Sec-Lib: Protecting Scholarly Digital Libraries From Infected Papers Using Active Machine Learning Framework

Researchers from academia and the corporate-sector rely on scholarly digital libraries to access articles. Attackers take advantage of innocent users who consider the articles' files safe and thus open PDF-files with little concern. In addition, researchers consider scholarly libraries a reliable, trusted, and untainted corpus of papers. For these reasons, scholarly digital libraries are an attractive-target and inadvertently support the proliferation of cyber-attacks launched via malicious PDF-files. In this study, we present related vulnerabilities and malware distribution approaches that exploit the vulnerabilities of scholarly digital libraries. We evaluated over two-million scholarly papers in the CiteSeerX library and found the library to be contaminated with a surprisingly large number (0.3-2%) of malicious PDF documents (over 55% were crawled from the IPs of US-universities). We developed a two layered detection framework aimed at enhancing the detection of malicious PDF documents, Sec-Lib, which offers a security solution for large digital libraries. Sec-Lib includes a deterministic layer for detecting known malware, and a machine learning based layer for detecting unknown malware. Our evaluation showed that scholarly digital libraries can detect 96.9% of malware with Sec-Lib, while minimizing the number of PDF-files requiring labeling, and thus reducing the manual inspection efforts of security-experts by 98%

Sec-Lib: Protecting Scholarly Digital Libraries From Infected Papers Using Active Machine Learning Framework

Researchers from academia and the corporate-sector rely on scholarly digital libraries to access articles. Attackers take advantage of innocent users who consider the articles\u27 files safe and thus open PDF-files with little concern. In addition, researchers consider scholarly libraries a reliable, trusted, and untainted corpus of papers. For these reasons, scholarly digital libraries are an attractive-target and inadvertently support the proliferation of cyber-attacks launched via malicious PDF-files. In this study, we present related vulnerabilities and malware distribution approaches that exploit the vulnerabilities of scholarly digital libraries. We evaluated over two-million scholarly papers in the CiteSeerX library and found the library to be contaminated with a surprisingly large number (0.3-2%) of malicious PDF documents (over 55% were crawled from the IPs of US-universities). We developed a two layered detection framework aimed at enhancing the detection of malicious PDF documents, Sec-Lib, which offers a security solution for large digital libraries. Sec-Lib includes a deterministic layer for detecting known malware, and a machine learning based layer for detecting unknown malware. Our evaluation showed that scholarly digital libraries can detect 96.9% of malware with Sec-Lib, while minimizing the number of PDF-files requiring labeling, and thus reducing the manual inspection efforts of security-experts by 98%

How to achieve high customer satisfaction in Sabancı University Information Center

The Sabancı University is a young private university, which started providing education in 1999 in Istanbul. A “Search Conference” had been organized in order to find out “what kind of a university the country needed” and of its structure had been established on this understanding. At the first stage, the vision, the mission and the design of the university were completed, and the foundation of administrative infrastructure and selection of technology systems were materialized. Starting from the days of its foundation, the planning of the information services and facilities had been one of the main issues of the project. The university, which aims to become a world university, was accepted to be a member of the “European Foundation of Quality Management (EFQM)” regarding its activities in the stage of its foundation. A “Student and Staff Tendency Survey” which was implemented in 2001 indicated that the Information Centre was the strong side of the university. At the same time the Center's the statistics covering period of 1999-2007 also indicated that the targets were achieved under the strategic planning of the Center. In 2007, an user satisfaction survey in order to evaluate the conformity of the services and facilities, to identify its strong and weak areas, opportunities and threats through comparison and SWOT analysis for the future, and set up 2007-2011 five-years strategic planning and operational activity plan. The survey indicated that 95% of the participants are satisfied in general with the Center. In addition to these, the results of usage statistics between the years 1998-2009 indicated that utilizing of the services and facilities of the Information Center has increased from year to year. On the other hand, the results of the survey after the orientation programs show that the customer satisfaction is very high. We believe that the followings are the reasons of high user satisfaction. The Centre has a user and process focused pro-active management, learning organization structure, the availability of the suggestion system, continues benchmarking with the competitors and observing management and technological developments in the world. This paper presents to share our applications and plans on high user satisfaction rate, customer relation management activities and future planning

A model for digital preservation repository risk relationships

The paper introduces the Preserved Object and Repository Risk Ontology (PORRO), a model that relates preservation functionality with associated risks and opportunities for their mitigation. Building on work undertaken in a range of EU and UK funded research projects (including the Digital Curation Centre , DigitalPreservationEurope and DELOS ), this ontology illustrates relationships between fundamental digital library goals and their parameters; associated rights and responsibilities; practical activities and resources involved in their accomplishment; and risks facing digital libraries and their collections. Its purpose is to facilitate a comprehensive understanding of risk causality and to illustrate opportunities for mitigation and avoidance. The ontology reflects evidence accumulated from a series of institutional audits and evaluations, including a specific subset of digital libraries in the DELOS project which led to the definition of a digital library preservation risk profile. Its applicability is intended to be widespread, and its coverage expected to evolve to reflect developments within the community. Attendees will gain an understanding of the model and learn how they can utilize this online resource to inform their own risk management activities

European Digital Libraries: Web Security Vulnerabilities

Purpose – The purpose of this paper is to investigate the web vulnerability challenges at European library web sites and how these issues can affect the data protection of their patrons. Design/methodology/approach – A web vulnerability testing tool was used to analyze 80 European library sites in four countries to determine how many security vulnerabilities each had and what were the most common types of problems. Findings – Analysis results from surveying the libraries show the majority have serious security flaws in their web applications. The research shows that despite country-specific laws mandating secure sites, system librarians have not implemented appropriate measures to secure their online information systems. Research limitations/implications – Further research on library vulnerability throughout the world can be taken to educate librarians in other countries of the serious nature of protecting their systems. Practical implications – The findings serve to remind librarians of the complexity in providing a secure online environment for their patrons and that a disregard or lack of awareness of securing systems could lead to serious vulnerabilities of the patrons' personal data and systems. Lack of consumer trust may result in a decreased use of online commerce and have serious repercussions for the municipal libraries. Several concrete examples of methods to improve security are provided. Originality/value – The paper serves as a current paper on data security issues at Western European municipal library web sites. It serves as a useful summary regarding technical and managerial measures librarians can take to mitigate inadequacies in their security implementation

The intention to use mobile digital library technology: A focus group study in the United Arab Emirates

IGI Global (“IGI”) granted Brunel University London the permission to archive this article in BURA (http://bura.brunel.ac.uk).This paper presents a qualitative study on student adoption of mobile library technology in a developing world context. The findings support the applicability of a number of existing constructs from the technology acceptance literature, such as perceived ease of use, social influence and trust. However, they also suggest the need to modify some adoption factors previously found in the literature to fit the specific context of mobile library adoption. Perceived value was found to be a more relevant overarching adoption factor than perceived usefulness for this context. Facilitating conditions were identified as important but these differed somewhat from those covered in earlier literature. The research also uncovered the importance of trialability for this type of application. The findings provide a basis for improving theory in the area of mobile library adoption and suggest a number of practical design recommendations to help designers of mobile library technology to create applications that meet user needs

Digital Library Evaluation: Toward an Evolution of Concepts

published or submitted for publicatio

Extent Of Service: Minnesota Libraries Disability Services And Quality Of Websites: Assessing Public & Academic Libraries

This article addresses the availability of software/hardware and other sources for all persons with disabilities in Minnesota libraries, and also the navigability of websites of these libraries for those who are visually impaired. Many electronic resources are prohibitively difficult or impossible for the Blind to access. On a practical level, the article surveys and evaluates what is available and what works for people with disabilities at present. I surveyed all Academic Libraries and Public Library Systems in Minnesota as to their disability services, and evaluated the accessibility of library websites through the help of people with visual disabilities. The websites chosen were those of public Academic Libraries/Learning Resource Centers, and those of Public Libraries or Library Systems. To evaluate Minnesota library web sites, I was able to recruit 5 volunteers, and using their personal screen readers (JAWS 4. 0 or later), evaluated 20 Public Library and 40 public Academic Library web sites. Existing legislation concerning persons with disabilities is overviewed as well as issues and concerns that arose during the course of my writing and surveying. The work provides timely information and raises questions for further research

Open source in libraries: Implementation of an open source ILMS at Asia e-University library

Open source systems for libraries have improved significantly to gain the confidence of librarians. The main focus of the paper is to describe the selection process and criteria that led to the implementation of Koha the first open source Integrated Library Management System at the AeU Library. A study was made based on the set criteria used to compare and contrast with the more popular propriety library management systems. The paper presents the findings of the study which led to the selection of Koha, and a brief introduction to features of open source systems for libraries. The reasoning and conditions for accepting Koha are discussed. A brief account of the implementation process and related experience of the open source ILMS are given. AeU library implemented the various modules of the system: cataloging, online public access (OPAC), circulation, patron management and acquisitions. The expanding influence and acceptance of OSS in libraries is here to stay. Malaysian libraries may need to look into the credible options and benefits of utilizing open source systems and harness this development in ILS