Exploring Memory Cues to Aid Information Retrieval from Personal LifeLog Archives

The expansion of personal information archives and the emerging field of Personal Lifelogs (PLs) are creating new challenges for information retrieval (IR). While studies have demonstrated the difficulties of IR for these massive data collection [1], we should also think about how we can opportunities and benefits from integrating these data sources as a component of “digital memories” , considering their rich connections with the users‟ memory. We observed that most existing approaches to personal archive IR are mostly technology-driven. Although in recent years studies in Personal Information management (PIM) have claimed to make use of the human memory features, and many works have been reported as investigating well-remembered features of computer files (documents, email, photos). Yet, these explorations are usually confined to the attributes or feature that current computer file systems or technology have provided. I believe that there are important and potentially useful data attributes that these studies have ignored. In addition, current personal search interfaces provide searching options based on what is available in the system, e.g. require users to fill in the calendar date, regardless of the fact that people actually don‟t often encode „time‟ in such a way. My PhD project aims to explore what users actually tend to recall in different personal achieve information seeking tasks, how to present searching options to cater for the right type or format of information that users can recall, and how to exploit this information in an IR system for personal lifelog archives. In this paper, I discuss the limits and advantages of some related work, and present my current and proposed study, with an outlook of an interface that I plan to develop to explore my proposals

Supporting ethnographic studies of ubiquitous computing in the wild

Ethnography has become a staple feature of IT research over the last twenty years, shaping our understanding of the social character of computing systems and informing their design in a wide variety of settings. The emergence of ubiquitous computing raises new challenges for ethnography however, distributing interaction across a burgeoning array of small, mobile devices and online environments which exploit invisible sensing systems. Understanding interaction requires ethnographers to reconcile interactions that are, for example, distributed across devices on the street with online interactions in order to assemble coherent understandings of the social character and purchase of ubiquitous computing systems. We draw upon four recent studies to show how ethnographers are replaying system recordings of interaction alongside existing resources such as video recordings to do this and identify key challenges that need to be met to support ethnographic study of ubiquitous computing in the wild

BEHAVIORAL CHARACTERIZATION OF ATTACKS ON THE REMOTE DESKTOP PROTOCOL

The Remote Desktop Protocol (RDP) is popular for enabling remote access and administration of Windows systems; however, attackers can take advantage of RDP to cause harm to critical systems using it. Detection and classification of RDP attacks is a challenge because most RDP traffic is encrypted, and it is not always clear which connections to a system are malicious after manual decryption of RDP traffic. In this research, we used open-source tools to generate and analyze RDP attack data using a power-grid honeypot under our control. We developed methods for detecting and characterizing RDP attacks through malicious signatures, Windows event log entries, and network traffic metadata. Testing and evaluation of our characterization methods on actual attack data collected by four instances of our honeypot showed that we could effectively delineate benign and malicious RDP traffic and classify the severity of RDP attacks on unprotected or misconfigured Windows systems. The classification of attack patterns and severity levels can inform defenders of adversarial behavior in RDP attacks. Our results can also help protect national critical infrastructure, including Department of Defense systems.DOE, Washington DC 20805Civilian, SFSApproved for public release. Distribution is unlimited

Exploring Digital Elements for Visualizing Time in Personal Information Re-finding

Psychological theories on memory of time suggest that people naturally remember ‘events’ rather than the ‘dates’ and ‘hours’. These features are, however, usually required by computer applications for desktop search (information re-finding) tasks. This explains why ‘time’ features are not well remembered for desktop search, as reported in some studies. In order to improve on this situation, we proposed our iCLIPS browser interface, which enables user re-fining initial search results using a suggestive timeline, where visualization elements representing landmark events and important computer activities were displayed. These visual elements on the time line were expected to act as episodic memory cues to help users recollect their search target by recognizing their episodic context. This interface is built on top of a personal search engine providing a unified index of all the information a user has encountered or created, such as documents, web pages, email, and personal photos. We present a pilot study to explore the types of these visual. The result and suggestions for future main study were discussed

A Case-Based Reasoning Method for Locating Evidence During Digital Forensic Device Triage

The role of triage in digital forensics is disputed, with some practitioners questioning its reliability for identifying evidential data. Although successfully implemented in the field of medicine, triage has not established itself to the same degree in digital forensics. This article presents a novel approach to triage for digital forensics. Case-Based Reasoning Forensic Triager (CBR-FT) is a method for collecting and reusing past digital forensic investigation information in order to highlight likely evidential areas on a suspect operating system, thereby helping an investigator to decide where to search for evidence. The CBR-FT framework is discussed and the results of twenty test triage examinations are presented. CBR-FT has been shown to be a more effective method of triage when compared to a practitioner using a leading commercial application