Yehia K. Helmy

Web Server Logs Preprocessing for Web Intrusion Detection

Securing e-commerce sites has become a necessity as they process critical and sensitive data to customers and organizations. When a customer navigates through an e-commerce site his/her clicks are recorded in web log file. Analyzing these log files using data mining reveal many interesting patterns. These results are used in many different applications and recently in detecting attacks on web. In order to improve quality of data and consequently the mining results data in log files need first to be preprocessed. In this paper, we will discuss how different web log files with different formats will be combined together in one unified format using XML in order to track and extract more attacks. And because log files usually contain noisy and ambiguous data this paper will show how data will be preprocessed before applying mining process in order to detect attacks. We will also discuss the difference between log preprocessing for web intrusion and for web usage mining

A proposed paradigm for smart learning environment based on semantic web

The current approaches of e-learning face challenges, in isolation of learners from learning process, and shortage of learning process quality. The researchers mentioned that the next generation of e-learning is e-learning ecosystem. E-learning ecosystem has many advantages, in which, learners form groups, collaborate with each other and with educators, and content designed for interaction. E-learning ecosystem faces some issues. It applies teacher-student model, in which, fixed learning pathway is considered suitable for all learners. Consequently, learners are presented with limited personalized materials. E-learning ecosystem needs to merge the personalizations concept. Semantic web ontology based personalization of learning environment plays a leading role to build smart e-learning ecosystem.This paper previews a detailed study which addresses research papers that apply ontology within learning environment. Most of these studies focus on personalizing e-learning by providing learners with suitable learning objects, ignoring the other learning process components. This paper proposes and implements framework for smart e-learning ecosystem using ontology and SWRL. A new direction is proposed. This direction fosters the creation of a separate four ontologies for the personalized full learning package which is composed of learner model and all the learning process components (learning objects, learning activities and teaching methods). A new direction for personalizing the learning environment is introduced.This direction fosters the creation of a separate four ontologies.A proposed paradigm which assures a smart and effective learning environment.

Vertical Mining of Frequent Patterns from Uncertain Data

Efficient algorithms have been developed for mining frequent patterns in traditional data where the content of each transaction is definitely known. There are many applications that deal with real data sets where the contents of the transactions are uncertain. Limited research work has been dedicated for mining frequent patterns from uncertain data. This is done by extending the state of art horizontal algorithms proposed for mining precise data to be suitable with the uncertainty environment. Vertical mining is a promising approach that is experimentally proved to be more efficient than the horizontal mining. In this paper we extend the state-of-art vertical mining algorithm Eclat for mining frequent patterns from uncertain data producing the proposed UEclat algorithm. In addition, we compared the proposed UEclat algorithm with the UF-growth algorithm. Our experimental results show that the proposed algorithm outperforms the UF-growth algorithm by at least one order of magnitude.

Web Anomaly Misuse Intrusion Detection Framework for SQL Injection Detection

Databases at the background of e-commerce applications are vulnerable to SQL injection attack which is considered as one of the most dangerous web attacks. In this paper we propose a framework based on misuse and anomaly detection techniques to detect SQL injection attack. The main idea of this framework is to create a profile for legitimate database behavior extracted from applying association rules on XML file containing queries submitted from application to the database. As a second step in the detection process, the structure of the query under observation will be compared against the legitimate queries stored in the XML file thus minimizing false positive alarms. Keywords-SQL injection; association rule; anomaly detection; intrusion detection.

An Integrated Conceptual Model for Temporal Data Warehouse Security

In the past few years, several conceptual approaches have been proposed for the specification of the main multidimensional (MD) properties of the data warehouse (DW) repository. However, most of them deal with isolated aspects of the DW and do not provide designers with an integrated and standard method for designing the whole DW life cycle (ETL processes, data sources, DW repository and so on).Some approaches are depending on specific platform or neglecting important issues in DW design life cycle. Extraction-transformation-loading (ETL) processes play an important role in data warehouse architecture because they are responsible of integrating data from heterogeneous data sources into the DW repository. This paper proposes a conceptual model to refresh data warehouse by (insert, update, delete) data using ETL processes and considering DW security requirements. Firstly, the proposed ETL model is based on Unified Modeling Language (UML), which allows us to accomplish the conceptual modeling of ETL processes .secondly; this part focuses on how to integrate the proposed ETL model with the DW model. The proposed DW model depends on the Model Driven Architecture (MDA). MDA is a standard framework for software development that addresses the complete life cycle of designing, deploying, integrating, and managing applications by using models in software development. This paper proposes an integrated conceptual model for addressing temporal data warehouse security requirements (CMTDWS).

Transforming Conceptual Model into Logical Model for Temporal Data Warehouse Security: A Case Study

Extraction-transformation-loading (ETL) processes are responsible for the extraction of data from several sources, their cleansing, customization and insertion into a data warehouse. Data warehouse often store historical information which is extracted from multiple, heterogeneous, autonomous and distributed data sources, thereby, the survival of the organizations depends on the correct management, security and confidentiality of the information. In this paper, we are using the Model Driven Architecture (MDA) approach to represent logical model requirements for secure Temporal Data Warehouses (TDW). We use the Platform-Independent Model (PIM) which does not include information about specific platforms and technologies. Nowadays, the most crucial issue in MDA is the transformation between a PIM and Platform Specific Models PSM. Thus, OMG defines use the Query/View/Transformation (QVT) language, an approach for expressing these MDA transformations. This paper proposes a set of rules to transform PIM model for secure temporal data warehouse (TDW) to PSM model, we apply the QVT language to the development of a secure data warehouse by means of a case study.

Enhanced Progressive Vector Data Transmission For Mobile Geographic Information Systems (MGIS)

Dramatic increases in mobile applications are evolving; accordingly, faster spatial data transmission is required. Despite the transmission of Raster and TIN data types had significant enhancements; the vector data, which constitutes the main bulk of any GIS, is lacking the speed suitable for practical solutions. Vector data in Mobile GISfaces several challenges, e.g., volume of data, limited bandwidth, expenses of wireless services, and mobile device limited capabilities, so, Mobile GIS user suffers long response time. Progressive vector data transmission has been investigated to overcome above obstacles. In this research, enhanced progressive data transmission is reported, new modifications of another approach published by different author are investigated; the proposed modifications minimized the number of required topological checks and reduced the response time. A prototype based on client-server architecture is developed using Java technology, real datasets are examined using Nokia 6300 mobile handset, and the visualization at client side uses Scalable Vector Graphics format.

A Proposed Model for Using Cloud Computing and Web2.0 in Deploying E-Learning Ecosystem ELES

Research community has believed that an e-learning ecosystem is the next generation of e-learning but has faced challenges in optimizing resource allocations, dealing with dynamic demands on getting information and knowledge anywhere and anytime, handling rapid storage growth requirements, cost controlling and greater flexibility. So, flourish, growing, scalable, available, up to date and strong infrastructure e-learning ecosystems in a productive and cost effective way will be needed to face challenges and rapidly changing in learning environment. This paper work focused on an e-learning ecosystem ELES which supports new technologies is introduced and implemented. An integration between cloud computing and Web 2.0 technologies and services used to support the development of e-learning ecosystems. Cloud computing an adaptable technology for many of the universities with its dynamic scalability and usage of virtualized resources as a service through the Internet and Web 2.0 brings new instruments help building dynamic e-learning ecosystem on the web.

Vertical Mining of Frequent Patterns Using Diffset Groups

Frequent patterns discovery is a core functionality used in many mining tasks and large broad application. In this paper, we present a new algorithm, VMUDG, for vertical mining of frequent itemsets. The proposed algorithm adapts a new efficient approach that classifies all frequent 2-itemsets into separate groups according to their diffsets. Using these groups, the proposed algorithm offers three new distinct features; First, it allows calculating the support of N itemsets (N is≫0) using one calculation process rather than N calculation processes. Second, it offers a chance to reduce the time needed for the manipulation of the itemsets diffsets. Third, it minimizes the need for checking the frequency condition for every itemset. A performance study of the proposed algorithm has been conducted. Several experiments show that the algorithm outperforms the well known dEclat algorithm.

SCAMRA: Simulated Context-Aware Meeting Room Application

This paper deals with how to adapt the context architecture defined in [1] to a context-aware application called Simulated Context-Aware Meeting Room Application (SCAMRA). The main goal is to test and experiment the CFM and the proposed architecture done in [1]. SCAMRA can be used to manage any holding meeting on offices, universities, organizations or any other location by managing sessions, attendees and generating overall meeting report. It uses a large variety of context including user location, favorite subjects, preferred setting display, questions/notes that users ask/take, time, presentations, schedules, reports, and many activities and/or services. Primary context used in SCAMRA is about person, device, time, location, activity and services. Those contexts are grouped under more general categories related to meeting state and time-context, which are as before meeting, start meeting, end meeting, during meeting and after meeting context. SCAMRA has two main activities, person arrival and ask/take question/note activity. Other activities are based on the previous meeting states. These activities enforce special services such as greeting arrivals, change desktop setting, send meeting presentations to members, display meeting schedule, open presentation in its session, save attendees questions/notes, switch between Bluetooth and barcode as needed, register new visitors, format/create/open/print/send overall meeting report.