21,016 research outputs found
Service-oriented coordination platform for technology-enhanced learning
It is currently difficult to coordinate learning processes, not only because multiple stakeholders are involved (such as students, teachers, administrative staff, technical staff), but also because these processes are driven by sophisticated rules (such as rules on how to provide learning material, rules on how to assess students’ progress, rules on how to share educational responsibilities). This is one of the reasons for the slow progress in technology-enhanced learning. Consequently, there is a clear demand for technological facilitation of the coordination of learning processes. In this work, we suggest some solution directions that are based on SOA (Service-Oriented Architecture). In particular, we propose a coordination service pattern consistent with SOA and based on requirements that follow from an analysis of both learning processes and potentially useful support technologies. We present the service pattern considering both functional and non-functional issues, and we address policy enforcement as well. Finally, we complement our proposed architecture-level solution directions with an example. The example illustrates our ideas and is also used to identify: (i) a short list of educational IT services; (ii) related non-functional concerns; they will be considered in future work
CONDOR: A Hybrid IDS to Offer Improved Intrusion Detection
Intrusion Detection Systems are an accepted and very
useful option to monitor, and detect malicious activities.
However, Intrusion Detection Systems have inherent limitations which lead to false positives and false negatives; we propose that combining signature and anomaly based IDSs should be examined. This paper contrasts signature and anomaly-based IDSs, and critiques some proposals about hybrid IDSs with signature and heuristic capabilities, before considering some of their contributions in order to include them as main features of a new hybrid IDS named CONDOR (COmbined Network intrusion Detection ORientate), which is designed to offer superior pattern analysis and anomaly detection by reducing false positive rates and administrator intervention
Execution Integrity with In-Place Encryption
Instruction set randomization (ISR) was initially proposed with the main goal
of countering code-injection attacks. However, ISR seems to have lost its
appeal since code-injection attacks became less attractive because protection
mechanisms such as data execution prevention (DEP) as well as code-reuse
attacks became more prevalent.
In this paper, we show that ISR can be extended to also protect against
code-reuse attacks while at the same time offering security guarantees similar
to those of software diversity, control-flow integrity, and information hiding.
We present Scylla, a scheme that deploys a new technique for in-place code
encryption to hide the code layout of a randomized binary, and restricts the
control flow to a benign execution path. This allows us to i) implicitly
restrict control-flow targets to basic block entries without requiring the
extraction of a control-flow graph, ii) achieve execution integrity within
legitimate basic blocks, and iii) hide the underlying code layout under
malicious read access to the program. Our analysis demonstrates that Scylla is
capable of preventing state-of-the-art attacks such as just-in-time
return-oriented programming (JIT-ROP) and crash-resistant oriented programming
(CROP). We extensively evaluate our prototype implementation of Scylla and show
feasible performance overhead. We also provide details on how this overhead can
be significantly reduced with dedicated hardware support
CHORUS Deliverable 2.2: Second report - identification of multi-disciplinary key issues for gap analysis toward EU multimedia search engines roadmap
After addressing the state-of-the-art during the first year of Chorus and establishing the existing landscape in
multimedia search engines, we have identified and analyzed gaps within European research effort during our second year.
In this period we focused on three directions, notably technological issues, user-centred issues and use-cases and socio-
economic and legal aspects. These were assessed by two central studies: firstly, a concerted vision of functional breakdown
of generic multimedia search engine, and secondly, a representative use-cases descriptions with the related discussion on
requirement for technological challenges. Both studies have been carried out in cooperation and consultation with the
community at large through EC concertation meetings (multimedia search engines cluster), several meetings with our
Think-Tank, presentations in international conferences, and surveys addressed to EU projects coordinators as well as
National initiatives coordinators. Based on the obtained feedback we identified two types of gaps, namely core
technological gaps that involve research challenges, and “enablers”, which are not necessarily technical research
challenges, but have impact on innovation progress. New socio-economic trends are presented as well as emerging legal
challenges
Porqpine: a peer-to-peer search engine
In this paper, we present a fully distributed and collaborative search
engine for web pages: Porqpine. This system uses a novel query-based model
and collaborative filtering techniques in order to obtain user-customized
results. All knowledge about users and profiles is stored in each user
node?s application. Overall the system is a multi-agent system that runs on
the computers of the user community. The nodes interact in a peer-to-peer
fashion in order to create a real distributed search engine where
information is completely distributed among all the nodes in the network.
Moreover, the system preserves the privacy of user queries and results by
maintaining the anonymity of the queries? consumers and results? producers.
The knowledge required by the system to work is implicitly caught through
the monitoring of users actions, not only within the system?s interface but
also within one of the most popular web browsers. Thus, users are not
required to explicitly feed knowledge about their interests into the system
since this process is done automatically. In this manner, users obtain the
benefits of a personalized search engine just by installing the application
on their computer. Porqpine does not intend to shun completely conventional
centralized search engines but to complement them by issuing more accurate
and personalized results.Postprint (published version
A platform for discovering and sharing confidential ballistic crime data.
Criminal investigations generate large volumes of complex data that detectives have to analyse and understand. This data tends to be "siloed" within individual jurisdictions and re-using it in other investigations can be difficult. Investigations into trans-national crimes are hampered by the problem of discovering relevant data held by agencies in other countries and of sharing those data. Gun-crimes are one major type of incident that showcases this: guns are easily moved across borders and used in multiple crimes but finding that a weapon was used elsewhere in Europe is difficult. In this paper we report on the Odyssey Project, an EU-funded initiative to mine, manipulate and share data about weapons and crimes. The project demonstrates the automatic combining of data from disparate repositories for cross-correlation and automated analysis. The data arrive from different cultural/domains with multiple reference models using real-time data feeds and historical databases
Semi-autonomous, context-aware, agent using behaviour modelling and reputation systems to authorize data operation in the Internet of Things
In this paper we address the issue of gathering the "informed consent" of an
end user in the Internet of Things. We start by evaluating the legal importance
and some of the problems linked with this notion of informed consent in the
specific context of the Internet of Things. From this assessment we propose an
approach based on a semi-autonomous, rule based agent that centralize all
authorization decisions on the personal data of a user and that is able to take
decision on his behalf. We complete this initial agent by integrating
context-awareness, behavior modeling and community based reputation system in
the algorithm of the agent. The resulting system is a "smart" application, the
"privacy butler" that can handle data operations on behalf of the end-user
while keeping the user in control. We finally discuss some of the potential
problems and improvements of the system.Comment: This work is currently supported by the BUTLER Project co-financed
under the 7th framework program of the European Commission. published in
Internet of Things (WF-IoT), 2014 IEEE World Forum, 6-8 March 2014, Seoul,
P411-416, DOI: 10.1109/WF-IoT.2014.6803201, INSPEC: 1425565
Online advertising: analysis of privacy threats and protection approaches
Online advertising, the pillar of the “free” content on the Web, has revolutionized the marketing business in recent years by creating a myriad of new opportunities for advertisers to reach potential customers. The current advertising model builds upon an intricate infrastructure composed of a variety of intermediary entities and technologies whose main aim is to deliver personalized ads. For this purpose, a wealth of user data is collected, aggregated, processed and traded behind the scenes at an unprecedented rate. Despite the enormous value of online advertising, however, the intrusiveness and ubiquity of these practices prompt serious privacy concerns. This article surveys the online advertising infrastructure and its supporting technologies, and presents a thorough overview of the underlying privacy risks and the solutions that may mitigate them. We first analyze the threats and potential privacy attackers in this scenario of online advertising. In particular, we examine the main components of the advertising infrastructure in terms of tracking capabilities, data collection, aggregation level and privacy risk, and overview the tracking and data-sharing technologies employed by these components. Then, we conduct a comprehensive survey of the most relevant privacy mechanisms, and classify and compare them on the basis of their privacy guarantees and impact on the Web.Peer ReviewedPostprint (author's final draft
- …