A Cloud-based Framework for Security Analysis of Browser Extensions

In today's internet world, web browsers are an integral part of our day-to-day activities. Therefore, web browser security is a serious concern for all of us. Browsers can be breached in different ways. Because of the over privileged access, extensions are responsible for many security issues. Browser vendors try to keep safe extensions in their official extension galleries. However, their security control measures are not always effective and adequate. The distribution of unsafe extensions through different social engineering techniques is also a very common practice. Therefore, before installation, users should thoroughly analyze the security of browser extensions. Extensions are not only available for desktop browsers, but many mobile browsers, for example, Firefox for Android and UC browser for Android, are also furnished with extension features. Mobile devices have various resource constraints in terms of computational capabilities, power, network bandwidth, etc. Hence, conventional extension security analysis techniques cannot be efficiently used by end users to examine mobile browser extension security issues. To overcome the inadequacies of the existing approaches, we propose CLOUBEX, a CLOUd-based security analysis framework for both desktop and mobile Browser EXtensions. This framework uses a client-server architecture model. In this framework, compute-intensive security analysis tasks are generally executed in a high-speed computing server hosted in a cloud environment. CLOUBEX is also enriched with a number of essential features, such as client-side analysis, requirements-driven analysis, high performance, and dynamic decision making. At present, the Firefox extension ecosystem is most susceptible to different security attacks. Hence, the framework is implemented for the security analysis of the Firefox desktop and Firefox for Android mobile browser extensions. A static taint analysis is used to identify malicious information flows in the Firefox extensions. In CLOUBEX, there are three analysis modes. A dynamic decision making algorithm assists us to select the best option based on some important parameters, such as the processing speed of a client device and network connection speed. Using the best analysis mode, performance and power consumption are improved significantly. In the future, this framework can be leveraged for the security analysis of other desktop and mobile browser extensions, too.

Design and Implementation of a Cloud-based Middleware for Persuasive Android Applications

Negli ultimi decenni, le tecnologie e i prodotti informatici sono diventati pervasivi e sono ora una parte essenziale delle nostre vite. Ogni giorno ci influenzano in maniera più o meno esplicita, cambiando il nostro modo di vivere e i nostri comportamenti più o meno intenzionalmente. Tuttavia, i computer non nacquero inizialmente per persuadere: essi furono costruiti per gestire, calcolare, immagazzinare e recuperare dati. Non appena i computer si sono spostati dai laboratori di ricerca alla vita di tutti i giorni, sono però diventati sempre più persuasivi. Questa area di ricerca è chiamata pesuasive technology o captology, anche definita come lo studio dei sistemi informatici interattivi progettati per cambiare le attitudini e le abitudini delle persone. Nonostante il successo crescente delle tecnologie persuasive, sembra esserci una mancanza di framework sia teorici che pratici, che possano aiutare gli sviluppatori di applicazioni mobili a costruire applicazioni in grado di persuadere effettivamente gli utenti finali. Tuttavia, il lavoro condotto dal Professor Helal e dal Professor Lee al Persuasive Laboratory all’interno dell’University of Florida tenta di colmare questa lacuna. Infatti, hanno proposto un modello di persuasione semplice ma efficace, il quale può essere usato in maniera intuitiva da ingegneri o specialisti informatici. Inoltre, il Professor Helal e il Professor Lee hanno anche sviluppato Cicero, un middleware per dispositivi Android basato sul loro precedente modello, il quale può essere usato in modo molto semplice e veloce dagli sviluppatori per creare applicazioni persuasive. Il mio lavoro al centro di questa tesi progettuale si concentra sull’analisi del middleware appena descritto e, successivamente, sui miglioramenti e ampliamenti portati ad esso. I più importanti sono una nuova architettura di sensing, una nuova struttura basata sul cloud e un nuovo protocollo che permette di creare applicazioni specifiche per smartwatch.

Granular computing as a basis of human–data interaction: a cognitive cities use case

The article proposes granular computing as a theoretical, formal and methodological basis for the newly emerging research field of human–data interaction (HDI). We argue that the ability to represent and reason with information granules is a prerequisite for data legibility. As such, it allows for extending the research agenda of HDI to encompass the topic of collective intelligence amplification, which is seen as an opportunity of today’s increasingly pervasive computing environments. As an example of collective intelligence amplification in HDI, we introduce a collaborative urban planning use case in a cognitive city environment and show how an iterative process of user input and human-oriented automated data processing can support collective decision making. As a basis for automated human-oriented data processing, we use the spatial granular calculus of granular geometry.

Development and testing of INTRAS, a microscopic freeway simulation model. Volume 2: user's manual. Final report.

Federal Highway Administration, Office of Research and Development, Washington, D.C.

Accident analysis for urban freeways. Volume II. MAAP user manual. Final report.

Texas State Department of Highways and Public Transportation, Transportation Planning Division, Austin

Vertical handover supporting pervasive computing in future wireless networks

A variety of current and future wired and wireless networking technologies can be transformed into a seamless communication environments through application of context-based vertical handovers. Such seamless communication environments are needed for future pervasive/ubiquitous systems. Pervasive systems are context aware and need to adapt to context changes, including network disconnections and changes in network Quality of Service (QoS). Vertical handover is one of many possible adaptation methods. It allows users to roam freely between heterogeneous networks while maintaining the continuity of their applications. This paper proposes a vertical handover mechanism suitable for multimedia applications in pervasive systems. The paper focuses on the handover decision making process which uses context information regarding user devices, user location, network environment and requested QoS. (C) 2004 Elsevier B.V. All rights reserved.

Design and implementation of a windows-based parallel computing environment for large scale optimization

A parallel computing environment to support optimization of large-scale engineering systems is designed and implemented on Windows-based personal computer networks, using the master-worker model and the Parallel Virtual Machine (PVM). It is involved in decomposition of a large engineering system into a number of smaller subsystems optimized in parallel on worker nodes and coordination of subsystem optimization results on the master node. The environment consists of six functional modules, i.e. the master control, the optimization model generator, the optimizer, the data manager, the monitor, and the post processor. Object-oriented design of these modules is presented. The environment supports steps from the generation of optimization models to the solution and the visualization on networks of computers. User-friendly graphical interfaces make it easy to define the problem, and monitor and steer the optimization process. It has been verified by an example of a large space truss optimization. (C) 2004 Elsevier Ltd. All rights reserved.

Frequency and temporal effects in linear optical quantum computing

Typically linear optical quantum computing (LOQC) models assume that all input photons are completely indistinguishable. In practice there will inevitably be nonidealities associated with the photons and the experimental setup which will introduce a degree of distinguishability between photons. We consider a nondeterministic optical controlled-NOT gate, a fundamental LOQC gate, and examine the effect of temporal and spectral distinguishability on its operation. We also consider the effect of utilizing nonideal photon counters, which have finite bandwidth and time response.

Using context and preferences to implement self-adapting pervasive computing applications

Applications that exploit contextual information in order to adapt their behaviour to dynamically changing operating environments and user requirements are increasingly being explored as part of the vision of pervasive or ubiquitous computing. Despite recent advances in infrastructure to support these applications through the acquisition, interpretation and dissemination of context data from sensors, they remain prohibitively difficult to develop and have made little penetration beyond the laboratory. This situation persists largely due to a lack of appropriately high-level abstractions for describing, reasoning about and exploiting context information as a basis for adaptation. In this paper, we present our efforts to address this challenge, focusing on our novel approach involving the use of preference information as a basis for making flexible adaptation decisions. We also discuss our experiences in applying our conceptual and software frameworks for context and preference modelling to a case study involving the development of an adaptive communication application.

Using a clinical pathway and education to reduce inappropriate prescribing of enoxaparin in patients with acute coronary syndromes: a controlled study

Aims: To evaluate efficacy of a pathway-based quality improvement intervention on appropriate prescribing of the low molecular weight heparin, enoxaparin, in patients with varying risk categories of acute coronary syndrome (ACS). Methods: Rates of enoxaparin use retrospectively evaluated before and after pathway implementation at an intervention hospital were compared to concurrent control patients at a control hospital; both were community hospitals in south-east Queensland. The study population was a group of randomly selected patients (n = 439) admitted to study hospitals with a discharge diagnosis of chest pain, angina, or myocardial infarction, and stratified into high, intermediate, low-risk ACS or non-cardiac chest pain: 146 intervention patients (September-November 2003), 147 historical controls (August-December 2001) at the intervention hospital; 146 concurrent controls (September-November 2003) at the control hospital. Interventions were active implementation of a user-modified clinical pathway coupled with an iterative education programme to medical staff versus passive distribution of a similar pathway without user modification or targeted education. Outcome measures were rates of appropriate enoxaparin use in high-risk ACS patients and rates of inappropriate use in intermediate and low-risk patients. Results: Appropriate use of enoxaparin in high-risk ACS patients was above 90% in all patient groups. Inappropriate use of enoxaparin was significantly reduced as a result of pathway use in intermediate risk (9% intervention patients vs 75% historical controls vs 45% concurrent controls) and low-risk patients (9% vs 62% vs 41%; P < 0.001 for all comparisons). Pathway use was associated with a 3.5-fold (95% CI: 1.3-9.1; P = 0.012) increase in appropriate use of enoxaparin across all patient groups. Conclusion: Active implementation of an acute chest pain pathway combined with continuous education reduced inappropriate use of enoxaparin in patients presenting with intermediate or low-risk ACS.

Advanced computing for systems biology

Systems biology is based on computational modelling and simulation of large networks of interacting components. Models may be intended to capture processes, mechanisms, components and interactions at different levels of fidelity. Input data are often large and geographically disperse, and may require the computation to be moved to the data, not vice versa. In addition, complex system-level problems require collaboration across institutions and disciplines. Grid computing can offer robust, scaleable solutions for distributed data, compute and expertise. We illustrate some of the range of computational and data requirements in systems biology with three case studies: one requiring large computation but small data (orthologue mapping in comparative genomics), a second involving complex terabyte data (the Visible Cell project) and a third that is both computationally and data-intensive (simulations at multiple temporal and spatial scales). Authentication, authorisation and audit systems are currently not well scalable and may present bottlenecks for distributed collaboration particularly where outcomes may be commercialised. Challenges remain in providing lightweight standards to facilitate the penetration of robust, scalable grid-type computing into diverse user communities to meet the evolving demands of systems biology.