Nahid Shahmehri

An Ontology of Information Security

Advances in technology are causing new privacy concerns as an increasing number of citizens are engaging in online activities.Techniques and Applications for Advanced Information Privacy and Securi ...

A peer-to-peer approach to vehicular communication for the support of traffic safety applications

More than half a million casualties are due to traffic accidents each year. Therefore, there is a high demand for innovative technologies focused on collision warning and collision avoidance. Among such technologies, the inter-vehicle communication and the vehicle-to-road communication are considered to have extensive potential for supporting the safety systems located within a vehicle. In this paper we propose a new approach to vehicular communication. We designed a safety-oriented vehicular communication, built around the concept of mobile ad-hoc peer-to-peer (P2P) networking. The merging between ad-hoc connectivity and P2P paradigm facilitates the development of a vehicular network characterized by self-organization, fault-tolerance, scalability, shareable resources and services, cooperation, cases of interconnection and cost efficiency. These characteristics recommend the communication proposed here as an efficient method for providing safety-relevant data for safety systems installed in vehicles.

File Type Identification of Data Fragments by Their Binary Structure

Rapidly gaining information superiority is vital when fighting an enemy, but current computer forensics tools, which require file headers or a working file system to function, do not enable us to quickly map out the contents of corrupted hard disks or other fragmented storage media found at crime scenes. The lack of proper tools slows down the hunt for information, which would otherwise help in gaining the upper hand against IT based perpetrators. To address this problem, this paper presents an algorithm which allows categorization of data fragments based solely on their structure, without the need for any meta data. The algorithm is based on measuring the rate of change of the byte contents of digital media and extends the byte frequency distribution based Oscar method presented in an earlier paper. The evaluation of the new method shows a detection rate of 99.2 %, without generating any false positives, when used to scan for JPEG data. The slowest implementation of the algorithm scans a 72.2 MB file in approximately 2.5 seconds and scales linearly

The role of human Web assistants in e‐commerce: an analysis and a usability study

Electronic commerce has recently shown enormous potential to take over a significant share of the sales market. There is a need to provide services that can reach individual computer users with different information profiles and levels of expertise. In this article the concept of Web assistants, human assistants working in an electronic Web shop, is presented. This human‐computer collaboration provides intelligent and adaptive services via an integrated communication media. A prototype of a Web assistant system has been implemented. While browsing through the system the user can call for human assistance should the need arise. Presents the results of a usability study performed on the prototype system. Recent commercial moves in the direction discussed in this article increase the importance of the usability study. The results are encouraging, especially when it comes to the attitude aspects of usability. The subjects were extremely enthusiastic about the concept of Web assistants and its implications. The human Web assistant who participated in the field trial highlighted the importance of user modelling. Although the system is mainly in the context of electronic commerce, it can be used in many other contexts. These include home automation, digital libraries, and technical support, to name a few.

Generalized algorithmic debugging and testing

This paper presents a method for semi-automatic bug localization, generalized algorithmic debugging, which has been integrated with the category partition method for functional testing. In this way the efficiency of the algorithmic debugging method for bug localization can be improved by using test specifications and test results. The long-range goal of this work is a semi-automatic debugging and testing system which can be used during large-scale program development of nontrivial programs. The method is generally applicable to procedural langua ges and is not dependent on any ad hoc assumptions regarding the subject program. The original form of algorithmic debugging, introduced by Shapiro, was however limited to small Prolog programs without side-effects, but has later been generalized to concurrent logic programming languages. Another drawback of the original method is the large number of interactions with the user during bug localization. To our knowledge, this is the first method which uses category partition testing to improve the bug localization properties of algorithmic debugging. The method can avoid irrelevant questions to the programmer by categorizing input parameters and then match these against test cases in the test database. Additionally, we use program slicing, a data flow analysis technique, to dynamically compute which parts of the program are relevant for the search, thus further improving bug localization. We believe that this is the first generalization of algorithmic debugging for programs with side-effects written in imperative languages such as Pascal. These improvements together makes it more feasible to debug larger programs. However, additional improvements are needed to make it handle pointer-related side-effects and concurrent Pascal programs. A prototype generalized algorithmic debugger for a Pascal subset without pointer side-effects and a test case generator for application programs in Pascal, C, dBase, and LOTUS have been implemented.

Oscar — File Type Identification of Binary Data in Disk Clusters and RAM Pages

This paper proposes a method, called Oscar, for determining the probable file type of binary data fragments. The Oscar method is based on building models, called centroids, of the mean and standard deviation of the byte frequency distribution of different file types. A weighted quadratic distance metric is then used to measure the distance between the centroid and sample data fragments. If the distance falls below a threshold, the sample is categorized as probably belonging to the modelled file type. Oscar is tested using JPEG pictures and is shown to give a high categorization accuracy, i.e. high detection rate and low false positives rate. By using a practical example we demonstrate how to use the Oscar method to prove the existence of known pictures based on fragments of them found in RAM and the swap partition of a computer.

A Trust-Aware, P2P-Based Overlay for Intrusion Detection

Collaborative intrusion detection systems (IDSs) have a great potential for addressing the challenges posed by the increasing aggressiveness of current Internet attacks. However, one of the major concerns with the proposed collaborative IDSs is their vulnerability to the insider threat. Malicious intruders, infiltrating such a system, could poison the collaborative detectors with false alarms, disrupting the intrusion detection functionality and placing at risk the whole system. In this paper, we propose a P2P-based overlay for intrusion detection (overlay IDS) that addresses the insider threat by means of a trust-aware engine for correlating alerts and an adaptive scheme for managing trust. We have implemented our system using JXTA framework and we have evaluated its effectiveness for preventing the spread of a real Internet worm over an emulated network. The evaluation results show that our overlay IDS significantly increases the overall survival rate of the network

Interprocedural dynamic slicing applied to interprocedural data flow testing

During the past ten years several variants of an analysis technique called program slicing have been developed. Program slicing has applications in maintenance tasks such as debugging, testing, program integration, program verification, etc. and can be characterized as a type of dependence analysis. A program slice can loosely be defined as the subset of a program needed to compute a certain variable value at a certain program position. A novel method for interprocedural dynamic slicing which is more precise than interprocedural static slicing methods and is useful for dependence analysis at the procedural abstraction level was given by M. Kamkar et al. (1992, 1993). It is demonstrated here how interprocedural dynamic slicing can be used to increase the reliability and precision of interprocedural data flow testing. The work on data flow testing reported by E. Duesterwald et al. (1992), which is a novel method for data flow testing through output influences, is generalized.<<ETX>>

Interprocedural Dynamic Slicing

This paper presents the first algorithm for interprocedural dynamic slicing. Previous methods for dynamic slicing only considered languages without procedures and procedure calls. This method generates summary information for each procedure call and represents a program as a summary graph of dynamic dependencies. A slice on this graph consists of nodes for all procedure calls of the program that affect the value of a given variable. The size of the information saved by this method is considerably smaller than what is needed by previous methods for dynamic slicing [AH90], since it only depends on the size of the programs execution tree, i.e. the number of executed procedure calls, which is much smaller than the size of a trace of all executed statements. In addition, work space for the temporary graph is needed, proportional to the maximum sum of the sizes of simultaneously active procedures. A program slice can be produced from the interprocedural slice on the graph if a suitable definition of control dependency is used when the summary graph is constructed. The interprocedural dynamic slicing introduced in this paper is being used to improve the bug localization properties of the Generalized Algorithmic Debugging Technique [FGKS91], a method for declarative semi-automatic debugging.

An empirical study of human Web assistants: implications for user support in Web information systems

User support is an important element in reaching the goal of universal usability for Web information systems. Recent developments indicate that human involvement in user support is a step towards this goal. However, most such efforts are currently being pursued on a purely intuitive basis. This, empirical findings about the role of human assistants are important. In this paper we present the findings from a field study of a general user support model for Web information systems. We show that integrating human assistance into Web systems is a way to provide efficient user support. Further, this integration makes a Web site more fun to use and increases the users trust in the site. The support also improves the site atmosphere. Our findings are summarised as recommendations and design guidelines for decision-makers and developers Web systems.