Physical Sciences and Mathematics Commons^™

Duol: A Double Updating Approach For Online Learning, Peilin Zhao, Steven C. H. Hoi, Rong Jin

Research Collection School Of Computing and Information Systems

In most online learning algorithms, the weights assigned to the misclassified examples (or support vectors) remain unchanged during the entire learning process. This is clearly insufficient since when a new misclassified example is added to the pool of support vectors, we generally expect it to affect the weights for the existing support vectors. In this paper, we propose a new online learning method, termed Double Updating Online Learning, or DUOL for short. Instead of only assigning a fixed weight to the misclassified example received in current trial, the proposed online learning algorithm also tries to update the weight for one …

Learning Bregman Distance Functions And Its Application For Semi-Supervised Clustering, Lei Wu, Rong Jin, Steven C. H. Hoi, Jianke Zhu, Nenghai Yu

Research Collection School Of Computing and Information Systems

Learning distance functions with side information plays a key role in many machine learning and data mining applications. Conventional approaches often assume a Mahalanobis distance function. These approaches are limited in two aspects: (i) they are computationally expensive (even infeasible) for high dimensional data because the size of the metric is in the square of dimensionality; (ii) they assume a fixed metric for the entire input space and therefore are unable to handle heterogeneous data. In this paper, we propose a novel scheme that learns nonlinear Bregman distance functions from side information using a nonparametric approach that is similar to …

Challenges In Improving Information Security Practice In Australian General Practice, Donald C. Mcdermid, Rachel J. Mahncke, Patricia A. Williams

Australian Information Security Management Conference

The status of information security in Australian medical general practice is discussed together with a review of the challenges facing small practices that often lack the technical knowledge and skill to secure patient information by themselves. It is proposed that an information security governance framework is required to assist practices in identifying weaknesses and gaps and then to plan and implement how to overcome their shortcomings through policies, training and changes to processes and management structure.

Measuring Information Security Governance Within General Medical Practice, Rachel J. Mahncke, Donald C. Mcdermid, Patricia A. Williams

Australian Information Security Management Conference

Information security is becoming increasingly important within the Australian general medical practice environment as legal and accreditation compliance is being enforced. Using a literature review, approaches to measuring information security governance were analysed for their potential suitability and use within General Practice for the effective protection of confidential information. The models, frameworks and guidelines selected were analysed to evaluate if they were Key Performance Indicator (KPI), or process driven; whether the approach taken was strategic, tactical or operational; and if governance or management assessment tools were presented. To measure information security governance, and be both effective and practical, the approach …

The 2009 Personal Firewall Robustness Evaluation, Ken Pydayya, Peter Hannay, Patryk Szewczyk

Australian Information Security Management Conference

The evolution of the internet as a platform for commerce, banking, general information and personal communications has resulted in a situation where many individuals who may not have previously required internet access now require this connectivity as part of their everyday lives. In addition to this the widespread adoption of mobile broadband has lead to an increasing number of individuals having public facing IP addresses with no firewall appliances present. This situation has dramatically increased reliance on personal firewalls as the first and often last defence against intruders (human and malware alike). The evaluation performed demonstrates the capabilities of current …

Case Study On An Investigation Of Information Security Management Among Law Firms, Sameera Mubarak, Elena Sitnikova

Australian Information Security Management Conference

The integrity of lawyers trust accounts as come under scrutiny in the last few years. There have been many incidents of trust account fraud reported internationally, including a case in Australia, where an employee of a law firm stole $4,500,000 from the trust funds of forty-two clients. Our study involved interviewing principles of ten law companies to find out solicitors’ attitudes to computer security and the possibility of breaches of their trust accounts. An overall finding highlights that law firms were not current with technology to combat computer crime, and inadequate access control was a major concern in safeguarding account …

Improving An Organisations Existing Information Technology Policy To Increase Security, Shane Talbot, Andrew Woodward

Australian Information Security Management Conference

A security policy which includes the appropriate phases of implementation, enforcement, auditing and review is vital to protecting an organisations information security. This paper examined the information security policy of a government organisation in response to a number of perceived shortcomings. The specific issues identified relating to the organisations security policy as a result of this investigation were as follows: a culture of ignoring policies, minimal awareness of policies, minimal policy enforcement, policy updating and review ad hoc at best, policy framework, lengthy policy development and approval process, no compliance program, no formal non-compliance reporting and an apparent inconsistent enforcement …

A Spoofing Attack Against An Epc Class One Rfid System, Christopher Bolan

Australian Information Security Management Conference

In computing the term spoofing historically referred to the creation of TCP/IP packets using another device’s valid IP address to gain an advantage. The Electronic Product Code (EPC) RFID system was investigated to test the efficacy of spoofing a valid tag response to basic requests. A radio frequency transmission device was constructed to determine whether a valid reader could distinguish between the response of an actual tag and a spoofed response. The results show that the device was able to successfully deceive the EPC reader and further, to replace actual tag responses with a spoofed response. The potential for such …

Information Security Disclosure: A Case Study, I Rosewall, M J. Warren

Australian Information Security Management Conference

New social networking systems such as Facebook are an ever evolving and developing means of social interaction, which is not only being used to disseminate information to family, friends and colleagues but as a way of meeting and interacting with "strangers" through the advent of a large number of social applications. This paper will focus upon the impact of Generation F - the Facebook Generation and their attitudes to security. The paper will be based around discussing the findings of a major UK case study and the implications that this has. The case study identifies 51 recommendations to improve the …

What Does Security Culture Look Like For Small Organizations?, Patricia A. Williams

Australian Information Security Management Conference

The human component is a significant factor in information security, with a large numbers of breaches occurring due to unintentional user error. Technical solutions can only protect information so far and thus the human aspect of security has become a major focus for discussion. Therefore, it is important for organisations to create a security conscious culture. However, currently there is no established representation of security culture from which to assess how it can be manoeuvred to improve the overall information security of an organization. This is of particular importance for small organizations who lack the resources in information security and …

Strong Authentication For Web Services Using Smartcards, D S. Stienne, Nathan Clarke, Paul Reynolds

Australian Information Security Management Conference

The popularity of the Internet and the variety of services it provides has been immense. Unfortunately, many of these services require the user to register and subsequently login to the system in order to access them. This has resulted in the user having to remember a multitude of username and password combinations in order to use the service securely. However, literature has clearly demonstrated this is not an effective approach, as users will frequently choose simple passwords, write them down, share them or use the same password for multiple systems. This paper proposes a novel concept where Internet users authenticate …

Exploring The Relationship Between Organizational Culture And Information Security Culture, Joo S. Lim, Shanton Chang, Sean Maynard, Atif Ahmad

Australian Information Security Management Conference

Managing Information Security is becoming more challenging in today’s business because people are both a cause of information security incidents as well as a key part of the protection from them. As the impact of organizational culture (OC) on employees is significant, many researchers have called for the creation of information security culture (ISC) in organizations to influence the actions and behaviour of employees towards better organizational information security. Although researchers have called for the creation of ISC to be embedded in organizations, nonetheless, literature suggests that little past research examining the relationship between the nature of OC and ISC. …

Development Of A Critical Factors Model For The Knowledge Economy In Saudi Arabia, Fahad A. Alothman, Peter Busch

Australian Information Security Management Conference

If knowledge-based economic systems are to be adopted, succeed and be disseminated, many significant barriers must be overcome regardless of how advanced a country is in terms of its infrastructure and domestic production. This paper describes an investigation of the critical factors associated with the adoption and dissemination of a knowledge economy initiative. The focus of the research is on knowledge management, national culture and other country-specific factors and how they are influencing Saudi Arabia’s efforts to develop a knowledge economy.

Method For Securing Online Community Service: A Study Of Selected Western Australian Councils, Sunsern Limwiriyakul

Australian Information Security Management Conference

Since the Internet was publicly made available, it has become popular and widely used in a range of services such as Email, News, IRC, World Wide Web around the globe. Progressively other services such as telephony, video conferencing, video on demand, interactive TV, Geospatial Information System (GIS), have emerged and become available on the Internet. Nowadays, Internet broadband communication infrastructure, both wired and wireless, make the concept of a Digital Community possible. The Digital Community has been growing and expanding rapidly around the world. This changes the way we live, work and play. Creating a Digital Community can empower local …

Review Of Browser Extensions, A Man-In-The-Browser Phishing Techniques Targeting Bank Customers, Nattakant Utakrit

Australian Information Security Management Conference

Initially, online scammers (phishers) used social engineering techniques to send emails to solicit personal information from customer in order to steal money from their Internet banking account. Data, such as passwords or bank account details, could be further used for other criminal activities. For instance, the scammers may intend to leave the victim’s information behind after they have successfully committed the crime so that the police can suspect the visible evidence as a suspicious criminal. Many customers are now aware of the need to protect their banking details from the phishers by not providing any sensitive information. Recently, phishing attacks …

A Contrast Pattern Based Clustering Quality Index For Categorical Data, Qingbao Liu, Guozhu Dong

Kno.e.sis Publications

Since clustering is unsupervised and highly explorative, clustering validation (i.e. assessing the quality of clustering solutions) has been an important and long standing research problem. Existing validity measures have significant shortcomings. This paper proposes a novel contrast pattern based clustering quality index (CPCQ) for categorical data, by utilizing the quality and diversity of the contrast patterns (CPs) which contrast the clusters in clusterings. High quality CPs can characterize clusters and discriminate them against each other. Experiments show that the CPCQ index (1) can recognize that expert-determined classes are the best clusters for many datasets from the UCI repository; (2) does …

Sparql Query Re-Writing For Spatial Datasets Using Partonomy Based Transformation Rules, Prateek Jain, Cory Andrew Henson, Amit P. Sheth, Peter Z. Yeh, Kunal Verma

Kno.e.sis Publications

Often the information present in a spatial knowledge base is represented at a different level of granularity and abstraction than the query constraints. For querying ontology’s containing spatial information, the precise relationships between spatial entities has to be specified in the basic graph pattern of SPARQL query which can result in long and complex queries. We present a novel approach to help users intuitively write SPARQL queries to query spatial data, rather than relying on knowledge of the ontology structure. Our framework re-writes queries, using transformation rules to exploit part-whole relations between geographical entities to address the mismatches between query …

Protein Secondary Structure Prediction Using Parallelized Rule Induction From Coverings, Leong Lee, Cyriac Kandoth, Jennifer Leopold, Ronald L. Frank

Computer Science Faculty Research & Creative Works

Protein 3D structure prediction has always been an important research area in bioinformatics. In particular, the prediction of secondary structure has been a well-studied research topic. Despite the recent breakthrough of combining multiple sequence alignment information and artificial intelligence algorithms to predict protein secondary structure, the Q3 accuracy of various computational prediction algorithms rarely has exceeded 75%. In a previous paper [1], this research team presented a rule-based method called RT-RICO (Relaxed Threshold Rule Induction from Coverings) to predict protein secondary structure. The average Q3 accuracy on the sample datasets using RT-RICO was 80.3%, an improvement over comparable computational methods. …

A Local Qualitative Approach To Referral And Functional Trust, Krishnaprasad Thirunarayan, Dharan Althuru, Cory Andrew Henson, Amit P. Sheth

Kno.e.sis Publications

Trust and confidence are becoming key issues in diverse applications such as ecommerce, social networks, semantic sensor web, semantic web information retrieval systems, etc. Both humans and machines use some form of trust to make informed and reliable decisions before acting. In this work, we briefly review existing work on trust networks, pointing out some of its drawbacks. We then propose a local framework to explore two different kinds of trust among agents called referral trust and functional trust, that are modelled using local partial orders, to enable qualitative trust personalization. The proposed approach formalizes reasoning with trust, distinguishing between …

Finding Words In Alphabet Soup: Inference On Freeform Character Recognition For Historical Scripts, Nicholas Howe, Shaolei Feng, R. Manmatha

Computer Science: Faculty Publications

This paper develops word recognition methods for historical handwritten cursive and printed documents. It employs a powerful segmentation-free letter detection method based upon joint boosting with histograms of gradients as features. Efficient inference on an ensemble of hidden Markov models can select the most probable sequence of candidate character detections to recognize complete words in ambiguous handwritten text, drawing on character n" role="presentation" style="box-sizing: border-box; margin: 0px; padding: 0px; display: inline-block; line-height: normal; font-size: 16.2px; word-spacing: normal; overflow-wrap: normal; white-space: nowrap; float: none; direction: ltr; max-width: none; max-height: none; min-width: 0px; min-height: 0px; border: 0px; position: relative;">n-gram and physical …

Angular Rigidity In 3d: Combinatorial Characterizations And Algorithms, Audrey Lee-St.John, Ileana Streinu

Computer Science: Faculty Publications

Constraint-based CAD software, used by engineers to design sophisticated mechanical systems, relies on a wide range of geometrical constraints. In this paper we focus on one special case: angular constraints in 3D. We give a complete combinatorial characterization for generic minimal rigidity in two new models: line- plane-and-angle and body-and-angle structures. As an immediate consequence, we obtain efficient algorithms for analyzing angular rigidity.

Press The Cancel Button! A Performance Evaluation Of Scalable In-Network Data Aggregation, Jamie Macbeth, Majid Sarrafzadeh

Computer Science: Faculty Publications

We perform real-world tests of the performance of medium access control protocol schemes for scalable data aggregation in sensor networks. Specifically, we evaluate the performance of a Listen-and-Suppress Carrier Sense Multiple Access (LAS-CSMA) scheme on the duplicate-insensitive exemplary monotonic aggregates MAX and MIN. These schemes reduce power consumption, network bandwidth usage and delays by suppressing node packet transmissions that are proven to be unnecessary in the query response. This is possible when nodes listen to the transmissions of other nodes as they respond.

Scalability tests were performed for 8 networks of various sizes, the largest having 24 Crossbow IRIS wireless …

Gpu-Accelerated Hierarchical Dense Correspondence For Real-Time Aerial Video Processing, Stephen Cluff, Bryan S. Morse, Jonathan D. Cohen, Mark Duchaineau

Faculty Publications

Video from aerial surveillance can provide a rich source of data for many applications and can be enhanced for display and analysis through such methods as mosaic construction, super-resolution, and mover detection. All of these methods require accurate frame-to-frame registration, which for live use must be performed in real time. In many situations, scene parallax may make alignment using global transformations impossible or error-prone, limiting the performance of subsequent processing and applications. For these cases, dense (per-pixel) correspondence is required, but this can be computationally prohibitive. This paper presents a hierarchical dense correspondence algorithm designed for implementation on graphics processing …

Object Oriented Program Correctness With Oosiml, José M. Garrido

Faculty and Research Publications

Software reliability depends on program correctness and robustness and these are extremely important in developing high-quality software. Correctness is also essential when considering aspects of software security. However, experience applying these concepts, associated methods, and supporting software with Eiffel and Java have shown that students find some diffculty learning program correctness and in learning the software tools provided. We have developed an experimental language, OOSimL, that includes an assertion notation similar to that of Eiffel but which has much more flexibility, and that provides the same semantics as Java.

The first part of this paper provides an overview of concepts …

A New Approach For Anonymous Password Authentication, Yanjiang Yang, Jianying Zhou, Jian Weng, Feng Bao

Research Collection School Of Computing and Information Systems

Anonymous password authentication reinforces password authentication with the protection of user privacy. Considering the increasing concern of individual privacy nowadays, anonymous password authentication represents a promising privacy-preserving authentication primitive. However, anonymous password authentication in the standard setting has several inherent weaknesses, making its practicality questionable. In this paper, we propose a new and efficient approach for anonymous password authentication. Our approach assumes a different setting where users do not register their passwords to the server; rather, they use passwords to protect their authentication credentials. We present a concrete scheme, and get over a number of challenges in securing password-protected credentials …

Enabling Secure Secret Updating For Unidirectional Key Distribution In Rfid-Enabled Supply Chains, Shaoying Cai, Tieyan Li, Changshe Ma, Yingjiu Li, Robert H. Deng

Research Collection School Of Computing and Information Systems

In USENIX Security 08, Juels, Pappu and Parno proposed a secret sharing based mechanism to alleviate the key distribution problem in RFID-enabled supply chains. Compared to existing pseudonym based RFID protocols, the secret sharing based solution is more suitable for RFID-enabled supply chains since it does not require a database of keys be distributed among supply chain parties for secure ownership transfer of RFID tags. However, this mechanism cannot resist tag tracking and tag counterfeiting attacks in supply chain systems. It is also not convenient for downstream supply chain parties to adjust the size of RFID tag collections in recovering …

On The Untraceability Of Anonymous Rfid Authentication Protocol With Constant Key-Lookup, Bing Liang, Yingjiu Li, Tieyan Li, Robert H. Deng

Research Collection School Of Computing and Information Systems

In ASIACCS'08, Burmester, Medeiros and Motta proposed an anonymous RFID authentication protocol (BMM protocol [2]) that preserves the security and privacy properties, and achieves better scalability compared with other contemporary approaches. We analyze BMM protocol and find that some of security properties (especial untraceability) are not fulfilled as originally claimed. We consider a subtle attack, in which an adversary can manipulate the messages transmitted between a tag and a reader for several continuous protocol runs, and can successfully trace the tag after these interactions. Our attack works under a weak adversary model, in which an adversary can eavesdrop, intercept and …

Managing Supply Uncertainty With An Information Market, Zhiling Guo, Fang Fang, Andrew B. Whinston

Research Collection School Of Computing and Information Systems

We propose a market-based information aggregation mechanism to manage the supply side uncertainty in the supply chain. In our analytical model, a simple supply chain consists of a group of retailers who order a homogeneous product from two suppliers. The two suppliers differ in their ability to fulfill orders – one always delivers orders and the other fulfills orders probabilistically. We model the supply chain decisions as a Stackelberg game where the supplier who has uncertain reliability decides a wholesale price before the retailers who independently receive signals about the supplier’s reliability determine their sourcing strategies. We then propose an …

Wake Up Or Fall Asleep: Value Implication Of Trusted Computing, Nan Hu, Jianhui Huang, Ling Liu, Yingjiu Li, Dan Ma

Research Collection School Of Computing and Information Systems

More than 10 years have passed since trusted computing (TC) technology was introduced to the market; however, there is still no consensus about its value. The increasing importance of user and enterprise security and the security promised by TC, coupled with the increasing tension between the proponents and the opponents of TC, make it timely to investigate the value relevance of TC in terms of both capital market and accounting performance. Based on both price and volume studies, we found that news releases related to the adoption of the TC technology had no information content. All investors, regardless of whether …

Adaptive Type-2 Fuzzy Maintenance Advisor For Offshore Power Systems, Zhaoxia Wang, C. S. Chang, Fan Yang, W. W. Tan

Research Collection School Of Computing and Information Systems

Proper maintenance strategies are very desirable for minimizing the operational and maintenance costs of power systems without sacrificing reliability. Condition-based maintenance has largely replaced time-based maintenance because of the former's potential economic benefits. As offshore substations are often remotely located, they experience more adverse environments, higher failures, and therefore need more powerful analytical tools than their onshore counterpart. As reliability information collected during operation of an offshore substation can rarely avoid uncertainties, it is essential to obtain consistent estimates of reliability measures under changing environmental and operating conditions. Some attempts with type-1 fuzzy logic were made with limited success in …