour and a combination of anthropometric properties logged as a function of body orientation. A neural network classifier is used to perform re-identification.

004.01

Engineering self-awareness with knowledge management in dynamic systems : a case for volunteer computing

Elhabbash, Abdessalam

January 2017

The complexity of the modem dynamic computing systems has motivated software engineering researchers to explore new sources of inspiration for equipping such systems with autonomic behaviours. Self-awareness has recently gained considerable attention as a prominent property for enriching the self-adaptation capabilities in systems operating in dynamic, heterogeneous and open environments. This thesis investigates the role of knowledge and its dynamic management in realising various levels of self-awareness for enabling self­adaptivity with different capabilities and strengths. The thesis develops a novel multi-level dynamic knowledge management approach for managing and representing the evolving knowledge. The approach is able to acquire 'richer' knowledge about the system's internal state and its environment in addition to managing the trade-offs arising from the adaptation conflicting goals. The thesis draws on a case from the volunteer computing, as an environment characterised by openness, heterogeneity, dynamism, and unpredictability to develop and evaluate the approach. This thesis takes an experimental approach to evaluate the effectiveness of the of the dynamic knowledge management approach. The results show the added value of the approach to the self-adaptivity of the system compared to classic self­adaptation capabilities.

005.1

Online plan modification in uncertain resource-constrained environments

Harris, Catherine Ann

January 2015

This thesis presents a novel approach to planning under uncertainty in resource constrained environments. Such environments feature in many real-world applications, including planetary rover and autonomous underwater vehicle (AUV) missions. Our focus is on long-duration AUV missions, in which a vehicle spends months at sea, with little or no opportunity for intervention. As the risk to the vehicle and cost of deployment are significant, it is important to fully utilise each mission, maximising data return without compromising vehicle safety. Planning within this domain is challenging because significant resource usage uncertainty prevents computation of an optimal strategy in advance. We describe our novel method for online plan modification and execution monitoring, which augments an existing plan with pre-computed plan fragments in response to observed resource availability. Our modification algorithm uses causal structure to interleave actions, creating solutions without introducing significant computational cost. Our system monitors resource availability, reasoning about the probability of successfully completing the goals. We show that when the probability of completing the mission decreases, by removing low-priority goals our system reduces the risk to the vehicle, increasing mission success rate. Conversely, when resource availability allows, by including additional goals our system increases reward without adversely affecting success rate.

004