981 resultados para Log cabins.
Resumo:
The research presented in this thesis addresses inherent problems in signaturebased intrusion detection systems (IDSs) operating in heterogeneous environments. The research proposes a solution to address the difficulties associated with multistep attack scenario specification and detection for such environments. The research has focused on two distinct problems: the representation of events derived from heterogeneous sources and multi-step attack specification and detection. The first part of the research investigates the application of an event abstraction model to event logs collected from a heterogeneous environment. The event abstraction model comprises a hierarchy of events derived from different log sources such as system audit data, application logs, captured network traffic, and intrusion detection system alerts. Unlike existing event abstraction models where low-level information may be discarded during the abstraction process, the event abstraction model presented in this work preserves all low-level information as well as providing high-level information in the form of abstract events. The event abstraction model presented in this work was designed independently of any particular IDS and thus may be used by any IDS, intrusion forensic tools, or monitoring tools. The second part of the research investigates the use of unification for multi-step attack scenario specification and detection. Multi-step attack scenarios are hard to specify and detect as they often involve the correlation of events from multiple sources which may be affected by time uncertainty. The unification algorithm provides a simple and straightforward scenario matching mechanism by using variable instantiation where variables represent events as defined in the event abstraction model. The third part of the research looks into the solution to address time uncertainty. Clock synchronisation is crucial for detecting multi-step attack scenarios which involve logs from multiple hosts. Issues involving time uncertainty have been largely neglected by intrusion detection research. The system presented in this research introduces two techniques for addressing time uncertainty issues: clock skew compensation and clock drift modelling using linear regression. An off-line IDS prototype for detecting multi-step attacks has been implemented. The prototype comprises two modules: implementation of the abstract event system architecture (AESA) and of the scenario detection module. The scenario detection module implements our signature language developed based on the Python programming language syntax and the unification-based scenario detection engine. The prototype has been evaluated using a publicly available dataset of real attack traffic and event logs and a synthetic dataset. The distinct features of the public dataset are the fact that it contains multi-step attacks which involve multiple hosts with clock skew and clock drift. These features allow us to demonstrate the application and the advantages of the contributions of this research. All instances of multi-step attacks in the dataset have been correctly identified even though there exists a significant clock skew and drift in the dataset. Future work identified by this research would be to develop a refined unification algorithm suitable for processing streams of events to enable an on-line detection. In terms of time uncertainty, identified future work would be to develop mechanisms which allows automatic clock skew and clock drift identification and correction. The immediate application of the research presented in this thesis is the framework of an off-line IDS which processes events from heterogeneous sources using abstraction and which can detect multi-step attack scenarios which may involve time uncertainty.
Resumo:
Many people and organisations continually repeat mistakes or fail to take advantage of opportunities because they have not learned from their past history, frequently as a result of not having taken the time to reflect and take stock of their experiences. This common error is avoidable, particularly with today’s capacity for information and communication technology (ICT) to enable organisations to not only record lessons learned but to easily make these available throughout an organisation. Moreover, the evidence of the literature and experience suggests that currently companies do not rigorously analyse past experience and log lessons learned using manual methods so it is hardly surprising that this trend is not changed by the availability of ICT.
Resumo:
The Exercise for Health program is a telephone-delivered exercise intervention for women with breast cancer (BC) living in regional Queensland. The effect of the program is being evaluated in the context of a randomised controlled trial. Consenting, newly diagnosed BC patients, treated in one of 8 regional Queensland hospitals, were randomly allocated to telephone-based exercise counselling (EC) or usual care (UC) at 6-weeks post-surgery. EC participants received an exercise workbook and 16 calls from an exercise physiologist over 8 months. Physical activity levels (PA) (Active Australia & CHAMPS), quality-of-life (FACTB+4), upper-body function (DASH) and fatigue (FACIT-Fatigue) were assessed at baseline (4-6 weeks post-surgery), 6- and 12-months post-surgery. Preliminary analyses of available 6-month data were conducted using t-tests and repeated measures ANCOVAs. Participating women (n=143; EC n=73, UC n=70) were aged 53±9 years and 30% met PA guidelines at baseline. Up to two thirds of the women received adjuvant therapy during the first 6 months following surgery. Greater improvements (mean change+SD) occurred for the EC vs UC group in weekly sessions of walking (1.83±4.3 vs -0.5±5.5, p=0.029) moderate-vigorous PA (5.0±6.5 vs -1.1±6.1, p=0.005) and strength training (1.9±2.9 vs -0.5±4.2 p<0.001), and in upper-body function, reflected by lower log-transformed disability scores (-0.34±0.44 vs -0.17±0.28, p=0.038). More EC than UC participants met PA guidelines at 6 months (46.3% vs 32.7%). Preliminary findings from this ongoing trial suggest that the telephone is a feasible and effective medium for delivering exercise counselling to newly diagnosed BC patients living in regional areas.
Resumo:
This paper reports findings from a study investigating the effect of integrating sponsored and nonsponsored search engine links into a single web listing. The premise underlying this research is that web searchers are chiefly interested in relevant results. Given the reported negative bias that web searchers have concerning sponsored links, separate listings may be a disservice to web searchers as it might not direct them to relevant websites. Some web meta-search engines integrate sponsored and nonsponsored links into a single listing. Using a web search engine log of over 7 million interactions from hundreds of thousands of users from a major web meta-search engine, we analysed the click-through patterns for both sponsored and nonsponsored links. We also classified web queries as informational, navigational and transactional based on the expected type of content and analysed the click-through patterns of each classification. The findings show that for more than 35% of queries, there are no clicks on any result. More than 80% of web queries are informational in nature and approximately 10% are transactional, and 10% navigational. Sponsored links account for approximately 15% of all clicks. Integrating sponsored and nonsponsored links does not appear to increase the clicks on sponsored listings. We discuss how these research results could enhance future sponsored search platforms.
Resumo:
This paper reports findings from a study of user behaviours and intentions towards online news and information in Australia, undertaken by the Queensland University of Technology Creative Industries Faculty and the Smart Services Cooperative Research Centre. It has used a literature review, online survey, focus groups and interviews to explore attitudes and behaviours towards online news and information. The literature review on consumer user of online media highlighted emerging technical opportunities, and flagged existing barriers to access experienced by consumers in the Australian digital media sector. The literature review highlighted multiple disconnects between consumer interests in online news and their ability to fulfil them. This presents an opportunity for news entities to appraise and resolve. Doing so may enhance their service offering, attract consumers and improve loyalty. These themes were further explored by the survey. The survey results revealed three typologies of user, described as ‘convenience’, ‘loyal’ and ‘customising’. Convenience users tend to access news by default, for example when they log out of email. Loyal users seek out a trusted brand such as mainstream news mastheads. Customising users tend to tailor news to their preferences, and be the first to use leading edge media. Respondents to the survey were then invited to participate in focus groups, which aimed to test the survey results. Consumer perceptions and attitudes are important factors in progression towards an information economy, because ultimately consumers are customers. By segmenting the online news market according to customer typology, media providers may identify new opportunities to attract and retain customers.
Resumo:
The misuse of alcohol is well documented in Australia and has been associated with disorders and harms that often require police attention. The extent of alcohol-related incidents requiring police attention has been recorded as substantial in some Australian cities (Arro, Crook, & Fenton, 1992; Davey & French, 1995; Ireland & Thommeny, 1993). A significant proportion of harmful drinking occurs in and around licensed premises (Jochelson, 1997; Stockwell, Masters, Phillips, Daly, Gahegan, Midford, & Philp, 1998; Borges, Cherpitel, & Rosovsky, 1998) and most of these incidents are not reported to police (Bryant & Williams, 2000; Lister, Hobbs, Hall, & Winlow, 2000). Alcohol-related incidents have also been found to be concentrated in certain places at certain times (Jochelson, 1997) and therefore manipulating the context in which these incidents occur may provide a means to prevent and reduce the harm associated with alcohol misuse. One of the major objectives of the present program of research was to investigate the occurrence and resource impact of alcohol-related incidents on operational (general duties) policing across a large geographical area. A second objective of the thesis was to examine the characteristics and temporal/spatial dynamics of police attended alcohol incidents in the context of Place Based theories of crime. It was envisaged that this approach would reveal the patterns of the most prevalent offences and demonstrate the relevance of Place Based theories of crime to understanding these patterns. In addition, the role of alcohol, time and place were also explored in order to examine the association between non criminal traffic offences and other types of criminal offences. A final objective of the thesis was to examine the impact of a situational crime prevention strategy that had been initiated to reduce the violence and disorder associated with late-night liquor trading premises. The program of research in this doctorate thesis has been undertaken through the presentation of published papers. The research was conducted in three stages which produced six manuscripts, five of which were submitted to peer reviewed journals and one that was published in a peer reviewed conference proceedings. Stage One included two studies (Studies 1 & 2) both of which involved a cross sectional approach to examine the prevalence and characteristics of alcohol-related incidents requiring police attendance across three large geographical areas that included metropolitan cities, provincial regions and rural areas. Stage Two of the program of research also comprised two cross sectional quantitative studies (Studies 3 & 4) that investigated the temporal and spatial dynamics of the major offence categories attended by operational police in a specific Police District (Gold Coast). Stage Three of the program of research involved two studies (Studies 5 & 6) that assessed the effectiveness of a situational crime prevention strategy. The studies employed a pre-post design to assess the impact on crime, disorder and violence by preventing patrons from entering late-night liquor trading premises between 3 a.m. and 5 a.m. (lockout policy). Although Study Five was solely quantitative in nature, Study Six included both quantitative and qualitative aspects. The approach adopted in Study Six, therefore facilitated not only a quantative comparison of the impact of the lockout policy on different policing areas, but also enabled the processes related to the implementation of the lockout policy to be examined. The thesis reports a program of research involving a common data collection method which then involved a series of studies being conducted to explore different aspects of the data. The data was collected from three sources. Firstly a pilot phase was undertaken to provide participants with training. Secondly a main study period was undertaken immediately following the pilot phase. The first and second sources of data were collected between 29th March 2004 and 2nd May 2004. Thirdly, additional data was collected between the 1st April 2005 and 31st May 2005. Participants in the current program of research were first response operational police officers who completed a modified activity log over a 9 week period (4 week pilot phase & 5 week survey study phase), identifying the type, prevalence and characteristics of alcohol-related incidents that were attended. During the study period police officers attended 31,090 alcohol-related incidents. Studies One and Two revealed that a substantial proportion of current police work involves attendance at alcohol-related incidents (i.e., 25% largely involving young males aged between 17 and 24 years). The most common incidents police attended were vehicle and/or traffic matters, disturbances and offences against property. The major category of offences most likely to involve alcohol included vehicle/traffic matters, disturbances and offences against the person (e.g., common & serious assaults). These events were most likely to occur in the late evenings and early hours of the morning on the weekends, and importantly, usually took longer for police to complete than non alcohol-related incidents. The findings in Studies Three and Four suggest that serious traffic offences, disturbances and offences against the person share similar characteristics and occur in concentrated places at similar times. In addition, it was found that time, place and incident type all have an influence on whether an incident attended by a police officer is alcohol-related. Alcohol-related incidents are more likely to occur in particular locations in the late evenings and early mornings on the weekends. In particular, there was a strong association between the occurrence of alcohol-related disturbances and alcohol-related serious traffic offences in regards to place and time. In general, stealing and property offences were not alcohol-related and occurred in daylight hours during weekdays. The results of Studies Five and Six were mixed. A number of alcohol-related offences requiring police attention were significantly reduced for some policing areas and for some types of offences following the implementation of the lockout policy. However, in some locations the lockout policy appeared to have a negative or minimal impact. Interviews with licensees revealed that although all were initially opposed to the lockout policy as they believed it would have a negative impact on business, most perceived some benefits from its introduction. Some of the benefits included, improved patron safety and the development of better business strategies to increase patron numbers. In conclusion, the overall findings of the six studies highlight the pervasive nature of alcohol across a range of criminal incidents, demonstrating the tremendous impact alcohol-related incidents have on police. The findings also demonstrate the importance of time and place in predicting the occurrence of alcohol-related offences. Although this program of research did not set out to test Place Based theories of crime, these theories were used to inform the interpretation of findings. The findings in the current research program provide evidence for the relevance of Place Based theories of crime to understanding the factors contributing to violence and disorder, and designing relevant crime prevention strategies. For instance, the results in Studies Five and Six provide supportive evidence that this novel lockout initiative can be beneficial for public safety by reducing some types of offences in particular areas in and around late-night liquor trading premises. Finally, intelligent-led policing initiatives based on problem oriented policing, such as the lockout policy examined in this thesis, have potential as a major crime prevention technique to reduce specific types of alcohol-related offences.
Resumo:
Current multimedia Web search engines still use keywords as the primary means to search. Due to the richness in multimedia contents, general users constantly experience some difficulties in formulating textual queries that are representative enough for their needs. As a result, query reformulation becomes part of an inevitable process in most multimedia searches. Previous Web query formulation studies did not investigate the modification sequences and thus can only report limited findings on the reformulation behavior. In this study, we propose an automatic approach to examine multimedia query reformulation using large-scale transaction logs. The key findings show that search term replacement is the most dominant type of modifications in visual searches but less important in audio searches. Image search users prefer the specified search strategy more than video and audio users. There is also a clear tendency to replace terms with synonyms or associated terms in visual queries. The analysis of the search strategies in different types of multimedia searching provides some insights into user’s searching behavior, which can contribute to the design of future query formulation assistance for keyword-based Web multimedia retrieval systems.
Resumo:
Searching for multimedia is an important activity for users of Web search engines. Studying user's interactions with Web search engine multimedia buttons, including image, audio, and video, is important for the development of multimedia Web search systems. This article provides results from a Weblog analysis study of multimedia Web searching by Dogpile users in 2006. The study analyzes the (a) duration, size, and structure of Web search queries and sessions; (b) user demographics; (c) most popular multimedia Web searching terms; and (d) use of advanced Web search techniques including Boolean and natural language. The current study findings are compared with results from previous multimedia Web searching studies. The key findings are: (a) Since 1997, image search consistently is the dominant media type searched followed by audio and video; (b) multimedia search duration is still short (>50% of searching episodes are <1 min), using few search terms; (c) many multimedia searches are for information about people, especially in audio search; and (d) multimedia search has begun to shift from entertainment to other categories such as medical, sports, and technology (based on the most repeated terms). Implications for design of Web multimedia search engines are discussed.
Resumo:
In this paper, we define and present a comprehensive classification of user intent for Web searching. The classification consists of three hierarchical levels of informational, navigational, and transactional intent. After deriving attributes of each, we then developed a software application that automatically classified queries using a Web search engine log of over a million and a half queries submitted by several hundred thousand users. Our findings show that more than 80% of Web queries are informational in nature, with about 10% each being navigational and transactional. In order to validate the accuracy of our algorithm, we manually coded 400 queries and compared the results from this manual classification to the results determined by the automated method. This comparison showed that the automatic classification has an accuracy of 74%. Of the remaining 25% of the queries, the user intent is vague or multi-faceted, pointing to the need for probabilistic classification. We discuss how search engines can use knowledge of user intent to provide more targeted and relevant results in Web searching.
Resumo:
Digital forensics investigations aim to find evidence that helps confirm or disprove a hypothesis about an alleged computer-based crime. However, the ease with which computer-literate criminals can falsify computer event logs makes the prosecutor's job highly challenging. Given a log which is suspected to have been falsified or tampered with, a prosecutor is obliged to provide a convincing explanation for how the log may have been created. Here we focus on showing how a suspect computer event log can be transformed into a hypothesised actual sequence of events, consistent with independent, trusted sources of event orderings. We present two algorithms which allow the effort involved in falsifying logs to be quantified, as a function of the number of `moves' required to transform the suspect log into the hypothesised one, thus allowing a prosecutor to assess the likelihood of a particular falsification scenario. The first algorithm always produces an optimal solution but, for reasons of efficiency, is suitable for short event logs only. To deal with the massive amount of data typically found in computer event logs, we also present a second heuristic algorithm which is considerably more efficient but may not always generate an optimal outcome.
Resumo:
Studies have examined the associations between cancers and circulating 25-hydroxyvitamin D [25(OH)D], but little is known about the impact of different laboratory practices on 25(OH)D concentrations. We examined the potential impact of delayed blood centrifuging, choice of collection tube, and type of assay on 25(OH)D concentrations. Blood samples from 20 healthy volunteers underwent alternative laboratory procedures: four centrifuging times (2, 24, 72, and 96 h after blood draw); three types of collection tubes (red top serum tube, two different plasma anticoagulant tubes containing heparin or EDTA); and two types of assays (DiaSorin radioimmunoassay [RIA] and chemiluminescence immunoassay [CLIA/LIAISON®]). Log-transformed 25(OH)D concentrations were analyzed using the generalized estimating equations (GEE) linear regression models. We found no difference in 25(OH)D concentrations by centrifuging times or type of assay. There was some indication of a difference in 25(OH)D concentrations by tube type in CLIA/LIAISON®-assayed samples, with concentrations in heparinized plasma (geometric mean, 16.1 ng ml−1) higher than those in serum (geometric mean, 15.3 ng ml−1) (p = 0.01), but the difference was significant only after substantial centrifuging delays (96 h). Our study suggests no necessity for requiring immediate processing of blood samples after collection or for the choice of a tube type or assay.
Resumo:
This paper reports on the opportunities for transformational learning experienced by a group of pre-service teachers who were engaged in service-learning as a pedagogical process with a focus on reflection. Critical social theory informed the design of the reflection process as it enabled a move away from knowledge transmission toward knowledge transformation. The structured reflection log was designed to illustrate the critical social theory expectations of quality learning that teach students to think critically: ideology critique and utopian critique. Butin's lenses and a reflection framework informed by the work of Bain, Ballantyne, Mills and Lester were used in the design of the service-learning reflection log. Reported data provide evidence of transformational learning and highlight how the students critique their world and imagine how they could contribute to a better world in their work as a beginning teacher.
