Evaluation of the usability of constraint diagrams as a visual modelling language: theoretical and empirical investigations

This research evaluates the constraint diagrams (CD) notation, which is a formal representation for program specification that has some promise to be used by people who are not expert in software design. Multiple methods were adopted in order to provide triangulated evidence of the potential benefits of constraint diagrams compared with other notational systems. Three main approaches were adopted for this research. The first approach was a semantic and task analysis of the CD notation. This was conducted by the application of the Cognitive Dimensions framework, which was used to examine the relative strengths and weaknesses of constraint diagrams and conventional notations in terms of the perceptive facilitation or impediments of these different representations. From this systematic analysis, we found that CD cognitively reduced the cost of exploratory design, modification, incrementation, searching, and transcription activities with regard to the cognitive dimensions: consistency, visibility, abstraction, closeness of mapping, secondary notation, premature commitment, role-expressiveness, progressive evaluation, diffuseness, provisionality, hidden dependency, viscosity, hard mental operations, and error-proneness. The second approach was an empirical evaluation of the comprehension of CD compared to natural language (NL) with computer science students. This experiment took the form of a web-based competition in which 33 participants were given instructions and training on either CD or the equivalent NL specification expressions, and then after each example, they responded to three multiple-choice questions requiring the interpretation of expressions in their particular notation. Although the CD group spent more time on the training and had less confidence, they obtained comparable interpretation scores to the NL group and took less time to answer the questions, although they had no prior experience of CD notation. The third approach was an experiment on the construction of CD. 20 participants were given instructions and training on either CD or the equivalent NL specification expressions, and then after each example, they responded to three questions requiring the construction of expressions in their particular notation. We built an editor to allow the construction of the two notations, which automatically logged their interactions. In general, for constructing program specification, the CD group had more accurate answers, they had spent less time in training, and their returns to the training examples were fewer than those of the NL group. Overall it was found that CD is understandable, usable, intuitive, and expressive with unambiguous semantic notation

Framework for Visualizing Browsing Patterns Captured in Computer Logs

Research ProblemAn Intrusion Detection System (IDS) is used for preventing security breaches by monitoring and analyzing the data recorded in log files. An IDS analyst is responsible for detecting intrusions in a system by manually investigating the vast amounts of textual information captured in these logs. The activities that are performed by the analyst can be split into 3 phases, namely: i) Monitoring ii) Analysis and iii) Response [1]. The analyst starts by monitoring the system, application and network logs to find attacks against the system. If an abnormality is observed, the analyst moves to the analysis phase in which he tries to diagnose the attacks by analyzing the users' activity pattern. After the reason has been diagnosed, appropriate steps are taken to resolve the attacks in the response phase. The analyst's job is time-consuming and inevitably prone to errors due to the large amount of textual information that has to be analyzed [2]. Though there have been various frameworks for visualizing information, there hasn't been much research aimed at visualizing the events that are captured in the log files. Komlodi et al. (2004) proposed a popular framework which is enriched with a good set of requirements for visualizing the intrusions in an IDS. However, they do not provide any details for handling the data in the logs which is essentially the source of data for an IDS, nor do they provide any tasks for predicting an attack. It has also been identified that current IV systems tend to place more importance on the monitoring phase over the other two equally important phases. Hence, a framework that can tackle this problem should be developed. Proposed Framework We propose a framework for developing an IDS which works by monitoring the log files. The framework provides users with a set of parameters that have to be decided before developing the IDS and supports the classification of activities in the network into 3 types, namely: Attack, Suspicious and Not Attack. It also provides phase-specific visualization tasks, and other tasks that are required for extracting information from log files and those that limit the size of the logs. We also outline the working of a Log Agent that is responsible for collecting information from different log files and then summarizing them into one master log file [3]. The proposed framework is applied on a simple file portal system that keeps track of users who access/delete/modify an existing file or add new files.The master log file captures the browsing patterns of the users that use the file portal. This data is then visualized to monitor every activity in the network. Each activity is visualized as a pixel whose attributes describe whether it is an authorized activity or an illegal attempt to access the system. In the analysis phase, tasks that help to determine a potential attack and the reasoning behind the classification of an activity as Suspicious or Attack are provided. Finally, in the response phase, tasks that can resolve the attack and tasks for reporting the details of the attack for future analysis are provided.qscienc

A shift to green cybersecurity sustainability development: Using triple bottom-line sustainability assessment in Qatar transportation sector

Green cybersecurity is the emerging trend in the new era and this green cybersecurity technology minimizes the negative effects of IT operations and implements a green sustainable environment. Therefore, the study conceptually draws the concept of green cybersecurity by applying the theory of reasoned action (TRA) assumptions that logically support green information technology acceptance. Using a convenient sampling, the data were collected from Qatar transport industries, particularly the IT experts and managers, to get responses on the implementation of green cybersecurity and sustainability of 5 transport companies in Doha, Qatar. Using Smart PLS-SEM, the study employed the SEM technique to test the proposed hypotheses. The results reported that green cybersecurity’s control/position, integrity, and authenticity significantly and positively influenced TBL sustainability, but confidentiality, availability, and utility do not. The implementation of industry 4.0 makes them accessible and more effective to ensure TBL sustainable development in the transport industries in Qatar. Applying green cybersecurity in this setting will improve services in transportation sector. A green cybersecurity platform will make it a point to systematically search for and promote innovations made possible by smart green technologies to avoid carbon-emission vehicles. Through the efficient and cutting-edge green, cybersecurity will be Qatar’s transportation sector’s primary responsibility to contribute to Qatar’s sustainable development. In order to accomplish this goal, the regulator must create and implement it. In addition, it emphasizes the importance of adopting green cybersecurity to confront the difficulties facing city transportation all over Qatar as a foundational component of achieving long-term sustainable development

Development of an Immersive Cultural Game using Mixed Reality

This game aims to preserve and spread cultural practices. It introduces new gaming mechanics, which allows user interaction with virtual game objects using hand gestures. The user's objective is to hunt prey in their natural habitat, which means that the player will physically change his location to hunt a specific prey using his falcon to mimic how the falcon hunts for its prey in the real world. This interaction with the real world, along with incorporation of realistic graphics and mixed reality features, enhances the user's experience and helps in preserving cultural practices. Previous work tried to achieve the same goal by different approaches that led to different user segments and different usability cases. One major limitation in that work was the accessibility due to the use of specialized hardware. The hardware is accessible to a small segment of users; however, given the new limitations forced by the COVID-19 situation reusing the hardware is prohibited ; and as a result, not many will have access to the developed solution. The current implementation was designed to work on both Android and IOS to have a social interaction between the largest possible numbers of players. Other features that could also contribute to the goal of the project include building a virtual museum and displaying real falcons using the capabilities mixed reality has to offer

A Design-led FEWW Nexus Approach For Qatar University

Demographic explosion, climate change, urbanization, change of life quality, and food demand have put extra pressure on Food, Energy, Water, and Waste (FEWW) resources.A special focus has been placed on university campuses as they are representative urban communities with a substantial need for food, energy, and water and they generate waste. Furthermore, universities can be models for the community as they can apply and disseminate new ideas. The case study of the Qatar University via the Doha Living Lab (DLL) generates ideas and gives solutions to the FEWW Nexus through urban agriculture practices adopted to the climatic conditions of Qatar. The DLL follows the M-NEX Design method consisting of three steps: Design Development, Design Evaluation, and Implementation by engaging stakeholders and the local community. The areas of the DLL increase food production on the campus while minimizing the use of energy and water, enhance biodiversity as well as soil quality by valorizing food waste. The carbon footprint of DLL is reduced by 2% when the same quantity of food is produced locally than imported. This applies when 75% of the energy needs come from renewable sources, 75% of the needed animal feed comes from bio waste, and finally, when novel greenhouse technologies are utilized with low energy consumption. According to the research results, the FEWW Nexus and food production on campus can be sustainable in terms of low carbon footprint with minimal resource use, use of renewable energy sources, and food waste valorization

Virtual Reality Game for Falconry

Traditions and culture play a major role in our society, as they are the source of a person's pride and honor. One of Qatar's National Vision 2030 pillars that relates to the social development aims at preserving Qatar's national heritage. Thus, from this perspective, an innovative idea to use Virtual Reality (VR) technology to preserve traditions evolved. The game simulates the genuine Qatari Hunting Sport, which is considered as one of the most famous traditional sports in Qatar. However, practicing this sport is very expensive in terms of time, efforts and resources. Since this sport is challenging physically, only male adults can join. This project will not only preserve the traditional sport from extinction, but will also allow children from both genders to participate in it. The game will be an innovative means to help spreading Qatari heritage by commercializing it to the world. Moreover, it will help to learn the rules of such a sport in a safe and entertaining environment. The game is one of its kind since it is merging technology and heritage at the same time. The game is a virtual reality game that teaches younger generations about their antecedents' pastimes. It is a simulation of traditional falcon sport that will teach children, step by step and in an attractive manner, the basics of the sport like holding the falcon, making the falcon fly, and much more. In addition to that, we are cooperating with a hardware team from computer engineering that is working on customizing a glove that will ensure total immersion of the player in the game by making him feel pulled whenever the falcon is on his hand and release the pull when the falcon is not. Another main idea behind this project is to develop a strong relationship between the Qatari people and their heritage, which would then be more accessible throughout the year, instead of only special occasions. It will also help expats in Qatar to explore such an extraordinary heritage game on national events like national day, sport day... This project stands out with its original idea and captivating implemented features like the desert environment, the realistic audios, the visual effects, the gameplay... The game in not limited to only visual effects, although it is a key element, yet behind it countless algorithm implementations and deployment processes. It was crucial to conduct an ethnography study to accurately simulate the game by visiting Qatari society of AlGannas a specialist meeting with a specialist mentor to know more about the hunting sport in Qatar, and collecting more information about different falcon species in the state. This game can serve as a great ambassador of the Qatari falconry hunting sport in local and international events. Falconry is not limited to Qatar. Since 2012, this sport has been considered as an intangible cultural heritage of humanity according to the UNESCO. We tried to customize the game to make it exclusively designed for Qatar by adding features that only Qatari hunters do like holding the falcon on the left hand only.qscienc

ThreatBased Security Risk Evaluation in the Cloud

Research ProblemCyber attacks are targeting the cloud computing systems, where enterprises, governments, and individuals are outsourcing their storage and computational resources for improved scalability and dynamic management of their data. However, the different types of cyber attacks, as well as the different attack goals, create difficulties providing the right security solution needed. This is because different cyber attacks are associated with different threats in the cloud computing systems, where the importance of threats varies based on the cloud user requirements. For example, a hospital patient record system may prioritize the security of cyber attacks tampering patient records, while a media storage system may prioritize the security of cyber attacks carrying out a denial of service attack for ensuring a high availability. As a result, it is of paramount importance to analyze the risk associated with the cloud computing systems taking into account the importance of threats based on different cloud user requirements.However, the current risk evaluation approaches focus on evaluating the risk associated with the asset, rather than the risk associated with different types of threats. Such a holistic approach to risk evaluation does not show explicitly how different types of threats contribute to the overall risk of the cloud computing systems. Consequently, This makes it difficult for security administrators to make fine-grained decisions in order to select security solutions based on different importance of threats given the cloud user requirements. Therefore, it is necessary to analyze the risk of the cloud computing systems taking into account the different importance of threats, which enables the allocation of resources to reduce particular threats, identify the risk associated with different threats imposed, and identify different threats associated with cloud components.Proposed SolutionThe STRIDE threat modeling framework (short for STRIDE) is proposed by Microsoft, which can be used for threat categorization. Using the STRIDE, we propose a threat-guided risk evaluation approach for the cloud computing systems, which can evaluate the risk associated with each threat category from the STRIDE explicitly. Further, we utilize seven different types of security metrics to evaluate the risk namely: \textit{component, component-threat, threat-category, snapshot, path-components, path-threat}, and \textit{overall asset}. Component, component-threat, threat-cateory, and snapshot risks measure the total risk on a component, component risk for a particular threat category, total snapshot risk for a single threat, and the total risk of the snapshot considering all threat categories, respectively. Path-components, path-threat, and overall asset measure the total risk of components in an attack path, the risk of a single threat category in the attack path, and the overal risk to an asset considering all attack paths, respectively. These metrics makes it possible to measure the contribution of each threat category to the overall risk more precisely.When a vulnerability is discovered in a component (e.g. a Virtual Machine) of the Cloud deployment, the administrator first determines which types of threats could be posed should the vulnerability be successfully exploited, and what would be the impacts of each of those threats on the asset. The impact assignment of each threat type is weighted depending on the importance of the component. For example, a Virtual Machine (VM) that acts a Web Server in a medical records management application could be assigned a higher weighting for \textit{denial-of-service} threats because if such attacks are successfully launched then the rest of the VMs that are reached through the Web Server will be unavailable. On the other hand, a vulnerability discovered in a VM that hosts a database of medical records would be rated highest impact for \textit{information disclosure} because if it is compromised confidentiality of the medical history of patients will be violated.By multiplying the probability of successfully exploiting the vulnerability with the threat impact, we compute the risk of each threat type. The variation in the assignment of impact for different threat types enables our approach to compute risks associated with the threats - thus empowering the security administrator with the ability to make fine-grained decisions on how much resources to allocate for mitigating which type of threat and which threats to prioritize. We evaluated the usefulness of our approach through its application to attack scenarios in an example Cloud deployment. Our results show that it is more effective and informative to administrators compared to asset-based approaches to risk evaluation.qscienc

Blockchain Technology for Intelligent Transportation Systems: A Systematic Literature Review

The use of Blockchain technology has recently become widespread. It has emerged as an essential tool in various academic and industrial fields, such as healthcare, transportation, finance, cybersecurity, and supply chain management. It is regarded as a decentralized, trustworthy, secure, transparent, and immutable solution that innovates data sharing and management. This survey aims to provide a systematic review of Blockchain application to intelligent transportation systems in general and the Internet of Vehicles (IoV) in particular. The survey is divided into four main parts. First, the Blockchain technology including its opportunities, relative taxonomies, and applications is introduced; basic cryptography is also discussed. Next, the evolution of Blockchain is presented, starting from the primary phase of pre-Bitcoin (fundamentally characterized by classic cryptography systems), followed by the Blockchain 1.0 phase, (characterized by Bitcoin implementation and common consensus protocols), and finally, the Blockchain 2.0 phase (characterized by the implementation of smart contracts, Ethereum, and Hyperledger). We compared and identified the strengths and limitations of each of these implementations. Then, the state of the art of Blockchain-based IoV solutions (BIoV) is explored by referring to a large and trusted source database from the Scopus data bank. For a well-structured and clear discussion, the reviewed literature is classified according to the research direction and implemented IoV layer. Useful tables, statistics, and analysis are also presented. Finally, the open problems and future directions in BIoV research are summarized

Interactive visual study for residential energy consumption data

Interactive data visualization tools for residential energy data are instrumental indicators for analyzing end user behavior. These visualizations can be used as continuous home feedback systems and can be accessed from mobile devices using touch-based applications. Visualizations have to be carefully selected in order for them to partake in the behavioral transformation that end users are encouraged to adopt. In this paper, six energy data visualizations are evaluated in a randomized controlled trial fashion to determine the optimal data visualization tool. Conventional visualizations, namely bar, line, and stacked area, are compared against enhanced charts, namely spiral, heatmap, and stacked bar, in terms of effectiveness, aesthetic, understandability, and three analysis questions. The study is conducted through a questionnaire in a mobile application. The application, created through React Native, is circulated to participants in multiple countries, collecting 133 responses. From the received responses, conventional plots scored higher understandability (by 22.74%), effectiveness (by 13.44%), and aesthetic (by 10.54%) when compared with the enhanced visualizations. On the flipside, enhanced plots generated higher correct analysis questions' responses by 8% compared to the conventional counterparts. From the 133 collected responses, and after applying the unpaired t-test, conventional energy data visualization plots are considered superior in terms of understandability, effectiveness, and aesthetic. 2022 The Author(s)This paper is made possible by National Priorities Research Program, Qatar (NPRP) grant No. 10-0130-170288 from the Qatar National Research Fund (a member of Qatar Foundation). The statements made herein are solely the responsibility of the authors. Open Access funding provided by the Qatar National Library.Scopu