User Behavioral Modeling of Web-based Systems for Continuous User Authentication

Authentication plays an important role in how we interact with computers, mobile devices, the web, etc. The idea of authentication is to uniquely identify a user before granting access to system privileges. For example, in recent years more corporate information and applications have been accessible via the Internet and Intranet. Many employees are working from remote locations and need access to secure corporate files. During this time, it is possible for malicious or unauthorized users to gain access to the system. For this reason, it is logical to have some mechanism in place to detect whether the logged-in user is the same user in control of the user's session. Therefore, highly secure authentication methods must be used. We posit that each of us is unique in our use of computer systems. It is this uniqueness that is leveraged to "continuously authenticate users" while they use web software. To monitor user behavior, n-gram models are used to capture user interactions with web-based software. This statistical language model essentially captures sequences and sub-sequences of user actions, their orderings, and temporal relationships that make them unique by providing a model of how each user typically behaves. Users are then continuously monitored during software operations. Large deviations from "normal behavior" can possibly indicate malicious or unintended behavior. This approach is implemented in a system called Intruder Detector (ID) that models user actions as embodied in web logs generated in response to a user's actions. User identification through web logs is cost-effective and non-intrusive. We perform experiments on a large fielded system with web logs of approximately 4000 users. For these experiments, we use two classification techniques; binary and multi-class classification. We evaluate model-specific differences of user behavior based on coarse-grain (i.e., role) and fine-grain (i.e., individual) analysis. A specific set of metrics are used to provide valuable insight into how each model performs. Intruder Detector achieves accurate results when identifying legitimate users and user types. This tool is also able to detect outliers in role-based user behavior with optimal performance. In addition to web applications, this continuous monitoring technique can be used with other user-based systems such as mobile devices and the analysis of network traffic.

THE FEASIBILITY OF USING WEB-BASED TECHNOLOGY FOR THE MANAGEMENT OF DREDGING PROJECTS

The research investigates the feasibility of using web-based project management systems for dredging. To achieve this objective the research assessed both the positive and negative aspects of using web-based technology for the management of dredging projects. Information gained from literature review and prior investigations of dredging projects revealed that project performance, social, political, technical, and business aspects of the organization were important factors in deciding to use web-based systems for the management of dredging projects. These factors were used to develop the research assumptions. An exploratory case study methodology was used to gather the empirical evidence and perform the analysis. An operational prototype of the system was developed to help evaluate developmental and functional requirements, as well as the influence on performance, and on the organization. The evidence gathered from three case study projects, and from a survey of 31 experts, were used to validate the assumptions. Baselines, representing the assumptions, were created as a reference to assess the responses and qualitative measures. The deviation of the responses was used to evaluate for the analysis. Finally, the conclusions were assessed by validating the assumptions with the evidence, derived from the analysis. The research findings are as follows: 1. The system would help improve project performance. 2. Resistance to implementation may be experienced if the system is implemented. Therefore, resistance to implementation needs to be investigated further and more R&D work is needed in order to advance to the final design and implementation. 3. System may be divided into standalone modules in order to simplify the system and facilitate incremental changes. 4. The QA/QC conceptual approach used by this research needs to be redefined during future R&D to satisfy both owners and contractors. Yin (2009) Case Study Research Design and Methods was used to develop the research approach, design, data collection, and analysis. Markus (1983) Resistance Theory was used during the assumptions definition to predict potential problems to the implementation of web-based project management systems for the dredging industry. Keen (1981) incremental changes and facilitative approach tactics were used as basis to classify solutions, and how to overcome resistance to implementation of the web-based project management system. Davis (1989) Technology Acceptance Model (TAM) was used to assess the solutions needed to overcome the resistances to the implementation of web-base management systems for dredging projects.

INVESTIGATION OF MAGNESIUM ION CHARGE STORAGE MECHANISM IN MANGANESE DIOXIDE

Magnesium (Mg) battery is considered as a promising candidate for the next generation battery technology that could potentially replace the current lithium (Li)-ion batteries due to the following factors. Magnesium possesses a higher volumetric capacity than commercialized Li-ion battery anode materials. Additionally, the low cost and high abundance of Mg compared to Li makes Mg batteries even more attractive. Moreover, unlike metallic Li anodes which have a tendency to develop a dendritic structure on the surface upon the cycling of the battery, Mg metal is known to be free from such a hazardous phenomenon. Due to these merits of Mg as an anode, the topic of rechargea¬ble Mg batteries has attracted considerable attention among researchers in the last few decades. However, the aforementioned advantages of Mg batteries have not been fully utilized due to the serious kinetic limitation of Mg2+ diffusion process in many hosting compounds which is believed to be due to a strong electrostatic interaction between divalent Mg2+ ions and hosting matrix. This serious kinetic hindrance is directly related to the lack of cathode materials for Mg battery that provide comparable electrochemical performances to that of Li-based system. Manganese oxide (MnO2) is one of the most well studied electrode materials due to its excellent electrochemical properties, including high Li+ ion capacity and relatively high operating voltage (i.e., ~ 4 V vs. Li/Li+ for LiMn2O4 and ~ 3.2 V vs. Mg/Mg2+). However, unlike the good electrochemical properties of MnO2 realized in Li-based systems, rather poor electrochemical performances have been reported in Mg based systems, particularly with low capacity and poor cycling performances. While the origin of the observed poor performances is believed to be due to the aforementioned strong ionic interaction between the Mg2+ ions and MnO2 lattice resulting in a limited diffusion of Mg2+ ions in MnO2, very little has been explored regarding the charge storage mechanism of MnO2 with divalent Mg2+ ions. This dissertation investigates the charge storage mechanism of MnO2, focusing on the insertion behaviors of divalent Mg2+ ions and exploring the origins of the limited Mg2+ insertion behavior in MnO2. It is found that the limited Mg2+ capacity in MnO2 can be significantly improved by introducing water molecules in the Mg electrolyte system, where the water molecules effectively mitigated the kinetic hindrance of Mg2+ insertion process. The combination of nanostructured MnO2 electrode and water effect provides a synergic effect demonstrating further enhanced Mg2+ insertion capability. Furthermore, it is demonstrated in this study that pre-cycling MnO2 electrodes in water-containing electrolyte activates MnO2 electrode, after which improved Mg2+ capacity is maintained in dry Mg electrolyte. Based on a series of XPS analysis, a conversion mechanism is proposed where magnesiated MnO2 undergoes a conversion reaction to Mg(OH)2 and MnOx and Mn(OH)y species in the presence of water molecules. This conversion process is believed to be the driving force that generates the improved Mg2+ capacity in MnO2 along with the water molecule’s charge screening effect. Finally, it is discussed that upon a consecutive cycling of MnO2 in the water-containing Mg electrolyte, structural water is generated within the MnO2 lattice, which is thought to be the origin of the observed activation phenomenon. The results provided in this dissertation highlight that the divalency of Mg2+ ions result in very different electrochemical behaviors than those of the well-studied monovalent Li+ ions towards MnO2.

Mission and Scenario Planning for Unmanned Aerial Vehicles (Path Planning and Collision Avoidance Systems)

As unmanned autonomous vehicles (UAVs) are being widely utilized in military and civil applications, concerns are growing about mission safety and how to integrate dierent phases of mission design. One important barrier to a coste ective and timely safety certication process for UAVs is the lack of a systematic approach for bridging the gap between understanding high-level commander/pilot intent and implementation of intent through low-level UAV behaviors. In this thesis we demonstrate an entire systems design process for a representative UAV mission, beginning from an operational concept and requirements and ending with a simulation framework for segments of the mission design, such as path planning and decision making in collision avoidance. In this thesis, we divided this complex system into sub-systems; path planning, collision detection and collision avoidance. We then developed software modules for each sub-system

COLLABORATIVE TESTING ACROSS SHARED SOFTWARE COMPONENTS

Large component-based systems are often built from many of the same components. As individual component-based software systems are developed, tested and maintained, these shared components are repeatedly manipulated. As a result there are often significant overlaps and synergies across and among the different test efforts of different component-based systems. However, in practice, testers of different systems rarely collaborate, taking a test-all-by-yourself approach. As a result, redundant effort is spent testing common components, and important information that could be used to improve testing quality is lost. The goal of this research is to demonstrate that, if done properly, testers of shared software components can save effort by avoiding redundant work, and can improve the test effectiveness for each component as well as for each component-based software system by using information obtained when testing across multiple components. To achieve this goal I have developed collaborative testing techniques and tools for developers and testers of component-based systems with shared components, applied the techniques to subject systems, and evaluated the cost and effectiveness of applying the techniques. The dissertation research is organized in three parts. First, I investigated current testing practices for component-based software systems to find the testing overlap and synergy we conjectured exists. Second, I designed and implemented infrastructure and related tools to facilitate communication and data sharing between testers. Third, I designed two testing processes to implement different collaborative testing algorithms and applied them to large actively developed software systems. This dissertation has shown the benefits of collaborative testing across component developers who share their components. With collaborative testing, researchers can design algorithms and tools to support collaboration processes, achieve better efficiency in testing configurations, and discover inter-component compatibility faults within a minimal time window after they are introduced.