UMBC ebiquity
UMBC eBiquity Blog

Capturing policies for fine-grained access control on mobile devices

Tim Finin, 8:33am 8 November 2016

In this week’s ebiquity meeting (11:30 8 Nov. 2016) Prajit Das will present his work on capturing policies for fine-grained access control on mobile devices.

As of 2016, there are more mobile devices than humans on earth. Today, mobile devices are a critical part of our lives and often hold sensitive corporate and personal data. As a result, they are a lucrative target for attackers, and managing data privacy and security on mobile devices has become a vital issue. Existing access control mechanisms in most devices are restrictive and inadequate. They do not take into account the context of a device and its user when making decisions. In many cases, the access granted to a subject should change based on context of a device. Such fine-grained, context-sensitive access control policies have to be personalized too. In this paper, we present the Mithril system, that uses policies represented in Semantic Web technologies and captured using user feedback, to handle access control on mobile devices. We present an iterative feedback process to capture user specific policy. We also present a policy violation metric that allows us to decide when the capture process is complete.

 

Inferring Relations in Knowledge Graphs with Tensor Decomposition

Tim Finin, 10:44pm 6 November 2016

kgraph

Ankur Padia, Kostantinos Kalpakis, and Tim Finin, Inferring Relations in Multi-relational Knowledge Graphs with Tensor Decomposition, IEEE BigData, Dec. 2016.

Multi-relational data, like knowledge graphs, are generated from multiple data sources by extracting entities and their relationships. We often want to include inferred, implicit or likely relationships that are not explicitly stated, which can be viewed as link-prediction in a graph. Tensor decomposition models have been shown to produce state-of-the-art results in link-prediction tasks. We describe a simple but novel extension to an existing tensor decomposition model to predict missing links using similarity among tensor slices, as opposed to an existing tensor decomposition models which assumes each slice to contribute equally in predicting links. Our extended model performs better than the original tensor decomposition and the non-negative tensor decomposition variant of it in an evaluation on several datasets.


 

Knowledge for Cybersecurity

Tim Finin, 8:48am 17 October 2016

In this weeks ebiquity meeting (11:30am 10/18, ITE346), Sudip Mittal will talk on Knowledge for Cybersecurity.

In the broad domain of security, analysts and policy makers need knowledge about the state of the world to make critical decisions, operational/tactical as well as strategic. This knowledge has to be extracted from different sources, and then represented in a form that will enable further analysis and decision making. Some of this data underlying this knowledge is in textual sources traditionally associated with Open Sources Intelligence (OSINT), others in data that is present in hidden sources like dark web vulnerability markets. Today, this is a mostly manual process. We wish to automate this problem by taking data from a variety of sources, extracting, representing and integrating the knowledge present, and then use the resulting knowledge graph to create various semantic agents that add value to the cybersecurity infrastructure.


 

Knowledge for Cybersecurity

Tim Finin, 8:25am 17 October 2016

In this weeks ebiquity meeting (11:30am 10/18, ITE346), Sudip Mittal will talk on Knowledge for Cybersecurity.

In the broad domain of security, analysts and policy makers need knowledge about the state of the world to make critical decisions, operational/tactical as well as strategic. This knowledge has to be extracted from different sources, and then represented in a form that will enable further analysis and decision making. Some of this data underlying this knowledge is in textual sources traditionally associated with Open Sources Intelligence (OSINT), others in data that is present in hidden sources like dark web vulnerability markets. Today, this is a mostly manual process. We wish to automate this problem by taking data from a variety of sources, extracting, representing and integrating the knowledge present, and then use the resulting knowledge graph to create various semantic agents that add value to the cybersecurity infrastructure.


 

Managing Cloud Storage Obliviously

Tim Finin, 1:29pm 24 May 2016

Vaishali Narkhede, Karuna Pande Joshi, Tim Finin, Seung Geol Choi, Adam Aviv and Daniel S. Roche, Managing Cloud Storage Obliviously, International Conference on Cloud Computing, IEEE Computer Society, June 2016.

Consumers want to ensure that their enterprise data is stored securely and obliviously on the cloud, such that the data objects or their access patterns are not revealed to anyone, including the cloud provider, in the public cloud environment. We have created a detailed ontology describing the oblivious cloud storage models and role based access controls that should be in place to manage this risk. We have developed an algorithm to store cloud data using oblivious data structure defined in this paper. We have also implemented the ObliviCloudManager application that allows users to manage their cloud data by validating it before storing it in an oblivious data structure. Our application uses role-based access control model and collection based document management to store and retrieve data efficiently. Cloud consumers can use our system to define policies for storing data obliviously and manage storage on untrusted cloud platforms even if they are unfamiliar with the underlying technology and concepts of oblivious data structures.


 

Streamlining Management of Multiple Cloud Services

Tim Finin, 9:46pm 22 May 2016

cloudhandshake

Aditi Gupta, Sudip Mittal, Karuna Pande Joshi, Claudia Pearce and Anupam Joshi, Streamlining Management of Multiple Cloud Services, IEEE International Conference on Cloud Computing, June 2016.

With the increase in the number of cloud services and service providers, manual analysis of Service Level Agreements (SLA), comparison between different service offerings and conformance regulation has become a difficult task for customers. Cloud SLAs are policy documents describing the legal agreement between cloud providers and customers. SLA specifies the commitment of availability, performance of services, penalties associated with violations and procedure for customers to receive compensations in case of service disruptions. The aim of our research is to develop technology solutions for automated cloud service management using Semantic Web and Text Mining techniques. In this paper we discuss in detail the challenges in automating cloud services management and present our preliminary work in extraction of knowledge from SLAs of different cloud services. We extracted two types of information from the SLA documents which can be useful for end users. First, the relationship between the service commitment and financial credit. We represented this information by enhancing the existing Cloud service ontology proposed by us in our previous research. Second, we extracted rules in the form of obligations and permissions from SLAs using modal and deontic logic formalizations. For our analysis, we considered six publicly available SLA documents from different cloud computing service providers.


 

paper: Leveraging Attribute History to Link User Profiles across Online Social Networks

Tim Finin, 8:02am 20 May 2016
 
Paridhi Jain, Ponnurangam Kumaraguru and Anupam Joshi, Other Times, Other Values: Leveraging Attribute History to Link User Profiles across Online Social Networks, 26th ACM Conference on Hypertext and Social Media (HT15), pp. 247-255, Sept 2015.

Profile linking is the ability to connect profiles of a user on different social networks. Linked profiles can help companies like Disney to build psychographics of potential customers and segment them for targeted marketing in a cost-effective way. Existing methods link profiles by observing high similarity between most recent (current) values of the attributes like name and username. However, for a section of users observed to evolve their attributes over time and choose dissimilar values across their profiles, these current values have low similarity. Existing methods then falsely conclude that profiles refer to different users. To reduce such false conclusions, we suggest to gather rich history of values assigned to an attribute over time and compare attribute histories to link user profiles across networks. We believe that attribute history highlights user preferences for creating attribute values on a social network. Co-existence of these preferences across profiles on different social networks result in alike attribute histories that suggests profiles potentially refer to a single user. Through a focused study on username, we quantify the importance of username history for profile linking on a dataset of real-world users with profiles on Twitter, Facebook, Instagram and Tumblr. We show that username history correctly links 44% more profile pairs with non-matching current values that are incorrectly unlinked by existing methods. We further explore if factors such as longevity and availability of username history on either profiles affect linking performance. To the best of our knowledge, this is the first study that explores viability of using an attribute history to link profiles on social networks.


 

talk: Topic Modeling for Analyzing Document Collection, 11am Mon 3/16

Tim Finin, 5:00pm 12 May 2016

Ogihara

Topic Modeling for Analyzing Document Collection

Mitsunori Ogihara
Computer Science, University of Miami

11:00am Monday, 16 May 2016, ITE 325b, UMBC

Topic modeling (in particular, Latent Dirichlet Analysis) is a technique for analyzing a large collection of documents. In topic modeling we view each document as a frequency vector over a vocabulary and each topic as a static distribution over the vocabulary. Given a desired number, K, of document classes, a topic modeling algorithm attempts to estimate concurrently K static distributions and for each document how much each K class contributes. Mathematically, this is the problem of approximating the matrix generated by stacking the frequency vectors into the product of two non-negative matrices, where both the column dimension of the first matrix and the row dimension of the second matrix are equal to K. Topic modeling is gaining popularity recently, for analyzing large collections of documents.

In this talk I will present some examples of applying topic modeling: (1) a small sentiment analysis of a small collection of short patient surveys, (2) exploratory content analysis of a large collection of letters, (3) document classification based upon topics and other linguistic features, and (4) exploratory analysis of a large collection of literally works. I will speak not only the exact topic modeling steps but also all the preprocessing steps for preparing the documents for topic modeling.

Mitsunori Ogihara is a Professor of Computer Science at the University of Miami, Coral Gables, Florida. There he directs the Data Mining Group in the Center for Computational Science, a university-wide organization for providing resources and consultation for large-scale computation. He has published three books and approximately 190 papers in conferences and journals. He is on the editorial board for Theory of Computing Systems and International Journal of Foundations of Computer Science. Ogihara received a Ph.D. in Information Sciences from Tokyo Institute of Technology in 1993 and was a tenure-track/tenured faculty member in the Department of Computer Science at the University of Rochester from 1994 to 2007.


 

paper: OBD SecureAlert: An Anomaly Detection System for Vehicles

Tim Finin, 12:57pm 8 May 2016

 

Sandeep Nair, Sudip Mittal, and Anupam Joshi, OBD SecureAlert: An Anomaly Detection System for Vehicles, IEEE Workshop on Smart Service Systems (SmartSys 2016), 16 May 2016.

Vehicles can be considered as a specialized form of Cyber Physical Systems with sensors, ECU’s and actuators working together to produce a coherent behavior. With the advent of external connectivity, a larger attack surface has opened up which not only affects the passengers inside vehicles, but also people around them. One of the main causes of this increased attack surface is because of the advanced systems built on top of old and less secure common bus frameworks which lacks basic authentication mechanisms. To make such systems more secure, we approach this issue as a data analytic problem that can detect anomalous states. To accomplish that we collected data flowing between different components from real vehicles and using a Hidden Markov Model, we detect malicious behaviors and issue alerts, while a vehicle is in operation. Our evaluations using single parameter and two parameters together provide enough evidence that such techniques could be successfully used to detect anomalies in vehicles. Moreover our method could be used in new vehicles as well as older ones.


 

Automatic Extraction of Metrics from SLAs for Cloud Service Management

Tim Finin, 8:51am 7 May 2016

 

Sudip Mittal, Karuna Joshi, Claudia Pearce, and Anupam Joshi, Automatic Extraction of Metrics from SLAs for Cloud Service Management, IEEE International Conference on Cloud Engineering, 4 April 2016.

To effectively manage cloud based services, organizations need to continuously monitor the performance metrics listed in the Cloud service contracts. However, these legal documents, like Service Level Agreements (SLA) or privacy policy documents, are currently managed as plain text files meant principally for human consumption. Additionally, providers often define their own performance metrics for their services. These factors hinder the automation of SLA management and require manual effort to monitor the cloud service performance. We have significantly automated the process of extracting, managing and monitoring cloud SLA using natural language processing techniques and Semantic Web technologies. In this paper, we describe our technical approach and the ontology that we have developed to describe, manage, and reason about cloud SLAs. We also describe the prototype system that we have developed to automatically extract information from legal Terms of Service that are available on cloud provider websites.


 

chmod 000 Freebase

Tim Finin, 8:22pm 2 May 2016

rip freebase

He’s dead, Jim.

Google recently shut down the query interface to Freebase. All that is left of this innovative service is the ability to download a few final data dumps.

Freebase was launched nine years ago by Metaweb as an online source of structured data collected from Wikipedia and many other sources, including individual, user-submitted uploads and edits. Metaweb was acquired by Google in July  2010 and Freebase subsequently grew to have more than 2.4 billion facts about 44 million subjects. In December 2014, Google announced that it was closing Freebase and four months later it became read-only. Sometime this week the query interface was shut down.

I’ve enjoyed using Freebase in various projects in the past two years and found that it complemented DBpedia in many ways. Although its native semantics differed from that of RDF and OWL, it was close enough to allow all of Freebase to be exported as RDF.  Its schema was larger than DBpedia’s and the data tended to be a bit cleaner.

Google generously  decided to donate the data to the Wikidata project, which began migrating Freebase’s data to Wikidata in 2015.  The Freebase data also lives on as part of Google’s Knowledge Graph.  Google recently allowed very limited querying of its knowledge graph and my limited experimenting with it suggests that has Freebase data at its core.


 

Representing and Reasoning with Temporal Properties/Relations in OWL/RDF

Tim Finin, 4:13pm 1 May 2016

Representing and Reasoning with Temporal
Properties/Relations in OWL/RDF

Clare Grasso

10:30-11:30 Monday, 2 May 2016, ITE346

OWL ontologies offer the means for modeling real-world domains by representing their high-level concepts, properties and interrelationships. These concepts and their properties are connected by means of binary relations. However, this assumes that the model of the domain is either a set of static objects and relationships that do not change over time, or a snapshot of these objects at a particular point in time. In general, relationships between objects that change over time (dynamic properties) are not binary relations, since they involve a temporal interval in addition to the object and the subject. Representing and querying information evolving in time requires careful consideration of how to use OWL constructs to model dynamic relationships and how the semantics and reasoning capabilities within that architecture are affected.