We introduce a new mobile system framework, SenSec, which uses passive sensory data to ensure the security of applications and data on mobile devices.
SenSec constantly collects sensory data from accelerometers, gyroscopes and magnetometers and constructs the gesture model of how a user uses the device.
SenSec calculates the sureness that the mobile device is being used by its owner.
Based on the sureness score, mobile devices can dynamically request the user to provide active authentication (such as a strong password), or disable certain features of the mobile devices to protect user's privacy and information security.
In this paper, we model such gesture patterns through a continuous n-gram language model using a set of features constructed from these sensors. We built mobile application prototype based on this model and use it to perform both user classification and user authentication experiments. User studies show that SenSec can achieve 75 accuracy in identifying the users and 71.3 accuracy in detecting the non-owners with only 13.1 false alarms.
The document discusses using mobility traces and context information to detect loss or theft of mobile devices. It proposes converting traces and context into "behavior text" representations, then building an n-gram language model to establish a baseline for normal behavior. The model can detect anomalies indicating potential loss or theft events by flagging sequences with unexpectedly low probabilities. The approach aims to discover such events early for notification and recovery efforts.
The penetration of mobile devices equipped with various embedded sensors also make it possible to capture the physical and virtual context of the user and surrounding environment. Further, the modeling of human behaviors based on those data becomes very important due to the increasing popularity of context-aware computing and people-centric applications, which utilize users' behavior pattern to improve the existing services or enable new services. In many natural settings, however, their broader applications are hindered by three main challenges: rarity of labels, uncertainty of activity granularities, and the difficulty of multi-dimensional sensor fusion.
Guest Lecture: SenSec - Mobile Security through BehavioMetrics Jiang Zhu
This document summarizes research on using mobile sensor data and behavioral biometrics for user authentication and activity recognition. It describes collecting data from accelerometers, GPS, WiFi and applications to build language models of user behavior. Scores are calculated to determine the likelihood a behavior belongs to a user or activity class. Authentication is triggered based on thresholds. The system was tested to identify users from single key presses and detect anomalies with days of training data at 80% accuracy. Future work involves expanded data collection, improved models, integration with security frameworks, and ensuring user privacy.
SenSec: Mobile Application Security through Passive SensingJiang Zhu
The document proposes a smartphone-based behavioral authentication system called SenSec. It collects sensor data to build user behavior models. Features are extracted from the sensor data and used to build risk analysis trees to detect anomalies. When anomalies are detected, a certainty score is broadcast and can trigger authentication for sensitive applications. The system was tested on a dataset of 25 users, achieving over 98% accuracy in user identification. Extensions and integrations with other systems are discussed to enhance security, privacy, and energy efficiency.
TaintDroid is a system that provides dynamic taint tracking and analysis for Android. It tracks privacy sensitive information like location, contacts etc. at variable, message, method and file levels with 14% overhead. Testing 30 apps found 20 shared information unexpectedly, like sending device IDs or location to ad servers. TaintDroid effectively demonstrates the need for stronger mobile privacy but has limitations like requiring OS modifications and false positives. Future work aims to reduce false positives, integrate crowdsourcing and detect privacy information leakage attempts.
Behaviometrics: Behavior Modeling from Heterogeneous Sensory Time-SeriesJiang Zhu
Over the decades, we have seen tremendous success in biometrics technologies being used in all types of applications based on the physical attributes of the individual such as face, fingerprints, voice and iris. Inspired by this, we introduce a new concept Mobile Behaviometrics, which uses algorithms and models to measure and quantify unique human behavioral patterns in place of human bio-attributes. Behaviometrics algorithms take multiple data from various sensors as input and fuse them to build behavioral models which are capable of producing application specific quantitative analysis on the unique individuals that were the originators of the data.
The document discusses intuitive user interfaces and one-touch interactions. It describes a company called IntuitiveUI that aims to simplify device usage through predictive modeling and a one-touch experience. IntuitiveUI uses sensors and logging of user behaviors to build statistical models and predict common actions based on context like time, location and past events. This allows displaying relevant options with a single touch rather than multiple taps through conventional menus. The approach aims to overcome challenges of mobile complexity but challenges include uneven data collection and meeting user expectations.
The document discusses using mobility traces and context information to detect loss or theft of mobile devices. It proposes converting traces and context into "behavior text" representations, then building an n-gram language model to establish a baseline for normal behavior. The model can detect anomalies indicating potential loss or theft events by flagging sequences with unexpectedly low probabilities. The approach aims to discover such events early for notification and recovery efforts.
The penetration of mobile devices equipped with various embedded sensors also make it possible to capture the physical and virtual context of the user and surrounding environment. Further, the modeling of human behaviors based on those data becomes very important due to the increasing popularity of context-aware computing and people-centric applications, which utilize users' behavior pattern to improve the existing services or enable new services. In many natural settings, however, their broader applications are hindered by three main challenges: rarity of labels, uncertainty of activity granularities, and the difficulty of multi-dimensional sensor fusion.
Guest Lecture: SenSec - Mobile Security through BehavioMetrics Jiang Zhu
This document summarizes research on using mobile sensor data and behavioral biometrics for user authentication and activity recognition. It describes collecting data from accelerometers, GPS, WiFi and applications to build language models of user behavior. Scores are calculated to determine the likelihood a behavior belongs to a user or activity class. Authentication is triggered based on thresholds. The system was tested to identify users from single key presses and detect anomalies with days of training data at 80% accuracy. Future work involves expanded data collection, improved models, integration with security frameworks, and ensuring user privacy.
SenSec: Mobile Application Security through Passive SensingJiang Zhu
The document proposes a smartphone-based behavioral authentication system called SenSec. It collects sensor data to build user behavior models. Features are extracted from the sensor data and used to build risk analysis trees to detect anomalies. When anomalies are detected, a certainty score is broadcast and can trigger authentication for sensitive applications. The system was tested on a dataset of 25 users, achieving over 98% accuracy in user identification. Extensions and integrations with other systems are discussed to enhance security, privacy, and energy efficiency.
TaintDroid is a system that provides dynamic taint tracking and analysis for Android. It tracks privacy sensitive information like location, contacts etc. at variable, message, method and file levels with 14% overhead. Testing 30 apps found 20 shared information unexpectedly, like sending device IDs or location to ad servers. TaintDroid effectively demonstrates the need for stronger mobile privacy but has limitations like requiring OS modifications and false positives. Future work aims to reduce false positives, integrate crowdsourcing and detect privacy information leakage attempts.
Behaviometrics: Behavior Modeling from Heterogeneous Sensory Time-SeriesJiang Zhu
Over the decades, we have seen tremendous success in biometrics technologies being used in all types of applications based on the physical attributes of the individual such as face, fingerprints, voice and iris. Inspired by this, we introduce a new concept Mobile Behaviometrics, which uses algorithms and models to measure and quantify unique human behavioral patterns in place of human bio-attributes. Behaviometrics algorithms take multiple data from various sensors as input and fuse them to build behavioral models which are capable of producing application specific quantitative analysis on the unique individuals that were the originators of the data.
The document discusses intuitive user interfaces and one-touch interactions. It describes a company called IntuitiveUI that aims to simplify device usage through predictive modeling and a one-touch experience. IntuitiveUI uses sensors and logging of user behaviors to build statistical models and predict common actions based on context like time, location and past events. This allows displaying relevant options with a single touch rather than multiple taps through conventional menus. The approach aims to overcome challenges of mobile complexity but challenges include uneven data collection and meeting user expectations.
First Niagara Targets May 18th For Completion Of Hsbc Branch Acquisition R2 ...JerryDorn
First, First Niagara announces that it expects to complete its acquisition of over 200 HSBC branch locations in New York on May 18, 2012. Second, this acquisition will virtually double First Niagara's branch network in New York to over 200 locations and add over 1,200 HSBC employees. Third, some branch locations will be consolidated within a mile of each other, and customers will receive regular updates about account transitions through May 18.
A comparative study of literacy and numeracy between publicAlexander Decker
This study compared literacy and numeracy performance between public and private primary schools in Nigeria. Researchers administered a Primary Literacy and Numeracy Test to 100 sixth grade students from 4 schools (2 private and 2 public). Results showed private school students performed significantly better, with the highest average scores from two private schools (Fatima: 17.92 and Saint Peter: 12.72) and lower averages from the public schools (Akwanga South: 6.84 and Akwanga Central: 6.76). Statistical analysis confirmed the differences in mean scores between private and public schools were significant. The study concluded private primary schools were more effective at developing literacy and numeracy skills. It recommended the government investigate reasons for private school success to
This document outlines the weekly class schedule for Mrs. Levine's and Mrs. King's second grade class for the 2013-2014 school year. It includes the daily schedule and activities from 8:00 AM to 3:00 PM, with subjects like language arts, math, science, social studies, PE, snack, lunch, and more. It also lists the students in the class in alphabetical order with their seat numbers.
The document discusses the evolution of e-learning and its impact on post-secondary education. It notes that while Canada has highly educated populations, its post-secondary institutions have been slower than others to incorporate online learning. E-learning changes the experience for both students and instructors. Knowledge economies require a flexible workforce that can adapt to changing environments, and e-learning allows for more natural progression of learning. Differences in access to technology and information represent a digital divide that affects learning opportunities.
This document provides tips to improve communication skills, including listening, speaking, reading, and writing in English. It recommends listening to audio in English from various sources like the radio, movies, music and online. For speaking, it suggests practicing conversations on common topics, participating in class, and recording yourself. Developing reading skills involves reading materials that interest you from books, websites and novels on a daily basis. Writing tips include keeping a diary, writing emails in English, and using Microsoft Office tools. The document wishes the reader good luck in their English studies.
Bailey was remembered as a free spirit with a contagious laugh who was always the center of attention. She loved trying new things spontaneously and was stunningly beautiful. Family was most important to her and she doted on her dog Rowdy. Bailey sadly passed away but will be kept alive in friends' and family's hearts through memories of her wild soul and ability to break hearts with her beauty and personality.
The document is a pitch for a new rock music magazine to Bauer Media Group, the publisher of Kerrang magazine. The proposed magazine would focus on the rock music genre, which has one of the biggest audiences in the music business. It would use loud fonts, close images, and a clean layout with bold text to attract readers' attention on store shelves. The magazine would be printed in black and red with a red and black masthead to make it stand out. The target audience would be teenagers and young adults aged 15-25, with equal representation of male and female readers. The content would include artist interviews, chart information, and a section on iconic rock artists of the past.
OpenStack101: Introductions to Private and Hybrid Clouds (BrightTALK)Niki Acosta
This document provides an introduction to private and hybrid clouds using OpenStack. It discusses how OpenStack works and its key components like compute, object storage, block storage, networking, dashboard, and shared services. Rackspace uses OpenStack to offer automated infrastructure and applications, reduce costs and complexity, avoid vendor lock-in, and manage large amounts of data. The document highlights how hybrid cloud delivers flexibility by using a combination of dedicated hosting, private cloud on/off premise, and public cloud based on application needs. It concludes by providing contact information to get started with an OpenStack private cloud.
Famish International is a leading manufacturer and supplier of safety wears and equipment established in 2013. It produces a wide range of products including nose masks, safety footwear, eye protection, and safety helmets. The company has a well-equipped infrastructure and team to meet increasing demand from clients. Under the visionary leadership of Mr. Nitish Batra, Famish International has grown to occupy a notable position in the market.
11.the modeling and dynamic characteristics of a variable speed wind turbineAlexander Decker
This document summarizes the modeling and dynamic characteristics of a variable speed wind turbine. It begins by introducing the functional structure of a wind energy conversion system, comparing constant and variable speed wind turbines. It then explains in detail the modeling of a variable speed wind turbine with pitch control, simulating the turbine performance curves in MATLAB/Simulink. Key aspects covered include the inputs and outputs of a wind turbine, power extraction from wind, and the relationship between tip speed ratio and maximum power extraction.
The document describes the configuration details of a scheduler that runs jobs to export social media data from various sources to a universal profile database. It outlines the deployment environment, database connections, configurable jobs, and MySQL tables used to track scheduled jobs and export status. The system job checks for new jobs every 20 minutes and exports occur based on cron expressions for each job configured in the SCHEDULABLE_JOB_TBL. Failure details are captured in MongoDB collections.
This year 12 of AceTech Ontario's 65 member companies ranked on the PROFIT 500 list. Each member on the list was asked, "How did you make the PROFIT 500 list? This presentation is quotes that answer this question.
AceTech Ontario is a not for profit organization dedicated to helping Ontario’s technology-based companies become more competitive by providing programmes and opportunities to guide and develop their CEOs and senior executives. Members enhance their business leadership through the exchange of ideas, strategies and tactics with a close-knit, carefully qualified group of like-minded peers. AceTech Ontario’s Mission is to support CEOs helping CEOs on their journey to sustained success.
Our vision is for the most successful technology CEOs in Ontario to belong to AceTech.
With access to expert speakers, corporate sponsors, and a large base of growth oriented IP-based technology companies, AceTech Ontario offers its members opportunities to participate in rich discussions, mentoring, peer guidance, exploration of ideas, brainstorming of strategies, and sharing of real-world experiences and results, all with one goal in mind – to continually improve the success of their companies.
Las gráficas son representaciones visuales de datos que permiten comparar cantidades y analizar tendencias. Muestran la información de una manera clara y atractiva para los lectores. Las gráficas comunes incluyen barras, líneas y sectores que organizan los datos numéricos de una manera fácil de entender.
The document discusses the Red October malware campaign and describes its use of a Java exploit to infiltrate victim networks in early 2012. It notes that the Java exploit (CVE-2011-3544) was delivered via a link to a site hosting the malicious NewsFinder.jar file. If clicked, it would exploit outdated Java versions. The exploit installed a downloader that communicated with the attackers' command and control servers, and could receive and execute additional malware payloads. The document analyzes the encryption routines and network communications used by the Java exploit and downloader.
This product brochure summarizes ManageEngine NetFlow Analyzer, a network traffic analysis and security tool. It provides unparalleled network visibility [1] and supports various flow technologies. [2] The tool helps monitor network performance, security threats, and application usage to ensure business critical services run optimally. [3]
The document discusses the 5 stages of scaling a system:
1. Responsiveness decreases as usage increases due to throughput limitations
2. Caching, databases, and messaging can provide logarithmic scaling up to a point
3. Data and code must be partitioned across servers to achieve linear scaling for high throughput
It then outlines 6 "envelopes" or approaches to overcoming bottlenecks, such as caching, partitioning, and optimizing logging and data handling. The goal is to systematically remove limitations as systems increase in size and usage.
First Niagara Targets May 18th For Completion Of Hsbc Branch Acquisition R2 ...JerryDorn
First, First Niagara announces that it expects to complete its acquisition of over 200 HSBC branch locations in New York on May 18, 2012. Second, this acquisition will virtually double First Niagara's branch network in New York to over 200 locations and add over 1,200 HSBC employees. Third, some branch locations will be consolidated within a mile of each other, and customers will receive regular updates about account transitions through May 18.
A comparative study of literacy and numeracy between publicAlexander Decker
This study compared literacy and numeracy performance between public and private primary schools in Nigeria. Researchers administered a Primary Literacy and Numeracy Test to 100 sixth grade students from 4 schools (2 private and 2 public). Results showed private school students performed significantly better, with the highest average scores from two private schools (Fatima: 17.92 and Saint Peter: 12.72) and lower averages from the public schools (Akwanga South: 6.84 and Akwanga Central: 6.76). Statistical analysis confirmed the differences in mean scores between private and public schools were significant. The study concluded private primary schools were more effective at developing literacy and numeracy skills. It recommended the government investigate reasons for private school success to
This document outlines the weekly class schedule for Mrs. Levine's and Mrs. King's second grade class for the 2013-2014 school year. It includes the daily schedule and activities from 8:00 AM to 3:00 PM, with subjects like language arts, math, science, social studies, PE, snack, lunch, and more. It also lists the students in the class in alphabetical order with their seat numbers.
The document discusses the evolution of e-learning and its impact on post-secondary education. It notes that while Canada has highly educated populations, its post-secondary institutions have been slower than others to incorporate online learning. E-learning changes the experience for both students and instructors. Knowledge economies require a flexible workforce that can adapt to changing environments, and e-learning allows for more natural progression of learning. Differences in access to technology and information represent a digital divide that affects learning opportunities.
This document provides tips to improve communication skills, including listening, speaking, reading, and writing in English. It recommends listening to audio in English from various sources like the radio, movies, music and online. For speaking, it suggests practicing conversations on common topics, participating in class, and recording yourself. Developing reading skills involves reading materials that interest you from books, websites and novels on a daily basis. Writing tips include keeping a diary, writing emails in English, and using Microsoft Office tools. The document wishes the reader good luck in their English studies.
Bailey was remembered as a free spirit with a contagious laugh who was always the center of attention. She loved trying new things spontaneously and was stunningly beautiful. Family was most important to her and she doted on her dog Rowdy. Bailey sadly passed away but will be kept alive in friends' and family's hearts through memories of her wild soul and ability to break hearts with her beauty and personality.
The document is a pitch for a new rock music magazine to Bauer Media Group, the publisher of Kerrang magazine. The proposed magazine would focus on the rock music genre, which has one of the biggest audiences in the music business. It would use loud fonts, close images, and a clean layout with bold text to attract readers' attention on store shelves. The magazine would be printed in black and red with a red and black masthead to make it stand out. The target audience would be teenagers and young adults aged 15-25, with equal representation of male and female readers. The content would include artist interviews, chart information, and a section on iconic rock artists of the past.
OpenStack101: Introductions to Private and Hybrid Clouds (BrightTALK)Niki Acosta
This document provides an introduction to private and hybrid clouds using OpenStack. It discusses how OpenStack works and its key components like compute, object storage, block storage, networking, dashboard, and shared services. Rackspace uses OpenStack to offer automated infrastructure and applications, reduce costs and complexity, avoid vendor lock-in, and manage large amounts of data. The document highlights how hybrid cloud delivers flexibility by using a combination of dedicated hosting, private cloud on/off premise, and public cloud based on application needs. It concludes by providing contact information to get started with an OpenStack private cloud.
Famish International is a leading manufacturer and supplier of safety wears and equipment established in 2013. It produces a wide range of products including nose masks, safety footwear, eye protection, and safety helmets. The company has a well-equipped infrastructure and team to meet increasing demand from clients. Under the visionary leadership of Mr. Nitish Batra, Famish International has grown to occupy a notable position in the market.
11.the modeling and dynamic characteristics of a variable speed wind turbineAlexander Decker
This document summarizes the modeling and dynamic characteristics of a variable speed wind turbine. It begins by introducing the functional structure of a wind energy conversion system, comparing constant and variable speed wind turbines. It then explains in detail the modeling of a variable speed wind turbine with pitch control, simulating the turbine performance curves in MATLAB/Simulink. Key aspects covered include the inputs and outputs of a wind turbine, power extraction from wind, and the relationship between tip speed ratio and maximum power extraction.
The document describes the configuration details of a scheduler that runs jobs to export social media data from various sources to a universal profile database. It outlines the deployment environment, database connections, configurable jobs, and MySQL tables used to track scheduled jobs and export status. The system job checks for new jobs every 20 minutes and exports occur based on cron expressions for each job configured in the SCHEDULABLE_JOB_TBL. Failure details are captured in MongoDB collections.
This year 12 of AceTech Ontario's 65 member companies ranked on the PROFIT 500 list. Each member on the list was asked, "How did you make the PROFIT 500 list? This presentation is quotes that answer this question.
AceTech Ontario is a not for profit organization dedicated to helping Ontario’s technology-based companies become more competitive by providing programmes and opportunities to guide and develop their CEOs and senior executives. Members enhance their business leadership through the exchange of ideas, strategies and tactics with a close-knit, carefully qualified group of like-minded peers. AceTech Ontario’s Mission is to support CEOs helping CEOs on their journey to sustained success.
Our vision is for the most successful technology CEOs in Ontario to belong to AceTech.
With access to expert speakers, corporate sponsors, and a large base of growth oriented IP-based technology companies, AceTech Ontario offers its members opportunities to participate in rich discussions, mentoring, peer guidance, exploration of ideas, brainstorming of strategies, and sharing of real-world experiences and results, all with one goal in mind – to continually improve the success of their companies.
Las gráficas son representaciones visuales de datos que permiten comparar cantidades y analizar tendencias. Muestran la información de una manera clara y atractiva para los lectores. Las gráficas comunes incluyen barras, líneas y sectores que organizan los datos numéricos de una manera fácil de entender.
The document discusses the Red October malware campaign and describes its use of a Java exploit to infiltrate victim networks in early 2012. It notes that the Java exploit (CVE-2011-3544) was delivered via a link to a site hosting the malicious NewsFinder.jar file. If clicked, it would exploit outdated Java versions. The exploit installed a downloader that communicated with the attackers' command and control servers, and could receive and execute additional malware payloads. The document analyzes the encryption routines and network communications used by the Java exploit and downloader.
This product brochure summarizes ManageEngine NetFlow Analyzer, a network traffic analysis and security tool. It provides unparalleled network visibility [1] and supports various flow technologies. [2] The tool helps monitor network performance, security threats, and application usage to ensure business critical services run optimally. [3]
The document discusses the 5 stages of scaling a system:
1. Responsiveness decreases as usage increases due to throughput limitations
2. Caching, databases, and messaging can provide logarithmic scaling up to a point
3. Data and code must be partitioned across servers to achieve linear scaling for high throughput
It then outlines 6 "envelopes" or approaches to overcoming bottlenecks, such as caching, partitioning, and optimizing logging and data handling. The goal is to systematically remove limitations as systems increase in size and usage.
This document provides an overview and summary of mobile application risks. It begins with defining the mobile threat landscape, including statistics on the prevalence of Android malware. It then discusses the various types of mobile malware threats and behaviors. The document outlines vulnerabilities in mobile applications and ecosystems. It proposes approaches for securing the mobile environment, including static and dynamic behavioral analysis, malware detection, and vulnerability analysis. Finally, it discusses strategic control points for security and some enterprise solutions for mitigating risks of bring your own device policies.
S4 is a distributed stream computing platform that allows programmers to easily implement applications for processing continuous unbounded streams of data in real-time. It uses an actor-based programming model and is designed to be fault-tolerant, scalable, and pluggable. S4 was originally developed at Yahoo! Labs to enable personalized search ads by modeling users' click behaviors in real-time from streams of user activity data. It aims to maximize revenue and user experience by controlling ad ranking, pricing, filtering, and placement based on personalized models of users' intent.
1) The document discusses a context-aware mobile social web, where mobile applications can access and use contextual information about users, such as their location, activity, and device characteristics.
2) Telecom Italia has developed platforms and applications to enable this context-aware mobile social web, including tools for collecting, representing, and analyzing context data, as well as applications that provide location-based recommendations and allow users to tag content with context.
3) Lessons from deploying these applications include the importance of openness to popular social networks, using context accurately, promoting high-quality content, and ensuring user privacy and comfort with sharing personal information. Standardization of context representation could help address challenges involving context certification and sharing
Jubatus: Realtime deep analytics for BIgData@Rakuten Technology Conference 2012Preferred Networks
Currently, we face new challenges in realtime analytics of BigData, such as social monitoring, M2M sensor, online advertising optimization, smart energy management and security monitoring. To analyze these data, scalable machine learning technologies are essential. Jubatus is the open source platform for online distributed machine learning on the data streams of BigData. we explain the inside technologies of Jubatus and show how jubatus can achieve realtime analytics in various problems.
Context is King: AR, AI, Salience, and the Constant Next ScenarioClark Dodsworth
Clark Dodsworth’s AREvent talk, Santa Clara, CA June 3, 2010: "Context is King: AR, AI, Saience, and the Constant Next Scenario" Mostly about smartphone AR as a gateway to context aware computing becoming indispensible.
1) The document proposes using a Bayesian network approach to user profiling for host-based anomaly intrusion detection on Windows systems. 2) It involves learning a user's normal behavioral profile based on system processes, application processes, window titles, and other application usage data. 3) The Bayesian network models causal relationships between these data sources and can detect intrusions by evaluating the probability of normal behavior given new evidence and comparing it to thresholds.
Sense Networks uses proprietary technology and location analytics expertise to analyze location history and behavior patterns to deliver unique insights and intelligence. They have built a high-capacity platform called MacroSense that can extract information from tens of millions of user locations and points of interest, segmenting users and predicting future behaviors. Their location-based segments have been shown to drive user responses and actions.
Palo Alto Networks ™ é a empresa de segurança de rede. Seus firewalls de próxima geração permitem visibilidade sem precedentes e controle de políticas granulares de aplicativos e conteúdo – por usuário, não apenas o endereço IP- até 20Gbps sem degradação do desempenho.
Com base na tecnologia App-ID ™, os firewalls da Palo Alto Networks ™ identificam com precisão e controlam os aplicativos – independentemente da porta, protocolo, evasiva tática ou criptografia SSL – e conteúdo de varredura para bloquear ameaças e evitar o vazamento de dados.
Empresas podem, pela primeira vez, abraçar a Web 2.0 e manter a visibilidade completa e controle, reduzindo significativamente o custo total de propriedade por meio da consolidação de dispositivos. Mais recentemente, os firewalls da Palo Alto Networks ™ tem permitido à empresas estenderem essa mesma segurança de rede para os usuários remotos com o lançamento do GlobalProtect ™ e para combater malwares modernos direcionados com seu serviço
WildFire ™. Veja mais em www.paloaltonetworks.com.
From Context-awareness to Human Behavior PatternsVille Antila
Ville Antila discusses using smartphones to detect daily routines and human behavior patterns through continuous context logging. Smartphones can sense context through built-in sensors and log location, device usage, physical activity, and Bluetooth snapshots. This data is interpreted to estimate routines like locations visited and detect changes. Example applications include context-adaptive feedback that considers situation suitability, and context-based user interface migration between devices. Challenges include ensuring quality, user awareness of adaptive behavior, and testing context-aware applications in real-world use.
The Essentials of Mobile App Performance Testing and MonitoringCorrelsense
Complexity across mobile carriers, locations and operating systems has made building mobile apps and monitoring their end user performance time consuming and expensive. The importance of testing mobile apps on iOS, Android and Windows Phone is increasing as more users embrace these devices. Join Correlsense and uTest for an online seminar which will teach you the steps to successful mobile application testing and performance management. We will discuss:
- The proliferation of mobile devices and the technical challenges they bring to end user experience monitoring
- Ways to prepare mobile applications for peak usage periods with the right load and performance testing techniques
- Tips and techniques for gaining visibility into the performance of mobile applications with the right monitoring tools
We will conclude with a discussion of the Correlsense and uTest solutions.
This document discusses visual security event analysis as an approach to addressing challenges in security monitoring. It summarizes the key benefits of a visual approach as being able to provide multiple views on event data for improved situational awareness, real-time monitoring and incident response, and forensic and historical investigation. Specific examples are provided showing how visualizations can help with port scan detection, insider threat analysis, and compliance reporting.
2012 kdd-com soc:adaptive transfer of user behaviors over composite social ne...thsszj
This document proposes ComSoc, a relational topic model that adaptively transfers user behavior data across composite social networks to improve sparse user behavior prediction. ComSoc selects relevant social networks for each user and generates topics and behaviors. Experiments on real-world datasets from Tencent and Douban show ComSoc improves prediction accuracy over single network and naively combined network models by up to 3%. A distributed MapReduce implementation enables efficient inference at large scale.
SAS Fraud Framework for Insurance, an end-to-end solution for preventing, detecting and managing claims fraud across the various lines of business within today's insurers
Media, data, context... and the Holy Grail of User Taste PredictionXavier Amatriain
Users provide noisy and inconsistent feedback when rating items for recommender systems. This natural noise introduces a "magic barrier" that limits prediction accuracy. Researchers analyzed user ratings across multiple trials and found that inconsistencies depend on factors like the strength of the rating, whether it was positive or negative, and how items were presented. The noise in user data introduces an inherent limit on how well recommender systems can predict user preferences.
La présentation de Jean-Paul de Vooght à la soirée Citoyens Capteurs de la Ca...CitoyensCapteurs
This document discusses citizen sensing and how it enables participatory urbanism. It describes how citizens can use various sensors located around the city to monitor environmental systems and make that data knowable and shareable. It emphasizes the need for a systemic approach using conceptual models and simulations to understand complex urban systems. Citizen sensing requires a collaborative approach with multiple roles for observers, data scientists, and domain experts.
KeepIt Course 4: Putting storage, format management and preservation planning...JISC KeepIt project
1) The document discusses a practical course on digital preservation tools for repository managers presented by the KeepIt project.
2) The course covers organizational issues, costs, description standards, and preservation workflow tools like EPrints and Plato.
3) Module 4 focuses on format management, risk assessment, storage, and linking preservation planning with tools like EPrints and Plato.
by Robert Schumacher, Ph.D.
Presentation given on 21 May to the GCC HIMSS group in Chicago with ~50 people present.
www.usercentric.com
The point was to provide some background on usability (a gentle introduction to some of the science), some case studies, and introduce the measurement AND design components of user centered design.
Note because of all the animations, some pages do not view properly. Please contact me if you would like more information:
bob at usercentric.com
1. Jiang Zhu, Pang Wu, Xiao Wang, Joy Ying Zhang
Carnegie Mellon University
January 31st, 2013
1
2. • Monitor and track user behavior on smartphones using various
on-device sensors
• Convert sensory traces and other context information to Personal
Behavior Features
• Build continuous n-gram model with these features and use it for
calculation of Sureness Scores
• Trigger various Authentication Schemes when certain application
is launched.
2
4. 60% • “The 329 organizations
polled had collectively lost
50% more than 86,000 devices
… with average cost of lost
40% data at $49,246 per device,
worth $2.1 billion or $6.4
30%
million per organization.
20%
10%
"The Billion Dollar Lost-Laptop Study,"
0% conducted by Intel Corporation and the
Ponemon Institute, analyzed the scope
and circumstances of missing laptop
Mobile Device Loss or theft PCs.
Strategy One Survey conducted among a U.S. sample of 3017 adults age 18 years older in September 21-
28, 2010, with an oversample in the top 20 cities (based on population).
4
5. Application
Password Different
applications may
have different
A major source of
sensitivities
security vulnerabilities.
Easy to
guess, reuse, forgotte
n, shared Usability
Authentication too-often or
sometimes too loose
5
7. Quantization Clustering
Risk Analysis Sensor Fusion Activity
Tree and Segmentation Recognition
Certainty of Risk Application Sensitivity
< Application
Access
Control
Application Access Control
7
8. • Human behavior/activities share some common properties
with natural languages
• Meanings are composed from meanings of building blocks
• Exists an underlying structure (grammar)
• Expressed as a sequence (time-series)
• Apply Statistical NLP to mobile sensory data
• Information retrieval, machine translation, text
categorization, summarization, prediction
8
9. • Generative language model: P( English sentence) given a
model
P(“President Obama has signed the Bill of … ”| Politics ) >>
P(“President Obama has signed the Bill of … ” | Sports )
LM reflects the n-gram distribution of the training data:
domain, genre, topics.
• With labeled behavior text data, we can train a LM for
each activity type: “walking”-LM, “running”-LM and
classify the activity as
9
10. • User behavior at time t depends only on the last n-1 behaviors
• Sequence of behaviors can be predicted by n consecutive
location in the past
• Maximum Likelihood Estimation from training data by counting:
• MLE assign zero probability to unseen n-grams
Incorporate smoothing function (Katz)
Discount probability for observed grams
Reserve probability for unseen grams
12
11. • Convert feature vector series to label streams – dimension reduction
• Using n-gram to model sequence of label stream for each sensory
dimension – current state and transition captured
• Step window with assigned length
A1 A2 A1 A4
G2 G5 G2 G2
W2 W1 W2
P1 P3 P6 P1
A2 G2G5 W1 P1P3 A1A4 G2 W1W2 P1
13
12. • Build n-gram models for M users/classes m=1,2,3…M
• Given a behavior text L, we estimate L is generated by the model
from user m:
• The user classification problem formulated as
14
13. • A binary classification problem: Classifying a user as the owner
â=1 or not â=-1.
• Given a behavioral n-gram model
• And an observation r, evaluate the probability of a given user is
the owner â=1 and check if exceeding a threshold θ:
• Given a sequence of behavior text L, and a sensitivity threshold θ,
validate if L is generated by user m
15
14. 0. 8
0. 7
Aver age Log Pr obabi l i t y
0. 6
0. 5
0. 4
C D A
0. 3
0. 2
Log Probility B
Low Threshold
High Threshold
0. 1
0
Sl i di ng W ndow Posi t i on
i
16
15. Sensing Preprocessing Modeling
N-gram
Model
Feature Behavior Text
Construction Generation
User
Classifier
Classification
User
Classifier
Binary
Authentication
Threshold
Inference
17
17. • Accelerometer
• Used to summarize
acceleration stream
• Calculated separately for each
dimension [x,y,z,m]
• Meta features:
Total Time, Window Size
• GPS: location string from Google Map API and mobility path
• WiFi: SSIDs, RSSIs and path
• Applications: Bitmap of well-known applications
• Application Traffic Pattern: TCP UDP traffic pattern vectors: [
remote host, port, rate ]
19
18. • Offline data collection (for training and testing)
Pick up the device from a desk
Unlock the device using the right slide pattern
Invoke Email app from the "Home Screen"
Lock the device by pressing the "Power" button
Put the device back on the desk
20
24. Quantization Clustering
Risk Analysis Sensor Fusion Activity
Tree and Segmentation Recognition
Certainty of Risk Application Sensitivity
<
Application Access Control
• Experiments to discover anomaly usage with ~80%accuracy with
only days of training data
26
25. • Alpha test in Jun 2012, 1st Google Play Store release in Oct 2012
• False Positive: 13% FPR still annoying users sometimes
• Use adaptive model
• Adding the trace data shortly before a false positive to the training data and
update the model
• Change passcode validation to sliding pattern
• A false positive will grant a “free ride” for a configurable duration
• Assumption: just authenticated user should control the device for a given
period of time
• “Free Ride” period will end immediately if abrupt context change is
detected.
• Newer version is scheduled to be release in Jan 2013.
27
26. • Extended data set for feature construction
TCP, UDP traffic; sound; ambient lighting; battery status, etc.
• Data and Modeling
Gain more insights into the data, features and factorized relationships among
various sensors
Try other classification methods and compare results: LR, SVM, Random
Forest, etc
• Enhanced security of SenSec components
Integration with Android security framework and other applications
• Privacy challenges
Data collection, model training, privacy policy, etc.
• Energy efficiency
28
As a quick overview of our work, in order to enforce application security, we monitor and track user behavior through the traces collected from the on-device sensors. And then we convert these trace and other context information to behavior features. We adopt a n-gram model to model the user’s behavior and use that to monitor and calculate certainty score. This score will be fed to smartphone’s authentication module to enforce the security of various application and its data on the device.
So what’s motivate us to do this project.
Mobile applications and devices are becoming ubiquitous and will increasingly interact with different sensors, services and other mobile users. It is crucial for mobile users to privately and securely interact with their environment and data and for mobile services to trust the identity of the user. While mobile devices such as smartphones make our lives convenient in ways that were unimaginable before, applications such as email, web browsing, social network, shopping and online banking know too much about our private lives. Mobility introduces additional security and privacy challenges in being able to provide services in a way that neither compromises the environment of users nor their data. Protecting a user's privacy and ensuring the accountability of mobile applications in a seamless and non-intrusive way poses great challenges to next generation mobile computing platforms.Recently, a new survey* has revealed that 36 percent of consumers in the United States have either lost their mobile phone or had it stolen. Another survey† has also revealed that 329 organizations polled had collectively lost more than 86,000 devices with average cost of lost data at $49,246 per device, worth $2.1 billion or $6.4 million per organization. Given the high loss rate and high cost associated with these losses, accountable schemes are needed to protect the data on the mobile devices.
Reliable authentication is an essential requirement for a mobile device and its applications. Today, passwords are the most common form of authentication. This results in two potential problems. First, passwords are also a major source of security vulnerabilities, as they are often easy to guess, re-used, often forgotten, often shared with others, and are susceptible to social engineering attacks. Secondly, to secure the data and applications on a mobile device, the mobile system would prompt user for authentication quite often and this results in series usability issues. We also observe that different applications on a mobile device may have different sensitivities towards the aforementioned threats and data loss. For example, the Angry Bird game on an android is less sensitive than Contact List or Phone Album should the device is operated by unauthorized user. One-thing-for-all approach in authentication schemes may be either too loose for some applications, which expose them to risks, or too tight for others, which cause usability problems.
The commoditization of sensor technologies coupled with advances in modeling user behavior offer us new opportunities for simplifying and strengthening authentication. We envision a new mobile system framework, SenSec, which uses passive sensory data to ensure application security.
SenSec is constantly collecting sensory data from accelerometer, gyroscope, GPS, WiFi, microphone or even camera. Through analyzing the sensory data, it constructs the context under which the mobile device is used. This includes locations, movements and usage patterns, etc. From the context, the system can calculate the certainty that the system is at risk. Different applications on mobile device are assigned either manually or automatically with a sensitivity value. When user is invoking an application, SenSec compares the certainty with this application’s sensitivity level. If the sensitivity passes the certainty threshold, authentication mechanism would be employed to ensure security policy for that application.
Comparing the play to Shakespeare’s known library of works, Track words and phrases patterns in the data P (unknown play| known Shakespeare's work) Greater than threshold? Yeah, we found another Shakespeare's work Or, Plagiarism
So building along this line, we use a continousn-gram model to learn the sequence of locations from user’s wifi traces.N-gram model works under the assumptions that the next location in the sequence .. depends on just the last n-1 locations… Once the n-gram model is trained, we can use it to calculate the probability of all possible next locations given the past n-1 locations…. and see which one is the most likely location.To train the model, we use maximum likelihood estimation on the training sequences to estimate these conditional probability … just by counting. As show in this equation, MLE probability of being in location at time i conditioned on the past n-1 history locations is… just the count of all n sequences in the data divided by the count of all these n-1 sequences. There is one small problem with this approach. Let’s say our model come across a location that has not been seen in the training. It just assumes a zero probability. This may push the system to trigger anomaly alert. Luckily, N-gram model is very robust in handling unseen labels if we use smoothing. Smoothing algorithms such as Katz… are to take some probability mass from the seen locations and reserve them for those unseen locations.
To illustrate this process, let’s take a look at an example.The blue curve is the log probability we just described. Let’s say anomaly happens at point A. If we set the threshold lower like the red line, the system will detect the anomaly at point B with a reasonable delay. But if we set the threshold too high like the pink line, we will mistakenly flag an anomaly for a sequence of normal behavior text…. Which is counted towards false positives at points C and D. The way to find the right threshold for different applications is to use receiver-operating-characteristic curve or ROC curve. We will look at this in more details later in the talk.
So, this complete the whole system architecture. We have the sensing part that produce RSS traces, we have preprocessing part that convert the traces and other context information to behavior text and we have the modeling training and inference part that is used to do anomaly detection with a design parameter “threshold”
Training Stage: Each of the participants uses the phone for 24 hours while the \\emph{SenSec} app is collecting sensory information in the background and build the behavioral $n$-gram model.Positive Testing Stage: In this stage, each participants continue uses her phone for 24 hours. This time the \\emph{SenSec} app is switched to testing mode. It collects the sensors reading the same way as in training mode, but also construct behavior text sequence and feed it to the learned n-gram model. A \\emph{sureness} score is calculated as described in Equation \\ref{eqn_ngram_prob}. If it falls below a preset threshold while certain operation is performed, an authentication screen will be pop up asking user to enter a passcode. The \\emph{sureness} score and the authentication decision are recorded for logging and result reporting purpose.Negative Testing Stage: The phones are given to other participants and let them use it for another 24 hours. As in the previous stage, the same operations are performed on the phone and all authentication events will be record for further analysis. % user 2 negative testing, record labels and results ---- (FN, TP)We examined the logs generated by these experiments. At each authentication decision point, the sureness score is recorded. By varying the threshold, we can evaluate how well our \\emph{SenSec} models perform user authentication under different threshold values. For each threshold value, we can calculate False Positive Rate or FPR and True Positive Rate or TPR and plot Receiver Operating Characteristic (ROC) curves.True Positive Rate (TPR) represents the cases that system successfully detect non-owner access, while False Positive Rate (FPR) represents the false alarms when the owner is detected as a non-owner. To ensure the security of the system while still keeping the usability to a certain level, we need to maximize TPR and minimize FPR. The ROC curves provide a guideline on choosing the right thresholds to fulfill such a requirement. For example, the system may have a requirement to effectively detect 70\\% of the unauthorized access, but it may need to keep the false alarm rate below 15\\%. As shown in Figure \\ref{fig_roc}, we can choose a data point from the allowable region on the ROC curve: threshold 0.7 can achieve 71.3\\% TPR and only 13.1\\% FPR. We also examined the detection delay at this threshold by deliberately passing the phone between the two users more often and recording the time. By comparing these recorded time and the timestamps of triggered anomalies from the log, we found \\emph{SenSec} bears an average 4.96 seconds detection delay.
So now lets see what we conclude from this work and the future work we plan to do
So now lets see what we conclude from this work and the future work we plan to do
That brings me to the end of my presentation. Thank you very much for your attention.