User Behavioral Modeling of Web-based Systems for Continuous User Authentication

Authentication plays an important role in how we interact with computers, mobile devices, the web, etc. The idea of authentication is to uniquely identify a user before granting access to system privileges. For example, in recent years more corporate information and applications have been accessible via the Internet and Intranet. Many employees are working from remote locations and need access to secure corporate files. During this time, it is possible for malicious or unauthorized users to gain access to the system. For this reason, it is logical to have some mechanism in place to detect whether the logged-in user is the same user in control of the user's session. Therefore, highly secure authentication methods must be used. We posit that each of us is unique in our use of computer systems. It is this uniqueness that is leveraged to "continuously authenticate users" while they use web software. To monitor user behavior, n-gram models are used to capture user interactions with web-based software. This statistical language model essentially captures sequences and sub-sequences of user actions, their orderings, and temporal relationships that make them unique by providing a model of how each user typically behaves. Users are then continuously monitored during software operations. Large deviations from "normal behavior" can possibly indicate malicious or unintended behavior. This approach is implemented in a system called Intruder Detector (ID) that models user actions as embodied in web logs generated in response to a user's actions. User identification through web logs is cost-effective and non-intrusive. We perform experiments on a large fielded system with web logs of approximately 4000 users. For these experiments, we use two classification techniques; binary and multi-class classification. We evaluate model-specific differences of user behavior based on coarse-grain (i.e., role) and fine-grain (i.e., individual) analysis. A specific set of metrics are used to provide valuable insight into how each model performs. Intruder Detector achieves accurate results when identifying legitimate users and user types. This tool is also able to detect outliers in role-based user behavior with optimal performance. In addition to web applications, this continuous monitoring technique can be used with other user-based systems such as mobile devices and the analysis of network traffic.

BEHAVIOR OF FIBER REINFORCED POLYMER COMPOSITE PILES WITH ELLIPTICAL CROSS SECTIONS IN INTEGRAL ABUTMENT BRIDGE FOUNDATIONS

Every year in the US and other cold-climate countries considerable amount of money is spent to restore structural damages in conventional bridges resulting from (or “caused by”) salt corrosion in bridge expansion joints. Frequent usage of deicing salt in conventional bridges with expansion joints results in corrosion and other damages to the expansion joints, steel girders, stiffeners, concrete rebar, and any structural steel members in the abutments. The best way to prevent these damages is to eliminate the expansion joints at the abutment and elsewhere and make the entire bridge abutment and deck a continuous monolithic structural system. This type of bridge is called Integral Abutment Bridge which is now widely used in the US and other cold-climate countries. In order to provide lateral flexibility, the entire abutment is constructed on piles. Piles used in integral abutments should have enough capacity in the perpendicular direction to support the vertical forces. In addition, piles should be able to withstand corrosive environments near the surface of the ground and maintain their performance during the lifespan of the bridge. Fiber Reinforced Polymer (FRP) piles are a new type of pile that can not only accommodate large displacements, but can also resist corrosion significantly better than traditional steel or concrete piles. The use of FRP piles extends the life of the pile which in turn extends the life of the bridge. This dissertation studies FRP piles with elliptical shapes. The elliptical shapes can simultaneously provide flexibility and stiffness in two perpendicular axes. The elliptical shapes can be made using the filament winding method which is a less expensive method of manufacturing compared to the pultrusion or other manufacturing methods. In this dissertation a new way is introduced to construct the desired elliptical shapes with the filament winding method. Pile specifications such as dimensions, number of layers, fiber orientation angles, material, and soil stiffness are defined as parameters and the effects of each parameter on the pile stresses and pile failure have been studied. The ANSYS software has been used to model the composite materials. More than 14,000 nonlinear finite element pile models have been created, each slightly different from the others. The outputs of analyses have been used to draw curves. Optimum values of the parameters have been defined using generated curves. The best approaches to find optimum shape, angle of fibers and types of composite material have been discussed.