Predrag Pale

Optimization of Firewall Rules

Network performance highly depends on efficiency of the firewall because for each network packet which enters or leaves the network a decision has to be made whether to accept it or reject it. This paper presents one approach to rule optimization solutions for improving firewall performance. The new software solution has been developed based on relations between rules. Its main purpose is to remove anomalies in ordering of Linux firewall rules and to merge similar rules. Developed rule optimization software (FIRO) is intended to be used with IP Tables Linux firewall command tool, but it can be easily adapted for other tool, as well. FIRO works in several passes through revised rule lists. In each step of optimization process FIRO generates a different rule list. Unlike existing solutions, FIRO also analyzes log rules and takes into account other rule parameters besides IP addresses, ports, protocols and action.

Students' perception of live lectures' inherent disadvantages

This paper aims to provide insight into various properties of live lectures from the perspective of sophomore engineering students. In an anonymous online survey conducted at the Faculty of Electrical Engineering and Computing, University of Zagreb, we investigated students’ opinions regarding lecture attendance, inherent disadvantages of live lecture as a teaching method, lecture interactivity, and the importance of different types of learning materials. The findings derived from students’ reported data suggest that students are well aware of a number of limitations of live lectures as a teaching method, yet despite that awareness, it rarely affects their decision to attend live lectures or not. Implications of the findings for live lectures are addressed in the paper, as well as recommendations for future research.

Authentication approach using one-time challenge generation based on user behavior patterns captured in transactional data sets

Knowledge-based authentication methods have become increasingly popular, where they started as simple passwords, before evolving into static questions for fallback authentication and graphical password-based systems. Question-based authentication methods are typically based on static or slowly changing data sources, thereby making them vulnerable to eavesdropping, wiretapping, and other types of attacks. Thus, an alternative approach is needed to create an authentication challenge that could compete with other authentication factors: hardware tokens and biometrics. In this study, we propose a new authentication approach that exploits the user behavior patterns captured in non-public data sources to create unique, one-time challenges. We propose: (i) a model that is capable of representing user behavior patterns in a wide range of user activities captured from various data sources and (ii) a method for creating unique one-time challenges based on the model. We tested the model and the method based on multiple non-public data sources such as bank transactions, phone logs, computer usage data, and e-mail correspondence. We also demonstrated its efficacy with a live user pool. Security analysis indicated the full resilience of the proposed method against eavesdropping as well as its adaptability in response to guessing attacks by dynamically increasing the complexity of the challenge.

Development of Pyramidia: An Integrative E-Learning Multimedia Tool

The software package described in this paper, Pyramidia, combines two strong elements into one lecturing system. The first is the simple addition of content and interactivity to existing PowerPoint presentations, and the second is video capture of a lecture. These features provide obvious benefits for both sides of the lecturing process: the lecturers and the students. Students can re-experience lectures at anytime, anywhere and at their own pace. Lecturers can add interactivity to their lectures without worrying about learning complex new software. Pyramidia is a descendant of previous software developments and research on ICT usage in education, and has been used and tested throughout a few semesters of lectures for several courses. Although there are many solutions, both commercial and academic, available to potential users, Pyramidia is unique for its. NET framework programming base.

The Structure of the Pyramidia E-learning Tool - the Programmer's Point of View

Pyramidia is a straightforward and easy-to-use software tool developed to record lectures. It records the video and audio of the lecturer and his activities, everything that happens on the screen of the lecturers computer and all audio output from the computer. In addition to standard notes, the tool allows the author to add structured content to the PowerPoint presentation: examples, external links and quizzes. Pyramidia enables the lecturer to rapidly record the lecture, package PowerPoint presentations and the additional information they contains and distribute the recording to students with ease. This paper describes the developing process of Pyramidia, its subsystems and their interrelation.

Question based user authentication in commercial environments

The aim of this paper is to analyze question based user authentication methods with regard to their potential use in commercial environments and the limitations they impose. We provide an overview of current work related to question based authentication and describe the difference between static and dynamic questions in user authentication. Additionally, we give an introduction into some common practices used in user authentication in commercial environments. Based on existing research we suggest that only dynamic questions should be used in commercial environments and propose a set of requirements a data source used for creating authentication challenges should meet. Also, we categorize the types of data that can be leveraged for authenticating users.

Decision trees in formative procedural knowledge assessment

In this paper, an approach to automated formative assessment of procedural knowledge is described and evaluated. While assessment and representation of conceptual knowledge using visual aids such as of concept maps has often been analyzed and discussed in the literature, significantly less attention has been given to assessment of procedural knowledge. The approach described in this paper is based on automated evaluation of knowledge described by examinees in form of a decision tree against a repository of test cases. The examinee is afterwards provided with automatically generated feedback about the overall results of applying his decision tree, as well as possible changes required to correct them. The results of the pilot evaluation of a prototype system implementation are described and discussed.

A distributed authentication architecture and protocol

Original scientific paper Most user authentication methods rely on a single verifier being stored at a central location within the information system. Such information storage presents a single point of compromise from a security perspective. If this system is compromised it poses a direct threat to users’ digital identities if the verifier can be extracted from the system. This paper proposes a distributed authentication environment in which there is no such single point of compromise. We propose an architecture that does not rely on a single verifier to authenticate users, but rather a distributed authentication architecture where several authentication servers are used to authenticate a user. We consider an authentication environment in which the user authentication process is distributed among independent servers. Each server independently performs its own authentication of the user, for example by asking the user to complete a challenge in order to prove his claim to a digital identity. The proposed architecture allows each server to use any authentication factor. We provide a security analysis of the proposed architecture and protocol, which shows they are secure against the attacks chosen in the analysis.

Virtual wireless penetration testing laboratory model

Penetration testing is one of the key actions in ensuring information system security and thereby avoiding security incidents including eavesdropping or unauthorized access to internal systems. In traditional educational settings it can be difficult to provide training for practitioners to develop and practice wireless penetration testing techniques, due to the requirement for physical equipment which can be used only by one person at the time, the need for student to be present at the location of the lab and the need to have expert in the lab to assess students progress. A virtual wireless penetration testing laboratory designed for educational purposes could overcome these problems. In this paper we propose a model of such a laboratory.

LeCTo: A rich lecture capture solution

Lecture capture is a term referring both to learning materials based on recordings of live lectures as well as software and hardware support systems enabling lecture recording and reproduction. As lecture captures are today becoming more and more valued learning materials, there is a strong need for quality yet simple to use lecture capture systems supporting their creation. In this paper we describe a software solution for rich lecture capture recording and reproduction. LeCTo, an application developed to maximize lecture capture learning potentials and simplify lecture capturing process is presented through its functionality as well as problems and solutions encountered during its implementation.