Chang Choi

Ontology-based access control model for security policy reasoning in cloud computing

There are many security issues in cloud computing service environments, including virtualization, distributed big-data processing, serviceability, traffic management, application security, access control, authentication, and cryptography, among others. In particular, data access using various resources requires an authentication and access control model for integrated management and control in cloud computing environments. Cloud computing services are differentiated according to security policies because of differences in the permitted access right between service providers and users. RBAC (Role-based access control) and C-RBAC (Context-aware RBAC) models do not suggest effective and practical solutions for managers and users based on dynamic access control methods, suggesting a need for a new model of dynamic access control that can address the limitations of cloud computing characteristics. This paper proposes Onto-ACM (ontology-based access control model), a semantic analysis model that can address the difference in the permitted access control between service providers and users. The proposed model is a model of intelligent context-aware access for proactively applying the access level of resource access based on ontology reasoning and semantic analysis method.

Automatic Enrichment of Semantic Relation Network and Its Application to Word Sense Disambiguation

The most fundamental step in semantic information processing (SIP) is to construct knowledge base (KB) at the human level; that is to the general understanding and conception of human knowledge. WordNet has been built to be the most systematic and as close to the human level and is being applied actively in various works. In one of our previous research, we found that a semantic gap exists between concept pairs of WordNet and those of real world. This paper contains a study on the enrichment method to build a KB. We describe the methods and the results for the automatic enrichment of the semantic relation network. A rule based method using WordNets glossaries and an inference method using axioms for WordNet relations are applied for the enrichment and an enriched WordNet (E-WordNet) is built as the result. Our experimental results substantiate the usefulness of E-WordNet. An evaluation by comparison with the human level is attempted. Moreover, WSD-SemNet, a new word sense disambiguation (WSD) method in which E-WordNet is applied, is proposed and evaluated by comparing it with the state-of-the-art algorithm.

A method of DDoS attack detection using HTTP packet pattern and rule engine in cloud computing environment

Cloud computing is a more advanced technology for distributed processing, e.g., a thin client and grid computing, which is implemented by means of virtualization technology for servers and storages, and advanced network functionalities. However, this technology has certain disadvantages such as monotonous routing for attacks, easy attack method, and tools. This means that all network resources and operations are blocked all at once in the worst case. Various studies such as pattern analyses and network-based access control for infringement response based on Infrastructure as a Service, Platform as a Service and Software as a Service in cloud computing services have therefore been recently conducted. This study proposes a method of integration between HTTP GET flooding among Distributed Denial-of-Service attacks and MapReduce processing for fast attack detection in a cloud computing environment. In addition, experiments on the processing time were conducted to compare the performance with a pattern detection of the attack features using Snort detection based on HTTP packet patterns and log data from a Web server. The experimental results show that the proposed method is better than Snort detection because the processing time of the former is shorter with increasing congestion.

Efficient Malicious Code Detection Using N-Gram Analysis and SVM

-- As the use of the internet increases, the distribution of web based malicious code has also vastly increased. By inputting malicious code that can attack vulnerabilities, it enables one to perform various illegal acts, such as SQL Injection and Cross Site Scripting (XSS). Furthermore, an extensive amount of computer, network and human resources are consumed to prevent it. As a result much research is being done to prevent and detecting malicious code. Currently, research is being done on readable sentences which do not use proper grammar. This type of malicious code cannot be classified by previous vocabulary analysis or document classification methods. This paper proposes an approach that results in an effective n-gram feature extraction from malicious code for classifying executable as malicious or benign with the use of Support Vector Machines (SVM) as the machine learning classifier.

Travel Ontology for Intelligent Recommendation System

Nowadays, travel information is increasing to appeal the tourists on the web. Although there are numerous information provided on the web, the user gets puzzled in finding accurate information. In order to solve these web problems, the concept of semantic web comes into existence to have communication between human and computer.In this paper, we propose intelligent recommendation system based on Jeju travel ontology. The proposed system can recommend the tourist more intelligent information using properties, relationships of travel ontology. Next, the system is responsible for finding personalized attractions and plotting location of traveler on the AlMap.

Travel Ontology for Recommendation System based on Semantic Web

This paper presents the travel ontology to retrieve information from recommendation system based on semantic Web. The metadata is made by preference profile and transaction profile. Information repository is consisting of travel information and ontology. The travel ontology is made by OWL, rule based on description logic. The top class is travel as the domain to build the travel ontology. And accommodation, activity, food and transportation are selected as the upper class. The subclass of the activities consists of leisure sports and tourism culture. At last, the result of Recommendation following scenario using OWL-QL is shown. We propose the travel recommendation system in semantic Web using ontology. As you know, we can easily insert attributes to ontology. Besides we can inference from rules and properties in ontology

Personal information leakage detection method using the inference-based access control model on the Android platform

The web services used on desktop can be accessed through a smartphone due to the development of smart devices. As the usage of smartphones increases, the importance of personal information security inside the smartphone is emphasized. The openness features of Android platform make a lot easier to develop an application and also deploying malicious codes into application is an easy task for hackers. The security practices are also growing rapidly as the number of malicious code increases exponentially. According to these circumstances, new methods for detecting and protecting the behavior of leaked personal information are needed to manage the personal information within a smartphone.In this paper, we study the permission access category in order to detect the malicious code, which discloses the personal information on Android environment such as equipment and location information, address book and messages, and solve the problem related to Resource access of Random Access Control method in conventional Android file system to detect the new malware or malicious code via the context ontology reasoning of permission access and API resource information which the personal information are leaked through. Then we propose an inference-based access control model, which can be enabled to access the proactive security. There is more improvement accuracy than existing malicious detecting techniques and effectiveness of access control model is verified through the proposal of inference-based access control model.

Power Allocation Scheme for Femto-to-Macro Downlink Interference Reduction for Smart Devices in Ambient Intelligence

In this paper, we present an analysis on the characteristics of cross-tier interference in regard to femtocells deployed in LTE cellular networks. We also present a cross-tier SLNR-based water filling (CSWF) power allocation algorithm for the reduction of interference from femtocell to macrocell for smart devices used in ambient intelligence. The results of this study show that CSWF significantly improves the macro UE performance around a femtocell access point (AP) from the SINR and throughput perspective. The CSWF algorithm also provides a relative gain on the throughput of femtocell UEs compared to frequency partitioning. Furthermore, the proposed algorithm has a low complexity and is implemented on the femto-AP side only, therefore not affecting the macro system.

Comparing Ontologies Using Entropy

Ontologies have been realized as the key technology for shaping and exploiting information for the effective management of knowledge and for the evolution of the Semantic Web and its applications. As the amount of ontologies is rapidly increasing, comparison or coordination (i.e. mapping, alignment, merging) of ontologies is a major challenge for bridging the gaps between agents with different conceptualizations. Therefore, in this paper, we compare ontologies using entropy which shows structural features of ontology as the average of information content. We use classified domain ontologies in the WordNet that is a kind of the linguistic ontology and analyze characteristics of domain ontologies.

Object retrieval by query with sensibility based on the KANSEI-Vocabulary scale

Recently the demand for image retrieval and recognizable extraction corresponding to KANSEI (sensibility) has been increasing, and the studies focused on establishing those KANSEI-based systems have been progressing more than ever. In addition, the attempt to understand, measure and evaluate, and apply KANSEI to situational design or products will be required more and more in the future. Particularly, study of KANSEI-based image retrieval tools have especially been in the spotlight. So many investigators give a trial of using KANSEI for image retrieval. However, the research in this area is still under its primary stage because it is difficult to process higher-level contents as emotion or KANSEI of human. To solve this problem, we suggest the KANSEI-Vocabulary Scale by associating human sensibilities with shapes among visual information. And we construct the object retrieval system for evaluation of KANSEI-Vocabulary Scale by shape. In our evaluation results, we are able to retrieve object images with the most appropriate shape in term of the querys KANSEI. Furthermore, the method achieves an average rate of 71% users satisfaction.